smeserver-phpldapadmin/contribs8/smeserver-phpldapadmin-1.2.3-authpatch.patch

diff -up smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze.authpatch smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze
--- smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze.authpatch     2013-11-06 17:25:19.000000000 -0500
+++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze       2013-11-06 17:25:31.000000000 -0500
@@ -0,0 +1 @@
+disabled
diff -up smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer.authpatch smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer
--- smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer.authpatch  2013-11-06 17:23:45.000000000 -0500
+++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer    2013-11-06 17:38:43.000000000 -0500
@@ -4,66 +4,13 @@
  *********************************************/
 
 $servers = new Datastore();
-
-/* $servers->NewServer('ldap_pla') must be called before each new LDAP server
-   declaration. */
 $servers->newServer('ldap_pla');
-
-/* A convenient name that will appear in the tree viewer and throughout
-   phpLDAPadmin to identify this LDAP server to users. */
 $servers->setValue('server','name','Local LDAP Server');
-
-/* Examples:
-   'ldap.example.com',
-   'ldaps://ldap.example.com/',
-   'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
-           (Unix socket at /usr/local/var/run/ldap) */
 $servers->setValue('server','host','127.0.0.1');
-
-/* The port your LDAP server listens on (no quotes). 389 is standard. */
 $servers->setValue('server','port',389);
 
-/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
-   auto-detect it for you. */
-// $servers->setValue('server','base',array(''));
-
-/* Five options for auth_type:
-   1. 'cookie': you will login via a web form, and a client-side cookie will
-      store your login dn and password.
-   2. 'session': same as cookie but your login dn and password are stored on the
-      web server in a persistent session variable.
-   3. 'http': same as session but your login dn and password are retrieved via
-      HTTP authentication.
-   4. 'config': specify your login dn and password here in this config file. No
-      login will be required to use phpLDAPadmin for this server.
-   5. 'sasl': login will be taken from the webserver's kerberos authentication.
-      Currently only GSSAPI has been tested (using mod_auth_kerb).
-
-   Choose wisely to protect your authentication information appropriately for
-   your situation. If you choose 'cookie', your cookie contents will be
-   encrypted using blowfish and the secret your specify above as
-   session['blowfish']. */
-// $servers->setValue('login','auth_type','session');
-
-/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
-   'cookie','session' or 'sasl' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS
-   BLANK. If you specify a login_attr in conjunction with a cookie or session
-   auth_type, then you can also specify the bind_id/bind_pass here for searching
-   the directory for users (ie, if your LDAP server does not allow anonymous
-   binds. */
-// $servers->setValue('login','bind_id','');
-#  $servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com');
-
-/* Your LDAP password. If you specified an empty bind_id above, this MUST also
-   be blank. */
-// $servers->setValue('login','bind_pass','');
-#  $servers->setValue('login','bind_pass','secret');
-
-/* Use TLS (Transport Layer Security) to connect to the LDAP server. */
-// $servers->setValue('server','tls',false);
 
 $servers->setValue('server','tls',false);
-$servers->setValue('login','anon_bind',false);
 
 {
     open (PW, "/etc/openldap/ldap.pw")
@@ -71,6 +18,7 @@ $servers->setValue('login','anon_bind',f
     my $pw = <PW>;
     chomp ($pw);
     close PW;
+    my $kamikaze = $phpldapadmin{'kamikaze'} || 'disabled';
 
     use esmith::util;
 
@@ -80,10 +28,22 @@ $servers->setValue('login','anon_bind',f
     my $domain = db_get(\%conf, 'DomainName');
 
     my $dc = esmith::util::ldapBase($domain);
-
-    $OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
-    $OUT .= "\$servers->setValue('login','base',array('$dc'));\n";
-    $OUT .= "\$servers->setValue('login','auth_type','http');\n";
-    $OUT .= "\$servers->SetValue('login','bind_id','cn=root,$dc');\n";
-    $OUT .= "\$servers->setValue('login','bind_pass','$pw');\n";
+    if ( $kamikaze eq "enabled")
+       {
+       $OUT .= "\$servers->setValue('login','anon_bind',false);\n";
+       $OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
+       $OUT .= "\$servers->setValue('login','base',array('$dc'));\n";
+       $OUT .= "\$servers->setValue('login','auth_type','config');\n";
+       $OUT .= "\$servers->SetValue('login','bind_id','cn=root,$dc');\n";
+       $OUT .= "\$servers->setValue('login','bind_pass','$pw');\n";
+       $OUT .= "\$servers->setValue('login','attr','dn');\n";
+       }
+     else
+       {
+       $OUT .= "\$servers->setValue('login','anon_bind',true);\n";
+        $OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
+        $OUT .= "\$servers->setValue('login','base',array('$dc'));\n";
+        $OUT .= "\$servers->setValue('login','auth_type','http');\n";
+        $OUT .= "\$servers->setValue('login','attr','uid');\n";
+       }
 }
diff -up smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth.authpatch smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth
--- smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth.authpatch    2013-11-06 17:23:45.000000000 -0500
+++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth      2013-11-06 17:40:18.000000000 -0500
@@ -54,7 +54,6 @@ $servers->setValue('appearance','passwor
    your LDAP server requires you to login to perform searches, you can enter the
    DN to use when searching in 'bind_id' and 'bind_pass' above. */
 // $servers->setValue('login','attr','dn');
-$servers->setValue('login','attr','uid');
 
 /* Base DNs to used for logins. If this value is not set, then the LDAP server
    Base DNs are used. */
1	diff -up smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze.authpatch smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze
2	--- smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze.authpatch 2013-11-06 17:25:19.000000000 -0500
3	+++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/db/configuration/defaults/phpldapadmin/kamikaze 2013-11-06 17:25:31.000000000 -0500
4	@@ -0,0 +1 @@
5	+disabled
6	diff -up smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer.authpatch smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer
7	--- smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer.authpatch 2013-11-06 17:23:45.000000000 -0500
8	+++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/05LdapServer 2013-11-06 17:38:43.000000000 -0500
9	@@ -4,66 +4,13 @@
10	*********************************************/
11
12	$servers = new Datastore();
13	-
14	-/* $servers->NewServer('ldap_pla') must be called before each new LDAP server
15	- declaration. */
16	$servers->newServer('ldap_pla');
17	-
18	-/* A convenient name that will appear in the tree viewer and throughout
19	- phpLDAPadmin to identify this LDAP server to users. */
20	$servers->setValue('server','name','Local LDAP Server');
21	-
22	-/* Examples:
23	- 'ldap.example.com',
24	- 'ldaps://ldap.example.com/',
25	- 'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
26	- (Unix socket at /usr/local/var/run/ldap) */
27	$servers->setValue('server','host','127.0.0.1');
28	-
29	-/* The port your LDAP server listens on (no quotes). 389 is standard. */
30	$servers->setValue('server','port',389);
31
32	-/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
33	- auto-detect it for you. */
34	-// $servers->setValue('server','base',array(''));
35	-
36	-/* Five options for auth_type:
37	- 1. 'cookie': you will login via a web form, and a client-side cookie will
38	- store your login dn and password.
39	- 2. 'session': same as cookie but your login dn and password are stored on the
40	- web server in a persistent session variable.
41	- 3. 'http': same as session but your login dn and password are retrieved via
42	- HTTP authentication.
43	- 4. 'config': specify your login dn and password here in this config file. No
44	- login will be required to use phpLDAPadmin for this server.
45	- 5. 'sasl': login will be taken from the webserver's kerberos authentication.
46	- Currently only GSSAPI has been tested (using mod_auth_kerb).
47	-
48	- Choose wisely to protect your authentication information appropriately for
49	- your situation. If you choose 'cookie', your cookie contents will be
50	- encrypted using blowfish and the secret your specify above as
51	- session['blowfish']. */
52	-// $servers->setValue('login','auth_type','session');
53	-
54	-/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
55	- 'cookie','session' or 'sasl' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS
56	- BLANK. If you specify a login_attr in conjunction with a cookie or session
57	- auth_type, then you can also specify the bind_id/bind_pass here for searching
58	- the directory for users (ie, if your LDAP server does not allow anonymous
59	- binds. */
60	-// $servers->setValue('login','bind_id','');
61	-# $servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com');
62	-
63	-/* Your LDAP password. If you specified an empty bind_id above, this MUST also
64	- be blank. */
65	-// $servers->setValue('login','bind_pass','');
66	-# $servers->setValue('login','bind_pass','secret');
67	-
68	-/* Use TLS (Transport Layer Security) to connect to the LDAP server. */
69	-// $servers->setValue('server','tls',false);
70
71	$servers->setValue('server','tls',false);
72	-$servers->setValue('login','anon_bind',false);
73
74	{
75	open (PW, "/etc/openldap/ldap.pw")
76	@@ -71,6 +18,7 @@ $servers->setValue('login','anon_bind',f
77	my $pw = <PW>;
78	chomp ($pw);
79	close PW;
80	+ my $kamikaze = $phpldapadmin{'kamikaze'} \|\| 'disabled';
81
82	use esmith::util;
83
84	@@ -80,10 +28,22 @@ $servers->setValue('login','anon_bind',f
85	my $domain = db_get(\%conf, 'DomainName');
86
87	my $dc = esmith::util::ldapBase($domain);
88	-
89	- $OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
90	- $OUT .= "\$servers->setValue('login','base',array('$dc'));\n";
91	- $OUT .= "\$servers->setValue('login','auth_type','http');\n";
92	- $OUT .= "\$servers->SetValue('login','bind_id','cn=root,$dc');\n";
93	- $OUT .= "\$servers->setValue('login','bind_pass','$pw');\n";
94	+ if ( $kamikaze eq "enabled")
95	+ {
96	+ $OUT .= "\$servers->setValue('login','anon_bind',false);\n";
97	+ $OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
98	+ $OUT .= "\$servers->setValue('login','base',array('$dc'));\n";
99	+ $OUT .= "\$servers->setValue('login','auth_type','config');\n";
100	+ $OUT .= "\$servers->SetValue('login','bind_id','cn=root,$dc');\n";
101	+ $OUT .= "\$servers->setValue('login','bind_pass','$pw');\n";
102	+ $OUT .= "\$servers->setValue('login','attr','dn');\n";
103	+ }
104	+ else
105	+ {
106	+ $OUT .= "\$servers->setValue('login','anon_bind',true);\n";
107	+ $OUT .= "\$servers->setValue('server','base',array('$dc'));\n";
108	+ $OUT .= "\$servers->setValue('login','base',array('$dc'));\n";
109	+ $OUT .= "\$servers->setValue('login','auth_type','http');\n";
110	+ $OUT .= "\$servers->setValue('login','attr','uid');\n";
111	+ }
112	}
113	diff -up smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth.authpatch smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth
114	--- smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth.authpatch 2013-11-06 17:23:45.000000000 -0500
115	+++ smeserver-phpldapadmin-1.2.3/root/etc/e-smith/templates/etc/phpldapadmin/config.php/06SASLAuth 2013-11-06 17:40:18.000000000 -0500
116	@@ -54,7 +54,6 @@ $servers->setValue('appearance','passwor
117	your LDAP server requires you to login to perform searches, you can enter the
118	DN to use when searching in 'bind_id' and 'bind_pass' above. */
119	// $servers->setValue('login','attr','dn');
120	-$servers->setValue('login','attr','uid');
121
122	/* Base DNs to used for logins. If this value is not set, then the LDAP server
123	Base DNs are used. */