From 2cea70caec003917ede16e53d91d151c4c9e555c Mon Sep 17 00:00:00 2001
From: Timothy Pearson <kb9vqf@pearsoncomputing.net>
Date: Mon, 13 Jan 2014 14:28:32 -0600
Subject: [PATCH] Automatically prompt for username/password if Kerberos ticket
 is invalid

---
 clients/tde/debian/control        |  2 +-
 clients/tde/src/app/Makefile.am   |  2 +-
 clients/tde/src/app/remotemdi.cpp | 48 ++++++++++++++++++++++++++++++-
 clients/tde/src/app/remotemdi.h   |  3 ++
 4 files changed, 52 insertions(+), 3 deletions(-)

diff --git a/clients/tde/debian/control b/clients/tde/debian/control
index b90a1c5..85a06f6 100644
--- a/clients/tde/debian/control
+++ b/clients/tde/debian/control
@@ -3,7 +3,7 @@ Section: tde
 Priority: optional
 Maintainer: Timothy Pearson <kb9vqf@pearsoncomputing.net>
 Standards-Version: 3.8.4
-Build-Depends: debhelper (>= 5.0), cdbs, tdelibs14-trinity-dev, libtqtrla-dev, libtdekrb-trinity-dev, xutils, chrpath, gettext, quilt (>= 0.40), automake, autoconf, libtool, libltdl-dev
+Build-Depends: debhelper (>= 5.0), cdbs, tdelibs14-trinity-dev, libtqtrla-dev, libtdekrb-trinity-dev, libtdeldap-trinity-dev, xutils, chrpath, gettext, quilt (>= 0.40), automake, autoconf, libtool, libltdl-dev
 Homepage: http://ulab.trinitydesktop.org/
 
 Package: remote-laboratory-client-trinity
diff --git a/clients/tde/src/app/Makefile.am b/clients/tde/src/app/Makefile.am
index 1f81cff..bf99c6e 100644
--- a/clients/tde/src/app/Makefile.am
+++ b/clients/tde/src/app/Makefile.am
@@ -8,4 +8,4 @@ KDE_ICON = remote_laboratory_client
 bin_PROGRAMS = remote_laboratory_client
 remote_laboratory_client_SOURCES = main.cpp remotemdi.cpp
 remote_laboratory_client_LDADD = ./views/libinstrumentview.la ../dialogs/libselectserverdlg.la $(LIB_TDEPARTS) $(LIB_TDEUI)
-remote_laboratory_client_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_TDEIO) -ltdetexteditor -ltdemdi -ltdekrbsocket -ltqtrla
+remote_laboratory_client_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_TDEIO) -ltdetexteditor -ltdemdi -ltdekrbsocket -ltqtrla -ltdeldap
diff --git a/clients/tde/src/app/remotemdi.cpp b/clients/tde/src/app/remotemdi.cpp
index 5c84419..e6a2d7f 100644
--- a/clients/tde/src/app/remotemdi.cpp
+++ b/clients/tde/src/app/remotemdi.cpp
@@ -8,6 +8,8 @@
 #include <cassert>
 using namespace std;
 
+#include <pwd.h>
+
 #include <tdeapplication.h>
 #include <tdelocale.h>
 #include <kdebug.h>
@@ -25,6 +27,7 @@ using namespace std;
 #include <tdeactionclasses.h>
 #include <kedittoolbar.h>
 #include <kkeydialog.h>
+#include <libtdeldap.h>
 
 #include "views/instrumentview.h"
 #include "dialogs/selectserverdlg.h"
@@ -185,6 +188,37 @@ void RemoteMDI::startModule() {
 	}
 }
 
+int RemoteMDI::getNewTicket() {
+	int ret = -1;
+
+	LDAPCredentials credentials;
+	KerberosTicketInfoList ticketList = LDAPManager::getKerberosTicketList();
+	if (ticketList.count() > 0) {
+		TQStringList princParts = TQStringList::split("@", ticketList[0].cachePrincipal);
+		credentials.username = princParts[0];
+		credentials.realm = princParts[1];
+	}
+	else {
+		struct passwd* pwd = getpwuid(geteuid());
+		if (pwd) {
+			credentials.username = TQString(pwd->pw_name);
+		}
+	}
+	int result = LDAPManager::getKerberosPassword(credentials, i18n("Please provide Kerberos credentials"), false, this);
+	if (result == KDialog::Accepted) {
+		TQString errorstring;
+		TQString service;
+		if (LDAPManager::obtainKerberosTicket(credentials, service, &errorstring) != 0) {
+			KMessageBox::error(this, i18n("<qt>Failed to obtain ticket<p>%1</qt>").arg(errorstring), i18n("Failed to obtain Kerberos ticket"));
+		}
+		else {
+			ret = 0;
+		}
+	}
+
+	return ret;
+}
+
 void RemoteMDI::finishConnectingToServer() {
 	if (!m_rsvSvrSocket) {
 		connToServerState = -1;
@@ -206,6 +240,7 @@ void RemoteMDI::finishConnectingToServer() {
 						connToServerConnecting = false;
 						disconnectFromServer();
 						KMessageBox::error(this, i18n("<qt>Unable to establish connection to remote server</qt>"), i18n("Connection Failed"));
+						return;
 					}
 				}
 				else {
@@ -220,6 +255,7 @@ void RemoteMDI::finishConnectingToServer() {
 						connToServerConnecting = false;
 						disconnectFromServer();
 						KMessageBox::error(this, i18n("<qt>Unable to establish connection to remote server</qt>"), i18n("Connection Failed"));
+						return;
 					}
 				}
 				break;
@@ -232,7 +268,17 @@ void RemoteMDI::finishConnectingToServer() {
 						connToServerState = -1;
 						connToServerConnecting = false;
 						disconnectFromServer();
-						KMessageBox::error(this, i18n("<qt>Unable to establish Kerberos protocol with remote server<p>Please verify that you currently hold a valid Kerberos ticket</qt>"), i18n("Connection Failed"));
+
+						// Try to get a valid ticket
+						if (getNewTicket() == 0) {
+							// Retry connection if no obvious errors were detected
+							TQTimer::singleShot(0, this, SLOT(connectToServer()));
+							return;
+						}
+						else {
+							KMessageBox::error(this, i18n("<qt>Unable to establish Kerberos protocol with remote server<p>Please verify that you currently hold a valid Kerberos ticket</qt>"), i18n("Connection Failed"));
+							return;
+						}
 					}
 					else {
 						connect(m_rsvSvrSocket, SIGNAL(readyRead()), m_rsvSvrSocket, SLOT(processPendingData()));
diff --git a/clients/tde/src/app/remotemdi.h b/clients/tde/src/app/remotemdi.h
index 0ac47e4..92e48c6 100644
--- a/clients/tde/src/app/remotemdi.h
+++ b/clients/tde/src/app/remotemdi.h
@@ -75,6 +75,9 @@ class RemoteMDI : public KMdiMainFrm
 		virtual bool queryClose();
 		virtual void resizeEvent(TQResizeEvent *);
 
+	private:
+		int getNewTicket();
+
 	private:
 		TQString m_mainStatusBarMessage;
 		TQMap<const TQObject*, TQString> m_windowStatusBarMapping;