Project

General

Profile

« Previous | Next » 

Revision 2972

Added by Matt Jones over 18 years ago

dded TLS support to the ldapweb.cgi script, cleaned up some TempToolkit
template processing so that the results display CSS properly, and some minor
formatting issues. The TLS support should probably be enabled only if the
server supports it, which can be queried with supported_extensions, but for
now it is just on, which is what we need.

View differences:

ldapweb.cgi
107 107
              'initregister'      => \&handleInitRegister,
108 108
              'register'          => \&handleRegister,
109 109
              'registerconfirmed' => \&handleRegisterConfirmed,
110
              'changepass'        => \&handleChangePassword,
111
              'initchangepass'    => \&handleInitialChangePassword,
112 110
              'simplesearch'      => \&handleSimpleSearch,
113 111
              'initaddentry'      => \&handleInitAddEntry,
114 112
              'addentry'          => \&handleAddEntry,
115 113
              'initmodifyentry'   => \&handleInitModifyEntry,
116 114
              'modifyentry'       => \&handleModifyEntry,
115
              'changepass'        => \&handleChangePassword,
116
              'initchangepass'    => \&handleInitialChangePassword,
117 117
              'resetpass'         => \&handleResetPassword,
118 118
              'initresetpass'     => \&handleInitialResetPassword,
119 119
             );
......
174 174
                             cfg => $cfg,
175 175
                             allParams => $allParams,
176 176
                             errorMessage => $errorMessage };
177
	$$templateVars{'orgList'} = \@orglist;
177
        $$templateVars{'orgList'} = \@orglist;
178 178
        $template->process( "@defaultHeader@", $templateVars);
179 179
        $template->process( "@register@", $templateVars);
180 180
        $template->process( "@defaultFooter@", $templateVars);
181 181
        exit(0);
182 182
    } else {
183
	my $o = $query->param('o');    
184
	$ldapurl = $config_ldapurl->{$o};
185
	$searchBase = $config_ldapsearchbase->{$o};  
183
        my $o = $query->param('o');    
184
        $ldapurl = $config_ldapurl->{$o};
185
        $searchBase = $config_ldapsearchbase->{$o};  
186 186
    }
187 187

  
188 188
    # Search LDAP for matching entries that already exist
......
266 266
    }
267 267
    if ($query->param('o')) {
268 268
        $$allParams{'o'} = $query->param('o');
269
	my $o = $query->param('o');
270
	
271
	$ldapurl = $config_ldapurl->{$o};
269
        my $o = $query->param('o');
270
        
271
        $ldapurl = $config_ldapurl->{$o};
272 272
        $searchBase = $config_ldapsearchbase->{$o};
273 273
    }
274 274

  
......
283 283
                             cfg => $cfg,
284 284
                             allParams => $allParams,
285 285
                             errorMessage => $errorMessage };
286
	$$templateVars{'orgList'} = \@orglist;
286
        $$templateVars{'orgList'} = \@orglist;
287 287
        $template->process( "@defaultHeader@", $templateVars);
288 288
        $template->process( "@defaultChangePass@", $templateVars);
289 289
        $template->process( "@defaultFooter@", $templateVars);
......
293 293
    # We have all of the info we need, so try to change the password
294 294
    if ($query->param('userPassword') =~ $query->param('userPassword2')) {
295 295

  
296
	my $o = $query->param('o');
297
	$ldapurl = $config_ldapurl->{$o};
296
        my $o = $query->param('o');
297
        $ldapurl = $config_ldapurl->{$o};
298 298
        $searchBase = $config_ldapsearchbase->{$o};
299
	$root = $config_user->{$o};
300
	$rootpw = $config_password->{$o};
299
        $root = $config_user->{$o};
300
        $rootpw = $config_password->{$o};
301 301

  
302 302
        my $dn = "uid=" . $query->param('uid') . "," . $config_dn->{$o};;
303 303
        if ($query->param('o') =~ "LTER") {
......
308 308
            my $errorMessage = changePassword(
309 309
                    $dn, $query->param('userPassword'), 
310 310
                    $dn, $query->param('oldpass'), $query->param('o'));
311
            if ($errorMessage) {	
311
            if ($errorMessage) {
312 312
                my $templateVars = { stage => "changepass",
313 313
                                     cfg => $cfg,
314 314
                                     allParams => $allParams,
315 315
                                     errorMessage => $errorMessage };
316
		$$templateVars{'orgList'} = \@orglist;
316
                $$templateVars{'orgList'} = \@orglist;
317 317
                $template->process( "@defaultHeader@", $templateVars);
318 318
                $template->process( "@defaultChangePass@", $templateVars);
319 319
                $template->process( "@defaultFooter@", $templateVars);
320 320
                exit(0);
321 321
            } else {
322
                $template->process( "@defaultHeader@");
323
                $template->process( "@changePassSuccess@");
324
                $template->process( "@defaultFooter@");
322
                my $templateVars = { stage => "changepass",
323
                                     cfg => $cfg,
324
                                     allParams => $allParams };
325
                $$templateVars{'orgList'} = \@orglist;
326
                $template->process( "@defaultHeader@", $templateVars);
327
                $template->process( "@changePassSuccess@", $templateVars);
328
                $template->process( "@defaultFooter@", $templateVars);
325 329
                exit(0);
326 330
            }
327 331
        }
......
331 335
                             cfg => $cfg,
332 336
                             allParams => $allParams,
333 337
                             errorMessage => $errorMessage };
334
	$$templateVars{'orgList'} = \@orglist;
338
        $$templateVars{'orgList'} = \@orglist;
335 339
        $template->process( "@defaultHeader@", $templateVars);
336 340
        $template->process( "@defaultChangePass@", $templateVars);
337 341
        $template->process( "@defaultFooter@", $templateVars);
......
372 376
    }
373 377
    if ($query->param('o')) {
374 378
        $$allParams{'o'} = $query->param('o');
375
	my $o = $query->param('o');
376
	
377
	$ldapurl = $config_ldapurl->{$o};
379
        my $o = $query->param('o');
380
        
381
        $ldapurl = $config_ldapurl->{$o};
378 382
        $searchBase = $config_ldapsearchbase->{$o};
379
	$root = $config_user->{$o};
380
	$rootpw = $config_password->{$o};
383
        $root = $config_user->{$o};
384
        $rootpw = $config_password->{$o};
381 385
    }
382 386

  
383 387
    # Check that all required fields are provided and not null
......
389 393
                             cfg => $cfg,
390 394
                             allParams => $allParams,
391 395
                             errorMessage => $errorMessage };
392
	$$templateVars{'orgList'} = \@orglist;
396
        $$templateVars{'orgList'} = \@orglist;
393 397
        $template->process( "@defaultHeader@", $templateVars);
394 398
        $template->process( "@defaultResetPass@", $templateVars);
395 399
        $template->process( "@defaultFooter@", $templateVars);
......
424 428
                                 cfg => $cfg,
425 429
                                 allParams => $allParams,
426 430
                                 errorMessage => $errorMessage };
427
	    $$templateVars{'orgList'} = \@orglist;
431
            $$templateVars{'orgList'} = \@orglist;
428 432
            $template->process( "@defaultHeader@", $templateVars);
429 433
            $template->process( "@defaultResetPass@", $templateVars);
430 434
            $template->process( "@defaultFooter@", $templateVars);
431 435
            exit(0);
432 436
        } else {
433 437
            my $errorMessage = sendPasswordNotification($query->param('uid'),
434
                    $query->param('o'), $userPass, $recipient);
438
                    $query->param('o'), $userPass, $recipient, $cfg);
435 439
            my $templateVars = { stage => "resetpass",
436 440
                                 cfg => $cfg,
437 441
                                 allParams => $allParams,
438 442
                                 errorMessage => $errorMessage };
439
	    $$templateVars{'orgList'} = \@orglist;
443
            $$templateVars{'orgList'} = \@orglist;
440 444
            $template->process( "@defaultHeader@", $templateVars);
441 445
            $template->process( "@resetPassSuccess@", $templateVars);
442 446
            $template->process( "@defaultFooter@", $templateVars);
......
494 498
    
495 499
    my $errorMessage = 0;
496 500
    my $ldap = Net::LDAP->new($ldapurl) or die "$@"; 
501
    #$ldap->start_tls( verify => 'require',
502
                      #cafile => '/usr/share/ssl/ldapcerts/cacert.pem');
503
    $ldap->start_tls( verify => 'none');
497 504
    my $bindresult = $ldap->bind( version => 3, dn => $bindDN, 
498 505
                                  password => $bindPass );
499 506
    if ($bindresult->code) {
......
547 554
    my $entry = "";
548 555
    my $mesg;
549 556
    my $ldap = Net::LDAP->new($ldapurl) or die "$@";
557
    $ldap->start_tls( verify => 'none');
550 558
    my $bindresult = $ldap->bind;
551 559
    if ($bindresult->code) {
552 560
        return $entry;
553 561
    }
554 562

  
555 563
    if($config_filter->{$org}){
556
	$mesg = $ldap->search ( base   => $base,
557
				   filter => "(&(uid=$username)($config_filter->{$org}))"
558
				   );
564
        $mesg = $ldap->search ( base   => $base,
565
                filter => "(&(uid=$username)($config_filter->{$org}))");
559 566
    } else {
560
	$mesg = $ldap->search ( base   => $base,
561
				   filter => "(&(uid=$username))"
562
				   );
567
        $mesg = $ldap->search ( base   => $base, filter => "(uid=$username)");
563 568
    }
564 569

  
565 570
    if ($mesg->count > 0) {
......
591 596
    my $org = shift;
592 597
    my $newPass = shift;
593 598
    my $recipient = shift;
599
    my $cfg = shift;
594 600

  
595 601
    my $errorMessage = "";
596 602
    if ($recipient) {
......
608 614
        This is generally done when somebody forgets their password.  Your 
609 615
        password can be changed by visiting the following URL:
610 616

  
611
        @cgiurl@?stage=changepass
617
        @cgiurl@?stage=changepass&cfg=$cfg
612 618

  
613 619
            Username: $username
614 620
        Organization: $org
......
641 647
    my $foundAccounts = 0;
642 648

  
643 649
    my $ldap = Net::LDAP->new($ldapurl) or die "$@";
650
    $ldap->start_tls( verify => 'none');
644 651
    $ldap->bind( version => 3, anonymous => 1);
645 652
    my $mesg = $ldap->search (
646 653
        base   => $base,
......
726 733
                                 cfg => $cfg,
727 734
                                 allParams => $allParams,
728 735
                                 errorMessage => $errorMessage };
729
	    $$templateVars{'orgList'} = \@orglist;
736
            $$templateVars{'orgList'} = \@orglist;
730 737
            $template->process( "@defaultHeader@", $templateVars);
731 738
            $template->process( "@registerFailed@", $templateVars);
732 739
            $template->process( "@register@", $templateVars);
......
734 741
            exit(0);
735 742
        }
736 743

  
737
	my $o = $query->param('o');
744
        my $o = $query->param('o');
738 745

  
739
	my $ldapurl = $config_ldapurl->{$o};
740
	my $root = $config_user->{$o};
741
	my $rootpw = $config_password->{$o};
742
	my $searchBase = $config_ldapsearchbase->{$o};
743
	my $dnBase = $config_dn->{$o};
746
        my $ldapurl = $config_ldapurl->{$o};
747
        my $root = $config_user->{$o};
748
        my $rootpw = $config_password->{$o};
749
        my $searchBase = $config_ldapsearchbase->{$o};
750
        my $dnBase = $config_dn->{$o};
744 751

  
745 752
        my $ldap = Net::LDAP->new($ldapurl) or die "$@";
753
        $ldap->start_tls( verify => 'none');
746 754
        $ldap->bind( version => 3, dn => $root, password => $rootpw );
747 755
        #print "Inserting new entry...\n";
748 756
        my $dn = 'uid=' . $query->param('uid') . ',' . $dnBase;
......
782 790
                                 cfg => $cfg,
783 791
                                 allParams => $allParams,
784 792
                                 errorMessage => $result->error };
785
	    $$templateVars{'orgList'} = \@orglist;
793
            $$templateVars{'orgList'} = \@orglist;
786 794
            $template->process( "@defaultHeader@", $templateVars);
787 795
            $template->process( "@registerFailed@", $templateVars);
788 796
            $templateVars    = { stage => "register",
789 797
                                 cfg => $cfg,
790 798
                                 allParams => $allParams };
791
	    $$templateVars{'orgList'} = \@orglist;
799
            $$templateVars{'orgList'} = \@orglist;
792 800
            $template->process( "@register@", $templateVars);
793 801
            $template->process( "@defaultFooter@", $templateVars);
794 802
        } else {
795
	    my $templateVars    = { cfg => $cfg };
803
            my $templateVars    = { cfg => $cfg };
796 804
            $template->process( "@defaultHeader@", $templateVars);
797 805
            $template->process( "@registerSuccess@", $templateVars);
798 806
            $template->process( "@defaultFooter@", $templateVars);
......
906 914
    my $foundAccounts = 0;
907 915

  
908 916
    my $ldap = Net::LDAP->new($ldapurl) or die "$@";
917
    $ldap->start_tls( verify => 'none');
909 918
    $ldap->bind( version => 3, anonymous => 1);
910 919
    my $mesg = $ldap->search (
911 920
        base   => $base,

Also available in: Unified diff