X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Finclude%2Ffunctions.inc;h=4354fdaea3094d60b6bf72a55b31b7e24029ee0c;hb=5bea5c96bcbaedd8444bb4e96ad636fb3b2ab0cc;hp=5f8c1d0e1eb6602c15c09509581805cfdcd1d9d0;hpb=960a6547805d042eef6eabaf66f6565e4328a162;p=gosa.git
diff --git a/gosa-core/include/functions.inc b/gosa-core/include/functions.inc
index 5f8c1d0e1..4354fdaea 100644
--- a/gosa-core/include/functions.inc
+++ b/gosa-core/include/functions.inc
@@ -21,10 +21,27 @@
*/
/* Configuration file location */
-define ("CONFIG_DIR", "/etc/gosa");
-define ("CONFIG_FILE", "gosa.conf-trunk");
-define ("CONFIG_TEMPLATE_DIR", "../contrib/");
-define ("HELP_BASEDIR", "/var/www/doc/");
+
+/* Allow setting the config patj in the apache configuration
+ e.g. SetEnv CONFIG_FILE /etc/path
+ */
+if(!isset($_SERVER['CONFIG_DIR'])){
+ define ("CONFIG_DIR", "/etc/gosa");
+}else{
+ define ("CONFIG_DIR",$_SERVER['CONFIG_DIR']);
+}
+
+/* Allow setting the config file in the apache configuration
+ e.g. SetEnv CONFIG_FILE gosa.conf.2.5
+ */
+if(!isset($_SERVER['CONFIG_FILE'])){
+ define ("CONFIG_FILE", "gosa.conf");
+}else{
+ define ("CONFIG_FILE",$_SERVER['CONFIG_FILE']);
+}
+
+define ("CONFIG_TEMPLATE_DIR", "../contrib");
+define ("TEMP_DIR","/var/cache/gosa/tmp");
/* Define get_list flags */
define("GL_NONE", 0);
@@ -175,8 +192,8 @@ function get_browser_language()
}
/* Check for global language settings in gosa.conf */
- if(isset($config->data['MAIN']['LANG']) && !empty($config->data['MAIN']['LANG'])) {
- $lang = $config->data['MAIN']['LANG'];
+ if (isset ($config) && $config->get_cfg_value('lang') != ""){
+ $lang = $config->get_cfg_value('lang');
if(!preg_match("/utf/i",$lang)){
$lang .= ".UTF-8";
}
@@ -213,11 +230,8 @@ function get_template_path($filename= '', $plugin= FALSE, $path= "")
{
global $config, $BASE_DIR;
- if (!@isset($config->data['MAIN']['THEME'])){
- $theme= 'default';
- } else {
- $theme= $config->data['MAIN']['THEME'];
- }
+ /* Set theme */
+ $theme= $config->get_cfg_value("theme", "default");
/* Return path for empty filename */
if ($filename == ''){
@@ -334,7 +348,7 @@ function process_htaccess ($username, $kerberos= FALSE)
$config->set_current($name);
$mode= "kerberos";
- if (isset($config->current['KRBSASL']) && preg_match('/^true$/i', $config->current['KRBSASL'])){
+ if ($config->get_cfg_value("krbsasl") == "true"){
$mode= "sasl";
}
@@ -415,8 +429,8 @@ function ldap_login_user ($username, $password)
$ldap->cd($config->current['BASE']);
$allowed_attributes = array("uid","mail");
$verify_attr = array();
- if(isset($config->current['LOGIN_ATTRIBUTE'])){
- $tmp = split(",",$config->current['LOGIN_ATTRIBUTE']);
+ if($config->get_cfg_value("login_attribute") != ""){
+ $tmp = split(",", $config->get_cfg_value("login_attribute"));
foreach($tmp as $attr){
if(in_array($attr,$allowed_attributes)){
$verify_attr[] = $attr;
@@ -598,7 +612,7 @@ function add_lock ($object, $user)
/* Check for existing entries in lock area */
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
$ldap->search("(&(objectClass=gosaLockEntry)(gosaUser=$user)(gosaObject=".base64_encode($object)."))",
array("gosaUser"));
if (!$ldap->success()){
@@ -610,14 +624,14 @@ function add_lock ($object, $user)
if ($ldap->count() == 0){
$attrs= array();
$name= md5($object);
- $ldap->cd("cn=$name,".$config->current['CONFIG']);
+ $ldap->cd("cn=$name,".$config->get_cfg_value("config"));
$attrs["objectClass"] = "gosaLockEntry";
$attrs["gosaUser"] = $user;
$attrs["gosaObject"] = base64_encode($object);
$attrs["cn"] = "$name";
$ldap->add($attrs);
if (!$ldap->success()){
- msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "cn=$name,".$config->current['CONFIG'], 0, ERROR_DIALOG));
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "cn=$name,".$config->get_cfg_value("config"), 0, ERROR_DIALOG));
return;
}
}
@@ -642,7 +656,7 @@ function del_lock ($object)
/* Check for existance and remove the entry */
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
$ldap->search ("(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($object)."))", array("gosaObject"));
$attrs= $ldap->fetch();
if ($ldap->getDN() != "" && $ldap->success()){
@@ -662,7 +676,7 @@ function del_user_locks($userdn)
/* Get LDAP ressources */
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
/* Remove all objects of this user, drop errors silently in this case. */
$ldap->search("(&(objectClass=gosaLockEntry)(gosaUser=$userdn))", array("gosaUser"));
@@ -685,7 +699,7 @@ function get_lock ($object)
/* Get LDAP link, check for presence of the lock entry */
$user= "";
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
$ldap->search("(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($object)."))", array("gosaUser"));
if (!$ldap->success()){
msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "", LDAP_SEARCH, ERROR_DIALOG));
@@ -730,7 +744,7 @@ function get_multiple_locks($objects)
/* Get LDAP link, check for presence of the lock entry */
$user= "";
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
$ldap->search($filter, array("gosaUser","gosaObject"));
if (!$ldap->success()){
msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "", LDAP_SEARCH, ERROR_DIALOG));
@@ -888,16 +902,14 @@ function get_sub_list($filter, $category,$sub_deps, $base= "", $attributes= arra
}else{
/* Sort in every value that fits the permissions */
- if (is_array($category)){
- foreach ($category as $o){
- if ($ui->get_category_permissions($dn, $o) != ""){
- $result[]= $attrs;
- break;
- }
- }
- } else {
- if ( $ui->get_category_permissions($dn, $category) != ""){
+ if (!is_array($category)){
+ $category = array($category);
+ }
+ foreach ($category as $o){
+ if((preg_match("/\//",$o) && preg_match("/r/",$ui->get_permissions($dn,$o))) ||
+ (!preg_match("/\//",$o) && preg_match("/r/",$ui->get_category_permissions($dn, $o)))){
$result[]= $attrs;
+ break;
}
}
}
@@ -958,19 +970,14 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G
}else{
/* Sort in every value that fits the permissions */
- if (is_array($category)){
- foreach ($category as $o){
- if ($ui->get_category_permissions($dn, $o) != ""){
-
- /* We found what we were looking for, break speeds things up */
- $result[]= $attrs;
- }
- }
- } else {
- if ($ui->get_category_permissions($dn, $category) != ""){
-
- /* We found what we were looking for, break speeds things up */
+ if (!is_array($category)){
+ $category = array($category);
+ }
+ foreach ($category as $o){
+ if((preg_match("/\//",$o) && preg_match("/r/",$ui->get_permissions($dn,$o))) ||
+ (!preg_match("/\//",$o) && preg_match("/r/",$ui->get_category_permissions($dn, $o)))){
$result[]= $attrs;
+ break;
}
}
}
@@ -1088,27 +1095,27 @@ function &get_smarty()
}
-function convert_department_dn($dn)
+function convert_department_dn($dn, $base = NULL)
{
- $dep= "";
+ global $config;
+
+ if($base == NULL){
+ $base = $config->current['BASE'];
+ }
/* Build a sub-directory style list of the tree level
specified in $dn */
- foreach (split(',', $dn) as $rdn){
+ $dn = preg_replace("/".normalizePreg($base)."$/i","",$dn);
+ if(empty($dn)) return("/");
- /* We're only interested in organizational units... */
- if (substr($rdn,0,3) == 'ou='){
- $dep= substr($rdn,3)."/$dep";
- }
- /* ... and location objects */
- if (substr($rdn,0,2) == 'l='){
- $dep= substr($rdn,2)."/$dep";
- }
+ $dep= "";
+ foreach (split(',', $dn) as $rdn){
+ $dep = preg_replace("/^[^=]+=/","",$rdn)."/".$dep;
}
/* Return and remove accidently trailing slashes */
- return rtrim($dep, "/");
+ return(trim($dep, "/"));
}
@@ -1134,6 +1141,8 @@ function get_ou($name)
"printerou" => "ou=printers,ou=systems,",
"phoneou" => "ou=phones,ou=systems,",
"componentou" => "ou=netdevices,ou=systems,",
+ "winstations" => "ou=winstation,",
+
"blocklistou" => "ou=gofax,ou=systems,",
"incomingou" => "ou=incoming,",
"aclroleou" => "ou=aclroles,",
@@ -1153,8 +1162,8 @@ function get_ou($name)
"mimetypeou" => "ou=mime,");
/* Preset ou... */
- if (isset($config->current[$name])){
- $ou= $config->current[$name];
+ if ($config->get_cfg_value($name) != ""){
+ $ou= $config->get_cfg_value($name);
} elseif (isset($map[$name])) {
$ou = $map[$name];
return($ou);
@@ -1166,10 +1175,17 @@ function get_ou($name)
if ($ou != ""){
if (!preg_match('/^[^=]+=[^=]+/', $ou)){
- return @LDAP::convert("ou=$ou,");
+ $ou = @LDAP::convert("ou=$ou");
} else {
- return @LDAP::convert("$ou,");
+ $ou = @LDAP::convert("$ou");
+ }
+
+ if(preg_match("/".normalizePreg($config->current['BASE'])."$/",$ou)){
+ return($ou);
+ }else{
+ return("$ou,");
}
+
} else {
return "";
}
@@ -1214,7 +1230,7 @@ function strict_uid_mode()
{
global $config;
- return !(isset($config->current['STRICT']) && preg_match('/^(no|false)$/i', $config->current['STRICT']));
+ return ($config->get_cfg_value("strict") == "true");
}
@@ -1284,7 +1300,7 @@ function gen_locked_message($user, $dn)
} else {
$smarty->assign ("action", _("Edit anyway"));
}
- $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry/entries '%s'"), "".$msg."", ""));
+ $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry/entries %s"), "".$msg."", ""));
return ($smarty->fetch (get_template_path('islocked.tpl')));
}
@@ -2154,10 +2170,10 @@ function get_base_from_hook($dn, $attrib)
{
global $config;
- if (isset($config->current['BASE_HOOK'])){
+ if ($config->get_cfg_value("base_hook") != ""){
/* Call hook script - if present */
- $command= $config->current['BASE_HOOK'];
+ $command= $config->get_cfg_value("base_hook");
if ($command != ""){
$command.= " '".LDAP::fix($dn)."' $attrib";
@@ -2168,17 +2184,17 @@ function get_base_from_hook($dn, $attrib)
return ($output[0]);
} else {
msg_dialog::display(_("Warning"), _("'base_hook' is not available. Using default base!"), WARNING_DIALOG);
- return ($config->current['UIDBASE']);
+ return ($config->get_cfg_value("uidbase"));
}
} else {
msg_dialog::display(_("Warning"), _("'base_hook' is not available. Using default base!"), WARNING_DIALOG);
- return ($config->current['UIDBASE']);
+ return ($config->get_cfg_value("uidbase"));
}
} else {
msg_dialog::display(_("Warning"), _("'base_hook' is not available. Using default base!"), WARNING_DIALOG);
- return ($config->current['UIDBASE']);
+ return ($config->get_cfg_value("uidbase"));
}
}
@@ -2337,6 +2353,7 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA
"pl_PL" => "Polish",
"sv_SE" => "Swedish",
"zh_CN" => "Chinese",
+ "vi_VN" => "Vietnamese",
"ru_RU" => "Russian");
$tmp2= array(
@@ -2349,12 +2366,23 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA
"pl_PL" => _("Polish"),
"sv_SE" => _("Swedish"),
"zh_CN" => _("Chinese"),
+ "vi_VN" => _("Vietnamese"),
"ru_RU" => _("Russian"));
$ret = array();
if($languages_in_own_language){
$old_lang = setlocale(LC_ALL, 0);
+
+ /* If the locale wasn't correclty set before, there may be an incorrect
+ locale returned. Something like this:
+ C_CTYPE=de_DE.UTF-8;LC_NUMERIC=C;LC_TIME=de_DE.UTF-8;LC ...
+ Extract the locale name from this string and use it to restore old locale.
+ */
+ if(preg_match("/LC_CTYPE/",$old_lang)){
+ $old_lang = preg_replace("/^.*LC_CTYPE=([^;]*).*$/","\\1",$old_lang);
+ }
+
foreach($tmp as $key => $name){
$lang = $key.".UTF-8";
setlocale(LC_ALL, $lang);
@@ -2448,9 +2476,9 @@ function change_password ($dn, $password, $mode=0, $hash= "")
/* Extract used hash */
if ($hash == ""){
- $test = passwordMethod::get_method($attrs['userPassword'][0]);
+ $test = passwordMethod::get_method($attrs['userPassword'][0],$dn);
} else {
- $test = new $available[$hash]($config);
+ $test = new $available[$hash]($config,$dn);
$test->set_hash($hash);
}
@@ -2504,7 +2532,9 @@ function change_password ($dn, $password, $mode=0, $hash= "")
} else {
/* Run backend method for change/create */
- $test->set_password($password);
+ if(!$test->set_password($password)){
+ return(FALSE);
+ }
/* Find postmodify entries for this class */
$command= $config->search("password", "POSTMODIFY",array('menu'));
@@ -2523,6 +2553,7 @@ function change_password ($dn, $password, $mode=0, $hash= "")
}
}
}
+ return(TRUE);
}
@@ -2532,7 +2563,7 @@ function generate_smb_nt_hash($password)
global $config;
# Try to use gosa-si?
- if (isset($config->current['GOSA_SI'])){
+ if ($config->get_cfg_value("gosa_si") != ""){
$res= gosaSupportDaemon::send("gosa_gen_smb_hash", "GOSA", array("password" => $password), TRUE);
if (isset($res['XML']['HASH'])){
$hash= $res['XML']['HASH'];
@@ -2540,7 +2571,7 @@ function generate_smb_nt_hash($password)
$hash= "";
}
} else {
- $tmp= $config->data['MAIN']['SMBHASH']." ".escapeshellarg($password);
+ $tmp= $config->get_cfg_value('smbhash')." ".escapeshellarg($password);
@DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute");
exec($tmp, $ar);
@@ -2556,7 +2587,7 @@ function generate_smb_nt_hash($password)
list($lm,$nt)= split (":", trim($hash));
- if ($config->current['SAMBAVERSION'] == 3) {
+ if ($config->get_cfg_value("sambaversion") == 3) {
$attrs['sambaLMPassword']= $lm;
$attrs['sambaNTPassword']= $nt;
$attrs['sambaPwdLastSet']= date('U');
@@ -2579,12 +2610,8 @@ function getEntryCSN($dn)
}
/* Get attribute that we should use as serial number */
- if(isset($config->current['UNIQ_IDENTIFIER'])){
- $attr = $config->current['UNIQ_IDENTIFIER'];
- }elseif(isset($config->data['MAIN']['UNIQ_IDENTIFIER'])){
- $attr = $config->data['MAIN']['UNIQ_IDENTIFIER'];
- }
- if(!empty($attr)){
+ $attr= $config->get_cfg_value("uniq_identifier");
+ if($attr != ""){
$ldap = $config->get_ldap_link();
$ldap->cat($dn,array($attr));
$csn = $ldap->fetch();
@@ -2648,6 +2675,13 @@ function send_binary_content($data,$name,$type = "application/octet-stream")
header("Cache-Control: post-check=0, pre-check=0");
header("Content-type: ".$type."");
+ $HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
+
+ /* Strip name if it is a complete path */
+ if (preg_match ("/\//", $name)) {
+ $name= basename($name);
+ }
+
/* force download dialog */
if (preg_match('/MSIE 5.5/', $HTTP_USER_AGENT) || preg_match('/MSIE 6.0/', $HTTP_USER_AGENT)) {
header('Content-Disposition: filename="'.$name.'"');
@@ -2660,14 +2694,85 @@ function send_binary_content($data,$name,$type = "application/octet-stream")
}
+function reverse_html_entities($str,$type = ENT_QUOTES , $charset = "UTF-8")
+{
+ if(is_string($str)){
+ return(htmlentities($str,$type,$charset));
+ }elseif(is_array($str)){
+ foreach($str as $name => $value){
+ $str[$name] = reverse_html_entities($value,$type,$charset);
+ }
+ }
+ return($str);
+}
+
+
/*! \brief Encode special string characters so we can use the string in \
HTML output, without breaking quotes.
@param The String we want to encode.
@return The encoded String
-*/
+ */
function xmlentities($str)
+{
+ if(is_string($str)){
+
+ static $asc2uni= array();
+ if (!count($asc2uni)){
+ for($i=128;$i<256;$i++){
+ # $asc2uni[chr($i)] = "".dechex($i).";";
+ }
+ }
+
+ $str = str_replace("&", "&", $str);
+ $str = str_replace("<", "<", $str);
+ $str = str_replace(">", ">", $str);
+ $str = str_replace("'", "'", $str);
+ $str = str_replace("\"", """, $str);
+ $str = str_replace("\r", "", $str);
+ $str = strtr($str,$asc2uni);
+ return $str;
+ }elseif(is_array($str)){
+ foreach($str as $name => $value){
+ $str[$name] = xmlentities($value);
+ }
+ }
+ return($str);
+}
+
+
+/*! \brief Updates all accessTo attributes from a given value to a new one.
+ For example if a host is renamed.
+ @param String $from The source accessTo name.
+ @param String $to The destination accessTo name.
+*/
+function update_accessTo($from,$to)
{
- return (htmlentities($str,ENT_QUOTES));
+ global $config;
+ $ldap = $config->get_ldap_link();
+ $ldap->cd($config->current['BASE']);
+ $ldap->search("(&(objectClass=trustAccount)(accessTo=".$from."))",array("objectClass","accessTo"));
+ while($attrs = $ldap->fetch()){
+ $new_attrs = array("accessTo" => array());
+ $dn = $attrs['dn'];
+ for($i = 0 ; $i < $attrs['objectClass']['count']; $i++){
+ $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
+ }
+ for($i = 0 ; $i < $attrs['accessTo']['count']; $i++){
+ if($attrs['accessTo'][$i] == $from){
+ if(!empty($to)){
+ $new_attrs['accessTo'][] = $to;
+ }
+ }else{
+ $new_attrs['accessTo'][] = $attrs['accessTo'][$i];
+ }
+ }
+ $ldap->cd($dn);
+ $ldap->modify($new_attrs);
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, "update_accessTo($from,$to)"));
+ }
+ new log("modify","update_accessTo($from,$to)",$dn,array_keys($new_attrs),$ldap->get_error());
+ }
}
@@ -2680,7 +2785,25 @@ function get_random_char () {
} else {
return (chr ($randno + 59)); // Lowercase
}
- }
+}
+
+
+function cred_encrypt($input, $password) {
+
+ $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
+ $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
+
+ return bin2hex(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $password, $input, MCRYPT_MODE_ECB, $iv));
+
+}
+
+function cred_decrypt($input,$password) {
+ $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
+ $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
+
+ return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $password, pack("H*", $input), MCRYPT_MODE_ECB, $iv);
+}
+
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>