From 5f15ee93f79af5af0ee064ffdb5c03f2af14ee3a Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 18 Apr 2012 22:28:17 +0200 Subject: Unauthenticate binds; LDAP server defaults to ldap://127.0.0.1:389. --- README | 3 ++- fripost-adduser | 23 +++++++++++------------ fripost-newalias | 21 ++++++++++----------- fripost-newdomain | 23 +++++++++++------------ fripost-passwd | 23 +++++++++++------------ fripost.yml.template | 2 +- lib/Fripost/Schema.pm | 20 +++++++++++++++++--- 7 files changed, 63 insertions(+), 52 deletions(-) diff --git a/README b/README index 14c5af2..a282f3e 100644 --- a/README +++ b/README @@ -10,7 +10,8 @@ skangas@skangas.se Read installation file INSTALL and follow those instructions. -Copy file fripost.yml.template to ~/.fripost.yml, edit it and add the following +Copy file fripost.yml.template to ~/.fripost.yml, edit it, chmod 600 it, and +add the following: bind_dn: bind_pw: diff --git a/fripost-adduser b/fripost-adduser index f509e49..a785f07 100755 --- a/fripost-adduser +++ b/fripost-adduser @@ -82,8 +82,7 @@ Valid keys include: =item I -The LDAP URI to connect to. It has to be set, either in the -configuration file, or using the command line option B<--server_host>. +The LDAP URI to connect to. Defaults to C. =item I @@ -133,16 +132,16 @@ use YAML::Syck; our $conf = LoadFile( catfile ($HOME, '.fripost.yml') ); GetOptions( - 'server_host' => \$conf->{server_host}, - 'base_dn=s' => \$conf->{base_dn}, - 'bind_dn=s' => \$conf->{bind_dn}, - 'bind_pw=s' => \$conf->{bind_pw}, - 'pretend' => \$conf->{pretend}, - 'debug' => \$conf->{debug}, - 'v|verbose' => \$conf->{verbose}, - 'password=s' => \$conf->{password}, - 'man' => sub { pod2usage(-exitstatus => 0, - -verbose => 2) } + 'server_host=s' => \$conf->{server_host}, + 'base_dn=s' => \$conf->{base_dn}, + 'bind_dn=s' => \$conf->{bind_dn}, + 'bind_pw=s' => \$conf->{bind_pw}, + 'pretend' => \$conf->{pretend}, + 'debug' => \$conf->{debug}, + 'v|verbose' => \$conf->{verbose}, + 'password=s' => \$conf->{password}, + 'man' => sub { pod2usage(-exitstatus => 0, + -verbose => 2) } ) or pod2usage(2); sub dsay { say STDERR @_ if $conf->{debug}; } diff --git a/fripost-newalias b/fripost-newalias index b638e06..075c43a 100755 --- a/fripost-newalias +++ b/fripost-newalias @@ -72,8 +72,7 @@ Valid keys include: =item I -The LDAP URI to connect to. It has to be set, either in the -configuration file, or using the command line option B<--server_host>. +The LDAP URI to connect to. Defaults to C. =item I @@ -123,15 +122,15 @@ use YAML::Syck; our $conf = LoadFile( catfile ($HOME, '.fripost.yml') ); GetOptions( - 'server_host' => \$conf->{server_host}, - 'base_dn=s' => \$conf->{base_dn}, - 'bind_dn=s' => \$conf->{bind_dn}, - 'bind_pw=s' => \$conf->{bind_pw}, - 'pretend' => \$conf->{pretend}, - 'debug' => \$conf->{debug}, - 'v|verbose' => \$conf->{verbose}, - 'man' => sub { pod2usage(-exitstatus => 0, - -verbose => 2) } + 'server_host=s' => \$conf->{server_host}, + 'base_dn=s' => \$conf->{base_dn}, + 'bind_dn=s' => \$conf->{bind_dn}, + 'bind_pw=s' => \$conf->{bind_pw}, + 'pretend' => \$conf->{pretend}, + 'debug' => \$conf->{debug}, + 'v|verbose' => \$conf->{verbose}, + 'man' => sub { pod2usage(-exitstatus => 0, + -verbose => 2) } ) or pod2usage(2); sub vsay { say STDERR @_ if $conf->{verbose} || $conf->{debug}; } diff --git a/fripost-newdomain b/fripost-newdomain index 0e1cb37..3c877e5 100755 --- a/fripost-newdomain +++ b/fripost-newdomain @@ -83,8 +83,7 @@ Valid keys include: =item I -The LDAP URI to connect to. It has to be set, either in the -configuration file, or using the command line option B<--server_host>. +The LDAP URI to connect to. Defaults to C. =item I @@ -125,16 +124,16 @@ use YAML::Syck; our $conf = LoadFile( catfile ($HOME, '.fripost.yml') ); GetOptions( - 'server_host' => \$conf->{server_host}, - 'base_dn=s' => \$conf->{base_dn}, - 'bind_dn=s' => \$conf->{bind_dn}, - 'bind_pw=s' => \$conf->{bind_pw}, - 'pretend' => \$conf->{pretend}, - 'owner=s' => \$conf->{owner}, - 'debug' => \$conf->{debug}, - 'v|verbose' => \$conf->{verbose}, - 'man' => sub { pod2usage(-exitstatus => 0, - -verbose => 2) } + 'server_host=s' => \$conf->{server_host}, + 'base_dn=s' => \$conf->{base_dn}, + 'bind_dn=s' => \$conf->{bind_dn}, + 'bind_pw=s' => \$conf->{bind_pw}, + 'pretend' => \$conf->{pretend}, + 'owner=s' => \$conf->{owner}, + 'debug' => \$conf->{debug}, + 'v|verbose' => \$conf->{verbose}, + 'man' => sub { pod2usage(-exitstatus => 0, + -verbose => 2) } ) or pod2usage(2); sub vsay { say STDERR @_ if $conf->{verbose} || $conf->{debug}; } diff --git a/fripost-passwd b/fripost-passwd index d6abe3f..f508e9d 100755 --- a/fripost-passwd +++ b/fripost-passwd @@ -41,8 +41,7 @@ only a hash, for example. =item B<--server_host=>I -The LDAP URI to connect to. -The default value is read from the configuration file, see B. +The LDAP URI to connect to. Defaults to C. =item B<--bind_dn=>I @@ -118,16 +117,16 @@ use YAML::Syck; our $conf = LoadFile( catfile ($HOME, '.fripost.yml') ); GetOptions( - 'server_host' => \$conf->{server_host}, - 'base_dn=s' => \$conf->{base_dn}, - 'bind_dn=s' => \$conf->{bind_dn}, - 'bind_pw=s' => \$conf->{bind_pw}, - 'pretend' => \$conf->{pretend}, - 'debug' => \$conf->{debug}, - 'v|verbose' => \$conf->{verbose}, - 'password=s' => \$conf->{password}, - 'man' => sub { pod2usage(-exitstatus => 0, - -verbose => 2) } + 'server_host=s' => \$conf->{server_host}, + 'base_dn=s' => \$conf->{base_dn}, + 'bind_dn=s' => \$conf->{bind_dn}, + 'bind_pw=s' => \$conf->{bind_pw}, + 'pretend' => \$conf->{pretend}, + 'debug' => \$conf->{debug}, + 'v|verbose' => \$conf->{verbose}, + 'password=s' => \$conf->{password}, + 'man' => sub { pod2usage(-exitstatus => 0, + -verbose => 2) } ) or pod2usage(2); sub vsay { say STDERR @_ if $conf->{verbose} || $conf->{debug}; } diff --git a/fripost.yml.template b/fripost.yml.template index f278790..7d3ac6c 100644 --- a/fripost.yml.template +++ b/fripost.yml.template @@ -1,5 +1,5 @@ # fripost.yml -- defaults for fripost administrative scripts -# To be moved to ~/.fripost.yml +# To be moved to ~/.fripost.yml and chmod'ed to 600 --- server_host: ldap://127.0.0.1:389 admin_email: admin@fripost.org diff --git a/lib/Fripost/Schema.pm b/lib/Fripost/Schema.pm index 14caccd..6a92be7 100755 --- a/lib/Fripost/Schema.pm +++ b/lib/Fripost/Schema.pm @@ -30,16 +30,30 @@ sub new { my $class = shift; my $h = shift; + $h->{server_host} //= 'ldap://127.0.0.1:389'; + $h->{base_dn} //= ''; + my $self = {_options => $h}; bless $self, $class; my $ldap = Net::LDAP->new ( $h->{server_host} ) - or die "Error: Cannot initialize connection to LDAP server.\n"; + or die "Error: Cannot initialize connection to LDAP server at `" + .$h->{server_host}. "'.\n"; my $mesg; if ( (defined $h->{bind_dn}) and $h->{bind_dn} ne '' ) { - $self->_dsay( "Binding to DN `" .$h->{bind_dn}. "'." ); - $mesg = $ldap->bind( $h->{bind_dn}, password => $h->{bind_pw} ); + my %bind; + my $debug = "Binding to DN `" .$h->{bind_dn}. "'"; + if (defined $h->{bind_pw}) { + $debug .= " (authenticated)."; + $bind{password} = $h->{bind_pw}; + } + else { + $debug .= " (unauthenticated)."; + $bind{noauth} = 1; + } + $self->_dsay( $debug ); + $mesg = $ldap->bind( $h->{bind_dn}, %bind ); } else { # Anonymous bind -- cgit v1.2.3