![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7a0a362)
raw | patch | inline | side by side (parent: 7a0a362)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Wed, 24 Jan 2007 05:06:35 +0000 (05:06 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Wed, 24 Jan 2007 05:06:35 +0000 (05:06 +0000) |
>Author: careworks
>Date: 2007-01-23 15:35:33 +0100 (Tue, 23 Jan 2007)
>New Revision: 5801
>
>Modified:
> branches/2.5/Changelog
> branches/2.5/FAQ
> branches/2.5/html/index.php
> branches/2.5/include/functions.inc
> branches/2.5/include/functions_setup.inc
> branches/2.5/plugins/personal/password/main.inc
>Log:
>- Fix TLS ldap connections when schema checking is being used
>- Prepare setup to allow for TLS ldap servers somewhere in the future
>- Fix incorrect FAQ entry about TLS
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@5603 594d385d-05f5-0310-b6e9-bd551577e9d8
>Date: 2007-01-23 15:35:33 +0100 (Tue, 23 Jan 2007)
>New Revision: 5801
>
>Modified:
> branches/2.5/Changelog
> branches/2.5/FAQ
> branches/2.5/html/index.php
> branches/2.5/include/functions.inc
> branches/2.5/include/functions_setup.inc
> branches/2.5/plugins/personal/password/main.inc
>Log:
>- Fix TLS ldap connections when schema checking is being used
>- Prepare setup to allow for TLS ldap servers somewhere in the future
>- Fix incorrect FAQ entry about TLS
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@5603 594d385d-05f5-0310-b6e9-bd551577e9d8
diff --git a/Changelog b/Changelog
index 9e9894f477dd72cd0ab181ddced2554b4d6ffb46..cf1ac23a83500055e55e466c8c25d9cb79eb2e8f 100644 (file)
--- a/Changelog
+++ b/Changelog
GOsa2 changelog
===============
+* gosa 2.5.9
+ - Fixed ldap tls connections when schema check was being used
* gosa 2.5.7
- Fixed login.tpl to display error msgs in the middle of the screen
index 37138071f7e4121c0c89ee79ae68bbad124b8ff6..30b4c8e340d10420ae00365c4f35c626d2c6844a 100644 (file)
--- a/FAQ
+++ b/FAQ
@@ -269,12 +269,12 @@ Q: I'd like to have TLS based LDAP connections from within GOsa. Is this possibl
A: Yes, add
- <main ...>
+ <location ...>
...
tls="true"
... \>
- to the main section of GOsa. This switch affects all LDAP connections.
+ to the location section of GOsa. This switch affects LDAP connections for a single location only.
Q: Cyrus folder get created in the style user.username. I prefer the unix hirachy
diff --git a/html/index.php b/html/index.php
index 583f78f88be00158994f3fbda33b199ed617e18e..14a8b30054b09b7d5193d610d50dc41a31cdb0a0 100644 (file)
--- a/html/index.php
+++ b/html/index.php
}
if(isset($config->data['MAIN']['SCHEMA_CHECK'])&&preg_match("/true/i",$config->data['MAIN']['SCHEMA_CHECK'])){
require_once("functions_setup.inc");
- if(!is_schema_readable($config->current['SERVER'],$config->current['ADMIN'],$config->current['PASSWORD'])){
+ $recursive = (isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true");
+ $tls = (isset($config->current['TLS']) && $config->current['TLS'] == "true");
+
+ if(!is_schema_readable($config->current['SERVER'], $config->current['ADMIN'], $config->current['PASSWORD'], $recursive, $tls)){
+
print_red(_("GOsa cannot retrieve information about the installed schema files. Please make sure, that this is possible."));
displayLogin();
exit() ;
}else{
- $str = (schema_check($config->current['SERVER'],$config->current['ADMIN'],$config->current['PASSWORD'],0,TRUE));
+ $str = (schema_check($config->current['SERVER'],$config->current['ADMIN'],$config->current['PASSWORD'], $recursive, $tls, 0, TRUE));
$checkarr = array();
foreach($str as $tr){
if(isset($tr['needonstartup'])){
diff --git a/include/functions.inc b/include/functions.inc
index b1deb986ec57f75b944bff664fe34e9233818f49..9f0aef9e4e863c58b4d8d3877fba539620ceed52 100644 (file)
--- a/include/functions.inc
+++ b/include/functions.inc
{
global $config;
- $ldap = new LDAP ($binddn, $pass, $server, isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
+ $ldap = new LDAP ($binddn, $pass, $server,
+ isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
isset($config->current['TLS']) && $config->current['TLS'] == "true");
/* Sadly we've no proper return values here. Use the error message instead. */
index faac360b257ec876734014312c339e06aaa9f47a..7d41ffd9586ea098f34505e041639ae356a5199a 100644 (file)
}
-function is_schema_readable($server, $admin, $password)
+function is_schema_readable($server, $admin, $password, $follow_referrals=FALSE, $tls=FALSE)
{
- $ldap = new LDAP($admin,$password,$server);
+ $ldap = new LDAP($admin, $password, $server, $follow_referrals, $tls);
$tmp = $ldap->get_objectclasses();
if(count($tmp)){
return(false);
}
-function schema_check($server, $admin, $password, $aff=0,$CalledByIndexPhP=false)
+function schema_check($server, $admin, $password, $follow_referrals=FALSE, $tls=FALSE, $aff=0, $CalledByIndexPhP=false)
{
global $config;
);
/* Get objectclasses */
- $ldap = new LDAP($admin,$password, $server);
+ $ldap = new LDAP($admin,$password, $server, $follow_referrals, $tls);
$objectclasses = $ldap->get_objectclasses();
if(count($objectclasses) == 0){
return (array(array("msg" => _("Can't get schema information from server. No schema check possible!"), "status" => FALSE)));
if(!isset($_SESSION['ldapconf']['mail'])){
$_SESSION['ldapconf']['mail']= 0;
}
+ if(!isset($_SESSION['ldapconf']['follow_referrals'])){
+ $_SESSION['ldapconf']['follow_referrals']= FALSE;
+ }
+ if(!isset($_SESSION['ldapconf']['tls'])){
+ $_SESSION['ldapconf']['tls']= FALSE;
+ }
+
$tmp= array_flip($_SESSION['ldapconf']['arr_cryptkeys']);
if(!isset($_SESSION['ldapconf']['arr_crypts'])){
$_SESSION['ldapconf']['arr_crypts'] = $tmp['md5'];
if(isset($_POST['check']) || (isset($_POST['admin'])) && isset($_POST['password'])) {
$ldap= new LDAP($_SESSION['ldapconf']['admin'],
$_SESSION['ldapconf']['password'],
- $_SESSION['ldapconf']['uri']);
+ $_SESSION['ldapconf']['uri'],
+ $_SESSION['ldapconf']['follow_referrals'],
+ $_SESSION['ldapconf']['tls']);
$m= schema_check($_SESSION['ldapconf']['uri'],
$_SESSION['ldapconf']['admin'],
- $_SESSION['ldapconf']['password']);
+ $_SESSION['ldapconf']['password'],
+ $_SESSION['ldapconf']['follow_referrals'],
+ $_SESSION['ldapconf']['tls']);
+
$_SESSION['classes']= $m;
- if(!is_schema_readable($ldapconf['uri'],$ldapconf['admin'],$ldapconf['password'])){
+ //TODO: Ask user for referrals and TLS config options during setup. They are initialized to false at the moment:
+ $ldapconf['follow_referrals'] = false;
+ $ldapconf['tls'] = false;
+ if(!is_schema_readable($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'], $ldapconf['follow_referrals'], $ldapconf['tls'])){
if($withoutput){
print_red(_("Can't read schema informations, GOsa needs to know your schema setup. Please verify that it is readable for GOsa"));
}
$smarty->assign("webgroup", $info['name']);
$smarty->assign("path", CONFIG_DIR);
$message= "<table summary=\"\" class=\"check\">";
- $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'],1);
+
+ //TODO:Ask user for referral and TLS config options during setup. They are initialized to false at the moment:
+ $ldapconf['follow_referrals'] = false;
+ $ldapconf['tls'] = false;
+
+ $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'], $ldapconf['follow_referrals'], $ldapconf['tls'], 1);
if($withoutput) {
$smarty->assign ("schemas", view_schema_check($m));
index 0d21e6d13b6d96d8077e8bd2c7d1bea208ead57e..a3a98640a0c6cb5bc72cb8e83ee27b04c94fce2e 100644 (file)
$tldap = new LDAP($ui->dn, $_POST['current_password'],
$config->current['SERVER'],
isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
- isset($config->current['TLS'])
- && $config->current['TLS'] == "true");
+ isset($config->current['TLS']) && $config->current['TLS'] == "true");
if ($tldap->error != "Success"){
$message[]= _("The password you've entered as your current password doesn't match the real one.");
}