105 lines
3.1 KiB
PHP
105 lines
3.1 KiB
PHP
<?php
|
|
|
|
#####
|
|
# Configuration Variables
|
|
#####
|
|
|
|
$domain = "home.johnhgaunt.com";
|
|
$baseDN = "DC=home,DC=johnhgaunt,DC=com";
|
|
$group = "OpenVPN";
|
|
$configFile = "../../private/vpn/Gaunt VPN.ovpn";
|
|
|
|
#####
|
|
# End of Variables
|
|
#####
|
|
|
|
if(isset($_POST['username']) && isset($_POST['password'])){
|
|
|
|
$adServer = "ldap://$domain";
|
|
$ad = ldap_connect($adServer);
|
|
$username = $_POST['username'];
|
|
$password = $_POST['password'];
|
|
|
|
ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3);
|
|
ldap_set_option($ad, LDAP_OPT_REFERRALS, 0);
|
|
|
|
$bind = @ldap_bind($ad, $username.'@'.$domain, $password);
|
|
|
|
if ($bind) {
|
|
if (checkGroup($ad, getDN($ad, $username, $baseDN), getDN($ad, $group, $baseDN))){
|
|
header('Content-Type: application/octet-stream');
|
|
header('Content-Disposition: attachment; filename="'.basename($configFile).'"');
|
|
header('Pragma: no-cache');
|
|
readfile("$configFile");
|
|
} else {
|
|
$message = "You are not authorized to access this page.";
|
|
}
|
|
ldap_unbind($ad);
|
|
} else {
|
|
$message = "Incorrect Username/Password.";
|
|
}
|
|
} else {
|
|
?>
|
|
<!doctype html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
|
|
<meta name="description" content="">
|
|
<meta name="author" content="">
|
|
|
|
<title>Gaunt VPN Config Download</title>
|
|
|
|
<!-- Bootstrap core CSS -->
|
|
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.3/css/bootstrap.min.css" rel="stylesheet">
|
|
|
|
<!-- Custom styles for this template -->
|
|
<link href="loginform.css" rel="stylesheet">
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<div class="container">
|
|
|
|
<form class="form-signin" method="POST">
|
|
<h2 class="form-signin-heading">Please sign in</h2>
|
|
<label for="inputUsername" class="sr-only">Username</label>
|
|
<input type="text" id="inputUsername" class="form-control" placeholder="Username" name="username" required autofocus>
|
|
<label for="inputPassword" class="sr-only">Password</label>
|
|
<input type="password" id="inputPassword" class="form-control" placeholder="Password" name="password" required>
|
|
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
|
|
</form>
|
|
|
|
</div> <!-- /container -->
|
|
</body>
|
|
</html>
|
|
|
|
<?php }
|
|
|
|
function getDN($ad, $samaccountname, $basedn) {
|
|
$result = ldap_search($ad, $basedn, "(samaccountname={$samaccountname})", array('dn'));
|
|
if (! $result) {
|
|
return '';
|
|
}
|
|
$entries = ldap_get_entries($ad, $result);
|
|
if ($entries['count'] > 0) {
|
|
return $entries[0]['dn'];
|
|
}
|
|
return '';
|
|
}
|
|
|
|
function getCN($dn) {
|
|
preg_match('/[^,]*/', $dn, $matchs, PREG_OFFSET_CAPTURE, 3);
|
|
return $matchs[0][0];
|
|
}
|
|
|
|
function checkGroup($ad, $userdn, $groupdn){
|
|
$result = ldap_read($ad, $userdn, "(memberof={$groupdn})", array('members'));
|
|
if (! $result) {
|
|
return false;
|
|
}
|
|
$entries = ldap_get_entries($ad, $result);
|
|
return ($entries['count'] > 0);
|
|
}
|
|
|
|
?>
|