diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/libtdeldap.cpp | 183 | ||||
-rw-r--r-- | src/libtdeldap.h | 3 |
2 files changed, 186 insertions, 0 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index 709f81a..33d3e95 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -1762,6 +1762,20 @@ int LDAPManager::deleteGroupInfo(LDAPGroupInfo group, TQString *errstr) { return -1; } else { + // Remove the user from all member groups + LDAPGroupInfoList groupInfoList = groups(&retcode); + LDAPGroupInfoList::Iterator it; + for (it = groupInfoList.begin(); it != groupInfoList.end(); ++it) { + LDAPGroupInfo group = *it; + if (group.userlist.contains(user.distinguishedName)) { + group.userlist.remove(user.distinguishedName); + retcode = updateGroupInfo(group, errstr); + if (retcode != 0) { + return retcode; + } + } + } + // Delete the base DN entry retcode = ldap_delete_ext_s(m_ldap, group.distinguishedName.ascii(), NULL, NULL); if (retcode != LDAP_SUCCESS) { @@ -2744,6 +2758,175 @@ TQString LDAPManager::getMachineFQDN() { return fqdn; } +int LDAPManager::bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) { + TQCString command = "kadmin"; + QCStringList args; + args << TQCString("-p") << TQCString(adminUserName+"@"+(adminRealm.upper())) << TQCString("-r") << TQCString(adminRealm.upper()); + + TQString hoststring = "host/"+getMachineFQDN(); + + TQString prompt; + PtyProcess kadminProc; + kadminProc.exec(command, args); + prompt = readFullLineFromPtyProcess(&kadminProc); + prompt = prompt.stripWhiteSpace(); + if (prompt == "kadmin>") { + command = TQCString("ext "+hoststring); + kadminProc.writeLine(command, true); + do { // Discard our own input + prompt = readFullLineFromPtyProcess(&kadminProc); + printf("(kadmin) '%s'\n\r", prompt.ascii()); + } while (prompt == TQString(command)); + prompt = prompt.stripWhiteSpace(); + if (prompt.endsWith(" Password:")) { + kadminProc.writeLine(adminPassword, true); + do { // Discard our own input + prompt = readFullLineFromPtyProcess(&kadminProc); + printf("(kadmin) '%s'\n\r", prompt.ascii()); + } while (prompt == ""); + prompt = prompt.stripWhiteSpace(); + } + if (prompt.contains("authentication failed")) { + if (errstr) *errstr = prompt; + kadminProc.writeLine("quit", true); + return 1; + } + else if (prompt.endsWith("Principal does not exist")) { + command = TQCString("ank --random-key "+hoststring); + kadminProc.writeLine(command, true); + do { // Discard our own input + prompt = readFullLineFromPtyProcess(&kadminProc); + printf("(kadmin) '%s'\n\r", prompt.ascii()); + } while (prompt == TQString(command)); + prompt = prompt.stripWhiteSpace(); + // Use all defaults + while (prompt != "kadmin>") { + if (prompt.endsWith(" Password:")) { + kadminProc.writeLine(adminPassword, true); + do { // Discard our own input + prompt = readFullLineFromPtyProcess(&kadminProc); + printf("(kadmin) '%s'\n\r", prompt.ascii()); + } while (prompt == ""); + prompt = prompt.stripWhiteSpace(); + } + if (prompt.contains("authentication failed")) { + if (errstr) *errstr = prompt; + kadminProc.writeLine("quit", true); + return 1; + } + else { + // Extract whatever default is in the [brackets] and feed it back to kadmin + TQString defaultParam; + int leftbracket = prompt.find("["); + int rightbracket = prompt.find("]"); + if ((leftbracket >= 0) && (rightbracket >= 0)) { + leftbracket++; + defaultParam = prompt.mid(leftbracket, rightbracket-leftbracket); + } + command = TQCString(defaultParam); + kadminProc.writeLine(command, true); + do { // Discard our own input + prompt = readFullLineFromPtyProcess(&kadminProc); + printf("(kadmin) '%s'\n\r", prompt.ascii()); + } while (prompt == TQString(command)); + prompt = prompt.stripWhiteSpace(); + } + } + command = TQCString("ext "+hoststring); + kadminProc.writeLine(command, true); + do { // Discard our own input + prompt = readFullLineFromPtyProcess(&kadminProc); + printf("(kadmin) '%s'\n\r", prompt.ascii()); + } while (prompt == TQString(command)); + prompt = prompt.stripWhiteSpace(); + if (prompt != "kadmin>") { + if (errstr) *errstr = prompt; + kadminProc.writeLine("quit", true); + return 1; + } + + // Success! + kadminProc.writeLine("quit", true); + + realmcfg.bonded = true; + save(); + return 0; + } + else if (prompt == "kadmin>") { + // Success! + kadminProc.writeLine("quit", true); + + realmcfg.bonded = true; + save(); + return 0; + } + + // Failure + if (errstr) *errstr = prompt; + kadminProc.writeLine("quit", true); + return 1; + } + + if (errstr) *errstr = "Internal error. Verify that kadmin exists and can be executed."; + return 1; // Failure +} + +int LDAPManager::unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) { + Q_UNUSED(realmcfg); + + TQCString command = "kadmin"; + QCStringList args; + args << TQCString("-p") << TQCString(adminUserName+"@"+(adminRealm.upper())); + + TQString hoststring = "host/"+getMachineFQDN(); + + TQString hostprinc = TQStringList::split(".", hoststring)[0]; + hostprinc.append("@"+(adminRealm.upper())); + + TQString prompt; + PtyProcess kadminProc; + kadminProc.exec(command, args); + prompt = readFullLineFromPtyProcess(&kadminProc); + prompt = prompt.stripWhiteSpace(); + if (prompt == "kadmin>") { + command = TQCString("delete "+hoststring); + kadminProc.writeLine(command, true); + do { // Discard our own input + prompt = readFullLineFromPtyProcess(&kadminProc); + printf("(kadmin) '%s'\n\r", prompt.ascii()); + } while (prompt == TQString(command)); + prompt = prompt.stripWhiteSpace(); + if (prompt.endsWith(" Password:")) { + kadminProc.writeLine(adminPassword, true); + do { // Discard our own input + prompt = readFullLineFromPtyProcess(&kadminProc); + printf("(kadmin) '%s'\n\r", prompt.ascii()); + } while (prompt == ""); + prompt = prompt.stripWhiteSpace(); + } + if (prompt != "kadmin>") { + if (errstr) *errstr = prompt; + kadminProc.writeLine("quit", true); + return 1; + } + + // Success! + kadminProc.writeLine("quit", true); + + // Delete keys from keytab + TQString commmand = TQString("ktutil remove -p %1").arg(hostprinc); + if (system(command) < 0) { + printf("ERROR: Execution of \"%s\" failed!\n\r", command.ascii()); + return 1; // Failure + } + + // Success! + return 0; + } + + return 1; // Failure +} + // =============================================================================================================== // // DATA CLASS CONSTRUCTORS AND DESTRUCTORS diff --git a/src/libtdeldap.h b/src/libtdeldap.h index d6ea2d5..f9bea53 100644 --- a/src/libtdeldap.h +++ b/src/libtdeldap.h @@ -426,6 +426,9 @@ class LDAPManager : public TQObject { static TQString detailedKAdminErrorMessage(TQString initialMessage); static TQString readFullLineFromPtyProcess(PtyProcess* proc); + static int bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0); + static int unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0); + private: LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry); LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry); |