ldap-server/save_slapd.cgi

   1 #!/usr/local/bin/perl
   2 # Update local LDAP server configuration options
   3
   4 require './ldap-server-lib.pl';
   5 &error_setup($text{'slapd_err'});
   6 $access{'slapd'} || &error($text{'slapd_ecannot'});
   7 &local_ldap_server() == 1 || &error($text{'slapd_elocal'});
   8 &ReadParse();
   9
  10 &lock_slapd_files();
  11 $conf = &get_config();
  12
  13 # Validate and store inputs
  14
  15 # Top-level DN
  16 $in{'suffix'} =~ /=/ || &error($text{'slapd_esuffix'});
  17 &save_directive($conf, 'suffix', $in{'suffix'});
  18
  19 # Admin login
  20 $in{'rootdn'} =~ /=/ || &error($text{'slapd_erootdn'});
  21 &save_directive($conf, 'rootdn', $in{'rootdn'});
  22
  23 # Admin password
  24 if (!$in{'rootchange_def'}) {
  25         $in{'rootchange'} =~ /\S/ || &error($text{'slapd_erootpw'});
  26         $crypt = &unix_crypt($in{'rootchange'}, substr(time(), -2));
  27         &save_directive($conf, 'rootpw', "{crypt}".$crypt);
  28         $config{'pass'} = $in{'rootchange'};
  29         $save_config = 1;
  30         }
  31
  32 # Cache sizes
  33 if (!$in{'cachesize_def'}) {
  34         $in{'cachesize'} =~ /^\d+$/ || &error($text{'slapd_ecachesize'});
  35         &save_directive($conf, 'cachesize', $in{'cachesize'});
  36         }
  37 else {
  38         &save_directive($conf, 'cachesize', undef);
  39         }
  40 if (!$in{'dbcachesize_def'}) {
  41         $in{'dbcachesize'} =~ /^\d+$/ || &error($text{'slapd_edbcachesize'});
  42         &save_directive($conf, 'dbcachesize', $in{'dbcachesize'});
  43         }
  44 else {
  45         &save_directive($conf, 'dbcachesize', undef);
  46         }
  47
  48 # Access control options
  49 @allow = split(/\0/, $in{'allow'});
  50 &save_directive($conf, 'allow', @allow ? \@allow : undef);
  51
  52 # Size and time limits
  53 if ($in{'sizelimit_def'}) {
  54         &save_directive($conf, 'sizelimit', undef);
  55         }
  56 else {
  57         $in{'sizelimit'} =~ /^[1-9]\d*$/ || &error($text{'slapd_esizelimit'});
  58         &save_directive($conf, 'sizelimit', $in{'sizelimit'});
  59         }
  60 if ($in{'timelimit_def'}) {
  61         &save_directive($conf, 'timelimit', undef);
  62         }
  63 else {
  64         $in{'timelimit'} =~ /^[1-9]\d*$/ || &error($text{'slapd_etimelimit'});
  65         &save_directive($conf, 'timelimit', $in{'timelimit'});
  66         }
  67
  68 # LDAP protocols
  69 if (&can_get_ldap_protocols()) {
  70         @newprotos = split(/\0/, $in{'protos'});
  71         @newprotos || &error($text{'slapd_eprotos'});
  72         }
  73
  74 # SSL file options
  75 foreach $s ([ 'TLSCertificateFile', 'cert' ],
  76             [ 'TLSCertificateKeyFile', 'key' ],
  77             [ 'TLSCACertificateFile', 'ca' ]) {
  78         if ($in{$s->[1].'_def'}) {
  79                 &save_directive($conf, $s->[0], undef);
  80                 }
  81         else {
  82                 &valid_pem_file($in{$s->[1]}, $s->[1]) ||
  83                         &error($text{'slapd_e'.$s->[1]});
  84                 &save_directive($conf, $s->[0], $in{$s->[1]});
  85                 }
  86         }
  87
  88 # Write out the files
  89 &flush_file_lines($config{'config_file'});
  90 &unlock_slapd_files();
  91 if ($save_config) {
  92         &lock_file($module_config_file);
  93         &save_module_config();
  94         &unlock_file($module_config_file);
  95         }
  96 if (&can_get_ldap_protocols()) {
  97         $protos = &get_ldap_protocols();
  98         foreach $p (keys %$protos) {
  99                 $protos->{$p} = 0;
 100                 }
 101         foreach $p (@newprotos) {
 102                 $protos->{$p} = 1;
 103                 }
 104         &save_ldap_protocols($protos);
 105         }
 106 &webmin_log('slapd');
 107
 108 &redirect("");
 109