drop libdigest-hmac-perl dependency

[pve-access-control.git] / PVE / Auth / LDAP.pm

diff --git a/PVE/Auth/LDAP.pm b/PVE/Auth/LDAP.pm
index dc1c229775e32ea3458e4d34c9aa5b2c8f732017..e1161b64e131c1bebc85dfaef37435638f0b6ad8 100755 (executable)
--- a/PVE/Auth/LDAP.pm
+++ b/PVE/Auth/LDAP.pm
@@ -1,8 +1,11 @@
 package PVE::Auth::LDAP;
 
 use strict;
+use warnings;
+
 use PVE::Auth::Plugin;
 use Net::LDAP;
+use Net::IP;
 use base qw(PVE::Auth::Plugin);
 
 sub type {
@@ -38,6 +41,7 @@ sub options {
        secure => { optional => 1 },
        default => { optional => 1 },
        comment => { optional => 1 },
+       tfa => { optional => 1 },
     };
 }
 
@@ -47,6 +51,7 @@ my $authenticate_user_ldap = sub {
     my $default_port = $config->{secure} ? 636: 389;
     my $port = $config->{port} ? $config->{port} : $default_port;
     my $scheme = $config->{secure} ? 'ldaps' : 'ldap';
+    $server = "[$server]" if Net::IP::ip_is_ipv6($server);
     my $conn_string = "$scheme://${server}:$port";
 
     my $ldap = Net::LDAP->new($conn_string, verify => 'none') || die "$@\n";