/** * Add an lower priority filter expression to be applied on this query * * The syntax of the expression and valid parameters are to be defined by the concrete * backend-specific query implementation. * * @param string $expression Implementation specific search expression * @param mixed $parameters Implementation specific search value to use for query placeholders * @return self Fluent interface */ public function orWhere($expression, $parameters = null) { $node = $this->parseFilterExpression($expression, $parameters); if ($node === null) { Logger::debug('Ignoring invalid filter expression: %s (params: %s)', $expression, $parameters); return $this; } $this->filter->insert(Node::createOrNode()); $this->filter->insert($node); return $this; }
/** * Detect installed modules from every path provided in modulePaths * * @return self */ public function detectInstalledModules() { foreach ($this->modulePaths as $basedir) { $canonical = realpath($basedir); if ($canonical === false) { Logger::warning('Module path "%s" does not exist', $basedir); continue; } if (!is_dir($canonical)) { Logger::error('Module path "%s" is not a directory', $canonical); continue; } if (!is_readable($canonical)) { Logger::error('Module path "%s" is not readable', $canonical); continue; } if (($dh = opendir($canonical)) !== false) { while (($file = readdir($dh)) !== false) { if ($file[0] === '.') { continue; } if (is_dir($canonical . '/' . $file)) { if (!array_key_exists($file, $this->installedBaseDirs)) { $this->installedBaseDirs[$file] = $canonical . '/' . $file; } else { Logger::debug('Module "%s" already exists in installation path "%s" and is ignored.', $canonical . '/' . $file, $this->installedBaseDirs[$file]); } } } closedir($dh); } } ksort($this->installedBaseDirs); return $this; }
/** * Write the given external command to the command pipe * * @param string $command * * @throws RuntimeException When the command could not be sent to the remote Icinga host * @see Transport::send() */ public function send($command) { $retCode = 0; $output = array(); Logger::debug('Icinga instance is on different host, attempting to send command %s via ssh to %s:%s/%s', $command, $this->host, $this->port, $this->path); $hostConnector = $this->user ? $this->user . "@" . $this->host : $this->host; $command = escapeshellarg('[' . time() . '] ' . $command); $sshCommand = sprintf('ssh -o BatchMode=yes -o KbdInteractiveAuthentication=no %s -p %d' . ' "echo %s > %s" 2>&1', $hostConnector, $this->port, $command, $this->path); exec($sshCommand, $output, $retCode); Logger::debug("Command '%s' exited with %d: %s", $sshCommand, $retCode, $output); if ($retCode != 0) { $msg = 'Could not send command to remote Icinga host: ' . implode(PHP_EOL, $output) . " (returncode {$retCode})"; Logger::error($msg); throw new RuntimeException($msg); } }
/** * Remove session cookies */ private function clearCookies() { if (ini_get('session.use_cookies')) { Logger::debug('Clear session cookie'); $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']); } }
protected function prepareNewConnection() { $use_tls = false; $force_tls = true; $force_tls = false; if ($use_tls) { $this->prepareTlsEnvironment(); } $ds = ldap_connect($this->hostname, $this->port); $cap = $this->discoverCapabilities($ds); $this->capabilities = $cap; if ($use_tls) { if ($cap->starttls) { if (@ldap_start_tls($ds)) { Logger::debug('LDAP STARTTLS succeeded'); } else { Logger::debug('LDAP STARTTLS failed: %s', ldap_error($ds)); throw new \Exception(sprintf('LDAP STARTTLS failed: %s', ldap_error($ds))); } } elseif ($force_tls) { throw new \Exception(sprintf('TLS is required but not announced by %s', $this->host_name)); } else { // TODO: Log noticy -> TLS enabled but not announced } } // ldap_rename requires LDAPv3: if ($cap->ldapv3) { if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3)) { throw new Exception('LDAPv3 is required'); } } else { // TODO: remove this -> FORCING v3 for now ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); Logger::warning('No LDAPv3 support detected'); } // Not setting this results in "Operations error" on AD when using the // whole domain as search base: ldap_set_option($ds, LDAP_OPT_REFERRALS, 0); // ldap_set_option($ds, LDAP_OPT_DEREF, LDAP_DEREF_NEVER); return $ds; }
/** * Create or return an instance of a given hook * * TODO: Should return some kind of a hook interface * * @param string $name One of the predefined hook names * @param string $key The identifier of a specific subtype * * @return mixed */ public static function createInstance($name, $key) { if (!self::has($name, $key)) { return null; } if (isset(self::$instances[$name][$key])) { return self::$instances[$name][$key]; } $class = self::$hooks[$name][$key]; try { $instance = new $class(); } catch (Exception $e) { Logger::debug('Hook "%s" (%s) (%s) failed, will be unloaded: %s', $name, $key, $class, $e->getMessage()); // TODO: Persist unloading for "some time" or "current session" unset(self::$hooks[$name][$key]); return null; } self::assertValidHook($instance, $name); self::$instances[$name][$key] = $instance; return $instance; }