koozali
/
smeserver-lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix externalSSLAccess with netmask < 32 

GLPI #38307
This commit is contained in:
Daniel Berteaud 2019-09-03 10:18:52 +02:00
parent e70ce66b40
commit 575c129428
1 changed files with 6 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
root/etc/e-smith/templates/var/lib/lemonldap-ng/conf/lmConf/025localnet
View File

@ -1,42 +1,39 @@
{ {
my $reg = '$ipAddr =~ /^'; my $reg = '$ipAddr =~ /^';
my $count = 0;
# Build a regexp to check if the client IP # Build a regexp to check if the client IP
# is part of a local network # is part of a local network
# Then, we can easily use this macro to restrict # Then, we can easily use this macro to restrict
# access to local networks on some applications # access to local networks on some applications
my @net = ();
foreach my $net ($n->networks){ foreach my $net ($n->networks){
my $addr = $net->key; my $addr = $net->key;
my $mask = $net->prop('Mask') || '255.255.255.255'; my $mask = $net->prop('Mask') || '255.255.255.255';
$reg .= '|' if ($count > 0);
foreach (esmith::util::computeAllLocalNetworkPrefixes($addr,$mask)){ foreach (esmith::util::computeAllLocalNetworkPrefixes($addr,$mask)){
$reg .= "($_)"; push @net, "($_)";
$count++;
} }
} }
$reg .= join('|', @net);
$reg .= '/'; $reg .= '/';
$reg =~ s/\./\\\./g; $reg =~ s/\./\\\./g;
$conf->{'macros'}->{'localAccess'} = '(' . $reg . ") ? '1':'0'"; $conf->{'macros'}->{'localAccess'} = '(' . $reg . ") ? '1':'0'";
$reg = '$ipAddr =~ /^'; $reg = '$ipAddr =~ /^';
$count = 0; @net = ();
# Do the same for extenal SSL access # Do the same for extenal SSL access
foreach my $net (split(/[;,]/,(${'httpd-admin'}{'ValidFrom'} || ''))){ foreach my $net (split(/[;,]/,(${'httpd-admin'}{'ValidFrom'} || ''))){
my ($addr,$mask) = split(/\//,$net); my ($addr,$mask) = split(/\//,$net);
$reg .= '|' if ($count > 0);
foreach (esmith::util::computeAllLocalNetworkPrefixes($addr,$mask)){ foreach (esmith::util::computeAllLocalNetworkPrefixes($addr,$mask)){
$reg .= "($_)"; push @net, "($_)";
$count++;
} }
} }
$reg .= join('|', @net);
$reg .= '/'; $reg .= '/';
$reg =~ s/\./\\\./g; $reg =~ s/\./\\\./g;