diff options
| author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2012-06-11 02:10:36 -0500 |
|---|---|---|
| committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2012-06-11 02:10:36 -0500 |
| commit | 072098e10daf6fb9a0af0065d9b1130c5405bd0d (patch) | |
| tree | e8f4d033a91762be90768e6e69a4ac4c70481052 /src/libtdeldap.h | |
| parent | df417d4eda7b5900fd99666093d5b346d4a8aefb (diff) | |
| download | libtdeldap-072098e10daf6fb9a0af0065d9b1130c5405bd0d.tar.gz libtdeldap-072098e10daf6fb9a0af0065d9b1130c5405bd0d.zip | |
Add a variety of ticket management functions
Diffstat (limited to 'src/libtdeldap.h')
| -rw-r--r-- | src/libtdeldap.h | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/src/libtdeldap.h b/src/libtdeldap.h index 39ce2b0..0edf803 100644 --- a/src/libtdeldap.h +++ b/src/libtdeldap.h @@ -77,6 +77,48 @@ enum LDAPKRB5Flags { KRB5_FLAG_MAX = 0x80000000 }; +inline LDAPKRB5Flags operator|(LDAPKRB5Flags a, LDAPKRB5Flags b) +{ + return static_cast<LDAPKRB5Flags>(static_cast<int>(a) | static_cast<int>(b)); +} + +inline LDAPKRB5Flags operator&(LDAPKRB5Flags a, LDAPKRB5Flags b) +{ + return static_cast<LDAPKRB5Flags>(static_cast<int>(a) & static_cast<int>(b)); +} + +// Values from krb5.asn1 +enum KRB5TicketFlags { + KRB5_TICKET_RESERVED = 0x00000001, + KRB5_TICKET_FORWARDABLE = 0x00000002, + KRB5_TICKET_FORWARDED = 0x00000004, + KRB5_TICKET_PROXIABLE = 0x00000008, + KRB5_TICKET_PROXY = 0x00000010, + KRB5_TICKET_MAY_POSTDATE = 0x00000020, + KRB5_TICKET_POSTDATED = 0x00000040, + KRB5_TICKET_INVALID = 0x00000080, + KRB5_TICKET_RENEWABLE = 0x00000100, + KRB5_TICKET_INITIAL = 0x00000200, + KRB5_TICKET_PREAUTHENT = 0x00000400, + KRB5_TICKET_HW_AUTHENT = 0x00000800, + KRB5_TICKET_TRANSIT_CHECKED = 0x00001000, + KRB5_TICKET_OK_AS_DELEGATE = 0x00002000, + KRB5_TICKET_ANONYMOUS = 0x00004000, + KRB5_TICKET_ENC_PA_REP = 0x00008000, + + KRB5_TICKET_FLAG_MAX = 0x80000000 +}; + +inline KRB5TicketFlags operator|(KRB5TicketFlags a, KRB5TicketFlags b) +{ + return static_cast<KRB5TicketFlags>(static_cast<int>(a) | static_cast<int>(b)); +} + +inline KRB5TicketFlags operator&(KRB5TicketFlags a, KRB5TicketFlags b) +{ + return static_cast<KRB5TicketFlags>(static_cast<int>(a) & static_cast<int>(b)); +} + typedef TQValueList<uid_t> UserList; typedef TQValueList<gid_t> GroupList; @@ -91,6 +133,7 @@ class LDAPCredentials TQCString password; TQString realm; bool use_tls; + TQString service; }; // PRIVATE @@ -262,9 +305,33 @@ class LDAPTDEBuiltinsInfo TQString builtinStandardUserGroup; }; +class KerberosTicketInfo +{ + public: + KerberosTicketInfo(); + ~KerberosTicketInfo(); + + public: + bool informationValid; + TQString cacheURL; + TQString cachePrincipal; + int cacheVersion; + TQString serverPrincipal; + TQString clientPrincipal; + TQString encryptionType; + int keyVersionNumber; + int ticketSize; + TQDateTime authenticationTime; + TQDateTime validStartTime; + TQDateTime validEndTime; + KRB5TicketFlags flags; + TQStringList addresses; +}; + typedef TQValueList<LDAPUserInfo> LDAPUserInfoList; typedef TQValueList<LDAPGroupInfo> LDAPGroupInfoList; typedef TQValueList<LDAPMachineInfo> LDAPMachineInfoList; +typedef TQValueList<KerberosTicketInfo> KerberosTicketInfoList; class LDAPManager : public TQObject { Q_OBJECT @@ -315,6 +382,11 @@ class LDAPManager : public TQObject { static TQString ldapdnForRealm(TQString realm); static TQString cnFromDn(TQString dn); + static KerberosTicketInfoList getKerberosTicketList(TQString cache=TQString::null, TQString *cacheFileName=0); + static int getKerberosPassword(LDAPCredentials &creds, TQString prompt, bool requestServicePrincipal=false, TQWidget* parent=0); + static int obtainKerberosTicket(LDAPCredentials creds, TQString principal, TQString *errstr=0); + static int destroyKerberosTicket(TQString principal, TQString *errstr=0); + private: LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry); LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry); |