xaizek / rocketgit (License: AGPLv3+) (since 2018-12-09)
Light and fast Git hosting solution suitable to serve both as a hub or as a personal code storage with its tickets, pull requests, API and much more.
Clone URLs: https://code.reversed.top/user/xaizek/rocketgit ssh://rocketgit@code.reversed.top/user/xaizek/rocketgit
v0.0 v0.1 v0.10 v0.11 v0.12 v0.13 v0.14 v0.15 v0.17 v0.18 v0.19 v0.2 v0.20 v0.21 v0.22 v0.23 v0.24 v0.25 v0.27 v0.28 v0.29 v0.31 v0.32 v0.33 v0.34 v0.35 v0.36 v0.38 v0.39 v0.40 v0.41 v0.42 v0.43 v0.44 v0.45 v0.46 v0.47 v0.48 v0.49 v0.50 v0.51 v0.52 v0.53 v0.54 v0.55 v0.56 v0.57 v0.58 v0.60 v0.61 v0.62 v0.63 v0.64 v0.65 v0.66 v0.67 v0.68 v0.69 v0.70 local master
Commit 89e6848701e4c27d0f089393c7591302c45c57d4

ldap changes
Author: Catalin(ux) M. BOIE
Author date (UTC): 2018-08-29 21:35
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2018-08-29 21:35
Parent(s): 8a5b003845f54d2771beaec7b14b96b2029ee9db
Signing key:
Tree: d92f3b16d0179795a0856836656dcbe35e676b3a
File Lines added Lines deleted
inc/ldap.inc.php 4 2
inc/ldap_sync.inc.php 6 5
inc/struct.inc.php 0 1
tests/ldap.php 102 10
tests/ldap/conf.tmpl/cn=config.ldif 5 8
File inc/ldap.inc.php changed (mode: 100644) (index cd53f91..7336784)
... ... function rg_ldap_add($db, $who, $data)
128 128 . ', url, bind_dn, bind_pass, user_base' . ', url, bind_dn, bind_pass, user_base'
129 129 . ', uid_attr, filter, group_base, group_attr' . ', uid_attr, filter, group_base, group_attr'
130 130 . ', group_filter, admin_group, ca_cert' . ', group_filter, admin_group, ca_cert'
131 . ', prio, session_time, timeout)'
131 . ', prio, session_time, timeout, plan_id)'
132 132 . ' VALUES (@@itime@@, @@who@@, @@name@@' . ' VALUES (@@itime@@, @@who@@, @@name@@'
133 133 . ', @@url@@, @@bind_dn@@, @@bind_pass@@' . ', @@url@@, @@bind_dn@@, @@bind_pass@@'
134 134 . ', @@user_base@@, @@uid_attr@@, @@filter@@' . ', @@user_base@@, @@uid_attr@@, @@filter@@'
135 135 . ', @@group_base@@, @@group_attr@@' . ', @@group_base@@, @@group_attr@@'
136 136 . ', @@group_filter@@, @@admin_group@@' . ', @@group_filter@@, @@admin_group@@'
137 . ', @@ca_cert@@, @@prio@@, @@session_time@@)'
137 . ', @@ca_cert@@, @@prio@@, @@session_time@@'
138 . ', @@timeout@@, @@plan_id@@)'
138 139 . ' RETURNING id'; . ' RETURNING id';
139 140 } else { } else {
140 141 $sql = 'UPDATE ldap_servers' $sql = 'UPDATE ldap_servers'
 
... ... function rg_ldap_add($db, $who, $data)
155 156 . ', prio = @@prio@@' . ', prio = @@prio@@'
156 157 . ', session_time = @@session_time@@' . ', session_time = @@session_time@@'
157 158 . ', timeout = @@timeout@@' . ', timeout = @@timeout@@'
159 . ', plan_id = @@plan_id@@'
158 160 . ' WHERE id = @@id@@'; . ' WHERE id = @@id@@';
159 161 } }
160 162
File inc/ldap_sync.inc.php changed (mode: 100644) (index c3b86e4..3c220f4)
... ... function rg_ldap_sync_get_cache($db, $v)
14 14 $ret = array('ok' => 0); $ret = array('ok' => 0);
15 15 while (1) { while (1) {
16 16 $params = array('v' => $v); $params = array('v' => $v);
17 $sql = 'SELECT * FROM ldap_cache'
18 . ' WHERE mail = @@v@@'
17 $sql = 'SELECT a.* FROM ldap_cache AS a, ldap_servers AS b'
18 . ' WHERE a.server_id = b.id'
19 . ' AND (mail = @@v@@'
19 20 . ' OR ldap_uid = @@v@@' . ' OR ldap_uid = @@v@@'
20 . ' OR cn = @@v@@'
21 . ' ORDER BY prio';
21 . ' OR cn = @@v@@)'
22 . ' ORDER BY b.prio';
22 23 $res = rg_sql_query_params($db, $sql, $params); $res = rg_sql_query_params($db, $sql, $params);
23 24 if ($res === FALSE) { if ($res === FALSE) {
24 25 $ret['errmsg'] = 'cannot select from cache'; $ret['errmsg'] = 'cannot select from cache';
 
... ... function rg_ldap_sync_cb_error($index, &$info, $msg)
354 355 function rg_ldap_sync_ro($db, $data) function rg_ldap_sync_ro($db, $data)
355 356 { {
356 357 // TODO: move this in the higher level part // TODO: move this in the higher level part
357 // Load the list of servers in decreasing priority order
358 // Load the list of servers in decreasing priority order (increasing numeric)
358 359 // because we want the best one to overwrite the lower priority ones. // because we want the best one to overwrite the lower priority ones.
359 360
360 361 // Hm! Have a problem: sync_rp with multiple servers! // Hm! Have a problem: sync_rp with multiple servers!
File inc/struct.inc.php changed (mode: 100644) (index 5d4a443..f826798)
... ... $rg_sql_struct[44]['table'] = array(
636 636 . ", cn TEXT NOT NULL" . ", cn TEXT NOT NULL"
637 637 . ", shadow_expire INTEGER NOT NULL" . ", shadow_expire INTEGER NOT NULL"
638 638 . ", uid_number INTEGER NOT NULL" . ", uid_number INTEGER NOT NULL"
639 . ", prio INTEGER NOT NULL"
640 639 . ")" . ")"
641 640 ); );
642 641 $rg_sql_struct[44]['other'] = array( $rg_sql_struct[44]['other'] = array(
File tests/ldap.php changed (mode: 100644) (index 1ef98fe..275349a)
... ... function rg_ldap_start_server(&$l)
32 32 $r = @unlink($prep); $r = @unlink($prep);
33 33 rg_log('unlinking prep.done returned ' . ($r === FALSE ? 'false' : 'true')); rg_log('unlinking prep.done returned ' . ($r === FALSE ? 'false' : 'true'));
34 34
35 $log = __DIR__ . '/ldap-' . $l['rg_ldap_port'] . '.log';
35 $log = __DIR__ . '/ldap-' . $l['rg_ldap_port'];
36 36
37 37 $pid = pcntl_fork(); $pid = pcntl_fork();
38 38 if ($pid == 0) { // child if ($pid == 0) { // child
 
... ... function rg_ldap_start_server(&$l)
40 40 rg_log($k . '=' . $v); rg_log($k . '=' . $v);
41 41 putenv($k . '=' . $v); putenv($k . '=' . $v);
42 42 } }
43 rg_exec('cd ldap && sh start.sh &> ' . $log, '', FALSE, FALSE);
44
45 $log = '../ldap-' . $l['rg_ldap_port'] . 'prep.log';
46 rg_exec('cd ldap && sh prepare.sh &> ' . $log, '', FALSE, FALSE);
43 rg_exec('cd ldap && bash -x start.sh &> ' . $log . '.log', '', FALSE, FALSE);
44 rg_exec('cd ldap && bash -x prepare.sh &> ' . $log . '.prep.log', '', FALSE, FALSE);
47 45 exit(0); exit(0);
48 46 } }
49 47
 
... ... function rg_ldap_start_server(&$l)
71 69
72 70 function clean($log) function clean($log)
73 71 { {
74 rg_log('Cleaning processes attached to file ' . $log . '...');
75 $r = rg_exec('fuser -k -v -9 ' . escapeshellarg($log), '', FALSE, FALSE);
72 rg_log('Cleaning processes attached to file ' . $log . '.log...');
73 $r = rg_exec('fuser -k -v -9 ' . escapeshellarg($log . '.log'), '', FALSE, FALSE);
76 74 rg_log_ml('fuser returned: ' . print_r($r, TRUE)); rg_log_ml('fuser returned: ' . print_r($r, TRUE));
77 75 } }
78 76
 
... ... $data = array(
174 172 'ldap::ca_cert' => '' 'ldap::ca_cert' => ''
175 173 ); );
176 174 $r = do_req($test_url . '/op/admin/ldap/add', $data, $headers); $r = do_req($test_url . '/op/admin/ldap/add', $data, $headers);
177 if (!strstr($r['body'], 'Configuration has been successfully saved.')) {
178 rg_log_ml('r: ' . print_r($r, TRUE));
179 rg_log('Cannot post form (expected answer missing)!');
175 if (!strstr($r['body'], 'LDAP server has been successfully added/edited.')) {
176 rg_log_ml('body: ' . $r['body']);
177 rg_log('Success message not found!');
180 178 exit(1); exit(1);
181 179 } }
182 180 rg_log_exit(); rg_log_exit();
 
... ... if ($r === FALSE) {
458 456 rg_log_exit(); rg_log_exit();
459 457
460 458
459 rg_log('');
460 rg_log_enter('Loading Admin -> LDAP -> List -> [Edit]...');
461 $data = array();
462 $headers = array();
463 $r = do_req($test_url . '/op/admin/ldap/edit/' . $id, $data, $headers);
464 if ($r === FALSE) {
465 rg_log('Cannot load edit page!');
466 exit(1);
467 }
468 $token = $r['tokens']['ldap_add'];
469 rg_log_exit();
470
471 rg_log('');
472 rg_log_enter('Posting new data...');
473 $data = array(
474 'doit' => 1,
475 'token' => $token,
476 'ldap::id' => $id,
477 'ldap::plan_id' => 9,
478 'ldap::prio' => 11,
479 'ldap::session_time' => 700,
480 'ldap::name' => $name . '<xss>',
481 'ldap::url' => 'ldaps://' . $bind_addr . ':' . $bind_port,
482 'ldap::bind_dn' => 'binddn',
483 'ldap::bind_pass' => 'bind_pass',
484 'ldap::user_base' => 'o=a,dc=my-domain,dc=com',
485 'ldap::uid_attr' => 'uid2',
486 'ldap::filter' => 'memberOf=cn=groupX,ou=Group,dc=my-domain,dc=com',
487 'ldap::group_base' => 'o=b,dc=my-domain,dc=com',
488 'ldap::group_attr' => 'memberOfNot',
489 'ldap::group_filter' => 'group_filter',
490 'ldap::admin_group' => 'cn=(Admins4|Admins5),ou=Group,dc=my-domain,dc=com',
491 'ldap::timeout' => 13,
492 'ldap::ca_cert' => 'ca_cert'
493 );
494 $headers = array();
495 $r = do_req($test_url . '/op/admin/ldap/add', $data, $headers);
496 if ($r === FALSE) {
497 rg_log('Cannot load edit page!');
498 exit(1);
499 }
500 if (!strstr($r['body'], 'LDAP server has been successfully added/edited.')) {
501 rg_log_ml('body: ' . $r['body']);
502 rg_log('Success message not found!');
503 exit(1);
504 }
505 $sql = 'SELECT * FROM ldap_servers WHERE id = ' . $id;
506 $res = rg_sql_query($db, $sql);
507 $row = rg_sql_fetch_array($res);
508 rg_sql_free_result($res);
509 $key = 'ldap::list::' . $id;
510 rg_cache_core_unset($key); // else we will get previous copy!
511 $c = rg_cache_get($key);
512 foreach ($data as $k => $v) {
513 // ignore some fields
514 if (strncmp($k, 'ldap::', 6) != 0)
515 continue;
516
517 $k = substr($k, 6);
518
519 if (!isset($row[$k])) {
520 rg_log('Field [' . $k . '] was not found in db!');
521 exit(1);
522 }
523 if (strcmp($row[$k], $v) != 0) {
524 rg_log('Field [' . $k . '] seems was missed in edit (db)!');
525 rg_log('db=' . $row[$k] . ' sent=' . $v);
526 exit(1);
527 }
528
529 if (!isset($c[$k])) {
530 rg_log('Field [' . $k . '] was not found in cache!');
531 exit(1);
532 }
533 if (strcmp($c[$k], $v) != 0) {
534 rg_log('Field [' . $k . '] seems was missed in edit (cache)!');
535 rg_log('cache=' . $c[$k] . ' sent=' . $v);
536 exit(1);
537 }
538 }
539 // Testing if all fields in the database were updated
540 unset($row['itime']);
541 unset($row['who']);
542 unset($row['csn']);
543 foreach ($row as $k => $v) {
544 if (isset($data['ldap::' . $k]))
545 continue;
546
547 rg_log('Field [' . $k . '] was missing from the http update!');
548 exit(1);
549 }
550 rg_log_exit();
551
552
461 553 rg_log(''); rg_log('');
462 554 rg_log_enter('Loading Admin -> LDAP -> List (for delete)...'); rg_log_enter('Loading Admin -> LDAP -> List (for delete)...');
463 555 $data = array(); $data = array();
File tests/ldap/conf.tmpl/cn=config.ldif changed (mode: 100644) (index b94de2c..2ed641a)
1 1 # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify. # AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.
2 # CRC32 3db1ba94
2 # CRC32 5538b741
3 3 dn: cn=config dn: cn=config
4 4 objectClass: olcGlobal objectClass: olcGlobal
5 5 cn: config cn: config
6 olcTLSCACertificatePath: /etc/openldap/certs
7 olcTLSCertificateFile: "OpenLDAP Server"
8 olcTLSCertificateKeyFile: /etc/openldap/certs/password
9 6 structuralObjectClass: olcGlobal structuralObjectClass: olcGlobal
10 entryUUID: 38c4c7ce-fc43-1036-9074-ebf5d4043f34
7 entryUUID: f11ae3a4-3daf-1038-8a81-e3d1105fb9ef
11 8 creatorsName: cn=config creatorsName: cn=config
12 createTimestamp: 20170713181706Z
13 entryCSN: 20170713181706.279712Z#000000#000#000000
9 createTimestamp: 20180826191404Z
10 entryCSN: 20180826191404.443395Z#000000#000#000000
14 11 modifiersName: cn=config modifiersName: cn=config
15 modifyTimestamp: 20170713181706Z
12 modifyTimestamp: 20180826191404Z
Hints
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://code.reversed.top/user/xaizek/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@code.reversed.top/user/xaizek/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a pull request:
... clone the repository ...
... make some changes and some commits ...
git push origin master