From 21e9777a925c35470f88c2b6f11220ce32b4f506 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Mon, 7 Apr 2025 12:42:51 -0400 Subject: [PATCH 1/8] prevent user/pi/org uid/gid conflicts, avoid debian reserved ranges --- resources/lib/UnityLDAP.php | 52 ++++++++++++------------------------- 1 file changed, 16 insertions(+), 36 deletions(-) diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index fc44cd4f..dc49483f 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -115,82 +115,62 @@ public function getDefUserShell() // // ID Number selection functions // - public function getNextUIDNumber($UnitySQL) + public function getNextUIDNumber(UnitySQL $UnitySQL): int { - $max_uid = $UnitySQL->getSiteVar('MAX_UID'); - $new_uid = $max_uid + 1; - - while ($this->UIDNumInUse($new_uid)) { - $new_uid++; + $new_id = $UnitySQL->getSiteVar('MAX_UID') + 1; + while ($this->IDNumInUse($new_id)) { + $new_id++; } - - $UnitySQL->updateSiteVar('MAX_UID', $new_uid); - - return $new_uid; + $UnitySQL->updateSiteVar('MAX_UID', $new_id); + return $new_id; } - public function getNextPiGIDNumber($UnitySQL) + public function getNextPiGIDNumber(UnitySQL $UnitySQL): int { $max_pigid = $UnitySQL->getSiteVar('MAX_PIGID'); $new_pigid = $max_pigid + 1; - - while ($this->PIGIDNumInUse($new_pigid)) { + while ($this->IDNumInUse($new_pigid)) { $new_pigid++; } - $UnitySQL->updateSiteVar('MAX_PIGID', $new_pigid); - return $new_pigid; } - public function getNextOrgGIDNumber($UnitySQL) + public function getNextOrgGIDNumber(UnitySQL $UnitySQL): int { $max_gid = $UnitySQL->getSiteVar('MAX_GID'); $new_gid = $max_gid + 1; - - while ($this->GIDNumInUse($new_gid)) { + while ($this->IDNumInUse($new_gid)) { $new_gid++; } - $UnitySQL->updateSiteVar('MAX_GID', $new_gid); - return $new_gid; } - private function UIDNumInUse($id) + private function IDNumInUse(int $id): bool { + // id reserved for debian packages + if (($id >= 100 && $id <= 999) || ($id >= 60000 && $id <= 64999)){ + return true; + } $users = $this->userOU->getChildrenArray(true); foreach ($users as $user) { if ($user["uidnumber"][0] == $id) { return true; } } - - return false; - } - - private function PIGIDNumInUse($id) - { $pi_groups = $this->pi_groupOU->getChildrenArray(true); foreach ($pi_groups as $pi_group) { if ($pi_group["gidnumber"][0] == $id) { return true; } } - - return false; - } - - private function GIDNumInUse($id) - { $groups = $this->groupOU->getChildrenArray(true); foreach ($groups as $group) { if ($group["gidnumber"][0] == $id) { return true; } } - - return false; } public function getUnassignedID($uid, $UnitySQL) @@ -208,7 +188,7 @@ public function getUnassignedID($uid, $UnitySQL) if ($uid == $netid_match || $netid == $netid_match) { // found a match - if (!$this->UIDNumInUse($uid_match) && !$this->GIDNumInUse($uid_match)) { + if (!$this->IDNumInUse($uid_match)) { return $uid_match; } } From db7255911afe8031229e34e9d370412703776df7 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Mon, 7 Apr 2025 13:36:41 -0400 Subject: [PATCH 2/8] fix whitespace --- resources/lib/UnityLDAP.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index dc49483f..b221269d 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -150,7 +150,7 @@ public function getNextOrgGIDNumber(UnitySQL $UnitySQL): int private function IDNumInUse(int $id): bool { // id reserved for debian packages - if (($id >= 100 && $id <= 999) || ($id >= 60000 && $id <= 64999)){ + if (($id >= 100 && $id <= 999) || ($id >= 60000 && $id <= 64999)) { return true; } $users = $this->userOU->getChildrenArray(true); From 74709a042befddc73eda3670be1ac0920a08b7f4 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Sun, 20 Apr 2025 11:01:15 -0400 Subject: [PATCH 3/8] return false --- resources/lib/UnityLDAP.php | 1 + 1 file changed, 1 insertion(+) diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index b221269d..3eb594df 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -171,6 +171,7 @@ private function IDNumInUse(int $id): bool return true; } } + return false; } public function getUnassignedID($uid, $UnitySQL) From 3d41d58733e147e476544f6d92d27289eb4596ae Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Tue, 3 Jun 2025 09:50:48 -0400 Subject: [PATCH 4/8] more similar to original --- resources/lib/UnityLDAP.php | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index 3eb594df..3b39be69 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -115,35 +115,43 @@ public function getDefUserShell() // // ID Number selection functions // - public function getNextUIDNumber(UnitySQL $UnitySQL): int + public function getNextUIDNumber($UnitySQL) { - $new_id = $UnitySQL->getSiteVar('MAX_UID') + 1; - while ($this->IDNumInUse($new_id)) { - $new_id++; + $max_uid = $UnitySQL->getSiteVar('MAX_UID'); + $new_uid = $max_uid + 1; + + while ($this->UIDNumInUse($new_uid)) { + $new_uid++; } + $UnitySQL->updateSiteVar('MAX_UID', $new_id); + return $new_id; } - public function getNextPiGIDNumber(UnitySQL $UnitySQL): int + public function getNextPiGIDNumber($UnitySQL) { $max_pigid = $UnitySQL->getSiteVar('MAX_PIGID'); $new_pigid = $max_pigid + 1; - while ($this->IDNumInUse($new_pigid)) { + + while ($this->PIGIDNumInUse($new_pigid)) { $new_pigid++; } $UnitySQL->updateSiteVar('MAX_PIGID', $new_pigid); return $new_pigid; } - public function getNextOrgGIDNumber(UnitySQL $UnitySQL): int + public function getNextOrgGIDNumber($UnitySQL) { $max_gid = $UnitySQL->getSiteVar('MAX_GID'); $new_gid = $max_gid + 1; + while ($this->IDNumInUse($new_gid)) { $new_gid++; } + $UnitySQL->updateSiteVar('MAX_GID', $new_gid); + return $new_gid; } From 8e74ec9b7eec003169366b99b53ee74bc9a0d350 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Tue, 3 Jun 2025 09:52:24 -0400 Subject: [PATCH 5/8] more similar to original --- resources/lib/UnityLDAP.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index 1bab72db..adbf5251 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -128,9 +128,9 @@ public function getNextUIDNumber($UnitySQL) $new_uid++; } - $UnitySQL->updateSiteVar('MAX_UID', $new_id); + $UnitySQL->updateSiteVar('MAX_UID', $new_uid); - return $new_id; + return $new_uid; } public function getNextPiGIDNumber($UnitySQL) @@ -141,7 +141,9 @@ public function getNextPiGIDNumber($UnitySQL) while ($this->PIGIDNumInUse($new_pigid)) { $new_pigid++; } + $UnitySQL->updateSiteVar('MAX_PIGID', $new_pigid); + return $new_pigid; } @@ -159,7 +161,7 @@ public function getNextOrgGIDNumber($UnitySQL) return $new_gid; } - private function IDNumInUse(int $id): bool + private function IDNumInUse(int $id) { // id reserved for debian packages if (($id >= 100 && $id <= 999) || ($id >= 60000 && $id <= 64999)) { From 539e3c90419e7834f8b983bf936db85009c5a13d Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Tue, 3 Jun 2025 09:53:29 -0400 Subject: [PATCH 6/8] old functions dont exist anymore --- resources/lib/UnityLDAP.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index adbf5251..bd8a3141 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -124,7 +124,7 @@ public function getNextUIDNumber($UnitySQL) $max_uid = $UnitySQL->getSiteVar('MAX_UID'); $new_uid = $max_uid + 1; - while ($this->UIDNumInUse($new_uid)) { + while ($this->IDNumInUse($new_uid)) { $new_uid++; } @@ -138,7 +138,7 @@ public function getNextPiGIDNumber($UnitySQL) $max_pigid = $UnitySQL->getSiteVar('MAX_PIGID'); $new_pigid = $max_pigid + 1; - while ($this->PIGIDNumInUse($new_pigid)) { + while ($this->IDNumInUse($new_pigid)) { $new_pigid++; } From 979722fac1be475dad07fa7dcbe93bfc3cf645d0 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Tue, 3 Jun 2025 09:53:56 -0400 Subject: [PATCH 7/8] more similar to original --- resources/lib/UnityLDAP.php | 1 + 1 file changed, 1 insertion(+) diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index bd8a3141..5bce4d29 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -185,6 +185,7 @@ private function IDNumInUse(int $id) return true; } } + return false; } From 40d5fb39f880e98e76645b600227855e763f3246 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Tue, 3 Jun 2025 09:54:15 -0400 Subject: [PATCH 8/8] more similar to original --- resources/lib/UnityLDAP.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php index 5bce4d29..61371638 100644 --- a/resources/lib/UnityLDAP.php +++ b/resources/lib/UnityLDAP.php @@ -161,7 +161,7 @@ public function getNextOrgGIDNumber($UnitySQL) return $new_gid; } - private function IDNumInUse(int $id) + private function IDNumInUse($id) { // id reserved for debian packages if (($id >= 100 && $id <= 999) || ($id >= 60000 && $id <= 64999)) {