summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimothy Pearson <[email protected]>2012-06-06 04:16:08 -0500
committerTimothy Pearson <[email protected]>2012-06-06 04:16:08 -0500
commit4ada10136e07c59ea5e5ff2d06b7313cf098432c (patch)
tree6317da7826f3850bd81f234ffefd8afcc8e642ab
parentc330f85be88bc6e7348199d73d7d7a930c1d5c87 (diff)
downloadlibtdeldap-4ada10136e07c59ea5e5ff2d06b7313cf098432c.tar.gz
libtdeldap-4ada10136e07c59ea5e5ff2d06b7313cf098432c.zip
Add certfile write
-rw-r--r--src/libtdeldap.cpp73
-rw-r--r--src/libtdeldap.h1
2 files changed, 71 insertions, 3 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 7c01b59..2bbacf4 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -649,6 +649,20 @@ void add_single_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQStr
}
}
+void add_single_binary_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQByteArray &ba) {
+ if (ba.size() > 0) {
+ struct berval **values = (berval**)malloc(2*sizeof(berval*));
+ values[0] = new berval;
+ values[0]->bv_len = ba.size();
+ values[0]->bv_val = ba.data();
+ values[1] = NULL;
+ mods[*i]->mod_op = LDAP_MOD_REPLACE|LDAP_MOD_BVALUES;
+ mods[*i]->mod_type = strdup(attr.ascii());
+ mods[*i]->mod_bvalues = values;
+ (*i)++;
+ }
+}
+
void add_multiple_attributes_operation(LDAPMod **mods, int *i, TQString attr, TQStringList strings) {
int j=0;
char **values = (char**)malloc((strings.count()+1)*sizeof(char*));
@@ -1238,6 +1252,62 @@ printf("[RAJA DEBUG 120.2] The number of entries returned was %d\n\n", ldap_coun
return LDAPMachineInfoList();
}
+int LDAPManager::writeCertificateFileIntoDirectory(TQByteArray cert, TQString attr, TQString* errstr) {
+ int retcode;
+ int i;
+
+ if (bind() < 0) {
+ return -1;
+ }
+ else {
+ // Assemble the LDAPMod structure
+ // We will replace any existing attributes with the new values
+ int number_of_parameters = 1; // 1 primary attribute
+ LDAPMod *mods[number_of_parameters+1];
+ for (i=0;i<number_of_parameters;i++) {
+ mods[i] = new LDAPMod;
+ mods[i]->mod_type = NULL;
+ mods[i]->mod_values = NULL;
+ }
+ mods[number_of_parameters] = NULL;
+
+ // Load LDAP modification requests from provided data structure
+ i=0;
+ add_single_binary_attribute_operation(mods, &i, attr, cert);
+ LDAPMod *prevterm = mods[i];
+ mods[i] = NULL;
+
+ // Perform LDAP update
+ retcode = ldap_modify_ext_s(m_ldap, TQString("cn=certificate store,o=tde,cn=tde realm data,ou=master services,ou=core,ou=realm,%1").arg(m_basedc).ascii(), mods, NULL, NULL); // RAJA FIXME
+
+ // Clean up
+ mods[i] = prevterm;
+ for (i=0;i<number_of_parameters;i++) {
+ if (mods[i]->mod_type != NULL) {
+ free(mods[i]->mod_type);
+ }
+ if (mods[i]->mod_values != NULL) {
+ int j = 0;
+ while (mods[i]->mod_values[j] != NULL) {
+ delete mods[i]->mod_values[j];
+ j++;
+ }
+ free(mods[i]->mod_values);
+ }
+ delete mods[i];
+ }
+
+ if (retcode != LDAP_SUCCESS) {
+ if (errstr) *errstr = i18n("<qt>LDAP certificate upload failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
+ else KMessageBox::error(0, i18n("<qt>LDAP certificate upload failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+ return -2;
+ }
+ else {
+ return 0;
+ }
+ }
+}
+
// Special method, used when creating a new Kerberos realm
int LDAPManager::moveKerberosEntries(TQString newSuffix, TQString* errstr) {
int retcode;
@@ -1262,7 +1332,6 @@ printf("[RAJA DEBUG 140.2] The number of entries returned was %d\n\n", ldap_coun
// Iterate through the returned entries
LDAPMessage* entry;
for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) {
- // RAJA
char* dn = NULL;
LDAPMachineInfo machineinfo;
@@ -1270,8 +1339,6 @@ printf("[RAJA DEBUG 140.2] The number of entries returned was %d\n\n", ldap_coun
if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
TQStringList dnParts = TQStringList::split(",", dn);
TQString id = dnParts[0];
- int equalsPos = id.find("=");
- id.remove(0,equalsPos+1);
printf("[RAJA DEBUG 140.3] Moving %s to relative DN %s and parent %s", dn, id.ascii(), newSuffix.ascii()); fflush(stdout);
retcode = ldap_rename_s(m_ldap, dn, id, newSuffix, 0, NULL, NULL);
if (retcode != LDAP_SUCCESS) {
diff --git a/src/libtdeldap.h b/src/libtdeldap.h
index b857bec..38ae847 100644
--- a/src/libtdeldap.h
+++ b/src/libtdeldap.h
@@ -237,6 +237,7 @@ class LDAPManager : public TQObject {
LDAPCredentials currentLDAPCredentials();
int moveKerberosEntries(TQString newSuffix, TQString* errstr=0);
+ int writeCertificateFileIntoDirectory(TQByteArray cert, TQString attr, TQString* errstr=0);
static TQString getMachineFQDN();
static void writeLDAPConfFile(LDAPRealmConfig realmcfg);