summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon Rettberg2015-10-20 17:15:49 +0200
committerSimon Rettberg2015-10-20 17:15:49 +0200
commit2c6bbc84799bcca7beb88abc4781ab0bc8ec5328 (patch)
tree21ca2565c6dd63b7405201964652d396e4d87d7c
parent[serversetup] Fix ipxe html layout (diff)
downloadslx-admin-2c6bbc84799bcca7beb88abc4781ab0bc8ec5328.tar.gz
slx-admin-2c6bbc84799bcca7beb88abc4781ab0bc8ec5328.tar.xz
slx-admin-2c6bbc84799bcca7beb88abc4781ab0bc8ec5328.zip
Support creating ad and ldap modules with ca-based cert checking
-rw-r--r--inc/configmodule/adauth.inc.php2
-rw-r--r--inc/configmodule/ldapauth.inc.php2
-rw-r--r--lang/de/templates/sysconfig/ad_ldap-checkconnection.json (renamed from lang/de/templates/sysconfig/ad-checkconnection.json)0
-rw-r--r--lang/de/templates/sysconfig/ad_ldap-checkcredentials.json (renamed from lang/de/templates/sysconfig/ad-checkcredentials.json)0
-rw-r--r--lang/en/templates/sysconfig/ad_ldap-checkconnection.json (renamed from lang/en/templates/sysconfig/ad-checkconnection.json)0
-rw-r--r--lang/en/templates/sysconfig/ad_ldap-checkcredentials.json (renamed from lang/en/templates/sysconfig/ad-checkcredentials.json)0
-rw-r--r--lang/pt/templates/sysconfig/ad_ldap-checkconnection.json (renamed from lang/pt/templates/sysconfig/ad-checkconnection.json)0
-rw-r--r--lang/pt/templates/sysconfig/ad_ldap-checkcredentials.json (renamed from lang/pt/templates/sysconfig/ad-checkcredentials.json)0
-rw-r--r--modules/sysconfig/addmodule.inc.php43
-rw-r--r--modules/sysconfig/addmodule_adauth.inc.php42
-rw-r--r--modules/sysconfig/addmodule_ldapauth.inc.php42
-rw-r--r--style/default.css4
-rw-r--r--templates/sysconfig/ad-start.html40
-rw-r--r--templates/sysconfig/ad_ldap-checkconnection.html (renamed from templates/sysconfig/ad-checkconnection.html)43
-rw-r--r--templates/sysconfig/ad_ldap-checkcredentials.html (renamed from templates/sysconfig/ad-checkcredentials.html)8
-rw-r--r--templates/sysconfig/ldap-checkconnection.html66
-rw-r--r--templates/sysconfig/ldap-checkcredentials.html63
-rw-r--r--templates/sysconfig/ldap-start.html26
18 files changed, 169 insertions, 212 deletions
diff --git a/inc/configmodule/adauth.inc.php b/inc/configmodule/adauth.inc.php
index f1da4d76..360194f1 100644
--- a/inc/configmodule/adauth.inc.php
+++ b/inc/configmodule/adauth.inc.php
@@ -14,7 +14,7 @@ class ConfigModule_AdAuth extends ConfigModule
const VERSION = 1;
private static $REQUIRED_FIELDS = array('server', 'searchbase', 'binddn');
- private static $OPTIONAL_FIELDS = array('bindpw', 'home', 'ssl', 'fingerprint');
+ private static $OPTIONAL_FIELDS = array('bindpw', 'home', 'ssl', 'fingerprint', 'certificate');
protected function generateInternal($tgz, $parent)
{
diff --git a/inc/configmodule/ldapauth.inc.php b/inc/configmodule/ldapauth.inc.php
index 9a5f2fb8..da9cd6fc 100644
--- a/inc/configmodule/ldapauth.inc.php
+++ b/inc/configmodule/ldapauth.inc.php
@@ -14,7 +14,7 @@ class ConfigModule_LdapAuth extends ConfigModule
const VERSION = 1;
private static $REQUIRED_FIELDS = array('server', 'searchbase');
- private static $OPTIONAL_FIELDS = array('binddn', 'bindpw', 'home', 'ssl', 'fingerprint');
+ private static $OPTIONAL_FIELDS = array('binddn', 'bindpw', 'home', 'ssl', 'fingerprint', 'certificate');
protected function generateInternal($tgz, $parent)
{
diff --git a/lang/de/templates/sysconfig/ad-checkconnection.json b/lang/de/templates/sysconfig/ad_ldap-checkconnection.json
index cff56cce..cff56cce 100644
--- a/lang/de/templates/sysconfig/ad-checkconnection.json
+++ b/lang/de/templates/sysconfig/ad_ldap-checkconnection.json
diff --git a/lang/de/templates/sysconfig/ad-checkcredentials.json b/lang/de/templates/sysconfig/ad_ldap-checkcredentials.json
index f0ab6e15..f0ab6e15 100644
--- a/lang/de/templates/sysconfig/ad-checkcredentials.json
+++ b/lang/de/templates/sysconfig/ad_ldap-checkcredentials.json
diff --git a/lang/en/templates/sysconfig/ad-checkconnection.json b/lang/en/templates/sysconfig/ad_ldap-checkconnection.json
index c986668d..c986668d 100644
--- a/lang/en/templates/sysconfig/ad-checkconnection.json
+++ b/lang/en/templates/sysconfig/ad_ldap-checkconnection.json
diff --git a/lang/en/templates/sysconfig/ad-checkcredentials.json b/lang/en/templates/sysconfig/ad_ldap-checkcredentials.json
index 2b83a231..2b83a231 100644
--- a/lang/en/templates/sysconfig/ad-checkcredentials.json
+++ b/lang/en/templates/sysconfig/ad_ldap-checkcredentials.json
diff --git a/lang/pt/templates/sysconfig/ad-checkconnection.json b/lang/pt/templates/sysconfig/ad_ldap-checkconnection.json
index c44dc44f..c44dc44f 100644
--- a/lang/pt/templates/sysconfig/ad-checkconnection.json
+++ b/lang/pt/templates/sysconfig/ad_ldap-checkconnection.json
diff --git a/lang/pt/templates/sysconfig/ad-checkcredentials.json b/lang/pt/templates/sysconfig/ad_ldap-checkcredentials.json
index cf1fbfba..cf1fbfba 100644
--- a/lang/pt/templates/sysconfig/ad-checkcredentials.json
+++ b/lang/pt/templates/sysconfig/ad_ldap-checkcredentials.json
diff --git a/modules/sysconfig/addmodule.inc.php b/modules/sysconfig/addmodule.inc.php
index bbb827e5..0fed67a9 100644
--- a/modules/sysconfig/addmodule.inc.php
+++ b/modules/sysconfig/addmodule.inc.php
@@ -135,3 +135,46 @@ class AddModule_Start extends AddModule_Base
}
}
+
+/*
+ * Helper functions to set/get a batch of vars from/to post variables or a module
+ */
+
+/**
+ *
+ * @param \ConfigModule $module
+ * @param array $array
+ * @param array $keys
+ */
+function moduleToArray($module, &$array, $keys)
+{
+ foreach ($keys as $key) {
+ $array[$key] = $module->getData($key);
+ }
+}
+
+/**
+ *
+ * @param \ConfigModule $module
+ * @param array $array
+ * @param array $keys
+ */
+function arrayToModule($module, $array, $keys)
+{
+ foreach ($keys as $key) {
+ $module->setData($key, $array[$key]);
+ }
+}
+/**
+ *
+ * @param array $array
+ * @param array $keys
+ */
+function postToArray(&$array, $keys, $ignoreMissing = false)
+{
+ foreach ($keys as $key) {
+ $val = Request::post($key, '--not-in-post');
+ if ($ignoreMissing && $val === '--not-in-post') continue;
+ $array[$key] = $val;
+ }
+}
diff --git a/modules/sysconfig/addmodule_adauth.inc.php b/modules/sysconfig/addmodule_adauth.inc.php
index 251ee5d6..89d822c9 100644
--- a/modules/sysconfig/addmodule_adauth.inc.php
+++ b/modules/sysconfig/addmodule_adauth.inc.php
@@ -9,28 +9,14 @@ class AdAuth_Start extends AddModule_Base
protected function renderInternal()
{
+ $ADAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'ssl', 'certificate');
+ $data = array();
if ($this->edit !== false) {
- $data = array(
- 'title' => $this->edit->title(),
- 'server' => $this->edit->getData('server'),
- 'searchbase' => $this->edit->getData('searchbase'),
- 'binddn' => $this->edit->getData('binddn'),
- 'bindpw' => $this->edit->getData('bindpw'),
- 'home' => $this->edit->getData('home'),
- 'ssl' => $this->edit->getData('ssl'),
- 'edit' => $this->edit->id()
- );
- } else {
- $data = array(
- 'title' => Request::post('title'),
- 'server' => Request::post('server'),
- 'searchbase' => Request::post('searchbase'),
- 'binddn' => Request::post('binddn'),
- 'bindpw' => Request::post('bindpw'),
- 'home' => Request::post('home'),
- 'ssl' => Request::post('ssl')
- );
+ moduleToArray($this->edit, $data, $ADAUTH_COMMON_FIELDS);
+ $data['title'] = $this->edit->title();
+ $data['edit'] = $this->edit->id();
}
+ postToArray($data, $ADAUTH_COMMON_FIELDS, true);
if (preg_match('/^(.*)\:(636|3269|389|3268)$/', $data['server'], $out)) {
$data['server'] = $out[1];
}
@@ -66,7 +52,8 @@ class AdAuth_CheckConnection extends AddModule_Base
}
$this->scanTask = Taskmanager::submit('PortScan', array(
'host' => $this->server,
- 'ports' => $ports
+ 'ports' => $ports,
+ 'certificate' => Request::post('certificate', '')
));
if (!isset($this->scanTask['id'])) {
AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render()
@@ -85,10 +72,12 @@ class AdAuth_CheckConnection extends AddModule_Base
'bindpw' => Request::post('bindpw'),
'home' => Request::post('home'),
'ssl' => Request::post('ssl'),
+ 'certificate' => Request::post('certificate', ''),
'taskid' => $this->scanTask['id']
);
- $data['step'] = 'AdAuth_CheckCredentials';
- Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-checkconnection', $data);
+ $data['prev'] = 'AdAuth_Start';
+ $data['next'] = 'AdAuth_CheckCredentials';
+ Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad_ldap-checkconnection', $data);
}
}
@@ -161,7 +150,7 @@ class AdAuth_CheckCredentials extends AddModule_Base
protected function renderInternal()
{
- Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-checkcredentials', array_merge($this->taskIds, array(
+ Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad_ldap-checkcredentials', array_merge($this->taskIds, array(
'edit' => Request::post('edit'),
'title' => Request::post('title'),
'server' => Request::post('server') . ':' . Request::post('port'),
@@ -171,8 +160,10 @@ class AdAuth_CheckCredentials extends AddModule_Base
'home' => Request::post('home'),
'ssl' => Request::post('ssl') === 'on',
'fingerprint' => Request::post('fingerprint'),
+ 'certificate' => Request::post('certificate', ''),
'originalbinddn' => $this->originalBindDn,
- 'step' => 'AdAuth_Finish'
+ 'prev' => 'AdAuth_Start',
+ 'next' => 'AdAuth_Finish'
))
);
}
@@ -228,6 +219,7 @@ class AdAuth_Finish extends AddModule_Base
$module->setData('binddn', $binddn);
$module->setData('bindpw', Request::post('bindpw'));
$module->setData('home', Request::post('home'));
+ $module->setData('certificate', Request::post('certificate'));
$module->setData('ssl', $ssl);
if ($ssl) {
$module->setData('fingerprint', Request::post('fingerprint', ''));
diff --git a/modules/sysconfig/addmodule_ldapauth.inc.php b/modules/sysconfig/addmodule_ldapauth.inc.php
index 44dbcca1..6cefbe58 100644
--- a/modules/sysconfig/addmodule_ldapauth.inc.php
+++ b/modules/sysconfig/addmodule_ldapauth.inc.php
@@ -9,28 +9,14 @@ class LdapAuth_Start extends AddModule_Base
protected function renderInternal()
{
+ $LDAPAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'ssl', 'certificate');
+ $data = array();
if ($this->edit !== false) {
- $data = array(
- 'title' => $this->edit->title(),
- 'server' => $this->edit->getData('server'),
- 'searchbase' => $this->edit->getData('searchbase'),
- 'binddn' => $this->edit->getData('binddn'),
- 'bindpw' => $this->edit->getData('bindpw'),
- 'home' => $this->edit->getData('home'),
- 'ssl' => $this->edit->getData('ssl'),
- 'edit' => $this->edit->id()
- );
- } else {
- $data = array(
- 'title' => Request::post('title'),
- 'server' => Request::post('server'),
- 'searchbase' => Request::post('searchbase'),
- 'binddn' => Request::post('binddn'),
- 'bindpw' => Request::post('bindpw'),
- 'home' => Request::post('home'),
- 'ssl' => Request::post('ssl')
- );
+ moduleToArray($this->edit, $data, $LDAPAUTH_COMMON_FIELDS);
+ $data['title'] = $this->edit->title();
+ $data['edit'] = $this->edit->id();
}
+ postToArray($data, $LDAPAUTH_COMMON_FIELDS, true);
if (preg_match('/^(.*)\:(636|389)$/', $data['server'], $out)) {
$data['server'] = $out[1];
}
@@ -66,7 +52,8 @@ class LdapAuth_CheckConnection extends AddModule_Base
}
$this->scanTask = Taskmanager::submit('PortScan', array(
'host' => $this->server,
- 'ports' => $ports
+ 'ports' => $ports,
+ 'certificate' => Request::post('certificate', '')
));
if (!isset($this->scanTask['id'])) {
AddModule_Base::setStep('LdapAuth_Start'); // Continues with LdapAuth_Start for render()
@@ -85,10 +72,12 @@ class LdapAuth_CheckConnection extends AddModule_Base
'bindpw' => Request::post('bindpw'),
'home' => Request::post('home'),
'ssl' => Request::post('ssl'),
+ 'certificate' => Request::post('certificate', ''),
'taskid' => $this->scanTask['id']
);
- $data['step'] = 'LdapAuth_CheckCredentials';
- Render::addDialog(Dictionary::translate('config-module', 'ldapAuth_title'), false, 'sysconfig/ldap-checkconnection', $data);
+ $data['prev'] = 'LdapAuth_Start';
+ $data['next'] = 'LdapAuth_CheckCredentials';
+ Render::addDialog(Dictionary::translate('config-module', 'ldapAuth_title'), false, 'sysconfig/ad_ldap-checkconnection', $data);
}
}
@@ -144,7 +133,7 @@ class LdapAuth_CheckCredentials extends AddModule_Base
protected function renderInternal()
{
- Render::addDialog(Dictionary::translate('config-module', 'ldapAuth_title'), false, 'sysconfig/ldap-checkcredentials', array_merge($this->taskIds, array(
+ Render::addDialog(Dictionary::translate('config-module', 'ldapAuth_title'), false, 'sysconfig/ad_ldap-checkcredentials', array_merge($this->taskIds, array(
'edit' => Request::post('edit'),
'title' => Request::post('title'),
'server' => Request::post('server') . ':' . Request::post('port'),
@@ -154,7 +143,9 @@ class LdapAuth_CheckCredentials extends AddModule_Base
'home' => Request::post('home'),
'ssl' => Request::post('ssl') === 'on',
'fingerprint' => Request::post('fingerprint'),
- 'step' => 'LdapAuth_Finish'
+ 'certificate' => Request::post('certificate', ''),
+ 'prev' => 'LdapAuth_Start',
+ 'next' => 'LdapAuth_Finish'
))
);
}
@@ -190,6 +181,7 @@ class LdapAuth_Finish extends AddModule_Base
$module->setData('binddn', $binddn);
$module->setData('bindpw', Request::post('bindpw'));
$module->setData('home', Request::post('home'));
+ $module->setData('certificate', Request::post('certificate'));
$module->setData('ssl', $ssl);
if ($ssl) {
$module->setData('fingerprint', Request::post('fingerprint', ''));
diff --git a/style/default.css b/style/default.css
index 9e430b73..9c0c367a 100644
--- a/style/default.css
+++ b/style/default.css
@@ -1,3 +1,7 @@
+html {
+ overflow-y: scroll;
+}
+
body {
padding-top: 70px;
padding-bottom: 10px;
diff --git a/templates/sysconfig/ad-start.html b/templates/sysconfig/ad-start.html
index 8ce92c25..58f4a381 100644
--- a/templates/sysconfig/ad-start.html
+++ b/templates/sysconfig/ad-start.html
@@ -10,6 +10,8 @@
{{lang_adText4}}
</p>
+<i>{{lang_asteriskMandatory}}</i>
+
<form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step={{step}}">
<input type="hidden" name="token" value="{{token}}">
<input type="hidden" name="edit" value="{{edit}}">
@@ -20,30 +22,18 @@
<div class="input-group">
<span class="input-group-addon slx-ga">Server *</span>
<input tabindex="2" name="server" value="{{server}}" type="text" class="form-control" placeholder="dc0.institution.example.com">
- <!--span class="input-group-btn">
- <a class="btn btn-default"><span class="glyphicon glyphicon-question-sign"></span></a>
- </span-->
</div>
<div class="input-group">
<span class="input-group-addon slx-ga">{{lang_bindDN}} *</span>
<input tabindex="3" name="binddn" value="{{binddn}}" type="text" class="form-control" placeholder="domain\bwlp *ODER* CN=bwlp,OU=Benutzer,DC=domain,DC=hs-beispiel,DC=de">
- <!--span class="input-group-btn">
- <a class="btn btn-default"><span class="glyphicon glyphicon-question-sign"></span></a>
- </span-->
</div>
<div class="input-group">
<span class="input-group-addon slx-ga">{{lang_password}} *</span>
<input tabindex="4" name="bindpw" value="{{bindpw}}" type="{{password_type}}" class="form-control" placeholder="{{lang_password}}">
- <!--span class="input-group-btn">
- <a class="btn btn-default"><span class="glyphicon glyphicon-question-sign"></span></a>
- </span-->
</div>
<div class="input-group">
<span class="input-group-addon slx-ga">{{lang_searchBase}}</span>
<input tabindex="5" name="searchbase" value="{{searchbase}}" type="text" class="form-control" placeholder="dc=windows,dc=hs-beispiel,dc=de">
- <!--span class="input-group-btn">
- <a class="btn btn-default"><span class="glyphicon glyphicon-question-sign"></span></a>
- </span-->
</div>
<br>
<div class="input-group">
@@ -54,16 +44,36 @@
</span>
</div>
<br>
- <div class="checkbox">
+ <div>
<label>
- <input type="checkbox" name="ssl" {{#ssl}}checked{{/ssl}}> {{lang_ssl}}
+ <input type="checkbox" name="ssl" onchange="$('#cert-box').css('display', this.checked ? '' : 'none')" {{#ssl}}checked{{/ssl}}> {{lang_ssl}}
</label>
</div>
- <div><i>{{lang_sslDescription}}</i></div>
+ <i>{{lang_sslDescription}}</i>
<br>
<div class="pull-right">
<button type="submit" class="btn btn-primary">{{lang_next}} &raquo;</button>
</div>
+ <div class="clearfix"></div>
+ <hr>
+ <div {{^ssl}}style="display:none"{{/ssl}} id="cert-box">
+ <div class="well well-sm" id="wcustom">
+ {{lang_customCertificate}}
+ <pre class="small">
+-----BEGIN CERTIFICATE-----
+MIIFfTCCA...
+.....
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+.....
+-----END CERTIFICATE-----</pre>
+ <textarea name="certificate" class="form-control small" cols="101" rows="10">{{certificate}}</textarea>
+ </div>
+ <div class="pull-right">
+ <button type="submit" class="btn btn-primary">{{lang_next}} &raquo;</button>
+ </div>
+ <div class="clearfix"></div>
+ </div>
</form>
<div class="modal fade" id="help-home" tabindex="-1" role="dialog">
diff --git a/templates/sysconfig/ad-checkconnection.html b/templates/sysconfig/ad_ldap-checkconnection.html
index 0c7cd77f..58196958 100644
--- a/templates/sysconfig/ad-checkconnection.html
+++ b/templates/sysconfig/ad_ldap-checkconnection.html
@@ -5,9 +5,12 @@
<div id="zeug">
<div data-tm-id="{{taskid}}" data-tm-log="messages" data-tm-callback="portScan">Port Check</div>
</div>
+<div id="self-signed" style="display:none" class="alert alert-info">{{lang_selfSignedNote}}</div>
+<div id="no-valid-cert" style="display:none" class="alert alert-danger">{{lang_noValidCert}}</div>
+<div id="no-open-port" style="display:none" class="alert alert-danger">{{lang_noOpenPort}}</div>
<br>
<div class="pull-left">
- <form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step=AdAuth_Start">
+ <form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step={{prev}}">
<input type="hidden" name="token" value="{{token}}">
<input type="hidden" name="edit" value="{{edit}}">
<input name="title" value="{{title}}" type="hidden">
@@ -17,13 +20,14 @@
<input name="bindpw" value="{{bindpw}}" type="hidden">
<input name="home" value="{{home}}" type="hidden">
{{#ssl}}
- <input id="ssl" name="ssl" value="on" type="hidden">
+ <input name="ssl" value="on" type="hidden">
+ <input type="hidden" name="certificate" value="{{certificate}}">
{{/ssl}}
<button type="submit" class="btn btn-primary">&laquo; {{lang_back}}</button>
</form>
</div>
<div class="pull-right">
- <form id="nextform" role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step={{step}}">
+ <form id="nextform" role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step={{next}}">
<input type="hidden" name="token" value="{{token}}">
<input type="hidden" name="edit" value="{{edit}}">
<input name="title" value="{{title}}" type="hidden">
@@ -34,8 +38,9 @@
<input name="bindpw" value="{{bindpw}}" type="hidden">
<input name="home" value="{{home}}" type="hidden">
{{#ssl}}
- <input name="ssl" value="on" type="hidden">
+ <input id="ssl" name="ssl" value="on" type="hidden">
<input id="fingerprint" name="fingerprint" value="" type="hidden">
+ <input id="certificate" type="hidden" name="certificate" value="{{certificate}}">
{{/ssl}}
<input name="originalbinddn" value="{{binddn}}" type="hidden">
<button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_next}} &raquo;</button>
@@ -43,6 +48,10 @@
</div>
<div id="bla"></div>
<script type="text/javascript">
+ function isSelfSigned(code)
+ {
+ return code == 18 || code == 19 || code == 20 || code == 21;
+ }
function portScan(task)
{
if (!task || !task.statusCode)
@@ -50,16 +59,30 @@
if (task.statusCode === 'TASK_FINISHED' && task.data && task.data.ports) {
var ssl = $('#ssl').length > 0;
var ports = task.data.ports;
+ var verRes = -1;
+ var cert = $('#certificate').val().length > 10;
for (var i = 0; i < ports.length; ++i) {
- if (ports[i].open && ports[i].port && (!ssl || ports[i].certFingerprint.length > 10)) {
- if ($.isNumeric($('#port').val()) && $('#port').val() < ports[i].port) continue; // Prefer the global LDAP ports over the specific AD ports
- $('#port').val(ports[i].port);
- if (ssl) $('#fingerprint').val(ports[i].certFingerprint);
+ if (!ports[i].open || !ports[i].port) continue;
+ if ($.isNumeric($('#port').val()) && $('#port').val() < ports[i].port) continue; // Prefer the global LDAP ports over the specific AD ports
+ if (ssl) {
+ if (verRes === -1) verRes = ports[i].verifyResult;
+ if (ports[i].certFingerprint.length < 10 || ports[i].certificateChain.length < 10) continue;
+ if (ports[i].verifyResult != 0 && (cert || !isSelfSigned(ports[i].verifyResult))) continue;
+ verRes = ports[i].verifyResult;
+ $('#fingerprint').val(ports[i].certFingerprint);
+ if (!cert && verRes != 0) $('#certificate').val(ports[i].certificateChain);
+ else if (!cert && verRes == 0) $('#certificate').val('default');
}
+ $('#port').val(ports[i].port);
}
- if ($('#port').val() > 0) {
+ if (ssl && verRes != 0 && (cert || !isSelfSigned(verRes))) {
+ $('#no-valid-cert').css('display', '');
+ } else if ($('#port').val() > 0) {
$('#nextbutton').show();
- $('#nextform').submit();
+ if (ssl && isSelfSigned(verRes)) $('#self-signed').css('display', '');
+ else $('#nextform').submit();
+ } else {
+ $('#no-open-port').css('display', '');
}
}
}
diff --git a/templates/sysconfig/ad-checkcredentials.html b/templates/sysconfig/ad_ldap-checkcredentials.html
index dbd09d58..5a9d6b38 100644
--- a/templates/sysconfig/ad-checkcredentials.html
+++ b/templates/sysconfig/ad_ldap-checkcredentials.html
@@ -3,13 +3,13 @@
</p>
<div id="zeug">
- <div data-tm-id="{{self-search}}" data-tm-log="messages" data-tm-callback="selfCb">LDAP Self-Query</div>
+ {{#self-search}}<div data-tm-id="{{self-search}}" data-tm-log="messages" data-tm-callback="selfCb">LDAP Self-Query</div>{{/self-search}}
<div data-tm-id="{{tm-search}}" data-tm-log="messages" data-tm-callback="ldapCb">LDAP Test-Query</div>
</div>
<i>{{lang_onProblemSearchBase}}</i>
<br><br>
<div class="pull-left">
- <form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step=AdAuth_Start">
+ <form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step={{prev}}">
<input type="hidden" name="token" value="{{token}}">
<input type="hidden" name="edit" value="{{edit}}">
<input name="title" value="{{title}}" type="hidden">
@@ -20,12 +20,13 @@
<input name="home" value="{{home}}" type="hidden">
{{#ssl}}
<input name="ssl" value="on" type="hidden">
+ <input type="hidden" name="certificate" value="{{certificate}}">
{{/ssl}}
<button type="submit" class="btn btn-primary">&laquo; {{lang_back}}</button>
</form>
</div>
<div class="pull-right">
- <form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step={{step}}">
+ <form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step={{next}}">
<input type="hidden" name="token" value="{{token}}">
<input type="hidden" name="edit" value="{{edit}}">
<input name="title" value="{{title}}" type="hidden">
@@ -37,6 +38,7 @@
<input name="home" value="{{home}}" type="hidden">
{{#ssl}}
<input name="ssl" value="on" type="hidden">
+ <input type="hidden" name="certificate" value="{{certificate}}">
{{/ssl}}
<input name="fingerprint" value="{{fingerprint}}" type="hidden">
<input name="originalbinddn" value="{{binddn}}" type="hidden">
diff --git a/templates/sysconfig/ldap-checkconnection.html b/templates/sysconfig/ldap-checkconnection.html
deleted file mode 100644
index b661a263..00000000
--- a/templates/sysconfig/ldap-checkconnection.html
+++ /dev/null
@@ -1,66 +0,0 @@
-<p>
- {{lang_connectionWait}}
-</p>
-
-<div id="zeug">
- <div data-tm-id="{{taskid}}" data-tm-log="messages" data-tm-callback="portScan">Port Check</div>
-</div>
-<br>
-<div class="pull-left">
- <form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step=LdapAuth_Start">
- <input type="hidden" name="token" value="{{token}}">
- <input type="hidden" name="edit" value="{{edit}}">
- <input name="title" value="{{title}}" type="hidden">
- <input name="server" value="{{server}}" type="hidden">
- <input name="searchbase" value="{{searchbase}}" type="hidden">
- <input name="binddn" value="{{binddn}}" type="hidden">
- <input name="bindpw" value="{{bindpw}}" type="hidden">
- <input name="home" value="{{home}}" type="hidden">
- {{#ssl}}
- <input id="ssl" name="ssl" value="on" type="hidden">
- {{/ssl}}
- <button type="submit" class="btn btn-primary">&laquo; {{lang_back}}</button>
- </form>
-</div>
-<div class="pull-right">
- <form id="nextform" role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step={{step}}">
- <input type="hidden" name="token" value="{{token}}">
- <input type="hidden" name="edit" value="{{edit}}">
- <input name="title" value="{{title}}" type="hidden">
- <input name="server" value="{{server}}" type="hidden">
- <input id="port" name="port" value="" type="hidden">
- <input name="searchbase" value="{{searchbase}}" type="hidden">
- <input name="binddn" value="{{binddn}}" type="hidden">
- <input name="bindpw" value="{{bindpw}}" type="hidden">
- <input name="home" value="{{home}}" type="hidden">
- {{#ssl}}
- <input name="ssl" value="on" type="hidden">
- <input id="fingerprint" name="fingerprint" value="" type="hidden">
- {{/ssl}}
- <input name="originalbinddn" value="{{binddn}}" type="hidden">
- <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_next}} &raquo;</button>
- </form>
-</div>
-<div id="bla"></div>
-<script type="text/javascript">
- function portScan(task)
- {
- if (!task || !task.statusCode)
- return;
- if (task.statusCode === 'TASK_FINISHED' && task.data && task.data.ports) {
- var ssl = $('#ssl').length > 0;
- var ports = task.data.ports;
- for (var i = 0; i < ports.length; ++i) {
- if (ports[i].open && ports[i].port && (!ssl || ports[i].certFingerprint.length > 10)) {
- if ($.isNumeric($('#port').val()) && $('#port').val() < ports[i].port) continue; // Prefer the global LDAP ports
- $('#port').val(ports[i].port);
- if (ssl) $('#fingerprint').val(ports[i].certFingerprint);
- }
- }
- if ($('#port').val() > 0) {
- $('#nextbutton').show();
- $('#nextform').submit();
- }
- }
- }
-</script>
diff --git a/templates/sysconfig/ldap-checkcredentials.html b/templates/sysconfig/ldap-checkcredentials.html
deleted file mode 100644
index 77736c9c..00000000
--- a/templates/sysconfig/ldap-checkcredentials.html
+++ /dev/null
@@ -1,63 +0,0 @@
-<p>
- {{lang_connectionWait}}
-</p>
-
-<div id="zeug">
- <div data-tm-id="{{tm-search}}" data-tm-log="messages" data-tm-callback="ldapCb">LDAP Test-Query</div>
-</div>
-<i>{{lang_onProblemSearchBase}}</i>
-<br><br>
-<div class="pull-left">
- <form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step=LdapAuth_Start">
- <input type="hidden" name="token" value="{{token}}">
- <input type="hidden" name="edit" value="{{edit}}">
- <input name="title" value="{{title}}" type="hidden">
- <input name="server" value="{{server}}" type="hidden">
- <input name="searchbase" value="{{searchbase}}" type="hidden">
- <input name="binddn" value="{{binddn}}" type="hidden">
- <input name="bindpw" value="{{bindpw}}" type="hidden">
- <input name="home" value="{{home}}" type="hidden">
- {{#ssl}}
- <input name="ssl" value="on" type="hidden">
- {{/ssl}}
- <button type="submit" class="btn btn-primary">&laquo; {{lang_back}}</button>
- </form>
-</div>
-<div class="pull-right">
- <form role="form" method="post" action="?do=SysConfig&amp;action=addmodule&amp;step={{step}}">
- <input type="hidden" name="token" value="{{token}}">
- <input type="hidden" name="edit" value="{{edit}}">
- <input name="title" value="{{title}}" type="hidden">
- <input name="server" value="{{server}}" type="hidden">
- <input name="searchbase" value="{{searchbase}}" type="hidden">
- <input id="setbase" name="somedn" value="" type="hidden">
- <input id="setdn" name="binddn" value="{{binddn}}" type="hidden">
- <input name="bindpw" value="{{bindpw}}" type="hidden">
- <input name="home" value="{{home}}" type="hidden">
- {{#ssl}}
- <input name="ssl" value="on" type="hidden">
- {{/ssl}}
- <input name="fingerprint" value="{{fingerprint}}" type="hidden">
- <input name="originalbinddn" value="{{binddn}}" type="hidden">
- <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_skip}} &raquo;</button>
- </form>
-</div>
-<script type="text/javascript">
- function ldapCb(task)
- {
- if (!task || !task.statusCode)
- return;
- if (task.statusCode === 'TASK_FINISHED') {
- if (task.data && task.data.dn) {
- $('#setbase').val(task.data.dn);
- }
- $('#nextbutton').html('Weiter &raquo;').show();
- }
- if (task.statusCode === 'TASK_ERROR' || task.statusCode === 'PARENT_FAILED') {
- $('#nextbutton').html('Trotzdem weiter &raquo;');
- }
- if (task.statusCode === 'TASK_ERROR') {
- $('#nextbutton').show();
- }
- }
-</script>
diff --git a/templates/sysconfig/ldap-start.html b/templates/sysconfig/ldap-start.html
index 8fa7cb9f..66afa68d 100644
--- a/templates/sysconfig/ldap-start.html
+++ b/templates/sysconfig/ldap-start.html
@@ -48,16 +48,36 @@
</span>
</div>
<br>
- <div class="checkbox">
+ <div>
<label>
- <input type="checkbox" name="ssl" {{#ssl}}checked{{/ssl}}> {{lang_ssl}}
+ <input type="checkbox" name="ssl" onchange="$('#cert-box').css('display', this.checked ? '' : 'none')" {{#ssl}}checked{{/ssl}}> {{lang_ssl}}
</label>
</div>
- <div><i>{{lang_sslDescription}}</i></div>
+ <i>{{lang_sslDescription}}</i>
<br>
<div class="pull-right">
<button type="submit" class="btn btn-primary">{{lang_next}} &raquo;</button>
</div>
+ <div class="clearfix"></div>
+ <hr>
+ <div {{^ssl}}style="display:none"{{/ssl}} id="cert-box">
+ <div class="well well-sm" id="wcustom">
+ {{lang_customCertificate}}
+ <pre class="small">
+-----BEGIN CERTIFICATE-----
+MIIFfTCCA...
+.....
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+.....
+-----END CERTIFICATE-----</pre>
+ <textarea name="certificate" class="form-control small" cols="101" rows="10">{{certificate}}</textarea>
+ </div>
+ <div class="pull-right">
+ <button type="submit" class="btn btn-primary">{{lang_next}} &raquo;</button>
+ </div>
+ <div class="clearfix"></div>
+ </div>
</form>
<div class="modal fade" id="help-home" tabindex="-1" role="dialog">