2014-06-27 12:33:09 +02:00
|
|
|
# Methods run at configuration reload
|
2014-06-30 11:35:32 +02:00
|
|
|
package Lemonldap::NG::Handler::Reload;
|
2014-03-13 16:07:36 +01:00
|
|
|
|
|
|
|
#use Lemonldap::NG::Handler::Main qw(:all);
|
|
|
|
use Lemonldap::NG::Common::Safelib; #link protected safe Safe object
|
|
|
|
use constant UNPROTECT => 1;
|
|
|
|
use constant SKIP => 2;
|
|
|
|
|
|
|
|
use Lemonldap::NG::Handler::Main::Jail;
|
|
|
|
use Lemonldap::NG::Handler::Main::Logger;
|
2014-06-16 11:44:39 +02:00
|
|
|
use Lemonldap::NG::Handler::API qw(:httpCodes);
|
2014-06-30 20:34:23 +02:00
|
|
|
use Lemonldap::NG::Common::Crypto;
|
2014-03-13 16:07:36 +01:00
|
|
|
|
2014-05-22 17:08:18 +02:00
|
|
|
our $VERSION = '1.4.0';
|
|
|
|
|
2014-06-30 20:34:23 +02:00
|
|
|
## @imethod void configReload(hashRef conf, hashRef tsv)
|
|
|
|
# Given a Lemonldap::NG configuration $conf, computes values used to
|
|
|
|
# handle requests and store them in a thread shared object called $tsv
|
|
|
|
#
|
|
|
|
# methods called by configReload, and thread shared values computed, are:
|
2014-07-02 13:23:40 +02:00
|
|
|
# - jailInit():
|
|
|
|
# - jail
|
|
|
|
# - defaultValuesInit():
|
2014-06-30 20:34:23 +02:00
|
|
|
# (scalars for global options)
|
|
|
|
# - cda
|
|
|
|
# - cookieExpiration # warning: absent from default Conf
|
|
|
|
# - cookieName
|
|
|
|
# - securedCookie,
|
|
|
|
# - httpOnly
|
|
|
|
# - whatToTrace
|
|
|
|
# - customFunctions
|
|
|
|
# - timeoutActivity
|
|
|
|
# - useRedirectOnError
|
|
|
|
# - useRedirectOnForbidden
|
|
|
|
# - useSafeJail
|
|
|
|
# (objects)
|
|
|
|
# - cipher # Lemonldap::NG::Common::Crypto object
|
|
|
|
# (hashrefs for vhost options)
|
|
|
|
# - https
|
|
|
|
# - port
|
|
|
|
# - maintenance
|
2014-07-02 13:23:40 +02:00
|
|
|
# - portalInit():
|
2014-06-30 20:34:23 +02:00
|
|
|
# - portal (functions that returns portal URL)
|
2014-07-02 13:23:40 +02:00
|
|
|
# - locationRulesInit():
|
2014-06-30 20:34:23 +02:00
|
|
|
# - locationCount
|
|
|
|
# - defaultCondition
|
|
|
|
# - defaultProtection
|
|
|
|
# - locationCondition
|
|
|
|
# - locationProtection
|
|
|
|
# - locationRegexp
|
|
|
|
# - locationConditionText
|
2014-07-02 13:23:40 +02:00
|
|
|
# - sessionStorageInit():
|
2014-06-30 20:34:23 +02:00
|
|
|
# - sessionStorageModule
|
|
|
|
# - sessionStorageOptions
|
|
|
|
# - sessionCacheModule
|
|
|
|
# - sessionCacheOptions
|
2014-07-02 13:23:40 +02:00
|
|
|
# - headersInit():
|
2014-06-30 20:34:23 +02:00
|
|
|
# - headerList
|
|
|
|
# - forgeHeaders
|
2014-07-02 13:23:40 +02:00
|
|
|
# - postUrlInit():
|
2014-07-07 20:30:42 +02:00
|
|
|
# - inputPostData
|
|
|
|
# - outputPostData
|
2014-07-02 13:23:40 +02:00
|
|
|
# - aliasInit():
|
2014-06-30 20:34:23 +02:00
|
|
|
# - vhostAlias
|
2014-07-02 13:23:40 +02:00
|
|
|
#
|
|
|
|
# The *Init() methods can be run in any order,
|
|
|
|
# but jailInit must be run first because $tsv->{jail}
|
|
|
|
# is used by locationRulesInit, headersInit and postUrlInit.
|
2014-06-30 20:34:23 +02:00
|
|
|
|
|
|
|
# @param $conf reference to the configuration hash
|
|
|
|
# @param $tsv reference to the thread-shared parameters conf
|
|
|
|
sub configReload {
|
|
|
|
my ( $class, $conf, $tsv ) = @_;
|
2014-07-03 17:21:06 +02:00
|
|
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
|
|
|
"Loading configuration $conf->{cfgNum} for process $$", "info" );
|
2014-06-30 20:34:23 +02:00
|
|
|
|
2014-07-03 17:21:06 +02:00
|
|
|
foreach my $sub (
|
|
|
|
qw( jailInit defaultValuesInit portalInit locationRulesInit
|
2014-07-07 20:30:42 +02:00
|
|
|
sessionStorageInit headersInit postUrlInit aliasInit ) ) {
|
2014-07-03 17:21:06 +02:00
|
|
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
|
|
|
"Process $$ calls $sub", "debug" );
|
|
|
|
$class->$sub( $conf, $tsv );
|
|
|
|
}
|
2014-06-30 20:34:23 +02:00
|
|
|
return 1;
|
|
|
|
}
|
2014-03-13 16:07:36 +01:00
|
|
|
|
2014-07-02 13:23:40 +02:00
|
|
|
## @imethod protected void jailInit(hashRef args)
|
|
|
|
# Set default values for non-customized variables
|
|
|
|
# @param $args reference to the configuration hash
|
|
|
|
sub jailInit {
|
|
|
|
my ( $class, $conf, $tsv ) = @_;
|
|
|
|
|
|
|
|
$tsv->{jail} = Lemonldap::NG::Handler::Main::Jail->new(
|
2014-07-07 11:54:13 +02:00
|
|
|
'jail' => $tsv->{jail},
|
2014-07-02 13:23:40 +02:00
|
|
|
'useSafeJail' => $conf->{useSafeJail},
|
|
|
|
'customFunctions' => $conf->{customFunctions}
|
|
|
|
);
|
2014-07-07 11:54:13 +02:00
|
|
|
$tsv->{jail}->build_jail();
|
2014-07-02 13:23:40 +02:00
|
|
|
}
|
2014-03-13 16:07:36 +01:00
|
|
|
|
|
|
|
## @imethod protected void defaultValuesInit(hashRef args)
|
|
|
|
# Set default values for non-customized variables
|
|
|
|
# @param $args reference to the configuration hash
|
|
|
|
sub defaultValuesInit {
|
2014-06-30 20:34:23 +02:00
|
|
|
my ( $class, $conf, $tsv ) = @_;
|
|
|
|
|
|
|
|
$tsv->{$_} = $conf->{$_}
|
|
|
|
foreach (qw(
|
|
|
|
cda cookieExpiration cookieName
|
|
|
|
customFunctions httpOnly securedCookie
|
|
|
|
timeoutActivity useRedirectOnError useRedirectOnForbidden
|
|
|
|
useSafeJail whatToTrace
|
|
|
|
));
|
|
|
|
|
|
|
|
$tsv->{cipher} = Lemonldap::NG::Common::Crypto->new($conf->{key});
|
2014-03-13 16:07:36 +01:00
|
|
|
|
2014-06-30 20:34:23 +02:00
|
|
|
foreach my $opt (qw(https port maintenance)) {
|
|
|
|
next unless defined $conf->{$opt};
|
2014-03-13 16:07:36 +01:00
|
|
|
|
|
|
|
# Record default value in key '_'
|
2014-06-30 20:34:23 +02:00
|
|
|
$tsv->{$opt} = { _ => $conf->{$opt} };
|
2014-03-13 16:07:36 +01:00
|
|
|
|
|
|
|
# Override with vhost options
|
2014-06-30 20:34:23 +02:00
|
|
|
if ( $conf->{vhostOptions} ) {
|
|
|
|
my $name = 'vhost' . ucfirst($opt);
|
|
|
|
foreach my $vhost ( keys %{ $conf->{vhostOptions} } ) {
|
|
|
|
my $val = $conf->{vhostOptions}->{$vhost}->{$name};
|
|
|
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
|
|
|
"Options $opt for vhost $vhost: $val", 'debug' );
|
|
|
|
$tsv->{$opt}->{$vhost} = $val
|
|
|
|
if ( $val >= 0 ); # Keep default value if $val is negative
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2014-06-30 20:34:23 +02:00
|
|
|
return 1;
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
## @imethod protected void portalInit(hashRef args)
|
|
|
|
# Verify that portal variable exists. Die unless
|
|
|
|
# @param $args reference to the configuration hash
|
|
|
|
sub portalInit {
|
2014-06-30 20:34:23 +02:00
|
|
|
my ( $class, $conf, $tsv ) = @_;
|
|
|
|
die("portal parameter required") unless ( $conf->{portal} );
|
|
|
|
if ( $conf->{portal} =~ /[\$\(&\|"']/ ) {
|
|
|
|
($tsv->{portal}) = $class->conditionSub( $conf->{portal}, $tsv );
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
else {
|
2014-06-30 20:34:23 +02:00
|
|
|
$tsv->{portal} = sub { return $conf->{portal} };
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
2014-06-30 20:34:23 +02:00
|
|
|
return 1;
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
## @imethod void locationRulesInit(hashRef args)
|
|
|
|
# Compile rules.
|
|
|
|
# Rules are stored in $args->{locationRules}->{<virtualhost>} that contains
|
|
|
|
# regexp=>test expressions where :
|
|
|
|
# - regexp is used to test URIs
|
|
|
|
# - test contains an expression used to grant the user
|
|
|
|
#
|
|
|
|
# This function creates 2 hashRef containing :
|
|
|
|
# - one list of the compiled regular expressions for each virtual host
|
|
|
|
# - one list of the compiled functions (compiled with conditionSub()) for each
|
|
|
|
# virtual host
|
|
|
|
# @param $args reference to the configuration hash
|
|
|
|
sub locationRulesInit {
|
2014-06-30 20:34:23 +02:00
|
|
|
my ( $class, $conf, $tsv ) = @_;
|
2014-03-13 16:07:36 +01:00
|
|
|
|
2014-07-02 13:23:40 +02:00
|
|
|
while ( my ( $vhost, $rules ) = each( %{ $conf->{locationRules} } ) ) {
|
|
|
|
foreach my $url ( sort keys %{ $rules } ) {
|
2014-06-30 20:34:23 +02:00
|
|
|
my ( $cond, $prot )
|
2014-07-02 13:23:40 +02:00
|
|
|
= $class->conditionSub( $rules->{$url}, $tsv );
|
2014-06-30 20:34:23 +02:00
|
|
|
|
2014-07-02 13:23:40 +02:00
|
|
|
if ( $url eq 'default' ) {
|
2014-06-30 20:34:23 +02:00
|
|
|
$tsv->{defaultCondition}->{$vhost} = $cond;
|
|
|
|
$tsv->{defaultProtection}->{$vhost} = $prot;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
push @{ $tsv->{locationCondition}->{$vhost} } , $cond;
|
|
|
|
push @{ $tsv->{locationProtection}->{$vhost} }, $prot;
|
2014-07-02 13:23:40 +02:00
|
|
|
push @{ $tsv->{locationRegexp}->{$vhost} } , qr/$url/;
|
2014-06-30 20:34:23 +02:00
|
|
|
push @{ $tsv->{locationConditionText}->{$vhost} },
|
2014-07-02 13:23:40 +02:00
|
|
|
/^\(\?#(.*?)\)/ ? $1 : /^(.*?)##(.+)$/ ? $2 : $url;
|
2014-06-30 20:34:23 +02:00
|
|
|
$tsv->{locationCount}->{$vhost}++;
|
|
|
|
}
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
|
2014-06-30 20:34:23 +02:00
|
|
|
# Default policy set to 'accept'
|
2014-07-02 13:21:24 +02:00
|
|
|
unless ( $tsv->{defaultCondition}->{$vhost} ) {
|
2014-06-30 20:34:23 +02:00
|
|
|
$tsv->{defaultCondition}->{$vhost} = sub { 1 };
|
|
|
|
$tsv->{defaultProtection}->{$vhost} = 0;
|
|
|
|
}
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
2014-06-30 20:34:23 +02:00
|
|
|
return 1;
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
|
2014-06-30 20:34:23 +02:00
|
|
|
## @imethod protected void sessionStorageInit(hashRef args)
|
|
|
|
# Initialize the Apache::Session::* module choosed to share user's variables
|
|
|
|
# and the Cache::Cache module choosed to cache sessions
|
2014-03-13 16:07:36 +01:00
|
|
|
# @param $args reference to the configuration hash
|
2014-06-30 20:34:23 +02:00
|
|
|
sub sessionStorageInit {
|
|
|
|
my ( $class, $conf, $tsv ) = @_;
|
|
|
|
$tsv->{sessionStorageModule} = $conf->{globalStorage}
|
2014-03-13 16:07:36 +01:00
|
|
|
or die("globalStorage required");
|
2014-06-30 20:34:23 +02:00
|
|
|
eval "use $tsv->{sessionStorageModule}";
|
2014-03-13 16:07:36 +01:00
|
|
|
die($@) if ($@);
|
2014-06-30 20:34:23 +02:00
|
|
|
$tsv->{sessionStorageOptions} = $conf->{globalStorageOptions};
|
|
|
|
|
|
|
|
if ($conf->{localSessionStorage}) {
|
|
|
|
$tsv->{sessionCacheModule} = $conf->{localSessionStorage};
|
|
|
|
$tsv->{sessionCacheOptions} = $conf->{localSessionStorageOptions};
|
|
|
|
$tsv->{sessionCacheOptions}->{default_expires_in} ||= 600;
|
|
|
|
|
|
|
|
if ($conf->{status}) {
|
|
|
|
my $params = "";
|
|
|
|
if ($tsv->{sessionCacheModule}) {
|
|
|
|
require Data::Dumper;
|
2014-07-03 11:46:20 +02:00
|
|
|
$params = " $tsv->{sessionCacheModule},"
|
2014-06-30 20:34:23 +02:00
|
|
|
. Data::Dumper->new( [ $tsv->{sessionCacheOptions} ] )
|
|
|
|
->Terse(1)->Indent(0)->Dump; # To send params on one line
|
|
|
|
}
|
|
|
|
print { $tsv->{statusPipe} } "RELOADCACHE$params";
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
}
|
2014-06-30 20:34:23 +02:00
|
|
|
return 1;
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
|
2014-06-30 20:34:23 +02:00
|
|
|
## @imethod void headersInit(hashRef args)
|
|
|
|
# Create the subroutines used to insert headers into the HTTP request.
|
2014-03-13 16:07:36 +01:00
|
|
|
# @param $args reference to the configuration hash
|
2014-06-30 20:34:23 +02:00
|
|
|
sub headersInit {
|
|
|
|
my ( $class, $conf, $tsv ) = @_;
|
2014-03-13 16:07:36 +01:00
|
|
|
|
|
|
|
# Creation of the subroutine which will generate headers
|
2014-06-30 20:34:23 +02:00
|
|
|
foreach my $vhost ( keys %{ $conf->{exportedHeaders} } ) {
|
|
|
|
my %headers = %{ $conf->{exportedHeaders}->{$vhost} };
|
|
|
|
$tsv->{headerList}->{$vhost} = [ keys %headers ];
|
|
|
|
my $sub;
|
|
|
|
foreach ( keys %headers ) {
|
2014-07-01 11:31:53 +02:00
|
|
|
my $val = $class->substitute($headers{$_});
|
2014-06-30 20:34:23 +02:00
|
|
|
$sub .= "'$_' => $val,";
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
|
2014-06-30 20:34:23 +02:00
|
|
|
$tsv->{forgeHeaders}->{$vhost} = $tsv->{jail}->jail_reval("sub{$sub}");
|
|
|
|
|
|
|
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
|
|
|
"$self: Unable to forge headers: $@: sub {$sub}", 'error' )
|
|
|
|
if ($@);
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
2014-06-30 20:34:23 +02:00
|
|
|
return 1;
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
## @imethod protected void postUrlInit()
|
|
|
|
# Prepare methods to post form attributes
|
|
|
|
sub postUrlInit {
|
2014-07-07 20:30:42 +02:00
|
|
|
my ( $class, $conf, $tsv ) = @_;
|
|
|
|
return unless ( $conf->{post} );
|
2014-03-13 16:07:36 +01:00
|
|
|
|
|
|
|
# Browse all vhost
|
2014-07-07 20:30:42 +02:00
|
|
|
foreach my $vhost ( keys %{ $conf->{post} } ) {
|
|
|
|
# Browse all POST URI
|
|
|
|
while ( my ( $url, $d ) = each( %{ $conf->{post}->{$vhost} } ) ) {
|
|
|
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
|
|
|
"Compiling POST data for $url", 'debug' );
|
|
|
|
|
|
|
|
# Where to POST
|
2014-07-09 15:04:42 +02:00
|
|
|
my ( $postUrl, $jqueryUrl, $formSelector, $buttonSelector )
|
|
|
|
= split( /\|/, $d->{postUrl} );
|
|
|
|
$postUrl ||= $url;
|
2014-07-07 20:30:42 +02:00
|
|
|
|
|
|
|
my $sub;
|
|
|
|
while ( my ( $input, $value ) = each( %{ $d->{expr} } ) ) {
|
|
|
|
my $val = $class->substitute($value);
|
|
|
|
$sub .= "'$input' => $val,";
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
2014-07-09 15:04:42 +02:00
|
|
|
$tsv->{inputPostData}->{$vhost}->{$postUrl}
|
2014-07-07 20:30:42 +02:00
|
|
|
= $tsv->{outputPostData}->{$vhost}->{$url}
|
|
|
|
= $tsv->{jail}->jail_reval("sub{$sub}");
|
2014-07-09 15:04:42 +02:00
|
|
|
|
|
|
|
$tsv->{postFormParams}->{$vhost}->{$url} = {
|
|
|
|
jqueryUrl => $jqueryUrl,
|
|
|
|
formSelector => $formSelector,
|
|
|
|
buttonSelector => $buttonSelector
|
|
|
|
};
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
}
|
2014-07-07 20:30:42 +02:00
|
|
|
return 1;
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
## @imethod protected codeRef conditionSub(string cond)
|
|
|
|
# Returns a compiled function used to grant users (used by
|
|
|
|
# locationRulesInit(). The second value returned is a non null
|
|
|
|
# constant if URL is not protected (by "unprotect" or "skip"), 0 else.
|
|
|
|
# @param $cond The boolean expression to use
|
2014-06-30 20:34:23 +02:00
|
|
|
# @param $mainClass optional
|
2014-03-13 16:07:36 +01:00
|
|
|
# @return array (ref(sub), int)
|
|
|
|
sub conditionSub {
|
2014-06-30 20:34:23 +02:00
|
|
|
my ( $class, $cond, $tsv ) = @_;
|
2014-03-13 16:07:36 +01:00
|
|
|
my ( $OK, $NOK ) = ( sub { 1 }, sub { 0 } );
|
|
|
|
|
|
|
|
# Simple cases : accept and deny
|
|
|
|
return ( $OK, 0 )
|
|
|
|
if ( $cond =~ /^accept$/i );
|
|
|
|
return ( $NOK, 0 )
|
|
|
|
if ( $cond =~ /^deny$/i );
|
|
|
|
|
|
|
|
# Cases unprotect and skip : 2nd value is 1 or 2
|
|
|
|
return ( $OK, UNPROTECT )
|
|
|
|
if ( $cond =~ /^unprotect$/i );
|
|
|
|
return ( $OK, SKIP )
|
|
|
|
if ( $cond =~ /^skip$/i );
|
|
|
|
|
|
|
|
# Case logout
|
|
|
|
if ( $cond =~ /^logout(?:_sso)?(?:\s+(.*))?$/i ) {
|
|
|
|
my $url = $1;
|
|
|
|
return (
|
|
|
|
$url
|
|
|
|
? (
|
|
|
|
sub {
|
|
|
|
$Lemonldap::NG::Handler::Main::datas->{_logout} = $url;
|
|
|
|
return 0;
|
|
|
|
},
|
|
|
|
0
|
|
|
|
)
|
|
|
|
: (
|
|
|
|
sub {
|
|
|
|
$Lemonldap::NG::Handler::Main::datas->{_logout} =
|
2014-06-30 20:34:23 +02:00
|
|
|
&{ $tsv->{portal} }();
|
2014-03-13 16:07:36 +01:00
|
|
|
return 0;
|
|
|
|
},
|
|
|
|
0
|
|
|
|
)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
# Since filter exists only with Apache>=2, logout_app and logout_app_sso
|
|
|
|
# targets are available only for it.
|
|
|
|
# This error can also appear with Manager configured as CGI script
|
|
|
|
if ( $cond =~ /^logout_app/i and MP() < 2 ) {
|
|
|
|
Lemonldap::NG::Handler::Main::Logger->lmLog(
|
|
|
|
"Rules logout_app and logout_app_sso require Apache>=2", 'warn' );
|
|
|
|
return ( sub { 1 }, 0 );
|
|
|
|
}
|
|
|
|
|
|
|
|
# logout_app
|
|
|
|
if ( $cond =~ /^logout_app(?:\s+(.*))?$/i ) {
|
2014-06-30 20:34:23 +02:00
|
|
|
my $u = $1 || &{ $tsv->{portal} }();
|
2014-03-13 16:07:36 +01:00
|
|
|
eval 'use Apache2::Filter' unless ( $INC{"Apache2/Filter.pm"} );
|
|
|
|
return (
|
|
|
|
sub {
|
2014-06-19 19:53:04 +02:00
|
|
|
my $r = shift;
|
|
|
|
$r->add_output_filter(
|
2014-03-13 16:07:36 +01:00
|
|
|
sub {
|
2014-06-30 20:34:23 +02:00
|
|
|
return Lemonldap::NG::Handler::Main->redirectFilter( $u, @_ );
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
);
|
|
|
|
1;
|
|
|
|
},
|
|
|
|
0
|
|
|
|
);
|
|
|
|
}
|
|
|
|
elsif ( $cond =~ /^logout_app_sso(?:\s+(.*))?$/i ) {
|
|
|
|
eval 'use Apache2::Filter' unless ( $INC{"Apache2/Filter.pm"} );
|
2014-06-30 20:34:23 +02:00
|
|
|
my $u = $1 || &{ $tsv->{portal} }();
|
2014-03-13 16:07:36 +01:00
|
|
|
return (
|
|
|
|
sub {
|
2014-06-19 19:53:04 +02:00
|
|
|
my $r = shift;
|
2014-06-30 20:34:23 +02:00
|
|
|
Lemonldap::NG::Handler::Main->localUnlog;
|
2014-06-19 19:53:04 +02:00
|
|
|
$r->add_output_filter(
|
2014-03-13 16:07:36 +01:00
|
|
|
sub {
|
2014-06-19 19:53:04 +02:00
|
|
|
my $r = shift->r;
|
2014-06-30 20:34:23 +02:00
|
|
|
return Lemonldap::NG::Handler::Main->redirectFilter(
|
|
|
|
&{ $tsv->{portal} }() . "?url="
|
|
|
|
. Lemonldap::NG::Handler::Main->encodeUrl( $r, $u )
|
2014-03-13 16:07:36 +01:00
|
|
|
. "&logout=1",
|
|
|
|
@_
|
|
|
|
);
|
|
|
|
}
|
|
|
|
);
|
|
|
|
1;
|
|
|
|
},
|
|
|
|
0
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
# Replace some strings in condition
|
2014-07-01 11:31:53 +02:00
|
|
|
$cond = $class->substitute($cond);
|
2014-06-30 20:34:23 +02:00
|
|
|
my $sub = $tsv->{jail}->jail_reval("sub{return($cond)}");
|
2014-03-13 16:07:36 +01:00
|
|
|
|
|
|
|
# Return sub and protected flag
|
|
|
|
return ( $sub, 0 );
|
|
|
|
}
|
|
|
|
|
2014-06-30 20:34:23 +02:00
|
|
|
## @method arrayref aliasInit
|
2014-03-13 16:07:36 +01:00
|
|
|
# @param options vhostOptions configuration item
|
|
|
|
# @return arrayref of vhost and aliases
|
2014-06-30 20:34:23 +02:00
|
|
|
sub aliasInit {
|
|
|
|
my ( $class, $conf, $tsv ) = @_;
|
|
|
|
|
|
|
|
foreach my $vhost ( keys %{ $conf->{options} } ) {
|
|
|
|
if ( my $aliases = $conf->{options}->{$vhost}->{vhostAliases} ) {
|
|
|
|
foreach ( split /\s+/, $aliases ) {
|
|
|
|
$tsv->{vhostAlias}->{$_} = $vhost;
|
|
|
|
}
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
}
|
2014-06-30 20:34:23 +02:00
|
|
|
return 1;
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
2014-06-30 20:34:23 +02:00
|
|
|
# TODO: support wildcards in aliases
|
2014-03-13 16:07:36 +01:00
|
|
|
|
2014-07-01 11:31:53 +02:00
|
|
|
sub substitute {
|
2014-07-01 11:42:15 +02:00
|
|
|
my ( $class, $expr ) = @_;
|
2014-07-01 11:31:53 +02:00
|
|
|
|
2014-07-04 10:36:38 +02:00
|
|
|
# substitute special vars, just for retro-compatibility
|
|
|
|
$expr =~ s/\$date\b/&date/g;
|
|
|
|
$expr =~ s/\$vhost\b/&hostname/g;
|
|
|
|
$expr =~ s/\$ip\b/&remote_ip/g;
|
2014-07-01 11:31:53 +02:00
|
|
|
|
|
|
|
# substitute vars with session datas, excepts special vars $_ and $\d+
|
|
|
|
$expr =~ s/\$((?!_|\d+)\w+)/\$datas->{$1}/g;
|
|
|
|
|
|
|
|
return $expr;
|
2014-03-13 16:07:36 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
1;
|