diff options
Diffstat (limited to 'src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java')
-rw-r--r-- | src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java | 59 |
1 files changed, 46 insertions, 13 deletions
diff --git a/src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java b/src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java index 30f1935..208cd8d 100644 --- a/src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java +++ b/src/main/java/org/openslx/taskmanager/tasks/CreateLdapConfig.java @@ -2,6 +2,7 @@ package org.openslx.taskmanager.tasks; import java.io.File; import java.io.IOException; +import java.lang.reflect.Field; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Paths; @@ -10,10 +11,13 @@ import java.util.concurrent.atomic.AtomicBoolean; import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream; import org.apache.commons.io.FileUtils; +import org.apache.commons.io.FilenameUtils; +import org.apache.log4j.Logger; import org.openslx.satserver.util.Archive; import org.openslx.satserver.util.Constants; import org.openslx.satserver.util.Exec; import org.openslx.satserver.util.Exec.ExecCallback; +import org.openslx.satserver.util.LdapMapping; import org.openslx.satserver.util.Template; import org.openslx.satserver.util.Util; import org.openslx.taskmanager.api.AbstractTask; @@ -22,7 +26,10 @@ import com.google.gson.annotations.Expose; public class CreateLdapConfig extends AbstractTask { + private static final Logger LOGGER = Logger.getLogger( CreateLdapConfig.class ); public static final String DEFAULT_CA_BUNDLE = "/etc/ssl/certs/ca-certificates.crt"; + protected static final String[] ALLOWED_DIRS = + { "/tmp/", "/opt/openslx/configs/" }; @Expose private int moduleid = 0; @@ -52,6 +59,10 @@ public class CreateLdapConfig extends AbstractTask private String certificate; @Expose private boolean plainldap = false; + @Expose + private String fixnumeric = null; + @Expose + private LdapMapping mapping; // Share mode stuff @Expose @@ -88,16 +99,36 @@ public class CreateLdapConfig extends AbstractTask status.error = "Missing argument to task"; return false; } - if ( this.home == null ) - this.home = ""; - if ( this.binddn == null ) - this.binddn = ""; - if ( this.bindpw == null ) - this.bindpw = ""; - if ( this.certificate == null ) - this.certificate = ""; - if ( this.fingerprint == null ) - this.fingerprint = ""; + filename = FilenameUtils.normalize( filename ); + if ( !Util.startsWith( filename, ALLOWED_DIRS ) ) { + status.error = "Illegal target directory " + filename; + return false; + } + for ( Field field : CreateLdapConfig.class.getDeclaredFields() ) { + if ( field.isAnnotationPresent( Expose.class ) && field.getType().equals( String.class ) ) { + field.setAccessible( true ); + Object ret; + try { + ret = field.get( this ); + } catch ( IllegalArgumentException | IllegalAccessException e1 ) { + ret = null; + LOGGER.warn( "Cannot get field " + field.getName() ); + } + if ( ret == null ) { + try { + field.set( this, "" ); + } catch ( IllegalArgumentException | IllegalAccessException e ) { + LOGGER.warn( "Cannot set field " + field.getName() ); + } + } + } + } + if ( mapping == null ) { + mapping = new LdapMapping(); + } + if ( Util.isEmpty( mapping.homemount ) && !Util.isEmpty( this.homeattr ) ) { + mapping.homemount = this.homeattr; + } return true; } @@ -160,7 +191,7 @@ public class CreateLdapConfig extends AbstractTask } else if ( !this.certificate.isEmpty() && !this.certificate.equals( "false" ) ) { // Write out try { - FileUtils.writeStringToFile( caFile, this.certificate ); + FileUtils.writeStringToFile( caFile, this.certificate, StandardCharsets.UTF_8 ); } catch ( Exception e ) { status.error = "Could not write trusted certificate(s) to file " + caFile.getAbsolutePath(); return false; @@ -175,11 +206,12 @@ public class CreateLdapConfig extends AbstractTask + "bindpw=%s\n" + "base=%s\n" + "home=%s\n" - + "homeattr=%s\n" + "port=%s\n" + "fingerprint=%s\n" + "cabundle=%s\n" + "plainldap=%s\n" + + "fixnumeric=%s\n" + + "%s\n" + "[local]\n" + "port=%s\n" + "cert=%s\n" @@ -190,11 +222,12 @@ public class CreateLdapConfig extends AbstractTask this.bindpw, this.searchbase, this.home, - this.homeattr, this.adport, this.fingerprint, caPath, Boolean.toString( this.plainldap ), + this.fixnumeric == null ? "" : this.fixnumeric, + this.mapping.toString(), this.proxyport, certFile, keyFile ); |