From 7a938f1b105c97c4d7e1668d2ddc8be2d3d24f36 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Tue, 27 Apr 2010 14:55:56 +0000
Subject: Ticket #389. Correctly make the ldap object picker work and handle
 various errors.

---
 etc/inc/auth.inc                                   | 16 +++---
 usr/local/www/system_authservers.php               | 15 ++++++
 .../system_usermanager_settings_ldapacpicker.php   | 63 +++++++++++-----------
 3 files changed, 56 insertions(+), 38 deletions(-)

diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc
index 44d8a5c..83fd02c 100644
--- a/etc/inc/auth.inc
+++ b/etc/inc/auth.inc
@@ -564,6 +564,8 @@ function ldap_get_user_ous($show_complete_ou=true, $authcfg) {
 	if(!function_exists("ldap_connect"))
 		return;
 
+	$ous = array();
+
 	if ($authcfg) {
                 if (strstr($authcfg['ldap_urltype'], "Standard"))
                         $ldapproto = "ldap";
@@ -585,8 +587,6 @@ function ldap_get_user_ous($show_complete_ou=true, $authcfg) {
         } else
 		return false;
 
-	$ous = array();
-
         /* first check if there is even an LDAP server populated */
         if(!$ldapserver) {
                 log_error("ERROR!  ldap_get_user_ous() backed selected with no LDAP authentication server defined.");
@@ -629,8 +629,8 @@ function ldap_get_user_ous($show_complete_ou=true, $authcfg) {
 	else
 		$ldapfunc = "ldap_search";
 
-	$search = $ldapfunc($ldap, $ldapbasedn, $ldapfilter);
-	$info = ldap_get_entries($ldap, $search);
+	$search = @$ldapfunc($ldap, $ldapbasedn, $ldapfilter);
+	$info = @ldap_get_entries($ldap, $search);
 
 	if (is_array($info)) {
 		foreach ($info as $inf) {
@@ -743,8 +743,8 @@ function ldap_get_groups($username, $authcfg) {
         else
                 $ldapfunc = "ldap_search";
 
-	$search    = $ldapfunc($ldap, $ldapdn, $ldapfilter, array($ldapgroupattribute));
-	$info      = ldap_get_entries($ldap, $search);
+	$search    = @$ldapfunc($ldap, $ldapdn, $ldapfilter, array($ldapgroupattribute));
+	$info      = @ldap_get_entries($ldap, $search);
 
 	$countem = $info["count"];	
 	
@@ -876,9 +876,9 @@ function ldap_backed($username, $passwd, $authcfg) {
 			$ldapfunc = "ldap_search";
 		/* Support legacy auth container specification. */
 		if (stristr($ldac_split, "DC="))
-			$search	 = $ldapfunc($ldap,$ldac_split,$ldapfilter);
+			$search	 = @$ldapfunc($ldap,$ldac_split,$ldapfilter);
 		else
-			$search  = $ldapfunc($ldap,"{$ldac_split},{$ldapbasedn}",$ldapfilter);
+			$search  = @$ldapfunc($ldap,"{$ldac_split},{$ldapbasedn}",$ldapfilter);
 		if (!$search) {
 			log_error("Search resulted in error: " . ldap_error($ldap));
 			continue;
diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php
index a91e30f..ca47289 100644
--- a/usr/local/www/system_authservers.php
+++ b/usr/local/www/system_authservers.php
@@ -345,6 +345,21 @@ function radius_srvcschange(){
 }
 
 function select_clicked() {
+	if (document.getElementById("ldap_port").value == '' ||
+	    document.getElementById("ldap_host").value == '' ||
+	    document.getElementById("ldap_scope").value == '' ||
+	    document.getElementById("ldap_basedn").value == '' ||
+	    document.getElementById("ldapauthcontainers").value == '') {
+		alert("Please fill the required values.");
+		return;
+	}
+	if (!document.getElementById("ldap_anon").checked) {
+		if (document.getElementById("ldap_binddn").value == '' ||
+		    document.getElementById("ldap_bindpw").value == '') {
+			alert("Please fill the bind username/password.");
+			return;
+		}
+	}
         var url = 'system_usermanager_settings_ldapacpicker.php?';
         url += 'port=' + document.getElementById("ldap_port").value;
         url += '&host=' + document.getElementById("ldap_host").value;
diff --git a/usr/local/www/system_usermanager_settings_ldapacpicker.php b/usr/local/www/system_usermanager_settings_ldapacpicker.php
index 6a3d186..40212b1 100644
--- a/usr/local/www/system_usermanager_settings_ldapacpicker.php
+++ b/usr/local/www/system_usermanager_settings_ldapacpicker.php
@@ -33,7 +33,9 @@
 
 require("guiconfig.inc");
 require_once("auth.inc");
+
 $ous = array();
+
 if($_GET) {
 	$authcfg = array();
 	$authcfg['ldap_port'] = $_GET['port'];
@@ -47,7 +49,29 @@ if($_GET) {
 	$authcfg['ldap_authcn'] = explode(";", $_GET['authcn']);
 	$ous = ldap_get_user_ous(true, $authcfg);
 }
+
 ?>
+<html>
+	<head>
+            <STYLE type="text/css">
+                        TABLE {
+                                border-width: 1px 1px 1px 1px;
+                                border-spacing: 0px;
+                                border-style: solid solid solid solid;
+                                border-color: gray gray gray gray;
+                                border-collapse: separate;
+                                background-color: collapse;
+                        }
+                        TD {
+                                border-width: 0px 0px 0px 0px;
+                                border-spacing: 0px;
+                                border-style: solid solid solid solid;
+                                border-color: gray gray gray gray;
+                                border-collapse: collapse;
+                                background-color: white;
+                        }
+            </STYLE>
+        </head>
 <script language="JavaScript">
 function post_choices() {
 
@@ -61,34 +85,17 @@ function post_choices() {
 			opener.document.forms[0].ldapauthcontainers.value+=document.forms[0].ou[i].value;
 		}
 	}
-	//this.close();
+	window.close();
 -->
 }
 </script>
 
-<html>
-	<head>
-	    <STYLE type="text/css">
-			TABLE { 
-				border-width: 1px 1px 1px 1px;
-				border-spacing: 0px;
-				border-style: solid solid solid solid;
-				border-color: gray gray gray gray;
-				border-collapse: separate;
-				background-color: collapse;
-	 		}
-			TD { 
-				border-width: 0px 0px 0px 0px;
-				border-spacing: 0px;
-				border-style: solid solid solid solid;
-				border-color: gray gray gray gray;
-				border-collapse: collapse;
-				background-color: white;
-			}
-	    </STYLE>		
-	</head>
  <body link="#000000" vlink="#000000" alink="#000000" >
  <form method="post" action="system_usermanager_settings_ldapacpicker.php">	
+<?php if (empty($ous)): ?>
+	<p>Sorry, we could not connect to the LDAP server.  Please try later.</p>
+	<input type='button' value='Close' onClick="window.close();">
+<?php else: ?>
 	<b>Please select which containers to Authenticate against:</b>
 	<p/>
 	<table width="100%" border="0" cellpadding="0" cellspacing="0">
@@ -96,11 +103,7 @@ function post_choices() {
     	<td class="tabnavtbl">
 			<table width="100%">
 <?php
-	if(!is_array($ous)) {
-		echo "Sorry, we could not connect to the LDAP server.  Please try later.";
-		//exit;
-	}
-	else if(is_array($ous)) {	
+	if(is_array($ous)) {	
 		foreach($ous as $ou) {
 			if(in_array($ou, $authcfg['ldap_authcn']))
 				$CHECKED=" CHECKED";
@@ -109,7 +112,7 @@ function post_choices() {
 			echo "			<tr><td><input type='checkbox' value='{$ou}' id='ou' name='ou[]'{$CHECKED}> {$ou}<br/></td></tr>\n";
 		}
 	}
-?>	
+?>
 			</table>
       	</td>
      </tr>
@@ -118,7 +121,7 @@ function post_choices() {
 	<p/>
 
 	<input type='button' value='Save' onClick="post_choices();">
-
+<?php endif; ?>
+ </form>
  </body>
 </html>
-
-- 
cgit v1.1