Adding patch from Bj¿rn Ove Gr¿tan at NTNU for supportin LDAPS

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@396 44740490-163a-0410-bde0-09ae8108e29a

lib/SimpleSAML/Auth/LDAP.php

@@ -23,12 +23,17 @@ class SimpleSAML_Auth_LDAP {
 	/**
 	 * private constructor restricts instantiaton to getInstance()
 	 */
-	public function __construct($hostname) {
+	public function __construct($hostname,$enable_tls=true) {
 
 		$this->ldap = @ldap_connect($hostname);
 		if (empty($this->ldap)) 
 			throw new Exception('Could not connect to LDAP server. Please try again, and if the problem persists, please report the error.');
 
+        if (!preg_match("/ldaps:/i",$hostname) and $enable_tls) {
+            if (!ldap_start_tls($this->ldap)) {
+                throw new Exception('Could not force LDAP into TLS-session. Please verify certificates and configuration');
+            }
+        }
 		$this->setV3();
 
 	}
@@ -135,4 +140,4 @@ class SimpleSAML_Auth_LDAP {
 
 }
 
-?>
+?>
\ No newline at end of file

www/auth/login.php

@@ -61,7 +61,8 @@ if (isset($_POST['username'])) {
 		/*
 		 * Connecting to LDAP.
 		 */
-		$ldap = new SimpleSAML_Auth_LDAP($config->getValue('auth.ldap.hostname'));
+		$ldap = new SimpleSAML_Auth_LDAP($config->getValue('auth.ldap.hostname',
+                                         $config->getValue('auth.ldap.enable_tls')));
 	
 		/* Insert the LDAP username into the pattern configured in the
 		 * 'auth.ldap.dnpattern' option.