| ID |
Date |
Author |
Author Email |
Category |
Subject |
Status |
Last Revision |
|
9
|
Wed Jul 7 18:19:10 2004 |
Steve Jones | steve.jones@freescale.com | Script | Generic Unix elogd init script | Stable | Wed Jul 7 18:19:38 2004 by Steve Jones | The elogd.init script that ships in the elog distribution is Linux centric.
This script is written to work in a generic Unix environment under 'sh' -
no frills! |
| Attachment 1: elogd.init
|
#!/bin/sh
# description: Start elog
# elog can have multiple instances run on the same server, pointing to different logbook areas. This start
# script should be run from the root of each different elog area.
ELOGD="/_TOOLS_/dist/gnu-elog-2.5.3/sparc-sun-solaris2.8/bin/elogd"
ELOGDIR="/proj/sysadmin/ess/www/elog"
HOSTNAME=`hostname`
# Check for the config file
if [ ! -f $ELOGDIR/elogd.cfg ]; then
exit 0
fi
# See how we were called.
case "$1" in
start)
if [ -f $ELOGDIR/elogd-$HOSTNAME.pid ] ; then
pid=`cat ./elogd-$HOSTNAME.pid`
if [ -d /proc/$pid ] ; then
echo "elogd already running"
exit 1
fi
fi
####################################
# The full path *must* be specified
echo "Starting elogd: "
$ELOGD -f $ELOGDIR/elogd-$HOSTNAME.pid -c $ELOGDIR/elogd.cfg -D > /dev/null 2>&1 &
RETVAL=$?
if [ $RETVAL -eq 0 ] ; then
echo "elog started"
else
echo "Failed to start elog"
fi
echo
;;
stop)
echo ""
if [ -f $ELOGDIR/elogd-$HOSTNAME.pid ] ; then
echo "Stopping elogd: "
kill `cat $ELOGDIR/elogd-$HOSTNAME.pid`
rm -f $ELOGDIR/elogd-$HOSTNAME.pid
echo "elog stopped"
echo
else
echo "No elogd running?"
echo "Failed to start elog"
echo
fi
;;
restart|reload)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
|
|
154
|
Thu Mar 3 12:01:55 2022 |
rami khrais | rami.khrais@sesame.org.jo | Other | Fixing repeating first inline_image in email | Stable | Thu Mar 10 11:30:20 2022 by rami khrais | Fixing repeating first image in email (email notification) when the user submit a new log with in_line images. |
| Attachment 1: elogd.c
|
/********************************************************************
Name: elogd.c
Created by: Stefan Ritt
Copyright 2000 + Stefan Ritt
ELOG is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
ELOG is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
In addition, as a special exception, the copyright holders give
permission to link the code of portions of this program with the
OpenSSL library under certain conditions as described in each
individual source file, and distribute linked combinations
including the two.
You must obey the GNU General Public License in all respects
for all of the code used other than OpenSSL. If you modify
file(s) with this exception, you may extend this exception to your
version of the file(s), but you are not obligated to do so. If you
do not wish to do so, delete this exception statement from your
version. If you delete this exception statement from all source
files in the program, then also delete it here.
You should have received a copy of the GNU General Public License
along with ELOG. If not, see <http://www.gnu.org/licenses/>.
Contents: Web server program for Electronic Logbook ELOG
\********************************************************************/
#include "elogd.h"
#include "git-revision.h"
const char *_git_revision = GIT_REVISION;
BOOL running_as_daemon; /* Running as a daemon/service? */
int elog_tcp_port; /* Server's TCP port */
static void (*printf_handler)(const char *); /* Handler to printf for logging */
static void (*fputs_handler)(const char *); /* Handler to fputs for logging */
static FILE *current_output_stream = NULL; /* Currently used output stream */
char *return_buffer;
int return_buffer_size;
int strlen_retbuf;
int keep_alive;
char header_buffer[20000];
int return_length;
char host_name[256];
char referer[256];
char browser[256];
char config_file[256];
char resource_dir[256];
char logbook_dir[256];
char listen_interface[256];
char theme_name[80];
char http_host[256];
char http_user[256];
char _param[MAX_PARAM][NAME_LENGTH];
char _value[MAX_PARAM][NAME_LENGTH];
char _mtext[TEXT_SIZE];
char _cmdline[CMD_SIZE];
char *_attachment_buffer;
int _attachment_size;
int _max_content_length = MAX_CONTENT_LENGTH;
struct in_addr rem_addr;
char rem_host[256];
char rem_host_ip[256];
int _sock;
BOOL use_keepalive, enable_execute = FALSE;
BOOL ckedit_exist, image_magick_exist;
int _verbose_level, _current_message_id;
int _logging_level, _ssl_flag;
LOGBOOK *lb_list = NULL;
#define VERBOSE_URL 1
#define VERBOSE_INFO 2
#define VERBOSE_DEBUG 3
#ifdef HAVE_SSL
SSL *_ssl_con;
#endif
char *mname[] = {"January", "February", "March", "April", "May", "June", "July", "August", "September",
"October", "November", "December"
};
char attr_list[MAX_N_ATTR][NAME_LENGTH];
char attr_options[MAX_N_ATTR][MAX_N_LIST][NAME_LENGTH];
int attr_flags[MAX_N_ATTR];
char attr_list_default[][NAME_LENGTH] = {"Author", "Type", "Category", "Subject", ""};
char attr_options_default[][MAX_N_LIST][NAME_LENGTH] = {{""},
{"Routine", "Other"},
{"General", "Other"},
{""}
};
int attr_flags_default[] = {AF_REQUIRED, 0, 0, 0};
struct {
char ext[32];
char type[80];
} filetype[] = {
{
".AI", "application/postscript"},
{
".ASC", "text/plain"},
{
".BZ2", "application/x-bzip2"},
{
".CFG", "text/plain"},
{
".CHRT", "application/x-kchart"},
{
".CONF", "text/plain"},
{
".CSH", "application/x-csh"},
{
".CSS", "text/css"},
{
".DOC", "application/msword"},
{
".DVI", "application/x-dvi"},
{
".EPS", "application/postscript"},
{
".GIF", "image/gif"},
{
".GZ", "application/x-gzip"},
{
".HTM", "text/html"},
{
".HTML", "text/html"},
{
".ICO", "image/x-icon"},
{
".JPEG", "image/jpeg"},
{
".JPG", "image/jpeg"},
{
".JS", "application/x-javascript"},
{
".KPR", "application/x-kpresenter"},
{
".KSP", "application/x-kspread"},
{
".KWD", "application/x-kword"},
{
".MP3", "audio/mpeg"},
{
".OGG", "application/x-ogg"},
{
".PDF", "application/pdf"},
{
".PNG", "image/png"},
{
".PS", "application/postscript"},
{
".RAM", "audio/x-pn-realaudio"},
{
".RM", "audio/x-pn-realaudio"},
{
".RM", "audio/x-pn-realaudio"},
{
".RM", "audio/x-pn-realaudio"},
{
".RPM", "application/x-rpm"},
{
".RTF", "application/rtf"},
{
".SH", "application/x-sh"},
{
".SVG", "image/svg+xml"},
{
".TAR", "application/x-tar"},
{
".TCL", "application/x-tcl"},
{
".TEX", "application/x-tex"},
{
".TGZ", "application/x-gzip"},
{
".TIF", "image/tiff"},
{
".TIFF", "image/tiff"},
{
".TXT", "text/plain"},
{
".WAV", "audio/x-wav"},
{
".XLS", "application/x-msexcel"},
{
".XML", "text/xml"},
{
".XSL", "text/xml"},
{
".ZIP", "application/x-zip-compressed"},
{
/* Open XML file types */
".DOCM", "application/vnd.ms-word.document.macroEnabled.12"},
{
".DOCX", "application/vnd.openxmlformats-officedocument.wordprocessingml.document"},
{
".DOTM", "application/vnd.ms-word.template.macroEnabled.12"},
{
".DOTX", "application/vnd.openxmlformats-officedocument.wordprocessingml.template"},
{
".PPSM", "application/vnd.ms-powerpoint.slideshow.macroEnabled.12"},
{
".PPSX", "application/vnd.openxmlformats-officedocument.presentationml.slideshow"},
{
".PPTM", "application/vnd.ms-powerpoint.presentation.macroEnabled.12"},
{
".PPTX", "application/vnd.openxmlformats-officedocument.presentationml.presentation"},
{
".XLSB", "application/vnd.ms-excel.sheet.binary.macroEnabled.12"},
{
".XLSM", "application/vnd.ms-excel.sheet.macroEnabled.12"},
{
".XLSX", "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"},
{
".XPS", "application/vnd.ms-xpsdocument"},
{
"", ""},};
struct {
char language[32];
char abbrev[32];
} lang_table[] = {
{"brazilian", "br"},
{"bulgarian", "bg"},
{"czech", "cz"},
{"danish", "dk"},
{"dutch", "nl"},
{"french", "fr"},
{"german", "de"},
{"indonesia", "id"},
{"italian", "it"},
{"japanese", "jp"},
{"polish", "pl"},
{"ru_CP1251", "ru"},
{"slowak", "sk"},
{"spanish", "es"},
{"swedish", "se"},
{"turkish", "tr"},
{"zh_CN-GB2314", "zh"},
{"zh_CN-UTF8", "zh"},
{"", ""}
};
char _convert_cmd[256];
char _identify_cmd[256];
#ifdef OS_WINNT
int run_service(void);
#endif
#ifdef OS_UNIX
gid_t orig_gid; /* Original effective GID before dropping privilege */
uid_t orig_uid; /* Original effective UID before dropping privilege */
char pidfile[256]; /* Pidfile name */
#endif
#ifdef __CYGWIN__ /* bug in cygwin, 'timezone' not linked automatically */
long _timezone;
#endif
/*---- Funcions from the MIDAS library -----------------------------*/
#define my_toupper(_c) ( ((_c)>='a' && (_c)<='z') ? ((_c)-'a'+'A') : (_c) )
#define my_tolower(_c) ( ((_c)>='A' && (_c)<='Z') ? ((_c)-'A'+'a') : (_c) )
BOOL strieq(const char *str1, const char *str2) {
char c1, c2;
if (str1 == NULL && str2 == NULL)
return TRUE;
if (str1 == NULL || str2 == NULL)
return FALSE;
if (strlen(str1) != strlen(str2))
return FALSE;
while (*str1) {
c1 = *str1++;
c2 = *str2++;
... 30972 more lines ...
|
|
6
|
Wed Sep 17 11:43:44 2003 |
R. Beekman | rbeekman@hiscom.nl | | ELOG v2.3.9 CSS cross-reference (used for skins) | Beta | September 17, 2003 by R. Beekman | For all you guys (and girls;-) who want to add skins to ELOG, it is
important to know what will be affected if you change a style.
So I made a cross reference of styles vs. html pages.
In the attached ZIP file you will find:
--> "ELOG CSS xref.xls" (Microsoft Excel spreadsheet)
--> "ELOG CSS xref.pdf" (PDF file for those who do not have Excel)
--> A directory containing the html pages I documented and the ELOG
stylesheet (.css-file) that you need when you want to see the html files.
Images are not included: they are not needed for this purpose.
I know that not all pages are documented, but Stefan told me that there is
no complete list of all pages because they are generated. So I documented
only the pages I need at this moment.
Please feel free to mail me when you have comments, corrections or
additions. |
| Attachment 1: ELOG CSS xref.zip
|
|
28
|
Fri Mar 28 10:23:50 2008 |
svrmarty | svrmarty@gmx.net | Other | ELOG V2.7.3-2080 debian amd64 package | Stable | Fri Mar 28 10:23:55 2008 by svrmarty | |
| Attachment 1: elog_2.7.3+r2080-1_amd64.deb
|
|
3
|
Fri Jun 6 18:32:14 2003 |
Tomas Rudolf | tomas@mba.be | | ELOG Syntax highlighting in UltraEdit | | | Maybe some of you use UltraEdit code editor (http://www.ultraedit.com/) to
create/modify your ELOGD.CFG files.
Well, in that case we hope you find useful the attached syntax highlighting
configuration file.
To intstall this file into UltraEdit :
MENU --> ADVANCED --> CONFIGURATION --> SYNTAX HIGHLIGHTING tab --> OPEN
WORDLIST
You can also download the latest version from our website :
http://public.mba.be/demo/elog/u-edit-elog-syntax.txt |
| Attachment 1: u-edit-elog-syntax.txt
|
/L7"Elog" Line Comment = ; Block Comment On = /* Block Comment Off = */ String Chars = "' File Extensions = cfg
/Delimiters = ~!@%^&*()-+=|\/{}[]:;"'<> , .?
/C1"Elog Global functions"
** Logbook tabs
** SMTP host =
** Admin Password
** Admin user =
** Selection page
** Self register
** URL=
** Welcome Title
/C2"Elog Syntax"
** Attributes
** Back
** Bottom text
** Comment
** Config
** Copy to
** CSS
** Data dir
** Date format
** Delete
** Display Email recipients
** Display mode
** Download
** Edit
** edit
** Email
** Email All
** Email message body
** Email notification
** Entries per page
** Filtered browsing
** Find
** Find Menu commands
** Fixed Attributes Edit
** Fixed Attributes Reply
** full
** Group
** Guest find menu commands
** Guest menu commands
** Help
** Help URL
** IOptions
** Icon comment
** Language
** Last day
** Locked Attributes
** Logbook dir
** Logbook Tabs
** Logbook tabs
** Logfile
** Login
** Logout
** Main tab
** Menu commands
** Message Height
** Message Width
** MOptions
** Move to
** New
** Number Attachments
** on
** Options
** Page Title
** Password file =
** port
** Preset
** Quick filter
** Remove on reply
** Reply
** Required Attributes
** Resource dir
** Restrict edit
** Reverse sort
** ROptions
** Search all logbooks
** Self register
** SMTP host
** Search all logbooks
** Subdir
** Submit Page
** Subst
** Subst on reply subject
** Suppress default
** Suppress Email on edit
** Suppress Email to users
** Tab cellpadding
** Theme
** Thread display
** Thread Icon
** threaded
** Use Email From
** Use Email Subject
/C3"Elog MBA reserved attributes"
** %a %d %m %y
** %%Action
** %%BookName
** %%MessageID
** %%User
AsTo
Author
By
Categorie
Category
Contract
DateUp
DosL
DosR
Dossier
** Email AdressesEmail
** Email AsTo
** Email Partner
Email1
FollowUp
Forms
Inotifie
Inotifie
Notify
Notify
Origin
Partner
Priorite
Priority
Qualify
ShellLogFile
ShellOnSubmit0
ShellOnSubmit1
ShellParam0
ShellParam1
ShellParamVerboseType
Status
Type
|
|
37
|
Tue Aug 23 19:45:16 2011 |
Stuart Wilkins | swilkins@bnl.gov | Script | ELOG Mail Parser | Alpha | | Hi!
I have attached a small script which can process an e-mail and submit this e-mail as a log entry. This is alpha at the moment but if you have suggestions or find bugs please let me know.
The easiest way to process this is to use the ".forward" file in unix. If this file contains the line:
| "/usr/bin/python /home/tardis/elogmail/process.py --log /home/tardis/elogmail/mail.log -r -u http://localhost:8080/TARDIS -a Category=email -a Type=Log"
This will pipe the incoming mail to the e-log running on the localhost with the experiment TARDIS. Attributes can be set using the "-a" switch like in the elog command line utility. To get help with all the options please run the script with the command:
python process.py -h
which will give help.
Any questions, please don't hesitate to contact me, and I will do my best to help.
Thanks again to Stefan for a great application.
Best wishes,
Stuart
|
| Attachment 1: process.py.gz
|
| Attachment 2: forward.gz
|
|
30
|
Mon Jul 20 14:23:56 2009 |
Stefan Ritt | stefan.ritt@psi.ch | Script | Doing mathematical calculations with attributes | Stable | | Following entry was written by Richard Stamper. I moved it here for persistency:
On the matter of automatic calculation of fields, it is possible using included javascript but you have to do the work yourself. For example, we have a log which computes responsivity as the ratio of a photocurrent and optical power. With log attributes called "Photocurrent", "Optical Power" and "Responsivity" there is a file in the logbooks directory called photomixer_javascript.html containing something like:
<script>
if (document.form1.Photocurrent) {
document.form1.Photocurrent.onchange = new Function(
"mod();"+
"var power = parseFloat(document.form1.Optical_Power.value);"+
"var current = parseFloat(document.form1.Photocurrent.value);"+
"if (!isNan(power) && !isNan(current) && power != 0.0) {"+
" document.form1.Responsivity.value = Math.round(current/power*100)/100.0"+
"}"
);
document.form1.Optical_Power.onchange = document.form1.Photocurrent.onchange;
}
</script>
and the elogd.cfg file includes
Bottom text = photomixer_javascript.html
for the relevant log.
The assignments to the onchange handlers are guarded because this javascript is included on all pages for that log, including the list pages where there is no such field as Photocurrent, (or Optical_Power) and the event handler function is defined dynamically for the same reason.
|
|
39
|
Fri Sep 17 06:19:39 2010 |
Stefan Ritt | stefan.ritt@psi.ch | Script | Custom input forms implementation | Stable | Thu Jul 2 20:55:55 2015 by Stefan Ritt | Dear ELOG users,
starting with SVN revision 2328, custom input forms are implemented. This allows application specific formats for check lists etc. In our specific case we had to implement a shift check list, which was quite long. Furthermore the check list should be optimized for an iPad, which we take in the field and record various checks and readings (in our case some gas pressure gauges at the PSI particle accelerator). Since the standard ELOG interface was too inflexible, a completely hand-written form was needed. The form can be activated by the new configuration options Custom New Form, Custom Edit Form and Custom Display Form, one for a new entry, an entry to edit and and entry to display. In our case we used the same form for all three cases. This is how the shift check list looks under the Safari Browser on a PC:
And here is how it looks on the iPad:
Each section can be collapsed and expanded (blue arrows at the left), and various internal checks are made before the check list can be submitted.
Implementing such forms is however more something for the advanced user, since you have to hand-write HTML with CSS and JavaScript code. It can then however be a powerful method for check lists. Please find in the attachments the elogd.cfg configuration for that logbook and the shiftcheck.html source code file. It is a bit complicated since the page is a static page, elogd just serves it from the file. This requires all the dynamic functions to be implemented inside the HTML file with JavaScript. To display an entry for example, the JavaScript loads the raw data with the "?cmd=Download" command and the populates the form fields. The collapsing and expanding is done by using CSS properties. The integrated style sheet was optimized for the rendering on an iPad. Rather large fonts were chosen so that the items can be checked easily with your finger tips. Various parameters are sent between the browser and the elogd program via hidden fields and cookies. So only something for experts! But if you go through the effort and hand-write the form, it can be very handy. Note that you have to upgrade to SVN revision 2328 for the three new options.
|
| Attachment 2: elogd.cfg
|
[global]
Port = 8080
Password file = passwd
[ShiftCheck]
Comment = Shift Check List
Attributes = Author, D, M, Y, Shift, a1, a2, a3, a4, a5, h1, h2, h3, h4, h5, c1, c2, c3, c4, c5, c6, c7, bb1, cr1, cr2, cr3, cr4, cr5, cr6, cr7, cr8, cr9, cr10, cr11, cr12, cr13, cr14, cr15, cr16, cr17, cr18, cr19, cr20, cr21, cr22, cr23, cr24, cr25, cr26, sw1, sw2, sw3, sw4, sw5
Quick filter = Shift, Author
Options Shift = Morning, Evening, Night
Enable attachments = 0
Show text = 0
Custom new form = /home/meg/meg/online/elog/shiftcheck.html
Custom edit form = /home/meg/meg/online/elog/shiftcheck.html
Custom display form = /home/meg/meg/online/elog/shiftcheck.html
List after submit = 1
|
| Attachment 4: shiftcheck.html
|
| Attachment 5: sc_up.png
|
|
| Attachment 6: sc_down.png
|
|
|
22
|
Wed Jul 11 11:13:16 2007 |
Peter Rienstra | peter.rienstra@gmail.com | Other | Compiling elogd.c on HP-UX 64 bit | Beta | Thu Jul 12 09:38:47 2007 by Peter Rienstra | We succeeded in compiling and running elogd (elog-2.6.5) on HP-UX 64 bit Itanium platform (HP-UX B.11.23 U ia64).
The main problem was we got a core dump after starting elogd. The cause was that the memory has be allocated with a 4 byte boundary. This could be the case on other 64 bit platforms as well. A colleague of mine (Sander Notting) found the solution.
Unzip and untar the zip file (elog-latest.tar.gz)
Go to the src directory (elog-2.6.5/src)
Edit elogd.c
Replace all:
show_selection_page(NULL); => show_selection_page();
seteuid => setuid
setegid => setgid
On line 564:
void *buffer => char *buffer
Line 645, add the text in bold:
void *xmalloc(size_t bytes)
{
char *temp;
/* Align buffer on 4 byte boundery for HP UX and other 64 bit systems to prevent Bus error(core dump)*/
if (bytes & 3)
bytes += 4 - (bytes & 3);
temp = (char *) malloc(bytes + 12);
After that compile:
cc -w -c -o regex.o regex.c
cc -w -c -o mxml.o ../../mxml/mxml.c
cc -w -c -o strlcpy.o ../../mxml/strlcpy.c
cc -I../../mxml -o elogd elogd.c regex.o mxml.o strlcpy.o
We didn't try to run elogd under root yet. |
| Attachment 1: elogdhpux64.c.gz
|
|
148
|
Mon Mar 11 09:28:15 2019 |
Maurat | gm001@free.fr | Script | Code change for LDAP authentication | Stable | Mon Mar 11 10:15:43 2019 by Maurat | Hi,
I had to change code to authenticate users in my organization's LDAP directory. Indeed, accounts are distributed under several organizational units in my LDAP directory.
The current version of the code can't authenticate accounts when these are in different organizational units. Hence my contribution.
I Use a read account to request LDAP to locate the account that has logged in (with e-mail address in the search filter).
I get the number of LDAP entries. If I have one entry then I call ldap_get_dn function to get the DN account and then I call ldap_simple_bind_s using the account's DN and password to perform LDAP authentication.
I changed configuration file elogd.cfg. I added two parameters:
LDAP DN user = <DN read account>
LDAP PW user = <password read account>
I changed code auth.c too (see attached file)
I had to change Makefile. I added a call to lber library
ifdef USE_LDAP
ifneq ($(USE_LDAP),0)
CFLAGS += -DHAVE_LDAP
LIBS += -lldap -llber
endif
endif
Have good day
|
| Attachment 1: auth.c
|
/********************************************************************\
Name: auth.c
Created by: Stefan Ritt
Copyright 2000 + Stefan Ritt
ELOG is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
ELOG is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with ELOG. If not, see <http://www.gnu.org/licenses/>.
Contents: Authentication subroutines. Currently supported:
- password file authentication
- kerberos5 password authentication
$Id: elog.c 2350 2010-12-23 10:45:10Z ritt $
\********************************************************************/
#include "elogd.h"
#ifdef HAVE_KRB5
#include <krb5.h>
#endif
#ifdef HAVE_LDAP
#include <ldap.h>
LDAP *ldap_ld;
char ldap_login_attr[64];
char ldap_dn_user[256];
char ldap_pw_user[64];
char ldap_userbase[256];
char ldap_bindDN[512];
#endif /* HAVE_LDAP */
extern LOGBOOK *lb_list;
/*==================================================================*/
/*---- Kerberos5 routines ------------------------------------------*/
#ifdef HAVE_KRB5
int auth_verify_password_krb5(LOGBOOK * lbs, const char *user, const char *password, char *error_str,
int error_size)
{
char *princ_name, str[256], realm[256];
krb5_error_code error;
krb5_principal princ;
krb5_context context;
krb5_creds creds;
krb5_get_init_creds_opt options;
if (krb5_init_context(&context) < 0)
return FALSE;
strlcpy(str, user, sizeof(str));
if (getcfg(lbs->name, "Kerberos Realm", realm, sizeof(realm))) {
strlcat(str, "@", sizeof(str));
strlcat(str, realm, sizeof(str));
}
if ((error = krb5_parse_name(context, str, &princ)) != 0) {
strlcpy(error_str, "<b>Kerberos error:</b>
", error_size);
strlcat(error_str, krb5_get_error_message(context, error), error_size);
strlcat(error_str, ".
Please check your Kerberos configuration.", error_size);
return FALSE;
}
error = krb5_unparse_name(context, princ, &princ_name);
if (error) {
strlcpy(error_str, "<b>Kerberos error:</b>
", error_size);
strlcat(error_str, krb5_get_error_message(context, error), error_size);
strlcat(error_str, ".
Please check your Kerberos configuration.", error_size);
return FALSE;
}
sprintf(str, "Using %s as server principal for authentication", princ_name);
write_logfile(lbs, str);
memset(&options, 0, sizeof(options));
krb5_get_init_creds_opt_init(&options);
memset(&creds, 0, sizeof(creds));
error = krb5_get_init_creds_password(context, &creds, princ,
(char *) password, NULL, NULL, 0, NULL, &options);
krb5_free_context(context);
if (error && error != KRB5KDC_ERR_PREAUTH_FAILED && error != KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN) {
sprintf(error_str, "<b>Kerberos error %d:</b>
", error);
strlcat(error_str, krb5_get_error_message(context, error), error_size);
strlcat(error_str, ".
Please check your Kerberos configuration.", error_size);
return FALSE;
}
if (error)
return FALSE;
return TRUE;
}
int auth_change_password_krb5(LOGBOOK * lbs, const char *user, const char *old_pwd, const char *new_pwd,
char *error_str, int error_size)
{
char *princ_name, str[256], realm[256];
int result_code, n;
krb5_error_code error;
krb5_data result_code_string, result_string;
krb5_principal princ;
krb5_context context;
krb5_creds creds;
krb5_get_init_creds_opt options;
if (krb5_init_context(&context) < 0)
return FALSE;
strlcpy(str, user, sizeof(str));
if (getcfg(lbs->name, "Kerberos Realm", realm, sizeof(realm))) {
strlcat(str, "@", sizeof(str));
strlcat(str, realm, sizeof(str));
}
if ((error = krb5_parse_name(context, str, &princ)) != 0) {
strlcpy(error_str, "<b>Kerberos error:</b>
", error_size);
strlcat(error_str, krb5_get_error_message(context, error), error_size);
strlcat(error_str, ".
Please check your Kerberos configuration.", error_size);
return FALSE;
}
error = krb5_unparse_name(context, princ, &princ_name);
sprintf(str, "Using %s as server principal for authentication", princ_name);
write_logfile(lbs, str);
memset(&options, 0, sizeof(options));
krb5_get_init_creds_opt_init(&options);
krb5_get_init_creds_opt_set_tkt_life(&options, 300);
krb5_get_init_creds_opt_set_forwardable(&options, FALSE);
krb5_get_init_creds_opt_set_proxiable(&options, FALSE);
memset(&creds, 0, sizeof(creds));
error = krb5_get_init_creds_password(context, &creds, princ,
(char *) old_pwd, NULL, NULL, 0, "kadmin/changepw", &options);
if (error) {
strlcpy(error_str, "<b>Kerberos error:</b>
", error_size);
strlcat(error_str, krb5_get_error_message(context, error), error_size);
strlcat(error_str, ".
Please check your Kerberos configuration.", error_size);
return FALSE;
}
error = krb5_set_password(context, &creds, (char *) new_pwd, princ,
&result_code, &result_code_string, &result_string);
if (error) {
strlcpy(error_str, "<b>Kerberos error:</b>
", error_size);
strlcat(error_str, krb5_get_error_message(context, error), error_size);
strlcat(error_str, ".
Please check your Kerberos configuration.", error_size);
return FALSE;
}
if (result_code > 0) {
if (result_code_string.length > 0) {
strlcpy(error_str, result_code_string.data, error_size);
if ((int) result_code_string.length < error_size)
error_str[result_code_string.length] = 0;
}
if (result_string.length > 0) {
strlcat(error_str, ": ", error_size);
n = strlen(error_str) + result_string.length;
strlcat(error_str, result_string.data, error_size);
if (n < error_size)
error_str[n] = 0;
}
}
krb5_free_data_contents(context, &result_code_string);
krb5_free_data_contents(context, &result_string);
krb5_free_cred_contents(context, &creds);
krb5_get_init_creds_opt_free(context, &options);
krb5_free_context(context);
if (result_code > 0)
return FALSE;
return TRUE;
}
#endif
/*---- LDAP routines ------------------------------------------*/
#ifdef HAVE_LDAP
int ldap_init(LOGBOOK *lbs, char *error_str, int error_size)
{
char str[512], ldap_server[256];
int version;
int bind=0;
// Read Config file
if (getcfg(lbs->name, "LDAP server", ldap_server, sizeof(ldap_server))) {
strlcpy(str, ldap_server, sizeof(str));
}
else {
strlcpy(error_str, "<b>LDAP initialization error</b>
", error_size);
strlcat(error_str, "
Please check your LDAP configuration.", error_size);
strlcat(str, "ERR: Cannot find LDAP server entry!", sizeof(str));
write_logfile(lbs, str);
return FALSE;
}
if (!getcfg(lbs->name, "LDAP userbase", ldap_userbase, sizeof(ldap_userbase))) {
strlcpy(error_str, "<b>LDAP initialization error</b>
", error_size);
strlcat(error_str, "
Please check your LDAP configuration.", error_size);
strlcat(str, ", ERR: Cannot find LDAP userbase (e.g. \'ou=People,dc=example,dc=org\')!", sizeof(str));
write_logfile(lbs, str);
return FALSE;
}
if (!getcfg(lbs->name, "LDAP login attribute", ldap_login_attr, sizeof(ldap_login_attr))) {
strlcpy(error_str, "<b>LDAP initialization error</b>
", error_size);
strlcat(error_str, "
Please check your LDAP configuration.", error_size);
strlcat(str, ", ERR: Cannot find LDAP login attribute (e.g. uid, cn, ...)!", sizeof(str));
write_logfile(lbs, str);
return FALSE;
}
if (!getcfg(lbs->name, "LDAP DN User", ldap_dn_user, sizeof(ldap_dn_user))) {
strlcpy(error_str, "<b>LDAP initialization error</b>
", error_size);
strlcat(error_str, "
Please check your LDAP configuration.", error_size);
strlcat(str, ", ERR: Cannot find LDAP login attribute (e.g. uid, cn, ...)!", sizeof(str));
write_logfile(lbs, str);
return FALSE;
}
if (!getcfg(lbs->name, "LDAP PW User", ldap_pw_user, sizeof(ldap_pw_user))) {
strlcpy(error_str, "<b>LDAP initialization error</b>
", error_size);
strlcat(error_str, "
Please check your LDAP configuration.", error_size);
strlcat(str, ", ERR: Cannot find LDAP login attribute (e.g. uid, cn, ...)!", sizeof(str));
write_logfile(lbs, str);
return FALSE;
}
// Initialize/open LDAP connection
if(ldap_initialize( &ldap_ld, ldap_server )) {
perror("ldap_initialize");
strlcpy(error_str, "<b>LDAP initialization error</b>
", error_size);
strlcat(error_str, "
Please check your LDAP configuration.", error_size);
return FALSE;
}
// Use the LDAP_OPT_PROTOCOL_VERSION session preference to specify that the client is LDAPv3 client
version = LDAP_VERSION3;
ldap_set_option(ldap_ld, LDAP_OPT_PROTOCOL_VERSION, &version);
write_logfile(lbs, str);
return TRUE;
}
int auth_verify_password_ldap(LOGBOOK *lbs, const char *user, const char *password, char *error_str,
int error_size)
{ LDAPMessage *result, *err, *entry;
int bind=0, i, rc=0, nb=0;
char str[512], filter[512];
char *attribute , *dn;
BerElement *ber;
BerValue **values;
ldap_ld = NULL;
memset(&ldap_bindDN[0], 0, sizeof(ldap_bindDN));
struct timeval timeOut = {3,0}; // 3 second connection/search timeout
// zerotime.tv_sec = zerotime.tv_usec = 0L;
if(!ldap_init(lbs,error_str,error_size)) {
strlcpy(error_str, "<b>LDAP initialization error</b>
", error_size);
strlcat(error_str, "
Please check your LDAP configuration.", error_size);
return FALSE;
}
printf("\n dn: %s\n", ldap_dn_user );
//Bind with read account
bind = ldap_simple_bind_s(ldap_ld, ldap_dn_user, ldap_pw_user, LDAP_AUTH_SIMPLE);
if(bind != LDAP_SUCCESS) {
strlcpy(error_str, "<b>LDAP BIND error with read account</b>
", error_size);
strlcat(error_str, "
Please check your LDAP configuration.", error_size);
return FALSE;
}
// search user
sprintf(filter, "(%s=%s)", ldap_login_attr, user);
rc = ldap_search_ext_s(
ldap_ld, // LDAP session handle
ldap_userbase, // Search Base
... 318 more lines ...
|
|