From 6f98b9100b191e0a74a947a67da9c7575931bd71 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Wed, 30 Nov 2011 08:11:34 -0500
Subject: [PATCH] - Applied r5515 from trunk

---
 CHANGELOG                      |    1 +
 program/include/rcube_ldap.php |    4 ++++
 config/main.inc.php.dist       |    3 +++
 3 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 97adf7c..f6f8b02 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Add possibility to do LDAP bind before searching for bind DN
 - Fix handling of empty <U> tags in HTML messages (#1488225)
 - Add content filter for embedded attachments to protect from XSS on IE (#1487895)
 - Use strpos() instead of strstr() when possible (#1488211)
diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist
index e355b2d..6957577 100644
--- a/config/main.inc.php.dist
+++ b/config/main.inc.php.dist
@@ -541,6 +541,9 @@
   // The login name is used to search for the DN to bind with
   'search_base_dn' => '',
   'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
   // Default for %dn variable if search doesn't return DN value
   'search_dn_default' => '',
   // Optional authentication identifier to be used as SASL authorization proxy
diff --git a/program/include/rcube_ldap.php b/program/include/rcube_ldap.php
index 8014504..95377c7 100644
--- a/program/include/rcube_ldap.php
+++ b/program/include/rcube_ldap.php
@@ -228,6 +228,10 @@
             $replaces = array('%dn' => '', '%dc' => $dc, '%d' => $d, '%fu' => $fu, '%u' => $u);
 
             if ($this->prop['search_base_dn'] && $this->prop['search_filter']) {
+                if (!empty$this->prop['search_bind_dn']) && !empty($this->prop['search_bind_pw'])) {
+                    $this->bind($this->prop['search_bind_dn'], $this->prop['search_bind_pw']);
+                }
+
                 // Search for the dn to use to authenticate
                 $this->prop['search_base_dn'] = strtr($this->prop['search_base_dn'], $replaces);
                 $this->prop['search_filter'] = strtr($this->prop['search_filter'], $replaces);

--
Gitblit v1.9.1