diff options
| -rw-r--r-- | src/libtdeldap.cpp | 157 | ||||
| -rw-r--r-- | src/libtdeldap.h | 4 |
2 files changed, 92 insertions, 69 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index 39dc65c..3fc2006 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -80,7 +80,7 @@ LDAPCredentials LDAPManager::currentLDAPCredentials() { } int LDAPManager::bind(TQString* errstr) { -printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout); +printf("[RAJA DEBUG 600.0] In LDAPManager::bind(%p)\n\r", errstr); fflush(stdout); if (m_ldap) { return 0; } @@ -88,13 +88,24 @@ printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout); int use_secure_connection = 0; TQString uri; - if (use_secure_connection == 1) { - m_port = LDAP_SECURE_PORT; - uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port); + if (m_host.contains("://")) { + uri = m_host; + if (!m_creds) { + m_creds = new LDAPCredentials(); + m_creds->username = ""; + m_creds->password = ""; + m_creds->realm = m_realm; + } } else { - m_port = LDAP_INSECURE_PORT; - uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port); + if (use_secure_connection == 1) { + m_port = LDAP_SECURE_PORT; + uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port); + } + else { + m_port = LDAP_INSECURE_PORT; + uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port); + } } printf("[RAJA DEBUG 600.1] URI: %s\n\r", uri.ascii()); fflush(stdout); @@ -110,88 +121,97 @@ printf("[RAJA DEBUG 600.1] URI: %s\n\r", uri.ascii()); fflush(stdout); else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); return -1; } +printf("[RAJA DEBUG 660.0]\n\r"); fflush(stdout); TQString errorString; - LDAPPasswordDialog passdlg(0); - passdlg.m_base->ldapAdminRealm->setEnabled(false); - passdlg.m_base->ldapAdminRealm->insertItem(m_realm); bool havepass = false; if (m_creds) { havepass = true; } else { +printf("[RAJA DEBUG 660.1]\n\r"); fflush(stdout); + LDAPPasswordDialog passdlg(0); + passdlg.m_base->ldapAdminRealm->setEnabled(false); + passdlg.m_base->ldapAdminRealm->insertItem(m_realm); if (passdlg.exec() == TQDialog::Accepted) { havepass = true; + if (!m_creds) { + m_creds = new LDAPCredentials(); + m_creds->username = passdlg.m_base->ldapAdminUsername->text(); + m_creds->password = passdlg.m_base->ldapAdminPassword->password(); + m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText(); + } } } if (havepass == true) { char* mechanism = NULL; struct berval cred; - if (!m_creds) { - m_creds = new LDAPCredentials(); - m_creds->username = passdlg.m_base->ldapAdminUsername->text(); - m_creds->password = passdlg.m_base->ldapAdminPassword->password(); - m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText(); - } TQString ldap_dn = m_creds->username; TQCString pass = m_creds->password; cred.bv_val = pass.data(); cred.bv_len = pass.length(); - - if (!ldap_dn.contains(",")) { - // Look for a POSIX account with anonymous bind and the specified account name - TQString uri; - LDAP* ldapconn; - if (use_secure_connection == 1) { - m_port = LDAP_SECURE_PORT; - uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port); - } - else { - m_port = LDAP_INSECURE_PORT; - uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port); - } - int retcode = ldap_initialize(&ldapconn, uri.ascii()); - if (retcode < 0) { - if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)); - else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); - return -1; - } - retcode = ldap_set_option(ldapconn, LDAP_OPT_PROTOCOL_VERSION, &requested_ldap_version); - if (retcode != LDAP_OPT_SUCCESS) { - if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)); - else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); - return -1; - } - struct berval anoncred; - anoncred.bv_val = ""; - anoncred.bv_len = strlen(""); - retcode = ldap_sasl_bind_s(ldapconn, "", mechanism, &anoncred, NULL, NULL, NULL); - if (retcode == LDAP_SUCCESS ) { - // Look for the DN for the specified user - LDAPMessage* msg; - TQString ldap_base_dn = m_basedc; - TQString ldap_filter = TQString("(&(objectclass=posixAccount)(uid=%1))").arg(passdlg.m_base->ldapAdminUsername->text()); - retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, NULL, 0, &msg); - if (retcode != LDAP_SUCCESS) { - if (errstr) *errstr = i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)); - else KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); +printf("[RAJA DEBUG 660.2]\n\r"); fflush(stdout); + if (!uri.startsWith("ldapi://")) { + if (!ldap_dn.contains(",")) { + // Look for a POSIX account with anonymous bind and the specified account name + TQString uri; + LDAP* ldapconn; + if (m_host.contains("://")) { + uri = m_host; } else { - // Iterate through the returned entries - char* dn = NULL; - LDAPMessage* entry; - for(entry = ldap_first_entry(ldapconn, msg); entry != NULL; entry = ldap_next_entry(ldapconn, entry)) { - if((dn = ldap_get_dn(ldapconn, entry)) != NULL) { - ldap_dn = dn; - ldap_memfree(dn); + if (use_secure_connection == 1) { + m_port = LDAP_SECURE_PORT; + uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port); + } + else { + m_port = LDAP_INSECURE_PORT; + uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port); + } + } + int retcode = ldap_initialize(&ldapconn, uri.ascii()); + if (retcode < 0) { + if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)); + else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); + return -1; + } + retcode = ldap_set_option(ldapconn, LDAP_OPT_PROTOCOL_VERSION, &requested_ldap_version); + if (retcode != LDAP_OPT_SUCCESS) { + if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)); + else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); + return -1; + } + struct berval anoncred; + anoncred.bv_val = ""; + anoncred.bv_len = strlen(""); + retcode = ldap_sasl_bind_s(ldapconn, "", mechanism, &anoncred, NULL, NULL, NULL); + if (retcode == LDAP_SUCCESS ) { + // Look for the DN for the specified user + LDAPMessage* msg; + TQString ldap_base_dn = m_basedc; + TQString ldap_filter = TQString("(&(objectclass=posixAccount)(uid=%1))").arg(m_creds->username); + retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, NULL, 0, &msg); + if (retcode != LDAP_SUCCESS) { + if (errstr) *errstr = i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)); + else KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + } + else { + // Iterate through the returned entries + char* dn = NULL; + LDAPMessage* entry; + for(entry = ldap_first_entry(ldapconn, msg); entry != NULL; entry = ldap_next_entry(ldapconn, entry)) { + if((dn = ldap_get_dn(ldapconn, entry)) != NULL) { + ldap_dn = dn; + ldap_memfree(dn); + } } } + // clean up + ldap_msgfree(msg); + + // All done! + ldap_unbind_ext_s(ldapconn, NULL, NULL); } - // clean up - ldap_msgfree(msg); - - // All done! - ldap_unbind_ext_s(ldapconn, NULL, NULL); } } @@ -524,11 +544,11 @@ LDAPUserInfo LDAPManager::getUserByDistinguishedName(TQString dn) { return LDAPUserInfo(); } -LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn) { +LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn, TQString *errstr) { int retcode; LDAPGroupInfo groupinfo; - if (bind() < 0) { + if (bind(errstr) < 0) { return LDAPGroupInfo(); } else { @@ -537,7 +557,8 @@ LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn) { timeout.tv_sec = 10; // 10 second timeout retcode = ldap_search_ext_s(m_ldap, dn.ascii(), LDAP_SCOPE_SUBTREE, NULL, ldap_user_and_operational_attributes, 0, NULL, NULL, &timeout, 0, &msg); if (retcode != LDAP_SUCCESS) { - KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + if (errstr) *errstr = i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)); + else KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); return LDAPGroupInfo(); } diff --git a/src/libtdeldap.h b/src/libtdeldap.h index f501f29..eb9aceb 100644 --- a/src/libtdeldap.h +++ b/src/libtdeldap.h @@ -29,6 +29,8 @@ #include <tqdatetime.h> #include <tqvaluelist.h> +#include <ksimpleconfig.h> + #define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data" // Values from hdb.asn1 @@ -220,7 +222,7 @@ class LDAPManager : public TQObject { LDAPGroupInfoList groups(); LDAPMachineInfoList machines(); LDAPUserInfo getUserByDistinguishedName(TQString dn); - LDAPGroupInfo getGroupByDistinguishedName(TQString dn); + LDAPGroupInfo getGroupByDistinguishedName(TQString dn, TQString *errstr=0); int updateUserInfo(LDAPUserInfo user); int updateGroupInfo(LDAPGroupInfo group); int addUserInfo(LDAPUserInfo user); |