TDE
/
libtdeldap
mirror of https://mirror.git.trinitydesktop.org/gitea/TDE/libtdeldap
0
0
Fork 0
Code Issues Releases Wiki Activity

More changes for bug 2961.

Browse Source 
Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
pull/2/head
Michele Calgaro 6 years ago
parent 9c47f1fa3d
commit 123de33960
Signed by: MicheleC
GPG Key ID: 2A75B7CA8ADED5CF
2 changed files with 21 additions and 15 deletions
Show Stats Download Patch File Download Diff File

24
src/libtdeldap.cpp
Unescape View File

@ -299,7 +299,7 @@ int LDAPManager::bind(TQString* errstr) {
if (!m_creds) { if (!m_creds) {
m_creds = new LDAPCredentials(); m_creds = new LDAPCredentials();
m_creds->username = passdlg.m_base->ldapAdminUsername->text(); m_creds->username = passdlg.m_base->ldapAdminUsername->text();
m_creds->password = passdlg.m_base->ldapAdminPassword->password().utf8(); m_creds->password = passdlg.m_base->ldapAdminPassword->password();
m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText(); m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText();
m_creds->use_tls = passdlg.m_base->ldapUseTLS->isOn(); m_creds->use_tls = passdlg.m_base->ldapUseTLS->isOn();
m_creds->use_gssapi = passdlg.use_gssapi; m_creds->use_gssapi = passdlg.use_gssapi;
@ -349,7 +349,7 @@ int LDAPManager::bind(TQString* errstr) {
char* mechanism = NULL; char* mechanism = NULL;
struct berval cred; struct berval cred;
TQString ldap_dn = m_creds->username; TQString ldap_dn = m_creds->username;
TQCString pass = m_creds->password; TQCString pass = m_creds->password.utf8();
cred.bv_val = pass.data(); cred.bv_val = pass.data();
cred.bv_len = pass.length(); cred.bv_len = pass.length();
if ((!using_ldapi && !m_creds->use_gssapi)) { if ((!using_ldapi && !m_creds->use_gssapi)) {
@ -1353,7 +1353,9 @@ int LDAPManager::bindKAdmin(LDAPCredentials *administrativeCredentials, TQString
} }
else { else {
// Password authentication / bind // Password authentication / bind
krb5adm_ret = kadm5_init_with_password_ctx(m_krb5admContext, adminPrincipal.ascii(), admincreds.password.data(), KADM5_ADMIN_SERVICE, &params, KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, &m_krb5admHandle); krb5adm_ret = kadm5_init_with_password_ctx(m_krb5admContext, adminPrincipal.ascii(),
admincreds.password.utf8().data(), KADM5_ADMIN_SERVICE, &params,
KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, &m_krb5admHandle);
if (krb5adm_ret) { if (krb5adm_ret) {
if (errstr) *errstr = i18n("%1<p>Details:<br>Failed to execute kadm5_init_with_password (code %2)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(krb5adm_ret); if (errstr) *errstr = i18n("%1<p>Details:<br>Failed to execute kadm5_init_with_password (code %2)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(krb5adm_ret);
} }
@ -1409,7 +1411,7 @@ int LDAPManager::setPasswordForUser(LDAPUserInfo user, TQString *errstr) {
if (errstr) *errstr = i18n("%1<p>Details:<br>Failed to execute krb5_parse_name for user '%2' (code %3)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(user.name).arg(krb5adm_ret); if (errstr) *errstr = i18n("%1<p>Details:<br>Failed to execute krb5_parse_name for user '%2' (code %3)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(user.name).arg(krb5adm_ret);
} }
else { else {
krb5adm_ret = kadm5_chpass_principal(m_krb5admHandle, user_kadm5_principal, user.new_password.data()); krb5adm_ret = kadm5_chpass_principal(m_krb5admHandle, user_kadm5_principal, user.new_password.utf8().data());
if (krb5adm_ret) { if (krb5adm_ret) {
if (errstr) *errstr = i18n("%1<p>Details:<br>Failed to execute kadm5_chpass_principal for user '%2' (code %3)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(user.name).arg(krb5adm_ret); if (errstr) *errstr = i18n("%1<p>Details:<br>Failed to execute kadm5_chpass_principal for user '%2' (code %3)").arg(krb5_get_error_message(m_krb5admContext, krb5adm_ret)).arg(user.name).arg(krb5adm_ret);
} }
@ -1699,7 +1701,7 @@ int LDAPManager::getKerberosPassword(LDAPCredentials &creds, TQString prompt, bo
const int ret = passdlg.exec(); const int ret = passdlg.exec();
if (ret == KDialog::Accepted) { if (ret == KDialog::Accepted) {
creds.username = passdlg.m_base->ldapAdminUsername->text(); creds.username = passdlg.m_base->ldapAdminUsername->text();
creds.password = passdlg.m_base->ldapAdminPassword->password().utf8(); creds.password = passdlg.m_base->ldapAdminPassword->password();
creds.realm = passdlg.m_base->ldapAdminRealm->currentText(); creds.realm = passdlg.m_base->ldapAdminRealm->currentText();
creds.service = passdlg.m_base->kerberosServicePrincipal->text(); creds.service = passdlg.m_base->kerberosServicePrincipal->text();
creds.use_tls = passdlg.m_base->ldapUseTLS->isOn(); creds.use_tls = passdlg.m_base->ldapUseTLS->isOn();
@ -1786,14 +1788,14 @@ int LDAPManager::obtainKerberosTicket(LDAPCredentials creds, TQString principal,
TQString password; TQString password;
int result = KPasswordDialog::getPassword(password, prompt); int result = KPasswordDialog::getPassword(password, prompt);
if (result == KPasswordDialog::Accepted) { if (result == KPasswordDialog::Accepted) {
creds.password = password.utf8(); creds.password = password;
} }
else { else {
return 0; return 0;
} }
} }
kinitProc.enableLocalEcho(false); kinitProc.enableLocalEcho(false);
kinitProc.writeLine(creds.password, true); kinitProc.writeLine(creds.password.utf8(), true);
do { // Discard our own input do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kinitProc); prompt = readFullLineFromPtyProcess(&kinitProc);
printf("(kinit) '%s'\n", prompt.ascii()); printf("(kinit) '%s'\n", prompt.ascii());
@ -3646,7 +3648,7 @@ int LDAPManager::setLDAPMasterReplicationSettings(LDAPMasterReplicationInfo repl
passdlg.m_base->ldapAdminUsername->setEnabled(false); passdlg.m_base->ldapAdminUsername->setEnabled(false);
passdlg.m_base->ldapAdminUsername->setText(replicationinfo.syncDN); passdlg.m_base->ldapAdminUsername->setText(replicationinfo.syncDN);
if (passdlg.exec() == TQDialog::Accepted) { if (passdlg.exec() == TQDialog::Accepted) {
replicationinfo.syncPassword = passdlg.m_base->ldapAdminPassword->password().utf8(); replicationinfo.syncPassword = passdlg.m_base->ldapAdminPassword->password();
} }
} }
@ -5538,7 +5540,8 @@ bool LDAPManager::pkcsLoginEnabled() {
return enabled; return enabled;
} }
int LDAPManager::bondRealm(TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) { int LDAPManager::bondRealm(const TQString &adminUserName, const TQString &adminPassword,
const TQString &adminRealm, TQString *errstr) {
LDAPCredentials admincreds; LDAPCredentials admincreds;
admincreds.username = adminUserName; admincreds.username = adminUserName;
admincreds.password = adminPassword; admincreds.password = adminPassword;
@ -5566,7 +5569,8 @@ int LDAPManager::bondRealm(TQString adminUserName, const char * adminPassword, T
return retcode; return retcode;
} }
int LDAPManager::unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) { int LDAPManager::unbondRealm(LDAPRealmConfig realmcfg, const TQString &adminUserName,
const TQString &adminPassword, const TQString &adminRealm, TQString *errstr) {
Q_UNUSED(realmcfg); Q_UNUSED(realmcfg);
LDAPCredentials admincreds; LDAPCredentials admincreds;

12
src/libtdeldap.h
Unescape View File

@ -176,7 +176,7 @@ class LDAPCredentials
public: public:
TQString username; TQString username;
TQCString password; TQString password;
TQString realm; TQString realm;
bool use_tls; bool use_tls;
bool use_gssapi; bool use_gssapi;
@ -292,7 +292,7 @@ class LDAPUserInfo
gid_t primary_gid; gid_t primary_gid;
bool tde_builtin_account; bool tde_builtin_account;
LDAPKRB5Flags status; // Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT] LDAPKRB5Flags status; // Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT]
TQCString new_password; TQString new_password;
TQDateTime account_created; TQDateTime account_created;
TQDateTime account_modified; TQDateTime account_modified;
TQDateTime password_last_changed; TQDateTime password_last_changed;
@ -450,7 +450,7 @@ class LDAPMasterReplicationInfo
int timeout; int timeout;
int syncMethod; int syncMethod;
TQString syncDN; TQString syncDN;
TQCString syncPassword; TQString syncPassword;
TQString certificateFile; TQString certificateFile;
TQString caCertificateFile; TQString caCertificateFile;
bool ignore_ssl_failure; bool ignore_ssl_failure;
@ -589,8 +589,10 @@ class LDAPManager : public TQObject {
static int writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr=0); static int writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr=0);
static bool pkcsLoginEnabled(); static bool pkcsLoginEnabled();
static int bondRealm(TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0); static int bondRealm(const TQString &adminUserName, const TQString &adminPassword,
static int unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0); const TQString &adminRealm, TQString *errstr=0);
static int unbondRealm(LDAPRealmConfig realmcfg, const TQString &adminUserName,
const TQString &adminPassword, const TQString &adminRealm, TQString *errstr=0);
private: private:
int bindKAdmin(LDAPCredentials *administrativeCredentials=NULL, TQString *errstr=0); int bindKAdmin(LDAPCredentials *administrativeCredentials=NULL, TQString *errstr=0);

Write Preview
Loading…
Cancel
Save