check SSH key
This commit is contained in:
parent
d73ffee957
commit
ab3d13cf28
|
@ -117,21 +117,9 @@ class Remote {
|
||||||
}
|
}
|
||||||
$password = $_SESSION['ldap']->getPassword();
|
$password = $_SESSION['ldap']->getPassword();
|
||||||
$keyPath = $_SESSION['config']->getScriptSSHKey();
|
$keyPath = $_SESSION['config']->getScriptSSHKey();
|
||||||
if (!empty($keyPath)) {
|
|
||||||
// use key authentication
|
|
||||||
if (!file_exists($keyPath) || !is_readable($keyPath)) {
|
|
||||||
throw new LAMException(sprintf(_("Unable to read %s."), htmlspecialchars($keyPath)));
|
|
||||||
}
|
|
||||||
$key = file_get_contents($keyPath);
|
|
||||||
$rsa = new RSA();
|
|
||||||
$keyPassword = $_SESSION['config']->getScriptSSHKeyPassword();
|
$keyPassword = $_SESSION['config']->getScriptSSHKeyPassword();
|
||||||
if (!empty($keyPassword)) {
|
if (!empty($keyPath)) {
|
||||||
$rsa->setPassword($keyPassword);
|
$password = $this->loadKey($keyPath, $keyPassword);
|
||||||
}
|
|
||||||
if (!$rsa->loadKey($key)) {
|
|
||||||
throw new LAMException(sprintf(_("Unable to load key %s."), htmlspecialchars($keyPath)));
|
|
||||||
}
|
|
||||||
$password = $rsa;
|
|
||||||
}
|
}
|
||||||
$login = @$handle->login($username, $password);
|
$login = @$handle->login($username, $password);
|
||||||
if (!$login) {
|
if (!$login) {
|
||||||
|
@ -160,6 +148,30 @@ class Remote {
|
||||||
require_once($prefix . 'Net/SSH2.php');
|
require_once($prefix . 'Net/SSH2.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Loads the key
|
||||||
|
*
|
||||||
|
* @param string $keyPath file name
|
||||||
|
* @param string $keyPassword password
|
||||||
|
* @throws LAMException error loading key
|
||||||
|
* @return \phpseclib\Crypt\RSA key object
|
||||||
|
*/
|
||||||
|
public function loadKey($keyPath, $keyPassword) {
|
||||||
|
// use key authentication
|
||||||
|
if (!file_exists($keyPath) || !is_readable($keyPath)) {
|
||||||
|
throw new LAMException(sprintf(_("Unable to read %s."), htmlspecialchars($keyPath)));
|
||||||
|
}
|
||||||
|
$key = file_get_contents($keyPath);
|
||||||
|
$rsa = new RSA();
|
||||||
|
if (!empty($keyPassword)) {
|
||||||
|
$rsa->setPassword($keyPassword);
|
||||||
|
}
|
||||||
|
if (!$rsa->loadKey($key)) {
|
||||||
|
throw new LAMException(sprintf(_("Unable to load key %s."), htmlspecialchars($keyPath)));
|
||||||
|
}
|
||||||
|
return $rsa;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -22,7 +22,7 @@ use \htmlGroup;
|
||||||
/*
|
/*
|
||||||
|
|
||||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||||
Copyright (C) 2003 - 2018 Roland Gruber
|
Copyright (C) 2003 - 2019 Roland Gruber
|
||||||
|
|
||||||
This program is free software; you can redistribute it and/or modify
|
This program is free software; you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
|
@ -659,15 +659,33 @@ function checkInput() {
|
||||||
$chmodOwner = 0;
|
$chmodOwner = 0;
|
||||||
$chmodGroup = 0;
|
$chmodGroup = 0;
|
||||||
$chmodOther = 0;
|
$chmodOther = 0;
|
||||||
if (isset($_POST['chmod_owr']) && ($_POST['chmod_owr'] == 'on')) $chmodOwner += 4;
|
if (isset($_POST['chmod_owr']) && ($_POST['chmod_owr'] == 'on')) {
|
||||||
if (isset($_POST['chmod_oww']) && ($_POST['chmod_oww'] == 'on')) $chmodOwner += 2;
|
$chmodOwner += 4;
|
||||||
if (isset($_POST['chmod_owe']) && ($_POST['chmod_owe'] == 'on')) $chmodOwner += 1;
|
}
|
||||||
if (isset($_POST['chmod_grr']) && ($_POST['chmod_grr'] == 'on')) $chmodGroup += 4;
|
if (isset($_POST['chmod_oww']) && ($_POST['chmod_oww'] == 'on')) {
|
||||||
if (isset($_POST['chmod_grw']) && ($_POST['chmod_grw'] == 'on')) $chmodGroup += 2;
|
$chmodOwner += 2;
|
||||||
if (isset($_POST['chmod_gre']) && ($_POST['chmod_gre'] == 'on')) $chmodGroup += 1;
|
}
|
||||||
if (isset($_POST['chmod_otr']) && ($_POST['chmod_otr'] == 'on')) $chmodOther += 4;
|
if (isset($_POST['chmod_owe']) && ($_POST['chmod_owe'] == 'on')) {
|
||||||
if (isset($_POST['chmod_otw']) && ($_POST['chmod_otw'] == 'on')) $chmodOther += 2;
|
$chmodOwner += 1;
|
||||||
if (isset($_POST['chmod_ote']) && ($_POST['chmod_ote'] == 'on')) $chmodOther += 1;
|
}
|
||||||
|
if (isset($_POST['chmod_grr']) && ($_POST['chmod_grr'] == 'on')) {
|
||||||
|
$chmodGroup += 4;
|
||||||
|
}
|
||||||
|
if (isset($_POST['chmod_grw']) && ($_POST['chmod_grw'] == 'on')) {
|
||||||
|
$chmodGroup += 2;
|
||||||
|
}
|
||||||
|
if (isset($_POST['chmod_gre']) && ($_POST['chmod_gre'] == 'on')) {
|
||||||
|
$chmodGroup += 1;
|
||||||
|
}
|
||||||
|
if (isset($_POST['chmod_otr']) && ($_POST['chmod_otr'] == 'on')) {
|
||||||
|
$chmodOther += 4;
|
||||||
|
}
|
||||||
|
if (isset($_POST['chmod_otw']) && ($_POST['chmod_otw'] == 'on')) {
|
||||||
|
$chmodOther += 2;
|
||||||
|
}
|
||||||
|
if (isset($_POST['chmod_ote']) && ($_POST['chmod_ote'] == 'on')) {
|
||||||
|
$chmodOther += 1;
|
||||||
|
}
|
||||||
$chmod = $chmodOwner . $chmodGroup . $chmodOther;
|
$chmod = $chmodOwner . $chmodGroup . $chmodOther;
|
||||||
if (!$conf->set_scriptrights($chmod)) {
|
if (!$conf->set_scriptrights($chmod)) {
|
||||||
$errors[] = array("ERROR", _("Script rights are invalid!"));
|
$errors[] = array("ERROR", _("Script rights are invalid!"));
|
||||||
|
@ -675,6 +693,16 @@ function checkInput() {
|
||||||
$conf->setScriptUserName($_POST['scriptuser']);
|
$conf->setScriptUserName($_POST['scriptuser']);
|
||||||
$conf->setScriptSSHKey($_POST['scriptkey']);
|
$conf->setScriptSSHKey($_POST['scriptkey']);
|
||||||
$conf->setScriptSSHKeyPassword($_POST['scriptkeypassword']);
|
$conf->setScriptSSHKeyPassword($_POST['scriptkeypassword']);
|
||||||
|
if (!empty($_POST['scriptkey'])) {
|
||||||
|
include_once '../../lib/remote.inc';
|
||||||
|
$remote = new \LAM\REMOTE\Remote();
|
||||||
|
try {
|
||||||
|
$remote->loadKey($conf->getScriptSSHKey(), $conf->getScriptSSHKeyPassword());
|
||||||
|
}
|
||||||
|
catch (\LAMException $e) {
|
||||||
|
$errors[] = array('ERROR', _('SSH key file'), $e->getTitle());
|
||||||
|
}
|
||||||
|
}
|
||||||
// tool settings
|
// tool settings
|
||||||
$tools = getTools();
|
$tools = getTools();
|
||||||
$toolSettings = array();
|
$toolSettings = array();
|
||||||
|
|
Loading…
Reference in New Issue