Handle hostnames with upper-case letters

[webmin.git] / ldap-client / save_server.cgi

#!/usr/local/bin/perl
# Save the LDAP server to connect to

require './ldap-client-lib.pl';
&error_setup($text{'server_err'});
&ReadParse();

&lock_file($config{'auth_ldap'});
@secrets = split(/\t+/, $config{'secret'});
foreach $secret (@secrets) {
        &lock_file($secret);
        }
$conf = &get_config();
$uri = &find_svalue("uri", $conf);

# Validate and save inputs
if ($uri) {
        # Save uri directive
        for($i=0; defined($host = $in{'uhost_'.$i}); $i++) {
                next if (!$host);
                $port = $in{'uport_'.$i.'_def'} ? undef : $in{'uport_'.$i};
                $proto = $in{'uproto_'.$i};
                !defined($port) ||
                    $port =~ /^\d+$/ && $port > 0 && $port < 65536 ||
                    &error(&text('server_euport', $host));
                $uri = $proto."://".$host.($port ? ":$port" : "");
                $uri .= "/" if ($proto eq "ldap" || $proto eq "ldaps");
                push(@uris, $uri);
                }
        @uris || &error($text{'server_euri'});
        &save_directive($conf, "uri", join(" ", @uris));
        }
else {
        # Set host and port directives
        @hosts = split(/\s+/, $in{'host'});
        foreach $h (@hosts) {
                &to_ipaddress($h) || &to_ip6address($h) ||
                        &error(&text('server_ehost', $h));
                }
        @hosts || &error($text{'server_ehosts'});
        &save_directive($conf, "host", join(" ", @hosts));

        # Save server port
        if ($in{'port_def'}) {
                &save_directive($conf, "port", undef);
                }
        else {
                $in{'port'} =~ /^\d+$/ &&
                    $in{'port'} > 0 && $in{'port'} < 65536 ||
                        &error($text{'server_eport'});
                &save_directive($conf, "port", $in{'port'});
                }
        }

# Save LDAP protocol version
&save_directive($conf, "ldap_version", $in{'version'} || undef);

# Save time limit
if ($in{'timelimit_def'}) {
        &save_directive($conf, "bind_timelimit", undef);
        }
else {
        $in{'timelimit'} =~ /^\d+$/ || &error($text{'server_etimelimit'});
        &save_directive($conf, "bind_timelimit", $in{'timelimit'});
        }

# Save non-root login
if ($in{'binddn_def'}) {
        &save_directive($conf, "binddn", undef);
        }
else {
        $in{'binddn'} =~ /\S/ || &error($text{'server_ebinddn'});
        &save_directive($conf, "binddn", $in{'binddn'});
        }

# Save non-root password
if ($in{'bindpw_def'}) {
        &save_directive($conf, "bindpw", undef);
        }
else {
        $in{'bindpw'} =~ /\S/ || &error($text{'server_ebindpw'});
        &save_directive($conf, "bindpw", $in{'bindpw'});
        }

# Save root login
if ($in{'rootbinddn_def'}) {
        &save_directive($conf, "rootbinddn", undef);
        }
else {
        $in{'rootbinddn'} =~ /\S/ || &error($text{'server_erootbinddn'});
        &save_directive($conf, "rootbinddn", $in{'rootbinddn'});
        }

# Save root password
if ($in{'rootbindpw_def'}) {
        &save_rootbinddn_secret(undef);
        }
else {
        $in{'rootbindpw'} =~ /\S/ || &error($text{'server_erootbindpw'});
        &save_rootbinddn_secret($in{'rootbindpw'});
        }

# SSL mode
&save_directive($conf, "ssl", $in{'ssl'} || undef);

# Check server SSL cert
&save_directive($conf, "tls_checkpeer", $in{'peer'} || undef);

# CA cert file for server
if ($in{'cacert_def'}) {
        &save_directive($conf, "tls_cacertfile", undef);
        }
else {
        $in{'cacert'} =~ /^\// && -r $in{'cacert'} && !-d $in{'cacert'} ||
                &error($text{'server_ecacert'});
        &save_directive($conf, "tls_cacertfile", $in{'cacert'});
        }

# Write out config
&flush_file_lines();
&unlock_file($config{'auth_ldap'});
foreach $secret (@secrets) {
        &unlock_file($secret);
        }

&webmin_log("server");
&redirect("");