TDE
/
libtdeldap
mirror of https://mirror.git.trinitydesktop.org/gitea/TDE/libtdeldap
0
0
Fork 0
Code Issues Releases Wiki Activity

Update library for CLI use

Browse Source
pull/1/head
Timothy Pearson 13 years ago
parent 50a7026e7f
commit 57baf9d811
2 changed files with 92 additions and 69 deletions
Show Stats Download Patch File Download Diff File

157
src/libtdeldap.cpp
Unescape Escape View File

@ -80,7 +80,7 @@ LDAPCredentials LDAPManager::currentLDAPCredentials() {
}
int LDAPManager::bind(TQString* errstr) {
printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
printf("[RAJA DEBUG 600.0] In LDAPManager::bind(%p)\n\r", errstr); fflush(stdout);
if (m_ldap) {
return 0;
}
@ -88,13 +88,24 @@ printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
int use_secure_connection = 0;
TQString uri;
if (use_secure_connection == 1) {
m_port = LDAP_SECURE_PORT;
uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port);
if (m_host.contains("://")) {
uri = m_host;
if (!m_creds) {
m_creds = new LDAPCredentials();
m_creds->username = "";
m_creds->password = "";
m_creds->realm = m_realm;
}
}
else {
m_port = LDAP_INSECURE_PORT;
uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port);
if (use_secure_connection == 1) {
m_port = LDAP_SECURE_PORT;
uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port);
}
else {
m_port = LDAP_INSECURE_PORT;
uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port);
}
}
printf("[RAJA DEBUG 600.1] URI: %s\n\r", uri.ascii()); fflush(stdout);
@ -110,88 +121,97 @@ printf("[RAJA DEBUG 600.1] URI: %s\n\r", uri.ascii()); fflush(stdout);
else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
return -1;
}
printf("[RAJA DEBUG 660.0]\n\r"); fflush(stdout);
TQString errorString;
LDAPPasswordDialog passdlg(0);
passdlg.m_base->ldapAdminRealm->setEnabled(false);
passdlg.m_base->ldapAdminRealm->insertItem(m_realm);
bool havepass = false;
if (m_creds) {
havepass = true;
}
else {
printf("[RAJA DEBUG 660.1]\n\r"); fflush(stdout);
LDAPPasswordDialog passdlg(0);
passdlg.m_base->ldapAdminRealm->setEnabled(false);
passdlg.m_base->ldapAdminRealm->insertItem(m_realm);
if (passdlg.exec() == TQDialog::Accepted) {
havepass = true;
if (!m_creds) {
m_creds = new LDAPCredentials();
m_creds->username = passdlg.m_base->ldapAdminUsername->text();
m_creds->password = passdlg.m_base->ldapAdminPassword->password();
m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText();
}
}
}
if (havepass == true) {
char* mechanism = NULL;
struct berval cred;
if (!m_creds) {
m_creds = new LDAPCredentials();
m_creds->username = passdlg.m_base->ldapAdminUsername->text();
m_creds->password = passdlg.m_base->ldapAdminPassword->password();
m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText();
}
TQString ldap_dn = m_creds->username;
TQCString pass = m_creds->password;
cred.bv_val = pass.data();
cred.bv_len = pass.length();
if (!ldap_dn.contains(",")) {
// Look for a POSIX account with anonymous bind and the specified account name
TQString uri;
LDAP* ldapconn;
if (use_secure_connection == 1) {
m_port = LDAP_SECURE_PORT;
uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port);
}
else {
m_port = LDAP_INSECURE_PORT;
uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port);
}
int retcode = ldap_initialize(&ldapconn, uri.ascii());
if (retcode < 0) {
if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode));
else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
return -1;
}
retcode = ldap_set_option(ldapconn, LDAP_OPT_PROTOCOL_VERSION, &requested_ldap_version);
if (retcode != LDAP_OPT_SUCCESS) {
if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode));
else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
return -1;
}
struct berval anoncred;
anoncred.bv_val = "";
anoncred.bv_len = strlen("");
retcode = ldap_sasl_bind_s(ldapconn, "", mechanism, &anoncred, NULL, NULL, NULL);
if (retcode == LDAP_SUCCESS ) {
// Look for the DN for the specified user
LDAPMessage* msg;
TQString ldap_base_dn = m_basedc;
TQString ldap_filter = TQString("(&(objectclass=posixAccount)(uid=%1))").arg(passdlg.m_base->ldapAdminUsername->text());
retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, NULL, 0, &msg);
if (retcode != LDAP_SUCCESS) {
if (errstr) *errstr = i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
else KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
printf("[RAJA DEBUG 660.2]\n\r"); fflush(stdout);
if (!uri.startsWith("ldapi://")) {
if (!ldap_dn.contains(",")) {
// Look for a POSIX account with anonymous bind and the specified account name
TQString uri;
LDAP* ldapconn;
if (m_host.contains("://")) {
uri = m_host;
}
else {
// Iterate through the returned entries
char* dn = NULL;
LDAPMessage* entry;
for(entry = ldap_first_entry(ldapconn, msg); entry != NULL; entry = ldap_next_entry(ldapconn, entry)) {
if((dn = ldap_get_dn(ldapconn, entry)) != NULL) {
ldap_dn = dn;
ldap_memfree(dn);
if (use_secure_connection == 1) {
m_port = LDAP_SECURE_PORT;
uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port);
}
else {
m_port = LDAP_INSECURE_PORT;
uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port);
}
}
int retcode = ldap_initialize(&ldapconn, uri.ascii());
if (retcode < 0) {
if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode));
else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
return -1;
}
retcode = ldap_set_option(ldapconn, LDAP_OPT_PROTOCOL_VERSION, &requested_ldap_version);
if (retcode != LDAP_OPT_SUCCESS) {
if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode));
else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
return -1;
}
struct berval anoncred;
anoncred.bv_val = "";
anoncred.bv_len = strlen("");
retcode = ldap_sasl_bind_s(ldapconn, "", mechanism, &anoncred, NULL, NULL, NULL);
if (retcode == LDAP_SUCCESS ) {
// Look for the DN for the specified user
LDAPMessage* msg;
TQString ldap_base_dn = m_basedc;
TQString ldap_filter = TQString("(&(objectclass=posixAccount)(uid=%1))").arg(m_creds->username);
retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, NULL, 0, &msg);
if (retcode != LDAP_SUCCESS) {
if (errstr) *errstr = i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
else KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
}
else {
// Iterate through the returned entries
char* dn = NULL;
LDAPMessage* entry;
for(entry = ldap_first_entry(ldapconn, msg); entry != NULL; entry = ldap_next_entry(ldapconn, entry)) {
if((dn = ldap_get_dn(ldapconn, entry)) != NULL) {
ldap_dn = dn;
ldap_memfree(dn);
}
}
}
// clean up
ldap_msgfree(msg);
// All done!
ldap_unbind_ext_s(ldapconn, NULL, NULL);
}
// clean up
ldap_msgfree(msg);
// All done!
ldap_unbind_ext_s(ldapconn, NULL, NULL);
}
}
@ -524,11 +544,11 @@ LDAPUserInfo LDAPManager::getUserByDistinguishedName(TQString dn) {
return LDAPUserInfo();
}
LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn) {
LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn, TQString *errstr) {
int retcode;
LDAPGroupInfo groupinfo;
if (bind() < 0) {
if (bind(errstr) < 0) {
return LDAPGroupInfo();
}
else {
@ -537,7 +557,8 @@ LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn) {
timeout.tv_sec = 10; // 10 second timeout
retcode = ldap_search_ext_s(m_ldap, dn.ascii(), LDAP_SCOPE_SUBTREE, NULL, ldap_user_and_operational_attributes, 0, NULL, NULL, &timeout, 0, &msg);
if (retcode != LDAP_SUCCESS) {
KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
if (errstr) *errstr = i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
else KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
return LDAPGroupInfo();
}

4
src/libtdeldap.h
Unescape Escape View File

@ -29,6 +29,8 @@
#include <tqdatetime.h>
#include <tqvaluelist.h>
#include <ksimpleconfig.h>
#define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
// Values from hdb.asn1
@ -220,7 +222,7 @@ class LDAPManager : public TQObject {
LDAPGroupInfoList groups();
LDAPMachineInfoList machines();
LDAPUserInfo getUserByDistinguishedName(TQString dn);
LDAPGroupInfo getGroupByDistinguishedName(TQString dn);
LDAPGroupInfo getGroupByDistinguishedName(TQString dn, TQString *errstr=0);
int updateUserInfo(LDAPUserInfo user);
int updateGroupInfo(LDAPGroupInfo group);
int addUserInfo(LDAPUserInfo user);

Write Preview
Loading…
Cancel
Save