I lied earlier...kadmin support now added

pull/1/head
Timothy Pearson 13 years ago
parent 4d66047a31
commit 93a591d8f0

@ -573,7 +573,7 @@
</property> </property>
<widget class="TQLayoutWidget" row="0" column="0"> <widget class="TQLayoutWidget" row="0" column="0">
<property name="name"> <property name="name">
<cstring>userControls</cstring> <cstring>machineControls</cstring>
</property> </property>
<grid> <grid>
<property name="name"> <property name="name">
@ -581,7 +581,7 @@
</property> </property>
<widget class="TQPushButton" row="0" column="1" colspan="0"> <widget class="TQPushButton" row="0" column="1" colspan="0">
<property name="name"> <property name="name">
<cstring>user_buttonModify</cstring> <cstring>machine_buttonModify</cstring>
</property> </property>
<property name="text"> <property name="text">
<string>Modify</string> <string>Modify</string>
@ -589,7 +589,7 @@
</widget> </widget>
<widget class="TQPushButton" row="0" column="0" colspan="0"> <widget class="TQPushButton" row="0" column="0" colspan="0">
<property name="name"> <property name="name">
<cstring>user_buttonAdd</cstring> <cstring>machine_buttonAdd</cstring>
</property> </property>
<property name="text"> <property name="text">
<string>New</string> <string>New</string>
@ -597,7 +597,7 @@
</widget> </widget>
<widget class="TQPushButton" row="0" column="2" colspan="0"> <widget class="TQPushButton" row="0" column="2" colspan="0">
<property name="name"> <property name="name">
<cstring>user_buttonDelete</cstring> <cstring>machine_buttonDelete</cstring>
</property> </property>
<property name="text"> <property name="text">
<string>Delete</string> <string>Delete</string>

@ -19,6 +19,7 @@
***************************************************************************/ ***************************************************************************/
#include <tqlayout.h> #include <tqlayout.h>
#include <tqapplication.h>
#include <klocale.h> #include <klocale.h>
#include <kglobal.h> #include <kglobal.h>
@ -38,6 +39,8 @@
#include <kmessagebox.h> #include <kmessagebox.h>
#include <klineedit.h> #include <klineedit.h>
#include <tdesu/process.h>
#include "ldapmgr.h" #include "ldapmgr.h"
#include "libtdeldap.h" #include "libtdeldap.h"
@ -148,7 +151,6 @@ void LDAPConfig::save() {
} }
void LDAPConfig::processLockouts() { void LDAPConfig::processLockouts() {
// RAJA FIXME
TQListViewItem* lvi = base->user_list->selectedItem(); TQListViewItem* lvi = base->user_list->selectedItem();
if (lvi) { if (lvi) {
base->user_buttonModify->setEnabled(true); base->user_buttonModify->setEnabled(true);
@ -170,6 +172,19 @@ void LDAPConfig::processLockouts() {
base->group_buttonDelete->setEnabled(false); base->group_buttonDelete->setEnabled(false);
} }
base->group_buttonAdd->setEnabled(true); base->group_buttonAdd->setEnabled(true);
lvi = base->machine_list->selectedItem();
if (lvi) {
base->machine_buttonDelete->setEnabled(true);
}
else {
base->machine_buttonDelete->setEnabled(false);
}
// FIXME
// Disable machine add/modify as they are not implemented
// In fact, I don't know if I CAN implement them!
base->machine_buttonAdd->setEnabled(true);
base->machine_buttonModify->setEnabled(true);
} }
void LDAPConfig::connectToRealm(const TQString& realm) { void LDAPConfig::connectToRealm(const TQString& realm) {
@ -431,7 +446,36 @@ void LDAPConfig::addNewUser() {
else { else {
user.distinguishedName = "uid=" + user.name + "," + m_ldapmanager->basedn(); user.distinguishedName = "uid=" + user.name + "," + m_ldapmanager->basedn();
} }
m_ldapmanager->addUserInfo(user); if (m_ldapmanager->addUserInfo(user) == 0) {
if (user.new_password != "") {
// If a new password was set, use Kerberos to set it on the server
TQString errorString;
if (setPasswordForUser(user, &errorString) != 0) {
KMessageBox::error(0, i18n("<qt>Unable to set password for user!<p>%1</qt>").arg(errorString), i18n("Kerberos Failure"));
}
}
// Modify group(s) as needed
populateGroups();
LDAPGroupInfoList::Iterator it;
for (it = m_groupInfoList.begin(); it != m_groupInfoList.end(); ++it) {
LDAPGroupInfo group = *it;
if (userconfigdlg.selectedGroups.contains(group.name)) {
// Make sure that we are in this group!
if (!group.userlist.contains(user.distinguishedName)) {
group.userlist.append(user.distinguishedName);
m_ldapmanager->updateGroupInfo(group);
}
}
else {
// Make sure that we are NOT in this group!
if (group.userlist.contains(user.distinguishedName)) {
group.userlist.remove(user.distinguishedName);
m_ldapmanager->updateGroupInfo(group);
}
}
}
}
} }
else { else {
// PEBKAC // PEBKAC
@ -492,6 +536,14 @@ void LDAPConfig::modifySelectedUser() {
if (userconfigdlg.exec() == TQDialog::Accepted) { if (userconfigdlg.exec() == TQDialog::Accepted) {
user = userconfigdlg.m_user; user = userconfigdlg.m_user;
if (m_ldapmanager->updateUserInfo(user) == 0) { if (m_ldapmanager->updateUserInfo(user) == 0) {
if (user.new_password != "") {
// If a new password was set, use Kerberos to set it on the server
TQString errorString;
if (setPasswordForUser(user, &errorString) != 0) {
KMessageBox::error(0, i18n("<qt>Unable to set password for user!<p>%1</qt>").arg(errorString), i18n("Kerberos Failure"));
}
}
// Modify group(s) as needed // Modify group(s) as needed
populateGroups(); populateGroups();
LDAPGroupInfoList::Iterator it; LDAPGroupInfoList::Iterator it;
@ -551,6 +603,90 @@ void LDAPConfig::removeSelectedGroup() {
updateAllInformation(); updateAllInformation();
} }
TQString readFullLineFromPtyProcess(PtyProcess* proc) {
TQString result = "";
while ((!result.contains("\n")) && (!result.contains(":")) && (!result.contains(">"))) {
result = result + TQString(proc->readLine(false));
tqApp->processEvents();
}
return result;
}
int LDAPConfig::setPasswordForUser(LDAPUserInfo user, TQString *errstr) {
if (user.new_password == "") {
return 0;
}
LDAPCredentials admincreds = m_ldapmanager->currentLDAPCredentials();
TQCString command = "kadmin";
QCStringList args;
args << TQCString("-p") << TQCString(admincreds.username.lower()+"@"+(admincreds.realm.upper())) << TQCString("-r") << TQCString(admincreds.realm.upper());
TQString prompt;
PtyProcess kadminProc;
kadminProc.exec(command, args);
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
if (prompt == "kadmin>") {
kadminProc.writeLine(TQCString("passwd "+user.name), true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace();
if ((prompt.endsWith(" Password:")) && (!prompt.startsWith(TQString(user.name + "@")))) {
kadminProc.writeLine(admincreds.password, true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
}
if (prompt.contains("authentication failed")) {
if (errstr) *errstr = prompt;
kadminProc.writeLine("quit", true);
return 1;
}
else if ((prompt.endsWith(" Password:")) && (prompt.startsWith(TQString(user.name + "@")))) {
kadminProc.writeLine(user.new_password, true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
if ((prompt.endsWith(" Password:")) && (prompt.startsWith("Verify"))) {
kadminProc.writeLine(user.new_password, true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
}
if ((prompt.endsWith(" Password:")) && (!prompt.startsWith(TQString(user.name + "@")))) {
kadminProc.writeLine(admincreds.password, true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
}
if (prompt != "kadmin>") {
if (errstr) *errstr = prompt;
kadminProc.writeLine("quit", true);
return 1;
}
// Success!
kadminProc.writeLine("quit", true);
return 0;
}
else if (prompt == "kadmin>") {
// Success!
kadminProc.writeLine("quit", true);
return 0;
}
// Failure
if (errstr) *errstr = prompt;
kadminProc.writeLine("quit", true);
return 1;
}
if (errstr) *errstr = "Internal error. Verify that kadmin exists and can be executed.";
return 1; // Failure
}
int LDAPConfig::buttons() { int LDAPConfig::buttons() {
return KCModule::Apply|KCModule::Help; return KCModule::Apply|KCModule::Help;
} }

@ -81,6 +81,7 @@ class LDAPConfig: public KCModule
private: private:
LDAPUserInfo selectedUser(); LDAPUserInfo selectedUser();
LDAPGroupInfo selectedGroup(); LDAPGroupInfo selectedGroup();
int setPasswordForUser(LDAPUserInfo user, TQString *errstr);
private: private:
KAboutData *myAboutData; KAboutData *myAboutData;

@ -55,6 +55,15 @@ TQString LDAPManager::realm() {
return m_realm; return m_realm;
} }
LDAPCredentials LDAPManager::currentLDAPCredentials() {
if (m_creds) {
return *m_creds;
}
else {
return LDAPCredentials();
}
}
int LDAPManager::bind() { int LDAPManager::bind() {
printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout); printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
if (m_ldap) { if (m_ldap) {
@ -93,6 +102,10 @@ printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
struct berval cred; struct berval cred;
TQString ldap_dn = passdlg.m_base->ldapAdminUsername->text(); TQString ldap_dn = passdlg.m_base->ldapAdminUsername->text();
TQCString pass = passdlg.m_base->ldapAdminPassword->password(); TQCString pass = passdlg.m_base->ldapAdminPassword->password();
if (!m_creds) m_creds = new LDAPCredentials();
m_creds->username = passdlg.m_base->ldapAdminUsername->text();
m_creds->password = passdlg.m_base->ldapAdminPassword->password();
m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText();
cred.bv_val = pass.data(); cred.bv_val = pass.data();
cred.bv_len = pass.length(); cred.bv_len = pass.length();

@ -184,6 +184,8 @@ class LDAPManager : public TQObject {
int deleteUserInfo(LDAPUserInfo user); int deleteUserInfo(LDAPUserInfo user);
int deleteGroupInfo(LDAPGroupInfo group); int deleteGroupInfo(LDAPGroupInfo group);
LDAPCredentials currentLDAPCredentials();
private: private:
LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry); LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry);
LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry); LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry);

Loading…
Cancel
Save