diff options
| author | Simon Rettberg | 2015-05-04 17:29:28 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2015-05-04 17:29:28 +0200 |
| commit | 4fa951a30c9d6375f0f598827ce0b112659c5e24 (patch) | |
| tree | e5a7c040a66017af80b0d46ce0cfeafed80fd45c | |
| parent | [lang/de]: ssh-Konfig: Typo korr. (diff) | |
| download | slx-admin-4fa951a30c9d6375f0f598827ce0b112659c5e24.tar.gz slx-admin-4fa951a30c9d6375f0f598827ce0b112659c5e24.tar.xz slx-admin-4fa951a30c9d6375f0f598827ce0b112659c5e24.zip | |
Add SSL support to AD wizard
| -rw-r--r-- | modules/sysconfig/addmodule_adauth.inc.php | 79 | ||||
| -rw-r--r-- | templates/sysconfig/ad-checkconnection.html | 50 | ||||
| -rw-r--r-- | templates/sysconfig/ad-checkcredentials.html | 67 | ||||
| -rw-r--r-- | templates/sysconfig/ad-start.html | 7 |
4 files changed, 173 insertions, 30 deletions
diff --git a/modules/sysconfig/addmodule_adauth.inc.php b/modules/sysconfig/addmodule_adauth.inc.php index e39eac40..8d53601b 100644 --- a/modules/sysconfig/addmodule_adauth.inc.php +++ b/modules/sysconfig/addmodule_adauth.inc.php @@ -17,6 +17,7 @@ class AdAuth_Start extends AddModule_Base 'binddn' => $this->edit->getData('binddn'), 'bindpw' => $this->edit->getData('bindpw'), 'home' => $this->edit->getData('home'), + 'ssl' => $this->edit->getData('ssl'), 'edit' => $this->edit->id() ); } else { @@ -26,7 +27,8 @@ class AdAuth_Start extends AddModule_Base 'searchbase' => Request::post('searchbase'), 'binddn' => Request::post('binddn'), 'bindpw' => Request::post('bindpw'), - 'home' => Request::post('home') + 'home' => Request::post('home'), + 'ssl' => Request::post('ssl') ); } $data['step'] = 'AdAuth_CheckConnection'; @@ -38,27 +40,86 @@ class AdAuth_Start extends AddModule_Base class AdAuth_CheckConnection extends AddModule_Base { + private $scanTask; + + protected function preprocessInternal() + { + $server = Request::post('server'); + $binddn = Request::post('binddn'); + $ssl = Request::post('ssl', 'off') === 'on'; + if (empty($server) || empty($binddn)) { + Message::addError('empty-field'); + AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() + return; + } + if (preg_match('/^([^\:]+)\:(\d+)$/', $server, $out)) { + $ports = array($out[2]); + $server = $out[1]; + } elseif ($ssl) { + $ports = array(636, 3269); + } else { + $ports = array(389, 3268); + } + $this->scanTask = Taskmanager::submit('PortScan', array( + 'host' => $server, + 'ports' => $ports + )); + if (!isset($this->scanTask['id'])) { + AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() + return; + } + } + + protected function renderInternal() + { + $data = array( + 'title' => Request::post('title'), + 'server' => Request::post('server'), + 'searchbase' => Request::post('searchbase'), + 'binddn' => Request::post('binddn'), + 'bindpw' => Request::post('bindpw'), + 'home' => Request::post('home'), + 'ssl' => Request::post('ssl'), + 'taskid' => $this->scanTask['id'] + ); + $data['step'] = 'AdAuth_CheckCredentials'; + Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-checkconnection', $data); + } + +} + +class AdAuth_CheckCredentials extends AddModule_Base +{ + private $taskIds; private $originalBindDn; protected function preprocessInternal() { $server = Request::post('server'); + $port = Request::post('port'); $searchbase = Request::post('searchbase', ''); $binddn = Request::post('binddn'); $bindpw = Request::post('bindpw'); - if (empty($server) || empty($binddn)) { + $ssl = Request::post('ssl', 'off') === 'on'; + if (empty($server) || empty($binddn) || empty($port)) { Message::addError('empty-field'); AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() return; } $parent = null; $this->originalBindDn = ''; + $server .= ':' . $port; + if ($ssl) { + $uri = "ldaps://$server/"; + } else { + $uri = "ldap://$server/"; + } if (preg_match('#^\w+[/\\\\](\w+)$#', $binddn, $out)) { $user = $out[1]; $this->originalBindDn = str_replace('/', '\\', $binddn); $selfSearch = Taskmanager::submit('LdapSearch', array( - 'server' => $server, + 'server' => $uri, 'searchbase' => $searchbase, 'binddn' => $this->originalBindDn, 'bindpw' => $bindpw, @@ -72,7 +133,7 @@ class AdAuth_CheckConnection extends AddModule_Base } $ldapSearch = Taskmanager::submit('LdapSearch', array( 'parentTask' => $parent, - 'server' => $server, + 'server' => $uri, 'searchbase' => $searchbase, 'binddn' => $binddn, 'bindpw' => $bindpw @@ -90,14 +151,16 @@ class AdAuth_CheckConnection extends AddModule_Base protected function renderInternal() { - Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-checkconnection', array_merge($this->taskIds, array( + Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-checkcredentials', array_merge($this->taskIds, array( 'edit' => Request::post('edit'), 'title' => Request::post('title'), - 'server' => Request::post('server'), + 'server' => Request::post('server') . ':' . Request::post('port'), 'searchbase' => Request::post('searchbase'), 'binddn' => Request::post('binddn'), 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), + 'ssl' => Request::post('ssl'), + 'fingerprint' => Request::post('fingerprint'), 'originalbinddn' => $this->originalBindDn, 'step' => 'AdAuth_Finish' )) @@ -146,6 +209,10 @@ class AdAuth_Finish extends AddModule_Base $module->setData('binddn', $binddn); $module->setData('bindpw', Request::post('bindpw')); $module->setData('home', Request::post('home')); + $module->setData('ssl', Request::post('ssl', 'off') === 'on'); + if (Request::post('fingerprint')) { + $module->setData('fingerprint', Request::post('fingerprint')); + } if ($this->edit !== false) $ret = $module->update($title); else diff --git a/templates/sysconfig/ad-checkconnection.html b/templates/sysconfig/ad-checkconnection.html index 17064db0..1c3a1091 100644 --- a/templates/sysconfig/ad-checkconnection.html +++ b/templates/sysconfig/ad-checkconnection.html @@ -3,8 +3,7 @@ </p> <div id="zeug"> - <div data-tm-id="{{self-search}}" data-tm-log="messages" data-tm-callback="selfCb">LDAP Self-Query</div> - <div data-tm-id="{{tm-search}}" data-tm-log="messages" data-tm-callback="ldapCb">LDAP Test-Query</div> + <div data-tm-id="{{taskid}}" data-tm-log="messages" data-tm-callback="portScan">Port Check</div> </div> <br> <div class="pull-left"> @@ -16,46 +15,49 @@ <input name="binddn" value="{{binddn}}" type="hidden"> <input name="bindpw" value="{{bindpw}}" type="hidden"> <input name="home" value="{{home}}" type="hidden"> + {{#ssl}} + <input id="ssl" name="ssl" value="on" type="hidden"> + {{/ssl}} <button type="submit" class="btn btn-primary">« {{lang_back}}</button> </form> </div> <div class="pull-right"> - <form role="form" method="post" action="?do=SysConfig&action=addmodule&step={{step}}"> + <form id="nextform" role="form" method="post" action="?do=SysConfig&action=addmodule&step={{step}}"> <input type="hidden" name="token" value="{{token}}"> <input type="hidden" name="edit" value="{{edit}}"> <input name="title" value="{{title}}" type="hidden"> <input name="server" value="{{server}}" type="hidden"> + <input id="port" name="port" value="" type="hidden"> <input name="searchbase" value="{{searchbase}}" type="hidden"> - <input id="setdn" name="binddn" value="{{binddn}}" type="hidden"> + <input name="binddn" value="{{binddn}}" type="hidden"> <input name="bindpw" value="{{bindpw}}" type="hidden"> <input name="home" value="{{home}}" type="hidden"> + {{#ssl}} + <input name="ssl" value="on" type="hidden"> + <input id="fingerprint" name="fingerprint" value="" type="hidden"> + {{/ssl}} <input name="originalbinddn" value="{{binddn}}" type="hidden"> - <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_skip}} »</button> + <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_next}} »</button> </form> </div> +<div id="bla"></div> <script type="text/javascript"> - function ldapCb(task) - { - if (!task || !task.statusCode) - return; - if (task.statusCode === 'TASK_FINISHED') { - $('#nextbutton').html('Weiter »').show(); - } - if (task.statusCode === 'TASK_ERROR' || task.statusCode === 'PARENT_FAILED') { - $('#nextbutton').html('Trotzdem weiter »'); - } - if (task.statusCode === 'TASK_ERROR') { - $('#nextbutton').show(); - } - } - function selfCb(task) + function portScan(task) { if (!task || !task.statusCode) return; - if (task.statusCode === 'TASK_FINISHED' && task.data && task.data.dn) { - $('#setdn').val(task.data.dn); - } else { - $('#nextbutton').html('Trotzdem weiter »'); + if (task.statusCode === 'TASK_FINISHED' && task.data && task.data.ports) { + var ssl = $('#ssl').length > 0; + var ports = task.data.ports; + for (var i = 0; i < ports.length; ++i) { + if (ports[i].open && ports[i].port && (!ssl || ports[i].certFingerprint.length > 10)) { + $('#port').val(ports[i].port); + if (ssl) $('#fingerprint').val(ports[i].certFingerprint); + $('#nextbutton').show(); + $('#nextform').submit(); + return; + } + } } } </script> diff --git a/templates/sysconfig/ad-checkcredentials.html b/templates/sysconfig/ad-checkcredentials.html new file mode 100644 index 00000000..e8b472c1 --- /dev/null +++ b/templates/sysconfig/ad-checkcredentials.html @@ -0,0 +1,67 @@ +<p> + {{lang_connectionWait}} +</p> + +<div id="zeug"> + <div data-tm-id="{{self-search}}" data-tm-log="messages" data-tm-callback="selfCb">LDAP Self-Query</div> + <div data-tm-id="{{tm-search}}" data-tm-log="messages" data-tm-callback="ldapCb">LDAP Test-Query</div> +</div> +<br> +<div class="pull-left"> + <form role="form" method="post" action="?do=SysConfig&action=addmodule&step=AdAuth_Start"> + <input type="hidden" name="token" value="{{token}}"> + <input name="title" value="{{title}}" type="hidden"> + <input name="server" value="{{server}}" type="hidden"> + <input name="searchbase" value="{{searchbase}}" type="hidden"> + <input name="binddn" value="{{binddn}}" type="hidden"> + <input name="bindpw" value="{{bindpw}}" type="hidden"> + <input name="home" value="{{home}}" type="hidden"> + {{#ssl}} + <input name="ssl" value="on" type="hidden"> + {{/ssl}} + <button type="submit" class="btn btn-primary">« {{lang_back}}</button> + </form> +</div> +<div class="pull-right"> + <form role="form" method="post" action="?do=SysConfig&action=addmodule&step={{step}}"> + <input type="hidden" name="token" value="{{token}}"> + <input type="hidden" name="edit" value="{{edit}}"> + <input name="title" value="{{title}}" type="hidden"> + <input name="server" value="{{server}}" type="hidden"> + <input name="searchbase" value="{{searchbase}}" type="hidden"> + <input id="setdn" name="binddn" value="{{binddn}}" type="hidden"> + <input name="bindpw" value="{{bindpw}}" type="hidden"> + <input name="home" value="{{home}}" type="hidden"> + {{#ssl}} + <input name="ssl" value="on" type="hidden"> + {{/ssl}} + <input name="originalbinddn" value="{{binddn}}" type="hidden"> + <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_skip}} »</button> + </form> +</div> +<script type="text/javascript"> + function ldapCb(task) + { + if (!task || !task.statusCode) + return; + if (task.statusCode === 'TASK_FINISHED') { + $('#nextbutton').html('Weiter »').show(); + } + if (task.statusCode === 'TASK_ERROR' || task.statusCode === 'PARENT_FAILED') { + $('#nextbutton').html('Trotzdem weiter »'); + } + if (task.statusCode === 'TASK_ERROR') { + $('#nextbutton').show(); + } + } + function selfCb(task) + { + if (!task || !task.statusCode) + return; + if (task.statusCode === 'TASK_FINISHED' && task.data && task.data.dn) { + $('#setdn').val(task.data.dn); + } else { + $('#nextbutton').html('Trotzdem weiter »'); + } + } +</script> diff --git a/templates/sysconfig/ad-start.html b/templates/sysconfig/ad-start.html index 587f15af..8ce92c25 100644 --- a/templates/sysconfig/ad-start.html +++ b/templates/sysconfig/ad-start.html @@ -54,6 +54,13 @@ </span> </div> <br> + <div class="checkbox"> + <label> + <input type="checkbox" name="ssl" {{#ssl}}checked{{/ssl}}> {{lang_ssl}} + </label> + </div> + <div><i>{{lang_sslDescription}}</i></div> + <br> <div class="pull-right"> <button type="submit" class="btn btn-primary">{{lang_next}} »</button> </div> |