/src/usr/local/www/system_authservers.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_authservers.php @ c2517ce8

1	fbf672cb	Matthew Grooms	<?php
2			/*
3	c5d81585	Renato Botelho	* system_authservers.php
4	ac9d8bed	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	4a762cf0	Steve Beaver	* Copyright (c) 2004-2019 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* Copyright (c) 2008 Shrew Soft Inc
8			* All rights reserved.
9	ac9d8bed	Stephen Beaver	*
10	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
11			* you may not use this file except in compliance with the License.
12			* You may obtain a copy of the License at
13	ac9d8bed	Stephen Beaver	*
14	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
15	ac9d8bed	Stephen Beaver	*
16	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
17			* distributed under the License is distributed on an "AS IS" BASIS,
18			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19			* See the License for the specific language governing permissions and
20			* limitations under the License.
21	ac9d8bed	Stephen Beaver	*/
22	fbf672cb	Matthew Grooms
23			##\|+PRIV
24			##\|*IDENT=page-system-authservers
25			##\|*NAME=System: Authentication Servers
26			##\|*DESCR=Allow access to the 'System: Authentication Servers' page.
27	57188e47	Phil Davis	##\|*WARN=standard-warning-root
28	fbf672cb	Matthew Grooms	##\|MATCH=system_authservers.php
29			##\|-PRIV
30
31	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
32	acee624f	Ermal Lu?i	require_once("auth.inc");
33	b4097bca	doktornotor	require_once("pfsense-utils.inc");
34	fbf672cb	Matthew Grooms
35	098604d3	Stephen Beaver	// Have we been called to populate the "Select a container" modal?
36			if ($_REQUEST['ajax']) {
37
38			$ous = array();
39			$authcfg = array();
40
41			$authcfg['ldap_port'] = $_REQUEST['port'];
42			$authcfg['ldap_basedn'] = $_REQUEST['basedn'];
43			$authcfg['host'] = $_REQUEST['host'];
44			$authcfg['ldap_scope'] = $_REQUEST['scope'];
45			$authcfg['ldap_binddn'] = $_REQUEST['binddn'];
46			$authcfg['ldap_bindpw'] = $_REQUEST['bindpw'];
47			$authcfg['ldap_urltype'] = $_REQUEST['urltype'];
48			$authcfg['ldap_protver'] = $_REQUEST['proto'];
49			$authcfg['ldap_authcn'] = explode(";", $_REQUEST['authcn']);
50			$authcfg['ldap_caref'] = $_REQUEST['cert'];
51
52			$ous = ldap_get_user_ous(true, $authcfg);
53
54			if (empty($ous)) {
55	89140b63	NOYB	print('<span class="text-danger">Could not connect to the LDAP server. Please check the LDAP configuration.</span>');
56	098604d3	Stephen Beaver	} else {
57	697b1e07	Stephen Beaver	$modal = new Modal("Select LDAP containers for authentication", "containers", true);
58	098604d3	Stephen Beaver	$group = new Form_MultiCheckboxGroup('Containers');
59
60			if (is_array($ous)) {
61			$idx = 0;
62
63			foreach ($ous as $ou) {
64			$group->add(new Form_MultiCheckbox(
65			'ou' . $idx,
66			'',
67			$ou,
68			in_array($ou, $authcfg['ldap_authcn']),
69			$ou
70			));
71
72			$idx++;
73			}
74			}
75
76	697b1e07	Stephen Beaver	$modal->add($group);
77	098604d3	Stephen Beaver
78			// Create a "Save button"
79	697b1e07	Stephen Beaver
80			$btnsv = new Form_Button(
81	098604d3	Stephen Beaver	'svcontbtn',
82			'Save',
83			null,
84			'fa-save'
85			);
86
87	697b1e07	Stephen Beaver	$btnsv->removeClass("btn-default)")->addClass("btn-primary");
88	098604d3	Stephen Beaver
89	697b1e07	Stephen Beaver	$modal->addInput(new Form_StaticText(
90	098604d3	Stephen Beaver	'',
91	697b1e07	Stephen Beaver	$btnsv
92	098604d3	Stephen Beaver	));
93
94	697b1e07	Stephen Beaver	print($modal);
95	098604d3	Stephen Beaver	}
96
97			exit;
98			}
99
100	4611e283	Steve Beaver	$id = $_REQUEST['id'];
101	fbf672cb	Matthew Grooms
102	2ee8dea1	Phil Davis	if (!is_array($config['system']['authserver'])) {
103	fbf672cb	Matthew Grooms	$config['system']['authserver'] = array();
104	2ee8dea1	Phil Davis	}
105	fbf672cb	Matthew Grooms
106	4e4cac0d	jim-p	$a_server = array_values(auth_get_authserver_list());
107	59d06739	Steve Beaver
108	ea0dd417	jim-p	init_config_arr(array('ca'));
109			$a_ca = &$config['ca'];
110	fe2031ab	Ermal
111	4611e283	Steve Beaver	$act = $_REQUEST['act'];
112	fbf672cb	Matthew Grooms
113	4611e283	Steve Beaver	if ($_POST['act'] == "del") {
114	fbf672cb	Matthew Grooms
115	59d06739	Steve Beaver	if (!$a_server[$_POST['id']]) {
116	fbf672cb	Matthew Grooms	pfSenseHeader("system_authservers.php");
117			exit;
118			}
119
120	9db6993f	jim-p	/* Remove server from main list. */
121	59d06739	Steve Beaver	$serverdeleted = $a_server[$_POST['id']]['name'];
122	9db6993f	jim-p	foreach ($config['system']['authserver'] as $k => $as) {
123	2ee8dea1	Phil Davis	if ($config['system']['authserver'][$k]['name'] == $serverdeleted) {
124	9db6993f	jim-p	unset($config['system']['authserver'][$k]);
125	2ee8dea1	Phil Davis	}
126	9db6993f	jim-p	}
127
128			/* Remove server from temp list used later on this page. */
129	59d06739	Steve Beaver	unset($a_server[$_POST['id']]);
130	4e4cac0d	jim-p	$a_server = array_values($a_server);
131	9db6993f	jim-p
132	8545adde	k-paulius	$savemsg = sprintf(gettext("Authentication Server %s deleted."), htmlspecialchars($serverdeleted));
133	9db6993f	jim-p	write_config($savemsg);
134	fbf672cb	Matthew Grooms	}
135
136			if ($act == "edit") {
137			if (isset($id) && $a_server[$id]) {
138
139			$pconfig['type'] = $a_server[$id]['type'];
140			$pconfig['name'] = $a_server[$id]['name'];
141
142			if ($pconfig['type'] == "ldap") {
143	fe2031ab	Ermal	$pconfig['ldap_caref'] = $a_server[$id]['ldap_caref'];
144	fbf672cb	Matthew Grooms	$pconfig['ldap_host'] = $a_server[$id]['host'];
145			$pconfig['ldap_port'] = $a_server[$id]['ldap_port'];
146	d6b4dfe3	jim-p	$pconfig['ldap_timeout'] = $a_server[$id]['ldap_timeout'];
147	fbf672cb	Matthew Grooms	$pconfig['ldap_urltype'] = $a_server[$id]['ldap_urltype'];
148			$pconfig['ldap_protver'] = $a_server[$id]['ldap_protver'];
149			$pconfig['ldap_scope'] = $a_server[$id]['ldap_scope'];
150			$pconfig['ldap_basedn'] = $a_server[$id]['ldap_basedn'];
151	c61e4626	Ermal Lu?i	$pconfig['ldap_authcn'] = $a_server[$id]['ldap_authcn'];
152	c7073ebf	namezero111111	$pconfig['ldap_extended_enabled'] = $a_server[$id]['ldap_extended_enabled'];
153			$pconfig['ldap_extended_query'] = $a_server[$id]['ldap_extended_query'];
154	fbf672cb	Matthew Grooms	$pconfig['ldap_binddn'] = $a_server[$id]['ldap_binddn'];
155			$pconfig['ldap_bindpw'] = $a_server[$id]['ldap_bindpw'];
156			$pconfig['ldap_attr_user'] = $a_server[$id]['ldap_attr_user'];
157			$pconfig['ldap_attr_group'] = $a_server[$id]['ldap_attr_group'];
158			$pconfig['ldap_attr_member'] = $a_server[$id]['ldap_attr_member'];
159	149efbea	jim-p	$pconfig['ldap_attr_groupobj'] = $a_server[$id]['ldap_attr_groupobj'];
160	a5cd1c5a	jim-p	$pconfig['ldap_utf8'] = isset($a_server[$id]['ldap_utf8']);
161			$pconfig['ldap_nostrip_at'] = isset($a_server[$id]['ldap_nostrip_at']);
162	149efbea	jim-p	$pconfig['ldap_rfc2307'] = isset($a_server[$id]['ldap_rfc2307']);
163	fbf672cb	Matthew Grooms
164	2ee8dea1	Phil Davis	if (!$pconfig['ldap_binddn'] \|\| !$pconfig['ldap_bindpw']) {
165	fbf672cb	Matthew Grooms	$pconfig['ldap_anon'] = true;
166	2ee8dea1	Phil Davis	}
167	fbf672cb	Matthew Grooms	}
168
169			if ($pconfig['type'] == "radius") {
170	9da4a575	Renato Botelho	$pconfig['radius_protocol'] = $a_server[$id]['radius_protocol'];
171	fbf672cb	Matthew Grooms	$pconfig['radius_host'] = $a_server[$id]['host'];
172	f15fdef3	Augustin FL	$pconfig['radius_nasip_attribute'] = $a_server[$id]['radius_nasip_attribute'];
173	fbf672cb	Matthew Grooms	$pconfig['radius_auth_port'] = $a_server[$id]['radius_auth_port'];
174			$pconfig['radius_acct_port'] = $a_server[$id]['radius_acct_port'];
175	e8a58de4	Ermal Lu?i	$pconfig['radius_secret'] = $a_server[$id]['radius_secret'];
176	bddd2be8	jim-p	$pconfig['radius_timeout'] = $a_server[$id]['radius_timeout'];
177	fbf672cb	Matthew Grooms
178			if ($pconfig['radius_auth_port'] &&
179	ac9d8bed	Stephen Beaver	$pconfig['radius_acct_port']) {
180	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "both";
181			}
182
183	2ee8dea1	Phil Davis	if ($pconfig['radius_auth_port'] &&
184	ac9d8bed	Stephen Beaver	!$pconfig['radius_acct_port']) {
185	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "auth";
186	acee624f	Ermal Lu?i	$pconfig['radius_acct_port'] = 1813;
187	fbf672cb	Matthew Grooms	}
188
189			if (!$pconfig['radius_auth_port'] &&
190	ac9d8bed	Stephen Beaver	$pconfig['radius_acct_port']) {
191	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "acct";
192	acee624f	Ermal Lu?i	$pconfig['radius_auth_port'] = 1812;
193	fbf672cb	Matthew Grooms	}
194
195			}
196			}
197			}
198
199			if ($act == "new") {
200			$pconfig['ldap_protver'] = 3;
201			$pconfig['ldap_anon'] = true;
202	9da4a575	Renato Botelho	$pconfig['radius_protocol'] = "MSCHAPv2";
203	fbf672cb	Matthew Grooms	$pconfig['radius_srvcs'] = "both";
204	acee624f	Ermal Lu?i	$pconfig['radius_auth_port'] = "1812";
205			$pconfig['radius_acct_port'] = "1813";
206	fbf672cb	Matthew Grooms	}
207
208	59d06739	Steve Beaver	if ($_POST['save']) {
209	fbf672cb	Matthew Grooms	unset($input_errors);
210			$pconfig = $_POST;
211
212			/* input validation */
213
214			if ($pconfig['type'] == "ldap") {
215	2ee8dea1	Phil Davis	$reqdfields = explode(" ",
216			"name type ldap_host ldap_port " .
217			"ldap_urltype ldap_protver ldap_scope " .
218			"ldap_attr_user ldap_attr_group ldap_attr_member ldapauthcontainers");
219	7b4b0ad3	Stephen Beaver
220	257705ca	Renato Botelho	$reqdfieldsn = array(
221			gettext("Descriptive name"),
222			gettext("Type"),
223			gettext("Hostname or IP"),
224			gettext("Port value"),
225			gettext("Transport"),
226			gettext("Protocol version"),
227			gettext("Search level"),
228			gettext("User naming Attribute"),
229			gettext("Group naming Attribute"),
230			gettext("Group member attribute"),
231			gettext("Authentication container"));
232	fbf672cb	Matthew Grooms
233			if (!$pconfig['ldap_anon']) {
234			$reqdfields[] = "ldap_binddn";
235			$reqdfields[] = "ldap_bindpw";
236	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Bind user DN");
237			$reqdfieldsn[] = gettext("Bind Password");
238	fbf672cb	Matthew Grooms	}
239			}
240
241			if ($pconfig['type'] == "radius") {
242	9da4a575	Renato Botelho	$reqdfields = explode(" ", "name type radius_protocol radius_host radius_srvcs");
243	257705ca	Renato Botelho	$reqdfieldsn = array(
244			gettext("Descriptive name"),
245			gettext("Type"),
246	9da4a575	Renato Botelho	gettext("Radius Protocol"),
247	257705ca	Renato Botelho	gettext("Hostname or IP"),
248			gettext("Services"));
249	fbf672cb	Matthew Grooms
250	0a6ab475	hamnur	if ($pconfig['radius_srvcs'] == "both" \|\|
251			$pconfig['radius_srvcs'] == "auth") {
252	fbf672cb	Matthew Grooms	$reqdfields[] = "radius_auth_port";
253	81ec3187	Chris Buechler	$reqdfieldsn[] = gettext("Authentication port");
254	fbf672cb	Matthew Grooms	}
255
256	0a6ab475	hamnur	if ($pconfig['radius_srvcs'] == "both" \|\|
257			$pconfig['radius_srvcs'] == "acct") {
258	fbf672cb	Matthew Grooms	$reqdfields[] = "radius_acct_port";
259	81ec3187	Chris Buechler	$reqdfieldsn[] = gettext("Accounting port");
260	fbf672cb	Matthew Grooms	}
261
262			if (!isset($id)) {
263			$reqdfields[] = "radius_secret";
264	257705ca	Renato Botelho	$reqdfieldsn[] = gettext("Shared Secret");
265	fbf672cb	Matthew Grooms	}
266			}
267
268	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
269	fbf672cb	Matthew Grooms
270	2ee8dea1	Phil Davis	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['host'])) {
271	fbf672cb	Matthew Grooms	$input_errors[] = gettext("The host name contains invalid characters.");
272	2ee8dea1	Phil Davis	}
273	fbf672cb	Matthew Grooms
274	2ee8dea1	Phil Davis	if (auth_get_authserver($pconfig['name']) && !isset($id)) {
275	257705ca	Renato Botelho	$input_errors[] = gettext("An authentication server with the same name already exists.");
276	2ee8dea1	Phil Davis	}
277	acee624f	Ermal Lu?i
278	695c5d51	jim-p	if (isset($id) && $config['system']['authserver'][$id] &&
279			($config['system']['authserver'][$id]['name'] != $pconfig['name'])) {
280			$input_errors[] = gettext("The name of an authentication server cannot be changed.");
281			}
282
283	d6b4dfe3	jim-p	if (($pconfig['type'] == "ldap") \|\| ($pconfig['type'] == "radius")) {
284			$to_field = "{$pconfig['type']}_timeout";
285			if (isset($_POST[$to_field]) && !empty($_POST[$to_field]) && (!is_numeric($_POST[$to_field]) \|\| (is_numeric($_POST[$to_field]) && ($_POST[$to_field] <= 0)))) {
286			$input_errors[] = sprintf(gettext("%s Timeout value must be numeric and positive."), strtoupper($pconfig['type']));
287			}
288	2ee8dea1	Phil Davis	}
289	bddd2be8	jim-p
290	c4a6015b	doktornotor	// https://redmine.pfsense.org/issues/4154
291	a6b610cb	doktornotor	if ($pconfig['type'] == "radius") {
292	c4a6015b	doktornotor	if (is_ipaddrv6($_POST['radius_host'])) {
293			$input_errors[] = gettext("IPv6 does not work for RADIUS authentication, see Bug #4154.");
294			}
295			}
296
297	fbf672cb	Matthew Grooms	if (!$input_errors) {
298			$server = array();
299			$server['refid'] = uniqid();
300	2ee8dea1	Phil Davis	if (isset($id) && $a_server[$id]) {
301	fbf672cb	Matthew Grooms	$server = $a_server[$id];
302	2ee8dea1	Phil Davis	}
303	fbf672cb	Matthew Grooms
304			$server['type'] = $pconfig['type'];
305			$server['name'] = $pconfig['name'];
306
307			if ($server['type'] == "ldap") {
308
309	2ee8dea1	Phil Davis	if (!empty($pconfig['ldap_caref'])) {
310	fe2031ab	Ermal	$server['ldap_caref'] = $pconfig['ldap_caref'];
311	2ee8dea1	Phil Davis	}
312	fbf672cb	Matthew Grooms	$server['host'] = $pconfig['ldap_host'];
313			$server['ldap_port'] = $pconfig['ldap_port'];
314			$server['ldap_urltype'] = $pconfig['ldap_urltype'];
315			$server['ldap_protver'] = $pconfig['ldap_protver'];
316			$server['ldap_scope'] = $pconfig['ldap_scope'];
317			$server['ldap_basedn'] = $pconfig['ldap_basedn'];
318	c61e4626	Ermal Lu?i	$server['ldap_authcn'] = $pconfig['ldapauthcontainers'];
319	c7073ebf	namezero111111	$server['ldap_extended_enabled'] = $pconfig['ldap_extended_enabled'];
320			$server['ldap_extended_query'] = $pconfig['ldap_extended_query'];
321	fbf672cb	Matthew Grooms	$server['ldap_attr_user'] = $pconfig['ldap_attr_user'];
322			$server['ldap_attr_group'] = $pconfig['ldap_attr_group'];
323			$server['ldap_attr_member'] = $pconfig['ldap_attr_member'];
324	149efbea	jim-p
325			$server['ldap_attr_groupobj'] = empty($pconfig['ldap_attr_groupobj']) ? "posixGroup" : $pconfig['ldap_attr_groupobj'];
326
327	2ee8dea1	Phil Davis	if ($pconfig['ldap_utf8'] == "yes") {
328	a5cd1c5a	jim-p	$server['ldap_utf8'] = true;
329	2ee8dea1	Phil Davis	} else {
330	a5cd1c5a	jim-p	unset($server['ldap_utf8']);
331	2ee8dea1	Phil Davis	}
332			if ($pconfig['ldap_nostrip_at'] == "yes") {
333	a5cd1c5a	jim-p	$server['ldap_nostrip_at'] = true;
334	2ee8dea1	Phil Davis	} else {
335	a5cd1c5a	jim-p	unset($server['ldap_nostrip_at']);
336	2ee8dea1	Phil Davis	}
337	149efbea	jim-p	if ($pconfig['ldap_rfc2307'] == "yes") {
338			$server['ldap_rfc2307'] = true;
339			} else {
340			unset($server['ldap_rfc2307']);
341			}
342	a5cd1c5a	jim-p
343	fbf672cb	Matthew Grooms
344			if (!$pconfig['ldap_anon']) {
345			$server['ldap_binddn'] = $pconfig['ldap_binddn'];
346			$server['ldap_bindpw'] = $pconfig['ldap_bindpw'];
347			} else {
348			unset($server['ldap_binddn']);
349			unset($server['ldap_bindpw']);
350			}
351	d6b4dfe3	jim-p
352			if ($pconfig['ldap_timeout']) {
353			$server['ldap_timeout'] = $pconfig['ldap_timeout'];
354			} else {
355			$server['ldap_timeout'] = 25;
356			}
357	fbf672cb	Matthew Grooms	}
358
359			if ($server['type'] == "radius") {
360
361	9da4a575	Renato Botelho	$server['radius_protocol'] = $pconfig['radius_protocol'];
362	fbf672cb	Matthew Grooms	$server['host'] = $pconfig['radius_host'];
363	f15fdef3	Augustin FL	$server['radius_nasip_attribute'] = $pconfig['radius_nasip_attribute'];
364	fbf672cb	Matthew Grooms
365	2ee8dea1	Phil Davis	if ($pconfig['radius_secret']) {
366	fbf672cb	Matthew Grooms	$server['radius_secret'] = $pconfig['radius_secret'];
367	2ee8dea1	Phil Davis	}
368	fbf672cb	Matthew Grooms
369	2ee8dea1	Phil Davis	if ($pconfig['radius_timeout']) {
370	bddd2be8	jim-p	$server['radius_timeout'] = $pconfig['radius_timeout'];
371	2ee8dea1	Phil Davis	} else {
372	afdf29d3	jim-p	$server['radius_timeout'] = 5;
373	2ee8dea1	Phil Davis	}
374	bddd2be8	jim-p
375	fbf672cb	Matthew Grooms	if ($pconfig['radius_srvcs'] == "both") {
376			$server['radius_auth_port'] = $pconfig['radius_auth_port'];
377			$server['radius_acct_port'] = $pconfig['radius_acct_port'];
378			}
379
380			if ($pconfig['radius_srvcs'] == "auth") {
381			$server['radius_auth_port'] = $pconfig['radius_auth_port'];
382			unset($server['radius_acct_port']);
383			}
384
385			if ($pconfig['radius_srvcs'] == "acct") {
386			$server['radius_acct_port'] = $pconfig['radius_acct_port'];
387			unset($server['radius_auth_port']);
388			}
389			}
390
391	2ee8dea1	Phil Davis	if (isset($id) && $config['system']['authserver'][$id]) {
392	6306b5dd	Ermal Lu?i	$config['system']['authserver'][$id] = $server;
393	2ee8dea1	Phil Davis	} else {
394	6306b5dd	Ermal Lu?i	$config['system']['authserver'][] = $server;
395	2ee8dea1	Phil Davis	}
396	fbf672cb	Matthew Grooms
397			write_config();
398
399			pfSenseHeader("system_authservers.php");
400			}
401			}
402
403	f15fdef3	Augustin FL	function build_radiusnas_list() {
404			global $config;
405			$list = array();
406
407			$iflist = get_configured_interface_with_descr();
408			foreach ($iflist as $ifdesc => $ifdescr) {
409			$ipaddr = get_interface_ip($ifdesc);
410			if (is_ipaddr($ipaddr)) {
411			$list[$ifdesc] = $ifdescr . ' - ' . $ipaddr;
412			}
413			}
414
415			if (is_array($config['virtualip']['vip'])) {
416			foreach ($config['virtualip']['vip'] as $sn) {
417			if ($sn['mode'] == "proxyarp" && $sn['type'] == "network") {
418			$start = ip2long32(gen_subnet($sn['subnet'], $sn['subnet_bits']));
419			$end = ip2long32(gen_subnet_max($sn['subnet'], $sn['subnet_bits']));
420			$len = $end - $start;
421
422			for ($i = 0; $i <= $len; $i++) {
423			$snip = long2ip32($start+$i);
424			$list[$snip] = $sn['descr'] . ' - ' . $snip;
425			}
426			} else {
427			$list[$sn['subnet']] = $sn['descr'] . ' - ' . $sn['subnet'];
428			}
429			}
430			}
431
432			return($list);
433			}
434
435	1d3259b5	Stephen Beaver	// On error, restore the form contents so the user doesn't have to re-enter too much
436	9d3e8723	Phil Davis	if ($_POST && $input_errors) {
437	504bd882	Stephen Beaver	$pconfig = $_POST;
438			$pconfig['ldap_authcn'] = $_POST['ldapauthcontainers'];
439	b1f0f7e1	Stephen Beaver	$pconfig['ldap_template'] = $_POST['ldap_tmpltype'];
440	504bd882	Stephen Beaver	}
441
442	8f1ab2a4	k-paulius	$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Authentication Servers"));
443	edcd7535	Phil Davis	$pglinks = array("", "system_usermanager.php", "system_authservers.php");
444	8f1ab2a4	k-paulius
445			if ($act == "new" \|\| $act == "edit" \|\| $input_errors) {
446			$pgtitle[] = gettext('Edit');
447	edcd7535	Phil Davis	$pglinks[] = "@self";
448	8f1ab2a4	k-paulius	}
449			$shortcut_section = "authentication";
450	fbf672cb	Matthew Grooms	include("head.inc");
451
452	762faef5	Phil Davis	if ($input_errors) {
453	a0165602	Sjon Hortensius	print_input_errors($input_errors);
454	762faef5	Phil Davis	}
455	7b4b0ad3	Stephen Beaver
456	762faef5	Phil Davis	if ($savemsg) {
457	ea342b0f	Stephen Beaver	print_info_box($savemsg, 'success');
458	762faef5	Phil Davis	}
459	a0165602	Sjon Hortensius
460			$tab_array = array();
461			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
462			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
463			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
464	2d1f33d9	k-paulius	$tab_array[] = array(gettext("Authentication Servers"), true, "system_authservers.php");
465	a0165602	Sjon Hortensius	display_top_tabs($tab_array);
466
467	762faef5	Phil Davis	if (!($act == "new" \|\| $act == "edit" \|\| $input_errors)) {
468	060ed238	Stephen Beaver	?>
469			<div class="panel panel-default">
470	70dc5cd6	Phil Davis	<div class="panel-heading"><h2 class="panel-title"><?=gettext('Authentication Servers')?></h2></div>
471	060ed238	Stephen Beaver	<div class="panel-body">
472			<div class="table-responsive">
473	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
474	060ed238	Stephen Beaver	<thead>
475			<tr>
476			<th><?=gettext("Server Name")?></th>
477			<th><?=gettext("Type")?></th>
478			<th><?=gettext("Host Name")?></th>
479			<th><?=gettext("Actions")?></th>
480			</tr>
481			</thead>
482			<tbody>
483	9d3e8723	Phil Davis	<?php foreach ($a_server as $i => $server): ?>
484	060ed238	Stephen Beaver	<tr>
485			<td><?=htmlspecialchars($server['name'])?></td>
486			<td><?=htmlspecialchars($auth_server_types[$server['type']])?></td>
487			<td><?=htmlspecialchars($server['host'])?></td>
488			<td>
489			<?php if ($i < (count($a_server) - 1)): ?>
490	4611e283	Steve Beaver	<a class="fa fa-pencil" title="<?=gettext("Edit server"); ?>" href="system_authservers.php?act=edit&id=<?=$i?>"></a>
491	59d06739	Steve Beaver	<a class="fa fa-trash" title="<?=gettext("Delete server")?>" href="system_authservers.php?act=del&id=<?=$i?>" usepost></a>
492	060ed238	Stephen Beaver	<?php endif?>
493			</td>
494			</tr>
495			<?php endforeach; ?>
496			</tbody>
497			</table>
498			</div>
499	94404d94	Sander van Leeuwen	</div>
500	060ed238	Stephen Beaver	</div>
501
502			<nav class="action-buttons">
503	4611e283	Steve Beaver	<a href="?act=new" class="btn btn-success btn-sm">
504	060ed238	Stephen Beaver	<i class="fa fa-plus icon-embed-btn"></i>
505			<?=gettext("Add")?>
506			</a>
507			</nav>
508	fbf672cb	Matthew Grooms	<?php
509	a0165602	Sjon Hortensius	include("foot.inc");
510			exit;
511	fbf672cb	Matthew Grooms	}
512
513	a0165602	Sjon Hortensius	$form = new Form;
514			$form->setAction('system_authservers.php?act=edit');
515	ea342b0f	Stephen Beaver
516	a0165602	Sjon Hortensius	$form->addGlobal(new Form_Input(
517			'userid',
518			null,
519			'hidden',
520			$id
521			));
522
523	5f88f964	k-paulius	$section = new Form_Section('Server Settings');
524	a0165602	Sjon Hortensius
525			$section->addInput($input = new Form_Input(
526			'name',
527	153c3aa6	Phil Davis	'*Descriptive name',
528	a0165602	Sjon Hortensius	'text',
529			$pconfig['name']
530			));
531
532			$section->addInput($input = new Form_Select(
533			'type',
534	153c3aa6	Phil Davis	'*Type',
535	a0165602	Sjon Hortensius	$pconfig['type'],
536			$auth_server_types
537	44d906ca	Sjon Hortensius	))->toggles();
538	a0165602	Sjon Hortensius
539			$form->add($section);
540	6157f724	Stephen Beaver
541			// ==== LDAP settings =========================================================
542	a0165602	Sjon Hortensius	$section = new Form_Section('LDAP Server Settings');
543	44d906ca	Sjon Hortensius	$section->addClass('toggle-ldap collapse');
544	a0165602	Sjon Hortensius
545			if (!isset($pconfig['type']) \|\| $pconfig['type'] == 'ldap')
546			$section->addClass('in');
547
548			$section->addInput(new Form_Input(
549			'ldap_host',
550	153c3aa6	Phil Davis	'*Hostname or IP address',
551	a0165602	Sjon Hortensius	'text',
552			$pconfig['ldap_host']
553	d672403c	derelict-pf	))->setHelp('NOTE: When using SSL or STARTTLS, this hostname MUST match the Common Name '.
554	5585e65d	Chris Buechler	'(CN) of the LDAP server\'s SSL Certificate.');
555	a0165602	Sjon Hortensius
556			$section->addInput(new Form_Input(
557			'ldap_port',
558	153c3aa6	Phil Davis	'*Port value',
559	a0165602	Sjon Hortensius	'number',
560			$pconfig['ldap_port']
561			));
562
563			$section->addInput(new Form_Select(
564			'ldap_urltype',
565	153c3aa6	Phil Davis	'*Transport',
566	a0165602	Sjon Hortensius	$pconfig['ldap_urltype'],
567			array_combine(array_keys($ldap_urltypes), array_keys($ldap_urltypes))
568			));
569
570			if (empty($a_ca))
571			{
572			$section->addInput(new Form_StaticText(
573			'Peer Certificate Authority',
574	d4a744b2	k-paulius	'No Certificate Authorities defined.<br/>Create one under <a href="system_camanager.php">System > Cert. Manager</a>.'
575	a0165602	Sjon Hortensius	));
576	fbf672cb	Matthew Grooms	}
577	a0165602	Sjon Hortensius	else
578			{
579	87c67243	jim-p	$ldapCaRef = array( 'global' => 'Global Root CA List' );
580	a0165602	Sjon Hortensius	foreach ($a_ca as $ca)
581			$ldapCaRef[ $ca['refid'] ] = $ca['descr'];
582
583			$section->addInput(new Form_Select(
584			'ldap_caref',
585			'Peer Certificate Authority',
586			$pconfig['ldap_caref'],
587			$ldapCaRef
588	d672403c	derelict-pf	))->setHelp('This option is used if \'SSL Encrypted\' '.
589			'or \'TCP - STARTTLS\' options are chosen. '.
590	a0165602	Sjon Hortensius	'It must match with the CA in the AD otherwise problems will arise.');
591	fbf672cb	Matthew Grooms	}
592
593	a0165602	Sjon Hortensius	$section->addInput(new Form_Select(
594			'ldap_protver',
595	153c3aa6	Phil Davis	'*Protocol version',
596	a0165602	Sjon Hortensius	$pconfig['ldap_protver'],
597			array_combine($ldap_protvers, $ldap_protvers)
598			));
599
600	d6b4dfe3	jim-p	$section->addInput(new Form_Input(
601			'ldap_timeout',
602			'Server Timeout',
603			'number',
604			$pconfig['ldap_timeout'],
605			['placeholder' => 25]
606			))->setHelp('Timeout for LDAP operations (seconds)');
607
608	905f6119	Stephen Beaver	$group = new Form_Group('Search scope');
609
610	c84db5bb	Stephen Beaver	$SSF = new Form_Select(
611	a0165602	Sjon Hortensius	'ldap_scope',
612	153c3aa6	Phil Davis	'*Level',
613	a0165602	Sjon Hortensius	$pconfig['ldap_scope'],
614			$ldap_scopes
615	c84db5bb	Stephen Beaver	);
616	df8fca9d	Stephen Beaver
617	c84db5bb	Stephen Beaver	$SSB = new Form_Input(
618	a0165602	Sjon Hortensius	'ldap_basedn',
619			'Base DN',
620			'text',
621			$pconfig['ldap_basedn']
622	c84db5bb	Stephen Beaver	);
623	905f6119	Stephen Beaver
624	c84db5bb	Stephen Beaver
625			$section->addInput(new Form_StaticText(
626			'Search scope',
627			'Level ' . $SSF . '<br />' . 'Base DN' . $SSB
628			));
629	a0165602	Sjon Hortensius
630	5520839e	Phil Davis	$group = new Form_Group('*Authentication containers');
631	a0165602	Sjon Hortensius	$group->add(new Form_Input(
632			'ldapauthcontainers',
633	5520839e	Phil Davis	'Containers',
634	a0165602	Sjon Hortensius	'text',
635			$pconfig['ldap_authcn']
636			))->setHelp('Note: Semi-Colon separated. This will be prepended to the search '.
637	89140b63	NOYB	'base dn above or the full container path can be specified containing a dc= '.
638	781d9ce4	Phil Davis	'component.%1$sExample: CN=Users;DC=example,DC=com or OU=Staff;OU=Freelancers', '<br/>');
639	504bd882	Stephen Beaver
640	a0165602	Sjon Hortensius	$group->add(new Form_Button(
641			'Select',
642	faab522f	Renato Botelho	'Select a container',
643	2e7fa7ca	jim-p	null,
644			'fa-search'
645	347c0214	Phil Davis	))->setAttribute('type','button')->addClass('btn-info');
646	501efbd2	Stephen Beaver
647	a0165602	Sjon Hortensius	$section->add($group);
648
649	2e101d89	Sander van Leeuwen	$section->addInput(new Form_Checkbox(
650	a0165602	Sjon Hortensius	'ldap_extended_enabled',
651	2e101d89	Sander van Leeuwen	'Extended query',
652			'Enable extended query',
653	a0165602	Sjon Hortensius	$pconfig['ldap_extended_enabled']
654	e39a41e9	Stephen Beaver	));
655	a0165602	Sjon Hortensius
656	2e101d89	Sander van Leeuwen	$group = new Form_Group('Query');
657	e39a41e9	Stephen Beaver	$group->addClass('extended');
658
659	a0165602	Sjon Hortensius	$group->add(new Form_Input(
660			'ldap_extended_query',
661	2e101d89	Sander van Leeuwen	'Query',
662	a0165602	Sjon Hortensius	'text',
663			$pconfig['ldap_extended_query']
664	603be247	AdamD	))->setHelp('Example: memberOf=CN=Groupname,OU=MyGroups,DC=example,DC=com');
665	2e101d89	Sander van Leeuwen
666	a0165602	Sjon Hortensius	$section->add($group);
667
668			$section->addInput(new Form_Checkbox(
669			'ldap_anon',
670			'Bind anonymous',
671			'Use anonymous binds to resolve distinguished names',
672			$pconfig['ldap_anon']
673	b0909f2e	Stephen Beaver	));
674	a0165602	Sjon Hortensius
675	153c3aa6	Phil Davis	$group = new Form_Group('*Bind credentials');
676	b0909f2e	Stephen Beaver	$group->addClass('ldapanon');
677
678	a0165602	Sjon Hortensius	$group->add(new Form_Input(
679			'ldap_binddn',
680			'User DN:',
681			'text',
682			$pconfig['ldap_binddn']
683			));
684	b0909f2e	Stephen Beaver
685	a0165602	Sjon Hortensius	$group->add(new Form_Input(
686			'ldap_bindpw',
687			'Password',
688	1c1f08f9	Stephen Beaver	'password',
689	a0165602	Sjon Hortensius	$pconfig['ldap_bindpw']
690			));
691			$section->add($group);
692
693	ac9d8bed	Stephen Beaver	if (!isset($id)) {
694			$template_list = array();
695
696	9d3e8723	Phil Davis	foreach ($ldap_templates as $option => $template) {
697	ac9d8bed	Stephen Beaver	$template_list[$option] = $template['desc'];
698			}
699	a0165602	Sjon Hortensius
700			$section->addInput(new Form_Select(
701			'ldap_tmpltype',
702			'Initial Template',
703			$pconfig['ldap_template'],
704	ac9d8bed	Stephen Beaver	$template_list
705	a0165602	Sjon Hortensius	));
706	fbf672cb	Matthew Grooms	}
707
708	a0165602	Sjon Hortensius	$section->addInput(new Form_Input(
709			'ldap_attr_user',
710	153c3aa6	Phil Davis	'*User naming attribute',
711	a0165602	Sjon Hortensius	'text',
712			$pconfig['ldap_attr_user']
713			));
714
715			$section->addInput(new Form_Input(
716			'ldap_attr_group',
717	153c3aa6	Phil Davis	'*Group naming attribute',
718	a0165602	Sjon Hortensius	'text',
719			$pconfig['ldap_attr_group']
720			));
721
722			$section->addInput(new Form_Input(
723			'ldap_attr_member',
724	153c3aa6	Phil Davis	'*Group member attribute',
725	a0165602	Sjon Hortensius	'text',
726			$pconfig['ldap_attr_member']
727			));
728
729	149efbea	jim-p	$section->addInput(new Form_Checkbox(
730			'ldap_rfc2307',
731			'RFC 2307 Groups',
732			'LDAP Server uses RFC 2307 style group membership',
733			$pconfig['ldap_rfc2307']
734			))->setHelp('RFC 2307 style group membership has members listed on the group '.
735			'object rather than using groups listed on user object. Leave unchecked '.
736			'for Active Directory style group membership (RFC 2307bis).');
737
738			$section->addInput(new Form_Input(
739			'ldap_attr_groupobj',
740			'Group Object Class',
741			'text',
742			$pconfig['ldap_attr_groupobj'],
743			['placeholder' => 'posixGroup']
744			))->setHelp('Object class used for groups in RFC2307 mode. '.
745			'Typically "posixGroup" or "group".');
746
747	a0165602	Sjon Hortensius	$section->addInput(new Form_Checkbox(
748			'ldap_utf8',
749			'UTF8 Encode',
750			'UTF8 encode LDAP parameters before sending them to the server.',
751			$pconfig['ldap_utf8']
752			))->setHelp('Required to support international characters, but may not be '.
753			'supported by every LDAP server.');
754
755			$section->addInput(new Form_Checkbox(
756			'ldap_nostrip_at',
757			'Username Alterations',
758			'Do not strip away parts of the username after the @ symbol',
759			$pconfig['ldap_nostrip_at']
760			))->setHelp('e.g. user@host becomes user when unchecked.');
761
762			$form->add($section);
763	6157f724	Stephen Beaver
764			// ==== RADIUS section ========================================================
765	7aaf60a8	k-paulius	$section = new Form_Section('RADIUS Server Settings');
766	44d906ca	Sjon Hortensius	$section->addClass('toggle-radius collapse');
767	a0165602	Sjon Hortensius
768	9da4a575	Renato Botelho	$section->addInput(new Form_Select(
769			'radius_protocol',
770	153c3aa6	Phil Davis	'*Protocol',
771	9da4a575	Renato Botelho	$pconfig['radius_protocol'],
772			$radius_protocol
773			));
774
775	a0165602	Sjon Hortensius	$section->addInput(new Form_Input(
776			'radius_host',
777	153c3aa6	Phil Davis	'*Hostname or IP address',
778	a0165602	Sjon Hortensius	'text',
779			$pconfig['radius_host']
780			));
781
782			$section->addInput(new Form_Input(
783			'radius_secret',
784	153c3aa6	Phil Davis	'*Shared Secret',
785	406a904b	jim-p	'password',
786	a0165602	Sjon Hortensius	$pconfig['radius_secret']
787			));
788
789			$section->addInput(new Form_Select(
790			'radius_srvcs',
791	153c3aa6	Phil Davis	'*Services offered',
792	a0165602	Sjon Hortensius	$pconfig['radius_srvcs'],
793			$radius_srvcs
794			));
795
796			$section->addInput(new Form_Input(
797			'radius_auth_port',
798	81ec3187	Chris Buechler	'Authentication port',
799	a0165602	Sjon Hortensius	'number',
800	df5d8616	Stephen Beaver	$pconfig['radius_auth_port']
801	a0165602	Sjon Hortensius	));
802
803			$section->addInput(new Form_Input(
804			'radius_acct_port',
805	df5d8616	Stephen Beaver	'Accounting port',
806	a0165602	Sjon Hortensius	'number',
807			$pconfig['radius_acct_port']
808			));
809
810			$section->addInput(new Form_Input(
811			'radius_timeout',
812			'Authentication Timeout',
813			'number',
814			$pconfig['radius_timeout']
815			))->setHelp('This value controls how long, in seconds, that the RADIUS '.
816			'server may take to respond to an authentication request. If left blank, the '.
817	89140b63	NOYB	'default value is 5 seconds. NOTE: If using an interactive two-factor '.
818	a0165602	Sjon Hortensius	'authentication system, increase this timeout to account for how long it will '.
819			'take the user to receive and enter a token.');
820
821	f15fdef3	Augustin FL	$section->addInput(new Form_Select(
822			'radius_nasip_attribute',
823			'RADIUS NAS IP Attribute',
824			$pconfig['radius_nasip_attribute'],
825			build_radiusnas_list()
826			))->setHelp('Enter the IP to use for the "NAS-IP-Address" attribute during RADIUS Acccess-Requests.<br />'.
827			'Please note that this choice won\'t change the interface used for contacting the RADIUS server.');
828
829	a0165602	Sjon Hortensius	if (isset($id) && $a_server[$id])
830			{
831			$section->addInput(new Form_Input(
832			'id',
833			null,
834			'hidden',
835			$id
836			));
837	6306b5dd	Ermal Lu?i	}
838	a0165602	Sjon Hortensius
839			$form->add($section);
840	098604d3	Stephen Beaver
841			// Create a largely empty modal to show the available containers. We will populate it via AJAX later
842			$modal = new Modal("LDAP containers", "containers", true);
843
844			$form->add($modal);
845
846	a0165602	Sjon Hortensius	print $form;
847	ac9d8bed	Stephen Beaver	?>
848	8fd9052f	Colin Fleming	<script type="text/javascript">
849	ac9d8bed	Stephen Beaver	//<![CDATA[
850	098604d3	Stephen Beaver	events.push(function() {
851
852			// Create an AJAX request (to this page) to get the container list and controls
853	501efbd2	Stephen Beaver	function select_clicked() {
854			if (document.getElementById("ldap_port").value == '' \|\|
855	7b4b0ad3	Stephen Beaver	document.getElementById("ldap_host").value == '' \|\|
856			document.getElementById("ldap_scope").value == '' \|\|
857			document.getElementById("ldap_basedn").value == '' \|\|
858			document.getElementById("ldapauthcontainers").value == '') {
859	501efbd2	Stephen Beaver	alert("<?=gettext("Please fill the required values.");?>");
860			return;
861			}
862	7b4b0ad3	Stephen Beaver
863	501efbd2	Stephen Beaver	if (!document.getElementById("ldap_anon").checked) {
864			if (document.getElementById("ldap_binddn").value == '' \|\|
865	7b4b0ad3	Stephen Beaver	document.getElementById("ldap_bindpw").value == '') {
866	501efbd2	Stephen Beaver	alert("<?=gettext("Please fill the bind username/password.");?>");
867			return;
868			}
869			}
870	098604d3	Stephen Beaver
871			var ajaxRequest;
872			var authserver = $('#authmode').val();
873			var cert;
874
875			<?php if (count($a_ca) > 0): ?>
876			cert = $('#ldap_caref').val();
877			<?php else: ?>
878			cert = '';
879			<?php endif; ?>
880	697b1e07	Stephen Beaver	/*
881	098604d3	Stephen Beaver	$('#containers').modal('show');
882	79df3d68	Stephen Beaver	$('#serverlist').parent('div').prev('label').remove();
883			$('#serverlist').parent('div').removeClass("col-sm-10");
884			$('#serverlist').parent('div').addClass("col-sm-12");
885	697b1e07	Stephen Beaver	*/
886	098604d3	Stephen Beaver	ajaxRequest = $.ajax(
887			{
888			url: "/system_authservers.php",
889			type: "post",
890			data: {
891			ajax: "ajax",
892			port: $('#ldap_port').val(),
893			host: $('#ldap_host').val(),
894			scope: $('#ldap_scope').val(),
895			basedn: $('#ldap_basedn').val(),
896			binddn: $('#ldap_binddn').val(),
897			bindpw: $('#ldap_bindpw').val(),
898			urltype:$('#ldap_urltype').val(),
899			proto: $('#ldap_protver').val(),
900			authcn: $('#ldapauthcontainers').val(),
901			cert: cert
902			}
903			}
904			);
905
906			// Deal with the results of the above ajax call
907			ajaxRequest.done(function (response, textStatus, jqXHR) {
908	697b1e07	Stephen Beaver	$('#containers').replaceWith(response);
909
910			$('#containers').modal('show');
911	098604d3	Stephen Beaver
912			// The button handler needs to be here because until the modal has been populated
913			// the controls we need to attach handlers to do not exist
914			$('#svcontbtn').prop("type", "button");
915			$('#svcontbtn').removeAttr("href");
916
917			$('#svcontbtn').click(function () {
918			var ous = $('[id^=ou]').length;
919			var i;
920
921			$('#ldapauthcontainers').val("");
922
923			for (i = 0; i < ous; i++) {
924			if ($('#ou' + i).prop("checked")) {
925			if ($('#ldapauthcontainers').val() != "") {
926			$('#ldapauthcontainers').val($('#ldapauthcontainers').val() +";");
927			}
928
929			$('#ldapauthcontainers').val($('#ldapauthcontainers').val() + $('#ou' + i).val());
930			}
931			}
932
933			$('#containers').modal('hide');
934			});
935			});
936
937	501efbd2	Stephen Beaver	}
938	7b4b0ad3	Stephen Beaver
939	f3a43095	Stephen Beaver	function set_ldap_port() {
940	d672403c	derelict-pf	if ($('#ldap_urltype').find(":selected").index() == 2)
941	7b4b0ad3	Stephen Beaver	$('#ldap_port').val('636');
942	d672403c	derelict-pf	else
943			$('#ldap_port').val('389');
944	7b4b0ad3	Stephen Beaver	}
945
946	153c3aa6	Phil Davis	function set_required_port_fields() {
947			if (document.getElementById("radius_srvcs").value == 'auth') {
948			setRequired('radius_auth_port', true);
949			setRequired('radius_acct_port', false);
950			} else if (document.getElementById("radius_srvcs").value == 'acct') {
951			setRequired('radius_auth_port', false);
952			setRequired('radius_acct_port', true);
953			} else { // both
954			setRequired('radius_auth_port', true);
955			setRequired('radius_acct_port', true);
956			}
957			}
958
959	7b4b0ad3	Stephen Beaver	// Hides all elements of the specified class. This will usually be a section
960			function hideClass(s_class, hide) {
961	9d3e8723	Phil Davis	if (hide)
962	7b4b0ad3	Stephen Beaver	$('.' + s_class).hide();
963			else
964			$('.' + s_class).show();
965	f3a43095	Stephen Beaver	}
966	7b4b0ad3	Stephen Beaver
967	ac9d8bed	Stephen Beaver	function ldap_tmplchange() {
968			switch ($('#ldap_tmpltype').find(":selected").index()) {
969			<?php
970			$index = 0;
971			foreach ($ldap_templates as $tmpldata):
972			?>
973			case <?=$index;?>:
974			$('#ldap_attr_user').val("<?=$tmpldata['attr_user'];?>");
975			$('#ldap_attr_group').val("<?=$tmpldata['attr_group'];?>");
976			$('#ldap_attr_member').val("<?=$tmpldata['attr_member'];?>");
977			break;
978			<?php
979			$index++;
980			endforeach;
981			?>
982			}
983			}
984	a0165602	Sjon Hortensius
985	eef93144	Jared Dillard	// ---------- On initial page load ------------------------------------------------------------
986	782922c2	Stephen Beaver
987	c4302457	Stephen Beaver	<?php if ($act != 'edit') : ?>
988	ac9d8bed	Stephen Beaver	ldap_tmplchange();
989	c4302457	Stephen Beaver	<?php endif; ?>
990
991	b0909f2e	Stephen Beaver	hideClass('ldapanon', $('#ldap_anon').prop('checked'));
992	e39a41e9	Stephen Beaver	hideClass('extended', !$('#ldap_extended_enabled').prop('checked'));
993	153c3aa6	Phil Davis	set_required_port_fields();
994	7b4b0ad3	Stephen Beaver
995	9d3e8723	Phil Davis	if ($('#ldap_port').val() == "")
996	f3a43095	Stephen Beaver	set_ldap_port();
997	ac9d8bed	Stephen Beaver
998	ea342b0f	Stephen Beaver	<?php
999	9d3e8723	Phil Davis	if ($act == 'edit') {
1000	ea342b0f	Stephen Beaver	?>
1001	6157f724	Stephen Beaver	$('#type option:not(:selected)').each(function(){
1002	7b4b0ad3	Stephen Beaver	$(this).attr('disabled', 'disabled');
1003	6157f724	Stephen Beaver	});
1004	7b4b0ad3	Stephen Beaver
1005	2138c41b	Stephen Beaver	<?php
1006	9d3e8723	Phil Davis	if (!$input_errors) {
1007	7b4b0ad3	Stephen Beaver	?>
1008	6157f724	Stephen Beaver	$('#name').prop("readonly", true);
1009	ea342b0f	Stephen Beaver	<?php
1010	2138c41b	Stephen Beaver	}
1011	ea342b0f	Stephen Beaver	}
1012			?>
1013	eef93144	Jared Dillard	// ---------- Click checkbox handlers ---------------------------------------------------------
1014	782922c2	Stephen Beaver
1015	ac9d8bed	Stephen Beaver	$('#ldap_tmpltype').on('change', function() {
1016			ldap_tmplchange();
1017			});
1018	b0909f2e	Stephen Beaver
1019	7b4b0ad3	Stephen Beaver	$('#ldap_anon').click(function () {
1020			hideClass('ldapanon', this.checked);
1021			});
1022
1023	f3a43095	Stephen Beaver	$('#ldap_urltype').on('change', function() {
1024			set_ldap_port();
1025	7b4b0ad3	Stephen Beaver	});
1026
1027			$('#Select').click(function () {
1028			select_clicked();
1029			});
1030	504bd882	Stephen Beaver
1031	e39a41e9	Stephen Beaver	$('#ldap_extended_enabled').click(function () {
1032			hideClass('extended', !this.checked);
1033			});
1034	504bd882	Stephen Beaver
1035	153c3aa6	Phil Davis	$('#radius_srvcs').on('change', function() {
1036			set_required_port_fields();
1037			});
1038
1039	ac9d8bed	Stephen Beaver	});
1040			//]]>
1041			</script>
1042			<?php
1043	81ec3187	Chris Buechler	include("foot.inc");

Project

General

Profile

pfSense