$tmp =~ s/[\'\"]?,?\s*$//;
$tmp =~ s/[\'\"]?\);\s*$//;
$limit_scope = $tmp;
+ } elsif ( $tmp =~ /^\s*[\'\"]listing[\'\"]/i ) {
+ $tmp =~ s/^\s*[\'\"]listing[\'\"]\s*=>\s*[\'\"]?//i;
+ $tmp =~ s/[\'\"]?,?\s*$//;
+ $tmp =~ s/[\'\"]?\);\s*$//;
+ $listing = $tmp;
}
}
$ldap_host[$sub] = $host;
$ldap_bindpw[$sub] = $bindpw;
$ldap_protocol[$sub] = $protocol;
$ldap_limit_scope[$sub] = $limit_scope;
+ $ldap_listing[$sub] = $listing;
} elsif ( $options[0] =~ /^(data_dir|attachment_dir|theme_css|org_logo|signout_page)$/ ) {
${ $options[0] } = &change_to_rel_path($options[1]);
} else {
if ( $ldap_limit_scope[$count] ) {
print " limit_scope: $ldap_limit_scope[$count]\n";
}
+ if ( $ldap_listing[$count] ) {
+ print " listing: $ldap_listing[$count]\n";
+ }
print "\n";
$count++;
print "\n";
print "You can specify the maximum number of rows in the search result.\n";
- print "Default is unlimited. Press ENTER for default.\n";
+ print "Default value is equal to 250 rows. Press ENTER for default.\n";
print "maxrows: ";
$name = <STDIN>;
$name =~ s/[\r\n]//g;
$ldap_maxrows[$sub] = $name;
- print "\n";
-
- print "You can specify an additional search filter.\n";
- print "This could be something like \"(objectclass=posixAccount)\".\n";
- print "Default is no extra filter. Press ENTER for default.\n";
- print "filter: ";
- $name = <STDIN>;
- $name =~ s/[\r|\n]//g;
- $ldap_filter[$sub] = $name;
print "\n";
print "\n";
- print "You can control search scope here.\n";
- print "This option is specific to Microsoft ADS implementation.\n";
- print "It requires use of v3 or newer LDAP protocol.\n";
- print "Don't enable it, if you use other LDAP server.\n";
+ print "This configuration section allows to set some rarely used\n";
+ print "options and options specific to some LDAP implementations.\n";
print "\n";
- print "Limit ldap scope? (y/N):";
- $name = <STDIN>;
- if ( $name =~ /^y\n/i ) {
- $name = 'true';
+ print "Do you want to set advanced LDAP directory settings? (y/N):";
+ $ldap_advanced_settings = <STDIN>;
+ if ( $ldap_advanced_settings =~ /^y\n/i ) {
+ $ldap_advanced_settings = 'true';
} else {
- $name = 'false';
+ $ldap_advanced_settings = 'false';
}
- $ldap_limit_scope[$sub] = $name;
+ if ($ldap_advanced_settings eq 'true') {
+ print "\n";
+
+ print "You can control LDAP directory listing here. This option can\n";
+ print "be useful if you run small LDAP server and want to provide listing\n";
+ print "of all addresses stored in LDAP to users of webmail interface.\n";
+ print "Number of displayed entries is limited by maxrows setting.\n";
+ print "\n";
+ print "Don't enable this option for public LDAP directories.\n";
+ print "This feature is experimental.\n";
+ print "\n";
+ print "Allow listing of LDAP directory? (y/N):";
+ $name = <STDIN>;
+ if ( $name =~ /^y\n/i ) {
+ $name = 'true';
+ } else {
+ $name = 'false';
+ }
+ $ldap_listing[$sub] = $name;
+
+ print "\n";
+
+ print "You can specify an additional search filter.\n";
+ print "This could be something like \"(objectclass=posixAccount)\".\n";
+ print "No filtering is performed by default. Press ENTER for default.\n";
+ print "filter: ";
+ $name = <STDIN>;
+ $name =~ s/[\r|\n]//g;
+ $ldap_filter[$sub] = $name;
+
+ print "\n";
+
+ print "You can control search scope here.\n";
+ print "This option is specific to Microsoft ADS implementation.\n";
+ print "It requires use of v3 or newer LDAP protocol.\n";
+ print "Don't enable it, if you use other LDAP server.\n";
+ print "\n";
+ print "Limit ldap scope? (y/N):";
+ $name = <STDIN>;
+ if ( $name =~ /^y\n/i ) {
+ $name = 'true';
+ } else {
+ $name = 'false';
+ }
+ $ldap_limit_scope[$sub] = $name;
+ }
print "\n";
} elsif ( $input =~ /^\s*-\s*[0-9]?/ ) {
@new_ldap_binddn = ();
@new_ldap_protocol = ();
@new_ldap_limit_scope = ();
+ @new_ldap_listing = ();
while ( $count <= $#ldap_host ) {
if ( $count != $rem_num ) {
@new_ldap_bindpw = ( @new_ldap_bindpw, $ldap_bindpw[$count] );
@new_ldap_protocol = ( @new_ldap_protocol, $ldap_protocol[$count] );
@new_ldap_limit_scope = ( @new_ldap_limit_scope, $ldap_limit_scope[$count] );
+ @new_ldap_listing = ( @new_ldap_listing, $ldap_listing[$count] );
}
$count++;
}
@ldap_bindpw = @new_ldap_bindpw;
@ldap_protocol = @new_ldap_protocol;
@ldap_limit_scope = @new_ldap_limit_scope;
+ @ldap_listing = @new_ldap_listing;
} elsif ( $input =~ /^\s*\?\s*/ ) {
print ".-------------------------.\n";
}
if ( $ldap_protocol[$count] ) {
print CF ",\n";
- # integer
+ # integer
print CF " 'protocol' => $ldap_protocol[$count]";
}
if ( $ldap_limit_scope[$count] ) {
# boolean
print CF " 'limit_scope' => $ldap_limit_scope[$count]";
}
+ if ( $ldap_listing[$count] ) {
+ print CF ",\n";
+ # boolean
+ print CF " 'listing' => $ldap_listing[$count]";
+ }
print CF "\n";
print CF ");\n";
print CF "\n";
if(is_array($expr)) return false;
// don't allow wide search when listing is disabled.
- if ($expr=='*' && ! $this->listing)
- return array();
+ if ($expr=='*' && ! $this->listing) {
+ return array();
+ } elseif ($expr=='*') {
+ // allow use of wildcard when listing is enabled.
+ $expression = '(cn=*)';
+ } else {
+ /* Convert search from user's charset to the one used in ldap */
+ $expr = $this->charset_encode($expr);
- /* Convert search from user's charset to the one used in ldap */
- $expr = $this->charset_encode($expr);
+ /* Make sure that search does not contain ldap special chars */
+ $expression = '(cn=*' . $this->ldapspecialchars($expr) . '*)';
- /* Make sure that search does not contain ldap special chars */
- $expression = '(cn=*' . $this->ldapspecialchars($expr) . '*)';
+ /* Undo sanitizing of * symbol */
+ $expression = str_replace('\2a','*',$expression);
+ /* TODO: implement any single character (?) matching */
+ }
/* Add search filtering */
if ($this->filter!='')
projects / squirrelmail.git / commitdiff