summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 04f3bb4)
raw | patch | inline | side by side (parent: 04f3bb4)
author | careworks <careworks@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Tue, 23 Jan 2007 14:35:33 +0000 (14:35 +0000) | ||
committer | careworks <careworks@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
Tue, 23 Jan 2007 14:35:33 +0000 (14:35 +0000) |
- Prepare setup to allow for TLS ldap servers somewhere in the future
- Fix incorrect FAQ entry about TLS
git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5601 594d385d-05f5-0310-b6e9-bd551577e9d8
- Fix incorrect FAQ entry about TLS
git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@5601 594d385d-05f5-0310-b6e9-bd551577e9d8
diff --git a/Changelog b/Changelog
index ea6c36dcf1f5bd6fd2f71e568eb147ab8f1b47ed..bd112be9effd1eed705a5bf5a4325152cb721b6b 100644 (file)
--- a/Changelog
+++ b/Changelog
GOsa2 changelog
===============
+* gosa 2.5.9
+ - Fixed ldap tls connections when schema check was being used
* gosa 2.5.8
- Fixed date of birth and shadow expire in template adaption
index 89cdfd27a9211360130d04ae1d5d0c92945df77f..3df30238b1d6112dd1bf08da6b4c0743f2d801bc 100644 (file)
--- a/FAQ
+++ b/FAQ
@@ -269,12 +269,12 @@ Q: I'd like to have TLS based LDAP connections from within GOsa. Is this possibl
A: Yes, add
- <main ...>
+ <location ...>
...
tls="true"
... \>
- to the main section of GOsa. This switch affects all LDAP connections.
+ to the location section of GOsa. This switch affects LDAP connections for a single location only.
Q: Cyrus folder get created in the style user.username. I prefer the unix hirachy
diff --git a/html/index.php b/html/index.php
index 160fd7b5f5d91847d37eed308d8c0616b1e8d838..b920dd7e4c04177ee5f68364e855f74f20685397 100644 (file)
--- a/html/index.php
+++ b/html/index.php
}
if(isset($config->data['MAIN']['SCHEMA_CHECK'])&&preg_match("/true/i",$config->data['MAIN']['SCHEMA_CHECK'])){
require_once("functions_setup.inc");
- if(!is_schema_readable($config->current['SERVER'],$config->current['ADMIN'],$config->current['PASSWORD'])){
+ $recursive = (isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true");
+ $tls = (isset($config->current['TLS']) && $config->current['TLS'] == "true");
+
+ if(!is_schema_readable($config->current['SERVER'], $config->current['ADMIN'], $config->current['PASSWORD'], $recursive, $tls)){
+
print_red(_("GOsa cannot retrieve information about the installed schema files. Please make sure, that this is possible."));
displayLogin();
exit();
}else{
- $str = (schema_check($config->current['SERVER'],$config->current['ADMIN'],$config->current['PASSWORD'],0,TRUE));
+ $str = (schema_check($config->current['SERVER'],$config->current['ADMIN'],$config->current['PASSWORD'], $recursive, $tls, 0, TRUE));
$checkarr = array();
foreach($str as $tr){
if(isset($tr['needonstartup'])){
diff --git a/include/functions.inc b/include/functions.inc
index c4edb994ee2a294126b538d8a8cbd56a4b18b3d7..a07ae3a7e3977433e86f2abe0bb9e6bddfaa4498 100644 (file)
--- a/include/functions.inc
+++ b/include/functions.inc
{
global $config;
- $ldap = new LDAP ($binddn, $pass, $server, isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
+ $ldap = new LDAP ($binddn, $pass, $server,
+ isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
isset($config->current['TLS']) && $config->current['TLS'] == "true");
/* Sadly we've no proper return values here. Use the error message instead. */
index faac360b257ec876734014312c339e06aaa9f47a..7d41ffd9586ea098f34505e041639ae356a5199a 100644 (file)
}
-function is_schema_readable($server, $admin, $password)
+function is_schema_readable($server, $admin, $password, $follow_referrals=FALSE, $tls=FALSE)
{
- $ldap = new LDAP($admin,$password,$server);
+ $ldap = new LDAP($admin, $password, $server, $follow_referrals, $tls);
$tmp = $ldap->get_objectclasses();
if(count($tmp)){
return(false);
}
-function schema_check($server, $admin, $password, $aff=0,$CalledByIndexPhP=false)
+function schema_check($server, $admin, $password, $follow_referrals=FALSE, $tls=FALSE, $aff=0, $CalledByIndexPhP=false)
{
global $config;
);
/* Get objectclasses */
- $ldap = new LDAP($admin,$password, $server);
+ $ldap = new LDAP($admin,$password, $server, $follow_referrals, $tls);
$objectclasses = $ldap->get_objectclasses();
if(count($objectclasses) == 0){
return (array(array("msg" => _("Can't get schema information from server. No schema check possible!"), "status" => FALSE)));
if(!isset($_SESSION['ldapconf']['mail'])){
$_SESSION['ldapconf']['mail']= 0;
}
+ if(!isset($_SESSION['ldapconf']['follow_referrals'])){
+ $_SESSION['ldapconf']['follow_referrals']= FALSE;
+ }
+ if(!isset($_SESSION['ldapconf']['tls'])){
+ $_SESSION['ldapconf']['tls']= FALSE;
+ }
+
$tmp= array_flip($_SESSION['ldapconf']['arr_cryptkeys']);
if(!isset($_SESSION['ldapconf']['arr_crypts'])){
$_SESSION['ldapconf']['arr_crypts'] = $tmp['md5'];
if(isset($_POST['check']) || (isset($_POST['admin'])) && isset($_POST['password'])) {
$ldap= new LDAP($_SESSION['ldapconf']['admin'],
$_SESSION['ldapconf']['password'],
- $_SESSION['ldapconf']['uri']);
+ $_SESSION['ldapconf']['uri'],
+ $_SESSION['ldapconf']['follow_referrals'],
+ $_SESSION['ldapconf']['tls']);
$m= schema_check($_SESSION['ldapconf']['uri'],
$_SESSION['ldapconf']['admin'],
- $_SESSION['ldapconf']['password']);
+ $_SESSION['ldapconf']['password'],
+ $_SESSION['ldapconf']['follow_referrals'],
+ $_SESSION['ldapconf']['tls']);
+
$_SESSION['classes']= $m;
- if(!is_schema_readable($ldapconf['uri'],$ldapconf['admin'],$ldapconf['password'])){
+ //TODO: Ask user for referrals and TLS config options during setup. They are initialized to false at the moment:
+ $ldapconf['follow_referrals'] = false;
+ $ldapconf['tls'] = false;
+ if(!is_schema_readable($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'], $ldapconf['follow_referrals'], $ldapconf['tls'])){
if($withoutput){
print_red(_("Can't read schema informations, GOsa needs to know your schema setup. Please verify that it is readable for GOsa"));
}
$smarty->assign("webgroup", $info['name']);
$smarty->assign("path", CONFIG_DIR);
$message= "<table summary=\"\" class=\"check\">";
- $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'],1);
+
+ //TODO:Ask user for referral and TLS config options during setup. They are initialized to false at the moment:
+ $ldapconf['follow_referrals'] = false;
+ $ldapconf['tls'] = false;
+
+ $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'], $ldapconf['follow_referrals'], $ldapconf['tls'], 1);
if($withoutput) {
$smarty->assign ("schemas", view_schema_check($m));
index 22624f6d7b729eac6b202c2893dccbcd778dd0a5..dd83a1937e2c7239beb6fe1ad79dc3eb19cb566a 100644 (file)
$tldap = new LDAP($ui->dn, $_POST['current_password'],
$config->current['SERVER'],
isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
- isset($config->current['TLS'])
- && $config->current['TLS'] == "true");
+ isset($config->current['TLS']) && $config->current['TLS'] == "true");
if ($tldap->error != "Success"){
$message[]= _("The password you've entered as your current password doesn't match the real one.");
}