tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-4705-encriptado-de-nuevos-tokens' into 'develop' 

minnor error

See merge request artica/pandorafms!2972
This commit is contained in:
Alejandro Fraguas 2020-02-19 11:14:39 +01:00
parent a04b92a0bc e265bc2970
commit 681fcd3c56
3 changed files with 190 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

229
pandora_console/godmode/setup/setup_auth.php
View File

@ -1,18 +1,25 @@
<?php
/**
* Extension to self monitor Pandora FMS Console
*
* @package Pandora FMS
* @version 1.0.0
* @license See below
* Pandora FMS - http://pandorafms.com
* * ==================================================
* * Copyright (c) 2005-2010 Artica Soluciones Tecnologicas
* * Please see http://pandorafms.org for full contribution list
* * This program is free software; you can redistribute it and/or
* * modify it under the terms of the GNU General Public License
* * as published by the Free Software Foundation for version 2.
* * This program is distributed in the hope that it will be useful,
* * but WITHOUT ANY WARRANTY; without even the implied warranty of
* * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* * GNU General Public License for more details.
* * Warning: This file may be required into the metaconsole's setup
* * Load global vars
*/
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2010 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation for version 2.
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// Warning: This file may be required into the metaconsole's setup
// Load global vars
global $config;
check_login();
@ -23,7 +30,7 @@ if (! check_acl($config['id_user'], 0, 'PM') && ! is_user_admin($config['id_user
return;
}
// Load enterprise extensions
// Load enterprise extensions.
enterprise_include('godmode/setup/setup_auth.php');
if (is_ajax()) {
@ -39,19 +46,35 @@ if (is_ajax()) {
$type_auth = (string) get_parameter('type_auth', '');
// field for all types except mysql
// Field for all types except mysql.
if ($type_auth != 'mysql') {
// Fallback to local authentication
// Fallback to local authentication.
$row = [];
$row['name'] = __('Fallback to local authentication').ui_print_help_tip(__('Enable this option if you want to fallback to local authentication when remote (ldap etc...) authentication failed. Only available when \'Save password\' is enabled.'), true);
$row['control'] = html_print_checkbox_switch('fallback_local_auth', 1, $config['fallback_local_auth'], true);
$row['name'] = __('Fallback to local authentication').ui_print_help_tip(
__('Enable this option if you want to fallback to local authentication when remote (ldap etc...) authentication failed. Only available when \'Save password\' is enabled.'),
true
);
$row['control'] = html_print_checkbox_switch(
'fallback_local_auth',
1,
$config['fallback_local_auth'],
true
);
$table->data['fallback_local_auth'] = $row;
if (enterprise_installed()) {
// Autocreate remote users
// Autocreate remote users.
$row = [];
$row['name'] = __('Autocreate remote users');
$row['control'] = html_print_checkbox_switch_extended('autocreate_remote_users', 1, $config['autocreate_remote_users'], false, '', '', true).'&nbsp;&nbsp;';
$row['control'] = html_print_checkbox_switch_extended(
'autocreate_remote_users',
1,
$config['autocreate_remote_users'],
false,
'',
'',
true
).'&nbsp;&nbsp;';
$table->data['autocreate_remote_users'] = $row;
add_enterprise_auth_autocreate_profiles($table, $type_auth);
@ -63,19 +86,33 @@ if (is_ajax()) {
break;
case 'ldap':
// LDAP server
// LDAP server.
$row = [];
$row['name'] = __('LDAP server');
$row['control'] = html_print_input_text('ldap_server', $config['ldap_server'], '', 30, 100, true);
$row['control'] = html_print_input_text(
'ldap_server',
$config['ldap_server'],
'',
30,
100,
true
);
$table->data['ldap_server'] = $row;
// LDAP port
// LDAP port.
$row = [];
$row['name'] = __('LDAP port');
$row['control'] = html_print_input_text('ldap_port', $config['ldap_port'], '', 10, 100, true);
$row['control'] = html_print_input_text(
'ldap_port',
$config['ldap_port'],
'',
10,
100,
true
);
$table->data['ldap_port'] = $row;
// LDAP version
// LDAP version.
$ldap_versions = [
1 => 'LDAPv1',
2 => 'LDAPv2',
@ -83,37 +120,78 @@ if (is_ajax()) {
];
$row = [];
$row['name'] = __('LDAP version');
$row['control'] = html_print_select($ldap_versions, 'ldap_version', $config['ldap_version'], '', '', 0, true);
$row['control'] = html_print_select(
$ldap_versions,
'ldap_version',
$config['ldap_version'],
'',
'',
0,
true
);
$table->data['ldap_version'] = $row;
// Start TLS
// Start TLS.
$row = [];
$row['name'] = __('Start TLS');
$row['control'] = html_print_checkbox_switch('ldap_start_tls', 1, $config['ldap_start_tls'], true);
$row['control'] = html_print_checkbox_switch(
'ldap_start_tls',
1,
$config['ldap_start_tls'],
true
);
$table->data['ldap_start_tls'] = $row;
// Base DN
// Base DN.
$row = [];
$row['name'] = __('Base DN');
$row['control'] = html_print_input_text('ldap_base_dn', $config['ldap_base_dn'], '', 60, 100, true);
$row['control'] = html_print_input_text(
'ldap_base_dn',
$config['ldap_base_dn'],
'',
60,
100,
true
);
$table->data['ldap_base_dn'] = $row;
// Login attribute
// Login attribute.
$row = [];
$row['name'] = __('Login attribute');
$row['control'] = html_print_input_text('ldap_login_attr', $config['ldap_login_attr'], '', 60, 100, true);
$row['control'] = html_print_input_text(
'ldap_login_attr',
$config['ldap_login_attr'],
'',
60,
100,
true
);
$table->data['ldap_login_attr'] = $row;
// Admin LDAP login
// Admin LDAP login.
$row = [];
$row['name'] = __('Admin LDAP login');
$row['control'] = html_print_input_text('ldap_admin_login', $config['ldap_admin_login'], '', 60, 100, true);
$row['control'] = html_print_input_text(
'ldap_admin_login',
$config['ldap_admin_login'],
'',
60,
100,
true
);
$table->data['ldap_admin_login'] = $row;
// Admin LDAP password
// Admin LDAP password.
$row = [];
$row['name'] = __('Admin LDAP password');
$row['control'] = html_print_input_password('ldap_admin_pass', $config['ldap_admin_pass'], $alt = '', 60, 100, true);
$row['control'] = html_print_input_password(
'ldap_admin_pass',
io_output_password($config['ldap_admin_pass']),
$alt = '',
60,
100,
true
);
$table->data['ldap_admin_pass'] = $row;
break;
@ -121,28 +199,50 @@ if (is_ajax()) {
case 'ad':
case 'saml':
case 'integria':
// Add enterprise authentication options
// Add enterprise authentication options.
if (enterprise_installed()) {
add_enterprise_auth_options($table, $type_auth);
}
break;
default:
// Default case.
break;
}
// field for all types
// Enable double authentication
// Set default value
// Field for all types.
// Enable double authentication.
// Set default value.
set_unless_defined($config['double_auth_enabled'], false);
$row = [];
$row['name'] = __('Double authentication').ui_print_help_tip(__('If this option is enabled, the users can use double authentication with their accounts'), true);
$row['control'] .= html_print_checkbox_switch('double_auth_enabled', 1, $config['double_auth_enabled'], true);
$row['name'] = __('Double authentication').ui_print_help_tip(
__('If this option is enabled, the users can use double authentication with their accounts'),
true
);
$row['control'] .= html_print_checkbox_switch(
'double_auth_enabled',
1,
$config['double_auth_enabled'],
true
);
$table->data['double_auth_enabled'] = $row;
// Session timeout
// Default session timeout
// Session timeout.
// Default session timeout.
set_when_empty($config['session_timeout'], 90);
$row = [];
$row['name'] = __('Session timeout (mins)').ui_print_help_tip(__('This is defined in minutes, If you wish a permanent session should putting -1 in this field.'), true);
$row['control'] = html_print_input_text('session_timeout', $config['session_timeout'], '', 10, 10, true);
$row['name'] = __('Session timeout (mins)').ui_print_help_tip(
__('This is defined in minutes, If you wish a permanent session should putting -1 in this field.'),
true
);
$row['control'] = html_print_input_text(
'session_timeout',
$config['session_timeout'],
'',
10,
10,
true
);
$table->data['session_timeout'] = $row;
html_print_table($table);
@ -159,23 +259,23 @@ $table->class = 'databox filters';
$table->size['name'] = '30%';
$table->style['name'] = 'font-weight: bold';
// Auth methods added to the table (doesn't take in account mysql)
// Auth methods added to the table (doesn't take in account mysql).
$auth_methods_added = [];
// Remote options row names
// Fill this array for every matched row
// Remote options row names.
// Fill this array for every matched row.
$remote_rows = [];
// Autocreate options row names
// Fill this array for every matched row
// Autocreate options row names.
// Fill this array for every matched row.
$autocreate_rows = [];
$no_autocreate_rows = [];
// LDAP data row names
// Fill this array for every matched row
// LDAP data row names.
// Fill this array for every matched row.
$ldap_rows = [];
// Method
// Method.
$auth_methods = [
'mysql' => __('Local %s', get_product_name()),
'ldap' => __('ldap'),
@ -186,16 +286,24 @@ if (enterprise_installed()) {
$row = [];
$row['name'] = __('Authentication method');
$row['control'] = html_print_select($auth_methods, 'auth', $config['auth'], '', '', 0, true);
$row['control'] = html_print_select(
$auth_methods,
'auth',
$config['auth'],
'',
'',
0,
true
);
$table->data['auth'] = $row;
// Form
// Form.
echo '<form id="form_setup" method="post">';
if (!is_metaconsole()) {
html_print_input_hidden('update_config', 1);
} else {
// To use it in the metasetup
// To use it in the metasetup.
html_print_input_hidden('action', 'save');
html_print_input_hidden('hash_save_config', md5('save'.$config['dbpass']));
}
@ -203,7 +311,12 @@ if (!is_metaconsole()) {
html_print_table($table);
echo '<div id="table_auth_result"></div>';
echo '<div class="action-buttons" style="width: '.$table->width.'">';
html_print_submit_button(__('Update'), 'update_button', false, 'class="sub upd"');
html_print_submit_button(
__('Update'),
'update_button',
false,
'class="sub upd"'
);
echo '</div>';
echo '</form>';
?>

9
pandora_console/godmode/update_manager/update_manager.setup.php
View File

@ -60,7 +60,10 @@ if (users_is_admin()) {
}
if (!$action_update_url_update_manager) {
$url_update_manager = get_parameter('url_update_manager', $config['url_update_manager']);
$url_update_manager = get_parameter(
'url_update_manager',
$config['url_update_manager']
);
$update_manager_proxy_server = get_parameter(
'update_manager_proxy_server',
$config['update_manager_proxy_server']
@ -162,7 +165,7 @@ if (!$action_update_url_update_manager) {
if ($result) {
$result = config_update_value(
'update_manager_proxy_password',
$update_manager_proxy_password
io_input_password($update_manager_proxy_password)
);
}
@ -179,6 +182,7 @@ if (!$action_update_url_update_manager) {
}
echo '<form method="post" action="index.php?sec=gsetup&sec2=godmode/update_manager/update_manager&tab=setup">';
html_print_input_hidden('update_config', 1);
$table = new stdClass();
$table->width = '100%';
@ -259,6 +263,7 @@ if (license_free()) {
}
html_print_input_hidden('action_update_url_update_manager', 1);
html_print_input_hidden('update_config', 1);
html_print_table($table);
echo '<div class="action-buttons" style="width: '.$table->width.'">';

36
pandora_console/include/functions_config.php
View File

@ -148,7 +148,8 @@ function config_update_config()
$error_update = [];
$sec2 = get_parameter_get('sec2');
$sec2 = get_parameter('sec2');
switch ($sec2) {
case 'godmode/setup/setup':
$section_setup = get_parameter('section');
@ -350,7 +351,7 @@ function config_update_config()
$error_update[] = __('Email user');
}
if (!config_update_value('email_password', get_parameter('email_password'))) {
if (!config_update_value('email_password', io_input_password(get_parameter('email_password')))) {
$error_update[] = __('Email password');
}
@ -608,7 +609,7 @@ function config_update_config()
$error_update[] = __('Admin LDAP login');
}
if (!config_update_value('ldap_admin_pass', get_parameter('ldap_admin_pass'))) {
if (!config_update_value('ldap_admin_pass', io_input_password(get_parameter('ldap_admin_pass')))) {
$error_update[] = __('Admin LDAP password');
}
@ -1315,10 +1316,6 @@ function config_update_config()
$error_update[] = __('PDF font size (px)');
}
if (!config_update_value('interval_description', (string) get_parameter('interval_description', 'large'))) {
$error_update[] = __('Interval description');
}
if (!config_update_value('custom_report_front', get_parameter('custom_report_front'))) {
$error_update[] = __('Custom report front');
}
@ -1961,6 +1958,14 @@ function config_process_config()
* Parse the ACL IP list for access API
*/
$temp_list_ACL_IPs_for_API = [];
if (isset($config['list_ACL_IPs_for_API'])) {
if (!empty($config['list_ACL_IPs_for_API'])) {
$temp_list_ACL_IPs_for_API = explode(';', $config['list_ACL_IPs_for_API']);
}
}
$config['list_ACL_IPs_for_API'] = $temp_list_ACL_IPs_for_API;
$keysConfig = array_keys($config);
/*
@ -2867,14 +2872,6 @@ function config_process_config()
config_update_value('font_size_item_report', 2);
}
if (!isset($config['global_font_size_report'])) {
config_update_value('global_font_size_report', 14);
}
if (!isset($config['interval_description'])) {
config_update_value('interval_description', 'large');
}
if (!isset($config['custom_report_front_font'])) {
config_update_value('custom_report_front_font', 'FreeSans.ttf');
}
@ -3030,15 +3027,6 @@ function config_process_config()
// Finally, check if any value was overwritten in a form.
config_update_config();
$temp_list_ACL_IPs_for_API = [];
if (isset($config['list_ACL_IPs_for_API'])) {
if (!empty($config['list_ACL_IPs_for_API'])) {
$temp_list_ACL_IPs_for_API = explode(';', $config['list_ACL_IPs_for_API']);
}
}
$config['list_ACL_IPs_for_API'] = $temp_list_ACL_IPs_for_API;
}