From fa4125ea3beb24e840a4fd6c45b82a01aab53be8 Mon Sep 17 00:00:00 2001
From: Christoph Reiter <reiter.christoph@gmail.com>
Date: Thu, 15 Sep 2022 12:16:10 +0200
Subject: [PATCH] Add an option to disable LDAP encryption

We had one use case where the LDAP server didn't support encryption,
so support that too.
---
 CHANGELOG.md                              | 3 +++
 src/DependencyInjection/Configuration.php | 4 ++--
 src/Service/LDAPApi.php                   | 4 ++--
 3 files changed, 7 insertions(+), 4 deletions(-)
 create mode 100644 CHANGELOG.md

diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..1f15b63
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,3 @@
+# v0.3.3
+
+* config: ldap.encryption gained an option "plain" for disabling encryption
diff --git a/src/DependencyInjection/Configuration.php b/src/DependencyInjection/Configuration.php
index b5f9888..24e185f 100644
--- a/src/DependencyInjection/Configuration.php
+++ b/src/DependencyInjection/Configuration.php
@@ -25,8 +25,8 @@ class Configuration implements ConfigurationInterface
             ->scalarNode('username')->end()
             ->scalarNode('password')->end()
             ->enumNode('encryption')
-                ->info('simple_tls uses port 636 and is sometimes referred to as "SSL", start_tls uses port 389 and is sometimes referred to as "TLS"')
-                ->values(['start_tls', 'simple_tls'])
+                ->info('simple_tls uses port 636 and is sometimes referred to as "SSL", start_tls uses port 389 and is sometimes referred to as "TLS", plain means none')
+                ->values(['start_tls', 'simple_tls', 'plain'])
                 ->defaultValue('start_tls')
             ->end()
             ->end();
diff --git a/src/Service/LDAPApi.php b/src/Service/LDAPApi.php
index e6faeb8..b7dcef5 100644
--- a/src/Service/LDAPApi.php
+++ b/src/Service/LDAPApi.php
@@ -96,10 +96,10 @@ class LDAPApi implements LoggerAwareInterface, ServiceSubscriberInterface
         ];
 
         $encryption = $config['ldap']['encryption'];
-        assert(in_array($encryption, ['start_tls', 'simple_tls'], true));
+        assert(in_array($encryption, ['start_tls', 'simple_tls', 'plain'], true));
         $this->providerConfig['use_tls'] = ($encryption === 'start_tls');
         $this->providerConfig['use_ssl'] = ($encryption === 'simple_tls');
-        $this->providerConfig['port'] = ($encryption === 'start_tls') ? 389 : 636;
+        $this->providerConfig['port'] = ($encryption === 'start_tls' || $encryption === 'plain') ? 389 : 636;
     }
 
     public function checkConnection()
-- 
GitLab