Safer check on ad domain string (#293)

* Remove check for ad format

* Only check the dc string exist if schema is ad

* Make sure AD domain string doesnt contains cn= and ou=

freepbx/configure_users.php

@@ -28,11 +28,6 @@
 $results = $stmt->fetchAll(\PDO::FETCH_ASSOC);
 
 if ($_ENV['NETHVOICE_LDAP_SCHEMA'] === 'ad') {
-	# check if DOMAIN is in the right format
-	if (!preg_match('/DC=/i', $_ENV['NETHVOICE_LDAP_BASE'])) {
-		echo "Invalid DOMAIN format\n";
-		exit(1);
-	}
 	# extract username from LDAP user
 	if (preg_match('/^([^@]*)@([^@]*)$/', $_ENV['NETHVOICE_LDAP_USER'],$tmp)) {
 		# user: username@domain
@@ -50,7 +45,7 @@
 		"dn" => $_ENV['NETHVOICE_LDAP_BASE'],
 		"username" => $username,
 		"password" => $_ENV['NETHVOICE_LDAP_PASS'],
-		"domain" => preg_replace(['/DC=/i', '/,/i'], ['', '.'],$_ENV['NETHVOICE_LDAP_BASE']),
+		"domain" => preg_replace(['/OU=[^,]*,/i', '/CN=[^,]*,/i', '/DC=/i', '/,/i'], ['', '', '', '.'],$_ENV['NETHVOICE_LDAP_BASE']),
 		"connection" => '',
 		"localgroups" => '0',
 		"createextensions" => '',

imageroot/actions/configure-module/10validate_user_domain

@@ -26,7 +26,7 @@ if not domain or not domparams:
 
 if not 'host' in domparams or domparams['host'] == '' or \
    not 'port' in domparams or domparams['port'] == '' or \
-   not 'base_dn' in domparams or not re.search(r'dc=', domparams['base_dn'], re.IGNORECASE) or \
+   not 'base_dn' in domparams or (not re.search(r'dc=', domparams['base_dn'], re.IGNORECASE) and domparams['schema'].lower() == 'ad') or \
    not 'bind_password' in domparams or domparams['bind_password'] == '' or \
    not 'schema' in domparams or domparams['schema'] == '' or \
    not 'base_dn' in domparams or domparams['base_dn'] == '':