summaryrefslogtreecommitdiffstats
path: root/src/ldapcontroller.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/ldapcontroller.cpp')
-rw-r--r--src/ldapcontroller.cpp137
1 files changed, 73 insertions, 64 deletions
diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp
index 6c2fed6..92832fa 100644
--- a/src/ldapcontroller.cpp
+++ b/src/ldapcontroller.cpp
@@ -902,34 +902,6 @@ int LDAPController::controlLDAPServer(sc_command command, uid_t userid, gid_t gr
return -2;
}
-// WARNING
-// kadmin does not have a standard "waiting for user input" character or sequence
-// To make matters worse, the colon does not uniquely designate the end of a line; for example the response "kadmin: ext openldap/foo.bar.baz: Principal does not exist"
-// One way around this would be to see if the first colon is part of a "kadmin:" string; if so, then the colon is not a reliable end of line indicator for the current line
-// (in fact only '\r' should be used as the end of line indicator in that case)
-TQString readFullLineFromPtyProcess(PtyProcess* proc) {
- TQString result = "";
- while ((!result.contains("\r")) &&
- (!result.contains(">")) &&
- (!((!result.contains("kadmin:")) && result.contains(":"))) &&
- (!((result.contains("kadmin:")) && result.contains("\r")))
- ) {
- result = result + TQString(proc->readLine(false));
- tqApp->processEvents();
- if (!TQFile::exists(TQString("/proc/%1/exe").arg(proc->pid()))) {
- result.replace("\n", "");
- result.replace("\r", "");
- if (result == "") {
- result = "TDE process terminated";
- }
- break;
- }
- }
- result.replace("\n", "");
- result.replace("\r", "");
- return result;
-}
-
int LDAPController::initializeNewKerberosRealm(TQString realmName, TQString *errstr) {
TQCString command = "kadmin";
QCStringList args;
@@ -939,51 +911,58 @@ int LDAPController::initializeNewKerberosRealm(TQString realmName, TQString *err
PtyProcess kadminProc;
kadminProc.enableLocalEcho(false);
kadminProc.exec(command, args);
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace();
if (prompt == "kadmin>") {
command = TQCString("init "+realmName);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
if (prompt.contains("authentication failed")) {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
else if (prompt.startsWith("Realm max")) {
command = "unlimited";
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
if (prompt.startsWith("Realm max")) {
command = "unlimited";
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
}
if (prompt != "kadmin>") {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
// Success!
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 0;
}
// Failure
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
@@ -1002,40 +981,45 @@ int LDAPController::addHostEntryToKerberosRealm(TQString kerberosHost, TQString
TQString prompt;
PtyProcess kadminProc;
kadminProc.exec(command, args);
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace();
if (prompt == "kadmin>") {
command = TQCString("ext "+hoststring);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
if (prompt.contains("authentication failed")) {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
else if (prompt.endsWith("Principal does not exist")) {
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace();
if (prompt != "kadmin>") {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
command = TQCString("ank --random-key "+hoststring);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
// Use all defaults
while (prompt != "kadmin>") {
if (prompt.contains("authentication failed")) {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
@@ -1049,39 +1033,45 @@ int LDAPController::addHostEntryToKerberosRealm(TQString kerberosHost, TQString
defaultParam = prompt.mid(leftbracket, rightbracket-leftbracket);
}
command = TQCString(defaultParam);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
}
}
command = TQCString("ext "+hoststring);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
if (prompt != "kadmin>") {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
// Success!
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 0;
}
else if (prompt == "kadmin>") {
// Success!
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 0;
}
// Failure
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
@@ -1100,40 +1090,45 @@ int LDAPController::addLDAPEntryToKerberosRealm(TQString ldapProcessOwnerName, T
TQString prompt;
PtyProcess kadminProc;
kadminProc.exec(command, args);
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace();
if (prompt == "kadmin>") {
command = TQCString("ext --keytab="+TQString(LDAP_KEYTAB_FILE)+" "+hoststring);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt.startsWith("ext --keytab="));
prompt = prompt.stripWhiteSpace();
if (prompt.contains("authentication failed")) {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
else if (prompt.endsWith("Principal does not exist")) {
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace();
if (prompt != "kadmin>") {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
command = TQCString("ank --random-key "+hoststring);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
// Use all defaults
while (prompt != "kadmin>") {
if (prompt.contains("authentication failed")) {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
@@ -1147,39 +1142,45 @@ int LDAPController::addLDAPEntryToKerberosRealm(TQString ldapProcessOwnerName, T
defaultParam = prompt.mid(leftbracket, rightbracket-leftbracket);
}
command = TQCString(defaultParam);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
}
}
command = TQCString("ext --keytab="+TQString(LDAP_KEYTAB_FILE)+" "+hoststring);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt.startsWith("ext --keytab="));
prompt = prompt.stripWhiteSpace();
if (prompt != "kadmin>") {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
// Success!
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 0;
}
else if (prompt == "kadmin>") {
// Success!
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 0;
}
// Failure
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
@@ -1200,54 +1201,62 @@ int LDAPController::setKerberosPasswordForUser(LDAPCredentials user, TQString *e
TQString prompt;
PtyProcess kadminProc;
kadminProc.exec(command, args);
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace();
if (prompt == "kadmin>") {
command = TQCString("passwd "+user.username);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
if (prompt.contains("authentication failed")) {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
else if ((prompt.endsWith(" Password:")) && (prompt.startsWith(TQString(user.username + "@")))) {
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(user.password, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == "");
prompt = prompt.stripWhiteSpace();
if ((prompt.endsWith(" Password:")) && (prompt.startsWith("Verify"))) {
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine(user.password, true);
do { // Discard our own input
- prompt = readFullLineFromPtyProcess(&kadminProc);
+ prompt = LDAPManager::readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == "");
prompt = prompt.stripWhiteSpace();
}
if (prompt != "kadmin>") {
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
// Success!
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 0;
}
else if (prompt == "kadmin>") {
// Success!
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 0;
}
// Failure
- if (errstr) *errstr = prompt;
+ if (errstr) *errstr = LDAPManager::detailedKAdminErrorMessage(prompt);
+ kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
generated by cgit v1.2.1 (git 2.18.0) at 2024-12-20 05:11:53 +0000