![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index 570c3ec2c4476cdad0d2159a3a52e430335bf11a..7d41ffd9586ea098f34505e041639ae356a5199a 100644 (file)
}
-function is_schema_readable($server, $admin, $password)
+function is_schema_readable($server, $admin, $password, $follow_referrals=FALSE, $tls=FALSE)
{
- $ds= ldap_connect ($server);
- if (!$ds) {
- return (false);
- }
- ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
- $r= ldap_bind ($ds, $admin, $password);
-
- /* Get base to look for schema */
- $sr = @ldap_read ($ds, NULL, "objectClass=*", array("subschemaSubentry"));
- $attr= @ldap_get_entries($ds,$sr);
- if (!isset($attr[0]['subschemasubentry'][0])){
- return (false);
- }
+ $ldap = new LDAP($admin, $password, $server, $follow_referrals, $tls);
+ $tmp = $ldap->get_objectclasses();
- $nb= $attr[0]['subschemasubentry'][0];
- $objectclasses= array();
- $sr= ldap_read ($ds, $nb, "objectClass=*", array("objectclasses"));
- $attrs= ldap_get_entries($ds,$sr);
- if (!isset($attrs[0])){
- return (false);
+ if(count($tmp)){
+ return(true);
}
- return(true);
+ return(false);
}
-function schema_check($server, $admin, $password, $aff=0,$CalledByIndexPhP=false)
+function schema_check($server, $admin, $password, $follow_referrals=FALSE, $tls=FALSE, $aff=0, $CalledByIndexPhP=false)
{
global $config;
@@ -92,35 +77,13 @@ function schema_check($server, $admin, $password, $aff=0,$CalledByIndexPhP=false
"goFaxServer" => array("version" => "2.4", "class" => "gofaxAccount","file" => "gofax.schema"),
);
- /* Build LDAP connection */
- $ds= ldap_connect ($server);
- if (!$ds) {
- return (array(array("msg" => _("Can't bind to LDAP. No schema check possible!"), "status" => FALSE)));
- }
- ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
- $r= ldap_bind ($ds, $admin, $password);
-
- /* Get base to look for schema */
- $sr = @ldap_read ($ds, NULL, "objectClass=*", array("subschemaSubentry"));
- $attr= @ldap_get_entries($ds,$sr);
- if (!isset($attr[0]['subschemasubentry'][0])){
+ /* Get objectclasses */
+ $ldap = new LDAP($admin,$password, $server, $follow_referrals, $tls);
+ $objectclasses = $ldap->get_objectclasses();
+ if(count($objectclasses) == 0){
return (array(array("msg" => _("Can't get schema information from server. No schema check possible!"), "status" => FALSE)));
}
- /* Get list of objectclasses */
- $nb= $attr[0]['subschemasubentry'][0];
- $objectclasses= array();
- $sr= ldap_read ($ds, $nb, "objectClass=*", array("objectclasses"));
- $attrs= ldap_get_entries($ds,$sr);
- if (!isset($attrs[0])){
- return (array(array("msg" => _("Can't get schema information from server. No schema check possible!"), "status" => FALSE)));
- }
- foreach ($attrs[0]['objectclasses'] as $val){
- $name= preg_replace("/^.* NAME\s+\(*\s*'([^']+)'\s*\)*.*$/", '\\1', $val);
- if ($name != $val){
- $objectclasses[$name]= $val;
- }
- }
/* Walk through objectclasses and check if they are needed or not */
foreach ($required_classes as $key => $value){
if (isset($value['class'])){
@@ -247,23 +210,33 @@ function schema_check($server, $admin, $password, $aff=0,$CalledByIndexPhP=false
$affich['nagioscontact']['status']= true;
}
+ if ((!isset($objectclasses['apple-user'])) || (!isset($objectclasses['mount'])) ){
+ $messages['netatalk']['msg']= _("Support for netatalk disabled, no schema seems to be installed");
+ $affich['netatalk']['msg']= $messages['netatalk']['msg']."<td class=\"check\">apple.schema</td>";
+ $messages['netatalk']['status']= FALSE;
+ $affich['netatalk']['status']= FALSE;
+ }else{
+ $affich['netatalk']['msg']= _("Support for netatalk enabled")."<td class=\"check\">apple.schema</td>";
+ $affich['netatalk']['status']= true;
+ }
+
/* Fix for PHP Fehler "Undefined index: ldapconf"
* Ablaufverfolgung[1]: Funktion schema_check Datei: /home/hickert/gosa/include/functions_setup.inc (Zeile 230)
*/
- if(isset($_SESSION['ldapconf']['mail_methods'])){
- if(($_SESSION['ldapconf']['mail_methods'][$_SESSION['ldapconf']['mail']] == "kolab")&&(!$CalledByIndexPhP)){
- if(!isset($objectclasses['kolabInetOrgPerson'])) {
- $messages['kolab']['msg']= _("Support for Kolab disabled, no schema seems to be installed, setting mail-method to cyrus");
- $affich['kolab']['msg']=$messages['kolab']['msg']."<td class=\"check\">kolab2.schema</td>";
- $tmp= array_flip($_SESSION['ldapconf']['mail_methods']);
- $_SESSION['ldapconf']['mail']=$tmp['cyrus'];
- $messages['kolab']['status']= FALSE;
- $affich['kolab']['status']= FALSE;
- }else{
- $affich['kolab']['msg']=_("Support for Kolab enabled")."<td class=\"check\">gofon.schema</td>";
- $affich['kolab']['status']= TRUE;
- }
- }
+ if((isset($_SESSION['ldapconf']['mail_methods']))&&(isset($_SESSION['ldapconf']))){
+ if(($_SESSION['ldapconf']['mail_methods'][$_SESSION['ldapconf']['mail']] == "kolab")&&(!$CalledByIndexPhP)){
+ if(!isset($objectclasses['kolabInetOrgPerson'])) {
+ $messages['kolab']['msg']= _("Support for Kolab disabled, no schema seems to be installed, setting mail-method to cyrus");
+ $affich['kolab']['msg']=$messages['kolab']['msg']."<td class=\"check\">kolab2.schema</td>";
+ $tmp= array_flip($_SESSION['ldapconf']['mail_methods']);
+ $_SESSION['ldapconf']['mail']=$tmp['cyrus'];
+ $messages['kolab']['status']= FALSE;
+ $affich['kolab']['status']= FALSE;
+ }else{
+ $affich['kolab']['msg']=_("Support for Kolab enabled")."<td class=\"check\">gofon.schema</td>";
+ $affich['kolab']['status']= TRUE;
+ }
+ }
}
if($aff==0){
return ($messages);
$msg= "";
$msg.= "<h1>"._("PHP setup inspection")."</h1>";
+
$msg.= check ( $faults, _("Checking for PHP version (>=4.1.0)"),
_("PHP must be of version 4.1.0 or above for some functions and known bugs in PHP language."),
version_compare(phpversion(), "4.1.0")>=0);
$msg.= check ( $faults, _("Checking if register_globals is set to 'off'"),
_("register_globals is a PHP mechanism to register all global varibales to be accessible from scripts without changing the scope. This may be a security risk. GOsa will run in both modes."),
$check_globals == 0, FALSE);
+
+ $msg.= check ( $faults, _("PHP session.gc_maxlifetime (>= 86400 seconds)."),
+ _("PHP uses this value for the garbage collector to delete old sessions, setting this value to one day will prevent loosing session and cookie before they really timeout."),
+ ini_get("session.gc_maxlifetime") >= 86400,FALSE);
$msg.= check ( $faults, _("Checking for ldap module"),
_("This is the main module used by GOsa and therefore really required."),
$result= "<a href='http://de.php.net/manual/en/function.";
/* Replace all underscores with hyphens (phpdoc convention) */
+ /* hjb: added alternative check for GraphicsMagick >= 1.1.2 */
$function_name= str_replace("_", "-", $function_name);
/* Append to base URL */
$output= shell_exec ($query);
if ($output != ""){
$lines= split ("\n", $output);
- $version= preg_replace ("/^Version:.+Magick ([^\s]+).*/", "\\1", $lines[0]);
- list($major, $minor)= split("\.", $version);
- $msg.= check ( $faults, _("Checking for ImageMagick (>=5.4.0)"),
- _("ImageMagick is used to convert user supplied images to fit the suggested size and the unified JPEG format."),
- ($major > 5 || ($major == 5 && $minor >= 4)));
+ $version= preg_replace ("/^Version: (.+Magick) ([^\s]+).*/", "\\1 \\2", $lines[0]);
+ list($prog, $version) = split(" ", $version);
+ list($major, $minor,$minor2)= split("\.", $version);
+ if (preg_match('/GraphicsMagick/', $prog)) {
+ $msg.= check ( $faults, _("Checking for GraphicsMagick (>=1.1.2)"),
+ _("GraphicsMagick is used to convert user supplied images to fit the suggested size and the unified JPEG format."),
+ ($major > 1 || ($major == 1 && $minor >= 1) || ($major == 1 && $minor == 1 && $minor2 >= 2) ) );
+ } else {
+ $msg.= check ( $faults, _("Checking for ImageMagick (>=5.4.0)"),
+ _("ImageMagick is used to convert user supplied images to fit the suggested size and the unified JPEG format."),
+ ($major > 5 || ($major == 5 && $minor >= 4)));
+ }
} else {
$msg.= check ( $faults, _("Checking imagick module for PHP"),
_("Imagick is used to convert user supplied images to fit the suggested size and the unified JPEG format from PHP script."), function_exists('imagick_blob2image'), TRUE);
$possible_plugins['pureftp'][] = "'\n.*<tab.*pureftp.*>.*\n'i";
$possible_plugins['webdav'][] = "'\n.*<tab.*webdav.*>.*\n'i";
$possible_plugins['phpgroupware'][]= "'\n.*<tab.*phpgroupware.*>.*\n'i";
+ $possible_plugins['netatalk'][0] = "'\n.*<plugin.*netatalk+.*\n.*>.*\n'i";
+ $possible_plugins['netatalk'][1] = "'\n.*<tab.*netatalk.*>.*\n'i";
/*Header information
Needed to send the generated gosa.conf to the browser */
$str = str_replace("mailMethod=\"{MAILMETHOD}\"","",$str);
}
-
/* Remove all unused plugins */
- foreach($possible_plugins as $key=> $plugin) {
- foreach($plugin as $key=>$val) {
- if(in_array($plugin,$classes)) {
+ foreach(array_keys($possible_plugins) as $akey) {
+ if(array_key_exists($akey,$classes)) {
+ foreach($possible_plugins[$akey] as $key=>$val) {
$str = preg_replace($val,"\n",$str);
}
}
/* Show setup_page 1 */
function show_setup_page1($withoutput = true)
{
- $faults = array();
+ $faults = false;
+ $faults2 = false;
$smarty = get_smarty();
$smarty->assign ("content", get_template_path('setup_introduction.tpl'));
$smarty->assign ("tests", perform_php_checks($faults));
- $smarty->assign ("detailed_tests", perform_additional_function_checks($faults));
+ $smarty->assign ("detailed_tests", perform_additional_function_checks($faults2));
+
+ $faults = $faults || $faults2;
/* This var is true if anything went wrong */
if ($faults){
$smarty->display (get_template_path('setup.tpl'));
}
- return (!$faults);
+ return ($faults);
}
/* Show setup_page 2 */
function show_setup_page2($withoutput = true)
{
- $faults = array();
+ $faults = false;
$smarty = get_smarty();
$smarty->assign ("content", get_template_path('setup_step2.tpl'));
$smarty->assign ("tests", perform_additional_checks($faults));
$smarty->display (get_template_path('setup.tpl'));
}
- return (!$faults);
+ return ($faults);
}
/* No error till now */
$fault = false;
- /* If we pushed the Button continue */
- if(isset($_POST['continue3'])){
- if(!isset($uri)) {
- $fault = true;
-
- /* Output the Error */
- if($withoutput) {
- print_red (_("You've to specify an ldap server before continuing!"));
- $smarty->assign ("content", get_template_path('setup_step3.tpl'));
- }
- }
- } elseif (!$ds = @ldap_connect (validate($uri))) {
+ if (!$ds = @ldap_connect (validate($uri))) {
$fault =true;
/* Output the Error */
$smarty->display (get_template_path('setup.tpl'));
}
- return (!$fault);
+ return ($fault);
}
function show_setup_page4($withoutput = true)
{
$smarty= get_smarty();
+ $checkvars = array("location", "admin", "password", "peopleou", "base",
+ "peopledn", "arr_crypts", "uidbase","errorlvl");
+
+ $fault = false;
+ $uri = $_SESSION['ldapconf']['uri'];
+ $ldapconf = $_SESSION['ldapconf'];
+ $arr_crypts= array();
+ $temp = "";
+
+ /* check POST data */
+ if(isset($_POST['check'])) {
+
+ /* Check if all needed vars are submitted */
+ foreach($checkvars as $key) {
+ if($key == "peopleou"){
+ continue;
+ }
+ if($key == "groupou"){
+ continue;
+ }
+
+ if((isset($_POST[$key]))&&(!empty($_POST[$key]))) {
+ $_SESSION['ldapconf'][$key] = $_POST[$key];
+ } else {
+ if($withoutput) {
+ print_red(sprintf(_("You're missing the required attribute '%s' from this formular. Please complete!"), $key));
+ }
+ $fault = true;
+ }
+ }
+ }
+
+ /* Transfer base */
+ if(isset($_POST['base'])){
+ $_SESSION['ldapconf']['base']= $_POST['base'];
+ }
// ?
if(!isset($_SESSION['ldapconf']['base'])){
}
require_once("class_password-methods.inc");
- $fault = false;
- $uri = $_SESSION['ldapconf']['uri'];
- $ldapconf = $_SESSION['ldapconf'];
- $arr_crypts= array();
- $temp = "";
- $checkvars = array("location", "admin", "password", "peopleou", "base",
- "peopledn", "arr_crypts", "mail", "uidbase","errorlvl");
-
if(!isset($_SESSION['ldapconf']['arr_cryptkeys'])) {
require_once("class_password-methods.inc");
$tmp= passwordMethod::get_available_methods_if_not_loaded();
/* If there are some empty vars in ldapconnect -
these values also represent out default values */
- if(!$ds = @ldap_connect (validate($uri))){
+ if(!$ds = @ldap_connect (validate($uri))){
$fault = true;
if($withoutput){
print_red (_("Can't connect to the specified LDAP server! Please make sure that is reachable for GOsa."));
} elseif(!@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3)){
$fault = true;
if($withoutput){
- print_red (_("Can't bind to the specified LDAP server! Please make sure that it is reachable for GOsa."));
+ print_red (_("Can't set ldap protocol version 3."));
}
} elseif(!$r= @ldap_bind ($ds)){
$fault = true;
if($withoutput){
- print_red (_("Can't bind to the specified LDAP server! Please make sure that it is reachable for GOsa."));
+ print_red (_("Could not bind to the specified LDAP server! Please make sure that it is reachable for GOsa."));
}
} else {
- $sr= @ldap_search ($ds, NULL, "objectClass=*", array("namingContexts"));
+ $sr= @ldap_search ($r, NULL, "objectClass=*", array("namingContexts"));
$attr= @ldap_get_entries($ds,$sr);
if((empty($attr))) {
- $base= "dc=example,dc=net";
if($withoutput){
- print_red(_("Bind to server successful, but the server seems to be completly empty, please check all information twice"));
+# print_red(_("Bind to server successful, but the server seems to be completly empty, please check all information twice"));
}
} else {
if(!isset($_SESSION['ldapconf']['mail'])){
$_SESSION['ldapconf']['mail']= 0;
}
- $tmp= array_flip($_SESSION['ldapconf']['arr_cryptkeys']);
- if(!isset($_SESSION['ldapconf']['arr_crypts'])){
- $_SESSION['ldapconf']['arr_crypts'] = $tmp['md5'];
+ if(!isset($_SESSION['ldapconf']['follow_referrals'])){
+ $_SESSION['ldapconf']['follow_referrals']= FALSE;
}
-
- /* check POST data */
- if(isset($_POST['check'])) {
-
- /* Check if all needed vars are submitted */
- foreach($checkvars as $key) {
- if($key == "peopleou"){
- continue;
- }
- if($key == "groupou"){
- continue;
- }
-
- if((isset($_POST[$key]))&&($_POST[$key]!="")) {
- $_SESSION['ldapconf'][$key] = $_POST[$key];
- } else {
- if($withoutput) {
- print_red(sprintf(_("You're missing the required attribute '%s' from this formular. Please complete!"), $key));
- }
- $fault = true;
- }
- }
+ if(!isset($_SESSION['ldapconf']['tls'])){
+ $_SESSION['ldapconf']['tls']= FALSE;
}
- /* Transfer base */
- if(isset($_POST['base'])){
- $_SESSION['ldapconf']['base']= $_POST['base'];
+ $tmp= array_flip($_SESSION['ldapconf']['arr_cryptkeys']);
+ if(!isset($_SESSION['ldapconf']['arr_crypts'])){
+ $_SESSION['ldapconf']['arr_crypts'] = $tmp['md5'];
}
$smarty->assign("arr_cryptkeys",$_SESSION['ldapconf']['arr_cryptkeys']);
$smarty->assign($key,$val);
}
- if(isset($_POST['check'])) {
+ if(isset($_POST['check']) || (isset($_POST['admin'])) && isset($_POST['password'])) {
$ldap= new LDAP($_SESSION['ldapconf']['admin'],
$_SESSION['ldapconf']['password'],
- $_SESSION['ldapconf']['uri']);
+ $_SESSION['ldapconf']['uri'],
+ $_SESSION['ldapconf']['follow_referrals'],
+ $_SESSION['ldapconf']['tls']);
$m= schema_check($_SESSION['ldapconf']['uri'],
$_SESSION['ldapconf']['admin'],
- $_SESSION['ldapconf']['password']);
+ $_SESSION['ldapconf']['password'],
+ $_SESSION['ldapconf']['follow_referrals'],
+ $_SESSION['ldapconf']['tls']);
+
$_SESSION['classes']= $m;
- if(!is_schema_readable($ldapconf['uri'],$ldapconf['admin'],$ldapconf['password'])){
+ //TODO: Ask user for referrals and TLS config options during setup. They are initialized to false at the moment:
+ $ldapconf['follow_referrals'] = false;
+ $ldapconf['tls'] = false;
+ if(!is_schema_readable($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'], $ldapconf['follow_referrals'], $ldapconf['tls'])){
if($withoutput){
print_red(_("Can't read schema informations, GOsa needs to know your schema setup. Please verify that it is readable for GOsa"));
}
if($withoutput){
$smarty->display (get_template_path('setup.tpl'));
}
- return (!$fault);
+
+ return ($fault);
}
$smarty->assign("webgroup", $info['name']);
$smarty->assign("path", CONFIG_DIR);
$message= "<table summary=\"\" class=\"check\">";
- $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'],1);
+
+ //TODO:Ask user for referral and TLS config options during setup. They are initialized to false at the moment:
+ $ldapconf['follow_referrals'] = false;
+ $ldapconf['tls'] = false;
+
+ $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'], $ldapconf['follow_referrals'], $ldapconf['tls'], 1);
if($withoutput) {
$smarty->assign ("schemas", view_schema_check($m));
We check that, if this user or group is missing we ask for creating them */
$ldap= new LDAP($_SESSION['ldapconf']['admin'], $_SESSION['ldapconf']['password'], $_SESSION['ldapconf']['uri']);
- /*
- Now we are testing for a group, with the rights :all
- */
-
+ /* Now we are testing for a group, with the rights :all */
$ldap->cd($ldapconf['base']);
$ldap->search("(&(objectClass=gosaObject)(gosaSubtreeACL=:all))");
$group_cnt = $ldap->count();
$data = $ldap->fetch();
-// $str_there = "Searching for Aminitrative users <br><br>";
-
- /*
- We need to create administrative user and group because theres no group found
- */
+ /* We need to create administrative user and group because there was no group found */
if($group_cnt < 1) {
- /*
- Set var to create user
- */
-// $str_there = "no group found<br>";
-
$need_to_create_group = true;
$need_to_create_user = true;
-
/* Output error */
- if(($withoutput)&&(!isset($_POST['new_admin']))){
- print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
- }
+# if(($withoutput)&&(!isset($_POST['new_admin']))){
+# print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
+# }
} else {
-// $str_there = "Group found <br>".$data['dn'];
-
$need_to_create_group = false;
-
$ldap->clearResult();
- /* We found an Administrative Group, is there a user, too */
+ /* We found an Administrative Group, is there a user too ? */
if(isset($data['memberUid'][0])) {
- $str = "uid=".$data['memberUid']['0'];
+ $str = "uid=".$data['memberUid']['0'];
$ldap->search("(&(objectClass=gosaAccount)(objectClass=person)(".$str."))");
- $data2 = $ldap->fetch();
+ $data2 = $ldap->fetch();
/* We must create a user */
if (($ldap->count() < 1)||(!isset($data2))) {
-// $str_there.="Missing user";
-
$need_to_create_user = true;
-
- if(($withoutput)&&(!isset($_POST['new_admin']))){
- print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
- }
+# if(($withoutput)&&(!isset($_POST['new_admin']))){
+# print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
+# }
}else {
-// $str_there.="<br>User found <br>".$data2['dn'];
$need_to_create_user = false;
}
} else {
$need_to_create_user=true;
- if(($withoutput)&&(!isset($_POST['new_admin']))){
- print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
- }
-// $str_there.="<br>No User found <br>";
+# if(($withoutput)&&(!isset($_POST['new_admin']))){
+# print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
+# }
}
}
$ldap->cd($dn);
$ldap->add($arr);
if($ldap->error!="Success"){
- print_red($ldap->error);
- print_red("Can't create user, and / or Group, possibly this problem depends on an empty LDAP server. Check your configuration and try again!");
+ show_ldap_error($ldap->get_error(),_("User and/or group could not be created, please check your configuration twice !"));
}
}
}
return(true);
} else {
- if((!isset($create_user))||(!($create_user))) {
+ if((!isset($need_to_create_user))||(!($need_to_create_user))) {
$smarty->assign ("content", get_template_path('setup_useradmin.tpl'));
$smarty->assign("exists",true);
} else {