Commit 48333c0e authored by bmortier's avatar bmortier

Merge branch '1.0.10'

Signed-off-by: bmortier's avatarMortier Benoit <benoit.mortier@opensides.be>

Conflicts:
	Changelog
	contrib/bin/fusiondirectory-setup
	contrib/docs/UPGRADE
	contrib/man/fusiondirectory-insert-schema.1
	contrib/man/fusiondirectory-setup.1
	contrib/man/fusiondirectory.conf.5
	html/index.php
	include/class_config.inc
	include/functions.inc
	include/simpleplugin/class_simplePlugin.inc
	include/variables_common.inc
	locale/ar/fusiondirectory.po
	locale/ca/fusiondirectory.po
	locale/cs_CZ/fusiondirectory.po
	locale/de/fusiondirectory.po
	locale/el_GR/fusiondirectory.po
	locale/en/fusiondirectory.po
	locale/es/fusiondirectory.po
	locale/es_CO/fusiondirectory.po
	locale/es_VE/fusiondirectory.po
	locale/fa_IR/fusiondirectory.po
	locale/fr/fusiondirectory.po
	locale/id/fusiondirectory.po
	locale/it_IT/fusiondirectory.po
	locale/lv/fusiondirectory.po
	locale/nb/fusiondirectory.po
	locale/nl/fusiondirectory.po
	locale/pl/fusiondirectory.po
	locale/pt/fusiondirectory.po
	locale/pt_BR/fusiondirectory.po
	locale/ru/fusiondirectory.po
	locale/ru@petr1708/fusiondirectory.po
	locale/sv/fusiondirectory.po
	locale/ug/fusiondirectory.po
	locale/vi_VN/fusiondirectory.po
	locale/zh/fusiondirectory.po
	plugins/admin/groups/class_ogroup.inc
parents a9be5a0f 820264f2
......@@ -2,7 +2,7 @@
host = https://www.transifex.com
type = PO
[FusionDirectory-109.core]
[FusionDirectory-110.core]
file_filter = locale/<lang>/fusiondirectory.po
source_file = locale/en/fusiondirectory.po
source_lang = en
......
FusionDirectory changelog
=========================
* FusionDirectory 1.0.10
[Feature] Bugs #1217: DNS service must be redone
|Fix] Bugs #2171: creating CNAME entries is not intuitive
|Fix] Bugs #2573: when changing the address range of a no used zone name, the reverse of the dns of this zone break
|Fix] Bugs #4251: When I have DNS zone created, DNS plugin asks for subnet and netmask for that zone.
|Fix] Bugs #4468: Error when I try to move a system with the DNS tab activate
|Fix] Bugs #4476: rewrite the part about fusiondirectory core in the documentation
|Fix] Bugs #4477: rewrite the configuration password recovery page as this as been integrated into the configuration in core
|Fix] Bugs #4480: LDAP::convert and LDAP::fix functions are causing problems
|Fix] Bugs #4482: Debug log prevent connection in some cases
[Feature] Bugs #4484: allow ldap ipv6 uris
|Fix] Bugs #4490: nagios.tpl file is not used anymore
|Fix] Bugs #4495: Use ldap_escape in compute_dn
[Feature] Bugs #4496: DNS plugin should support RFC 2317 for reverse zones
|Fix] Bugs #4498: Bad error message when we will use a GID with a non-existent group
[Feature] Bugs #4504: Support for split horizon should be added
|Fix] Bugs #4505: fusiondirectory-setup --migrate-users not work when the users don't have all the samba attributs
|Fix] Bugs #4508: second email and first email are inverted in the password recovery configuration page
|Fix] Bugs #4509: Force GID option is broken
|Fix] Bugs #4511: Add a button to launch argonaut-ldap2zone from FusionDirectory
|Fix] Bugs #4512: when using cyrus in unix hierarchy mode and creating a user and activating mail tab at the same time, the mailbox is not created
|Fix] Bugs #4514: It takes too long to load the reference tab for a DNS zone
[Feature] Bugs #4515: fusiondirectory-setup need an option to migrate the dns 1.0.9.x version to 1.0.10
|Fix] Bugs #4517: Some obsolete objectClass are still searched for in config
|Fix] Bugs #4518: Plugin deletion contains some useless ldap operation
|Fix] Bugs #4519: ldap::rmdir_recursive is not optimal
|Fix] Bugs #4520: Syslog server field should be removed
|Fix] Bugs #4521: LDAP server field should be removed (gotoLdapField)
|Fix] Bugs #4523: ntp server should be removed
[Feature] Bugs #4525: we should have attribute for start and end date into the personal-fd.schema and add it to the personal schema
[Feature] Bugs #4526: add "co" attribute into personal-fd.schema and into personal plugin
[Feature] Bugs #4527: create a community plugin to manage community aka organization and projects
[Feature] Bugs #4528: tab community on the user
[Feature] Bugs #4529: The category in department and organization should be a dropdown filled from the configuration backend
[Feature] Bugs #4530: in the department and organization we need to add the labeledUri
[Feature] Bugs #4531: The co (country friendlyName) in department and organization should be added and be dropdown filled from the configuration backend
[Feature] Bugs #4532: the personal plugin should have a field where we can put the badge number
[Feature] Bugs #4533: make a subcontracting plugin
|Fix] Bugs #4540: Problème avec les vcf (vcards)
|Fix] Bugs #4541: [intégration du schéma OPENNEBULA et création du plugin de gestion des groupes]
|Fix] Bugs #4542: fusiondirectory-setup --deprecated-ldif not found the asterisk deprecated
[Feature] Bugs #4543: Add an option to fusiondirectory-setup to see the uid that are duplicated
[Feature] Bugs #4544: Possibility to see the uid that are duplicate when we install FusionDirectory
|Fix] Bugs #4545: When we migrate an old FusionDirectory we not have argonautClientProtocol attribute
|Fix] Bugs #4555: the terminal plugin has an error with the latest ntp removal fix
|Fix] Bugs #4557: when a user is on top people branch and get an acl in subtree for a lower branch i get " The supplied base is not valid and has been reset to the previous value! "
[Feature] Bugs #4561: be able to select all user from ou=people,dc=opensides,dc=be but be confined to your branch for all the rest
[Feature] Bugs #4562: add http auth
|Fix] Bugs #4563: DNS zone serial is not updated when record are changed through the DNS tab of a system
|Fix] Bugs #4569: Groups containing unknown type objects or deleted objects does not appear
|Fix] Bugs #4575: Error with samba plugin and sambantpassword attribute
[Feature] Bugs #4576: create tab for the plugin community onto organization and department
[Feature] Bugs #4580: Newsletter plugin
|Fix] Bugs #4591: It’s impossible to delete root records in DNS zones
|Fix] Bugs #4592: its best if we use the /html/themes everywher in place of /html/images evertime is possible
|Fix] Bugs #4600: 'base' sticky or not ?
|Fix] Bugs #4602: assignements / object selection step : sometimes the current object doesn't shows up
|Fix] Bugs #4603: With debug set, toggle button is absent when selecting users to add them to a group
|Fix] Bugs #4605: inside group selections of users, the selections is not showing all users
[Feature] Bugs #4606: the login column is missing in the groupOfname user selection list
|Fix] Bugs #4608: assignements / object selection step : sometimes the current object doesn't shows up
|Fix] Bugs #4610: postalAddress (and homepostalAddress) content should stick to the RFC
|Fix] Bugs #4610: postalAddress (and homepostalAddress) content should stick to the RFC
|Fix] Bugs #4611: setRequired should be public
|Fix] Bugs #4613: Error about sambaUnixIdPool is unclear
|Fix] FusionDirectory plugins - Bugs #4620: postalAddress (and homepostalAddress) content should stick to the RFC
|Fix] FusionDirectory plugins - Bugs #4622: DNS record should be sorted
[Feature] Wishlist #2843: Assigning multiple domain names for servers.
[Feature] Wishlist #3265: rewrite DNS plugins
|Fix] Wishlist #4252: Systems plugin - when enable "Add to DNS" should be able to check about adding PTR and more A records
|Fix] Wishlist #4478: Using %askme% in User id and group id in templates does not work
|Fix] Wishlist #4486: possible documentation tweaks
|Fix] Wishlist #4492: "login" name in group add page
|Fix] Wishlist #4497: The order of user id and group id are inverted
[Feature] Wishlist #4560: community users and entities management specifications
[Feature] Wishlist #4564: Add a C modifier for counting an array
[Feature] Wishlist #4565: Fixedbutton themes should replace the default one
[Feature] Wishlist #4609: Add "project/org full name" attribute in dep community's tab
* FusionDirectory 1.0.9.3
Bugs #4444: Debug log prevent connection in some cases
Bugs #4452: Adding a user to a group using "Groups and roles" tab creates some PHP errors
Bugs #4453: Adding a user to a group using "Groups and roles" with trustMode fails
Bugs #4456: Can't find a way to specify a '/' in distribution or media name in the repository plugin
Bugs #4457: FusionDirectory don't find the dns server if he is in a department
Bugs #4459: Desactivate other authentification method from configuration file
Bugs #4463: There are still traces of the rsyslog plugin in the schema and config class
Bugs #4464: There are still traces of the rsyslog plugin in the schema and config class
Bugs #4465: remove from the service-fd.schema objectClass no longer used
Bugs #4466: Pull request 11 from github
Bugs #4479: In primary group in unix tab there is a «None» option
Bugs #4481: «Enable primary group filter» option is obsolete
Bugs #4485: 'fusiondirectory-insert-schema -m' should check if the specificed file exists
Wishlist #4385: Locked users can connect using SSH keys
Wishlist #4473: Locked users can connect using SSH keys
[Fix] Bugs #4444: Debug log prevent connection in some cases
[Fix] Bugs #4452: Adding a user to a group using "Groups and roles" tab creates some PHP errors
[Fix] Bugs #4453: Adding a user to a group using "Groups and roles" with trustMode fails
[Fix] Bugs #4456: Can't find a way to specify a '/' in distribution or media name in the repository plugin
[Fix] Bugs #4457: FusionDirectory don't find the dns server if he is in a department
[Feature] Bugs #4459: Desactivate other authentification method from configuration file
[Fix] Bugs #4463: There are still traces of the rsyslog plugin in the schema and config class
[Fix] Bugs #4464: There are still traces of the rsyslog plugin in the schema and config class
[Fix] Bugs #4465: remove from the service-fd.schema objectClass no longer used
[Fix] Bugs #4466: Pull request 11 from github
[Fix] Bugs #4479: In primary group in unix tab there is a «None» option
[Fix] Bugs #4481: «Enable primary group filter» option is obsolete
[Fix] Bugs #4485: 'fusiondirectory-insert-schema -m' should check if the specificed file exists
[Fix] Wishlist #4385: Locked users can connect using SSH keys
[Fix] Wishlist #4473: Locked users can connect using SSH keys
* FusionDirectory 1.0.9.2
......
This diff is collapsed.
This diff is collapsed.
......@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY-INSERT-SCHEMA 1"
.TH FUSIONDIRECTORY-INSERT-SCHEMA 1 "2016-01-29" "FusionDirectory 1.0.9.3" "FusionDirectory Documentation"
.TH FUSIONDIRECTORY-INSERT-SCHEMA 1 "2016-02-10" "FusionDirectory 1.0.10" "FusionDirectory Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......
......@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY-SETUP 1"
.TH FUSIONDIRECTORY-SETUP 1 "2016-01-29" "FusionDirectory 1.0.9.3" "FusionDirectory Documentation"
.TH FUSIONDIRECTORY-SETUP 1 "2016-02-19" "FusionDirectory 1.0.10" "FusionDirectory Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......@@ -165,6 +165,9 @@ This option check your \s-1LDAP\s0 tree. Looking for admin account, and groups o
.IP "\-\-migrate\-users" 4
.IX Item "--migrate-users"
This option add FusionDirectory attributes to the people branch.
.IP "\-\-migrate\-dns" 4
.IX Item "--migrate-dns"
This option moves \s-1DNS\s0 zones from systems branch to \s-1DNS\s0 branch, which is necessary for FusionDirectory 1.0.10 and above.
.IP "\-\-migrate\-acls" 4
.IX Item "--migrate-acls"
This option will migrated old GOsa style acl from 1.0.7 into FusionDirectory acl roles in 1.0.8
......
......@@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "FUSIONDIRECTORY.CONF 1"
.TH FUSIONDIRECTORY.CONF 1 "2016-01-29" "FusionDirectory 1.0.9.3" "FusionDirectory Documentation"
.TH FUSIONDIRECTORY.CONF 1 "2016-02-10" "FusionDirectory 1.0.10" "FusionDirectory Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......
......@@ -166,6 +166,12 @@ attributetype ( 1.3.6.1.4.1.38414.8.12.18 NAME 'fdCnPattern'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.38414.8.12.19 NAME 'fdRestrictRoleMembers'
DESC 'FusionDirectory - Restrict role members to users from the same LDAP branch'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
# Password
attributetype ( 1.3.6.1.4.1.38414.8.13.1 NAME 'fdPasswordDefaultHash'
......@@ -295,6 +301,12 @@ attributetype ( 1.3.6.1.4.1.38414.8.15.5 NAME 'fdSessionLifeTime'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.38414.8.15.6 NAME 'fdHttpAuthActivated'
DESC 'FusionDirectory - HTTP Auth activation'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
# Debugging
attributetype ( 1.3.6.1.4.1.38414.8.16.1 NAME 'fdDisplayErrors'
......@@ -392,6 +404,12 @@ attributetype ( 1.3.6.1.4.1.38414.8.18.6 NAME 'fdAclTabOnObjects'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.38414.8.18.7 NAME 'fdDepartmentCategories'
DESC 'FusionDirectory - available categories for departments'
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
# Plugins
attributetype ( 1.3.6.1.4.1.38414.8.19.1 NAME 'fdOGroupRDN'
......@@ -556,17 +574,18 @@ objectclass ( 1.3.6.1.4.1.38414.8.2.1 NAME 'fusionDirectoryConf'
fdStrictNamingRules $ fdMinId $ fdUidNumberBase $
fdGidNumberBase $ fdUserRDN $ fdGroupRDN $ fdIdAllocationMethod $
fdGidNumberPoolMin $ fdUidNumberPoolMin $ fdGidNumberPoolMax $ fdUidNumberPoolMax $
fdAclRoleRDN $ fdCnPattern $
fdAclRoleRDN $ fdCnPattern $ fdRestrictRoleMembers $
fdPasswordDefaultHash $ fdPasswordMinLength $ fdPasswordMinDiffer $
fdPasswordHook $ fdHandleExpiredAccounts $ fdSaslRealm $ fdSaslExop $
fdForcePasswordDefaultHash $
fdPrimaryGroupFilter $ fdListSummary $
fdModificationDetectionAttribute $ fdLogging $ fdLdapSizeLimit $
fdLoginAttribute $ fdForceSSL $ fdWarnSSL $ fdStoreFilterSettings $ fdSessionLifeTime $
fdHttpAuthActivated $
fdDisplayErrors $ fdLdapMaxQueryTime $ fdLdapStats $ fdDebugLevel $
fdEnableSnapshots $ fdSnapshotBase $
fdTabHook $ fdShells $ fdDisplayHookOutput $
fdAclTabOnObjects $
fdAclTabOnObjects $ fdDepartmentCategories $
fdRfc2307bis $ fdCopyPaste $ fdSnapshotURI $
fdSnapshotAdminDn $ fdSnapshotAdminPassword $ fdPersonalTitleInDN $ fdAccountRDN $
fdSslCaCertPath $ fdSslKeyPath $ fdSslCertPath $
......
......@@ -108,7 +108,7 @@ objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.3 NAME 'gosaCacheEntry' SUP top STRUCTU
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.4 NAME 'gosaDepartment' SUP top AUXILIARY
DESC 'GOsa - Class to mark Departments for GOsa'
MUST ( ou $ description )
MAY ( manager ))
MAY ( manager $ co $ labeledURI ) )
objectclass ( 1.3.6.1.4.1.10098.1.2.1.19.6 NAME 'gosaAccount' SUP top AUXILIARY
DESC 'GOsa - Class for GOsa Accounts'
......
......@@ -192,7 +192,7 @@ if (isset($_POST['server'])) {
}
$config->set_current($server);
if ($config->get_cfg_value('casActivated') == 'TRUE') {
if (($config->get_cfg_value('casActivated') == 'TRUE') || ($config->get_cfg_value('httpAuthActivated') == 'TRUE')) {
session::global_set('DEBUGLEVEL', 0);
}
......@@ -351,6 +351,15 @@ class Index {
exit;
}
/* Return HTTP authentication header */
static function authenticateHeader($message = 'Authentication required')
{
header('WWW-Authenticate: Basic realm="FusionDirectory"');
header('HTTP/1.0 401 Unauthorized');
echo "$message\n";
exit;
}
/* Run each step in $steps, stop on errors */
static function runSteps($steps)
{
......@@ -393,6 +402,36 @@ class Index {
}
}
/* All login steps in the right order for HTTP auth login */
static function authLoginProcess()
{
global $config, $message, $ui;
self::init();
if (!isset($_SERVER['PHP_AUTH_USER'])) {
self::authenticateHeader();
}
self::$username = $_SERVER['PHP_AUTH_USER'];
self::$password = $_SERVER['PHP_AUTH_PW'];
$success = self::runSteps(array(
'validateUserInput',
'ldapLoginUser',
'loginAndCheckExpired',
'runSchemaCheck',
'checkForLockingBranch',
));
if ($success) {
/* Everything went well, redirect to main.php */
self::redirect();
} else {
self::authenticateHeader($message);
}
}
/* All login steps in the right order for CAS login */
static function casLoginProcess()
{
......@@ -425,7 +464,7 @@ class Index {
$verify_attr = explode(',', $config->get_cfg_value('loginAttribute', 'uid'));
$filter = '';
foreach ($verify_attr as $attr) {
$filter .= '('.$attr.'='.self::$username.')';
$filter .= '('.$attr.'='.ldap_escape_f(self::$username).')';
}
$ldap->search('(&(|'.$filter.')(objectClass=inetOrgPerson))');
$attrs = $ldap->fetch();
......@@ -466,7 +505,9 @@ class Index {
}
}
if ($config->get_cfg_value('casActivated') == 'TRUE') {
if ($config->get_cfg_value('httpAuthActivated') == 'TRUE') {
Index::authLoginProcess();
} elseif ($config->get_cfg_value('casActivated') == 'TRUE') {
require_once('CAS.php');
/* Move CAS autoload before FD autoload */
spl_autoload_unregister('CAS_autoload');
......
......@@ -41,6 +41,20 @@ text-align:right;
font-family:arial,helvetica,sans-serif;
clear:both;
}
p.plugbottom {
position:fixed;
bottom:0px;
right:10px;
margin:0;
box-shadow:0px 0px 2px black;
border-radius:5px 5px 0 0;
width:auto;
padding-left:10px;
padding-right:10px;
padding-bottom:5px;
padding-top:5px;
background:#BC9;
}
html.rtl .plugbottom {
text-align:left;
}
......@@ -223,6 +237,10 @@ background-color:#DFEFFF;
padding-right:1px;
border:none;
}
p.plugbottom {
left:5px;
right:5px;
}
.plugbottom input[type=submit], .plugbottom input[type=button] {
border:1px solid #DDD;
width:30% !important;
......
......@@ -222,6 +222,10 @@ text-align:right;
/********************** Template migration *********************/
form#mainform {
margin:0;
}
table.framework {
height:auto;
width:100%;
......@@ -243,6 +247,7 @@ table.framework td#maincell {
background-color:white;
width:auto;
vertical-align:top;
padding-bottom:35px;
}
/* cellpadding="0" */
......@@ -748,4 +753,8 @@ color:#000;
width:100%;
border-spacing:0;
}
table.framework #maincell
{
padding-bottom:55px;
}
}
[Icon Theme]
Name=FusionDirectory fixed frame
Comment=FusionDirectory theme that changes the position of the bottom buttons to fixed
Inherits=default
/* Themes can override this file to add some CSS */
table.framework #maincell
{
padding-bottom:35px;
}
p.plugbottom
{
position:fixed;
bottom:0px;
right:10px;
margin:0;
box-shadow:0px 0px 2px black;
border-radius:5px 5px 0 0;
width:auto;
padding-left:10px;
padding-right:10px;
padding-bottom:5px;
padding-top:5px;
background:#BC9;
}
/* On small screens */
@media (max-width: 640px) {
table.framework #maincell
{
padding-bottom:55px;
}
p.plugbottom
{
left:5px;
right:5px;
}
}
{include file={filePath file="simpleplugin_section.tpl"}}
{* Empty div to avoid breaking CSS rules which uses :nth-child(even) *}
<div></div>
......@@ -476,67 +476,12 @@ class config {
$this->data['SERVERS']['IMAP'] = $mailMethodClass::get_server_list($this);
} elseif (class_available('mailMethod')) {
msg_dialog::display(
_("Error"),
sprintf(_("The selected mail method (class %s) is not available"), $mailMethodClass),
_('Error'),
sprintf(_('The selected mail method (class %s) is not available'), $mailMethodClass),
ERROR_DIALOG
);
}
/* Get kerberos servers */
$ldap->cd($this->current['BASE']);
$ldap->search("(objectClass=goKrbServer)(goKrbRealm=*)(goKrbAdmin=*))");
$this->data['SERVERS']['KERBEROS'] = array();
while ($attrs = $ldap->fetch()) {
$this->data['SERVERS']['KERBEROS'][] = array(
'SERVER' => $attrs['cn'][0],
'REALM' => $attrs['goKrbRealm'][0],
'ADMIN' => $attrs['goKrbAdmin'][0]
);
}
/* Get fax servers */
$ldap->cd($this->current['BASE']);
$ldap->search("(objectClass=goFaxServer)");
$this->data['SERVERS']['FAX'] = array();
while ($attrs = $ldap->fetch()) {
$this->data['SERVERS']['FAX'][] = array(
'SERVER' => $attrs['cn'][0],
'LOGIN' => $attrs['goFaxAdmin'][0],
'PASSWORD' => $attrs['goFaxPassword'][0]
);
}
/* Get asterisk servers */
$ldap->cd($this->current['BASE']);
$ldap->search("(objectClass=goFonServer)");
$this->data['SERVERS']['FON'] = array();
while ($attrs = $ldap->fetch()) {
$entry = array(
'DN' => $attrs['dn'],
'SERVER' => $attrs['cn'][0],
'LOGIN' => $attrs['goFonAdmin'][0],
'PASSWORD' => $attrs['goFonPassword'][0],
'DB' => "gophone",
'SIP_TABLE' => "sip_users",
'EXT_TABLE' => "extensions",
'VOICE_TABLE' => "voicemail_users",
'QUEUE_TABLE' => "queues",
'QUEUE_MEMBER_TABLE' => "queue_members"
);
if (isset($attrs['fdAsteriskDriver'][0])) {
$entry['DRIVER'] = $attrs['fdAsteriskDriver'][0];
}
/* Add 0 entry for development */
if (count($this->data['SERVERS']['FON']) == 0) {
$this->data['SERVERS']['FON'][0] = $entry;
}
/* Add entry with 'dn' as index */
$this->data['SERVERS']['FON'][$attrs['dn']] = $entry;
}
/* Get NFS server lists */
$tmp = array("default");
$tmp2 = array("default");
......@@ -559,55 +504,40 @@ class config {
/* Load Terminalservers */
$ldap->cd ($this->current['BASE']);
$ldap->search ("(objectClass=goTerminalServer)", array("cn","gotoSessionType"));
$ldap->search ('(objectClass=goTerminalServer)', array('cn','gotoSessionType'));
$this->data['SERVERS']['TERMINAL'] = array();
$this->data['SERVERS']['TERMINAL'][] = "default";
$this->data['SERVERS']['TERMINAL'][] = 'default';
$this->data['SERVERS']['TERMINAL_SESSION_TYPES'] = array();
while ($attrs = $ldap->fetch()) {
$this->data['SERVERS']['TERMINAL'][] = $attrs["cn"][0];
if (isset( $attrs["gotoSessionType"]['count'])) {
for ($i = 0; $i < $attrs["gotoSessionType"]['count']; $i++) {
$this->data['SERVERS']['TERMINAL_SESSION_TYPES'][$attrs["cn"][0]][] = $attrs["gotoSessionType"][$i];
$this->data['SERVERS']['TERMINAL'][] = $attrs['cn'][0];
if (isset( $attrs['gotoSessionType']['count'])) {
for ($i = 0; $i < $attrs['gotoSessionType']['count']; $i++) {
$this->data['SERVERS']['TERMINAL_SESSION_TYPES'][$attrs['cn'][0]][] = $attrs['gotoSessionType'][$i];
}
}
}
/* Ldap Server
*/
/* Ldap Server */
$this->data['SERVERS']['LDAP'] = array();
$ldap->cd($this->current['BASE']);
$ldap->search("(&(objectClass=goLdapServer)(goLdapBase=*))");
$ldap->search('(&(objectClass=goLdapServer)(goLdapBase=*))');
while ($attrs = $ldap->fetch()) {
$this->data['SERVERS']['LDAP'][$attrs['dn']] = $attrs;
}
/* Get misc server lists */
$this->data['SERVERS']['SYSLOG'] = array("default");
$this->data['SERVERS']['NTP'] = array("default");
$ldap->cd($this->current['BASE']);
$ldap->search("(objectClass=goNtpServer)");
while ($attrs = $ldap->fetch()) {
$this->data['SERVERS']['NTP'][] = $attrs["cn"][0];
}
$ldap->cd($this->current['BASE']);
$ldap->search("(objectClass=goSyslogServer)");
while ($attrs = $ldap->fetch()) {
$this->data['SERVERS']['SYSLOG'][] = $attrs["cn"][0];
}
/* Get samba servers from LDAP */
$this->data['SERVERS']['SAMBA'] = array();
if (class_available('sambaAccount')) {
$ldap->cd($this->current['BASE']);
$ldap->search("(objectClass=sambaDomain)");
$ldap->search('(objectClass=sambaDomain)');
while ($attrs = $ldap->fetch()) {
$this->data['SERVERS']['SAMBA'][$attrs['sambaDomainName'][0]] = array( "SID" => "","RIDBASE" => "");
if (isset($attrs["sambaSID"][0])) {
$this->data['SERVERS']['SAMBA'][$attrs['sambaDomainName'][0]]["SID"] = $attrs["sambaSID"][0];
$this->data['SERVERS']['SAMBA'][$attrs['sambaDomainName'][0]] = array( 'SID' => '','RIDBASE' => '');
if (isset($attrs['sambaSID'][0])) {
$this->data['SERVERS']['SAMBA'][$attrs['sambaDomainName'][0]]['SID'] = $attrs['sambaSID'][0];
}
if (isset($attrs["sambaAlgorithmicRidBase"][0])) {
$this->data['SERVERS']['SAMBA'][$attrs['sambaDomainName'][0]]["RIDBASE"] = $attrs["sambaAlgorithmicRidBase"][0];
if (isset($attrs['sambaAlgorithmicRidBase'][0])) {
$this->data['SERVERS']['SAMBA'][$attrs['sambaDomainName'][0]]['RIDBASE'] = $attrs['sambaAlgorithmicRidBase'][0];
}
}
......
......@@ -466,11 +466,11 @@ class filter
// Do not replace escaped \$ - This is required to be able to search for e.g. windows machines.
if ($this->elementValues[$tag] == "") {
$e_unset = preg_replace('/([^\\\\])\$/', '${1}'.normalizeLdap($this->elementValues[$tag]), $e_unset);
$e_unset = preg_replace('/([^\\\\])\$/', '${1}'.ldap_escape_f($this->elementValues[$tag]), $e_unset);
$e_unset = preg_replace('/\\\\\$/', '$', $e_unset);
$filter = preg_replace("/\\$$tag/", $e_unset, $filter);
} else {
$e_set = preg_replace('/([^\\\\])\$/', '${1}'.normalizeLdap($this->elementValues[$tag]), $e_set);
$e_set = preg_replace('/([^\\\\])\$/', '${1}'.ldap_escape_f($this->elementValues[$tag]), $e_set);
$e_set = preg_replace('/\\\\\$/', '$', $e_set);
$filter = preg_replace("/\\$$tag/", $e_set, $filter);
}
......@@ -566,7 +566,7 @@ class filter
}
// Make filter
$filter = preg_replace("/\\$$tag/", normalizeLdap($value), $filter);
$filter = preg_replace("/\\$$tag/", ldap_escape_f($value), $filter);
if (isset($config['base']) && isset($config['scope']) && isset($config['category'])) {
$result = call_user_func(array($backend, 'query'), $this, $config['base'], $config['scope'], $filter, $attributes,
$config["category"], $config["objectStorage"]);
......
......@@ -27,7 +27,7 @@
* Source code for Class LDAP
*/
define("SPECIALS_OVERRIDE", TRUE);
define("SPECIALS_OVERRIDE", FALSE);
/*!
* \brief This class contains all ldap function needed to make
......@@ -167,8 +167,8 @@ class LDAP
*/
static function prepare4filter($dn)
{
$fixed = normalizeLdap(str_replace('\\\\', '\\\\\\', LDAP::fix($dn)));
return str_replace('\\,', '\\\\,', $fixed);
trigger_error('deprecated, use ldap_escape_f instead');
return ldap_escape_f($dn);
}
/*!
......@@ -703,21 +703,21 @@ class LDAP
$delarray = array();
/* Get sorted list of dn's to delete */
$this->ls($srp, "(objectClass=*)", $deletedn);
while ($this->fetch($srp)) {
$deldn = $this->getDN($srp);
$delarray[$deldn] = strlen($deldn);
$this->cd($deletedn);
$this->search($srp, "(objectClass=*)", array('dn'));
while ($attrs = $this->fetch($srp)) {
$delarray[$attrs['dn']] = strlen($attrs['dn']);
}
arsort($delarray);
reset($delarray);
/* Really Delete ALL dn's in subtree */
foreach (array_keys($delarray) as $key) {
$this->rmdir_recursive($srp, $key);
$r = @ldap_delete($this->cid, LDAP::fix($key));
if ($r === FALSE) {
break;
}
}
/* Finally Delete own Node */
$r = @ldap_delete($this->cid, LDAP::fix($deletedn));
$this->error = @ldap_error($this->cid);
return ($r ? $r : 0);
} else {
......
......@@ -64,10 +64,7 @@ class ldapMultiplexer {
array_unshift($parameters, $this->sr);
}
$class = new ReflectionClass($this->object);
$method = $class->getMethod($methodName);
return $method->invokeArgs($this->object, $parameters);
return call_user_func_array(array($this->object, $methodName), $parameters);
}
/*
......
......@@ -1500,6 +1500,10 @@ class listing {
}
}