DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2025-03-05 20:52:15 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Clean up errors, add new required package to Dockerfile

Browse source
This commit is contained in:
Brady Wetherington 2021-08-30 11:56:19 -07:00
parent 312a90ce77
commit b96303cb38
2 changed files with 19 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Dockerfile
View file

@ -41,6 +41,7 @@ libmcrypt-dev \
php7.4-dev \ php7.4-dev \
ca-certificates \ ca-certificates \
unzip \ unzip \
dnsutils \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

22
app/Console/Commands/LdapTroubleshooter.php
View file

@ -36,7 +36,7 @@ class LdapTroubleshooter extends Command
protected $signature = 'ldap:troubleshoot protected $signature = 'ldap:troubleshoot
{--ldap-search : Output an ldapsearch command-line for testing your LDAP config} {--ldap-search : Output an ldapsearch command-line for testing your LDAP config}
{--force : Skip the interactive yes/no prompt for confirmation} {--force : Skip the interactive yes/no prompt for confirmation}
{--debug : Include debuggin output (verbose)}'; {--debug : Include debugging output (verbose)}';
/** /**
* The console command description. * The console command description.
@ -74,7 +74,9 @@ class LdapTroubleshooter extends Command
*/ */
public function handle() public function handle()
{ {
if($this->option('debug')) {
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7); ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
}
$settings = Setting::getSettings(); $settings = Setting::getSettings();
if($this->option('ldap-search')) { if($this->option('ldap-search')) {
@ -90,6 +92,10 @@ class LdapTroubleshooter extends Command
$this->line("# Ignoring server certificate validity"); $this->line("# Ignoring server certificate validity");
$output[] = "LDAPTLS_REQCERT=never"; $output[] = "LDAPTLS_REQCERT=never";
} }
if($settings->ldap_client_tls_cert && $settings->ldap_client_tls_key) {
$output[] = "LDAPTLS_CERT=storage/ldap_client_tls.cert";
$output[] = "LDAPTLS_KEY=storage/ldap_client_tls.key";
}
$output[] = "ldapsearch"; $output[] = "ldapsearch";
$output[] = $settings->ldap_server; $output[] = $settings->ldap_server;
$output[] = "-x"; $output[] = "-x";
@ -291,10 +297,10 @@ class LdapTroubleshooter extends Command
foreach($row AS $key => $val ) { foreach($row AS $key => $val ) {
print("Key is: ".$key); print("Key is: ".$key);
if($key == "count" || is_int($key) || $key == "dn") { if($key == "count" || is_int($key) || $key == "dn") {
print(" and we're gonna skip it\n"); $this->debugout(" and we're gonna skip it\n");
continue; continue;
} }
print(" And that seems fine.\n"); $this->debugout(" And that seems fine.\n");
if(array_key_exists('count',$val)) { if(array_key_exists('count',$val)) {
if($val['count'] == 1) { if($val['count'] == 1) {
$clean_row[$key] = $val[0]; $clean_row[$key] = $val[0];
@ -318,8 +324,7 @@ class LdapTroubleshooter extends Command
} }
return $cleaned; return $cleaned;
}; };
print_r($cleaner($results)); $this->debugout(print_r($cleaner($results),true));
exit(99);
$search_results = ldap_search($conn,$settings->base_dn,$settings->filter); $search_results = ldap_search($conn,$settings->base_dn,$settings->filter);
} }
@ -341,7 +346,7 @@ class LdapTroubleshooter extends Command
$this->info("LDAP TROUBLESHOOTING COMPLETE!"); $this->info("LDAP TROUBLESHOOTING COMPLETE!");
} }
public function connect_to_ldap($ldap_url, $check_cert, $start_tls) public function connect_to_ldap($ldap_url, $check_cert, $start_tls, $settings)
{ {
$lconn = ldap_connect($ldap_url); $lconn = ldap_connect($ldap_url);
ldap_set_option($lconn, LDAP_OPT_PROTOCOL_VERSION, 3); // should we 'test' different protocol versions here? Does anyone even use anything other than LDAPv3? ldap_set_option($lconn, LDAP_OPT_PROTOCOL_VERSION, 3); // should we 'test' different protocol versions here? Does anyone even use anything other than LDAPv3?
@ -351,6 +356,11 @@ class LdapTroubleshooter extends Command
} else { } else {
putenv('LDAPTLS_REQCERT'); // have to very explicitly and manually *UN* set the env var here to ensure it works putenv('LDAPTLS_REQCERT'); // have to very explicitly and manually *UN* set the env var here to ensure it works
} }
if($settings->ldap_client_tls_cert && $settings->ldap_client_tls_key) {
// client-side TLS certificate support for LDAP (Google Secure LDAP)
putenv('LDAPTLS_CERT=storage/ldap_client_tls.cert');
putenv('LDAPTLS_KEY=storage/ldap_client_tls.key');
}
if($start_tls) { if($start_tls) {
if(!ldap_start_tls($lconn)) { if(!ldap_start_tls($lconn)) {
$this->error("WARNING: Unable to start TLS"); $this->error("WARNING: Unable to start TLS");