diff options
author | jim-p <jimp@pfsense.org> | 2012-09-06 08:22:15 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2012-09-06 08:22:15 -0400 |
commit | 9500537d51b481086e8a685b70e825688c0526e1 (patch) | |
tree | 97ce491c8f1764f394e53ea3ea7a0698ab52c664 /etc/inc/vpn.inc | |
parent | b16d666db31325f15dcb15dc41bda440dcf2f967 (diff) | |
download | pfsense-9500537d51b481086e8a685b70e825688c0526e1.zip pfsense-9500537d51b481086e8a685b70e825688c0526e1.tar.gz |
Don't add ldapcfg to racoon.conf since we're not using racoon's built-in LDAP support now. Moving to external script-based auth, see ticket #1112
Diffstat (limited to 'etc/inc/vpn.inc')
-rw-r--r-- | etc/inc/vpn.inc | 51 |
1 files changed, 27 insertions, 24 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index b087a87..618dec3 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -417,30 +417,33 @@ function vpn_ipsec_configure($ipchg = false) } /* end mode_cfg section */ - if ($a_client['user_source'] != "system") { - if (is_array($config['system']['authserver'])) { - foreach ($config['system']['authserver'] as $authcfg) { - if ($authcfg['type'] == 'ldap' and $authcfg['name'] == $a_client['user_source']) - $thisauthcfg = $authcfg; - } - - /* begin ldapcfg */ - $racoonconf .= "ldapcfg {\n"; - $racoonconf .= "\tversion 3;\n"; - $racoonconf .= "\thost \"".$thisauthcfg['host']."\";\n"; - $lport = "389"; - if ($authcfg['port'] != "") - $lport = $authcfg['port']; - $racoonconf .= "\tport ".$lport.";\n"; - $racoonconf .= "\tbase \"".$thisauthcfg['ldap_basedn']."\";\n"; - $racoonconf .= "\tsubtree on;\n"; - $racoonconf .= "\tbind_dn \"".$thisauthcfg['ldap_binddn']."\";\n"; - $racoonconf .= "\tbind_pw \"".$thisauthcfg['ldap_bindpw']."\";\n"; - $racoonconf .= "\tattr_user \"".$thisauthcfg['ldap_attr_user']."\";\n"; - $racoonconf .= "}\n\n"; - /* end ldapcfg */ - } - } +// Disable this for now, when LDAP support returns it will be via external script auth, +// since we no longer build racoon with LDAP integrated. This is only preventing racoon from running. +// +// if ($a_client['user_source'] != "system") { +// if (is_array($config['system']['authserver'])) { +// foreach ($config['system']['authserver'] as $authcfg) { +// if ($authcfg['type'] == 'ldap' and $authcfg['name'] == $a_client['user_source']) +// $thisauthcfg = $authcfg; +// } +// +// /* begin ldapcfg */ +// $racoonconf .= "ldapcfg {\n"; +// $racoonconf .= "\tversion 3;\n"; +// $racoonconf .= "\thost \"".$thisauthcfg['host']."\";\n"; +// $lport = "389"; +// if ($authcfg['port'] != "") +// $lport = $authcfg['port']; +// $racoonconf .= "\tport ".$lport.";\n"; +// $racoonconf .= "\tbase \"".$thisauthcfg['ldap_basedn']."\";\n"; +// $racoonconf .= "\tsubtree on;\n"; +// $racoonconf .= "\tbind_dn \"".$thisauthcfg['ldap_binddn']."\";\n"; +// $racoonconf .= "\tbind_pw \"".$thisauthcfg['ldap_bindpw']."\";\n"; +// $racoonconf .= "\tattr_user \"".$thisauthcfg['ldap_attr_user']."\";\n"; +// $racoonconf .= "}\n\n"; +// /* end ldapcfg */ +// } +// } /* begin remote sections */ if (is_array($a_phase1) && count($a_phase1)) { |