support lamdaemon authentication with SSH key
This commit is contained in:
Roland Gruber
parent
7a580d0296
commit
b5e8794163
|
|
@ -1,5 +1,6 @@
|
|||
September 2016
|
||||
- Windows: allow to show effective members of a group
|
||||
- Lamdaemon: support SSH key authentication
|
||||
- LAM Pro:
|
||||
-> Group of names/members + roles: allow to show effective members of a group
|
||||
-> Cron jobs:
|
||||
|
|
|
|||
|
|
@ -211,6 +211,12 @@ $helpArray = array (
|
|||
"Text" => _('Default method to output a random password.')),
|
||||
'283' => array ("Headline" => _('Force password change by default'),
|
||||
"Text" => _('Enforce password change on next login by default.')),
|
||||
'284' => array ("Headline" => _('User name'),
|
||||
"Text" => _('User name for SSH connection to lamdaemon server. If empty the user name of the person who is logged into LAM will be used.')),
|
||||
'285' => array ("Headline" => _('SSH key file'),
|
||||
"Text" => _('Path to SSH key file to connect to lamdaemon server. If empty then password authentication with the person\'s password who is logged into LAM will be used.')),
|
||||
'286' => array ("Headline" => _('SSH key password'),
|
||||
"Text" => _('Password to unlock SSH key file.')),
|
||||
// 300 - 399
|
||||
// profile editor, file upload
|
||||
"301" => array ("Headline" => _("RDN identifier"),
|
||||
|
|
|
|||
|
|
@ -475,6 +475,21 @@ class LAMConfig {
|
|||
*/
|
||||
private $scriptServer;
|
||||
|
||||
/**
|
||||
* user name for lamdaemon
|
||||
*/
|
||||
private $scriptUserName;
|
||||
|
||||
/**
|
||||
* File name of SSH key for lamdaemon.
|
||||
*/
|
||||
private $scriptSSHKey;
|
||||
|
||||
/**
|
||||
* Password for lamdaemon SSH key.
|
||||
*/
|
||||
private $scriptSSHKeyPassword;
|
||||
|
||||
/** LDAP cache timeout */
|
||||
private $cachetimeout;
|
||||
|
||||
|
|
@ -560,7 +575,8 @@ class LAMConfig {
|
|||
'lamProMailText', 'lamProMailIsHTML', 'lamProMailAllowAlternateAddress', 'httpAuthentication', 'loginSearchDN',
|
||||
'loginSearchPassword', 'timeZone', 'jobsBindUser', 'jobsBindPassword', 'jobsDatabase', 'jobToken', 'jobs',
|
||||
'jobsDBHost', 'jobsDBPort', 'jobsDBUser', 'jobsDBPassword', 'jobsDBName', 'pwdResetAllowSpecificPassword',
|
||||
'pwdResetAllowScreenPassword', 'pwdResetForcePasswordChange', 'pwdResetDefaultPasswordOutput'
|
||||
'pwdResetAllowScreenPassword', 'pwdResetForcePasswordChange', 'pwdResetDefaultPasswordOutput',
|
||||
'scriptUserName', 'scriptSSHKey', 'scriptSSHKeyPassword'
|
||||
);
|
||||
|
||||
|
||||
|
|
@ -753,6 +769,9 @@ class LAMConfig {
|
|||
if (!in_array("scriptPath", $saved)) array_push($file_array, "\n\n# Path to external Script\n" . "scriptPath: " . $this->scriptPath . "\n");
|
||||
if (!in_array("scriptServer", $saved)) array_push($file_array, "\n\n# Servers of external script\n" . "scriptServer: " . $this->scriptServer . "\n");
|
||||
if (!in_array("scriptRights", $saved)) array_push($file_array, "\n\n# Access rights for home directories\n" . "scriptRights: " . $this->scriptRights . "\n");
|
||||
if (!in_array("scriptUserName", $saved)) array_push($file_array, "\n" . "scriptUserName: " . $this->scriptUserName . "\n");
|
||||
if (!in_array("scriptSSHKey", $saved)) array_push($file_array, "\n" . "scriptSSHKey: " . $this->scriptSSHKey . "\n");
|
||||
if (!in_array("scriptSSHKeyPassword", $saved)) array_push($file_array, "\n" . "scriptSSHKeyPassword: " . $this->scriptSSHKeyPassword . "\n");
|
||||
if (!in_array("cachetimeout", $saved)) array_push($file_array, "\n\n# Number of minutes LAM caches LDAP searches.\n" . "cacheTimeout: " . $this->cachetimeout . "\n");
|
||||
if (!in_array("searchLimit", $saved)) array_push($file_array, "\n\n# LDAP search limit.\n" . "searchLimit: " . $this->searchLimit . "\n");
|
||||
if (!in_array("activeTypes", $saved)) array_push($file_array, "\n\n# List of active account types.\n" . "activeTypes: " . $this->activeTypes . "\n");
|
||||
|
|
@ -1271,6 +1290,60 @@ class LAMConfig {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the path to lamdamon SSH key.
|
||||
*
|
||||
* @return string key path
|
||||
*/
|
||||
public function getScriptSSHKey() {
|
||||
return $this->scriptSSHKey;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the path to lamdamon SSH key.
|
||||
*
|
||||
* @param string $value key path
|
||||
*/
|
||||
public function setScriptSSHKey($value) {
|
||||
$this->scriptSSHKey = $value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the password for the lamdamon SSH key.
|
||||
*
|
||||
* @return string password
|
||||
*/
|
||||
public function getScriptSSHKeyPassword() {
|
||||
return $this->scriptSSHKeyPassword;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the password for the lamdamon SSH key.
|
||||
*
|
||||
* @param string $value password
|
||||
*/
|
||||
public function setScriptSSHKeyPassword($value) {
|
||||
$this->scriptSSHKeyPassword = $value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the lamdaemon user name.
|
||||
*
|
||||
* @return string user name
|
||||
*/
|
||||
public function getScriptUserName() {
|
||||
return $this->scriptUserName;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the lamdaemon user name.
|
||||
*
|
||||
* @param string $value user name
|
||||
*/
|
||||
public function setScriptUserName($value) {
|
||||
$this->scriptUserName = $value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the LDAP cache timeout in minutes
|
||||
*
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
$Id$
|
||||
|
||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||
Copyright (C) 2004 - 2011 Roland Gruber
|
||||
Copyright (C) 2004 - 2016 Roland Gruber
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
|
@ -46,40 +46,83 @@ function lamdaemon($command, $server) {
|
|||
// add phpseclib to include path
|
||||
set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/3rdParty/phpseclib');
|
||||
include_once('Net/SSH2.php');
|
||||
// get username and password of the current lam-admin
|
||||
$credentials = $_SESSION['ldap']->decrypt_login();
|
||||
try {
|
||||
$handle = lamConnectSSH($server);
|
||||
}
|
||||
catch (Exception $e) {
|
||||
return array("ERROR," . $e->getMessage() . "," . $server);
|
||||
}
|
||||
$output = $handle->exec("sudo " . $_SESSION['config']->get_scriptPath() . ' ' . escapeshellarg($command));
|
||||
return array($output);
|
||||
}
|
||||
|
||||
/**
|
||||
* Connects to the given SSH server.
|
||||
*
|
||||
* @param String $server server name (e.g. localhost or localhost,1234)
|
||||
* @return object handle
|
||||
*/
|
||||
function lamConnectSSH($server) {
|
||||
// add phpseclib to include path
|
||||
set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/3rdParty/phpseclib');
|
||||
include_once('Net/SSH2.php');
|
||||
include_once('Crypt/RSA.php');
|
||||
$serverNameParts = explode(",", $server);
|
||||
$handle = false;
|
||||
if (sizeof($serverNameParts) > 1) {
|
||||
$handle = new Net_SSH2($serverNameParts[0], $serverNameParts[1]);
|
||||
$handle = @new Net_SSH2($serverNameParts[0], $serverNameParts[1]);
|
||||
}
|
||||
else {
|
||||
$handle = new Net_SSH2($server);
|
||||
$handle = @new Net_SSH2($server);
|
||||
}
|
||||
if ($handle) {
|
||||
if (!$handle) {
|
||||
throw new Exception(_("Unable to connect to remote server!"));
|
||||
}
|
||||
lamLoginSSH($handle);
|
||||
return $handle;
|
||||
}
|
||||
|
||||
/**
|
||||
* Performs a login to the provided SSH handle.
|
||||
*
|
||||
* @param handle $handle SSH handle
|
||||
* @throws Exception login failed
|
||||
*/
|
||||
function lamLoginSSH($handle) {
|
||||
$username = $_SESSION['config']->getScriptUserName();
|
||||
$credentials = $_SESSION['ldap']->decrypt_login();
|
||||
if (empty($username)) {
|
||||
// get user name from current LAM user
|
||||
$sr = @ldap_read($_SESSION['ldap']->server(), $credentials[0], "objectClass=posixAccount", array('uid'), 0, 0, 0, LDAP_DEREF_NEVER);
|
||||
if (!$sr) {
|
||||
$return = array("ERROR," . _("Your LAM admin user must be a valid Unix account to work with lamdaemon!") . ",");
|
||||
return $return;
|
||||
if ($sr) {
|
||||
$entry = @ldap_get_entries($_SESSION['ldap']->server(), $sr);
|
||||
$username = $entry[0]['uid'][0];
|
||||
}
|
||||
$entry = @ldap_get_entries($_SESSION['ldap']->server(), $sr);
|
||||
if (!isset($entry[0]['uid'][0])) {
|
||||
$return = array("ERROR," . _("Your LAM admin user must be a valid Unix account to work with lamdaemon!") . ",");
|
||||
return $return;
|
||||
}
|
||||
$userName = $entry[0]['uid'][0];
|
||||
if ($handle->login($userName, $credentials[1])) {
|
||||
$output = $handle->exec("sudo " . $_SESSION['config']->get_scriptPath() . ' ' . escapeshellarg($command));
|
||||
$return = array($output);
|
||||
return $return;
|
||||
}
|
||||
else {
|
||||
$return = array("ERROR," . _('Unable to connect to remote server!') . "," . $server);
|
||||
return $return;
|
||||
if (empty($username)) {
|
||||
throw new Exception(sprintf(_("Your LAM admin user (%s) must be a valid Unix account to work with lamdaemon!"), $credentials[0]));
|
||||
}
|
||||
}
|
||||
else {
|
||||
$return = array("ERROR," . _('Unable to connect to remote server!') . "," . $server);
|
||||
return $return;
|
||||
$password = $credentials[1];
|
||||
if (!empty($_SESSION['config']->getScriptSSHKey())) {
|
||||
// use key authentication
|
||||
$keyPath = $_SESSION['config']->getScriptSSHKey();
|
||||
if (!file_exists($keyPath) || !is_readable($keyPath)) {
|
||||
throw new Exception(sprintf(_("Unable to read %s."), htmlspecialchars($keyPath)));
|
||||
}
|
||||
$key = file_get_contents($keyPath);
|
||||
$rsa = new Crypt_RSA();
|
||||
$keyPassword = $_SESSION['config']->getScriptSSHKeyPassword();
|
||||
if (!empty($keyPassword)) {
|
||||
$rsa->setPassword($keyPassword);
|
||||
}
|
||||
if (!$rsa->loadKey($key)) {
|
||||
throw new Exception(sprintf(_("Unable to load key %s."), htmlspecialchars($keyPath)));
|
||||
}
|
||||
$password = $rsa;
|
||||
}
|
||||
$login = @$handle->login($username, $password);
|
||||
if (!$login) {
|
||||
throw new Exception(_("Unable to login to remote server!"));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -340,6 +340,13 @@ $container->addElement(new htmlSpacer(null, '10px'), true);
|
|||
$lamdaemonSettingsContent = new htmlTable();
|
||||
$lamdaemonSettingsContent->addElement(new htmlTableExtendedInputField(_("Server list"), 'scriptservers', $conf->get_scriptServers(), '218'), true);
|
||||
$lamdaemonSettingsContent->addElement(new htmlTableExtendedInputField(_("Path to external script"), 'scriptpath', $conf->get_scriptPath(), '210'), true);
|
||||
|
||||
$lamdaemonSettingsContent->addElement(new htmlTableExtendedInputField(_('User name'), 'scriptuser', $conf->getScriptUserName(), '284'), true);
|
||||
$lamdaemonSettingsContent->addElement(new htmlTableExtendedInputField(_('SSH key file'), 'scriptkey', $conf->getScriptSSHKey(), '285'), true);
|
||||
$sshKeyPassword = new htmlTableExtendedInputField(_('SSH key password'), 'scriptkeypassword', $conf->getScriptSSHKeyPassword(), '286');
|
||||
$sshKeyPassword->setIsPassword(true);
|
||||
$lamdaemonSettingsContent->addElement($sshKeyPassword, true);
|
||||
|
||||
$lamdaemonSettingsContent->addElement(new htmlSpacer(null, '5px'), true);
|
||||
$lamdaemonSettingsContent->addElement(new htmlOutputText(_("Rights for the home directory")));
|
||||
$chmod = $conf->get_scriptRights();
|
||||
|
|
@ -688,6 +695,9 @@ function checkInput() {
|
|||
if (!$conf->set_scriptrights($chmod)) {
|
||||
$errors[] = array("ERROR", _("Script rights are invalid!"));
|
||||
}
|
||||
$conf->setScriptUserName($_POST['scriptuser']);
|
||||
$conf->setScriptSSHKey($_POST['scriptkey']);
|
||||
$conf->setScriptSSHKeyPassword($_POST['scriptkeypassword']);
|
||||
// tool settings
|
||||
$tools = getTools();
|
||||
$toolSettings = array();
|
||||
|
|
|
|||
|
|
@ -3,18 +3,18 @@
|
|||
$Id$
|
||||
|
||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||
Copyright (C) 2006 - 2015 Roland Gruber
|
||||
Copyright (C) 2006 - 2016 Roland Gruber
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
|
@ -83,12 +83,12 @@ else if ((sizeof($servers) > 0) && isset($servers[0]) && ($servers[0] != '')) {
|
|||
$serverSelect = new htmlSelect('server', $serverOptions);
|
||||
$serverSelect->setHasDescriptiveElements(true);
|
||||
$container->addElement($serverSelect, true);
|
||||
|
||||
|
||||
$container->addElement(new htmlOutputText(_("Check quotas")));
|
||||
$container->addElement(new htmlInputCheckbox('checkQuotas', false), true);
|
||||
|
||||
|
||||
$container->addElement(new htmlSpacer(null, '10px'), true);
|
||||
|
||||
|
||||
$okButton = new htmlButton('runTest', _("Ok"));
|
||||
$okButton->colspan = 2;
|
||||
$container->addElement($okButton);
|
||||
|
|
@ -174,7 +174,7 @@ function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $contai
|
|||
$LAMDAEMON_PROTOCOL_VERSION = '5';
|
||||
$okImage = "../../graphics/pass.png";
|
||||
$failImage = "../../graphics/fail.png";
|
||||
|
||||
|
||||
flush();
|
||||
$stopTest = false;
|
||||
$spacer = new htmlSpacer('10px', null);
|
||||
|
|
@ -210,29 +210,34 @@ function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $contai
|
|||
flush();
|
||||
|
||||
// check Unix account of LAM admin
|
||||
$credentials = $_SESSION['ldap']->decrypt_login();
|
||||
if (!$stopTest) {
|
||||
$container->addElement(new htmlOutputText(_("Unix account")));
|
||||
$container->addElement($spacer);
|
||||
$credentials = $_SESSION['ldap']->decrypt_login();
|
||||
$unixOk = false;
|
||||
$sr = @ldap_read($_SESSION['ldap']->server(), $credentials[0], "objectClass=posixAccount", array('uid'), 0, 0, 0, LDAP_DEREF_NEVER);
|
||||
if ($sr) {
|
||||
$entry = @ldap_get_entries($_SESSION['ldap']->server(), $sr);
|
||||
$userName = $entry[0]['uid'][0];
|
||||
if ($userName) {
|
||||
$unixOk = true;
|
||||
if (empty($_SESSION['config']->getScriptUserName())) {
|
||||
$container->addElement(new htmlOutputText(_("Unix account")));
|
||||
$container->addElement($spacer);
|
||||
$unixOk = false;
|
||||
$sr = @ldap_read($_SESSION['ldap']->server(), $credentials[0], "objectClass=posixAccount", array('uid'), 0, 0, 0, LDAP_DEREF_NEVER);
|
||||
if ($sr) {
|
||||
$entry = @ldap_get_entries($_SESSION['ldap']->server(), $sr);
|
||||
$userName = $entry[0]['uid'][0];
|
||||
if ($userName) {
|
||||
$unixOk = true;
|
||||
}
|
||||
}
|
||||
if ($unixOk) {
|
||||
$container->addElement(new htmlImage($okImage));
|
||||
$container->addElement($spacer);
|
||||
$container->addElement(new htmlOutputText(sprintf(_("Using %s to connect to remote server."), $userName)), true);
|
||||
}
|
||||
else {
|
||||
$container->addElement(new htmlImage($failImage));
|
||||
$container->addElement($spacer);
|
||||
$container->addElement(new htmlOutputText(sprintf(_("Your LAM admin user (%s) must be a valid Unix account to work with lamdaemon!"), $credentials[0])), true);
|
||||
$stopTest = true;
|
||||
}
|
||||
}
|
||||
if ($unixOk) {
|
||||
$container->addElement(new htmlImage($okImage));
|
||||
$container->addElement($spacer);
|
||||
$container->addElement(new htmlOutputText(sprintf(_("Using %s to connect to remote server."), $userName)), true);
|
||||
}
|
||||
else {
|
||||
$container->addElement(new htmlImage($failImage));
|
||||
$container->addElement($spacer);
|
||||
$container->addElement(new htmlOutputText(sprintf(_("Your LAM admin user (%s) must be a valid Unix account to work with lamdaemon!"), $credentials[0])), true);
|
||||
$stopTest = true;
|
||||
$userName = $_SESSION['config']->getScriptUserName();
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -244,45 +249,37 @@ function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $contai
|
|||
$container->addElement($spacer);
|
||||
flush();
|
||||
$sshOk = false;
|
||||
$handle = lamTestConnectSSH($serverName);
|
||||
if ($handle) {
|
||||
if ($handle->login($userName, $credentials[1])) {
|
||||
$sshOk = true;
|
||||
}
|
||||
}
|
||||
if ($sshOk) {
|
||||
try {
|
||||
$handle = lamConnectSSH($serverName);
|
||||
$container->addElement(new htmlImage($okImage));
|
||||
$container->addElement($spacer);
|
||||
$container->addElement(new htmlOutputText(_("SSH connection could be established.")), true);
|
||||
$container->addElement(new htmlOutputText(_("SSH connection established.")), true);
|
||||
}
|
||||
else {
|
||||
catch (Exception $e) {
|
||||
$container->addElement(new htmlImage($failImage));
|
||||
$container->addElement($spacer);
|
||||
$container->addElement(new htmlOutputText(_("Unable to connect to remote server!")), true);
|
||||
$container->addElement(new htmlOutputText($e->getMessage()), true);
|
||||
$stopTest = true;
|
||||
}
|
||||
}
|
||||
|
||||
flush();
|
||||
|
||||
|
||||
if (!$stopTest) {
|
||||
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "basic", $stopTest, $handle, _("Execute lamdaemon"), $container);
|
||||
}
|
||||
|
||||
|
||||
if (!$stopTest) {
|
||||
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "version" . $SPLIT_DELIMITER . $LAMDAEMON_PROTOCOL_VERSION, $stopTest, $handle, _("Lamdaemon version"), $container);
|
||||
}
|
||||
|
||||
|
||||
if (!$stopTest) {
|
||||
$handle = lamTestConnectSSH($serverName);
|
||||
@$handle->login($userName, $credentials[1]);
|
||||
$handle = lamConnectSSH($serverName);
|
||||
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "nss" . $SPLIT_DELIMITER . "$userName", $stopTest, $handle, _("Lamdaemon: check NSS LDAP"), $container);
|
||||
if (!$stopTest && $testQuota) {
|
||||
$handle = lamTestConnectSSH($serverName);
|
||||
@$handle->login($userName, $credentials[1]);
|
||||
$handle = lamConnectSSH($serverName);
|
||||
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "quota", $stopTest, $handle, _("Lamdaemon: Quota module installed"), $container);
|
||||
$handle = lamTestConnectSSH($serverName);
|
||||
@$handle->login($userName, $credentials[1]);
|
||||
$handle = lamConnectSSH($serverName);
|
||||
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "quota" . $SPLIT_DELIMITER . "get" . $SPLIT_DELIMITER . "user", $stopTest, $handle, _("Lamdaemon: read quotas"), $container);
|
||||
}
|
||||
}
|
||||
|
|
@ -293,23 +290,4 @@ function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $contai
|
|||
$container->addElement($endMessage);
|
||||
}
|
||||
|
||||
/**
|
||||
* Connects to the given SSH server.
|
||||
*
|
||||
* @param String $server server name (e.g. localhost or localhost,1234)
|
||||
* @return object handle
|
||||
*/
|
||||
function lamTestConnectSSH($server) {
|
||||
// add phpseclib to include path
|
||||
set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib/3rdParty/phpseclib');
|
||||
include_once('Net/SSH2.php');
|
||||
$serverNameParts = explode(",", $server);
|
||||
if (sizeof($serverNameParts) > 1) {
|
||||
return @new Net_SSH2($serverNameParts[0], $serverNameParts[1]);
|
||||
}
|
||||
else {
|
||||
return @new Net_SSH2($server);
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -1,68 +0,0 @@
|
|||
<?php
|
||||
/*
|
||||
$Id$
|
||||
|
||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||
Copyright (C) 2003 - 2013 Roland Gruber
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
*/
|
||||
|
||||
/**
|
||||
* This test reads all preferences from config.cfg. Then it writes new values and verifies
|
||||
* if they were written. At last the old values are restored.
|
||||
*
|
||||
* @author Roland Gruber
|
||||
* @package tests
|
||||
*/
|
||||
|
||||
/** configuration interface */
|
||||
include ("../lib/config.inc");
|
||||
|
||||
$conf = new LAMCfgMain();
|
||||
echo "<html><head><title></title><link rel=\"stylesheet\" type=\"text/css\" href=\"../style/500_layout.css\"></head><body>";
|
||||
echo ("<b> Current Values</b><br><br>");
|
||||
echo "<b>Default: </b>" . $conf->default . "<br>\n";
|
||||
echo ("<br><br><big><b> Starting Test...</b></big><br><br>");
|
||||
// now all prferences are loaded
|
||||
echo ("Loading preferences...");
|
||||
$password = 'lam';
|
||||
$default = $conf->default;
|
||||
echo ("done<br>");
|
||||
// next we modify them and save config.cfg
|
||||
echo ("Changing preferences...");
|
||||
$conf->setPassword("123456");
|
||||
$conf->default = "lam";
|
||||
$conf->save();
|
||||
echo ("done<br>");
|
||||
// at last all preferences are read from config.cfg and compared
|
||||
echo ("Loading and comparing...");
|
||||
$conf = new LAMCfgMain();
|
||||
if (!$conf->checkPassword("123456")) echo ("<br><font color=\"#FF0000\">Saving password failed!</font><br>");
|
||||
if ($conf->default != "lam") echo ("<br><font color=\"#FF0000\">Saving Default failed!</font><br>");
|
||||
echo ("done<br>");
|
||||
// restore old values
|
||||
echo ("Restoring old preferences...");
|
||||
$conf->setPassword($password);
|
||||
$conf->default = $default;
|
||||
$conf->save();
|
||||
echo ("done<br>");
|
||||
// finished
|
||||
echo ("<br><b><font color=\"#00C000\">Test is complete.</font></b>");
|
||||
echo ("<br><br><b> Current Config</b><br><br>");
|
||||
echo "<b>Default: </b>" . $conf->default . "<br>\n";
|
||||
|
||||
?>
|
||||
|
|
@ -1,120 +0,0 @@
|
|||
<?php
|
||||
/*
|
||||
$Id$
|
||||
|
||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||
Copyright (C) 2003 - 2013 Roland Gruber
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
*/
|
||||
|
||||
/**
|
||||
* This test reads all preferences from lam.conf. Then it writes new values and verifies
|
||||
* if they were written. At last the old values are restored.
|
||||
*
|
||||
* @author Roland Gruber
|
||||
* @package tests
|
||||
*/
|
||||
|
||||
/** access to configuration functions */
|
||||
include ("../lib/config.inc");
|
||||
|
||||
$conf = new LAMConfig('test');
|
||||
echo "<html><head><title></title><link rel=\"stylesheet\" type=\"text/css\" href=\"../style/500_layout.css\"></head><body>";
|
||||
echo ("<br><br><big><b> Starting Test...</b></big><br><br>");
|
||||
// now all preferences are loaded
|
||||
echo ("Loading preferences...");
|
||||
$ServerURL = $conf->get_ServerURL();
|
||||
$cachetimeout = $conf->get_cacheTimeout();
|
||||
$Adminstring = $conf->get_Adminstring();
|
||||
$Suff_users = $conf->get_Suffix('user');
|
||||
$Suff_groups = $conf->get_Suffix('group');
|
||||
$Suff_hosts = $conf->get_Suffix('host');
|
||||
$Suff_domains = $conf->get_Suffix('smbDomain');
|
||||
$userlistAttributes = $conf->get_listAttributes('user');
|
||||
$grouplistAttributes = $conf->get_listAttributes('group');
|
||||
$hostlistAttributes = $conf->get_listAttributes('host');
|
||||
$defaultlanguage = $conf->get_defaultlanguage();
|
||||
$scriptpath = $conf->get_scriptPath();
|
||||
$scriptServer = $conf->get_scriptServers();
|
||||
$scriptRights = $conf->get_scriptRights();
|
||||
$moduleSettings = $conf->get_moduleSettings();
|
||||
echo ("done<br>");
|
||||
// next we modify them and save lam.conf
|
||||
echo ("Changing preferences...");
|
||||
$conf->set_ServerURL("ldap://123.345.678.123:777");
|
||||
$conf->set_cacheTimeout("33");
|
||||
$conf->set_Passwd("123456abcde");
|
||||
$conf->set_Adminstring("uid=test,o=test,dc=org;uid=root,o=test2,c=de");
|
||||
$conf->set_Suffix('user', "ou=test,o=test,c=de");
|
||||
$conf->set_Suffix('group', "ou=testgrp,o=test,c=de");
|
||||
$conf->set_Suffix('host', "ou=testhst,o=test,c=de");
|
||||
$conf->set_Suffix('smbDomain', "ou=testdom,o=test,c=de");
|
||||
$conf->set_listAttributes("#uid;#cn", 'user');
|
||||
$conf->set_listAttributes("#gidNumber;#cn;#memberUID", 'group');
|
||||
$conf->set_listAttributes("#cn;#uid;#description", 'host');
|
||||
$conf->set_defaultlanguage("de_AT:iso639_de:Deutsch (Oesterreich)");
|
||||
$conf->set_scriptPath("/var/www/lam/lib/script");
|
||||
$conf->set_scriptServers("127.0.0.1");
|
||||
$conf->set_scriptRights('775');
|
||||
$conf->set_moduleSettings(array("test1" => array(11), "test2" => array("abc"), 'test3' => array(3)));
|
||||
$conf->save();
|
||||
echo ("done<br>");
|
||||
// at last all preferences are read from lam.conf and compared
|
||||
echo ("Loading and comparing...");
|
||||
$conf2 = new LAMConfig('test');
|
||||
if ($conf2->get_ServerURL() != "ldap://123.345.678.123:777") echo ("<br><font color=\"#FF0000\">Saving ServerURL failed!</font><br>");
|
||||
if ($conf2->get_cacheTimeout() != "33") echo ("<br><font color=\"#FF0000\">Saving Cache timeout failed!</font><br>");
|
||||
if (!$conf2->check_Passwd("123456abcde")) echo ("<br><font color=\"#FF0000\">Saving password failed!</font><br>");
|
||||
if ($conf2->get_Adminstring() != "uid=test,o=test,dc=org;uid=root,o=test2,c=de") echo ("<br><font color=\"#FF0000\">Saving admin string failed!</font><br>");
|
||||
if ($conf2->get_Suffix('user') != "ou=test,o=test,c=de") echo ("<br><font color=\"#FF0000\">Saving user suffix failed!</font><br>");
|
||||
if ($conf2->get_Suffix('group') != "ou=testgrp,o=test,c=de") echo ("<br><font color=\"#FF0000\">Saving group suffix failed!</font><br>");
|
||||
if ($conf2->get_Suffix('host') != "ou=testhst,o=test,c=de") echo ("<br><font color=\"#FF0000\">Saving host suffix failed!</font><br>");
|
||||
if ($conf2->get_Suffix('smbDomain') != "ou=testdom,o=test,c=de") echo ("<br><font color=\"#FF0000\">Saving domain suffix failed!</font><br>");
|
||||
if ($conf2->get_listAttributes('user') != "#uid;#cn") echo ("<br><font color=\"#FF0000\">Saving userlistAttributes failed!</font><br>");
|
||||
if ($conf2->get_listAttributes('group') != "#gidNumber;#cn;#memberUID") echo ("<br><font color=\"#FF0000\">Saving grouplistAttributes failed!</font><br>");
|
||||
if ($conf2->get_listAttributes('host') != "#cn;#uid;#description") echo ("<br><font color=\"#FF0000\">Saving hostlistAttributes failed!</font><br>");
|
||||
if ($conf2->get_defaultlanguage() != "de_AT:iso639_de:Deutsch (Oesterreich)") echo ("<br><font color=\"#FF0000\">Saving default language failed!</font><br>");
|
||||
if ($conf2->get_scriptPath() != "/var/www/lam/lib/script") echo ("<br><font color=\"#FF0000\">Saving script path failed!</font><br>");
|
||||
if ($conf2->get_scriptServers() != "127.0.0.1") echo ("<br><font color=\"#FF0000\">Saving script server failed!</font><br>");
|
||||
if ($conf2->get_scriptRights() != '775') echo ("<br><font color=\"#FF0000\">Saving script rights failed!</font><br>");
|
||||
$msettings = $conf2->get_moduleSettings();
|
||||
if (($msettings['test1'][0] != 11) || ($msettings['test2'][0] != 'abc') || ($msettings['test3'][0] != '3')) echo ("<br><font color=\"#FF0000\">Saving module settings failed!</font><br>");
|
||||
echo ("done<br>");
|
||||
// restore old values
|
||||
echo ("Restoring old preferences...");
|
||||
$conf2->set_ServerURL($ServerURL);
|
||||
$conf2->set_cacheTimeout($cachetimeout);
|
||||
$conf2->set_Passwd('lam');
|
||||
$conf2->set_Adminstring($Adminstring);
|
||||
$conf2->set_Suffix('user', $Suff_users);
|
||||
$conf2->set_Suffix('group', $Suff_groups);
|
||||
$conf2->set_Suffix('host', $Suff_hosts);
|
||||
$conf2->set_Suffix('smbDomain', $Suff_domains);
|
||||
$conf2->set_listAttributes($userlistAttributes, 'user');
|
||||
$conf2->set_listAttributes($grouplistAttributes, 'group');
|
||||
$conf2->set_listAttributes($hostlistAttributes, 'host');
|
||||
$conf2->set_defaultLanguage($defaultlanguage);
|
||||
$conf2->set_scriptPath($scriptpath);
|
||||
$conf2->set_scriptServers($scriptServer);
|
||||
$conf2->set_moduleSettings($moduleSettings);
|
||||
$conf2->set_scriptRights($scriptRights);
|
||||
$conf2->save();
|
||||
echo ("done<br>");
|
||||
// finished
|
||||
echo ("<br><b><font color=\"#00C000\">Test is complete.</font></b>");
|
||||
|
||||
?>
|
||||
|
|
@ -278,6 +278,39 @@ class LAMConfigTest extends PHPUnit_Framework_TestCase {
|
|||
$this->assertEquals($val, $this->lAMConfig->get_scriptRights());
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests LAMConfig->getScriptSSHKey() and LAMConfig->SetScriptSSHKey()
|
||||
*/
|
||||
public function testScriptSSHKey() {
|
||||
$val = '/tmp/test';
|
||||
$this->lAMConfig->SetScriptSSHKey($val);
|
||||
$this->assertEquals($val, $this->lAMConfig->getScriptSSHKey());
|
||||
$this->doSave();
|
||||
$this->assertEquals($val, $this->lAMConfig->getScriptSSHKey());
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests LAMConfig->getScriptSSHKeyPassword() and LAMConfig->setScriptSSHKeyPassword()
|
||||
*/
|
||||
public function testScriptSSHKeyPassword() {
|
||||
$val = '12345';
|
||||
$this->lAMConfig->setScriptSSHKeyPassword($val);
|
||||
$this->assertEquals($val, $this->lAMConfig->getScriptSSHKeyPassword());
|
||||
$this->doSave();
|
||||
$this->assertEquals($val, $this->lAMConfig->getScriptSSHKeyPassword());
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests LAMConfig->getScriptUserName() and LAMConfig->setScriptUserName()
|
||||
*/
|
||||
public function testScriptUserName() {
|
||||
$val = 'admin';
|
||||
$this->lAMConfig->setScriptUserName($val);
|
||||
$this->assertEquals($val, $this->lAMConfig->getScriptUserName());
|
||||
$this->doSave();
|
||||
$this->assertEquals($val, $this->lAMConfig->getScriptUserName());
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests LAMConfig->set_cacheTimeout(), LAMConfig->get_cacheTimeout() and LAMConfig->get_cacheTimeoutSec()
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -1,47 +0,0 @@
|
|||
<?php
|
||||
/*
|
||||
$Id$
|
||||
|
||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||
Copyright (C) 2003 - 2013 Michael Duergner
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
*/
|
||||
|
||||
/**
|
||||
* LDAP Account Manager status messages.
|
||||
*
|
||||
* @package tests
|
||||
* @author Michael Duergner
|
||||
*/
|
||||
|
||||
/** message displaying */
|
||||
include_once("../lib/status.inc");
|
||||
|
||||
?>
|
||||
<html>
|
||||
<head>
|
||||
<link rel="stylesheet" type="text/css" href="../style/500_layout.css" />
|
||||
</head>
|
||||
<body>
|
||||
<?php
|
||||
$Headline = "Test";
|
||||
$Text = "{color=00FF00}Farbe{endcolor} {bold}fett{endbold} normal";
|
||||
$Variables = array();
|
||||
StatusMessage('INFO',$Headline,$Text,$Variables);
|
||||
StatusMessage('WARN',$Headline,$Text,$Variables);
|
||||
StatusMessage('ERROR',$Headline,$Text,$Variables);
|
||||
?>
|
||||
Loading…
Reference in New Issue