summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libtdeldap.cpp157
-rw-r--r--src/libtdeldap.h4
2 files changed, 92 insertions, 69 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 39dc65c..3fc2006 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -80,7 +80,7 @@ LDAPCredentials LDAPManager::currentLDAPCredentials() {
}
int LDAPManager::bind(TQString* errstr) {
-printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
+printf("[RAJA DEBUG 600.0] In LDAPManager::bind(%p)\n\r", errstr); fflush(stdout);
if (m_ldap) {
return 0;
}
@@ -88,13 +88,24 @@ printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
int use_secure_connection = 0;
TQString uri;
- if (use_secure_connection == 1) {
- m_port = LDAP_SECURE_PORT;
- uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port);
+ if (m_host.contains("://")) {
+ uri = m_host;
+ if (!m_creds) {
+ m_creds = new LDAPCredentials();
+ m_creds->username = "";
+ m_creds->password = "";
+ m_creds->realm = m_realm;
+ }
}
else {
- m_port = LDAP_INSECURE_PORT;
- uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port);
+ if (use_secure_connection == 1) {
+ m_port = LDAP_SECURE_PORT;
+ uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port);
+ }
+ else {
+ m_port = LDAP_INSECURE_PORT;
+ uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port);
+ }
}
printf("[RAJA DEBUG 600.1] URI: %s\n\r", uri.ascii()); fflush(stdout);
@@ -110,88 +121,97 @@ printf("[RAJA DEBUG 600.1] URI: %s\n\r", uri.ascii()); fflush(stdout);
else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
return -1;
}
+printf("[RAJA DEBUG 660.0]\n\r"); fflush(stdout);
TQString errorString;
- LDAPPasswordDialog passdlg(0);
- passdlg.m_base->ldapAdminRealm->setEnabled(false);
- passdlg.m_base->ldapAdminRealm->insertItem(m_realm);
bool havepass = false;
if (m_creds) {
havepass = true;
}
else {
+printf("[RAJA DEBUG 660.1]\n\r"); fflush(stdout);
+ LDAPPasswordDialog passdlg(0);
+ passdlg.m_base->ldapAdminRealm->setEnabled(false);
+ passdlg.m_base->ldapAdminRealm->insertItem(m_realm);
if (passdlg.exec() == TQDialog::Accepted) {
havepass = true;
+ if (!m_creds) {
+ m_creds = new LDAPCredentials();
+ m_creds->username = passdlg.m_base->ldapAdminUsername->text();
+ m_creds->password = passdlg.m_base->ldapAdminPassword->password();
+ m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText();
+ }
}
}
if (havepass == true) {
char* mechanism = NULL;
struct berval cred;
- if (!m_creds) {
- m_creds = new LDAPCredentials();
- m_creds->username = passdlg.m_base->ldapAdminUsername->text();
- m_creds->password = passdlg.m_base->ldapAdminPassword->password();
- m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText();
- }
TQString ldap_dn = m_creds->username;
TQCString pass = m_creds->password;
cred.bv_val = pass.data();
cred.bv_len = pass.length();
-
- if (!ldap_dn.contains(",")) {
- // Look for a POSIX account with anonymous bind and the specified account name
- TQString uri;
- LDAP* ldapconn;
- if (use_secure_connection == 1) {
- m_port = LDAP_SECURE_PORT;
- uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port);
- }
- else {
- m_port = LDAP_INSECURE_PORT;
- uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port);
- }
- int retcode = ldap_initialize(&ldapconn, uri.ascii());
- if (retcode < 0) {
- if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode));
- else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
- return -1;
- }
- retcode = ldap_set_option(ldapconn, LDAP_OPT_PROTOCOL_VERSION, &requested_ldap_version);
- if (retcode != LDAP_OPT_SUCCESS) {
- if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode));
- else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
- return -1;
- }
- struct berval anoncred;
- anoncred.bv_val = "";
- anoncred.bv_len = strlen("");
- retcode = ldap_sasl_bind_s(ldapconn, "", mechanism, &anoncred, NULL, NULL, NULL);
- if (retcode == LDAP_SUCCESS ) {
- // Look for the DN for the specified user
- LDAPMessage* msg;
- TQString ldap_base_dn = m_basedc;
- TQString ldap_filter = TQString("(&(objectclass=posixAccount)(uid=%1))").arg(passdlg.m_base->ldapAdminUsername->text());
- retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, NULL, 0, &msg);
- if (retcode != LDAP_SUCCESS) {
- if (errstr) *errstr = i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
- else KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+printf("[RAJA DEBUG 660.2]\n\r"); fflush(stdout);
+ if (!uri.startsWith("ldapi://")) {
+ if (!ldap_dn.contains(",")) {
+ // Look for a POSIX account with anonymous bind and the specified account name
+ TQString uri;
+ LDAP* ldapconn;
+ if (m_host.contains("://")) {
+ uri = m_host;
}
else {
- // Iterate through the returned entries
- char* dn = NULL;
- LDAPMessage* entry;
- for(entry = ldap_first_entry(ldapconn, msg); entry != NULL; entry = ldap_next_entry(ldapconn, entry)) {
- if((dn = ldap_get_dn(ldapconn, entry)) != NULL) {
- ldap_dn = dn;
- ldap_memfree(dn);
+ if (use_secure_connection == 1) {
+ m_port = LDAP_SECURE_PORT;
+ uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port);
+ }
+ else {
+ m_port = LDAP_INSECURE_PORT;
+ uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port);
+ }
+ }
+ int retcode = ldap_initialize(&ldapconn, uri.ascii());
+ if (retcode < 0) {
+ if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode));
+ else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
+ return -1;
+ }
+ retcode = ldap_set_option(ldapconn, LDAP_OPT_PROTOCOL_VERSION, &requested_ldap_version);
+ if (retcode != LDAP_OPT_SUCCESS) {
+ if (errstr) *errstr = i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode));
+ else KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!"));
+ return -1;
+ }
+ struct berval anoncred;
+ anoncred.bv_val = "";
+ anoncred.bv_len = strlen("");
+ retcode = ldap_sasl_bind_s(ldapconn, "", mechanism, &anoncred, NULL, NULL, NULL);
+ if (retcode == LDAP_SUCCESS ) {
+ // Look for the DN for the specified user
+ LDAPMessage* msg;
+ TQString ldap_base_dn = m_basedc;
+ TQString ldap_filter = TQString("(&(objectclass=posixAccount)(uid=%1))").arg(m_creds->username);
+ retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, NULL, 0, &msg);
+ if (retcode != LDAP_SUCCESS) {
+ if (errstr) *errstr = i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
+ else KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+ }
+ else {
+ // Iterate through the returned entries
+ char* dn = NULL;
+ LDAPMessage* entry;
+ for(entry = ldap_first_entry(ldapconn, msg); entry != NULL; entry = ldap_next_entry(ldapconn, entry)) {
+ if((dn = ldap_get_dn(ldapconn, entry)) != NULL) {
+ ldap_dn = dn;
+ ldap_memfree(dn);
+ }
}
}
+ // clean up
+ ldap_msgfree(msg);
+
+ // All done!
+ ldap_unbind_ext_s(ldapconn, NULL, NULL);
}
- // clean up
- ldap_msgfree(msg);
-
- // All done!
- ldap_unbind_ext_s(ldapconn, NULL, NULL);
}
}
@@ -524,11 +544,11 @@ LDAPUserInfo LDAPManager::getUserByDistinguishedName(TQString dn) {
return LDAPUserInfo();
}
-LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn) {
+LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn, TQString *errstr) {
int retcode;
LDAPGroupInfo groupinfo;
- if (bind() < 0) {
+ if (bind(errstr) < 0) {
return LDAPGroupInfo();
}
else {
@@ -537,7 +557,8 @@ LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn) {
timeout.tv_sec = 10; // 10 second timeout
retcode = ldap_search_ext_s(m_ldap, dn.ascii(), LDAP_SCOPE_SUBTREE, NULL, ldap_user_and_operational_attributes, 0, NULL, NULL, &timeout, 0, &msg);
if (retcode != LDAP_SUCCESS) {
- KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+ if (errstr) *errstr = i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
+ else KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
return LDAPGroupInfo();
}
diff --git a/src/libtdeldap.h b/src/libtdeldap.h
index f501f29..eb9aceb 100644
--- a/src/libtdeldap.h
+++ b/src/libtdeldap.h
@@ -29,6 +29,8 @@
#include <tqdatetime.h>
#include <tqvaluelist.h>
+#include <ksimpleconfig.h>
+
#define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
// Values from hdb.asn1
@@ -220,7 +222,7 @@ class LDAPManager : public TQObject {
LDAPGroupInfoList groups();
LDAPMachineInfoList machines();
LDAPUserInfo getUserByDistinguishedName(TQString dn);
- LDAPGroupInfo getGroupByDistinguishedName(TQString dn);
+ LDAPGroupInfo getGroupByDistinguishedName(TQString dn, TQString *errstr=0);
int updateUserInfo(LDAPUserInfo user);
int updateGroupInfo(LDAPGroupInfo group);
int addUserInfo(LDAPUserInfo user);