$as) {
if ($config['system']['authserver'][$k]['name'] == $serverdeleted)
unset($config['system']['authserver'][$k]);
}
/* Remove server from temp list used later on this page. */
unset($a_server[$_GET['id']]);
$savemsg = gettext("Authentication Server")." {$serverdeleted} ".
gettext("deleted")."
";
write_config($savemsg);
}
if ($act == "edit") {
if (isset($id) && $a_server[$id]) {
$pconfig['type'] = $a_server[$id]['type'];
$pconfig['name'] = $a_server[$id]['name'];
if ($pconfig['type'] == "ldap") {
$pconfig['ldap_caref'] = $a_server[$id]['ldap_caref'];
$pconfig['ldap_host'] = $a_server[$id]['host'];
$pconfig['ldap_port'] = $a_server[$id]['ldap_port'];
$pconfig['ldap_urltype'] = $a_server[$id]['ldap_urltype'];
$pconfig['ldap_protver'] = $a_server[$id]['ldap_protver'];
$pconfig['ldap_scope'] = $a_server[$id]['ldap_scope'];
$pconfig['ldap_basedn'] = $a_server[$id]['ldap_basedn'];
$pconfig['ldap_authcn'] = $a_server[$id]['ldap_authcn'];
$pconfig['ldap_extended_enabled'] = $a_server[$id]['ldap_extended_enabled'];
$pconfig['ldap_extended_query'] = $a_server[$id]['ldap_extended_query'];
$pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn'];
$pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw'];
$pconfig['ldap_attr_user'] = $a_server[$id]['ldap_attr_user'];
$pconfig['ldap_attr_group'] = $a_server[$id]['ldap_attr_group'];
$pconfig['ldap_attr_member'] = $a_server[$id]['ldap_attr_member'];
if (!$pconfig['ldap_binddn'] || !$pconfig['ldap_bindpw'])
$pconfig['ldap_anon'] = true;
}
if ($pconfig['type'] == "radius") {
$pconfig['radius_host'] = $a_server[$id]['host'];
$pconfig['radius_auth_port'] = $a_server[$id]['radius_auth_port'];
$pconfig['radius_acct_port'] = $a_server[$id]['radius_acct_port'];
$pconfig['radius_secret'] = $a_server[$id]['radius_secret'];
if ($pconfig['radius_auth_port'] &&
$pconfig['radius_acct_port'] ) {
$pconfig['radius_srvcs'] = "both";
}
if ( $pconfig['radius_auth_port'] &&
!$pconfig['radius_acct_port'] ) {
$pconfig['radius_srvcs'] = "auth";
$pconfig['radius_acct_port'] = 1813;
}
if (!$pconfig['radius_auth_port'] &&
$pconfig['radius_acct_port'] ) {
$pconfig['radius_srvcs'] = "acct";
$pconfig['radius_auth_port'] = 1812;
}
}
}
}
if ($act == "new") {
$pconfig['ldap_protver'] = 3;
$pconfig['ldap_anon'] = true;
$pconfig['radius_srvcs'] = "both";
$pconfig['radius_auth_port'] = "1812";
$pconfig['radius_acct_port'] = "1813";
}
if ($_POST) {
unset($input_errors);
$pconfig = $_POST;
/* input validation */
if ($pconfig['type'] == "ldap") {
$reqdfields = explode(" ", "name type ldap_host ldap_port ".
"ldap_urltype ldap_protver ldap_scope ".
"ldap_attr_user ldap_attr_group ldap_attr_member ldapauthcontainers");
$reqdfieldsn = array(
gettext("Descriptive name"),
gettext("Type"),
gettext("Hostname or IP"),
gettext("Port value"),
gettext("Transport"),
gettext("Protocol version"),
gettext("Search level"),
gettext("User naming Attribute"),
gettext("Group naming Attribute"),
gettext("Group member attribute"),
gettext("Authentication container"));
if (!$pconfig['ldap_anon']) {
$reqdfields[] = "ldap_binddn";
$reqdfields[] = "ldap_bindpw";
$reqdfieldsn[] = gettext("Bind user DN");
$reqdfieldsn[] = gettext("Bind Password");
}
}
if ($pconfig['type'] == "radius") {
$reqdfields = explode(" ", "name type radius_host radius_srvcs");
$reqdfieldsn = array(
gettext("Descriptive name"),
gettext("Type"),
gettext("Hostname or IP"),
gettext("Services"));
if ($pconfig['radisu_srvcs'] == "both" ||
$pconfig['radisu_srvcs'] == "auth") {
$reqdfields[] = "radius_auth_port";
$reqdfieldsn[] = gettext("Authentication port value");
}
if ($pconfig['radisu_srvcs'] == "both" ||
$pconfig['radisu_srvcs'] == "acct") {
$reqdfields[] = "radius_acct_port";
$reqdfieldsn[] = gettext("Accounting port value");
}
if (!isset($id)) {
$reqdfields[] = "radius_secret";
$reqdfieldsn[] = gettext("Shared Secret");
}
}
do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['host']))
$input_errors[] = gettext("The host name contains invalid characters.");
if (auth_get_authserver($pconfig['name']) && !isset($id))
$input_errors[] = gettext("An authentication server with the same name already exists.");
/* if this is an AJAX caller then handle via JSON */
if (isAjax() && is_array($input_errors)) {
input_errors2Ajax($input_errors);
exit;
}
if (!$input_errors) {
$server = array();
$server['refid'] = uniqid();
if (isset($id) && $a_server[$id])
$server = $a_server[$id];
$server['type'] = $pconfig['type'];
$server['name'] = $pconfig['name'];
if ($server['type'] == "ldap") {
if (!empty($pconfig['ldap_caref']))
$server['ldap_caref'] = $pconfig['ldap_caref'];
$server['host'] = $pconfig['ldap_host'];
$server['ldap_port'] = $pconfig['ldap_port'];
$server['ldap_urltype'] = $pconfig['ldap_urltype'];
$server['ldap_protver'] = $pconfig['ldap_protver'];
$server['ldap_scope'] = $pconfig['ldap_scope'];
$server['ldap_basedn'] = $pconfig['ldap_basedn'];
$server['ldap_authcn'] = $pconfig['ldapauthcontainers'];
$server['ldap_extended_enabled'] = $pconfig['ldap_extended_enabled'];
$server['ldap_extended_query'] = $pconfig['ldap_extended_query'];
$server['ldap_attr_user'] = $pconfig['ldap_attr_user'];
$server['ldap_attr_group'] = $pconfig['ldap_attr_group'];
$server['ldap_attr_member'] = $pconfig['ldap_attr_member'];
if (!$pconfig['ldap_anon']) {
$server['ldap_binddn'] = $pconfig['ldap_binddn'];
$server['ldap_bindpw'] = $pconfig['ldap_bindpw'];
} else {
unset($server['ldap_binddn']);
unset($server['ldap_bindpw']);
}
}
if ($server['type'] == "radius") {
$server['host'] = $pconfig['radius_host'];
if ($pconfig['radius_secret'])
$server['radius_secret'] = $pconfig['radius_secret'];
if ($pconfig['radius_srvcs'] == "both") {
$server['radius_auth_port'] = $pconfig['radius_auth_port'];
$server['radius_acct_port'] = $pconfig['radius_acct_port'];
}
if ($pconfig['radius_srvcs'] == "auth") {
$server['radius_auth_port'] = $pconfig['radius_auth_port'];
unset($server['radius_acct_port']);
}
if ($pconfig['radius_srvcs'] == "acct") {
$server['radius_acct_port'] = $pconfig['radius_acct_port'];
unset($server['radius_auth_port']);
}
}
if (isset($id) && $config['system']['authserver'][$id])
$config['system']['authserver'][$id] = $server;
else
$config['system']['authserver'][] = $server;
write_config();
pfSenseHeader("system_authservers.php");
}
}
include("head.inc");
?>
|