# If a user DB is enabled, get users from it too
if ($miniserv{'userdb'}) {
- my ($proto, $user, $pass, $host, $prefix, $args) =
- &split_userdb_string($miniserv{'userdb'});
- my $dbh = &connect_userdb($miniserv{'userdb'});
+ my ($dbh, $proto) = &connect_userdb($miniserv{'userdb'});
&error("Failed to connect to user database : $dbh") if (!ref($dbh));
if ($proto eq "mysql" || $proto eq "postgresql") {
# Fetch users with SQL
# If a user DB is enabled, get groups from it too
if ($miniserv{'userdb'}) {
- my ($proto, $user, $pass, $host, $prefix, $args) =
- &split_userdb_string($miniserv{'userdb'});
- my $dbh = &connect_userdb($miniserv{'userdb'});
+ my ($dbh, $proto) = &connect_userdb($miniserv{'userdb'});
&error("Failed to connect to group database : $dbh") if (!ref($dbh));
if ($proto eq "mysql" || $proto eq "postgresql") {
# Fetch groups with SQL
if ($miniserv{'userdb'} && !$miniserv{'userdb_addto'}) {
# Adding to user database
- my ($proto, $user, $pass, $host, $prefix, $args) =
- &split_userdb_string($miniserv{'userdb'});
- my $dbh = &connect_userdb($miniserv{'userdb'});
+ my ($dbh, $proto) = &connect_userdb($miniserv{'userdb'});
&error("Failed to connect to user database : $dbh") if (!ref($dbh));
if ($proto eq "mysql" || $proto eq "postgresql") {
# Add user with SQL
if ($user{'proto'}) {
# In users and groups DB
- my ($proto, $user, $pass, $host, $prefix, $args) =
- &split_userdb_string($miniserv{'userdb'});
- my $dbh = &connect_userdb($miniserv{'userdb'});
+ my ($dbh, $proto) = &connect_userdb($miniserv{'userdb'});
&error("Failed to connect to user database : $dbh") if (!ref($dbh));
if ($proto eq "mysql" || $proto eq "postgresql") {
# Get old password, for change detection
if ($miniserv{'userdb'}) {
# Also delete from user database
- my ($proto, $user, $pass, $host, $prefix, $args) =
- &split_userdb_string($miniserv{'userdb'});
- my $dbh = &connect_userdb($miniserv{'userdb'});
+ my ($dbh, $proto) = &connect_userdb($miniserv{'userdb'});
&error("Failed to connect to user database : $dbh") if (!ref($dbh));
if ($proto eq "mysql" || $proto eq "postgresql") {
# Find the user with SQL query
if ($miniserv{'userdb'} && !$miniserv{'userdb_addto'}) {
# Adding to group database
- my ($proto, $user, $pass, $host, $prefix, $args) =
- &split_userdb_string($miniserv{'userdb'});
- my $dbh = &connect_userdb($miniserv{'userdb'});
+ my ($dbh, $proto) = &connect_userdb($miniserv{'userdb'});
&error("Failed to connect to group database : $dbh") if (!ref($dbh));
if ($proto eq "mysql" || $proto eq "postgresql") {
# Add group with SQL
if ($group{'proto'}) {
# In users and groups DB
- my ($proto, $user, $pass, $host, $prefix, $args) =
- &split_userdb_string($miniserv{'userdb'});
- my $dbh = &connect_userdb($miniserv{'userdb'});
+ my ($dbh, $proto) = &connect_userdb($miniserv{'userdb'});
&error("Failed to connect to group database : $dbh") if (!ref($dbh));
if ($proto eq "mysql" || $proto eq "postgresql") {
# Update primary details
if ($miniserv{'userdb'}) {
# Also delete from group database
- my ($proto, $user, $pass, $host, $prefix, $args) =
- &split_userdb_string($miniserv{'userdb'});
- my $dbh = &connect_userdb($miniserv{'userdb'});
+ my ($dbh, $proto) = &connect_userdb($miniserv{'userdb'});
&error("Failed to connect to group database : $dbh") if (!ref($dbh));
if ($proto eq "mysql" || $proto eq "postgresql") {
# Find the group with SQL query
return undef;
}
elsif ($proto eq "ldap") {
- # XXX
+ # Load LDAP module
+ eval 'use Net::LDAP;';
+ return &text('sql_emod', 'Net::LDAP') if ($@);
+
+ # Try to connect
+ my $dbh = &connect_userdb($str);
+ ref($dbh) || return $dbh;
+
+ # Check that base DN exists
+ if (!$notablecheck) {
+ my $superprefix = $prefix;
+ $superprefix =~ s/^[^,]+,//; # Make parent DN
+ my $rv = $dbh->search(base => $superprefix,
+ scope => 'one');
+ my $niceprefix = lc($prefix);
+ $niceprefix =~ s/\s//g;
+ my $found = 0;
+ foreach my $d ($rv->all_entries) {
+ my $niced = lc($d->dn());
+ $niced =~ s/\s//g;
+ $found++ if ($niced eq $niceprefix);
+ }
+ $found || return &text('sql_eldapdn', $prefix);
+ }
+ &disconnect_userdb($str, $dbh);
+ return undef;
}
else {
return "Unknown user database type $proto";
push(@ldapgrid,
$text{'sql_host'},
&ui_textbox("ldap_host", $proto eq "ldap" ? $host : "", 30));
+push(@ldapgrid,
+ $text{'sql_ssl'},
+ &ui_radio("ldap_ssl", $args->{'scheme'} eq 'ldaps' ? 1 :
+ $args->{'tls'} ? 2 : 0,
+ [ [ 0, $text{'sql_ssl0'} ],
+ [ 1, $text{'sql_ssl1'} ],
+ [ 2, $text{'sql_ssl2'} ] ]));
push(@ldapgrid,
$text{'sql_user'},
&ui_textbox("ldap_user", $proto eq "ldap" ? $user : "", 30));
push(@ldapgrid,
$text{'sql_prefix'},
&ui_textbox("ldap_prefix", $proto eq "ldap" ? $prefix : "", 30));
-# XXX object classes?
+push(@ldapgrid,
+ $text{'sql_userclass'},
+ &ui_textbox("ldap_userclass", $proto eq "ldap" && $args->{'userclass'} ?
+ $args->{'userclass'} : "webminUser", 30));
+push(@ldapgrid,
+ $text{'sql_groupclass'},
+ &ui_textbox("ldap_groupclass", $proto eq "ldap" && $args->{'groupclass'} ?
+ $args->{'groupclass'} : "webminGroup",30));
$ldapgrid = &ui_grid_table(\@ldapgrid, 2, 100);
print &ui_table_row(undef,
sql_user=Username
sql_pass=Password
sql_db=Database name
+sql_ssl=Connection encryption
+sql_ssl0=None
+sql_ssl1=SSL
+sql_ssl2=TLS
+sql_userclass=Object class for users
+sql_groupclass=Object class for groups
+sql_euserclass=Missing or invalid object class for users
+sql_egroupclass=Missing or invalid object class for groups
sql_none=Use only local files to store users and groups
sql_mysql=Use MySQL database
sql_postgresql=Use PostgreSQL database
sql_addto0=Add new users to database selected above
sql_addto1=Add new users to local files
sql_emod=Missing required Perl module <tt>$1</tt>
-sql_emysqldriver=Failed to load MySQL DBI driver
-sql_emysqlconnect=Failed to connect to MySQL database : $1
-sql_epostgresqldriver=Failed to load PostgreSQL DBI driver
-sql_epostgresqlconnect=Failed to connect to PostgreSQL database : $1
sql_etable=Failed to query required table $1 : $2
+sql_eldapdn=Base LDAP DN $1 was not found
sql_err=Failed to save user and group database settings
sql_ehost=Missing or un-resolvable hostname
sql_euser=Missing or invalid username (no spaces allowed)
return wantarray ? ($dbh, $proto) : $dbh;
}
elsif ($proto eq "ldap") {
- # XXX
- return "LDAP not done yet";
+ # Connect with perl LDAP module
+ eval "use Net::LDAP";
+ $@ && return $text{'sql_eldapdriver'};
+ my ($host, $port) = split(/:/, $host);
+ my $scheme = $args->{'scheme'} || 'ldap';
+ if (!$port) {
+ $port = $scheme eq 'ldaps' ? 636 : 389;
+ }
+ my $ldap = Net::LDAP->new($host,
+ port => $port,
+ 'scheme' => $scheme);
+ $ldap || return &text('sql_eldapconnect', $host);
+ my $mesg;
+ if ($args->{'tls'}) {
+ # Switch to TLS mode
+ eval { $mesg = $ldap->start_tls(); };
+ if ($@ || !$mesg || $mesg->code) {
+ return &text('sql_eldaptls',
+ $@ ? $@ : $mesg ? $mesg->error : "Unknown error");
+ }
+ }
+ # Login to the server
+ if ($pass) {
+ $mesg = $ldap->bind(dn => $user, password => $pass);
+ }
+ else {
+ $mesg = $ldap->bind(dn => $user, anonymous => 1);
+ }
+ if (!$mesg || $mesg->code) {
+ return &text('sql_eldaplogin', $user,
+ $mesg ? $mesg->error : "Unknown error");
+ }
+ return wantarray ? ($ldap, $proto) : $ldap;
}
else {
return "Unknown protocol $proto";