diff options
| author | Ermal <eri@pfsense.org> | 2010-04-27 14:55:56 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2010-04-27 14:55:56 +0000 |
| commit | 7a938f1b105c97c4d7e1668d2ddc8be2d3d24f36 (patch) | |
| tree | bb2896af06e6a395357bb379aef0f8ab33b32ad8 | |
| parent | b567f5893ce8c257229ee6612de088ce3fe654bb (diff) | |
| download | pfsense-7a938f1b105c97c4d7e1668d2ddc8be2d3d24f36.zip pfsense-7a938f1b105c97c4d7e1668d2ddc8be2d3d24f36.tar.gz | |
Ticket #389. Correctly make the ldap object picker work and handle various errors.
| -rw-r--r-- | etc/inc/auth.inc | 16 | ||||
| -rw-r--r-- | usr/local/www/system_authservers.php | 15 | ||||
| -rw-r--r-- | usr/local/www/system_usermanager_settings_ldapacpicker.php | 63 |
3 files changed, 56 insertions, 38 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 44d8a5c..83fd02c 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -564,6 +564,8 @@ function ldap_get_user_ous($show_complete_ou=true, $authcfg) { if(!function_exists("ldap_connect")) return; + $ous = array(); + if ($authcfg) { if (strstr($authcfg['ldap_urltype'], "Standard")) $ldapproto = "ldap"; @@ -585,8 +587,6 @@ function ldap_get_user_ous($show_complete_ou=true, $authcfg) { } else return false; - $ous = array(); - /* first check if there is even an LDAP server populated */ if(!$ldapserver) { log_error("ERROR! ldap_get_user_ous() backed selected with no LDAP authentication server defined."); @@ -629,8 +629,8 @@ function ldap_get_user_ous($show_complete_ou=true, $authcfg) { else $ldapfunc = "ldap_search"; - $search = $ldapfunc($ldap, $ldapbasedn, $ldapfilter); - $info = ldap_get_entries($ldap, $search); + $search = @$ldapfunc($ldap, $ldapbasedn, $ldapfilter); + $info = @ldap_get_entries($ldap, $search); if (is_array($info)) { foreach ($info as $inf) { @@ -743,8 +743,8 @@ function ldap_get_groups($username, $authcfg) { else $ldapfunc = "ldap_search"; - $search = $ldapfunc($ldap, $ldapdn, $ldapfilter, array($ldapgroupattribute)); - $info = ldap_get_entries($ldap, $search); + $search = @$ldapfunc($ldap, $ldapdn, $ldapfilter, array($ldapgroupattribute)); + $info = @ldap_get_entries($ldap, $search); $countem = $info["count"]; @@ -876,9 +876,9 @@ function ldap_backed($username, $passwd, $authcfg) { $ldapfunc = "ldap_search"; /* Support legacy auth container specification. */ if (stristr($ldac_split, "DC=")) - $search = $ldapfunc($ldap,$ldac_split,$ldapfilter); + $search = @$ldapfunc($ldap,$ldac_split,$ldapfilter); else - $search = $ldapfunc($ldap,"{$ldac_split},{$ldapbasedn}",$ldapfilter); + $search = @$ldapfunc($ldap,"{$ldac_split},{$ldapbasedn}",$ldapfilter); if (!$search) { log_error("Search resulted in error: " . ldap_error($ldap)); continue; diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index a91e30f..ca47289 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -345,6 +345,21 @@ function radius_srvcschange(){ } function select_clicked() { + if (document.getElementById("ldap_port").value == '' || + document.getElementById("ldap_host").value == '' || + document.getElementById("ldap_scope").value == '' || + document.getElementById("ldap_basedn").value == '' || + document.getElementById("ldapauthcontainers").value == '') { + alert("Please fill the required values."); + return; + } + if (!document.getElementById("ldap_anon").checked) { + if (document.getElementById("ldap_binddn").value == '' || + document.getElementById("ldap_bindpw").value == '') { + alert("Please fill the bind username/password."); + return; + } + } var url = 'system_usermanager_settings_ldapacpicker.php?'; url += 'port=' + document.getElementById("ldap_port").value; url += '&host=' + document.getElementById("ldap_host").value; diff --git a/usr/local/www/system_usermanager_settings_ldapacpicker.php b/usr/local/www/system_usermanager_settings_ldapacpicker.php index 6a3d186..40212b1 100644 --- a/usr/local/www/system_usermanager_settings_ldapacpicker.php +++ b/usr/local/www/system_usermanager_settings_ldapacpicker.php @@ -33,7 +33,9 @@ require("guiconfig.inc"); require_once("auth.inc"); + $ous = array(); + if($_GET) { $authcfg = array(); $authcfg['ldap_port'] = $_GET['port']; @@ -47,7 +49,29 @@ if($_GET) { $authcfg['ldap_authcn'] = explode(";", $_GET['authcn']); $ous = ldap_get_user_ous(true, $authcfg); } + ?> +<html> + <head> + <STYLE type="text/css"> + TABLE { + border-width: 1px 1px 1px 1px; + border-spacing: 0px; + border-style: solid solid solid solid; + border-color: gray gray gray gray; + border-collapse: separate; + background-color: collapse; + } + TD { + border-width: 0px 0px 0px 0px; + border-spacing: 0px; + border-style: solid solid solid solid; + border-color: gray gray gray gray; + border-collapse: collapse; + background-color: white; + } + </STYLE> + </head> <script language="JavaScript"> function post_choices() { @@ -61,34 +85,17 @@ function post_choices() { opener.document.forms[0].ldapauthcontainers.value+=document.forms[0].ou[i].value; } } - //this.close(); + window.close(); --> } </script> -<html> - <head> - <STYLE type="text/css"> - TABLE { - border-width: 1px 1px 1px 1px; - border-spacing: 0px; - border-style: solid solid solid solid; - border-color: gray gray gray gray; - border-collapse: separate; - background-color: collapse; - } - TD { - border-width: 0px 0px 0px 0px; - border-spacing: 0px; - border-style: solid solid solid solid; - border-color: gray gray gray gray; - border-collapse: collapse; - background-color: white; - } - </STYLE> - </head> <body link="#000000" vlink="#000000" alink="#000000" > <form method="post" action="system_usermanager_settings_ldapacpicker.php"> +<?php if (empty($ous)): ?> + <p>Sorry, we could not connect to the LDAP server. Please try later.</p> + <input type='button' value='Close' onClick="window.close();"> +<?php else: ?> <b>Please select which containers to Authenticate against:</b> <p/> <table width="100%" border="0" cellpadding="0" cellspacing="0"> @@ -96,11 +103,7 @@ function post_choices() { <td class="tabnavtbl"> <table width="100%"> <?php - if(!is_array($ous)) { - echo "Sorry, we could not connect to the LDAP server. Please try later."; - //exit; - } - else if(is_array($ous)) { + if(is_array($ous)) { foreach($ous as $ou) { if(in_array($ou, $authcfg['ldap_authcn'])) $CHECKED=" CHECKED"; @@ -109,7 +112,7 @@ function post_choices() { echo " <tr><td><input type='checkbox' value='{$ou}' id='ou' name='ou[]'{$CHECKED}> {$ou}<br/></td></tr>\n"; } } -?> +?> </table> </td> </tr> @@ -118,7 +121,7 @@ function post_choices() { <p/> <input type='button' value='Save' onClick="post_choices();"> - +<?php endif; ?> + </form> </body> </html> - |
