I lied earlier...kadmin support now added

pull/1/head
Timothy Pearson 13 years ago
parent 4d66047a31
commit 93a591d8f0

@ -573,7 +573,7 @@
</property>
<widget class="TQLayoutWidget" row="0" column="0">
<property name="name">
<cstring>userControls</cstring>
<cstring>machineControls</cstring>
</property>
<grid>
<property name="name">
@ -581,7 +581,7 @@
</property>
<widget class="TQPushButton" row="0" column="1" colspan="0">
<property name="name">
<cstring>user_buttonModify</cstring>
<cstring>machine_buttonModify</cstring>
</property>
<property name="text">
<string>Modify</string>
@ -589,7 +589,7 @@
</widget>
<widget class="TQPushButton" row="0" column="0" colspan="0">
<property name="name">
<cstring>user_buttonAdd</cstring>
<cstring>machine_buttonAdd</cstring>
</property>
<property name="text">
<string>New</string>
@ -597,7 +597,7 @@
</widget>
<widget class="TQPushButton" row="0" column="2" colspan="0">
<property name="name">
<cstring>user_buttonDelete</cstring>
<cstring>machine_buttonDelete</cstring>
</property>
<property name="text">
<string>Delete</string>

@ -19,6 +19,7 @@
***************************************************************************/
#include <tqlayout.h>
#include <tqapplication.h>
#include <klocale.h>
#include <kglobal.h>
@ -38,6 +39,8 @@
#include <kmessagebox.h>
#include <klineedit.h>
#include <tdesu/process.h>
#include "ldapmgr.h"
#include "libtdeldap.h"
@ -148,7 +151,6 @@ void LDAPConfig::save() {
}
void LDAPConfig::processLockouts() {
// RAJA FIXME
TQListViewItem* lvi = base->user_list->selectedItem();
if (lvi) {
base->user_buttonModify->setEnabled(true);
@ -170,6 +172,19 @@ void LDAPConfig::processLockouts() {
base->group_buttonDelete->setEnabled(false);
}
base->group_buttonAdd->setEnabled(true);
lvi = base->machine_list->selectedItem();
if (lvi) {
base->machine_buttonDelete->setEnabled(true);
}
else {
base->machine_buttonDelete->setEnabled(false);
}
// FIXME
// Disable machine add/modify as they are not implemented
// In fact, I don't know if I CAN implement them!
base->machine_buttonAdd->setEnabled(true);
base->machine_buttonModify->setEnabled(true);
}
void LDAPConfig::connectToRealm(const TQString& realm) {
@ -431,7 +446,36 @@ void LDAPConfig::addNewUser() {
else {
user.distinguishedName = "uid=" + user.name + "," + m_ldapmanager->basedn();
}
m_ldapmanager->addUserInfo(user);
if (m_ldapmanager->addUserInfo(user) == 0) {
if (user.new_password != "") {
// If a new password was set, use Kerberos to set it on the server
TQString errorString;
if (setPasswordForUser(user, &errorString) != 0) {
KMessageBox::error(0, i18n("<qt>Unable to set password for user!<p>%1</qt>").arg(errorString), i18n("Kerberos Failure"));
}
}
// Modify group(s) as needed
populateGroups();
LDAPGroupInfoList::Iterator it;
for (it = m_groupInfoList.begin(); it != m_groupInfoList.end(); ++it) {
LDAPGroupInfo group = *it;
if (userconfigdlg.selectedGroups.contains(group.name)) {
// Make sure that we are in this group!
if (!group.userlist.contains(user.distinguishedName)) {
group.userlist.append(user.distinguishedName);
m_ldapmanager->updateGroupInfo(group);
}
}
else {
// Make sure that we are NOT in this group!
if (group.userlist.contains(user.distinguishedName)) {
group.userlist.remove(user.distinguishedName);
m_ldapmanager->updateGroupInfo(group);
}
}
}
}
}
else {
// PEBKAC
@ -492,6 +536,14 @@ void LDAPConfig::modifySelectedUser() {
if (userconfigdlg.exec() == TQDialog::Accepted) {
user = userconfigdlg.m_user;
if (m_ldapmanager->updateUserInfo(user) == 0) {
if (user.new_password != "") {
// If a new password was set, use Kerberos to set it on the server
TQString errorString;
if (setPasswordForUser(user, &errorString) != 0) {
KMessageBox::error(0, i18n("<qt>Unable to set password for user!<p>%1</qt>").arg(errorString), i18n("Kerberos Failure"));
}
}
// Modify group(s) as needed
populateGroups();
LDAPGroupInfoList::Iterator it;
@ -551,6 +603,90 @@ void LDAPConfig::removeSelectedGroup() {
updateAllInformation();
}
TQString readFullLineFromPtyProcess(PtyProcess* proc) {
TQString result = "";
while ((!result.contains("\n")) && (!result.contains(":")) && (!result.contains(">"))) {
result = result + TQString(proc->readLine(false));
tqApp->processEvents();
}
return result;
}
int LDAPConfig::setPasswordForUser(LDAPUserInfo user, TQString *errstr) {
if (user.new_password == "") {
return 0;
}
LDAPCredentials admincreds = m_ldapmanager->currentLDAPCredentials();
TQCString command = "kadmin";
QCStringList args;
args << TQCString("-p") << TQCString(admincreds.username.lower()+"@"+(admincreds.realm.upper())) << TQCString("-r") << TQCString(admincreds.realm.upper());
TQString prompt;
PtyProcess kadminProc;
kadminProc.exec(command, args);
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
if (prompt == "kadmin>") {
kadminProc.writeLine(TQCString("passwd "+user.name), true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace();
if ((prompt.endsWith(" Password:")) && (!prompt.startsWith(TQString(user.name + "@")))) {
kadminProc.writeLine(admincreds.password, true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
}
if (prompt.contains("authentication failed")) {
if (errstr) *errstr = prompt;
kadminProc.writeLine("quit", true);
return 1;
}
else if ((prompt.endsWith(" Password:")) && (prompt.startsWith(TQString(user.name + "@")))) {
kadminProc.writeLine(user.new_password, true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
if ((prompt.endsWith(" Password:")) && (prompt.startsWith("Verify"))) {
kadminProc.writeLine(user.new_password, true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
}
if ((prompt.endsWith(" Password:")) && (!prompt.startsWith(TQString(user.name + "@")))) {
kadminProc.writeLine(admincreds.password, true);
prompt = kadminProc.readLine(true); // Discard our own input
prompt = kadminProc.readLine(true);
prompt = prompt.stripWhiteSpace();
}
if (prompt != "kadmin>") {
if (errstr) *errstr = prompt;
kadminProc.writeLine("quit", true);
return 1;
}
// Success!
kadminProc.writeLine("quit", true);
return 0;
}
else if (prompt == "kadmin>") {
// Success!
kadminProc.writeLine("quit", true);
return 0;
}
// Failure
if (errstr) *errstr = prompt;
kadminProc.writeLine("quit", true);
return 1;
}
if (errstr) *errstr = "Internal error. Verify that kadmin exists and can be executed.";
return 1; // Failure
}
int LDAPConfig::buttons() {
return KCModule::Apply|KCModule::Help;
}

@ -81,6 +81,7 @@ class LDAPConfig: public KCModule
private:
LDAPUserInfo selectedUser();
LDAPGroupInfo selectedGroup();
int setPasswordForUser(LDAPUserInfo user, TQString *errstr);
private:
KAboutData *myAboutData;

@ -55,6 +55,15 @@ TQString LDAPManager::realm() {
return m_realm;
}
LDAPCredentials LDAPManager::currentLDAPCredentials() {
if (m_creds) {
return *m_creds;
}
else {
return LDAPCredentials();
}
}
int LDAPManager::bind() {
printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
if (m_ldap) {
@ -93,6 +102,10 @@ printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
struct berval cred;
TQString ldap_dn = passdlg.m_base->ldapAdminUsername->text();
TQCString pass = passdlg.m_base->ldapAdminPassword->password();
if (!m_creds) m_creds = new LDAPCredentials();
m_creds->username = passdlg.m_base->ldapAdminUsername->text();
m_creds->password = passdlg.m_base->ldapAdminPassword->password();
m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText();
cred.bv_val = pass.data();
cred.bv_len = pass.length();

@ -184,6 +184,8 @@ class LDAPManager : public TQObject {
int deleteUserInfo(LDAPUserInfo user);
int deleteGroupInfo(LDAPGroupInfo group);
LDAPCredentials currentLDAPCredentials();
private:
LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry);
LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry);

Loading…
Cancel
Save