[tokkee]

tokkee.org

Code

projects / gosa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Cache password methods
[gosa.git] / gosa-core / include / class_config.inc
diff --git a/gosa-core/include/class_config.inc b/gosa-core/include/class_config.inc
index 274142b83de9735d769a8a36ddc3e016d56ae793..4d8b18c8c325eb34c66232ecfd0012cff7400b34 100644 (file)
--- a/gosa-core/include/class_config.inc
+++ b/gosa-core/include/class_config.inc
@@ -106,7 +106,7 @@ class config  {
       $msg = sprintf(_("XML error in gosa.conf: %s at line %d"),
             xml_error_string(xml_get_error_code($this->parser)),
             xml_get_current_line_number($this->parser));
-      msg_dialog::display(_("Config file parsing"), $msg, FATAL_ERROR_DIALOG);
+      msg_dialog::display(_("Configuration error"), $msg, FATAL_ERROR_DIALOG);
       exit;
     }
   }
@@ -216,36 +216,39 @@ class config  {
 
   function get_ldap_link($sizelimit= FALSE)
   {
-    /* Build new connection */
-    $this->ldap= ldap_init ($this->current['SERVER'], $this->current['BASE'],
-        $this->current['ADMIN'], $this->current['PASSWORD']);
+    if($this->ldap === NULL || !is_resource($this->ldap->cid)){
 
-    /* Check for connection */
-    if (is_null($this->ldap) || (is_int($this->ldap) && $this->ldap == 0)){
-      $smarty= get_smarty();
-      msg_dialog::display(_("LDAP error"), _("Cannot bind to LDAP. Please contact the system administrator."), FATAL_ERROR_DIALOG);
-      exit();
-    }
+      /* Build new connection */
+      $this->ldap= ldap_init ($this->current['SERVER'], $this->current['BASE'],
+          $this->get_admin_dn(), $this->get_admin_password());
 
-    if (!session::is_set('size_limit')){
-      session::set('size_limit',$this->current['SIZELIMIT']);
-      session::set('size_ignore',$this->current['SIZEIGNORE']);
-    }
+      /* Check for connection */
+      if (is_null($this->ldap) || (is_int($this->ldap) && $this->ldap == 0)){
+        $smarty= get_smarty();
+        msg_dialog::display(_("LDAP error"), _("Cannot bind to LDAP. Please contact the system administrator."), FATAL_ERROR_DIALOG);
+        exit();
+      }
 
-    if ($sizelimit){
-      $this->ldap->set_size_limit(session::get('size_limit'));
-    } else {
-      $this->ldap->set_size_limit(0);
-    }
+      if (!session::is_set('size_limit')){
+        session::set('size_limit',$this->current['SIZELIMIT']);
+        session::set('size_ignore',$this->current['SIZEIGNORE']);
+      }
 
-    /* Move referrals */
-    if (!isset($this->current['REFERRAL'])){
-      $this->ldap->referrals= array();
-    } else {
-      $this->ldap->referrals= $this->current['REFERRAL'];
+      if ($sizelimit){
+        $this->ldap->set_size_limit(session::get('size_limit'));
+      } else {
+        $this->ldap->set_size_limit(0);
+      }
+
+      /* Move referrals */
+      if (!isset($this->current['REFERRAL'])){
+        $this->ldap->referrals= array();
+      } else {
+        $this->ldap->referrals= $this->current['REFERRAL'];
+      }
     }
 
-    return ($this->ldap);
+    return new ldapMultiplexer($this->ldap);
   }
 
   function set_current($name)
@@ -318,6 +321,13 @@ class config  {
     /* Convert BASE to have escaped special characters */
     $this->current['BASE']= @LDAP::convert($this->current['BASE']);
 
+    /* Load server informations */
+    $this->load_servers();
+  }
+
+
+  function update_credentials_from_config()
+  {
     /* Parse LDAP referral informations */
     if (!isset($this->current['ADMIN']) || !isset($this->current['PASSWORD'])){
       $url= $this->current['SERVER'];
@@ -326,10 +336,49 @@ class config  {
       $this->current['PASSWORD']= $referral['PASSWORD'];
     }
 
-    /* Load server informations */
-    $this->load_servers();
+    /* Bail out if problematic */
+    if (!isset($this->current['ADMIN']) || !isset($this->current['PASSWORD'])){
+      msg_dialog::display(_("Configuration error"), _("Cannot find any administrative LDAP credentials!"), FATAL_ERROR_DIALOG);
+      exit;
+    }
+  }
+
+
+  function encode_server_url($url, $base, $val)
+  {
+    return (preg_replace("/_+/", "_", "HTTP_".strtr(strtoupper($url."_".md5($base)."_$val"), ".-:/", "____")));
+  }
+
+
+  function get_admin_dn()
+  {
+    $enc= $this->encode_server_url($this->current['SERVER'], $this->current['BASE'], "ADMIN");
+    /* Answer from http request */
+    if (isset($_SERVER[$enc])){
+      return $_SERVER[$enc];
+    }
+
+    /* Answer in old style for compatibility */
+    $this->update_credentials_from_config();
+    return $this->current['ADMIN'];
+  }
+
+
+  function get_admin_password()
+  {
+    $enc= $this->encode_server_url($this->current['SERVER'], $this->current['BASE'], "PASSWORD");
+
+    /* Answer from http request */
+    if (isset($_SERVER[$enc])){
+      return $_SERVER[$enc];
+    }
+
+    /* Answer in old style for compatibility */
+    $this->update_credentials_from_config();
+    return $this->current['PASSWORD'];
   }
 
+
   function load_servers ()
   {
     /* Only perform actions if current is set */
@@ -375,9 +424,7 @@ class config  {
     if ($ldap->count()){
       $attrs= $ldap->fetch();
       $this->data['SERVERS']['KERBEROS']= array( 'SERVER' => $attrs['cn'][0],
-          'REALM' => $attrs['goKrbRealm'][0],
-          'ADMIN' => $attrs['goKrbAdmin'][0],
-          'PASSWORD' => $attrs['goKrbPassword'][0]);
+          'REALM' => $attrs['goKrbRealm'][0]);
     }
 
     /* Get cups server. FIXME: only one is supported currently */
@@ -722,7 +769,7 @@ class config  {
    */
   function getShareList($listboxEntry = false)
   {
-    $tmp = get_sub_list("(&(objectClass=goShareServer)(goExportEntry=*))","",get_ou("serverou"),
+    $tmp = get_sub_list("(&(objectClass=goShareServer)(goExportEntry=*))","server",get_ou("serverou"),
         $this->current['BASE'],array("goExportEntry","cn"), GL_NONE);
     $return =array();
     foreach($tmp as $entry){
GONICUS system administrator (SVN clone)