mirror/snipe-it
3
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-10-29 19:31:41 +00:00
Code Issues Projects Releases Wiki Activity

Possible fix for 504 gateway timeout on unreachable LDAP server

Browse Source
This commit is contained in:
snipe 2025-10-27 23:45:12 +00:00
parent 6703448b80
commit 728afa8361
1 changed files with 7 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
app/Models/Ldap.php
View File

@ -232,23 +232,14 @@ class Ldap extends Model
if (! $ldapbind = @ldap_bind($connection, $userDn, $password)) {
Log::debug("Status of binding user: $userDn to directory: (directly!) ".($ldapbind ? "success" : "FAILURE"));
if (! $ldapbind = self::bindAdminToLdap($connection)) {
/*
* TODO PLEASE:
*
* this isn't very clear, so it's important to note: the $ldapbind value is never correctly returned - we never 'return true' from self::bindAdminToLdap() (the function
* just "falls off the end" without ever explicitly returning 'true')
*
* but it *does* have an interesting side-effect of checking for the LDAP password being incorrectly encrypted with the wrong APP_KEY, so I'm leaving it in for now.
*
* If it *did* correctly return 'true' on a successful bind, it would _probably_ allow users to log in with an incorrect password. Which would be horrible!
*
* Let's definitely fix this at the next refactor!!!!
*
*/
Log::debug("Status of binding Admin user: $userDn to directory instead: ".($ldapbind ? "success" : "FAILURE"));
return false;
// replicate the old bad-decryption-key detection behavior here
try {
Crypt::decrypt(Setting::getSettings()->ldap_pword);
} catch (\Exception $e) {
throw new \Exception('Your app key has changed! Could not decrypt LDAP password using your current app key, so LDAP authentication has been disabled. Login with a local account, update the LDAP password and re-enable it in Admin > Settings.');
}
//regardless of anything else; stuff isn't working. Return false.
return false;
}
if (! $results = ldap_search($connection, $baseDn, $filterQuery)) {