From 123de33960f6667942a71bd73cc0b39d036415f6 Mon Sep 17 00:00:00 2001 From: Michele Calgaro Date: Sun, 2 Dec 2018 17:21:52 +0900 Subject: [PATCH] More changes for bug 2961. Signed-off-by: Michele Calgaro --- src/libtdeldap.cpp | 24 ++++++++++++++---------- src/libtdeldap.h | 12 +++++++----- 2 files changed, 21 insertions(+), 15 deletions(-) diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index 0d3aba9..fea7662 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -299,7 +299,7 @@ int LDAPManager::bind(TQString* errstr) { if (!m_creds) { m_creds = new LDAPCredentials(); m_creds->username = passdlg.m_base->ldapAdminUsername->text(); - m_creds->password = passdlg.m_base->ldapAdminPassword->password().utf8(); + m_creds->password = passdlg.m_base->ldapAdminPassword->password(); m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText(); m_creds->use_tls = passdlg.m_base->ldapUseTLS->isOn(); m_creds->use_gssapi = passdlg.use_gssapi; @@ -349,7 +349,7 @@ int LDAPManager::bind(TQString* errstr) { char* mechanism = NULL; struct berval cred; TQString ldap_dn = m_creds->username; - TQCString pass = m_creds->password; + TQCString pass = m_creds->password.utf8(); cred.bv_val = pass.data(); cred.bv_len = pass.length(); if ((!using_ldapi && !m_creds->use_gssapi)) { @@ -1353,7 +1353,9 @@ int LDAPManager::bindKAdmin(LDAPCredentials *administrativeCredentials, TQString } else { // Password authentication / bind - krb5adm_ret = kadm5_init_with_password_ctx(m_krb5admContext, adminPrincipal.ascii(), admincreds.password.data(), KADM5_ADMIN_SERVICE, ¶ms, KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, &m_krb5admHandle); + krb5adm_ret = kadm5_init_with_password_ctx(m_krb5admContext, adminPrincipal.ascii(), + admincreds.password.utf8().data(), KADM5_ADMIN_SERVICE, ¶ms, + KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, &m_krb5admHandle); if (krb5adm_ret) { if (errstr) *errstr = i18n("%1

Details:
Failed to execute kadm5_init_with_password (code %2)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(krb5adm_ret); } @@ -1409,7 +1411,7 @@ int LDAPManager::setPasswordForUser(LDAPUserInfo user, TQString *errstr) { if (errstr) *errstr = i18n("%1

Details:
Failed to execute krb5_parse_name for user '%2' (code %3)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(user.name).arg(krb5adm_ret); } else { - krb5adm_ret = kadm5_chpass_principal(m_krb5admHandle, user_kadm5_principal, user.new_password.data()); + krb5adm_ret = kadm5_chpass_principal(m_krb5admHandle, user_kadm5_principal, user.new_password.utf8().data()); if (krb5adm_ret) { if (errstr) *errstr = i18n("%1

Details:
Failed to execute kadm5_chpass_principal for user '%2' (code %3)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(user.name).arg(krb5adm_ret); } @@ -1699,7 +1701,7 @@ int LDAPManager::getKerberosPassword(LDAPCredentials &creds, TQString prompt, bo const int ret = passdlg.exec(); if (ret == KDialog::Accepted) { creds.username = passdlg.m_base->ldapAdminUsername->text(); - creds.password = passdlg.m_base->ldapAdminPassword->password().utf8(); + creds.password = passdlg.m_base->ldapAdminPassword->password(); creds.realm = passdlg.m_base->ldapAdminRealm->currentText(); creds.service = passdlg.m_base->kerberosServicePrincipal->text(); creds.use_tls = passdlg.m_base->ldapUseTLS->isOn(); @@ -1786,14 +1788,14 @@ int LDAPManager::obtainKerberosTicket(LDAPCredentials creds, TQString principal, TQString password; int result = KPasswordDialog::getPassword(password, prompt); if (result == KPasswordDialog::Accepted) { - creds.password = password.utf8(); + creds.password = password; } else { return 0; } } kinitProc.enableLocalEcho(false); - kinitProc.writeLine(creds.password, true); + kinitProc.writeLine(creds.password.utf8(), true); do { // Discard our own input prompt = readFullLineFromPtyProcess(&kinitProc); printf("(kinit) '%s'\n", prompt.ascii()); @@ -3646,7 +3648,7 @@ int LDAPManager::setLDAPMasterReplicationSettings(LDAPMasterReplicationInfo repl passdlg.m_base->ldapAdminUsername->setEnabled(false); passdlg.m_base->ldapAdminUsername->setText(replicationinfo.syncDN); if (passdlg.exec() == TQDialog::Accepted) { - replicationinfo.syncPassword = passdlg.m_base->ldapAdminPassword->password().utf8(); + replicationinfo.syncPassword = passdlg.m_base->ldapAdminPassword->password(); } } @@ -5538,7 +5540,8 @@ bool LDAPManager::pkcsLoginEnabled() { return enabled; } -int LDAPManager::bondRealm(TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) { +int LDAPManager::bondRealm(const TQString &adminUserName, const TQString &adminPassword, + const TQString &adminRealm, TQString *errstr) { LDAPCredentials admincreds; admincreds.username = adminUserName; admincreds.password = adminPassword; @@ -5566,7 +5569,8 @@ int LDAPManager::bondRealm(TQString adminUserName, const char * adminPassword, T return retcode; } -int LDAPManager::unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) { +int LDAPManager::unbondRealm(LDAPRealmConfig realmcfg, const TQString &adminUserName, + const TQString &adminPassword, const TQString &adminRealm, TQString *errstr) { Q_UNUSED(realmcfg); LDAPCredentials admincreds; diff --git a/src/libtdeldap.h b/src/libtdeldap.h index 9121c45..e75d94d 100644 --- a/src/libtdeldap.h +++ b/src/libtdeldap.h @@ -176,7 +176,7 @@ class LDAPCredentials public: TQString username; - TQCString password; + TQString password; TQString realm; bool use_tls; bool use_gssapi; @@ -292,7 +292,7 @@ class LDAPUserInfo gid_t primary_gid; bool tde_builtin_account; LDAPKRB5Flags status; // Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT] - TQCString new_password; + TQString new_password; TQDateTime account_created; TQDateTime account_modified; TQDateTime password_last_changed; @@ -450,7 +450,7 @@ class LDAPMasterReplicationInfo int timeout; int syncMethod; TQString syncDN; - TQCString syncPassword; + TQString syncPassword; TQString certificateFile; TQString caCertificateFile; bool ignore_ssl_failure; @@ -589,8 +589,10 @@ class LDAPManager : public TQObject { static int writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr=0); static bool pkcsLoginEnabled(); - static int bondRealm(TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0); - static int unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0); + static int bondRealm(const TQString &adminUserName, const TQString &adminPassword, + const TQString &adminRealm, TQString *errstr=0); + static int unbondRealm(LDAPRealmConfig realmcfg, const TQString &adminUserName, + const TQString &adminPassword, const TQString &adminRealm, TQString *errstr=0); private: int bindKAdmin(LDAPCredentials *administrativeCredentials=NULL, TQString *errstr=0);