Merge pull request #3240 from derelict-pf/ldap_starttls

2 files changed, 7 insertions, 5 deletions

diff --git a/src/usr/local/www/guiconfig.inc b/src/usr/local/www/guiconfig.inc
index 38a6c17..dc67b62 100644
--- a/src/usr/local/www/guiconfig.inc
+++ b/src/usr/local/www/guiconfig.inc
@@ -122,6 +122,7 @@ $auth_server_types = array(
 
 $ldap_urltypes = array(
 	'TCP - Standard' => 389,
+	'TCP - STARTTLS' => 389,
 	'SSL - Encrypted' => 636);
 
 $ldap_scopes = array(
diff --git a/src/usr/local/www/system_authservers.php b/src/usr/local/www/system_authservers.php
index 6be6589..7b65c46 100644
--- a/src/usr/local/www/system_authservers.php
+++ b/src/usr/local/www/system_authservers.php
@@ -509,7 +509,7 @@ $section->addInput(new Form_Input(
 	'Hostname or IP address',
 	'text',
 	$pconfig['ldap_host']
-))->setHelp('NOTE: When using SSL, this hostname MUST match the Common Name '.
+))->setHelp('NOTE: When using SSL or STARTTLS, this hostname MUST match the Common Name '.
 	'(CN) of the LDAP server\'s SSL Certificate.');
 
 $section->addInput(new Form_Input(
@@ -544,7 +544,8 @@ else
 		'Peer Certificate Authority',
 		$pconfig['ldap_caref'],
 		$ldapCaRef
-	))->setHelp('This option is used if \'SSL Encrypted\' option is choosen. '.
+	))->setHelp('This option is used if \'SSL Encrypted\' '.
+		'or \'TCP - STARTTLS\' options are chosen. '.
 		'It must match with the CA in the AD otherwise problems will arise.');
 }
 
@@ -880,10 +881,10 @@ events.push(function() {
 	}
 
 	function set_ldap_port() {
-		if ($('#ldap_urltype').find(":selected").index() == 0)
-			$('#ldap_port').val('389');
-		else
+		if ($('#ldap_urltype').find(":selected").index() == 2)
 			$('#ldap_port').val('636');
+		else
+			$('#ldap_port').val('389');
 	}
 
 	// Hides all elements of the specified class. This will usually be a section