- TLS support in LDAP connections: 'use_tls' property (#1485104)

3 files changed, 9 insertions, 0 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 7a0ac9060..5250cce04 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,10 @@
 CHANGELOG RoundCube Webmail
 ---------------------------
 
+2008/06/06 (alec)
+----------
+- TLS support in LDAP connections: 'use_tls' property (#1485104)
+
 2008/06/05 (alec)
 ----------
 - Fix removing messages from search set after deleting them (#1485106)
diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist
index c58f010d2..5d43c1a7d 100644
--- a/config/main.inc.php.dist
+++ b/config/main.inc.php.dist
@@ -247,6 +247,7 @@ $rcmail_config['address_book_type'] = 'sql';
  *  'name'          => 'Verisign.com',
  *  'hosts'         => array('directory.verisign.com'),
  *  'port'          => 389,
+ *  'use_tls'	    => false,
  *  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
  *  // %fu - The full username provided, assumes the username is an email
  *  //       address, uses the username_domain value if not an email address.
diff --git a/program/include/rcube_ldap.php b/program/include/rcube_ldap.php
index c5962030f..df68f34f8 100644
--- a/program/include/rcube_ldap.php
+++ b/program/include/rcube_ldap.php
@@ -94,6 +94,10 @@ class rcube_ldap
     {
       if ($lc = @ldap_connect($host, $this->prop['port']))
       {
+	if ($this->prop['use_tls']===true || strtoupper($this->prop['use_tls'])==='TRUE')
+	  if (!ldap_start_tls($lc))
+	    continue;
+
         ldap_set_option($lc, LDAP_OPT_PROTOCOL_VERSION, $this->prop['ldap_version']);
         $this->prop['host'] = $host;
         $this->conn = $lc;