Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ldapi unix socket support #24574

Merged
merged 2 commits into from
Dec 8, 2022
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions apps/user_ldap/js/wizard/view.js
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,8 @@ OCA = OCA || {};
var agent = view.configModel.configuration.ldap_dn;
var pwd = view.configModel.configuration.ldap_agent_password;

if((host && port && base) && ((!agent && !pwd) || (agent && pwd))) {
if(((host && port && base) || (host && base && host.indexOf('ldapi://') > -1 ))
&& ((!agent && !pwd) || (agent && pwd))) {
view.enableTabs();
} else {
view.disableTabs();
Expand All @@ -107,7 +108,8 @@ OCA = OCA || {};
var userFilter = this.configModel.configuration.ldap_userlist_filter;
var loginFilter = this.configModel.configuration.ldap_login_filter;

if(host && port && base && userFilter && loginFilter) {
if((host && port && base && userFilter && loginFilter) ||
(host && base && host.indexOf('ldapi://') > -1 && userFilter && loginFilter)) {
this.configModel.requestConfigurationTest();
} else {
this._updateStatusIndicator(this.STATUS_INCOMPLETE);
Expand Down
7 changes: 7 additions & 0 deletions apps/user_ldap/lib/Configuration.php
Original file line number Diff line number Diff line change
Expand Up @@ -559,4 +559,11 @@ public function getAvatarAttributes(): array {
}
return $defaultAttributes;
}

/**
* Returns TRUE if the ldapHost variable starts with 'ldapi://'
*/
public function usesLdapi(): bool {
Fixed Show fixed Hide fixed
return (substr($this->config['ldapHost'], 0, strlen('ldapi://')) === 'ldapi://');
}
}
9 changes: 8 additions & 1 deletion apps/user_ldap/lib/Connection.php
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
* @author root <root@localhost.localdomain>
* @author Victor Dubiniuk <dubiniuk@owncloud.com>
* @author Xuanwo <xuanwo@yunify.com>
* @author Vincent Van Houtte <vvh@aplusv.be>
*
* @license AGPL-3.0
*
Expand Down Expand Up @@ -454,8 +455,14 @@ private function doCriticalValidation() {
(string)$this->configPrefix .'): ';

//options that shall not be empty
$options = ['ldapHost', 'ldapPort', 'ldapUserDisplayName',
$options = ['ldapHost', 'ldapUserDisplayName',
'ldapGroupDisplayName', 'ldapLoginFilter'];

//ldapPort should not be empty either unless ldapHost is pointing to a socket
if (!$this->configuration->usesLdapi()) {
$options[] = 'ldapPort';
}

foreach ($options as $key) {
$val = $this->configuration->$key;
if (empty($val)) {
Expand Down
2 changes: 1 addition & 1 deletion apps/user_ldap/lib/LDAP.php
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ public function connect($host, $port) {
if (strpos($host, '://') === false) {
$host = 'ldap://' . $host;
}
if (strpos($host, ':', strpos($host, '://') + 1) === false) {
if (strpos($host, ':', strpos($host, '://') + 1) === false && !empty($port)) {
Fixed Show fixed Hide fixed
//ldap_connect ignores port parameter when URLs are passed
$host .= ':' . $port;
}
Expand Down
140 changes: 77 additions & 63 deletions apps/user_ldap/lib/Wizard.php
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
* @author Tobias Perschon <tobias@perschon.at>
* @author Victor Dubiniuk <dubiniuk@owncloud.com>
* @author Xuanwo <xuanwo@yunify.com>
* @author Vincent Van Houtte <vvh@aplusv.be>
*
* @license AGPL-3.0
*
Expand Down Expand Up @@ -97,7 +98,10 @@ public function __destruct() {
* @throws \Exception
*/
public function countEntries(string $filter, string $type): int {
$reqs = ['ldapHost', 'ldapPort', 'ldapBase'];
$reqs = ['ldapHost', 'ldapBase'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if ($type === 'users') {
$reqs[] = 'ldapUserFilter';
}
Expand Down Expand Up @@ -196,11 +200,11 @@ public function countInBaseDN() {
* @return int|bool
*/
public function countUsersWithAttribute($attr, $existsCheck = false) {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
'ldapUserFilter',
])) {
$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}

Expand All @@ -221,11 +225,11 @@ public function countUsersWithAttribute($attr, $existsCheck = false) {
* @throws \Exception
*/
public function detectUserDisplayNameAttribute() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
'ldapUserFilter',
])) {
$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}

Expand Down Expand Up @@ -263,11 +267,11 @@ public function detectUserDisplayNameAttribute() {
* @return WizardResult|bool
*/
public function detectEmailAttribute() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
'ldapUserFilter',
])) {
$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}

Expand Down Expand Up @@ -312,11 +316,11 @@ public function detectEmailAttribute() {
* @throws \Exception
*/
public function determineAttributes() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
'ldapUserFilter',
])) {
$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}

Expand All @@ -341,11 +345,11 @@ public function determineAttributes() {
* @throws \Exception
*/
private function getUserAttributes() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
'ldapUserFilter',
])) {
$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}
$cr = $this->getConnection();
Expand Down Expand Up @@ -397,10 +401,11 @@ public function determineGroupsForUsers() {
* @throws \Exception
*/
private function determineGroups($dbKey, $confKey, $testMemberOf = true) {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
])) {
$reqs = ['ldapHost', 'ldapBase'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}
$cr = $this->getConnection();
Expand Down Expand Up @@ -477,10 +482,11 @@ public function fetchGroups($dbKey, $confKey) {
}

public function determineGroupMemberAssoc() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapGroupFilter',
])) {
$reqs = ['ldapHost', 'ldapGroupFilter'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}
$attribute = $this->detectGroupMemberAssoc();
Expand All @@ -499,10 +505,11 @@ public function determineGroupMemberAssoc() {
* @throws \Exception
*/
public function determineGroupObjectClasses() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
])) {
$reqs = ['ldapHost', 'ldapBase'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}
$cr = $this->getConnection();
Expand All @@ -526,10 +533,11 @@ public function determineGroupObjectClasses() {
* @throws \Exception
*/
public function determineUserObjectClasses() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
])) {
$reqs = ['ldapHost', 'ldapBase'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}
$cr = $this->getConnection();
Expand All @@ -556,10 +564,11 @@ public function determineUserObjectClasses() {
* @throws \Exception
*/
public function getGroupFilter() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
])) {
$reqs = ['ldapHost', 'ldapBase'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}
//make sure the use display name is set
Expand All @@ -580,10 +589,11 @@ public function getGroupFilter() {
* @throws \Exception
*/
public function getUserListFilter() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
])) {
$reqs = ['ldapHost', 'ldapBase'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}
//make sure the use display name is set
Expand All @@ -606,11 +616,11 @@ public function getUserListFilter() {
* @throws \Exception
*/
public function getUserLoginFilter() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
'ldapUserFilter',
])) {
$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}

Expand All @@ -629,11 +639,11 @@ public function getUserLoginFilter() {
* @throws \Exception
*/
public function testLoginName($loginName) {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
'ldapBase',
'ldapLoginFilter',
])) {
$reqs = ['ldapHost', 'ldapBase', 'ldapUserFilter'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}

Expand Down Expand Up @@ -722,9 +732,11 @@ public function guessPortAndTLS() {
* @return WizardResult|false WizardResult on success, false otherwise
*/
public function guessBaseDN() {
if (!$this->checkRequirements(['ldapHost',
'ldapPort',
])) {
$reqs = ['ldapHost'];
if (!$this->configuration->usesLdapi()) {
$reqs[] = 'ldapPort';
}
if (!$this->checkRequirements($reqs)) {
return false;
}

Expand Down Expand Up @@ -1366,6 +1378,8 @@ private function getPortSettingsToTry() {
$portSettings[] = ['port' => $port, 'tls' => true];
}
$portSettings[] = ['port' => $port, 'tls' => false];
} elseif ($this->configuration->usesLdapi()) {
$portSettings[] = ['port' => '', 'tls' => false];
come-nc marked this conversation as resolved.
Show resolved Hide resolved
}

//default ports
Expand Down