/src/usr/local/www/system_authservers.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_authservers.php @ 748372bc

1	fbf672cb	Matthew Grooms	<?php
2			/*
3	c5d81585	Renato Botelho	* system_authservers.php
4	ac9d8bed	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	b8f91b7c	Luiz Souza	* Copyright (c) 2004-2018 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* Copyright (c) 2008 Shrew Soft Inc
8			* All rights reserved.
9	ac9d8bed	Stephen Beaver	*
10	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
11			* you may not use this file except in compliance with the License.
12			* You may obtain a copy of the License at
13	ac9d8bed	Stephen Beaver	*
14	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
15	ac9d8bed	Stephen Beaver	*
16	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
17			* distributed under the License is distributed on an "AS IS" BASIS,
18			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19			* See the License for the specific language governing permissions and
20			* limitations under the License.
21	ac9d8bed	Stephen Beaver	*/
22	fbf672cb	Matthew Grooms
23			##\|+PRIV
24			##\|*IDENT=page-system-authservers
25			##\|*NAME=System: Authentication Servers
26			##\|*DESCR=Allow access to the 'System: Authentication Servers' page.
27	57188e47	Phil Davis	##\|*WARN=standard-warning-root
28	fbf672cb	Matthew Grooms	##\|MATCH=system_authservers.php
29			##\|-PRIV
30
31	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
32	acee624f	Ermal Lu?i	require_once("auth.inc");
33	b4097bca	doktornotor	require_once("pfsense-utils.inc");
34	fbf672cb	Matthew Grooms
35	098604d3	Stephen Beaver	// Have we been called to populate the "Select a container" modal?
36			if ($_REQUEST['ajax']) {
37
38			$ous = array();
39			$authcfg = array();
40
41			$authcfg['ldap_port'] = $_REQUEST['port'];
42			$authcfg['ldap_basedn'] = $_REQUEST['basedn'];
43			$authcfg['host'] = $_REQUEST['host'];
44			$authcfg['ldap_scope'] = $_REQUEST['scope'];
45			$authcfg['ldap_binddn'] = $_REQUEST['binddn'];
46			$authcfg['ldap_bindpw'] = $_REQUEST['bindpw'];
47			$authcfg['ldap_urltype'] = $_REQUEST['urltype'];
48			$authcfg['ldap_protver'] = $_REQUEST['proto'];
49			$authcfg['ldap_authcn'] = explode(";", $_REQUEST['authcn']);
50			$authcfg['ldap_caref'] = $_REQUEST['cert'];
51
52			$ous = ldap_get_user_ous(true, $authcfg);
53
54			if (empty($ous)) {
55	89140b63	NOYB	print('<span class="text-danger">Could not connect to the LDAP server. Please check the LDAP configuration.</span>');
56	098604d3	Stephen Beaver	} else {
57	697b1e07	Stephen Beaver	$modal = new Modal("Select LDAP containers for authentication", "containers", true);
58	098604d3	Stephen Beaver	$group = new Form_MultiCheckboxGroup('Containers');
59
60			if (is_array($ous)) {
61			$idx = 0;
62
63			foreach ($ous as $ou) {
64			$group->add(new Form_MultiCheckbox(
65			'ou' . $idx,
66			'',
67			$ou,
68			in_array($ou, $authcfg['ldap_authcn']),
69			$ou
70			));
71
72			$idx++;
73			}
74			}
75
76	697b1e07	Stephen Beaver	$modal->add($group);
77	098604d3	Stephen Beaver
78			// Create a "Save button"
79	697b1e07	Stephen Beaver
80			$btnsv = new Form_Button(
81	098604d3	Stephen Beaver	'svcontbtn',
82			'Save',
83			null,
84			'fa-save'
85			);
86
87	697b1e07	Stephen Beaver	$btnsv->removeClass("btn-default)")->addClass("btn-primary");
88	098604d3	Stephen Beaver
89	697b1e07	Stephen Beaver	$modal->addInput(new Form_StaticText(
90	098604d3	Stephen Beaver	'',
91	697b1e07	Stephen Beaver	$btnsv
92	098604d3	Stephen Beaver	));
93
94	697b1e07	Stephen Beaver	print($modal);
95	098604d3	Stephen Beaver	}
96
97			exit;
98			}
99
100	4611e283	Steve Beaver	$id = $_REQUEST['id'];
101	fbf672cb	Matthew Grooms
102	2ee8dea1	Phil Davis	if (!is_array($config['system']['authserver'])) {
103	fbf672cb	Matthew Grooms	$config['system']['authserver'] = array();
104	2ee8dea1	Phil Davis	}
105	fbf672cb	Matthew Grooms
106	4e4cac0d	jim-p	$a_server = array_values(auth_get_authserver_list());
107	59d06739	Steve Beaver
108	fbf672cb	Matthew Grooms
109	2ee8dea1	Phil Davis	if (!is_array($config['ca'])) {
110	a0165602	Sjon Hortensius	$config['ca'] = array();
111	2ee8dea1	Phil Davis	}
112	59d06739	Steve Beaver
113	fe2031ab	Ermal	$a_ca =& $config['ca'];
114
115	4611e283	Steve Beaver	$act = $_REQUEST['act'];
116	fbf672cb	Matthew Grooms
117	4611e283	Steve Beaver	if ($_POST['act'] == "del") {
118	fbf672cb	Matthew Grooms
119	59d06739	Steve Beaver	if (!$a_server[$_POST['id']]) {
120	fbf672cb	Matthew Grooms	pfSenseHeader("system_authservers.php");
121			exit;
122			}
123
124	9db6993f	jim-p	/* Remove server from main list. */
125	59d06739	Steve Beaver	$serverdeleted = $a_server[$_POST['id']]['name'];
126	9db6993f	jim-p	foreach ($config['system']['authserver'] as $k => $as) {
127	2ee8dea1	Phil Davis	if ($config['system']['authserver'][$k]['name'] == $serverdeleted) {
128	9db6993f	jim-p	unset($config['system']['authserver'][$k]);
129	2ee8dea1	Phil Davis	}
130	9db6993f	jim-p	}
131
132			/* Remove server from temp list used later on this page. */
133	59d06739	Steve Beaver	unset($a_server[$_POST['id']]);
134	4e4cac0d	jim-p	$a_server = array_values($a_server);
135	9db6993f	jim-p
136	8545adde	k-paulius	$savemsg = sprintf(gettext("Authentication Server %s deleted."), htmlspecialchars($serverdeleted));
137	9db6993f	jim-p	write_config($savemsg);
138	fbf672cb	Matthew Grooms	}
139
140			if ($act == "edit") {
141			if (isset($id) && $a_server[$id]) {
142
143			$pconfig['type'] = $a_server[$id]['type'];
144			$pconfig['name'] = $a_server[$id]['name'];
145
146			if ($pconfig['type'] == "ldap") {
147	fe2031ab	Ermal	$pconfig['ldap_caref'] = $a_server[$id]['ldap_caref'];
148	fbf672cb	Matthew Grooms	$pconfig['ldap_host'] = $a_server[$id]['host'];
149			$pconfig['ldap_port'] = $a_server[$id]['ldap_port'];
150	d6b4dfe3	jim-p	$pconfig['ldap_timeout'] = $a_server[$id]['ldap_timeout'];
151	fbf672cb	Matthew Grooms	$pconfig['ldap_urltype'] = $a_server[$id]['ldap_urltype'];
152			$pconfig['ldap_protver'] = $a_server[$id]['ldap_protver'];
153			$pconfig['ldap_scope'] = $a_server[$id]['ldap_scope'];
154			$pconfig['ldap_basedn'] = $a_server[$id]['ldap_basedn'];
155	c61e4626	Ermal Lu?i	$pconfig['ldap_authcn'] = $a_server[$id]['ldap_authcn'];
156	c7073ebf	namezero111111	$pconfig['ldap_extended_enabled'] = $a_server[$id]['ldap_extended_enabled'];
157			$pconfig['ldap_extended_query'] = $a_server[$id]['ldap_extended_query'];
158	fbf672cb	Matthew Grooms	$pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn'];
159			$pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw'];
160			$pconfig['ldap_attr_user'] = $a_server[$id]['ldap_attr_user'];
161			$pconfig['ldap_attr_group'] = $a_server[$id]['ldap_attr_group'];
162			$pconfig['ldap_attr_member'] = $a_server[$id]['ldap_attr_member'];
163	149efbea	jim-p	$pconfig['ldap_attr_groupobj'] = $a_server[$id]['ldap_attr_groupobj'];
164	a5cd1c5a	jim-p	$pconfig['ldap_utf8'] = isset($a_server[$id]['ldap_utf8']);
165			$pconfig['ldap_nostrip_at'] = isset($a_server[$id]['ldap_nostrip_at']);
166	149efbea	jim-p	$pconfig['ldap_rfc2307'] = isset($a_server[$id]['ldap_rfc2307']);
167	fbf672cb	Matthew Grooms
168	2ee8dea1	Phil Davis	if (!$pconfig['ldap_binddn'] \|\| !$pconfig['ldap_bindpw']) {
169	fbf672cb	Matthew Grooms	$pconfig['ldap_anon'] = true;
170	2ee8dea1	Phil Davis	}
171	fbf672cb	Matthew Grooms	}
172
173			if ($pconfig['type'] == "radius") {
174	9da4a575	Renato Botelho	$pconfig['radius_protocol'] = $a_server[$id]['radius_protocol'];
175	fbf672cb	Matthew Grooms	$pconfig['radius_host'] = $a_server[$id]['host'];
176	f15fdef3	Augustin FL	$pconfig['radius_nasip_attribute'] = $a_server[$id]['radius_nasip_attribute'];
177	fbf672cb	Matthew Grooms	$pconfig['radius_auth_port'] = $a_server[$id]['radius_auth_port'];
178			$pconfig['radius_acct_port'] = $a_server[$id]['radius_acct_port'];
179	e8a58de4	Ermal Lu?i	$pconfig['radius_secret'] = $a_server[$id]['radius_secret'];
180	bddd2be8	jim-p	$pconfig['radius_timeout'] = $a_server[$id]['radius_timeout'];
181	fbf672cb	Matthew Grooms
182			if ($pconfig['radius_auth_port'] &&
183	ac9d8bed	Stephen Beaver	$pconfig['radius_acct_port']) {
184	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "both";
185			}
186
187	2ee8dea1	Phil Davis	if ($pconfig['radius_auth_port'] &&
188	ac9d8bed	Stephen Beaver	!$pconfig['radius_acct_port']) {
189	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "auth";
190	acee624f	Ermal Lu?i	$pconfig['radius_acct_port'] = 1813;
191	fbf672cb	Matthew Grooms	}
192
193			if (!$pconfig['radius_auth_port'] &&
194	ac9d8bed	Stephen Beaver	$pconfig['radius_acct_port']) {
195	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "acct";
196	acee624f	Ermal Lu?i	$pconfig['radius_auth_port'] = 1812;
197	fbf672cb	Matthew Grooms	}
198
199			}
200			}
201			}
202
203			if ($act == "new") {
204			$pconfig['ldap_protver'] = 3;
205			$pconfig['ldap_anon'] = true;
206	9da4a575	Renato Botelho	$pconfig['radius_protocol'] = "MSCHAPv2";
207	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "both";
208	acee624f	Ermal Lu?i	$pconfig['radius_auth_port'] = "1812";
209			$pconfig['radius_acct_port'] = "1813";
210	fbf672cb	Matthew Grooms	}
211
212	59d06739	Steve Beaver	if ($_POST['save']) {
213	fbf672cb	Matthew Grooms	unset($input_errors);
214			$pconfig = $_POST;
215
216			/* input validation */
217
218			if ($pconfig['type'] == "ldap") {
219	2ee8dea1	Phil Davis	$reqdfields = explode(" ",
220			"name type ldap_host ldap_port " .
221			"ldap_urltype ldap_protver ldap_scope " .
222			"ldap_attr_user ldap_attr_group ldap_attr_member ldapauthcontainers");
223	7b4b0ad3	Stephen Beaver
224	257705ca	Renato Botelho	$reqdfieldsn = array(
225			gettext("Descriptive name"),
226			gettext("Type"),
227			gettext("Hostname or IP"),
228			gettext("Port value"),
229			gettext("Transport"),
230			gettext("Protocol version"),
231			gettext("Search level"),
232			gettext("User naming Attribute"),
233			gettext("Group naming Attribute"),
234			gettext("Group member attribute"),
235			gettext("Authentication container"));
236	fbf672cb	Matthew Grooms
237			if (!$pconfig['ldap_anon']) {
238			$reqdfields[] = "ldap_binddn";
239			$reqdfields[] = "ldap_bindpw";
240	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Bind user DN");
241			$reqdfieldsn[] = gettext("Bind Password");
242	fbf672cb	Matthew Grooms	}
243			}
244
245			if ($pconfig['type'] == "radius") {
246	9da4a575	Renato Botelho	$reqdfields = explode(" ", "name type radius_protocol radius_host radius_srvcs");
247	257705ca	Renato Botelho	$reqdfieldsn = array(
248			gettext("Descriptive name"),
249			gettext("Type"),
250	9da4a575	Renato Botelho	gettext("Radius Protocol"),
251	257705ca	Renato Botelho	gettext("Hostname or IP"),
252			gettext("Services"));
253	fbf672cb	Matthew Grooms
254	0a6ab475	hamnur	if ($pconfig['radius_srvcs'] == "both" \|\|
255			$pconfig['radius_srvcs'] == "auth") {
256	fbf672cb	Matthew Grooms	$reqdfields[] = "radius_auth_port";
257	81ec3187	Chris Buechler	$reqdfieldsn[] = gettext("Authentication port");
258	fbf672cb	Matthew Grooms	}
259
260	0a6ab475	hamnur	if ($pconfig['radius_srvcs'] == "both" \|\|
261			$pconfig['radius_srvcs'] == "acct") {
262	fbf672cb	Matthew Grooms	$reqdfields[] = "radius_acct_port";
263	81ec3187	Chris Buechler	$reqdfieldsn[] = gettext("Accounting port");
264	fbf672cb	Matthew Grooms	}
265
266			if (!isset($id)) {
267			$reqdfields[] = "radius_secret";
268	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Shared Secret");
269	fbf672cb	Matthew Grooms	}
270			}
271
272	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
273	fbf672cb	Matthew Grooms
274	2ee8dea1	Phil Davis	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['host'])) {
275	fbf672cb	Matthew Grooms	$input_errors[] = gettext("The host name contains invalid characters.");
276	2ee8dea1	Phil Davis	}
277	fbf672cb	Matthew Grooms
278	2ee8dea1	Phil Davis	if (auth_get_authserver($pconfig['name']) && !isset($id)) {
279	257705ca	Renato Botelho	$input_errors[] = gettext("An authentication server with the same name already exists.");
280	2ee8dea1	Phil Davis	}
281	acee624f	Ermal Lu?i
282	d6b4dfe3	jim-p	if (($pconfig['type'] == "ldap") \|\| ($pconfig['type'] == "radius")) {
283			$to_field = "{$pconfig['type']}_timeout";
284			if (isset($_POST[$to_field]) && !empty($_POST[$to_field]) && (!is_numeric($_POST[$to_field]) \|\| (is_numeric($_POST[$to_field]) && ($_POST[$to_field] <= 0)))) {
285			$input_errors[] = sprintf(gettext("%s Timeout value must be numeric and positive."), strtoupper($pconfig['type']));
286			}
287	2ee8dea1	Phil Davis	}
288	bddd2be8	jim-p
289	c4a6015b	doktornotor	// https://redmine.pfsense.org/issues/4154
290	a6b610cb	doktornotor	if ($pconfig['type'] == "radius") {
291	c4a6015b	doktornotor	if (is_ipaddrv6($_POST['radius_host'])) {
292			$input_errors[] = gettext("IPv6 does not work for RADIUS authentication, see Bug #4154.");
293			}
294			}
295
296	fbf672cb	Matthew Grooms	if (!$input_errors) {
297			$server = array();
298			$server['refid'] = uniqid();
299	2ee8dea1	Phil Davis	if (isset($id) && $a_server[$id]) {
300	fbf672cb	Matthew Grooms	$server = $a_server[$id];
301	2ee8dea1	Phil Davis	}
302	fbf672cb	Matthew Grooms
303			$server['type'] = $pconfig['type'];
304			$server['name'] = $pconfig['name'];
305
306			if ($server['type'] == "ldap") {
307
308	2ee8dea1	Phil Davis	if (!empty($pconfig['ldap_caref'])) {
309	fe2031ab	Ermal	$server['ldap_caref'] = $pconfig['ldap_caref'];
310	2ee8dea1	Phil Davis	}
311	fbf672cb	Matthew Grooms	$server['host'] = $pconfig['ldap_host'];
312			$server['ldap_port'] = $pconfig['ldap_port'];
313			$server['ldap_urltype'] = $pconfig['ldap_urltype'];
314			$server['ldap_protver'] = $pconfig['ldap_protver'];
315			$server['ldap_scope'] = $pconfig['ldap_scope'];
316			$server['ldap_basedn'] = $pconfig['ldap_basedn'];
317	c61e4626	Ermal Lu?i	$server['ldap_authcn'] = $pconfig['ldapauthcontainers'];
318	c7073ebf	namezero111111	$server['ldap_extended_enabled'] = $pconfig['ldap_extended_enabled'];
319			$server['ldap_extended_query'] = $pconfig['ldap_extended_query'];
320	fbf672cb	Matthew Grooms	$server['ldap_attr_user'] = $pconfig['ldap_attr_user'];
321			$server['ldap_attr_group'] = $pconfig['ldap_attr_group'];
322			$server['ldap_attr_member'] = $pconfig['ldap_attr_member'];
323	149efbea	jim-p
324			$server['ldap_attr_groupobj'] = empty($pconfig['ldap_attr_groupobj']) ? "posixGroup" : $pconfig['ldap_attr_groupobj'];
325
326	2ee8dea1	Phil Davis	if ($pconfig['ldap_utf8'] == "yes") {
327	a5cd1c5a	jim-p	$server['ldap_utf8'] = true;
328	2ee8dea1	Phil Davis	} else {
329	a5cd1c5a	jim-p	unset($server['ldap_utf8']);
330	2ee8dea1	Phil Davis	}
331			if ($pconfig['ldap_nostrip_at'] == "yes") {
332	a5cd1c5a	jim-p	$server['ldap_nostrip_at'] = true;
333	2ee8dea1	Phil Davis	} else {
334	a5cd1c5a	jim-p	unset($server['ldap_nostrip_at']);
335	2ee8dea1	Phil Davis	}
336	149efbea	jim-p	if ($pconfig['ldap_rfc2307'] == "yes") {
337			$server['ldap_rfc2307'] = true;
338			} else {
339			unset($server['ldap_rfc2307']);
340			}
341	a5cd1c5a	jim-p
342	fbf672cb	Matthew Grooms
343			if (!$pconfig['ldap_anon']) {
344			$server['ldap_binddn'] = $pconfig['ldap_binddn'];
345			$server['ldap_bindpw'] = $pconfig['ldap_bindpw'];
346			} else {
347			unset($server['ldap_binddn']);
348			unset($server['ldap_bindpw']);
349			}
350	d6b4dfe3	jim-p
351			if ($pconfig['ldap_timeout']) {
352			$server['ldap_timeout'] = $pconfig['ldap_timeout'];
353			} else {
354			$server['ldap_timeout'] = 25;
355			}
356	fbf672cb	Matthew Grooms	}
357
358			if ($server['type'] == "radius") {
359
360	9da4a575	Renato Botelho	$server['radius_protocol'] = $pconfig['radius_protocol'];
361	fbf672cb	Matthew Grooms	$server['host'] = $pconfig['radius_host'];
362	f15fdef3	Augustin FL	$server['radius_nasip_attribute'] = $pconfig['radius_nasip_attribute'];
363	fbf672cb	Matthew Grooms
364	2ee8dea1	Phil Davis	if ($pconfig['radius_secret']) {
365	fbf672cb	Matthew Grooms	$server['radius_secret'] = $pconfig['radius_secret'];
366	2ee8dea1	Phil Davis	}
367	fbf672cb	Matthew Grooms
368	2ee8dea1	Phil Davis	if ($pconfig['radius_timeout']) {
369	bddd2be8	jim-p	$server['radius_timeout'] = $pconfig['radius_timeout'];
370	2ee8dea1	Phil Davis	} else {
371	afdf29d3	jim-p	$server['radius_timeout'] = 5;
372	2ee8dea1	Phil Davis	}
373	bddd2be8	jim-p
374	fbf672cb	Matthew Grooms	if ($pconfig['radius_srvcs'] == "both") {
375			$server['radius_auth_port'] = $pconfig['radius_auth_port'];
376			$server['radius_acct_port'] = $pconfig['radius_acct_port'];
377			}
378
379			if ($pconfig['radius_srvcs'] == "auth") {
380			$server['radius_auth_port'] = $pconfig['radius_auth_port'];
381			unset($server['radius_acct_port']);
382			}
383
384			if ($pconfig['radius_srvcs'] == "acct") {
385			$server['radius_acct_port'] = $pconfig['radius_acct_port'];
386			unset($server['radius_auth_port']);
387			}
388			}
389
390	2ee8dea1	Phil Davis	if (isset($id) && $config['system']['authserver'][$id]) {
391	6306b5dd	Ermal Lu?i	$config['system']['authserver'][$id] = $server;
392	2ee8dea1	Phil Davis	} else {
393	6306b5dd	Ermal Lu?i	$config['system']['authserver'][] = $server;
394	2ee8dea1	Phil Davis	}
395	fbf672cb	Matthew Grooms
396			write_config();
397
398			pfSenseHeader("system_authservers.php");
399			}
400			}
401
402	f15fdef3	Augustin FL	function build_radiusnas_list() {
403			global $config;
404			$list = array();
405
406			$iflist = get_configured_interface_with_descr();
407			foreach ($iflist as $ifdesc => $ifdescr) {
408			$ipaddr = get_interface_ip($ifdesc);
409			if (is_ipaddr($ipaddr)) {
410			$list[$ifdesc] = $ifdescr . ' - ' . $ipaddr;
411			}
412			}
413
414			if (is_array($config['virtualip']['vip'])) {
415			foreach ($config['virtualip']['vip'] as $sn) {
416			if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") {
417			$start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits']));
418			$end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits']));
419			$len = $end - $start;
420
421			for ($i = 0; $i <= $len; $i++) {
422			$snip = long2ip32($start+$i);
423			$list[$snip] = $sn['descr'] . ' - ' . $snip;
424			}
425			} else {
426			$list[$sn['subnet']] = $sn['descr'] . ' - ' . $sn['subnet'];
427			}
428			}
429			}
430
431			return($list);
432			}
433
434	1d3259b5	Stephen Beaver	// On error, restore the form contents so the user doesn't have to re-enter too much
435	9d3e8723	Phil Davis	if ($_POST && $input_errors) {
436	504bd882	Stephen Beaver	$pconfig = $_POST;
437			$pconfig['ldap_authcn'] = $_POST['ldapauthcontainers'];
438	b1f0f7e1	Stephen Beaver	$pconfig['ldap_template'] = $_POST['ldap_tmpltype'];
439	504bd882	Stephen Beaver	}
440
441	8f1ab2a4	k-paulius	$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Authentication Servers"));
442	edcd7535	Phil Davis	$pglinks = array("", "system_usermanager.php", "system_authservers.php");
443	8f1ab2a4	k-paulius
444			if ($act == "new" \|\| $act == "edit" \|\| $input_errors) {
445			$pgtitle[] = gettext('Edit');
446	edcd7535	Phil Davis	$pglinks[] = "@self";
447	8f1ab2a4	k-paulius	}
448			$shortcut_section = "authentication";
449	fbf672cb	Matthew Grooms	include("head.inc");
450
451	762faef5	Phil Davis	if ($input_errors) {
452	a0165602	Sjon Hortensius	print_input_errors($input_errors);
453	762faef5	Phil Davis	}
454	7b4b0ad3	Stephen Beaver
455	762faef5	Phil Davis	if ($savemsg) {
456	ea342b0f	Stephen Beaver	print_info_box($savemsg, 'success');
457	762faef5	Phil Davis	}
458	a0165602	Sjon Hortensius
459			$tab_array = array();
460			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
461			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
462			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
463	2d1f33d9	k-paulius	$tab_array[] = array(gettext("Authentication Servers"), true, "system_authservers.php");
464	a0165602	Sjon Hortensius	display_top_tabs($tab_array);
465
466	762faef5	Phil Davis	if (!($act == "new" \|\| $act == "edit" \|\| $input_errors)) {
467	060ed238	Stephen Beaver	?>
468			<div class="panel panel-default">
469	70dc5cd6	Phil Davis	<div class="panel-heading"><h2 class="panel-title"><?=gettext('Authentication Servers')?></h2></div>
470	060ed238	Stephen Beaver	<div class="panel-body">
471			<div class="table-responsive">
472	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
473	060ed238	Stephen Beaver	<thead>
474			<tr>
475			<th><?=gettext("Server Name")?></th>
476			<th><?=gettext("Type")?></th>
477			<th><?=gettext("Host Name")?></th>
478			<th><?=gettext("Actions")?></th>
479			</tr>
480			</thead>
481			<tbody>
482	9d3e8723	Phil Davis	<?php foreach ($a_server as $i => $server): ?>
483	060ed238	Stephen Beaver	<tr>
484			<td><?=htmlspecialchars($server['name'])?></td>
485			<td><?=htmlspecialchars($auth_server_types[$server['type']])?></td>
486			<td><?=htmlspecialchars($server['host'])?></td>
487			<td>
488			<?php if ($i < (count($a_server) - 1)): ?>
489	4611e283	Steve Beaver	<a class="fa fa-pencil" title="<?=gettext("Edit server"); ?>" href="system_authservers.php?act=edit&id=<?=$i?>"></a>
490	59d06739	Steve Beaver	<a class="fa fa-trash" title="<?=gettext("Delete server")?>" href="system_authservers.php?act=del&id=<?=$i?>" usepost></a>
491	060ed238	Stephen Beaver	<?php endif?>
492			</td>
493			</tr>
494			<?php endforeach; ?>
495			</tbody>
496			</table>
497			</div>
498	94404d94	Sander van Leeuwen	</div>
499	060ed238	Stephen Beaver	</div>
500
501			<nav class="action-buttons">
502	4611e283	Steve Beaver	<a href="?act=new" class="btn btn-success btn-sm">
503	060ed238	Stephen Beaver	<i class="fa fa-plus icon-embed-btn"></i>
504			<?=gettext("Add")?>
505			</a>
506			</nav>
507	fbf672cb	Matthew Grooms	<?php
508	a0165602	Sjon Hortensius	include("foot.inc");
509			exit;
510	fbf672cb	Matthew Grooms	}
511
512	a0165602	Sjon Hortensius	$form = new Form;
513			$form->setAction('system_authservers.php?act=edit');
514	ea342b0f	Stephen Beaver
515	a0165602	Sjon Hortensius	$form->addGlobal(new Form_Input(
516			'userid',
517			null,
518			'hidden',
519			$id
520			));
521
522	5f88f964	k-paulius	$section = new Form_Section('Server Settings');
523	a0165602	Sjon Hortensius
524			$section->addInput($input = new Form_Input(
525			'name',
526	153c3aa6	Phil Davis	'*Descriptive name',
527	a0165602	Sjon Hortensius	'text',
528			$pconfig['name']
529			));
530
531			$section->addInput($input = new Form_Select(
532			'type',
533	153c3aa6	Phil Davis	'*Type',
534	a0165602	Sjon Hortensius	$pconfig['type'],
535			$auth_server_types
536	44d906ca	Sjon Hortensius	))->toggles();
537	a0165602	Sjon Hortensius
538			$form->add($section);
539	6157f724	Stephen Beaver
540			// ==== LDAP settings =========================================================
541	a0165602	Sjon Hortensius	$section = new Form_Section('LDAP Server Settings');
542	44d906ca	Sjon Hortensius	$section->addClass('toggle-ldap collapse');
543	a0165602	Sjon Hortensius
544			if (!isset($pconfig['type']) \|\| $pconfig['type'] == 'ldap')
545			$section->addClass('in');
546
547			$section->addInput(new Form_Input(
548			'ldap_host',
549	153c3aa6	Phil Davis	'*Hostname or IP address',
550	a0165602	Sjon Hortensius	'text',
551			$pconfig['ldap_host']
552	d672403c	derelict-pf	))->setHelp('NOTE: When using SSL or STARTTLS, this hostname MUST match the Common Name '.
553	5585e65d	Chris Buechler	'(CN) of the LDAP server\'s SSL Certificate.');
554	a0165602	Sjon Hortensius
555			$section->addInput(new Form_Input(
556			'ldap_port',
557	153c3aa6	Phil Davis	'*Port value',
558	a0165602	Sjon Hortensius	'number',
559			$pconfig['ldap_port']
560			));
561
562			$section->addInput(new Form_Select(
563			'ldap_urltype',
564	153c3aa6	Phil Davis	'*Transport',
565	a0165602	Sjon Hortensius	$pconfig['ldap_urltype'],
566			array_combine(array_keys($ldap_urltypes), array_keys($ldap_urltypes))
567			));
568
569			if (empty($a_ca))
570			{
571			$section->addInput(new Form_StaticText(
572			'Peer Certificate Authority',
573	d4a744b2	k-paulius	'No Certificate Authorities defined.<br/>Create one under <a href="system_camanager.php">System > Cert. Manager</a>.'
574	a0165602	Sjon Hortensius	));
575	fbf672cb	Matthew Grooms	}
576	a0165602	Sjon Hortensius	else
577			{
578	87c67243	jim-p	$ldapCaRef = array( 'global' => 'Global Root CA List' );
579	a0165602	Sjon Hortensius	foreach ($a_ca as $ca)
580			$ldapCaRef[ $ca['refid'] ] = $ca['descr'];
581
582			$section->addInput(new Form_Select(
583			'ldap_caref',
584			'Peer Certificate Authority',
585			$pconfig['ldap_caref'],
586			$ldapCaRef
587	d672403c	derelict-pf	))->setHelp('This option is used if \'SSL Encrypted\' '.
588			'or \'TCP - STARTTLS\' options are chosen. '.
589	a0165602	Sjon Hortensius	'It must match with the CA in the AD otherwise problems will arise.');
590	fbf672cb	Matthew Grooms	}
591
592	a0165602	Sjon Hortensius	$section->addInput(new Form_Select(
593			'ldap_protver',
594	153c3aa6	Phil Davis	'*Protocol version',
595	a0165602	Sjon Hortensius	$pconfig['ldap_protver'],
596			array_combine($ldap_protvers, $ldap_protvers)
597			));
598
599	d6b4dfe3	jim-p	$section->addInput(new Form_Input(
600			'ldap_timeout',
601			'Server Timeout',
602			'number',
603			$pconfig['ldap_timeout'],
604			['placeholder' => 25]
605			))->setHelp('Timeout for LDAP operations (seconds)');
606
607	905f6119	Stephen Beaver	$group = new Form_Group('Search scope');
608
609	c84db5bb	Stephen Beaver	$SSF = new Form_Select(
610	a0165602	Sjon Hortensius	'ldap_scope',
611	153c3aa6	Phil Davis	'*Level',
612	a0165602	Sjon Hortensius	$pconfig['ldap_scope'],
613			$ldap_scopes
614	c84db5bb	Stephen Beaver	);
615	df8fca9d	Stephen Beaver
616	c84db5bb	Stephen Beaver	$SSB = new Form_Input(
617	a0165602	Sjon Hortensius	'ldap_basedn',
618			'Base DN',
619			'text',
620			$pconfig['ldap_basedn']
621	c84db5bb	Stephen Beaver	);
622	905f6119	Stephen Beaver
623	c84db5bb	Stephen Beaver
624			$section->addInput(new Form_StaticText(
625			'Search scope',
626			'Level ' . $SSF . '<br />' . 'Base DN' . $SSB
627			));
628	a0165602	Sjon Hortensius
629	5520839e	Phil Davis	$group = new Form_Group('*Authentication containers');
630	a0165602	Sjon Hortensius	$group->add(new Form_Input(
631			'ldapauthcontainers',
632	5520839e	Phil Davis	'Containers',
633	a0165602	Sjon Hortensius	'text',
634			$pconfig['ldap_authcn']
635			))->setHelp('Note: Semi-Colon separated. This will be prepended to the search '.
636	89140b63	NOYB	'base dn above or the full container path can be specified containing a dc= '.
637	781d9ce4	Phil Davis	'component.%1$sExample: CN=Users;DC=example,DC=com or OU=Staff;OU=Freelancers', '<br/>');
638	504bd882	Stephen Beaver
639	a0165602	Sjon Hortensius	$group->add(new Form_Button(
640			'Select',
641	faab522f	Renato Botelho	'Select a container',
642	2e7fa7ca	jim-p	null,
643			'fa-search'
644	347c0214	Phil Davis	))->setAttribute('type','button')->addClass('btn-info');
645	501efbd2	Stephen Beaver
646	a0165602	Sjon Hortensius	$section->add($group);
647
648	2e101d89	Sander van Leeuwen	$section->addInput(new Form_Checkbox(
649	a0165602	Sjon Hortensius	'ldap_extended_enabled',
650	2e101d89	Sander van Leeuwen	'Extended query',
651			'Enable extended query',
652	a0165602	Sjon Hortensius	$pconfig['ldap_extended_enabled']
653	e39a41e9	Stephen Beaver	));
654	a0165602	Sjon Hortensius
655	2e101d89	Sander van Leeuwen	$group = new Form_Group('Query');
656	e39a41e9	Stephen Beaver	$group->addClass('extended');
657
658	a0165602	Sjon Hortensius	$group->add(new Form_Input(
659			'ldap_extended_query',
660	2e101d89	Sander van Leeuwen	'Query',
661	a0165602	Sjon Hortensius	'text',
662			$pconfig['ldap_extended_query']
663	603be247	AdamD	))->setHelp('Example: memberOf=CN=Groupname,OU=MyGroups,DC=example,DC=com');
664	2e101d89	Sander van Leeuwen
665	a0165602	Sjon Hortensius	$section->add($group);
666
667			$section->addInput(new Form_Checkbox(
668			'ldap_anon',
669			'Bind anonymous',
670			'Use anonymous binds to resolve distinguished names',
671			$pconfig['ldap_anon']
672	b0909f2e	Stephen Beaver	));
673	a0165602	Sjon Hortensius
674	153c3aa6	Phil Davis	$group = new Form_Group('*Bind credentials');
675	b0909f2e	Stephen Beaver	$group->addClass('ldapanon');
676
677	a0165602	Sjon Hortensius	$group->add(new Form_Input(
678			'ldap_binddn',
679			'User DN:',
680			'text',
681			$pconfig['ldap_binddn']
682			));
683	b0909f2e	Stephen Beaver
684	a0165602	Sjon Hortensius	$group->add(new Form_Input(
685			'ldap_bindpw',
686			'Password',
687	1c1f08f9	Stephen Beaver	'password',
688	a0165602	Sjon Hortensius	$pconfig['ldap_bindpw']
689			));
690			$section->add($group);
691
692	ac9d8bed	Stephen Beaver	if (!isset($id)) {
693			$template_list = array();
694
695	9d3e8723	Phil Davis	foreach ($ldap_templates as $option => $template) {
696	ac9d8bed	Stephen Beaver	$template_list[$option] = $template['desc'];
697			}
698	a0165602	Sjon Hortensius
699			$section->addInput(new Form_Select(
700			'ldap_tmpltype',
701			'Initial Template',
702			$pconfig['ldap_template'],
703	ac9d8bed	Stephen Beaver	$template_list
704	a0165602	Sjon Hortensius	));
705	fbf672cb	Matthew Grooms	}
706
707	a0165602	Sjon Hortensius	$section->addInput(new Form_Input(
708			'ldap_attr_user',
709	153c3aa6	Phil Davis	'*User naming attribute',
710	a0165602	Sjon Hortensius	'text',
711			$pconfig['ldap_attr_user']
712			));
713
714			$section->addInput(new Form_Input(
715			'ldap_attr_group',
716	153c3aa6	Phil Davis	'*Group naming attribute',
717	a0165602	Sjon Hortensius	'text',
718			$pconfig['ldap_attr_group']
719			));
720
721			$section->addInput(new Form_Input(
722			'ldap_attr_member',
723	153c3aa6	Phil Davis	'*Group member attribute',
724	a0165602	Sjon Hortensius	'text',
725			$pconfig['ldap_attr_member']
726			));
727
728	149efbea	jim-p	$section->addInput(new Form_Checkbox(
729			'ldap_rfc2307',
730			'RFC 2307 Groups',
731			'LDAP Server uses RFC 2307 style group membership',
732			$pconfig['ldap_rfc2307']
733			))->setHelp('RFC 2307 style group membership has members listed on the group '.
734			'object rather than using groups listed on user object. Leave unchecked '.
735			'for Active Directory style group membership (RFC 2307bis).');
736
737			$section->addInput(new Form_Input(
738			'ldap_attr_groupobj',
739			'Group Object Class',
740			'text',
741			$pconfig['ldap_attr_groupobj'],
742			['placeholder' => 'posixGroup']
743			))->setHelp('Object class used for groups in RFC2307 mode. '.
744			'Typically "posixGroup" or "group".');
745
746	a0165602	Sjon Hortensius	$section->addInput(new Form_Checkbox(
747			'ldap_utf8',
748			'UTF8 Encode',
749			'UTF8 encode LDAP parameters before sending them to the server.',
750			$pconfig['ldap_utf8']
751			))->setHelp('Required to support international characters, but may not be '.
752			'supported by every LDAP server.');
753
754			$section->addInput(new Form_Checkbox(
755			'ldap_nostrip_at',
756			'Username Alterations',
757			'Do not strip away parts of the username after the @ symbol',
758			$pconfig['ldap_nostrip_at']
759			))->setHelp('e.g. user@host becomes user when unchecked.');
760
761			$form->add($section);
762	6157f724	Stephen Beaver
763			// ==== RADIUS section ========================================================
764	7aaf60a8	k-paulius	$section = new Form_Section('RADIUS Server Settings');
765	44d906ca	Sjon Hortensius	$section->addClass('toggle-radius collapse');
766	a0165602	Sjon Hortensius
767	9da4a575	Renato Botelho	$section->addInput(new Form_Select(
768			'radius_protocol',
769	153c3aa6	Phil Davis	'*Protocol',
770	9da4a575	Renato Botelho	$pconfig['radius_protocol'],
771			$radius_protocol
772			));
773
774	a0165602	Sjon Hortensius	$section->addInput(new Form_Input(
775			'radius_host',
776	153c3aa6	Phil Davis	'*Hostname or IP address',
777	a0165602	Sjon Hortensius	'text',
778			$pconfig['radius_host']
779			));
780
781			$section->addInput(new Form_Input(
782			'radius_secret',
783	153c3aa6	Phil Davis	'*Shared Secret',
784	406a904b	jim-p	'password',
785	a0165602	Sjon Hortensius	$pconfig['radius_secret']
786			));
787
788			$section->addInput(new Form_Select(
789			'radius_srvcs',
790	153c3aa6	Phil Davis	'*Services offered',
791	a0165602	Sjon Hortensius	$pconfig['radius_srvcs'],
792			$radius_srvcs
793			));
794
795			$section->addInput(new Form_Input(
796			'radius_auth_port',
797	81ec3187	Chris Buechler	'Authentication port',
798	a0165602	Sjon Hortensius	'number',
799	df5d8616	Stephen Beaver	$pconfig['radius_auth_port']
800	a0165602	Sjon Hortensius	));
801
802			$section->addInput(new Form_Input(
803			'radius_acct_port',
804	df5d8616	Stephen Beaver	'Accounting port',
805	a0165602	Sjon Hortensius	'number',
806			$pconfig['radius_acct_port']
807			));
808
809			$section->addInput(new Form_Input(
810			'radius_timeout',
811			'Authentication Timeout',
812			'number',
813			$pconfig['radius_timeout']
814			))->setHelp('This value controls how long, in seconds, that the RADIUS '.
815			'server may take to respond to an authentication request. If left blank, the '.
816	89140b63	NOYB	'default value is 5 seconds. NOTE: If using an interactive two-factor '.
817	a0165602	Sjon Hortensius	'authentication system, increase this timeout to account for how long it will '.
818			'take the user to receive and enter a token.');
819
820	f15fdef3	Augustin FL	$section->addInput(new Form_Select(
821			'radius_nasip_attribute',
822			'RADIUS NAS IP Attribute',
823			$pconfig['radius_nasip_attribute'],
824			build_radiusnas_list()
825			))->setHelp('Enter the IP to use for the "NAS-IP-Address" attribute during RADIUS Acccess-Requests.<br />'.
826			'Please note that this choice won\'t change the interface used for contacting the RADIUS server.');
827
828	a0165602	Sjon Hortensius	if (isset($id) && $a_server[$id])
829			{
830			$section->addInput(new Form_Input(
831			'id',
832			null,
833			'hidden',
834			$id
835			));
836	6306b5dd	Ermal Lu?i	}
837	a0165602	Sjon Hortensius
838			$form->add($section);
839	098604d3	Stephen Beaver
840			// Create a largely empty modal to show the available containers. We will populate it via AJAX later
841			$modal = new Modal("LDAP containers", "containers", true);
842
843			$form->add($modal);
844
845	a0165602	Sjon Hortensius	print $form;
846	ac9d8bed	Stephen Beaver	?>
847	8fd9052f	Colin Fleming	<script type="text/javascript">
848	ac9d8bed	Stephen Beaver	//<![CDATA[
849	098604d3	Stephen Beaver	events.push(function() {
850
851			// Create an AJAX request (to this page) to get the container list and controls
852	501efbd2	Stephen Beaver	function select_clicked() {
853			if (document.getElementById("ldap_port").value == '' \|\|
854	7b4b0ad3	Stephen Beaver	document.getElementById("ldap_host").value == '' \|\|
855			document.getElementById("ldap_scope").value == '' \|\|
856			document.getElementById("ldap_basedn").value == '' \|\|
857			document.getElementById("ldapauthcontainers").value == '') {
858	501efbd2	Stephen Beaver	alert("<?=gettext("Please fill the required values.");?>");
859			return;
860			}
861	7b4b0ad3	Stephen Beaver
862	501efbd2	Stephen Beaver	if (!document.getElementById("ldap_anon").checked) {
863			if (document.getElementById("ldap_binddn").value == '' \|\|
864	7b4b0ad3	Stephen Beaver	document.getElementById("ldap_bindpw").value == '') {
865	501efbd2	Stephen Beaver	alert("<?=gettext("Please fill the bind username/password.");?>");
866			return;
867			}
868			}
869	098604d3	Stephen Beaver
870			var ajaxRequest;
871			var authserver = $('#authmode').val();
872			var cert;
873
874			<?php if (count($a_ca) > 0): ?>
875			cert = $('#ldap_caref').val();
876			<?php else: ?>
877			cert = '';
878			<?php endif; ?>
879	697b1e07	Stephen Beaver	/*
880	098604d3	Stephen Beaver	$('#containers').modal('show');
881	79df3d68	Stephen Beaver	$('#serverlist').parent('div').prev('label').remove();
882			$('#serverlist').parent('div').removeClass("col-sm-10");
883			$('#serverlist').parent('div').addClass("col-sm-12");
884	697b1e07	Stephen Beaver	*/
885	098604d3	Stephen Beaver	ajaxRequest = $.ajax(
886			{
887			url: "/system_authservers.php",
888			type: "post",
889			data: {
890			ajax: "ajax",
891			port: $('#ldap_port').val(),
892			host: $('#ldap_host').val(),
893			scope: $('#ldap_scope').val(),
894			basedn: $('#ldap_basedn').val(),
895			binddn: $('#ldap_binddn').val(),
896			bindpw: $('#ldap_bindpw').val(),
897			urltype:$('#ldap_urltype').val(),
898			proto: $('#ldap_protver').val(),
899			authcn: $('#ldapauthcontainers').val(),
900			cert: cert
901			}
902			}
903			);
904
905			// Deal with the results of the above ajax call
906			ajaxRequest.done(function (response, textStatus, jqXHR) {
907	697b1e07	Stephen Beaver	$('#containers').replaceWith(response);
908
909			$('#containers').modal('show');
910	098604d3	Stephen Beaver
911			// The button handler needs to be here because until the modal has been populated
912			// the controls we need to attach handlers to do not exist
913			$('#svcontbtn').prop("type", "button");
914			$('#svcontbtn').removeAttr("href");
915
916			$('#svcontbtn').click(function () {
917			var ous = $('[id^=ou]').length;
918			var i;
919
920			$('#ldapauthcontainers').val("");
921
922			for (i = 0; i < ous; i++) {
923			if ($('#ou' + i).prop("checked")) {
924			if ($('#ldapauthcontainers').val() != "") {
925			$('#ldapauthcontainers').val($('#ldapauthcontainers').val() +";");
926			}
927
928			$('#ldapauthcontainers').val($('#ldapauthcontainers').val() + $('#ou' + i).val());
929			}
930			}
931
932			$('#containers').modal('hide');
933			});
934			});
935
936	501efbd2	Stephen Beaver	}
937	7b4b0ad3	Stephen Beaver
938	f3a43095	Stephen Beaver	function set_ldap_port() {
939	d672403c	derelict-pf	if ($('#ldap_urltype').find(":selected").index() == 2)
940	7b4b0ad3	Stephen Beaver	$('#ldap_port').val('636');
941	d672403c	derelict-pf	else
942			$('#ldap_port').val('389');
943	7b4b0ad3	Stephen Beaver	}
944
945	153c3aa6	Phil Davis	function set_required_port_fields() {
946			if (document.getElementById("radius_srvcs").value == 'auth') {
947			setRequired('radius_auth_port', true);
948			setRequired('radius_acct_port', false);
949			} else if (document.getElementById("radius_srvcs").value == 'acct') {
950			setRequired('radius_auth_port', false);
951			setRequired('radius_acct_port', true);
952			} else { // both
953			setRequired('radius_auth_port', true);
954			setRequired('radius_acct_port', true);
955			}
956			}
957
958	7b4b0ad3	Stephen Beaver	// Hides all elements of the specified class. This will usually be a section
959			function hideClass(s_class, hide) {
960	9d3e8723	Phil Davis	if (hide)
961	7b4b0ad3	Stephen Beaver	$('.' + s_class).hide();
962			else
963			$('.' + s_class).show();
964	f3a43095	Stephen Beaver	}
965	7b4b0ad3	Stephen Beaver
966	ac9d8bed	Stephen Beaver	function ldap_tmplchange() {
967			switch ($('#ldap_tmpltype').find(":selected").index()) {
968			<?php
969			$index = 0;
970			foreach ($ldap_templates as $tmpldata):
971			?>
972			case <?=$index;?>:
973			$('#ldap_attr_user').val("<?=$tmpldata['attr_user'];?>");
974			$('#ldap_attr_group').val("<?=$tmpldata['attr_group'];?>");
975			$('#ldap_attr_member').val("<?=$tmpldata['attr_member'];?>");
976			break;
977			<?php
978			$index++;
979			endforeach;
980			?>
981			}
982			}
983	a0165602	Sjon Hortensius
984	eef93144	Jared Dillard	// ---------- On initial page load ------------------------------------------------------------
985	782922c2	Stephen Beaver
986	c4302457	Stephen Beaver	<?php if ($act != 'edit') : ?>
987	ac9d8bed	Stephen Beaver	ldap_tmplchange();
988	c4302457	Stephen Beaver	<?php endif; ?>
989
990	b0909f2e	Stephen Beaver	hideClass('ldapanon', $('#ldap_anon').prop('checked'));
991	e39a41e9	Stephen Beaver	hideClass('extended', !$('#ldap_extended_enabled').prop('checked'));
992	153c3aa6	Phil Davis	set_required_port_fields();
993	7b4b0ad3	Stephen Beaver
994	9d3e8723	Phil Davis	if ($('#ldap_port').val() == "")
995	f3a43095	Stephen Beaver	set_ldap_port();
996	ac9d8bed	Stephen Beaver
997	ea342b0f	Stephen Beaver	<?php
998	9d3e8723	Phil Davis	if ($act == 'edit') {
999	ea342b0f	Stephen Beaver	?>
1000	6157f724	Stephen Beaver	$('#type option:not(:selected)').each(function(){
1001	7b4b0ad3	Stephen Beaver	$(this).attr('disabled', 'disabled');
1002	6157f724	Stephen Beaver	});
1003	7b4b0ad3	Stephen Beaver
1004	2138c41b	Stephen Beaver	<?php
1005	9d3e8723	Phil Davis	if (!$input_errors) {
1006	7b4b0ad3	Stephen Beaver	?>
1007	6157f724	Stephen Beaver	$('#name').prop("readonly", true);
1008	ea342b0f	Stephen Beaver	<?php
1009	2138c41b	Stephen Beaver	}
1010	ea342b0f	Stephen Beaver	}
1011			?>
1012	eef93144	Jared Dillard	// ---------- Click checkbox handlers ---------------------------------------------------------
1013	782922c2	Stephen Beaver
1014	ac9d8bed	Stephen Beaver	$('#ldap_tmpltype').on('change', function() {
1015			ldap_tmplchange();
1016			});
1017	b0909f2e	Stephen Beaver
1018	7b4b0ad3	Stephen Beaver	$('#ldap_anon').click(function () {
1019			hideClass('ldapanon', this.checked);
1020			});
1021
1022	f3a43095	Stephen Beaver	$('#ldap_urltype').on('change', function() {
1023			set_ldap_port();
1024	7b4b0ad3	Stephen Beaver	});
1025
1026			$('#Select').click(function () {
1027			select_clicked();
1028			});
1029	504bd882	Stephen Beaver
1030	e39a41e9	Stephen Beaver	$('#ldap_extended_enabled').click(function () {
1031			hideClass('extended', !this.checked);
1032			});
1033	504bd882	Stephen Beaver
1034	153c3aa6	Phil Davis	$('#radius_srvcs').on('change', function() {
1035			set_required_port_fields();
1036			});
1037
1038	ac9d8bed	Stephen Beaver	});
1039			//]]>
1040			</script>
1041			<?php
1042	81ec3187	Chris Buechler	include("foot.inc");

Project

General

Profile

pfSense