diff options
author | Timothy Pearson <[email protected]> | 2012-06-06 04:16:08 -0500 |
---|---|---|
committer | Timothy Pearson <[email protected]> | 2012-06-06 04:16:08 -0500 |
commit | 4ada10136e07c59ea5e5ff2d06b7313cf098432c (patch) | |
tree | 6317da7826f3850bd81f234ffefd8afcc8e642ab | |
parent | c330f85be88bc6e7348199d73d7d7a930c1d5c87 (diff) | |
download | libtdeldap-4ada10136e07c59ea5e5ff2d06b7313cf098432c.tar.gz libtdeldap-4ada10136e07c59ea5e5ff2d06b7313cf098432c.zip |
Add certfile write
-rw-r--r-- | src/libtdeldap.cpp | 73 | ||||
-rw-r--r-- | src/libtdeldap.h | 1 |
2 files changed, 71 insertions, 3 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index 7c01b59..2bbacf4 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -649,6 +649,20 @@ void add_single_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQStr } } +void add_single_binary_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQByteArray &ba) { + if (ba.size() > 0) { + struct berval **values = (berval**)malloc(2*sizeof(berval*)); + values[0] = new berval; + values[0]->bv_len = ba.size(); + values[0]->bv_val = ba.data(); + values[1] = NULL; + mods[*i]->mod_op = LDAP_MOD_REPLACE|LDAP_MOD_BVALUES; + mods[*i]->mod_type = strdup(attr.ascii()); + mods[*i]->mod_bvalues = values; + (*i)++; + } +} + void add_multiple_attributes_operation(LDAPMod **mods, int *i, TQString attr, TQStringList strings) { int j=0; char **values = (char**)malloc((strings.count()+1)*sizeof(char*)); @@ -1238,6 +1252,62 @@ printf("[RAJA DEBUG 120.2] The number of entries returned was %d\n\n", ldap_coun return LDAPMachineInfoList(); } +int LDAPManager::writeCertificateFileIntoDirectory(TQByteArray cert, TQString attr, TQString* errstr) { + int retcode; + int i; + + if (bind() < 0) { + return -1; + } + else { + // Assemble the LDAPMod structure + // We will replace any existing attributes with the new values + int number_of_parameters = 1; // 1 primary attribute + LDAPMod *mods[number_of_parameters+1]; + for (i=0;i<number_of_parameters;i++) { + mods[i] = new LDAPMod; + mods[i]->mod_type = NULL; + mods[i]->mod_values = NULL; + } + mods[number_of_parameters] = NULL; + + // Load LDAP modification requests from provided data structure + i=0; + add_single_binary_attribute_operation(mods, &i, attr, cert); + LDAPMod *prevterm = mods[i]; + mods[i] = NULL; + + // Perform LDAP update + retcode = ldap_modify_ext_s(m_ldap, TQString("cn=certificate store,o=tde,cn=tde realm data,ou=master services,ou=core,ou=realm,%1").arg(m_basedc).ascii(), mods, NULL, NULL); // RAJA FIXME + + // Clean up + mods[i] = prevterm; + for (i=0;i<number_of_parameters;i++) { + if (mods[i]->mod_type != NULL) { + free(mods[i]->mod_type); + } + if (mods[i]->mod_values != NULL) { + int j = 0; + while (mods[i]->mod_values[j] != NULL) { + delete mods[i]->mod_values[j]; + j++; + } + free(mods[i]->mod_values); + } + delete mods[i]; + } + + if (retcode != LDAP_SUCCESS) { + if (errstr) *errstr = i18n("<qt>LDAP certificate upload failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)); + else KMessageBox::error(0, i18n("<qt>LDAP certificate upload failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return 0; + } + } +} + // Special method, used when creating a new Kerberos realm int LDAPManager::moveKerberosEntries(TQString newSuffix, TQString* errstr) { int retcode; @@ -1262,7 +1332,6 @@ printf("[RAJA DEBUG 140.2] The number of entries returned was %d\n\n", ldap_coun // Iterate through the returned entries LDAPMessage* entry; for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) { - // RAJA char* dn = NULL; LDAPMachineInfo machineinfo; @@ -1270,8 +1339,6 @@ printf("[RAJA DEBUG 140.2] The number of entries returned was %d\n\n", ldap_coun if((dn = ldap_get_dn(m_ldap, entry)) != NULL) { TQStringList dnParts = TQStringList::split(",", dn); TQString id = dnParts[0]; - int equalsPos = id.find("="); - id.remove(0,equalsPos+1); printf("[RAJA DEBUG 140.3] Moving %s to relative DN %s and parent %s", dn, id.ascii(), newSuffix.ascii()); fflush(stdout); retcode = ldap_rename_s(m_ldap, dn, id, newSuffix, 0, NULL, NULL); if (retcode != LDAP_SUCCESS) { diff --git a/src/libtdeldap.h b/src/libtdeldap.h index b857bec..38ae847 100644 --- a/src/libtdeldap.h +++ b/src/libtdeldap.h @@ -237,6 +237,7 @@ class LDAPManager : public TQObject { LDAPCredentials currentLDAPCredentials(); int moveKerberosEntries(TQString newSuffix, TQString* errstr=0); + int writeCertificateFileIntoDirectory(TQByteArray cert, TQString attr, TQString* errstr=0); static TQString getMachineFQDN(); static void writeLDAPConfFile(LDAPRealmConfig realmcfg); |