# This is a combination of 9 commits.

# This is the 1st commit message:

Patch from PR 24574 to view.js

Signed-off-by: Vincent Van Houtte <[email protected]>

# This is the commit message nextcloud#2:

Patch from PR 24574 to lib/Connection.php

Signed-off-by: Vincent Van Houtte <[email protected]>

# This is the commit message nextcloud#3:

Patch from PR 24574 to lib/Wizard.php

Signed-off-by: Vincent Van Houtte <[email protected]>

# This is the commit message nextcloud#4:

Patch from PR 24574 to lib/LDAP.php (manually)

Signed-off-by: Vincent Van Houtte <[email protected]>

# This is the commit message nextcloud#5:

Added a function usesLdapi() in Configuration.php and referenced that function throughout the PR

Signed-off-by: Vincent Van Houtte <[email protected]>

# This is the commit message nextcloud#6:

Removed the questions I added in comments - https://github.com/nextcloud/server/pull/24574/files#r825732903

Signed-off-by: Vincent Van Houtte <[email protected]>

# This is the commit message nextcloud#7:

Changed the test as requested - https://github.com/nextcloud/server/pull/24574/files#r825726282

Signed-off-by: Vincent Van Houtte <[email protected]>

# This is the commit message nextcloud#8:

Changing return type from bool to int

Signed-off-by: Vincent Van Houtte <[email protected]>

# This is the commit message nextcloud#9:

Changing return type of usesLdapi() to bool and adapting references

Signed-off-by: Vincent Van Houtte <[email protected]>

Author: zenlord

apps/user_ldap/js/wizard/view.js

@@ -86,7 +86,8 @@ OCA = OCA || {};
 			var agent = view.configModel.configuration.ldap_dn;
 			var pwd   = view.configModel.configuration.ldap_agent_password;
 
-			if((host && port  && base) && ((!agent && !pwd) || (agent && pwd))) {
+			if(((host && port && base) || (host && base && host.indexOf('ldapi://') > -1 ))
+        && ((!agent && !pwd) || (agent && pwd))) {
 				view.enableTabs();
 			} else {
 				view.disableTabs();
@@ -107,7 +108,8 @@ OCA = OCA || {};
 			var userFilter  = this.configModel.configuration.ldap_userlist_filter;
 			var loginFilter = this.configModel.configuration.ldap_login_filter;
 
-			if(host && port && base && userFilter && loginFilter) {
+			if((host && port && base && userFilter && loginFilter) ||
+        (host && base && host.indexOf('ldapi://') > -1 && userFilter && loginFilter)) {
 				this.configModel.requestConfigurationTest();
 			} else {
 				this._updateStatusIndicator(this.STATUS_INCOMPLETE);

apps/user_ldap/lib/Configuration.php

@@ -463,6 +463,7 @@ public function getDefaults(): array {
 			'ldap_user_avatar_rule' => 'default',
 			'ldap_ext_storage_home_attribute' => '',
 			'ldap_matching_rule_in_chain_state' => self::LDAP_SERVER_FEATURE_UNKNOWN,
+			'uses_ldapi' => 0,
 		];
 	}
 
@@ -559,4 +560,11 @@ public function getAvatarAttributes(): array {
 		}
 		return $defaultAttributes;
 	}
+
+	/**
+	 * Returns TRUE if the ldapHost variable starts with 'ldapi://'
+	 */
+	public function usesLdapi(): bool {
+		return (substr($this->config['ldapHost'], 0, strlen('ldapi://')) != 'ldapi://') ? false : true;
+	}
 }

apps/user_ldap/lib/Connection.php

@@ -18,6 +18,7 @@
  * @author root <[email protected]>
  * @author Victor Dubiniuk <[email protected]>
  * @author Xuanwo <[email protected]>
+ * @author Vincent Van Houtte <[email protected]>
  *
  * @license AGPL-3.0
  *
@@ -454,8 +455,14 @@ private function doCriticalValidation() {
 			(string)$this->configPrefix .'): ';
 
 		//options that shall not be empty
-		$options = ['ldapHost', 'ldapPort', 'ldapUserDisplayName',
+		$options = ['ldapHost', 'ldapUserDisplayName',
 			'ldapGroupDisplayName', 'ldapLoginFilter'];
+
+		//ldapPort should not be empty either unless ldapHost is pointing to a socket
+		if ($this->configuration->usesLdapi() === false) {
+			$options[] = 'ldapPort';
+		}
+
 		foreach ($options as $key) {
 			$val = $this->configuration->$key;
 			if (empty($val)) {

apps/user_ldap/lib/LDAP.php

@@ -76,7 +76,7 @@ public function connect($host, $port) {
 		if (strpos($host, '://') === false) {
 			$host = 'ldap://' . $host;
 		}
-		if (strpos($host, ':', strpos($host, '://') + 1) === false) {
+		if (strpos($host, ':', strpos($host, '://') + 1) === false && !empty($port)) {
 			//ldap_connect ignores port parameter when URLs are passed
 			$host .= ':' . $port;
 		}

apps/user_ldap/lib/Wizard.php

@@ -19,6 +19,7 @@
  * @author Tobias Perschon <[email protected]>
  * @author Victor Dubiniuk <[email protected]>
  * @author Xuanwo <[email protected]>
+ * @author Vincent Van Houtte <[email protected]>
  *
  * @license AGPL-3.0
  *
@@ -97,7 +98,10 @@ public function __destruct() {
 	 * @throws \Exception
 	 */
 	public function countEntries(string $filter, string $type): int {
-		$reqs = ['ldapHost', 'ldapPort', 'ldapBase'];
+		$reqs = ['ldapHost', 'ldapBase'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
 		if ($type === 'users') {
 			$reqs[] = 'ldapUserFilter';
 		}
@@ -196,11 +200,11 @@ public function countInBaseDN() {
 	 * @return int|bool
 	 */
 	public function countUsersWithAttribute($attr, $existsCheck = false) {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 
@@ -221,11 +225,11 @@ public function countUsersWithAttribute($attr, $existsCheck = false) {
 	 * @throws \Exception
 	 */
 	public function detectUserDisplayNameAttribute() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 
@@ -263,11 +267,11 @@ public function detectUserDisplayNameAttribute() {
 	 * @return WizardResult|bool
 	 */
 	public function detectEmailAttribute() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 
@@ -312,11 +316,11 @@ public function detectEmailAttribute() {
 	 * @throws \Exception
 	 */
 	public function determineAttributes() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 
@@ -341,11 +345,11 @@ public function determineAttributes() {
 	 * @throws \Exception
 	 */
 	private function getUserAttributes() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 		$cr = $this->getConnection();
@@ -397,10 +401,11 @@ public function determineGroupsForUsers() {
 	 * @throws \Exception
 	 */
 	private function determineGroups($dbKey, $confKey, $testMemberOf = true) {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 		$cr = $this->getConnection();
@@ -477,10 +482,11 @@ public function fetchGroups($dbKey, $confKey) {
 	}
 
 	public function determineGroupMemberAssoc() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapGroupFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapGroupFilter'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 		$attribute = $this->detectGroupMemberAssoc();
@@ -499,10 +505,11 @@ public function determineGroupMemberAssoc() {
 	 * @throws \Exception
 	 */
 	public function determineGroupObjectClasses() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 		$cr = $this->getConnection();
@@ -526,10 +533,11 @@ public function determineGroupObjectClasses() {
 	 * @throws \Exception
 	 */
 	public function determineUserObjectClasses() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return  false;
 		}
 		$cr = $this->getConnection();
@@ -556,10 +564,11 @@ public function determineUserObjectClasses() {
 	 * @throws \Exception
 	 */
 	public function getGroupFilter() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 		//make sure the use display name is set
@@ -580,10 +589,11 @@ public function getGroupFilter() {
 	 * @throws \Exception
 	 */
 	public function getUserListFilter() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 		//make sure the use display name is set
@@ -606,11 +616,11 @@ public function getUserListFilter() {
 	 * @throws \Exception
 	 */
 	public function getUserLoginFilter() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapUserFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 
@@ -629,11 +639,11 @@ public function getUserLoginFilter() {
 	 * @throws \Exception
 	 */
 	public function testLoginName($loginName) {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapLoginFilter',
-		])) {
+		$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 
@@ -722,9 +732,11 @@ public function guessPortAndTLS() {
 	 * @return WizardResult|false WizardResult on success, false otherwise
 	 */
 	public function guessBaseDN() {
-		if (!$this->checkRequirements(['ldapHost',
-			'ldapPort',
-		])) {
+		$reqs = ['ldapHost'];
+		if ($this->configuration->usesLdapi() === false) {
+			$reqs[] = 'ldapPort';
+		}
+		if (!$this->checkRequirements($reqs)) {
 			return false;
 		}
 
@@ -1366,6 +1378,8 @@ private function getPortSettingsToTry() {
 				$portSettings[] = ['port' => $port, 'tls' => true];
 			}
 			$portSettings[] = ['port' => $port, 'tls' => false];
+		} elseif ($this->configuration->usesLdapi()) {
+			$portSettings[] = ['port' => '', 'tls' => false];
 		}
 
 		//default ports