X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/8dadaf0af0d3b92a2282a1c5bcb1305a97e135d8..6d2f72029699314db90926f57861154ae76d3852:/lib/functions.php?ds=inline
diff --git a/lib/functions.php b/lib/functions.php
index 850386b..5800190 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -142,6 +142,11 @@ function jirafeau_fatal_error($errorText, $cfg = array())
exit;
}
+function jirafeau_non_fatal_error($errorText)
+{
+ echo '
';
+}
+
function jirafeau_clean_rm_link($link)
{
$p = s2p("$link");
@@ -619,6 +624,14 @@ function check_errors($cfg)
if ($cfg['one_time_download'] && $cfg['litespeed_workaround']) {
add_error(t('INCOMPATIBLE_OPTIONS_W'), 'one_time_download=true
litespeed_workaround=true');
}
+ if ($cfg['upload_ldap_auth'] === true) {
+ if (sizeof($cfg['upload_password']) > 0) {
+ add_error(t('INCOMPATIBLE_OPTIONS_W'), 'upload_ldap_auth=true
sizeof(upload_password) > 0');
+ }
+ if (sizeof($cfg['upload_ip_nopassword']) > 0) {
+ add_error(t('INCOMPATIBLE_OPTIONS_W'), 'upload_ldap_auth=true
sizeof(upload_ip_nopassword) > 0');
+ }
+ }
}
/**
@@ -1587,3 +1600,49 @@ function jirafeau_default_web_root()
{
return $_SERVER['HTTP_HOST'] . str_replace('install.php', '', $_SERVER['REQUEST_URI']);
}
+
+function jirafeau_has_ldap_auth($cfg)
+{
+ return $cfg['upload_ldap_auth'] === true;
+}
+
+function jirafeau_challenge_ldap_auth($cfg, $user, $password)
+{
+ if (!jirafeau_has_ldap_auth($cfg)) {
+ return "upload_ldap_auth not set";
+ }
+ if (strlen($cfg['upload_ldap_host']) == 0) {
+ return "upload_ldap_host not set";
+ }
+ if (strlen($cfg['upload_ldap_base_dn']) == 0) {
+ return "upload_ldap_base_dn not set";
+ }
+ $host = $cfg['upload_ldap_host'];
+ $base_dn = $cfg['upload_ldap_base_dn'];
+ $con = ldap_connect("ldap://$host");
+ $ldap_user = "cn=$user,$base_dn";
+ if (!$con) {
+ return "cannot initiate connection to ldap server";
+ }
+ ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_set_option($con, LDAP_OPT_REFERRALS, 0);
+ $bind = ldap_bind_ext($con, $ldap_user, $password, [['oid' => LDAP_CONTROL_PASSWORDPOLICYREQUEST]]);
+ if (!$bind) {
+ ldap_close($con);
+ return "cannot bind to ldap server";
+ }
+ $parsing = ldap_parse_result($con, $bind, $errcode, $matcheddn, $errmsg, $referrals, $ctrls);
+ if (!$parsing) {
+ ldap_close($con);
+ return "cannot parlse ldap results";
+ }
+ if ($errcode == 49) {
+ ldap_close($con);
+ return "bad password";
+ }
+ if ($errcode != 0) {
+ ldap_close($con);
+ return "ldap auth error: $errmsg ($errcode)";
+ }
+ return true;
+}