diff options
| author | Simon Rettberg | 2015-10-20 17:15:49 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2015-10-20 17:15:49 +0200 |
| commit | 2c6bbc84799bcca7beb88abc4781ab0bc8ec5328 (patch) | |
| tree | 21ca2565c6dd63b7405201964652d396e4d87d7c | |
| parent | [serversetup] Fix ipxe html layout (diff) | |
| download | slx-admin-2c6bbc84799bcca7beb88abc4781ab0bc8ec5328.tar.gz slx-admin-2c6bbc84799bcca7beb88abc4781ab0bc8ec5328.tar.xz slx-admin-2c6bbc84799bcca7beb88abc4781ab0bc8ec5328.zip | |
Support creating ad and ldap modules with ca-based cert checking
18 files changed, 169 insertions, 212 deletions
diff --git a/inc/configmodule/adauth.inc.php b/inc/configmodule/adauth.inc.php index f1da4d76..360194f1 100644 --- a/inc/configmodule/adauth.inc.php +++ b/inc/configmodule/adauth.inc.php @@ -14,7 +14,7 @@ class ConfigModule_AdAuth extends ConfigModule const VERSION = 1; private static $REQUIRED_FIELDS = array('server', 'searchbase', 'binddn'); - private static $OPTIONAL_FIELDS = array('bindpw', 'home', 'ssl', 'fingerprint'); + private static $OPTIONAL_FIELDS = array('bindpw', 'home', 'ssl', 'fingerprint', 'certificate'); protected function generateInternal($tgz, $parent) { diff --git a/inc/configmodule/ldapauth.inc.php b/inc/configmodule/ldapauth.inc.php index 9a5f2fb8..da9cd6fc 100644 --- a/inc/configmodule/ldapauth.inc.php +++ b/inc/configmodule/ldapauth.inc.php @@ -14,7 +14,7 @@ class ConfigModule_LdapAuth extends ConfigModule const VERSION = 1; private static $REQUIRED_FIELDS = array('server', 'searchbase'); - private static $OPTIONAL_FIELDS = array('binddn', 'bindpw', 'home', 'ssl', 'fingerprint'); + private static $OPTIONAL_FIELDS = array('binddn', 'bindpw', 'home', 'ssl', 'fingerprint', 'certificate'); protected function generateInternal($tgz, $parent) { diff --git a/lang/de/templates/sysconfig/ad-checkconnection.json b/lang/de/templates/sysconfig/ad_ldap-checkconnection.json index cff56cce..cff56cce 100644 --- a/lang/de/templates/sysconfig/ad-checkconnection.json +++ b/lang/de/templates/sysconfig/ad_ldap-checkconnection.json diff --git a/lang/de/templates/sysconfig/ad-checkcredentials.json b/lang/de/templates/sysconfig/ad_ldap-checkcredentials.json index f0ab6e15..f0ab6e15 100644 --- a/lang/de/templates/sysconfig/ad-checkcredentials.json +++ b/lang/de/templates/sysconfig/ad_ldap-checkcredentials.json diff --git a/lang/en/templates/sysconfig/ad-checkconnection.json b/lang/en/templates/sysconfig/ad_ldap-checkconnection.json index c986668d..c986668d 100644 --- a/lang/en/templates/sysconfig/ad-checkconnection.json +++ b/lang/en/templates/sysconfig/ad_ldap-checkconnection.json diff --git a/lang/en/templates/sysconfig/ad-checkcredentials.json b/lang/en/templates/sysconfig/ad_ldap-checkcredentials.json index 2b83a231..2b83a231 100644 --- a/lang/en/templates/sysconfig/ad-checkcredentials.json +++ b/lang/en/templates/sysconfig/ad_ldap-checkcredentials.json diff --git a/lang/pt/templates/sysconfig/ad-checkconnection.json b/lang/pt/templates/sysconfig/ad_ldap-checkconnection.json index c44dc44f..c44dc44f 100644 --- a/lang/pt/templates/sysconfig/ad-checkconnection.json +++ b/lang/pt/templates/sysconfig/ad_ldap-checkconnection.json diff --git a/lang/pt/templates/sysconfig/ad-checkcredentials.json b/lang/pt/templates/sysconfig/ad_ldap-checkcredentials.json index cf1fbfba..cf1fbfba 100644 --- a/lang/pt/templates/sysconfig/ad-checkcredentials.json +++ b/lang/pt/templates/sysconfig/ad_ldap-checkcredentials.json diff --git a/modules/sysconfig/addmodule.inc.php b/modules/sysconfig/addmodule.inc.php index bbb827e5..0fed67a9 100644 --- a/modules/sysconfig/addmodule.inc.php +++ b/modules/sysconfig/addmodule.inc.php @@ -135,3 +135,46 @@ class AddModule_Start extends AddModule_Base } } + +/* + * Helper functions to set/get a batch of vars from/to post variables or a module + */ + +/** + * + * @param \ConfigModule $module + * @param array $array + * @param array $keys + */ +function moduleToArray($module, &$array, $keys) +{ + foreach ($keys as $key) { + $array[$key] = $module->getData($key); + } +} + +/** + * + * @param \ConfigModule $module + * @param array $array + * @param array $keys + */ +function arrayToModule($module, $array, $keys) +{ + foreach ($keys as $key) { + $module->setData($key, $array[$key]); + } +} +/** + * + * @param array $array + * @param array $keys + */ +function postToArray(&$array, $keys, $ignoreMissing = false) +{ + foreach ($keys as $key) { + $val = Request::post($key, '--not-in-post'); + if ($ignoreMissing && $val === '--not-in-post') continue; + $array[$key] = $val; + } +} diff --git a/modules/sysconfig/addmodule_adauth.inc.php b/modules/sysconfig/addmodule_adauth.inc.php index 251ee5d6..89d822c9 100644 --- a/modules/sysconfig/addmodule_adauth.inc.php +++ b/modules/sysconfig/addmodule_adauth.inc.php @@ -9,28 +9,14 @@ class AdAuth_Start extends AddModule_Base protected function renderInternal() { + $ADAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'ssl', 'certificate'); + $data = array(); if ($this->edit !== false) { - $data = array( - 'title' => $this->edit->title(), - 'server' => $this->edit->getData('server'), - 'searchbase' => $this->edit->getData('searchbase'), - 'binddn' => $this->edit->getData('binddn'), - 'bindpw' => $this->edit->getData('bindpw'), - 'home' => $this->edit->getData('home'), - 'ssl' => $this->edit->getData('ssl'), - 'edit' => $this->edit->id() - ); - } else { - $data = array( - 'title' => Request::post('title'), - 'server' => Request::post('server'), - 'searchbase' => Request::post('searchbase'), - 'binddn' => Request::post('binddn'), - 'bindpw' => Request::post('bindpw'), - 'home' => Request::post('home'), - 'ssl' => Request::post('ssl') - ); + moduleToArray($this->edit, $data, $ADAUTH_COMMON_FIELDS); + $data['title'] = $this->edit->title(); + $data['edit'] = $this->edit->id(); } + postToArray($data, $ADAUTH_COMMON_FIELDS, true); if (preg_match('/^(.*)\:(636|3269|389|3268)$/', $data['server'], $out)) { $data['server'] = $out[1]; } @@ -66,7 +52,8 @@ class AdAuth_CheckConnection extends AddModule_Base } $this->scanTask = Taskmanager::submit('PortScan', array( 'host' => $this->server, - 'ports' => $ports + 'ports' => $ports, + 'certificate' => Request::post('certificate', '') )); if (!isset($this->scanTask['id'])) { AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() @@ -85,10 +72,12 @@ class AdAuth_CheckConnection extends AddModule_Base 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), 'ssl' => Request::post('ssl'), + 'certificate' => Request::post('certificate', ''), 'taskid' => $this->scanTask['id'] ); - $data['step'] = 'AdAuth_CheckCredentials'; - Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-checkconnection', $data); + $data['prev'] = 'AdAuth_Start'; + $data['next'] = 'AdAuth_CheckCredentials'; + Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad_ldap-checkconnection', $data); } } @@ -161,7 +150,7 @@ class AdAuth_CheckCredentials extends AddModule_Base protected function renderInternal() { - Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad-checkcredentials', array_merge($this->taskIds, array( + Render::addDialog(Dictionary::translate('config-module', 'adAuth_title'), false, 'sysconfig/ad_ldap-checkcredentials', array_merge($this->taskIds, array( 'edit' => Request::post('edit'), 'title' => Request::post('title'), 'server' => Request::post('server') . ':' . Request::post('port'), @@ -171,8 +160,10 @@ class AdAuth_CheckCredentials extends AddModule_Base 'home' => Request::post('home'), 'ssl' => Request::post('ssl') === 'on', 'fingerprint' => Request::post('fingerprint'), + 'certificate' => Request::post('certificate', ''), 'originalbinddn' => $this->originalBindDn, - 'step' => 'AdAuth_Finish' + 'prev' => 'AdAuth_Start', + 'next' => 'AdAuth_Finish' )) ); } @@ -228,6 +219,7 @@ class AdAuth_Finish extends AddModule_Base $module->setData('binddn', $binddn); $module->setData('bindpw', Request::post('bindpw')); $module->setData('home', Request::post('home')); + $module->setData('certificate', Request::post('certificate')); $module->setData('ssl', $ssl); if ($ssl) { $module->setData('fingerprint', Request::post('fingerprint', '')); diff --git a/modules/sysconfig/addmodule_ldapauth.inc.php b/modules/sysconfig/addmodule_ldapauth.inc.php index 44dbcca1..6cefbe58 100644 --- a/modules/sysconfig/addmodule_ldapauth.inc.php +++ b/modules/sysconfig/addmodule_ldapauth.inc.php @@ -9,28 +9,14 @@ class LdapAuth_Start extends AddModule_Base protected function renderInternal() { + $LDAPAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'ssl', 'certificate'); + $data = array(); if ($this->edit !== false) { - $data = array( - 'title' => $this->edit->title(), - 'server' => $this->edit->getData('server'), - 'searchbase' => $this->edit->getData('searchbase'), - 'binddn' => $this->edit->getData('binddn'), - 'bindpw' => $this->edit->getData('bindpw'), - 'home' => $this->edit->getData('home'), - 'ssl' => $this->edit->getData('ssl'), - 'edit' => $this->edit->id() - ); - } else { - $data = array( - 'title' => Request::post('title'), - 'server' => Request::post('server'), - 'searchbase' => Request::post('searchbase'), - 'binddn' => Request::post('binddn'), - 'bindpw' => Request::post('bindpw'), - 'home' => Request::post('home'), - 'ssl' => Request::post('ssl') - ); + moduleToArray($this->edit, $data, $LDAPAUTH_COMMON_FIELDS); + $data['title'] = $this->edit->title(); + $data['edit'] = $this->edit->id(); } + postToArray($data, $LDAPAUTH_COMMON_FIELDS, true); if (preg_match('/^(.*)\:(636|389)$/', $data['server'], $out)) { $data['server'] = $out[1]; } @@ -66,7 +52,8 @@ class LdapAuth_CheckConnection extends AddModule_Base } $this->scanTask = Taskmanager::submit('PortScan', array( 'host' => $this->server, - 'ports' => $ports + 'ports' => $ports, + 'certificate' => Request::post('certificate', '') )); if (!isset($this->scanTask['id'])) { AddModule_Base::setStep('LdapAuth_Start'); // Continues with LdapAuth_Start for render() @@ -85,10 +72,12 @@ class LdapAuth_CheckConnection extends AddModule_Base 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), 'ssl' => Request::post('ssl'), + 'certificate' => Request::post('certificate', ''), 'taskid' => $this->scanTask['id'] ); - $data['step'] = 'LdapAuth_CheckCredentials'; - Render::addDialog(Dictionary::translate('config-module', 'ldapAuth_title'), false, 'sysconfig/ldap-checkconnection', $data); + $data['prev'] = 'LdapAuth_Start'; + $data['next'] = 'LdapAuth_CheckCredentials'; + Render::addDialog(Dictionary::translate('config-module', 'ldapAuth_title'), false, 'sysconfig/ad_ldap-checkconnection', $data); } } @@ -144,7 +133,7 @@ class LdapAuth_CheckCredentials extends AddModule_Base protected function renderInternal() { - Render::addDialog(Dictionary::translate('config-module', 'ldapAuth_title'), false, 'sysconfig/ldap-checkcredentials', array_merge($this->taskIds, array( + Render::addDialog(Dictionary::translate('config-module', 'ldapAuth_title'), false, 'sysconfig/ad_ldap-checkcredentials', array_merge($this->taskIds, array( 'edit' => Request::post('edit'), 'title' => Request::post('title'), 'server' => Request::post('server') . ':' . Request::post('port'), @@ -154,7 +143,9 @@ class LdapAuth_CheckCredentials extends AddModule_Base 'home' => Request::post('home'), 'ssl' => Request::post('ssl') === 'on', 'fingerprint' => Request::post('fingerprint'), - 'step' => 'LdapAuth_Finish' + 'certificate' => Request::post('certificate', ''), + 'prev' => 'LdapAuth_Start', + 'next' => 'LdapAuth_Finish' )) ); } @@ -190,6 +181,7 @@ class LdapAuth_Finish extends AddModule_Base $module->setData('binddn', $binddn); $module->setData('bindpw', Request::post('bindpw')); $module->setData('home', Request::post('home')); + $module->setData('certificate', Request::post('certificate')); $module->setData('ssl', $ssl); if ($ssl) { $module->setData('fingerprint', Request::post('fingerprint', '')); diff --git a/style/default.css b/style/default.css index 9e430b73..9c0c367a 100644 --- a/style/default.css +++ b/style/default.css @@ -1,3 +1,7 @@ +html { + overflow-y: scroll; +} + body { padding-top: 70px; padding-bottom: 10px; diff --git a/templates/sysconfig/ad-start.html b/templates/sysconfig/ad-start.html index 8ce92c25..58f4a381 100644 --- a/templates/sysconfig/ad-start.html +++ b/templates/sysconfig/ad-start.html @@ -10,6 +10,8 @@ {{lang_adText4}} </p> +<i>{{lang_asteriskMandatory}}</i> + <form role="form" method="post" action="?do=SysConfig&action=addmodule&step={{step}}"> <input type="hidden" name="token" value="{{token}}"> <input type="hidden" name="edit" value="{{edit}}"> @@ -20,30 +22,18 @@ <div class="input-group"> <span class="input-group-addon slx-ga">Server *</span> <input tabindex="2" name="server" value="{{server}}" type="text" class="form-control" placeholder="dc0.institution.example.com"> - <!--span class="input-group-btn"> - <a class="btn btn-default"><span class="glyphicon glyphicon-question-sign"></span></a> - </span--> </div> <div class="input-group"> <span class="input-group-addon slx-ga">{{lang_bindDN}} *</span> <input tabindex="3" name="binddn" value="{{binddn}}" type="text" class="form-control" placeholder="domain\bwlp *ODER* CN=bwlp,OU=Benutzer,DC=domain,DC=hs-beispiel,DC=de"> - <!--span class="input-group-btn"> - <a class="btn btn-default"><span class="glyphicon glyphicon-question-sign"></span></a> - </span--> </div> <div class="input-group"> <span class="input-group-addon slx-ga">{{lang_password}} *</span> <input tabindex="4" name="bindpw" value="{{bindpw}}" type="{{password_type}}" class="form-control" placeholder="{{lang_password}}"> - <!--span class="input-group-btn"> - <a class="btn btn-default"><span class="glyphicon glyphicon-question-sign"></span></a> - </span--> </div> <div class="input-group"> <span class="input-group-addon slx-ga">{{lang_searchBase}}</span> <input tabindex="5" name="searchbase" value="{{searchbase}}" type="text" class="form-control" placeholder="dc=windows,dc=hs-beispiel,dc=de"> - <!--span class="input-group-btn"> - <a class="btn btn-default"><span class="glyphicon glyphicon-question-sign"></span></a> - </span--> </div> <br> <div class="input-group"> @@ -54,16 +44,36 @@ </span> </div> <br> - <div class="checkbox"> + <div> <label> - <input type="checkbox" name="ssl" {{#ssl}}checked{{/ssl}}> {{lang_ssl}} + <input type="checkbox" name="ssl" onchange="$('#cert-box').css('display', this.checked ? '' : 'none')" {{#ssl}}checked{{/ssl}}> {{lang_ssl}} </label> </div> - <div><i>{{lang_sslDescription}}</i></div> + <i>{{lang_sslDescription}}</i> <br> <div class="pull-right"> <button type="submit" class="btn btn-primary">{{lang_next}} »</button> </div> + <div class="clearfix"></div> + <hr> + <div {{^ssl}}style="display:none"{{/ssl}} id="cert-box"> + <div class="well well-sm" id="wcustom"> + {{lang_customCertificate}} + <pre class="small"> +-----BEGIN CERTIFICATE----- +MIIFfTCCA... +..... +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +..... +-----END CERTIFICATE-----</pre> + <textarea name="certificate" class="form-control small" cols="101" rows="10">{{certificate}}</textarea> + </div> + <div class="pull-right"> + <button type="submit" class="btn btn-primary">{{lang_next}} »</button> + </div> + <div class="clearfix"></div> + </div> </form> <div class="modal fade" id="help-home" tabindex="-1" role="dialog"> diff --git a/templates/sysconfig/ad-checkconnection.html b/templates/sysconfig/ad_ldap-checkconnection.html index 0c7cd77f..58196958 100644 --- a/templates/sysconfig/ad-checkconnection.html +++ b/templates/sysconfig/ad_ldap-checkconnection.html @@ -5,9 +5,12 @@ <div id="zeug"> <div data-tm-id="{{taskid}}" data-tm-log="messages" data-tm-callback="portScan">Port Check</div> </div> +<div id="self-signed" style="display:none" class="alert alert-info">{{lang_selfSignedNote}}</div> +<div id="no-valid-cert" style="display:none" class="alert alert-danger">{{lang_noValidCert}}</div> +<div id="no-open-port" style="display:none" class="alert alert-danger">{{lang_noOpenPort}}</div> <br> <div class="pull-left"> - <form role="form" method="post" action="?do=SysConfig&action=addmodule&step=AdAuth_Start"> + <form role="form" method="post" action="?do=SysConfig&action=addmodule&step={{prev}}"> <input type="hidden" name="token" value="{{token}}"> <input type="hidden" name="edit" value="{{edit}}"> <input name="title" value="{{title}}" type="hidden"> @@ -17,13 +20,14 @@ <input name="bindpw" value="{{bindpw}}" type="hidden"> <input name="home" value="{{home}}" type="hidden"> {{#ssl}} - <input id="ssl" name="ssl" value="on" type="hidden"> + <input name="ssl" value="on" type="hidden"> + <input type="hidden" name="certificate" value="{{certificate}}"> {{/ssl}} <button type="submit" class="btn btn-primary">« {{lang_back}}</button> </form> </div> <div class="pull-right"> - <form id="nextform" role="form" method="post" action="?do=SysConfig&action=addmodule&step={{step}}"> + <form id="nextform" role="form" method="post" action="?do=SysConfig&action=addmodule&step={{next}}"> <input type="hidden" name="token" value="{{token}}"> <input type="hidden" name="edit" value="{{edit}}"> <input name="title" value="{{title}}" type="hidden"> @@ -34,8 +38,9 @@ <input name="bindpw" value="{{bindpw}}" type="hidden"> <input name="home" value="{{home}}" type="hidden"> {{#ssl}} - <input name="ssl" value="on" type="hidden"> + <input id="ssl" name="ssl" value="on" type="hidden"> <input id="fingerprint" name="fingerprint" value="" type="hidden"> + <input id="certificate" type="hidden" name="certificate" value="{{certificate}}"> {{/ssl}} <input name="originalbinddn" value="{{binddn}}" type="hidden"> <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_next}} »</button> @@ -43,6 +48,10 @@ </div> <div id="bla"></div> <script type="text/javascript"> + function isSelfSigned(code) + { + return code == 18 || code == 19 || code == 20 || code == 21; + } function portScan(task) { if (!task || !task.statusCode) @@ -50,16 +59,30 @@ if (task.statusCode === 'TASK_FINISHED' && task.data && task.data.ports) { var ssl = $('#ssl').length > 0; var ports = task.data.ports; + var verRes = -1; + var cert = $('#certificate').val().length > 10; for (var i = 0; i < ports.length; ++i) { - if (ports[i].open && ports[i].port && (!ssl || ports[i].certFingerprint.length > 10)) { - if ($.isNumeric($('#port').val()) && $('#port').val() < ports[i].port) continue; // Prefer the global LDAP ports over the specific AD ports - $('#port').val(ports[i].port); - if (ssl) $('#fingerprint').val(ports[i].certFingerprint); + if (!ports[i].open || !ports[i].port) continue; + if ($.isNumeric($('#port').val()) && $('#port').val() < ports[i].port) continue; // Prefer the global LDAP ports over the specific AD ports + if (ssl) { + if (verRes === -1) verRes = ports[i].verifyResult; + if (ports[i].certFingerprint.length < 10 || ports[i].certificateChain.length < 10) continue; + if (ports[i].verifyResult != 0 && (cert || !isSelfSigned(ports[i].verifyResult))) continue; + verRes = ports[i].verifyResult; + $('#fingerprint').val(ports[i].certFingerprint); + if (!cert && verRes != 0) $('#certificate').val(ports[i].certificateChain); + else if (!cert && verRes == 0) $('#certificate').val('default'); } + $('#port').val(ports[i].port); } - if ($('#port').val() > 0) { + if (ssl && verRes != 0 && (cert || !isSelfSigned(verRes))) { + $('#no-valid-cert').css('display', ''); + } else if ($('#port').val() > 0) { $('#nextbutton').show(); - $('#nextform').submit(); + if (ssl && isSelfSigned(verRes)) $('#self-signed').css('display', ''); + else $('#nextform').submit(); + } else { + $('#no-open-port').css('display', ''); } } } diff --git a/templates/sysconfig/ad-checkcredentials.html b/templates/sysconfig/ad_ldap-checkcredentials.html index dbd09d58..5a9d6b38 100644 --- a/templates/sysconfig/ad-checkcredentials.html +++ b/templates/sysconfig/ad_ldap-checkcredentials.html @@ -3,13 +3,13 @@ </p> <div id="zeug"> - <div data-tm-id="{{self-search}}" data-tm-log="messages" data-tm-callback="selfCb">LDAP Self-Query</div> + {{#self-search}}<div data-tm-id="{{self-search}}" data-tm-log="messages" data-tm-callback="selfCb">LDAP Self-Query</div>{{/self-search}} <div data-tm-id="{{tm-search}}" data-tm-log="messages" data-tm-callback="ldapCb">LDAP Test-Query</div> </div> <i>{{lang_onProblemSearchBase}}</i> <br><br> <div class="pull-left"> - <form role="form" method="post" action="?do=SysConfig&action=addmodule&step=AdAuth_Start"> + <form role="form" method="post" action="?do=SysConfig&action=addmodule&step={{prev}}"> <input type="hidden" name="token" value="{{token}}"> <input type="hidden" name="edit" value="{{edit}}"> <input name="title" value="{{title}}" type="hidden"> @@ -20,12 +20,13 @@ <input name="home" value="{{home}}" type="hidden"> {{#ssl}} <input name="ssl" value="on" type="hidden"> + <input type="hidden" name="certificate" value="{{certificate}}"> {{/ssl}} <button type="submit" class="btn btn-primary">« {{lang_back}}</button> </form> </div> <div class="pull-right"> - <form role="form" method="post" action="?do=SysConfig&action=addmodule&step={{step}}"> + <form role="form" method="post" action="?do=SysConfig&action=addmodule&step={{next}}"> <input type="hidden" name="token" value="{{token}}"> <input type="hidden" name="edit" value="{{edit}}"> <input name="title" value="{{title}}" type="hidden"> @@ -37,6 +38,7 @@ <input name="home" value="{{home}}" type="hidden"> {{#ssl}} <input name="ssl" value="on" type="hidden"> + <input type="hidden" name="certificate" value="{{certificate}}"> {{/ssl}} <input name="fingerprint" value="{{fingerprint}}" type="hidden"> <input name="originalbinddn" value="{{binddn}}" type="hidden"> diff --git a/templates/sysconfig/ldap-checkconnection.html b/templates/sysconfig/ldap-checkconnection.html deleted file mode 100644 index b661a263..00000000 --- a/templates/sysconfig/ldap-checkconnection.html +++ /dev/null @@ -1,66 +0,0 @@ -<p> - {{lang_connectionWait}} -</p> - -<div id="zeug"> - <div data-tm-id="{{taskid}}" data-tm-log="messages" data-tm-callback="portScan">Port Check</div> -</div> -<br> -<div class="pull-left"> - <form role="form" method="post" action="?do=SysConfig&action=addmodule&step=LdapAuth_Start"> - <input type="hidden" name="token" value="{{token}}"> - <input type="hidden" name="edit" value="{{edit}}"> - <input name="title" value="{{title}}" type="hidden"> - <input name="server" value="{{server}}" type="hidden"> - <input name="searchbase" value="{{searchbase}}" type="hidden"> - <input name="binddn" value="{{binddn}}" type="hidden"> - <input name="bindpw" value="{{bindpw}}" type="hidden"> - <input name="home" value="{{home}}" type="hidden"> - {{#ssl}} - <input id="ssl" name="ssl" value="on" type="hidden"> - {{/ssl}} - <button type="submit" class="btn btn-primary">« {{lang_back}}</button> - </form> -</div> -<div class="pull-right"> - <form id="nextform" role="form" method="post" action="?do=SysConfig&action=addmodule&step={{step}}"> - <input type="hidden" name="token" value="{{token}}"> - <input type="hidden" name="edit" value="{{edit}}"> - <input name="title" value="{{title}}" type="hidden"> - <input name="server" value="{{server}}" type="hidden"> - <input id="port" name="port" value="" type="hidden"> - <input name="searchbase" value="{{searchbase}}" type="hidden"> - <input name="binddn" value="{{binddn}}" type="hidden"> - <input name="bindpw" value="{{bindpw}}" type="hidden"> - <input name="home" value="{{home}}" type="hidden"> - {{#ssl}} - <input name="ssl" value="on" type="hidden"> - <input id="fingerprint" name="fingerprint" value="" type="hidden"> - {{/ssl}} - <input name="originalbinddn" value="{{binddn}}" type="hidden"> - <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_next}} »</button> - </form> -</div> -<div id="bla"></div> -<script type="text/javascript"> - function portScan(task) - { - if (!task || !task.statusCode) - return; - if (task.statusCode === 'TASK_FINISHED' && task.data && task.data.ports) { - var ssl = $('#ssl').length > 0; - var ports = task.data.ports; - for (var i = 0; i < ports.length; ++i) { - if (ports[i].open && ports[i].port && (!ssl || ports[i].certFingerprint.length > 10)) { - if ($.isNumeric($('#port').val()) && $('#port').val() < ports[i].port) continue; // Prefer the global LDAP ports - $('#port').val(ports[i].port); - if (ssl) $('#fingerprint').val(ports[i].certFingerprint); - } - } - if ($('#port').val() > 0) { - $('#nextbutton').show(); - $('#nextform').submit(); - } - } - } -</script> diff --git a/templates/sysconfig/ldap-checkcredentials.html b/templates/sysconfig/ldap-checkcredentials.html deleted file mode 100644 index 77736c9c..00000000 --- a/templates/sysconfig/ldap-checkcredentials.html +++ /dev/null @@ -1,63 +0,0 @@ -<p> - {{lang_connectionWait}} -</p> - -<div id="zeug"> - <div data-tm-id="{{tm-search}}" data-tm-log="messages" data-tm-callback="ldapCb">LDAP Test-Query</div> -</div> -<i>{{lang_onProblemSearchBase}}</i> -<br><br> -<div class="pull-left"> - <form role="form" method="post" action="?do=SysConfig&action=addmodule&step=LdapAuth_Start"> - <input type="hidden" name="token" value="{{token}}"> - <input type="hidden" name="edit" value="{{edit}}"> - <input name="title" value="{{title}}" type="hidden"> - <input name="server" value="{{server}}" type="hidden"> - <input name="searchbase" value="{{searchbase}}" type="hidden"> - <input name="binddn" value="{{binddn}}" type="hidden"> - <input name="bindpw" value="{{bindpw}}" type="hidden"> - <input name="home" value="{{home}}" type="hidden"> - {{#ssl}} - <input name="ssl" value="on" type="hidden"> - {{/ssl}} - <button type="submit" class="btn btn-primary">« {{lang_back}}</button> - </form> -</div> -<div class="pull-right"> - <form role="form" method="post" action="?do=SysConfig&action=addmodule&step={{step}}"> - <input type="hidden" name="token" value="{{token}}"> - <input type="hidden" name="edit" value="{{edit}}"> - <input name="title" value="{{title}}" type="hidden"> - <input name="server" value="{{server}}" type="hidden"> - <input name="searchbase" value="{{searchbase}}" type="hidden"> - <input id="setbase" name="somedn" value="" type="hidden"> - <input id="setdn" name="binddn" value="{{binddn}}" type="hidden"> - <input name="bindpw" value="{{bindpw}}" type="hidden"> - <input name="home" value="{{home}}" type="hidden"> - {{#ssl}} - <input name="ssl" value="on" type="hidden"> - {{/ssl}} - <input name="fingerprint" value="{{fingerprint}}" type="hidden"> - <input name="originalbinddn" value="{{binddn}}" type="hidden"> - <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_skip}} »</button> - </form> -</div> -<script type="text/javascript"> - function ldapCb(task) - { - if (!task || !task.statusCode) - return; - if (task.statusCode === 'TASK_FINISHED') { - if (task.data && task.data.dn) { - $('#setbase').val(task.data.dn); - } - $('#nextbutton').html('Weiter »').show(); - } - if (task.statusCode === 'TASK_ERROR' || task.statusCode === 'PARENT_FAILED') { - $('#nextbutton').html('Trotzdem weiter »'); - } - if (task.statusCode === 'TASK_ERROR') { - $('#nextbutton').show(); - } - } -</script> diff --git a/templates/sysconfig/ldap-start.html b/templates/sysconfig/ldap-start.html index 8fa7cb9f..66afa68d 100644 --- a/templates/sysconfig/ldap-start.html +++ b/templates/sysconfig/ldap-start.html @@ -48,16 +48,36 @@ </span> </div> <br> - <div class="checkbox"> + <div> <label> - <input type="checkbox" name="ssl" {{#ssl}}checked{{/ssl}}> {{lang_ssl}} + <input type="checkbox" name="ssl" onchange="$('#cert-box').css('display', this.checked ? '' : 'none')" {{#ssl}}checked{{/ssl}}> {{lang_ssl}} </label> </div> - <div><i>{{lang_sslDescription}}</i></div> + <i>{{lang_sslDescription}}</i> <br> <div class="pull-right"> <button type="submit" class="btn btn-primary">{{lang_next}} »</button> </div> + <div class="clearfix"></div> + <hr> + <div {{^ssl}}style="display:none"{{/ssl}} id="cert-box"> + <div class="well well-sm" id="wcustom"> + {{lang_customCertificate}} + <pre class="small"> +-----BEGIN CERTIFICATE----- +MIIFfTCCA... +..... +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +..... +-----END CERTIFICATE-----</pre> + <textarea name="certificate" class="form-control small" cols="101" rows="10">{{certificate}}</textarea> + </div> + <div class="pull-right"> + <button type="submit" class="btn btn-primary">{{lang_next}} »</button> + </div> + <div class="clearfix"></div> + </div> </form> <div class="modal fade" id="help-home" tabindex="-1" role="dialog"> |