From 2965a981b7ec22866fbdf2d567d87e2d068d3617 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Fri, 31 Jul 2015 16:04:08 -0400
Subject: [PATCH] Allow to search and import missing PGP pubkeys from keyservers using Publickey.js
---
program/lib/Roundcube/rcube_ldap.php | 228 ++++++++++++++++++++++++++++++++++++--------------------
1 files changed, 147 insertions(+), 81 deletions(-)
diff --git a/program/lib/Roundcube/rcube_ldap.php b/program/lib/Roundcube/rcube_ldap.php
index 0da3e2c..dc7b3c0 100644
--- a/program/lib/Roundcube/rcube_ldap.php
+++ b/program/lib/Roundcube/rcube_ldap.php
@@ -64,7 +64,8 @@
private $base_dn = '';
private $groups_base_dn = '';
- private $group_url;
+ private $group_data;
+ private $group_search_cache;
private $cache;
@@ -101,8 +102,8 @@
// add group name attrib to the list of attributes to be fetched
$fetch_attributes[] = $this->prop['groups']['name_attr'];
}
- if (is_array($p['group_filters']) && count($p['group_filters'])) {
- $this->groups = true;
+ if (is_array($p['group_filters'])) {
+ $this->groups = $this->groups || count($p['group_filters']);
foreach ($p['group_filters'] as $k => $group_filter) {
// set default name attribute to cn
@@ -116,13 +117,14 @@
// fieldmap property is given
if (is_array($p['fieldmap'])) {
+ $p['fieldmap'] = array_filter($p['fieldmap']);
foreach ($p['fieldmap'] as $rf => $lf)
$this->fieldmap[$rf] = $this->_attr_name(strtolower($lf));
}
else if (!empty($p)) {
// read deprecated *_field properties to remain backwards compatible
foreach ($p as $prop => $value)
- if (preg_match('/^(.+)_field$/', $prop, $matches))
+ if (!empty($value) && preg_match('/^(.+)_field$/', $prop, $matches))
$this->fieldmap[$matches[1]] = $this->_attr_name(strtolower($value));
}
@@ -232,8 +234,7 @@
// initialize ldap wrapper object
$this->ldap = new rcube_ldap_generic($this->prop);
- $this->ldap->set_cache($this->cache);
- $this->ldap->set_debug($this->debug);
+ $this->ldap->config_set(array('cache' => $this->cache, 'debug' => $this->debug));
$this->_connect();
}
@@ -282,12 +283,21 @@
}
// Get the pieces needed for variable replacement.
- if ($fu = $rcube->get_user_email())
+ if ($fu = $rcube->get_user_email()) {
list($u, $d) = explode('@', $fu);
- else
+ }
+ else {
$d = $this->mail_domain;
+ }
$dc = 'dc='.strtr($d, array('.' => ',dc=')); // hierarchal domain string
+
+ // resolve $dc through LDAP
+ if (!empty($this->prop['domain_filter']) && !empty($this->prop['search_bind_dn']) &&
+ method_exists($this->ldap, 'domain_root_dn')) {
+ $this->ldap->bind($this->prop['search_bind_dn'], $this->prop['search_bind_pw']);
+ $dc = $this->ldap->domain_root_dn($d);
+ }
$replaces = array('%dn' => '', '%dc' => $dc, '%d' => $d, '%fu' => $fu, '%u' => $u);
@@ -320,8 +330,7 @@
// we need to use a separate LDAP connection
if (!empty($this->prop['vlv'])) {
$ldap = new rcube_ldap_generic($this->prop);
- $ldap->set_debug($this->debug);
- $ldap->set_cache($this->cache);
+ $ldap->config_set(array('cache' => $this->cache, 'debug' => $this->debug));
if (!$ldap->connect($host)) {
continue;
}
@@ -335,7 +344,7 @@
$res = $ldap->search($search_base_dn, $search_filter, 'sub', $search_attribs);
if ($res) {
$res->rewind();
- $replaces['%dn'] = $res->get_dn();
+ $replaces['%dn'] = key($res->entries(TRUE));
// add more replacements from 'search_bind_attrib' config
if ($search_bind_attrib) {
@@ -377,12 +386,13 @@
// replace placeholders in filter settings
if (!empty($this->prop['filter']))
$this->prop['filter'] = strtr($this->prop['filter'], $replaces);
- if (!empty($this->prop['groups']['filter']))
- $this->prop['groups']['filter'] = strtr($this->prop['groups']['filter'], $replaces);
- if (!empty($this->prop['groups']['member_filter']))
- $this->prop['groups']['member_filter'] = strtr($this->prop['groups']['member_filter'], $replaces);
- if (!empty($this->prop['group_filters'])) {
+ foreach (array('base_dn','filter','member_filter') as $k) {
+ if (!empty($this->prop['groups'][$k]))
+ $this->prop['groups'][$k] = strtr($this->prop['groups'][$k], $replaces);
+ }
+
+ if (is_array($this->prop['group_filters'])) {
foreach ($this->prop['group_filters'] as $i => $gf) {
if (!empty($gf['base_dn']))
$this->prop['group_filters'][$i]['base_dn'] = strtr($gf['base_dn'], $replaces);
@@ -554,7 +564,7 @@
}
else {
$prop = $this->group_id ? $this->group_data : $this->prop;
- $base_dn = $this->group_id ? $this->group_base_dn : $this->base_dn;
+ $base_dn = $this->group_id ? $prop['base_dn'] : $this->base_dn;
// use global search filter
if (!empty($this->filter))
@@ -697,8 +707,9 @@
for ($i=0; $i < $entry['memberurl']['count']; $i++) {
// extract components from url
- if (!preg_match('!ldap:///([^\?]+)\?\?(\w+)\?(.*)$!', $entry['memberurl'][$i], $m))
+ if (!preg_match('!ldap://[^/]*/([^\?]+)\?\?(\w+)\?(.*)$!', $entry['memberurl'][$i], $m)) {
continue;
+ }
// add search filter if any
$filter = $this->filter ? '(&(' . $m[3] . ')(' . $this->filter . '))' : $m[3];
@@ -765,16 +776,16 @@
if ($this->prop['vlv_search'] && $this->ready && join(',', (array)$fields) == join(',', $list_fields)) {
$this->result = new rcube_result_set(0);
- $search_suffix = $this->prop['fuzzy_search'] && $mode != 1 ? '*' : '';
+ $this->ldap->config_set('fuzzy_search', intval($this->prop['fuzzy_search'] && $mode != 1));
$ldap_data = $this->ldap->search($this->base_dn, $this->prop['filter'], $this->prop['scope'], $this->prop['attributes'],
- array('search' => $value . $search_suffix /*, 'sort' => $this->prop['sort'] */));
+ array('search' => $value /*, 'sort' => $this->prop['sort'] */));
if ($ldap_data === false) {
return $this->result;
}
// get all entries of this page and post-filter those that really match the query
$search = mb_strtolower($value);
- foreach ($ldap_data as $i => $entry) {
+ foreach ($ldap_data as $entry) {
$rec = $this->_ldap2result($entry);
foreach ($fields as $f) {
foreach ((array)$rec[$f] as $val) {
@@ -790,33 +801,24 @@
return $this->result;
}
- // use AND operator for advanced searches
- $filter = is_array($value) ? '(&' : '(|';
- // set wildcards
- $wp = $ws = '';
- if (!empty($this->prop['fuzzy_search']) && $mode != 1) {
- $ws = '*';
- if (!$mode) {
- $wp = '*';
- }
- }
+ // advanced per-attribute search
+ if (is_array($value)) {
+ // use AND operator for advanced searches
+ $filter = '(&';
- if ($fields == '*') {
- // search_fields are required for fulltext search
- if (empty($this->prop['search_fields'])) {
- $this->set_error(self::ERROR_SEARCH, 'nofulltextsearch');
- $this->result = new rcube_result_set();
- return $this->result;
- }
- if (is_array($this->prop['search_fields'])) {
- foreach ($this->prop['search_fields'] as $field) {
- $filter .= "($field=$wp" . rcube_ldap_generic::quote_string($value) . "$ws)";
+ // set wildcards
+ $wp = $ws = '';
+ if (!empty($this->prop['fuzzy_search']) && $mode != 1) {
+ $ws = '*';
+ if (!$mode) {
+ $wp = '*';
}
}
- }
- else {
+
foreach ((array)$fields as $idx => $field) {
- $val = is_array($value) ? $value[$idx] : $value;
+ $val = $value[$idx];
+ if (!strlen($val))
+ continue;
if ($attrs = $this->_map_field($field)) {
if (count($attrs) > 1)
$filter .= '(|';
@@ -826,8 +828,33 @@
$filter .= ')';
}
}
+
+ $filter .= ')';
}
- $filter .= ')';
+ else {
+ if ($fields == '*') {
+ // search_fields are required for fulltext search
+ if (empty($this->prop['search_fields'])) {
+ $this->set_error(self::ERROR_SEARCH, 'nofulltextsearch');
+ $this->result = new rcube_result_set();
+ return $this->result;
+ }
+ $attributes = (array)$this->prop['search_fields'];
+ }
+ else {
+ // map address book fields into ldap attributes
+ $me = $this;
+ $attributes = array();
+ array_walk($fields, function($field) use ($me, &$attributes) {
+ if ($me->coltypes[$field] && ($attrs = (array)$me->coltypes[$field]['attributes'])) {
+ $attributes = array_merge($attributes, $attrs);
+ }
+ });
+ }
+
+ // compose a full-text-like search filter
+ $filter = rcube_ldap_generic::fulltext_search_filter($value, $attributes, $mode);
+ }
// add required (non empty) fields filter
$req_filter = '';
@@ -905,7 +932,6 @@
return $this->result;
}
-
/**
* Get a specific contact record
*
@@ -945,6 +971,23 @@
}
return $assoc ? $res : $this->result;
+ }
+
+ /**
+ * Returns the last error occurred (e.g. when updating/inserting failed)
+ *
+ * @return array Hash array with the following fields: type, message
+ */
+ function get_error()
+ {
+ $err = $this->error;
+
+ // check ldap connection for errors
+ if (!$err && $this->ldap->get_error()) {
+ $err = array(self::ERROR_SEARCH, $this->ldap->get_error());
+ }
+
+ return $err;
}
@@ -1065,7 +1108,7 @@
}
}
- if (!$this->ldap->add($dn, $newentry)) {
+ if (!$this->ldap->add_entry($dn, $newentry)) {
$this->set_error(self::ERROR_SAVING, 'errorsaving');
return false;
}
@@ -1077,7 +1120,7 @@
'objectClass' => (array) $this->prop['sub_fields'][$xidx],
);
- $this->ldap->add($xdn, $xf);
+ $this->ldap->add_entry($xdn, $xf);
}
$dn = self::dn_encode($dn);
@@ -1220,7 +1263,7 @@
if (!empty($subdeldata)) {
foreach ($subdeldata as $fld => $val) {
$subdn = $fld.'='.rcube_ldap_generic::quote_string($val).','.$dn;
- if (!$this->ldap->delete($subdn)) {
+ if (!$this->ldap->delete_entry($subdn)) {
return false;
}
}
@@ -1264,7 +1307,7 @@
$fld => $val,
'objectClass' => (array) $this->prop['sub_fields'][$fld],
);
- $this->ldap->add($subdn, $xf);
+ $this->ldap->add_entry($subdn, $xf);
}
}
@@ -1294,7 +1337,7 @@
if ($this->sub_filter) {
if ($entries = $this->ldap->list_entries($dn, $this->sub_filter)) {
foreach ($entries as $entry) {
- if (!$this->ldap->delete($entry['dn'])) {
+ if (!$this->ldap->delete_entry($entry['dn'])) {
$this->set_error(self::ERROR_SAVING, 'errorsaving');
return false;
}
@@ -1303,12 +1346,12 @@
}
// Delete the record.
- if (!$this->ldap->delete($dn)) {
+ if (!$this->ldap->delete_entry($dn)) {
$this->set_error(self::ERROR_SAVING, 'errorsaving');
return false;
}
- // remove contact from all groups where he was member
+ // remove contact from all groups where he was a member
if ($this->groups) {
$dn = self::dn_encode($dn);
$group_ids = $this->get_record_groups($dn);
@@ -1341,7 +1384,7 @@
if ($with_groups && $this->groups && ($groups = $this->_fetch_groups()) && count($groups)) {
foreach ($groups as $group) {
- $this->ldap->delete($group['dn']);
+ $this->ldap->delete_entry($group['dn']);
}
if ($this->cache) {
@@ -1407,6 +1450,16 @@
$out['_type'] = 'group';
$out['readonly'] = true;
$fieldmap['name'] = $this->group_data['name_attr'] ? $this->group_data['name_attr'] : $this->prop['groups']['name_attr'];
+ }
+
+ // assign object type from object class mapping
+ if (!empty($this->prop['class_type_map'])) {
+ foreach (array_map('strtolower', (array)$rec['objectclass']) as $objcls) {
+ if (!empty($this->prop['class_type_map'][$objcls])) {
+ $out['_type'] = $this->prop['class_type_map'][$objcls];
+ break;
+ }
+ }
}
foreach ($fieldmap as $rf => $lf)
@@ -1504,7 +1557,6 @@
return $ldap_data;
}
-
/**
* Returns unified attribute name (resolving aliases)
*/
@@ -1536,17 +1588,6 @@
}
/**
- * Prints debug info to the log
- */
- private function _debug($str)
- {
- if ($this->debug) {
- rcube::write_log('ldap', $str);
- }
- }
-
-
- /**
* Activate/deactivate debug mode
*
* @param boolean $dbg True if LDAP commands should be logged
@@ -1556,10 +1597,9 @@
$this->debug = $dbg;
if ($this->ldap) {
- $this->ldap->set_debug($dbg);
+ $this->ldap->config_set('debug', $dbg);
}
}
-
/**
* Setter for the current group
@@ -1593,12 +1633,12 @@
return array();
}
- $group_cache = $this->_fetch_groups();
+ $group_cache = $this->_fetch_groups($search, $mode);
$groups = array();
if ($search) {
foreach ($group_cache as $group) {
- if ($this->compare_search_value('name', $group['name'], $search, $mode)) {
+ if ($this->compare_search_value('name', $group['name'], mb_strtolower($search), $mode)) {
$groups[] = $group;
}
}
@@ -1613,10 +1653,19 @@
/**
* Fetch groups from server
*/
- private function _fetch_groups($vlv_page = null)
+ private function _fetch_groups($search = null, $mode = 0, $vlv_page = null)
{
+ // reset group search cache
+ if ($search !== null && $vlv_page === null) {
+ $this->group_search_cache = null;
+ }
+ // return in-memory cache from previous search results
+ else if (is_array($this->group_search_cache) && $vlv_page === null) {
+ return $this->group_search_cache;
+ }
+
// special case: list groups from 'group_filters' config
- if ($vlv_page === null && !empty($this->prop['group_filters'])) {
+ if ($vlv_page === null && $search === null && is_array($this->prop['group_filters'])) {
$groups = array();
$rcube = rcube::get_instance();
@@ -1633,7 +1682,7 @@
return $groups;
}
- if ($this->cache && $vlv_page === null && ($groups = $this->cache->get('groups')) !== null) {
+ if ($this->cache && $search === null && $vlv_page === null && ($groups = $this->cache->get('groups')) !== null) {
return $groups;
}
@@ -1655,12 +1704,26 @@
}
$ldap = clone $this->ldap;
- $ldap->set_config($this->prop['groups']);
+ $ldap->config_set($this->prop['groups']);
$ldap->set_vlv_page($vlv_page+1, $page_size);
}
- $attrs = array_unique(array('dn', 'objectClass', $name_attr, $email_attr, $sort_attr));
- $ldap_data = $ldap->search($base_dn, $filter, $scope, $attrs, $this->prop['groups']);
+ $props = array('sort' => $this->prop['groups']['sort']);
+ $attrs = array_unique(array('dn', 'objectClass', $name_attr, $email_attr, $sort_attr));
+
+ // add search filter
+ if ($search !== null) {
+ // set wildcards
+ $wp = $ws = '';
+ if (!empty($this->prop['fuzzy_search']) && $mode != 1) {
+ $ws = '*';
+ $wp = !$mode ? '*' : '';
+ }
+ $filter = "(&$filter($name_attr=$wp" . rcube_ldap_generic::quote_string($search) . "$ws))";
+ $props['search'] = $wp . $search . $ws;
+ }
+
+ $ldap_data = $ldap->search($base_dn, $filter, $scope, $attrs, $props);
if ($ldap_data === false) {
return array();
@@ -1697,7 +1760,7 @@
// call recursively until we have fetched all groups
while ($this->prop['groups']['vlv'] && $group_count == $page_size) {
- $next_page = $this->_fetch_groups(++$vlv_page);
+ $next_page = $this->_fetch_groups($search, $mode, ++$vlv_page);
$groups = array_merge($groups, $next_page);
$group_count = count($next_page);
}
@@ -1708,8 +1771,11 @@
}
// cache this
- if ($this->cache) {
+ if ($this->cache && $search === null) {
$this->cache->set('groups', $groups);
+ }
+ else if ($search !== null) {
+ $this->group_search_cache = $groups;
}
return $groups;
@@ -1779,7 +1845,7 @@
$member_attr => '',
);
- if (!$this->ldap->add($new_dn, $new_entry)) {
+ if (!$this->ldap->add_entry($new_dn, $new_entry)) {
$this->set_error(self::ERROR_SAVING, 'errorsaving');
return false;
}
@@ -1802,7 +1868,7 @@
$group_cache = $this->_fetch_groups();
$del_dn = $group_cache[$group_id]['dn'];
- if (!$this->ldap->delete($del_dn)) {
+ if (!$this->ldap->delete_entry($del_dn)) {
$this->set_error(self::ERROR_SAVING, 'errorsaving');
return false;
}
@@ -1937,7 +2003,7 @@
$filter = strtr("(|(member=$contact_dn)(uniqueMember=$contact_dn)$add_filter)", array('\\' => '\\\\'));
$ldap_data = $this->ldap->search($base_dn, $filter, 'sub', array('dn', $name_attr));
- if ($res === false) {
+ if ($ldap_data === false) {
return array();
}
--
Gitblit v1.9.1