dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import encrypt in header functions (closes: #983)

Browse Source
This commit is contained in:
Xavier Guimard 2016-03-23 12:55:09 +00:00
parent 3a1977e0d6
commit 5a04d1ff61
5 changed files with 41 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm
View File

@ -162,9 +162,7 @@ sub iso2unicode {
# @param value Value to check
# @return int Number of values that match
sub groupMatch {
my $groups = shift;
my $attribute = shift;
my $value = shift;
my ( $groups, $attribute, $value ) = @_;
my $match = 0;

10
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Jail.pm
View File

@ -15,8 +15,8 @@ has jail => ( is => 'rw' );
our $VERSION = '2.0.0';
our $datas;
*datas = *Lemonldap::NG::Handler::Main::SharedVariables::datas;
*tsv = *Lemonldap::NG::Handler::Main::SharedVariables::tsv;
## @imethod protected build_jail()
# Build and return the security jail used to compile rules and headers.
@ -70,12 +70,18 @@ sub build_jail {
&unparsed_uri &args &method &header_in )
]
);
$self->jail->share_from( __PACKAGE__, [ @t, '&datas' ] );
$self->jail->share_from( __PACKAGE__,
[ @t, '&tsv', '&datas', '&encrypt' ] );
$self->jail->share_from( 'MIME::Base64', ['&encode_base64'] );
return $self->jail;
}
# Import crypto methods for jail
sub encrypt {
return &tsv->{cipher}->encrypt(@_);
}
## @method reval
# Fake reval method if useSafeJail is off
sub reval {

1
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/SharedVariables.pm
View File

@ -54,6 +54,7 @@ BEGIN {
\$_v->{$_} = \$v if(\$v);
return \$_v->{$_};
}";
die $@ if ($@);
}
}

35
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm
View File

@ -28,7 +28,8 @@ sub types {
'encode_base64', 'checkLogonHours',
'date', 'checkDate',
'basic', 'unicode2iso',
'iso2unicode', 'groupMatch'
'iso2unicode', 'groupMatch',
'encrypt'
);
push @cf, defined $conf->{'customFunctions'}
? map( {
@ -41,7 +42,7 @@ sub types {
$s = "sub $f {1} $s";
}
eval "$s $val";
return $@ ? ( 0, "__badExpression__: $@" ) : 1;
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
}
},
'catAndAppList' => {
@ -797,7 +798,8 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'encode_base64', 'checkLogonHours',
'date', 'checkDate',
'basic', 'unicode2iso',
'iso2unicode', 'groupMatch'
'iso2unicode', 'groupMatch',
'encrypt'
);
push @cf, defined $conf->{'customFunctions'}
? map( {
@ -810,7 +812,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
$s = "sub $f {1} $s";
}
eval $s;
return $@ ? ( 0, "__badExpression__: $@" ) : 1;
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
}
},
'type' => 'keyTextContainer'
@ -880,7 +882,8 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'encode_base64', 'checkLogonHours',
'date', 'checkDate',
'basic', 'unicode2iso',
'iso2unicode', 'groupMatch'
'iso2unicode', 'groupMatch',
'encrypt'
);
push @cf, defined $conf->{'customFunctions'}
? map( {
@ -893,7 +896,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
$s = "sub $f {1} $s";
}
eval "$s $val";
return $@ ? ( 0, "__badExpression__: $@" ) : 1;
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
},
'test' => sub {
1;
@ -909,7 +912,8 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'encode_base64', 'checkLogonHours',
'date', 'checkDate',
'basic', 'unicode2iso',
'iso2unicode', 'groupMatch'
'iso2unicode', 'groupMatch',
'encrypt'
);
push @cf, defined $conf->{'customFunctions'}
? map( {
@ -922,7 +926,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
$s = "sub $f {1} $s";
}
eval "$s $val";
return $@ ? ( 0, "__badExpression__: $@" ) : 1;
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
},
'type' => 'keyTextContainer'
},
@ -1189,7 +1193,8 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'encode_base64', 'checkLogonHours',
'date', 'checkDate',
'basic', 'unicode2iso',
'iso2unicode', 'groupMatch'
'iso2unicode', 'groupMatch',
'encrypt'
);
push @cf, defined $conf->{'customFunctions'}
? map( {
@ -1202,7 +1207,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
$s = "sub $f {1} $s";
}
eval $s;
return $@ ? ( 0, "__badExpression__: $@" ) : 1;
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
}
},
'type' => 'ruleContainer'
@ -1226,7 +1231,8 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'encode_base64', 'checkLogonHours',
'date', 'checkDate',
'basic', 'unicode2iso',
'iso2unicode', 'groupMatch'
'iso2unicode', 'groupMatch',
'encrypt'
);
push @cf, defined $conf->{'customFunctions'}
? map( {
@ -1239,7 +1245,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
$s = "sub $f {1} $s";
}
eval "$s $val";
return $@ ? ( 0, "__badExpression__: $@" ) : 1;
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
},
'type' => 'keyTextContainer'
},
@ -1843,7 +1849,8 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
'encode_base64', 'checkLogonHours',
'date', 'checkDate',
'basic', 'unicode2iso',
'iso2unicode', 'groupMatch'
'iso2unicode', 'groupMatch',
'encrypt'
);
push @cf, defined $conf->{'customFunctions'}
? map( {
@ -1856,7 +1863,7 @@ qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-
$s = "sub $f {1} $s";
}
eval "$s $val";
return $@ ? ( 0, "__badExpression__: $@" ) : 1;
return $@ ? ( 1, "__badExpression__: $@" ) : 1;
},
'msgFail' => '__badValue__',
'test' => qr/^\w+$/,

18
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm
View File

@ -12,9 +12,11 @@ use Regexp::Common qw/URI/;
my $perlExpr = sub {
my ( $val, $conf ) = @_;
my $s = '';
my @cf =
qw(encode_base64 checkLogonHours date checkDate basic unicode2iso iso2unicode groupMatch);
my $s = '';
my @cf = qw(
encode_base64 checkLogonHours date checkDate basic unicode2iso
iso2unicode groupMatch encrypt
);
push @cf,
defined $conf->{customFunctions}
? map { my $f = $_; $f =~ s/\w+:://g; ( $f, $_ ) }
@ -24,7 +26,7 @@ my $perlExpr = sub {
$s = "sub $f {1} $s";
}
eval "$s $val";
return $@ ? ( 0, "__badExpression__: $@" ) : (1);
return $@ ? ( 1, "__badExpression__: $@" ) : (1);
};
my $url = $RE{URI}{HTTP}{ -scheme => "https?" };
@ -921,7 +923,7 @@ sub attributes {
}
$s =~ s/\b(accept|deny|unprotect|skip)\b/1/g;
my @cf =
qw(encode_base64 checkLogonHours date checkDate basic unicode2iso iso2unicode groupMatch);
qw(encode_base64 checkLogonHours date checkDate basic unicode2iso iso2unicode groupMatch encrypt);
push @cf,
defined $conf->{customFunctions}
? map { my $f = $_; $f =~ s/\w+:://g; ( $f, $_ ) }
@ -931,7 +933,7 @@ sub attributes {
$s = "sub $f {1} $s";
}
eval $s;
return $@ ? ( 0, "__badExpression__: $@" ) : (1);
return $@ ? ( 1, "__badExpression__: $@" ) : (1);
},
msgFail => '__badExpression__',
},
@ -954,7 +956,7 @@ sub attributes {
my ( $val, $conf ) = @_;
my $s = $val;
my @cf =
qw(encode_base64 checkLogonHours date checkDate basic unicode2iso iso2unicode groupMatch);
qw(encode_base64 checkLogonHours date checkDate basic unicode2iso iso2unicode groupMatch encrypt);
push @cf,
defined $conf->{customFunctions}
? map { my $f = $_; $f =~ s/\w+:://g; ( $f, $_ ) }
@ -964,7 +966,7 @@ sub attributes {
$s = "sub $f {1} $s";
}
eval $s;
return $@ ? ( 0, "__badExpression__: $@" ) : (1);
return $@ ? ( 1, "__badExpression__: $@" ) : (1);
}
},
documentation => 'Virtualhost headers',