ldap export: fix $crypt_password

[freeside.git] / FS / FS / part_export / ldap.pm

diff --git a/FS/FS/part_export/ldap.pm b/FS/FS/part_export/ldap.pm
index ec1d37f..fd7f11d 100644 (file)
--- a/FS/FS/part_export/ldap.pm
+++ b/FS/FS/part_export/ldap.pm
@@ -1,11 +1,13 @@
 package FS::part_export::ldap;
 
-use vars qw(@ISA);
+use vars qw(@ISA @saltset);
 use FS::Record qw( dbh );
 use FS::part_export;
 
 @ISA = qw(FS::part_export);
 
+@saltset = ( 'a'..'z' , 'A'..'Z' , '0'..'9' , '.' , '/' );
+
 sub rebless { shift; }
 
 sub _export_insert {
@@ -26,8 +28,10 @@ sub _export_insert {
   $crypt_password = crypt( $svc_acct->_password,
                              $saltset[int(rand(64))].$saltset[int(rand(64))] );
 
-
-  my %attrib = map    { /^\s*(\w+)\s+(.*\S)\s*$/; ( $1 => eval(qq("$2")) ); }
+  my $username_attrib;
+  my %attrib = map    { /^\s*(\w+)\s+(.*\S)\s*$/;
+                        $username_attrib = $1 if $2 eq '$username';
+                        ( $1 => eval(qq("$2")) );                   }
                  grep { /^\s*(\w+)\s+(.*\S)\s*$/ }
                    split("\n", $self->option('attributes'));
 
@@ -44,6 +48,7 @@ sub _export_insert {
 
   my $err_or_queue = $self->ldap_queue( $svc_acct->svcnum, 'insert',
     #$svc_acct->username,
+    $username_attrib,
     %attrib );
   return $err_or_queue unless ref($err_or_queue);
 
@@ -197,16 +202,24 @@ sub ldap_queue {
     $self->machine,
     $self->option('dn'),
     $self->option('password'),
+    $self->option('userdn'),
     @_,
   ) or $queue;
 }
 
 sub ldap_insert { #subroutine, not method
-  my $dn = ldap_connect(shift, shift, shift);
-  my %attrib = @_;
+  my $ldap = ldap_connect(shift, shift, shift);
+  my( $userdn, $username_attrib, %attrib ) = @_;
+
+  $userdn = "$username_attrib=$attrib{$username_attrib}, $userdn"
+    if $username_attrib;
+  #icky hack, but should be unsurprising to the LDAPers
+  foreach my $key ( grep { $attrib{$_} =~ /,/ } keys %attrib ) {
+    $attrib{$key} = [ split(/,/, $attrib{$key}) ]; 
+  }
 
-  my $status = $ldap->add( $dn, attrs => [ %attrib ] );
-  die $status->error if $status->is_error;
+  my $status = $ldap->add( $userdn, attrs => [ %attrib ] );
+  die 'LDAP error: '. $status->error. "\n" if $status->is_error;
 
   $ldap->unbind;
 }
@@ -225,14 +238,16 @@ sub ldap_insert { #subroutine, not method
 
 sub ldap_connect {
   my( $machine, $dn, $password ) = @_;
+  my %bind_options;
+  $bind_options{password} = $password if length($password);
 
   eval "use Net::LDAP";
   die $@ if $@;
 
-  my $ldap = Net::LDAP->net($machine) or die $@;
-  my $status = $ldap->bind( $dn, password=>$password );
-  die $status->error if $status->is_error;
+  my $ldap = Net::LDAP->new($machine) or die $@;
+  my $status = $ldap->bind( $dn, %bind_options );
+  die 'LDAP error: '. $status->error. "\n" if $status->is_error;
 
-  $dn;
+  $ldap;
 }