Add certfile write

src/libtdeldap.cpp

@@ -649,6 +649,20 @@ void add_single_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQStr
 	}
 }
 
+void add_single_binary_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQByteArray &ba) {
+	if (ba.size() > 0) {
+		struct berval **values = (berval**)malloc(2*sizeof(berval*));
+		values[0] = new berval;
+		values[0]->bv_len = ba.size();
+		values[0]->bv_val = ba.data();
+		values[1] = NULL;
+		mods[*i]->mod_op = LDAP_MOD_REPLACE|LDAP_MOD_BVALUES;
+		mods[*i]->mod_type = strdup(attr.ascii());
+		mods[*i]->mod_bvalues = values;
+		(*i)++;
+	}
+}
+
 void add_multiple_attributes_operation(LDAPMod **mods, int *i, TQString attr, TQStringList strings) {
 	int j=0;
 	char **values = (char**)malloc((strings.count()+1)*sizeof(char*));
@@ -1238,6 +1252,62 @@ printf("[RAJA DEBUG 120.2] The number of entries returned was %d\n\n", ldap_coun
 	return LDAPMachineInfoList();
 }
 
+int LDAPManager::writeCertificateFileIntoDirectory(TQByteArray cert, TQString attr, TQString* errstr) {
+	int retcode;
+	int i;
+
+	if (bind() < 0) {
+		return -1;
+	}
+	else {
+		// Assemble the LDAPMod structure
+		// We will replace any existing attributes with the new values
+		int number_of_parameters = 1;				// 1 primary attribute
+		LDAPMod *mods[number_of_parameters+1];
+		for (i=0;i<number_of_parameters;i++) {
+			mods[i] = new LDAPMod;
+			mods[i]->mod_type = NULL;
+			mods[i]->mod_values = NULL;
+		}
+		mods[number_of_parameters] = NULL;
+
+		// Load LDAP modification requests from provided data structure
+		i=0;
+		add_single_binary_attribute_operation(mods, &i, attr, cert);
+		LDAPMod *prevterm = mods[i];
+		mods[i] = NULL;
+
+		// Perform LDAP update
+		retcode = ldap_modify_ext_s(m_ldap, TQString("cn=certificate store,o=tde,cn=tde realm data,ou=master services,ou=core,ou=realm,%1").arg(m_basedc).ascii(), mods, NULL, NULL);	// RAJA FIXME
+
+		// Clean up
+		mods[i] = prevterm;
+		for (i=0;i<number_of_parameters;i++) {
+			if (mods[i]->mod_type != NULL) {
+				free(mods[i]->mod_type);
+			}
+			if (mods[i]->mod_values != NULL) {
+				int j = 0;
+				while (mods[i]->mod_values[j] != NULL) {
+					delete mods[i]->mod_values[j];
+					j++;
+				}
+				free(mods[i]->mod_values);
+			}
+			delete mods[i];
+		}
+
+		if (retcode != LDAP_SUCCESS) {
+			if (errstr) *errstr = i18n("<qt>LDAP certificate upload failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
+			else KMessageBox::error(0, i18n("<qt>LDAP certificate upload failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+			return -2;
+		}
+		else {
+			return 0;
+		}
+	}
+}
+
 // Special method, used when creating a new Kerberos realm
 int LDAPManager::moveKerberosEntries(TQString newSuffix, TQString* errstr) {
 	int retcode;
@@ -1262,7 +1332,6 @@ printf("[RAJA DEBUG 140.2] The number of entries returned was %d\n\n", ldap_coun
 		// Iterate through the returned entries
 		LDAPMessage* entry;
 		for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) {
-			// RAJA
 			char* dn = NULL;
 		
 			LDAPMachineInfo machineinfo;
@@ -1270,8 +1339,6 @@ printf("[RAJA DEBUG 140.2] The number of entries returned was %d\n\n", ldap_coun
 			if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
 				TQStringList dnParts = TQStringList::split(",", dn);
 				TQString id = dnParts[0];
-				int equalsPos = id.find("=");
-				id.remove(0,equalsPos+1);
 printf("[RAJA DEBUG 140.3] Moving %s to relative DN %s and parent %s", dn, id.ascii(), newSuffix.ascii()); fflush(stdout);
 				retcode = ldap_rename_s(m_ldap, dn, id, newSuffix, 0, NULL, NULL);
 				if (retcode != LDAP_SUCCESS) {

src/libtdeldap.h

@@ -237,6 +237,7 @@ class LDAPManager : public TQObject {
 		LDAPCredentials currentLDAPCredentials();
 
 		int moveKerberosEntries(TQString newSuffix, TQString* errstr=0);
+		int writeCertificateFileIntoDirectory(TQByteArray cert, TQString attr, TQString* errstr=0);
 
 		static TQString getMachineFQDN();
 		static void writeLDAPConfFile(LDAPRealmConfig realmcfg);