diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php index 50f10df1729..e97380f1e44 100644 --- a/htdocs/core/class/ldap.class.php +++ b/htdocs/core/class/ldap.class.php @@ -307,7 +307,12 @@ class Ldap if ($ldapdebug) { dol_syslog(get_class($this)."::connect_bind serverPing true, we try ldap_connect to ".$host); } - $this->connection = ldap_connect($host, $this->serverPort); + if (version_compare(PHP_VERSION, '8.3.0', '>=')) { + $uri = $host.':'.$this->serverPort; + $this->connection = ldap_connect($uri); + } else { + $this->connection = ldap_connect($host, $this->serverPort); + } } else { if (preg_match('/^ldaps/i', $host)) { // With host = ldaps://server, the serverPing to ssl://server sometimes fails, even if the ldap_connect succeed, so @@ -315,7 +320,12 @@ class Ldap if ($ldapdebug) { dol_syslog(get_class($this)."::connect_bind serverPing false, we try ldap_connect to ".$host); } - $this->connection = ldap_connect($host, $this->serverPort); + if (version_compare(PHP_VERSION, '8.3.0', '>=')) { + $uri = $host.':'.$this->serverPort; + $this->connection = ldap_connect($uri); + } else { + $this->connection = ldap_connect($host, $this->serverPort); + } } else { continue; } @@ -463,14 +473,26 @@ class Ldap /** * Unbind of LDAP server (close connection). * - * @return boolean true or false - * @see close() + * @return boolean true or false + * @see close() */ public function unbind() { $this->result = true; - if (is_resource($this->connection) || is_object($this->connection)) { - $this->result = @ldap_unbind($this->connection); + if (version_compare(PHP_VERSION, '8.1.0', '>=')) { + if (is_object($this->connection)) { + try { + $this->result = ldap_unbind($this->connection); + } catch (Throwable $exception) { + $this->error = 'Failed to unbind LDAP connection: '.$exception; + $this->result = false; + dol_syslog(get_class($this).'::unbind - '.$this->error, LOG_WARNING); + } + } + } else { + if (is_resource($this->connection)) { + $this->result = @ldap_unbind($this->connection); + } } if ($this->result) { return true; diff --git a/htdocs/core/login/functions_ldap.php b/htdocs/core/login/functions_ldap.php index 0f7afa1d876..2b057a96319 100644 --- a/htdocs/core/login/functions_ldap.php +++ b/htdocs/core/login/functions_ldap.php @@ -1,6 +1,7 @@ * Copyright (C) 2008-2021 Regis Houssin + * Copyright (C) 2024 William Mead * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -246,17 +247,21 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest) */ dol_syslog("functions_ldap::check_user_password_ldap Authentication KO failed to connect to LDAP for '".$usertotest."'", LOG_NOTICE); if (is_resource($ldap->connection) || is_object($ldap->connection)) { // If connection ok but bind ko - $ldap->ldapErrorCode = ldap_errno($ldap->connection); - $ldap->ldapErrorText = ldap_error($ldap->connection); - dol_syslog("functions_ldap::check_user_password_ldap ".$ldap->ldapErrorCode." ".$ldap->ldapErrorText); + try { + $ldap->ldapErrorCode = ldap_errno($ldap->connection); + $ldap->ldapErrorText = ldap_error($ldap->connection); + dol_syslog("functions_ldap::check_user_password_ldap ".$ldap->ldapErrorCode." ".$ldap->ldapErrorText); + } catch (Throwable $exception) { + $ldap->ldapErrorCode = ''; + $ldap->ldapErrorText = ''; + dol_syslog('functions_ldap::check_user_password_ldap '.$exception, LOG_WARNING); + } } sleep(1); // Anti brut force protection. Must be same delay when user and password are not valid. - // Load translation files required by the page $langs->loadLangs(array('main', 'other', 'errors')); $_SESSION["dol_loginmesg"] = ($ldap->error ? $ldap->error : $langs->transnoentitiesnoconv("ErrorBadLoginPassword")); } - $ldap->unbind(); }