Connection to directory service is insecure

Issue #10 resolved

viharm repo owner created an issue 2016-09-08

Currently the library uses clear unencrypted connection to the directory service.

Enable functionality to connect to LDAP directories using TLS.

ldap over SSL (ldaps) on port 636 is deprecated, so will not be implemented.

Comments (8)

viharm reporter

Use ldap_start_tls

AD example from the same page:

<?php  
   $ldap-link=ldap_connect($ldap-host); 
   $ldapbind=false;
   if(ldap_set_option($ldap-link, LDAP_OPT_PROTOCOL_VERSION, 3))
      if(ldap_set_option($ldap-link, LDAP_OPT_REFERRALS, 0))
         if(ldap_start_tls($ldap-link))
               $ldapbind = @ldap_bind($ldap-link, $ldap-usr, $ldap-pwd);   
   ldap_close($ldap-link);

   if(!$ldapbind)
      echo "ERROR";
   else
      echo "OK";
?>

2016-09-08T21:26:33+00:00

viharm reporter
- changed milestone to v02.04.00
- changed version to 02.04.00
- 2016-09-08T21:27:57+00:00
viharm reporter
- changed version to Future
- changed milestone to Future
- 2017-08-30T18:39:15+00:00
viharm reporter
- changed title to Connection to directory service is insecure
- edited description
- 2017-09-30T17:35:12+00:00
viharm reporter
- changed status to open
Secure LDAP connection is a crucial feature to ensure best practices and security standards are implemented.
- 2019-12-30T13:58:17+00:00
viharm reporter
- changed version to 2.5.0
- changed milestone to v2.5.0
- 2019-12-30T13:59:21+00:00
viharm reporter
Will be addressed by PR #6
- 2020-01-01T22:08:42+00:00
viharm reporter
- changed status to resolved
Fixed by PR #6
- 2020-01-01T22:14:49+00:00
Log in to comment

Assignee: viharm

Type: enhancement

Priority: major

Status: resolved

Milestone: v2.5.0

Version: 2.5.0

Votes: 0

Watchers: 1