Minor GUI enhancements

Fix bonding problems
pull/1/head
Timothy Pearson 12 years ago
parent b4c09d072a
commit b712cbc116

@ -94,6 +94,10 @@ void BondWizard::next() {
if (currentPage()==intropage) { if (currentPage()==intropage) {
TQWizard::next(); TQWizard::next();
realmpage->validateEntries(); realmpage->validateEntries();
// Focus the first entry field on the new wizard page
realmpage->txtRealmName->setFocus();
realmpage->txtRealmName->selectAll();
} }
else if (currentPage()==realmpage) { else if (currentPage()==realmpage) {
// Save realm information // Save realm information
@ -119,6 +123,10 @@ void BondWizard::next() {
finishpage->ldapAdminRealm->setText(realm.name); finishpage->ldapAdminRealm->setText(realm.name);
m_finalRealm = realm; m_finalRealm = realm;
TQWizard::next(); TQWizard::next();
// Focus the first entry field on the new wizard page
finishpage->ldapAdminUsername->setFocus();
finishpage->ldapAdminUsername->selectAll();
} }
else { else {
KMessageBox::error(this, i18n("<qt><b>The specified realm is already known to this system.</b><p>If the realm name is correct, please exit the Wizard and select 'Re-Bond to Realm' in the LDAP configuration module.</qt>"), i18n("Duplicate Realm Entry Detected")); KMessageBox::error(this, i18n("<qt><b>The specified realm is already known to this system.</b><p>If the realm name is correct, please exit the Wizard and select 'Re-Bond to Realm' in the LDAP configuration module.</qt>"), i18n("Duplicate Realm Entry Detected"));
@ -126,7 +134,6 @@ void BondWizard::next() {
} }
if (currentPage()==finishpage) { if (currentPage()==finishpage) {
backButton()->setEnabled(false); backButton()->setEnabled(false);
finishButton()->setFocus();
} }
} }
@ -189,12 +196,23 @@ void BondWizard::closeEvent(TQCloseEvent* e){
void BondWizard::accept(){ void BondWizard::accept(){
// Try to bond // Try to bond
TQString errorString; TQString errorString;
backButton()->setEnabled(false);
nextButton()->setEnabled(false);
finishButton()->setEnabled(false);
cancelButton()->setEnabled(false);
finishpage->setEnabled(false);
if (m_ldapConfig->bondRealm(m_finalRealm, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text(), &errorString) == 0) { if (m_ldapConfig->bondRealm(m_finalRealm, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text(), &errorString) == 0) {
done(0); done(0);
} }
else { else {
KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>Details: %1</qt>").arg(errorString), i18n("Unable to Bond to Realm")); KMessageBox::error(this, i18n("<qt><b>Unable to bond to realm!</b><p>Details: %1</qt>").arg(errorString), i18n("Unable to Bond to Realm"));
} }
finishpage->setEnabled(true);
backButton()->setEnabled(true);
finishButton()->setEnabled(true);
cancelButton()->setEnabled(true);
} }
/** calls all save functions after resetting all features/ OS/ theme selections to Trinity default */ /** calls all save functions after resetting all features/ OS/ theme selections to Trinity default */

@ -257,22 +257,27 @@ void LDAPConfig::save() {
// Write the cron files // Write the cron files
LDAPManager::writeCronFiles(); LDAPManager::writeCronFiles();
// Bind anonymously to LDAP if (m_defaultRealm != "") {
LDAPCredentials* credentials = new LDAPCredentials; // Bind anonymously to LDAP
credentials->username = ""; LDAPCredentials* credentials = new LDAPCredentials;
credentials->password = ""; credentials->username = "";
credentials->realm = m_defaultRealm.upper(); credentials->password = "";
LDAPManager* ldap_mgr = new LDAPManager(m_defaultRealm.upper(), "ldap://", credentials); credentials->realm = m_defaultRealm.upper();
credentials->use_tls = false;
// Add the domain-wide computer local admin group to local sudoers LDAPManager* ldap_mgr = new LDAPManager(m_defaultRealm.upper(), TQString("ldap://%1").arg(m_realms[m_defaultRealm].admin_server).ascii(), credentials);
ldap_mgr->writeSudoersConfFile(&errorstring);
// Get and install the CA root certificate from LDAP // Add the domain-wide computer local admin group to local sudoers
mkdir(TDE_CERTIFICATE_DIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH); ldap_mgr->writeSudoersConfFile(&errorstring);
mkdir(KERBEROS_PKI_PUBLICDIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH); // Get and install the CA root certificate from LDAP
ldap_mgr->getTDECertificate("publicRootCertificate", KERBEROS_PKI_PUBLICDIR + m_realms[m_defaultRealm].admin_server + ".ldap.crt", &errorstring); mkdir(TDE_CERTIFICATE_DIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);
mkdir(KERBEROS_PKI_PUBLICDIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);
delete ldap_mgr; if (ldap_mgr->getTDECertificate("publicRootCertificate", KERBEROS_PKI_PUBLICDIR + m_realms[m_defaultRealm].admin_server + ".ldap.crt", &errorstring) != 0) {
delete credentials; KMessageBox::sorry(this, i18n("<qt><b>Unable to obtain root certificate for realm %1!</b><p>Details: %2</qt>").arg(m_defaultRealm.upper()).arg(errorstring), i18n("Unable to Obtain Certificate"));
}
delete ldap_mgr;
delete credentials;
}
} }
load(); load();
@ -390,33 +395,6 @@ void LDAPConfig::deactivateRealm() {
updateRealmList(); updateRealmList();
} }
// WARNING
// kadmin does not have a standard "waiting for user input" character or sequence
// To make matters worse, the colon does not uniquely designate the end of a line; for example the response "kadmin: ext openldap/foo.bar.baz: Principal does not exist"
// One way around this would be to see if the first colon is part of a "kadmin:" string; if so, then the colon is not a reliable end of line indicator for the current line
// (in fact only '\r' should be used as the end of line indicator in that case)
TQString readFullLineFromPtyProcess(PtyProcess* proc) {
TQString result = "";
while ((!result.contains("\r")) &&
(!result.contains(">")) &&
(!((!result.contains("kadmin:")) && result.contains(":"))) &&
(!((result.contains("kadmin:")) && result.contains("\r")))
) {
result = result + TQString(proc->readLine(false));
tqApp->processEvents();
if (!TQFile::exists(TQString("/proc/%1/exe").arg(proc->pid()))) {
result.replace("\n", "");
result.replace("\r", "");
if (result == "") {
result = "TDE process terminated";
}
break;
}
}
result.replace("\n", "");
result.replace("\r", "");
return result;
}
int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) { int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) {
TQCString command = "kadmin"; TQCString command = "kadmin";
QCStringList args; QCStringList args;
@ -427,49 +405,63 @@ int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, cons
TQString prompt; TQString prompt;
PtyProcess kadminProc; PtyProcess kadminProc;
kadminProc.exec(command, args); kadminProc.exec(command, args);
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
if (prompt == "kadmin>") { if (prompt == "kadmin>") {
command = TQCString("ext "+hoststring); command = TQCString("ext "+hoststring);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true); kadminProc.writeLine(command, true);
do { // Discard our own input do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii()); printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command)); } while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
if (prompt.endsWith(" Password:")) { if (prompt.endsWith(" Password:")) {
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(adminPassword, true); kadminProc.writeLine(adminPassword, true);
do { // Discard our own input do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii()); printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == ""); } while (prompt == "");
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
} }
if (prompt.contains("authentication failed")) { if (prompt.contains("authentication failed")) {
if (errstr) *errstr = prompt; if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true); kadminProc.writeLine("quit", true);
return 1; return 1;
} }
else if (prompt.endsWith("Principal does not exist")) { else if (prompt.endsWith("Principal does not exist")) {
// Wait for kadmin to be ready for the next command
if (!prompt.contains("kadmin>")) {
prompt = "";
}
while (prompt == "") {
prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
}
command = TQCString("ank --random-key "+hoststring); command = TQCString("ank --random-key "+hoststring);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true); kadminProc.writeLine(command, true);
do { // Discard our own input do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii()); printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command)); } while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
// Use all defaults // Use all defaults
while (prompt != "kadmin>") { while (prompt != "kadmin>") {
if (prompt.endsWith(" Password:")) { if (prompt.endsWith(" Password:")) {
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(adminPassword, true); kadminProc.writeLine(adminPassword, true);
do { // Discard our own input do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii()); printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == ""); } while (prompt == "");
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
} }
if (prompt.contains("authentication failed")) { if (prompt.contains("authentication failed")) {
if (errstr) *errstr = prompt; if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true); kadminProc.writeLine("quit", true);
return 1; return 1;
} }
@ -483,45 +475,55 @@ int LDAPConfig::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, cons
defaultParam = prompt.mid(leftbracket, rightbracket-leftbracket); defaultParam = prompt.mid(leftbracket, rightbracket-leftbracket);
} }
command = TQCString(defaultParam); command = TQCString(defaultParam);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true); kadminProc.writeLine(command, true);
do { // Discard our own input do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii()); printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command)); } while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
} }
} }
command = TQCString("ext "+hoststring); command = TQCString("ext "+hoststring);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true); kadminProc.writeLine(command, true);
do { // Discard our own input do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii()); printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command)); } while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
if (prompt != "kadmin>") { if (prompt != "kadmin>") {
if (errstr) *errstr = prompt; if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true); kadminProc.writeLine("quit", true);
return 1; return 1;
} }
// Success! // Success!
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true); kadminProc.writeLine("quit", true);
realmcfg.bonded = true; realmcfg.bonded = true;
m_realms.remove(realmcfg.name);
m_realms.insert(realmcfg.name, realmcfg);
save(); save();
return 0; return 0;
} }
else if (prompt == "kadmin>") { else if (prompt == "kadmin>") {
// Success! // Success!
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true); kadminProc.writeLine("quit", true);
realmcfg.bonded = true; realmcfg.bonded = true;
m_realms.remove(realmcfg.name);
m_realms.insert(realmcfg.name, realmcfg);
save(); save();
return 0; return 0;
} }
// Failure // Failure
if (errstr) *errstr = prompt; if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true); kadminProc.writeLine("quit", true);
return 1; return 1;
} }
@ -542,31 +544,35 @@ int LDAPConfig::unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, co
TQString prompt; TQString prompt;
PtyProcess kadminProc; PtyProcess kadminProc;
kadminProc.exec(command, args); kadminProc.exec(command, args);
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
if (prompt == "kadmin>") { if (prompt == "kadmin>") {
command = TQCString("delete "+hoststring); command = TQCString("delete "+hoststring);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true); kadminProc.writeLine(command, true);
do { // Discard our own input do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii()); printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command)); } while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
if (prompt.endsWith(" Password:")) { if (prompt.endsWith(" Password:")) {
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(adminPassword, true); kadminProc.writeLine(adminPassword, true);
do { // Discard our own input do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc); prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii()); printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == ""); } while (prompt == "");
prompt = prompt.stripWhiteSpace(); prompt = prompt.stripWhiteSpace();
} }
if (prompt != "kadmin>") { if (prompt != "kadmin>") {
if (errstr) *errstr = prompt; if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true); kadminProc.writeLine("quit", true);
return 1; return 1;
} }
// Success! // Success!
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true); kadminProc.writeLine("quit", true);
return 0; return 0;
} }

Loading…
Cancel
Save