Move bonding routines into core library

src/libtdeldap.cpp

@@ -1762,6 +1762,20 @@ int LDAPManager::deleteGroupInfo(LDAPGroupInfo group, TQString *errstr) {
 		return -1;
 	}
 	else {
+		// Remove the user from all member groups
+		LDAPGroupInfoList groupInfoList = groups(&retcode);
+		LDAPGroupInfoList::Iterator it;
+		for (it = groupInfoList.begin(); it != groupInfoList.end(); ++it) {
+			LDAPGroupInfo group = *it;
+			if (group.userlist.contains(user.distinguishedName)) {
+				group.userlist.remove(user.distinguishedName);
+				retcode = updateGroupInfo(group, errstr);
+				if (retcode != 0) {
+					return retcode;
+				}
+			}
+		}
+
 		// Delete the base DN entry
 		retcode = ldap_delete_ext_s(m_ldap, group.distinguishedName.ascii(), NULL, NULL);
 		if (retcode != LDAP_SUCCESS) {
@@ -2744,6 +2758,175 @@ TQString LDAPManager::getMachineFQDN() {
 	return fqdn;
 }
 
+int LDAPManager::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) {
+	TQCString command = "kadmin";
+	QCStringList args;
+	args << TQCString("-p") << TQCString(adminUserName+"@"+(adminRealm.upper())) << TQCString("-r") << TQCString(adminRealm.upper());
+
+	TQString hoststring = "host/"+getMachineFQDN();
+
+	TQString prompt;
+	PtyProcess kadminProc;
+	kadminProc.exec(command, args);
+	prompt = readFullLineFromPtyProcess(&kadminProc);
+	prompt = prompt.stripWhiteSpace();
+	if (prompt == "kadmin>") {
+		command = TQCString("ext "+hoststring);
+		kadminProc.writeLine(command, true);
+		do { // Discard our own input
+			prompt = readFullLineFromPtyProcess(&kadminProc);
+			printf("(kadmin) '%s'\n\r", prompt.ascii());
+		} while (prompt == TQString(command));
+		prompt = prompt.stripWhiteSpace();
+		if (prompt.endsWith(" Password:")) {
+			kadminProc.writeLine(adminPassword, true);
+			do { // Discard our own input
+				prompt = readFullLineFromPtyProcess(&kadminProc);
+				printf("(kadmin) '%s'\n\r", prompt.ascii());
+			} while (prompt == "");
+			prompt = prompt.stripWhiteSpace();
+		}
+		if (prompt.contains("authentication failed")) {
+			if (errstr) *errstr = prompt;
+			kadminProc.writeLine("quit", true);
+			return 1;
+		}
+		else if (prompt.endsWith("Principal does not exist")) {
+			command = TQCString("ank --random-key "+hoststring);
+			kadminProc.writeLine(command, true);
+			do { // Discard our own input
+				prompt = readFullLineFromPtyProcess(&kadminProc);
+				printf("(kadmin) '%s'\n\r", prompt.ascii());
+			} while (prompt == TQString(command));
+			prompt = prompt.stripWhiteSpace();
+			// Use all defaults
+			while (prompt != "kadmin>") {
+				if (prompt.endsWith(" Password:")) {
+					kadminProc.writeLine(adminPassword, true);
+					do { // Discard our own input
+						prompt = readFullLineFromPtyProcess(&kadminProc);
+						printf("(kadmin) '%s'\n\r", prompt.ascii());
+					} while (prompt == "");
+					prompt = prompt.stripWhiteSpace();
+				}
+				if (prompt.contains("authentication failed")) {
+					if (errstr) *errstr = prompt;
+					kadminProc.writeLine("quit", true);
+					return 1;
+				}
+				else {
+					// Extract whatever default is in the [brackets] and feed it back to kadmin
+					TQString defaultParam;
+					int leftbracket = prompt.find("[");
+					int rightbracket = prompt.find("]");
+					if ((leftbracket >= 0) && (rightbracket >= 0)) {
+						leftbracket++;
+						defaultParam = prompt.mid(leftbracket, rightbracket-leftbracket);
+					}
+					command = TQCString(defaultParam);
+					kadminProc.writeLine(command, true);
+					do { // Discard our own input
+						prompt = readFullLineFromPtyProcess(&kadminProc);
+						printf("(kadmin) '%s'\n\r", prompt.ascii());
+					} while (prompt == TQString(command));
+					prompt = prompt.stripWhiteSpace();
+				}
+			}
+			command = TQCString("ext "+hoststring);
+			kadminProc.writeLine(command, true);
+			do { // Discard our own input
+				prompt = readFullLineFromPtyProcess(&kadminProc);
+				printf("(kadmin) '%s'\n\r", prompt.ascii());
+			} while (prompt == TQString(command));
+			prompt = prompt.stripWhiteSpace();
+			if (prompt != "kadmin>") {
+				if (errstr) *errstr = prompt;
+				kadminProc.writeLine("quit", true);
+				return 1;
+			}
+
+			// Success!
+			kadminProc.writeLine("quit", true);
+
+			realmcfg.bonded = true;
+			save();
+			return 0;
+		}
+		else if (prompt == "kadmin>") {
+			// Success!
+			kadminProc.writeLine("quit", true);
+
+			realmcfg.bonded = true;
+			save();
+			return 0;
+		}
+
+		// Failure
+		if (errstr) *errstr = prompt;
+		kadminProc.writeLine("quit", true);
+		return 1;
+	}
+
+	if (errstr) *errstr = "Internal error.  Verify that kadmin exists and can be executed.";
+	return 1;	// Failure
+}
+
+int LDAPManager::unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) {
+	Q_UNUSED(realmcfg);
+
+	TQCString command = "kadmin";
+	QCStringList args;
+	args << TQCString("-p") << TQCString(adminUserName+"@"+(adminRealm.upper()));
+
+	TQString hoststring = "host/"+getMachineFQDN();
+
+	TQString hostprinc = TQStringList::split(".", hoststring)[0];
+	hostprinc.append("@"+(adminRealm.upper()));
+
+	TQString prompt;
+	PtyProcess kadminProc;
+	kadminProc.exec(command, args);
+	prompt = readFullLineFromPtyProcess(&kadminProc);
+	prompt = prompt.stripWhiteSpace();
+	if (prompt == "kadmin>") {
+		command = TQCString("delete "+hoststring);
+		kadminProc.writeLine(command, true);
+		do { // Discard our own input
+			prompt = readFullLineFromPtyProcess(&kadminProc);
+			printf("(kadmin) '%s'\n\r", prompt.ascii());
+		} while (prompt == TQString(command));
+		prompt = prompt.stripWhiteSpace();
+		if (prompt.endsWith(" Password:")) {
+			kadminProc.writeLine(adminPassword, true);
+			do { // Discard our own input
+				prompt = readFullLineFromPtyProcess(&kadminProc);
+				printf("(kadmin) '%s'\n\r", prompt.ascii());
+			} while (prompt == "");
+			prompt = prompt.stripWhiteSpace();
+		}
+		if (prompt != "kadmin>") {
+			if (errstr) *errstr = prompt;
+			kadminProc.writeLine("quit", true);
+			return 1;
+		}
+
+		// Success!
+		kadminProc.writeLine("quit", true);
+
+		// Delete keys from keytab
+		TQString commmand = TQString("ktutil remove -p %1").arg(hostprinc);
+		if (system(command) < 0) {
+			printf("ERROR: Execution of \"%s\" failed!\n\r", command.ascii());
+			return 1;	// Failure
+		}
+
+		// Success!
+		return 0;
+	}
+
+	return 1;	// Failure
+}
+
 // ===============================================================================================================
 //
 // DATA CLASS CONSTRUCTORS AND DESTRUCTORS

src/libtdeldap.h

@@ -426,6 +426,9 @@ class LDAPManager : public TQObject {
 		static TQString detailedKAdminErrorMessage(TQString initialMessage);
 		static TQString readFullLineFromPtyProcess(PtyProcess* proc);
 
+		static int bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0);
+		static int unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0);
+
 	private:
 		LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry);
 		LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry);