[Fedora-directory-commits] dsgw/orgbin org.in,1.2,1.3
Richard Allen Megginson (rmeggins)
fedora-directory-commits at redhat.com
Wed Jan 30 02:22:49 UTC 2008
Author: rmeggins
Update of /cvs/dirsec/dsgw/orgbin
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15541/dsgw/orgbin
Modified Files:
org.in
Log Message:
Renamed setup to setup-ds-dsgw to be consistent with other setup scripts
setup-ds-dsgw will attempt to use settings from pre-configured admin server
and directory server
Config files will use an ldap url and http url - this is so that we can use
http or https and ldap or ldaps - previously, dsgw was configured during
regular DS setup, which did not allow TLS/SSL setup - we must be able to
configure the dsgw for TLS/SSL during setup now
Changed XP_GetClientStr back to just always return a malloc'd string - there
are cases where we cannot use a static
There were some places where we were using a form with POST + a query string
Use SERVER_NAME instead of HTTP_HOST because the latter has the port number
already in it
Index: org.in
===================================================================
RCS file: /cvs/dirsec/dsgw/orgbin/org.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- org.in 28 Jan 2008 21:22:48 -0000 1.2
+++ org.in 30 Jan 2008 02:22:46 -0000 1.3
@@ -56,6 +56,7 @@
use Mozilla::LDAP::Conn;
use Mozilla::LDAP::Utils qw(:all);
+use Mozilla::LDAP::API qw(:constant ldap_url_parse ldap_explode_dn);
use CGI;
$cg = new CGI;
@@ -407,13 +408,26 @@
local ($search) = "$config_tokens{'attrib-manager'}=$manager";
local ($entry);
local ($conn);
+ my $h = ldap_url_parse($config_tokens{"ldap-url"});
+ my $host = $h->{host};
+ my $port = $h->{port};
+ my $securitydir;
+ if ($h->{options} & LDAP_URL_OPT_SECURE) {
+ $securitydir = $config_tokens{"securitydir"};
+ if ($securitydir eq "none") {
+ &output_html_header("no-javascript");
+ print "<BR><BR>The orgchart config specifies to use TLS/SSL $config_tokens{\"ldap-url\"} but no securitydir has been configured <BR><BR>";
+ print "\n</BODY></HTML>";
+ exit (0);
+ }
+ }
- $conn = new Mozilla::LDAP::Conn($config_tokens{"ldap-host"}, $config_tokens{"ldap-port"}, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"});
- die "Could't connect to LDAP server $config_tokens{\"ldap-host\"}" unless $conn;
+ $conn = new Mozilla::LDAP::Conn($host, $port, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"}, $securitydir);
+ die "Could't connect to LDAP server $config_tokens{\"ldap-url\"}" unless $conn;
$entry = $conn->search($config_tokens{"ldap-search-base"}, "subtree", $search, 0, @return_attribs);
$display_indent += 1;
-
+
while ($entry)
{
if (not_terminated($entry) && not_own_manager($entry))
@@ -980,9 +994,11 @@
exit;
}
-%config_tokens = ( "ldap-host","none",
+%config_tokens = ( "ldap-url","none",
+ "ldap-host","none",
"ldap-port","none",
"ldap-search-base","none",
+ "securitydir","none",
"ldap-bind-dn","",
"ldap-bind-pass","",
"icons-aim-visible","no",
@@ -1012,21 +1028,37 @@
close (FILE);
+my $haveurl = 1;
+my $havehost = 1;
+my $haveport = 1;
+
+if ( $config_tokens{"ldap-url"} eq "none" )
+{
+ $haveurl = 0;
+}
if ( $config_tokens{"ldap-host"} eq "none" )
{
- &output_html_header("no-javascript");
- print "<BR><BR>The administrator of this application needs to configure an LDAP host to use.<BR><BR>";
- print "\n</BODY></HTML>";
- exit(0);
+ $havehost = 0;
}
+
if ( $config_tokens{"ldap-port"} eq "none" )
{
+ $haveport = 0;
+}
+
+if ( !$haveurl and (!$havehost or !$haveport) )
+{
&output_html_header("no-javascript");
- print "<BR><BR>The administrator of this application needs to configure an LDAP port number to use.<BR><BR>";
+ print "<BR><BR>The administrator of this application needs to configure an LDAP URL, or an LDAP host and port number to use.<BR><BR>";
print "\n</BODY></HTML>";
exit(0);
}
+
+if ( !$haveurl ) {
+ $config_tokens{"ldap-url"} = "ldap://" . $config_tokens{"ldap-host"} . ":" . $config_tokens{"ldap-port"};
+}
+
if ( $config_tokens{"ldap-search-base"} eq "none" )
{
&output_html_header("no-javascript");
@@ -1258,8 +1290,21 @@
$search = "$config_tokens{'attrib-farleft-rdn'}=" . $uid;
- $conn = new Mozilla::LDAP::Conn($config_tokens{"ldap-host"}, $config_tokens{"ldap-port"}, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"});
- die "Couldn't connect to LDAP server $config_tokens{\"ldap-host\"}" unless $conn;
+ my $h = ldap_url_parse($config_tokens{"ldap-url"});
+ my $host = $h->{host};
+ my $port = $h->{port};
+ my $securitydir;
+ if ($h->{options} & LDAP_URL_OPT_SECURE) {
+ $securitydir = $config_tokens{"securitydir"};
+ if ($securitydir eq "none") {
+ &output_html_header("no-javascript");
+ print "<BR><BR>The orgchart config specifies to use TLS/SSL $config_tokens{\"ldap-url\"} but no securitydir has been configured <BR><BR>";
+ print "\n</BODY></HTML>";
+ exit (0);
+ }
+ }
+ $conn = new Mozilla::LDAP::Conn($host, $port, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"}, $securitydir);
+ die "Couldn't connect to LDAP server $config_tokens{\"ldap-url\"}" unless $conn;
$entry = $conn->search($config_tokens{"ldap-search-base"}, "subtree", $search, 0 , @return_attribs);
#
@@ -1289,8 +1334,6 @@
$search = "(|(cn=*$uid*)(mail=*$uid*))";
- $conn = new Mozilla::LDAP::Conn($config_tokens{"ldap-host"}, $config_tokens{"ldap-port"}, $config_tokens{"ldap-bind-dn"}, $config_tokens{"ldap-bind-pass"});
- die "Couldn't connect to LDAP server $config_tokens{\"ldap-host\"}" unless $conn;
$entry = $conn->search($config_tokens{"ldap-search-base"}, "subtree", $search, 0, @return_attribs);
$anothertempnum = 0;
More information about the Fedora-directory-commits
mailing list