diff options
-rw-r--r-- | data/ad/mountscript | 2 | ||||
-rw-r--r-- | src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java | 37 |
2 files changed, 32 insertions, 7 deletions
diff --git a/data/ad/mountscript b/data/ad/mountscript index d7ae209..25f04ea 100644 --- a/data/ad/mountscript +++ b/data/ad/mountscript @@ -39,6 +39,8 @@ if ! grep -q "^${PAM_USER}:" "/etc/passwd"; then fi if [ -n "${VOLUME}" ]; then + # Remember for hooks in pam_script_auth.d + export PERSISTENT_NETPATH=$(echo "$VOLUME" | tr '/' '\') export USER="${REAL_ACCOUNT}" export PASSWD="${PAM_AUTHTOK}" diff --git a/src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java b/src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java index d06bff8..08495c3 100644 --- a/src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java +++ b/src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java @@ -72,6 +72,10 @@ public class CreateLdapConfig extends AbstractTask private int shareOther; @Expose private List<Share> shares; + @Expose + private String shareDomain; + @Expose + private int credentialPassthrough; private Output status = new Output(); @@ -147,7 +151,10 @@ public class CreateLdapConfig extends AbstractTask return false; } // Handle ca-bundle; write to file if custom one is passed - if ( this.certificate.equals( "default" ) ) { + if ( this.fingerprint.length() > 20 && this.server.matches( "^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$" ) ) { + // IP address seems to be given - resort to fingerprint if the certificate doesn't cover + // it. + } else if ( this.certificate.equals( "default" ) ) { caPath = DEFAULT_CA_BUNDLE; this.fingerprint = ""; } else if ( !this.certificate.isEmpty() && !this.certificate.equals( "false" ) ) { @@ -205,26 +212,31 @@ public class CreateLdapConfig extends AbstractTask String shareConf = String.format( "SHARE_REMAP_MODE=%d\n" + "SHARE_CREATE_MISSING_REMAP=%d\n" - + "SHARE_HOME_DRIVE=%s\n" + + "SHARE_HOME_DRIVE='%s'\n" + "SHARE_DOCUMENTS=%d\n" + "SHARE_DOWNLOADS=%d\n" + "SHARE_DESKTOP=%d\n" + "SHARE_MEDIA=%d\n" - + "SHARE_OTHER=%d\n", + + "SHARE_OTHER=%d\n" + + "SHARE_DOMAIN='%s'\n" + + "SHARE_CREDENTIAL_PASSTHROUGH=%d\n", this.shareRemapMode, this.shareRemapCreate, - this.shareHomeDrive, + escapeBashString( this.shareHomeDrive ), this.shareDocuments, this.shareDownloads, this.shareDesktop, this.shareMedia, - this.shareOther + this.shareOther, + escapeBashString( this.shareDomain ), + this.credentialPassthrough ); if ( this.shares != null && !this.shares.isEmpty() ) { int i = 0; for ( Share s : this.shares ) { - shareConf += String.format( "SHARE_%d='%s\t%s\t%s\t%s\t%s'\n", - ++i, s.share, s.letter, s.shortcut, s.user, s.pass ); + shareConf += String.format( "SHARE_EXTRA_%d='%s\t%s\t%s\t%s\t%s'\n", + ++i, escapeBashString( s.share ), escapeBashString( s.letter ), escapeBashString( s.shortcut ), + escapeBashString( s.user ), escapeBashString( s.pass ) ); } } // Build tar/config @@ -294,6 +306,17 @@ public class CreateLdapConfig extends AbstractTask } } + private String escapeBashString( String str ) + { + if ( str.indexOf( '\'' ) != -1 ) { + str = str.replace( "'", "'\"'\"'" ); + } + if (str.indexOf( '\t' ) != -1) { + str = str.replace( "\t", " " ); + } + return str; + } + /** * Output - contains additional status data of this task */ |