Final upload from initial development system

pull/1/head
Timothy Pearson 13 years ago
parent a90355f364
commit 7982753d88

@ -149,7 +149,6 @@ int sasl_bind_interact_callback(LDAP* ld, unsigned flags, void* defaults, void*
}
int LDAPManager::bind(TQString* errstr) {
printf("[RAJA DEBUG 600.0] In LDAPManager::bind(%p)\n\r", errstr); fflush(stdout);
if (m_ldap) {
return 0;
}
@ -166,7 +165,6 @@ printf("[RAJA DEBUG 600.0] In LDAPManager::bind(%p)\n\r", errstr); fflush(stdout
havepass = true;
}
else {
printf("[RAJA DEBUG 660.1]\n\r"); fflush(stdout);
LDAPPasswordDialog passdlg(0, 0, (m_krbTickets.count() > 0));
passdlg.m_base->ldapAdminRealm->setEnabled(false);
passdlg.m_base->ldapAdminRealm->insertItem(m_realm);
@ -209,7 +207,6 @@ printf("[RAJA DEBUG 660.1]\n\r"); fflush(stdout);
uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port);
}
}
printf("[RAJA DEBUG 600.1] URI: %s\n\r", uri.ascii()); fflush(stdout);
int retcode = ldap_initialize(&m_ldap, uri.ascii());
if (retcode < 0) {
@ -223,7 +220,6 @@ printf("[RAJA DEBUG 600.1] URI: %s\n\r", uri.ascii()); fflush(stdout);
else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4%5</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)).arg(ldapLikelyErrorCause(retcode, ERRORCAUSE_LOCATION_BIND)), i18n("Unable to connect to server!"));
return -1;
}
printf("[RAJA DEBUG 660.0]\n\r"); fflush(stdout);
TQString errorString;
if (havepass == true) {
@ -233,7 +229,6 @@ printf("[RAJA DEBUG 660.0]\n\r"); fflush(stdout);
TQCString pass = m_creds->password;
cred.bv_val = pass.data();
cred.bv_len = pass.length();
printf("[RAJA DEBUG 660.2]\n\r"); fflush(stdout);
if ((!using_ldapi && !using_gssapi)) {
if (!ldap_dn.contains(",")) {
// Look for a POSIX account with anonymous bind and the specified account name
@ -304,7 +299,6 @@ printf("[RAJA DEBUG 660.2]\n\r"); fflush(stdout);
else {
retcode = ldap_sasl_bind_s(m_ldap, ldap_dn.ascii(), mechanism, &cred, NULL, NULL, NULL);
}
printf("[RAJA DEBUG 600.2] ldap_dn: %s\n\r", ldap_dn.ascii()); fflush(stdout);
if (retcode != LDAP_SUCCESS ) {
if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4%5</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)).arg(ldapLikelyErrorCause(retcode, ERRORCAUSE_LOCATION_BIND));
@ -322,7 +316,6 @@ printf("[RAJA DEBUG 600.2] ldap_dn: %s\n\r", ldap_dn.ascii()); fflush(stdout);
}
int LDAPManager::unbind(bool force, TQString* errstr) {
printf("[RAJA DEBUG 601.0] In LDAPManager::unbind()\n\r"); fflush(stdout);
if (!m_ldap) {
return 0;
}
@ -349,7 +342,6 @@ LDAPUserInfo LDAPManager::parseLDAPUserRecord(LDAPMessage* entry) {
LDAPUserInfo userinfo;
if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
printf("Returned dn: %s\n", dn);
userinfo.distinguishedName = dn;
TQStringList dnParts = TQStringList::split(",", dn);
TQString id = dnParts[0];
@ -362,7 +354,6 @@ LDAPUserInfo LDAPManager::parseLDAPUserRecord(LDAPMessage* entry) {
for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) {
if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) {
printf("[RAJA DEBUG 100.3] %s: %s\n\r", attr, vals[i]->bv_val);
userinfo.informationValid = true;
TQString ldap_field = attr;
i=0;
@ -564,22 +555,18 @@ printf("[RAJA DEBUG 100.3] %s: %s\n\r", attr, vals[i]->bv_val);
ber_free(ber, 0);
}
printf("\n\r");
return userinfo;
}
LDAPUserInfoList LDAPManager::users(int* mretcode) {
int retcode;
LDAPUserInfoList users;
printf("[RAJA DEBUG 100.0] In LDAPManager::users()\n\r"); fflush(stdout);
if (bind() < 0) {
if (mretcode) *mretcode = -1;
return LDAPUserInfoList();
}
else {
printf("[RAJA DEBUG 100.1] In LDAPManager::users() bind was OK\n\r"); fflush(stdout);
LDAPMessage* msg;
TQString ldap_base_dn = m_basedc;
TQString ldap_filter = "(objectClass=posixAccount)";
@ -590,8 +577,6 @@ printf("[RAJA DEBUG 100.1] In LDAPManager::users() bind was OK\n\r"); fflush(std
return LDAPUserInfoList();
}
printf("[RAJA DEBUG 100.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg));
// Iterate through the returned entries
LDAPMessage* entry;
for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) {
@ -865,23 +850,28 @@ int LDAPManager::setPasswordForUser(LDAPUserInfo user, TQString *errstr) {
}
LDAPCredentials admincreds = currentLDAPCredentials();
// RAJA FIXME
// How to handle GSSAPI auth?
// We can't really at this point
// GSSAPI and friends ONLY WORK if 'kinit -S kadmin/admin' was run after the inital TGT was granted
// What we need is a proper ticket management system
// Also, why doesn't 'kgetcred kadmin/admin' work?
// For now, let's just prompt for the password if admincreds.password == ""
if ((admincreds.username == "") && (admincreds.password == "")) {
// Probably GSSAPI
// Get active ticket principal...
KerberosTicketInfoList tickets = LDAPManager::getKerberosTicketList();
TQStringList principalParts = TQStringList::split("@", tickets[0].cachePrincipal, false);
admincreds.username = principalParts[0];
admincreds.realm = principalParts[1];
}
TQCString command = "kadmin";
QCStringList args;
if (m_host.startsWith("ldapi://")) {
args << TQCString("-l") << TQCString("-r") << TQCString(admincreds.realm.upper());
}
else {
if (admincreds.username == "") {
args << TQCString("-r") << TQCString(admincreds.realm.upper());
}
else {
args << TQCString("-p") << TQCString(admincreds.username.lower()+"@"+(admincreds.realm.upper())) << TQCString("-r") << TQCString(admincreds.realm.upper());
}
}
TQString prompt;
PtyProcess kadminProc;
@ -905,11 +895,20 @@ int LDAPManager::setPasswordForUser(LDAPUserInfo user, TQString *errstr) {
prompt = prompt.stripWhiteSpace();
}
if (prompt.endsWith(" Password:")) {
if (admincreds.password == "") {
TQCString password;
int result = KPasswordDialog::getPassword(password, prompt);
if (result == KPasswordDialog::Accepted) {
admincreds.password = password;
}
}
if (admincreds.password != "") {
kadminProc.writeLine(admincreds.password, true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
}
}
if (prompt != "kadmin>") {
if (errstr) *errstr = prompt;
kadminProc.writeLine("quit", true);
@ -1539,7 +1538,6 @@ LDAPGroupInfo LDAPManager::parseLDAPGroupRecord(LDAPMessage* entry) {
LDAPGroupInfo groupinfo;
if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
printf("Returned dn: %s\n", dn);
groupinfo.distinguishedName = dn;
TQStringList dnParts = TQStringList::split(",", dn);
TQString id = dnParts[0];
@ -1552,9 +1550,6 @@ LDAPGroupInfo LDAPManager::parseLDAPGroupRecord(LDAPMessage* entry) {
for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) {
if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) {
for(i = 0; vals[i] != NULL; i++) {
printf("[RAJA DEBUG 110.3] %s: %s\n\r", attr, vals[i]->bv_val);
}
groupinfo.informationValid = true;
TQString ldap_field = attr;
i=0;
@ -1587,8 +1582,6 @@ for(i = 0; vals[i] != NULL; i++) {
ber_free(ber, 0);
}
printf("\n\r");
return groupinfo;
}
@ -1602,7 +1595,6 @@ LDAPMachineInfo LDAPManager::parseLDAPMachineRecord(LDAPMessage* entry) {
LDAPMachineInfo machineinfo;
if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
printf("Returned dn: %s\n", dn);
machineinfo.distinguishedName = dn;
TQStringList dnParts = TQStringList::split(",", dn);
TQString id = dnParts[0];
@ -1616,9 +1608,6 @@ LDAPMachineInfo LDAPManager::parseLDAPMachineRecord(LDAPMessage* entry) {
for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) {
if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) {
for(i = 0; vals[i] != NULL; i++) {
printf("[RAJA DEBUG 120.3] %s: %s\n\r", attr, vals[i]->bv_val);
}
machineinfo.informationValid = true;
TQString ldap_field = attr;
i=0;
@ -1640,22 +1629,18 @@ for(i = 0; vals[i] != NULL; i++) {
ber_free(ber, 0);
}
printf("\n\r");
return machineinfo;
}
LDAPGroupInfoList LDAPManager::groups(int* mretcode) {
int retcode;
LDAPGroupInfoList groups;
printf("[RAJA DEBUG 110.0] In LDAPManager::groups()\n\r"); fflush(stdout);
if (bind() < 0) {
if (mretcode) *mretcode = -1;
return LDAPGroupInfoList();
}
else {
printf("[RAJA DEBUG 110.1] In LDAPManager::groups() bind was OK\n\r"); fflush(stdout);
LDAPMessage* msg;
TQString ldap_base_dn = m_basedc;
TQString ldap_filter = "(objectClass=posixGroup)";
@ -1666,12 +1651,9 @@ printf("[RAJA DEBUG 110.1] In LDAPManager::groups() bind was OK\n\r"); fflush(st
return LDAPGroupInfoList();
}
printf("[RAJA DEBUG 110.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg));
// Iterate through the returned entries
LDAPMessage* entry;
for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) {
// RAJA
groups.append(parseLDAPGroupRecord(entry));
}
@ -1688,14 +1670,12 @@ printf("[RAJA DEBUG 110.2] The number of entries returned was %d\n\n", ldap_coun
LDAPMachineInfoList LDAPManager::machines(int* mretcode) {
int retcode;
LDAPMachineInfoList machines;
printf("[RAJA DEBUG 120.0] In LDAPManager::machines()\n\r"); fflush(stdout);
if (bind() < 0) {
if (mretcode) *mretcode = -1;
return LDAPMachineInfoList();
}
else {
printf("[RAJA DEBUG 120.1] In LDAPManager::machines() bind was OK\n\r"); fflush(stdout);
LDAPMessage* msg;
TQString ldap_base_dn = m_basedc;
TQString ldap_filter = "(&(objectClass=krb5Principal)(uid=host/*))";
@ -1706,8 +1686,6 @@ printf("[RAJA DEBUG 120.1] In LDAPManager::machines() bind was OK\n\r"); fflush(
return LDAPMachineInfoList();
}
printf("[RAJA DEBUG 120.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg));
// Iterate through the returned entries
LDAPMessage* entry;
for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) {
@ -1783,13 +1761,11 @@ int LDAPManager::writeCertificateFileIntoDirectory(TQByteArray cert, TQString at
// Special method, used when creating a new Kerberos realm
int LDAPManager::moveKerberosEntries(TQString newSuffix, TQString* errstr) {
int retcode;
printf("[RAJA DEBUG 140.0] In LDAPManager::moveKerberosEntries()\n\r"); fflush(stdout);
if (bind(errstr) < 0) {
return -1;
}
else {
printf("[RAJA DEBUG 140.1] In LDAPManager::moveKerberosEntries() bind was OK\n\r"); fflush(stdout);
LDAPMessage* msg;
TQString ldap_base_dn = m_basedc;
TQString ldap_filter = "(&(objectClass=krb5Principal)(!(objectClass=posixAccount)))";
@ -1799,8 +1775,6 @@ printf("[RAJA DEBUG 140.1] In LDAPManager::moveKerberosEntries() bind was OK\n\r
return -1;
}
printf("[RAJA DEBUG 140.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg));
// Iterate through the returned entries
LDAPMessage* entry;
for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) {
@ -1811,7 +1785,6 @@ printf("[RAJA DEBUG 140.2] The number of entries returned was %d\n\n", ldap_coun
if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
TQStringList dnParts = TQStringList::split(",", dn);
TQString id = dnParts[0];
printf("[RAJA DEBUG 140.3] Moving %s to relative DN %s and parent %s", dn, id.ascii(), newSuffix.ascii()); fflush(stdout);
retcode = ldap_rename_s(m_ldap, dn, id, newSuffix, 0, NULL, NULL);
if (retcode != LDAP_SUCCESS) {
if (errstr) *errstr = i18n("LDAP rename failure<p>Reason: [%3] %4").arg(retcode).arg(ldap_err2string(retcode));
@ -1893,15 +1866,11 @@ LDAPTDEBuiltinsInfo LDAPManager::parseLDAPTDEBuiltinsRecord(LDAPMessage* entry)
LDAPTDEBuiltinsInfo builtininfo;
if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
printf("Returned dn: %s\n", dn);
ldap_memfree(dn);
}
for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) {
if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) {
for(i = 0; vals[i] != NULL; i++) {
printf("[RAJA DEBUG 160.3] %s: %s\n\r", attr, vals[i]->bv_val);
}
builtininfo.informationValid = true;
TQString ldap_field = attr;
i=0;
@ -1926,8 +1895,6 @@ for(i = 0; vals[i] != NULL; i++) {
ber_free(ber, 0);
}
printf("\n\r");
return builtininfo;
}

Loading…
Cancel
Save