diff options
-rw-r--r-- | .gitmodules | 6 | ||||
-rw-r--r-- | AUTHORS | 1 | ||||
-rw-r--r-- | COPYING | 340 | ||||
-rw-r--r-- | ChangeLog | 1 | ||||
-rw-r--r-- | INSTALL | 167 | ||||
-rw-r--r-- | Makefile.am | 22 | ||||
-rw-r--r-- | Makefile.cvs | 10 | ||||
-rw-r--r-- | NEWS | 0 | ||||
-rw-r--r-- | README | 0 | ||||
-rw-r--r-- | TODO | 0 | ||||
m--------- | admin | 0 | ||||
m--------- | cmake | 0 | ||||
-rw-r--r-- | configure.files | 2 | ||||
-rw-r--r-- | configure.in.in | 6 | ||||
-rw-r--r-- | debian/changelog | 5 | ||||
-rw-r--r-- | debian/compat | 1 | ||||
-rw-r--r-- | debian/control | 12 | ||||
-rw-r--r-- | debian/copyright | 31 | ||||
-rwxr-xr-x | debian/rules | 24 | ||||
-rw-r--r-- | doc/Makefile.am | 6 | ||||
-rw-r--r-- | doc/en/Makefile.am | 2 | ||||
-rw-r--r-- | po/Makefile.am | 2 | ||||
-rw-r--r-- | src/Makefile.am | 11 | ||||
-rw-r--r-- | src/ldaplogindlg.cpp | 46 | ||||
-rw-r--r-- | src/ldaplogindlg.h | 39 | ||||
-rw-r--r-- | src/ldaplogindlgbase.ui | 87 | ||||
-rw-r--r-- | src/ldappasswddlg.cpp | 46 | ||||
-rw-r--r-- | src/ldappasswddlg.h | 43 | ||||
-rw-r--r-- | src/libtdeldap.cpp | 1183 | ||||
-rw-r--r-- | src/libtdeldap.h | 224 | ||||
-rw-r--r-- | stamp-h.in | 0 | ||||
-rw-r--r-- | subdirs | 3 |
32 files changed, 2320 insertions, 0 deletions
diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..4fce771 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,6 @@ +[submodule "admin"] + path = admin + url = http://[email protected]/scm/git/tde-common-admin +[submodule "cmake"] + path = cmake + url = http://[email protected]/scm/git/tde-common-cmake @@ -0,0 +1 @@ +Timothy Pearson <[email protected]> @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 0000000..323fd37 --- /dev/null +++ b/ChangeLog @@ -0,0 +1 @@ +2012-05-17 - Initial Release
\ No newline at end of file @@ -0,0 +1,167 @@ +Basic Installation +================== + + These are generic installation instructions. + + The `configure' shell script attempts to guess correct values for +various system-dependent variables used during compilation. It uses +those values to create a `Makefile' in each directory of the package. +It may also create one or more `.h' files containing system-dependent +definitions. Finally, it creates a shell script `config.status' that +you can run in the future to recreate the current configuration, a file +`config.cache' that saves the results of its tests to speed up +reconfiguring, and a file `config.log' containing compiler output +(useful mainly for debugging `configure'). + + If you need to do unusual things to compile the package, please try +to figure out how `configure' could check whether to do them, and mail +diffs or instructions to the address given in the `README' so they can +be considered for the next release. If at some point `config.cache' +contains results you don't want to keep, you may remove or edit it. + + The file `configure.in' is used to create `configure' by a program +called `autoconf'. You only need `configure.in' if you want to change +it or regenerate `configure' using a newer version of `autoconf'. + +The simplest way to compile this package is: + + 1. `cd' to the directory containing the package's source code and type + `./configure' to configure the package for your system. If you're + using `csh' on an old version of System V, you might need to type + `sh ./configure' instead to prevent `csh' from trying to execute + `configure' itself. + + Running `configure' takes a while. While running, it prints some + messages telling which features it is checking for. + + 2. Type `make' to compile the package. + + 3. Type `make install' to install the programs and any data files and + documentation. + + 4. You can remove the program binaries and object files from the + source code directory by typing `make clean'. + +Compilers and Options +===================== + + Some systems require unusual options for compilation or linking that +the `configure' script does not know about. You can give `configure' +initial values for variables by setting them in the environment. Using +a Bourne-compatible shell, you can do that on the command line like +this: + CC=c89 CFLAGS=-O2 LIBS=-lposix ./configure + +Or on systems that have the `env' program, you can do it like this: + env CPPFLAGS=-I/usr/local/include LDFLAGS=-s ./configure + +Compiling For Multiple Architectures +==================================== + + You can compile the package for more than one kind of computer at the +same time, by placing the object files for each architecture in their +own directory. To do this, you must use a version of `make' that +supports the `VPATH' variable, such as GNU `make'. `cd' to the +directory where you want the object files and executables to go and run +the `configure' script. `configure' automatically checks for the +source code in the directory that `configure' is in and in `..'. + + If you have to use a `make' that does not supports the `VPATH' +variable, you have to compile the package for one architecture at a time +in the source code directory. After you have installed the package for +one architecture, use `make distclean' before reconfiguring for another +architecture. + +Installation Names +================== + + By default, `make install' will install the package's files in +`/usr/local/bin', `/usr/local/man', etc. You can specify an +installation prefix other than `/usr/local' by giving `configure' the +option `--prefix=PATH'. + + You can specify separate installation prefixes for +architecture-specific files and architecture-independent files. If you +give `configure' the option `--exec-prefix=PATH', the package will use +PATH as the prefix for installing programs and libraries. +Documentation and other data files will still use the regular prefix. + + If the package supports it, you can cause programs to be installed +with an extra prefix or suffix on their names by giving `configure' the +option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. + +Optional Features +================= + + Some packages pay attention to `--enable-FEATURE' options to +`configure', where FEATURE indicates an optional part of the package. +They may also pay attention to `--with-PACKAGE' options, where PACKAGE +is something like `gnu-as' or `x' (for the X Window System). The +`README' should mention any `--enable-' and `--with-' options that the +package recognizes. + + For packages that use the X Window System, `configure' can usually +find the X include and library files automatically, but if it doesn't, +you can use the `configure' options `--x-includes=DIR' and +`--x-libraries=DIR' to specify their locations. + +Specifying the System Type +========================== + + There may be some features `configure' can not figure out +automatically, but needs to determine by the type of host the package +will run on. Usually `configure' can figure that out, but if it prints +a message saying it can not guess the host type, give it the +`--host=TYPE' option. TYPE can either be a short name for the system +type, such as `sun4', or a canonical name with three fields: + CPU-COMPANY-SYSTEM + +See the file `config.sub' for the possible values of each field. If +`config.sub' isn't included in this package, then this package doesn't +need to know the host type. + + If you are building compiler tools for cross-compiling, you can also +use the `--target=TYPE' option to select the type of system they will +produce code for and the `--build=TYPE' option to select the type of +system on which you are compiling the package. + +Sharing Defaults +================ + + If you want to set default values for `configure' scripts to share, +you can create a site shell script called `config.site' that gives +default values for variables like `CC', `cache_file', and `prefix'. +`configure' looks for `PREFIX/share/config.site' if it exists, then +`PREFIX/etc/config.site' if it exists. Or, you can set the +`CONFIG_SITE' environment variable to the location of the site script. +A warning: not all `configure' scripts look for a site script. + +Operation Controls +================== + + `configure' recognizes the following options to control how it +operates. + +`--cache-file=FILE' + Use and save the results of the tests in FILE instead of + `./config.cache'. Set FILE to `/dev/null' to disable caching, for + debugging `configure'. + +`--help' + Print a summary of the options to `configure', and exit. + +`--quiet' +`--silent' +`-q' + Do not print messages saying which checks are being made. + +`--srcdir=DIR' + Look for the package's source code in directory DIR. Usually + `configure' can determine that directory automatically. + +`--version' + Print the version of Autoconf used to generate the `configure' + script, and exit. + +`configure' also accepts some other, not widely useful, options. + diff --git a/Makefile.am b/Makefile.am new file mode 100644 index 0000000..8a2284f --- /dev/null +++ b/Makefile.am @@ -0,0 +1,22 @@ +SUBDIRS = $(TOPSUBDIRS) + +$(top_srcdir)/configure.in: configure.in.in $(top_srcdir)/subdirs + cd $(top_srcdir) && $(MAKE) -f admin/Makefile.common configure.in ; + +$(top_srcdir)/subdirs: + cd $(top_srcdir) && $(MAKE) -f admin/Makefile.common subdirs + +$(top_srcdir)/acinclude.m4: $(top_srcdir)/admin/acinclude.m4.in $(top_srcdir)/admin/libtool.m4.in + @cd $(top_srcdir) && cat admin/acinclude.m4.in admin/libtool.m4.in > acinclude.m4 + +MAINTAINERCLEANFILES = subdirs configure.in acinclude.m4 configure.files + +package-messages: + cd $(top_srcdir) && $(MAKE) -f admin/Makefile.common package-messages + $(MAKE) -C po merge + +EXTRA_DIST = admin COPYING configure.in.in + +dist-hook: + cd $(top_distdir) && perl admin/am_edit -padmin + cd $(top_distdir) && $(MAKE) -f admin/Makefile.common subdirs diff --git a/Makefile.cvs b/Makefile.cvs new file mode 100644 index 0000000..4c0afd1 --- /dev/null +++ b/Makefile.cvs @@ -0,0 +1,10 @@ +all: + @echo "This Makefile is only for the CVS repository" + @echo "This will be deleted before making the distribution" + @echo "" + $(MAKE) -f admin/Makefile.common cvs + +dist: + $(MAKE) -f admin/Makefile.common dist + +.SILENT: diff --git a/admin b/admin new file mode 160000 +Subproject 4af57bf22967e6ad80ab898980ed505df6eae5b diff --git a/cmake b/cmake new file mode 160000 +Subproject d2f658ca47faefe569bcd1885b9238691fa1328 diff --git a/configure.files b/configure.files new file mode 100644 index 0000000..030bce8 --- /dev/null +++ b/configure.files @@ -0,0 +1,2 @@ +./admin/configure.in.min +configure.in.in diff --git a/configure.in.in b/configure.in.in new file mode 100644 index 0000000..18b1486 --- /dev/null +++ b/configure.in.in @@ -0,0 +1,6 @@ +#MIN_CONFIG(3.2.0) + +AM_INIT_AUTOMAKE(autostart, 0.1) +AC_C_BIGENDIAN +AC_CHECK_KDEMAXPATHLEN + diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..9160ca8 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +libtdeldap-trinity (0.5-0ubuntu0) karmic; urgency=low + + * Karmic rebuild + + -- Timothy Pearson <[email protected]> Thu, 02 July 2009 16:08:00 -0600 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..7ed6ff8 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +5 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..6734be8 --- /dev/null +++ b/debian/control @@ -0,0 +1,12 @@ +Source: libtdeldap-trinity +Section: tde +Priority: optional +Maintainer: Timothy Pearson <[email protected]> +Build-Depends: debhelper (>= 5), cdbs, tdelibs4-trinity-dev, libldap2-dev, automake, autoconf, libtool, libltdl-dev +Standards-Version: 3.8.4 + +Package: libtdeldap-trinity +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, heimdal-clients +Description: LDAP interface library for TDE + LDAP interface library for TDE management modules. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..540709e --- /dev/null +++ b/debian/copyright @@ -0,0 +1,31 @@ +This package was debianized by Timothy Pearson <[email protected]> on +Thu, 17 May 2012 19:52:51 +0100. + +It was downloaded from http://www.trinitydesktop.org + +Upstream Author: Timothy Pearson <[email protected]> + +copyright (C) 2012 Timothy Pearson <[email protected]> + +License: + + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this package; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +On Debian systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + +The Debian packaging is (C) 2012, Timothy Pearson <[email protected]> and +is licensed under the GPL, see above. + diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..242fb2c --- /dev/null +++ b/debian/rules @@ -0,0 +1,24 @@ +#!/usr/bin/make -f + +include /usr/share/cdbs/1/rules/simple-patchsys.mk +include /usr/share/cdbs/1/class/autotools.mk +include /usr/share/cdbs/1/rules/debhelper.mk + +DEB_CONFIGURE_INCLUDEDIR := /opt/trinity/include/tde +DEB_CONFIGURE_MANDIR := /opt/trinity/share/man +DEB_CONFIGURE_PREFIX := /opt/trinity +DEB_CONFIGURE_INFODIR := /opt/trinity/share/info + +cdbs_configure_flags := --with-qt-dir=/usr/share/qt3 --disable-rpath --with-xinerama $(cdbs_kde_enable_final) $(cdbs_kde_enable_debug) + +post-patches:: debian/stamp-bootstrap + +debian/stamp-bootstrap: + ! [ -f /usr/share/libtool/ltmain.sh ] || \ + cp -f /usr/share/libtool/ltmain.sh admin/ltmain.sh + ! [ -f /usr/share/libtool/config/ltmain.sh ] || \ + cp -f /usr/share/libtool/config/ltmain.sh admin/ltmain.sh + cp -f /usr/share/aclocal/libtool.m4 admin/libtool.m4.in + + make -f admin/Makefile.common cvs + touch debian/stamp-bootstrap diff --git a/doc/Makefile.am b/doc/Makefile.am new file mode 100644 index 0000000..faa0ae8 --- /dev/null +++ b/doc/Makefile.am @@ -0,0 +1,6 @@ +# the SUBDIRS is filled automatically by am_edit. If files are +# in this directory they are installed into the english dir + +KDE_LANG = en +KDE_DOCS = autostart +SUBDIRS = $(AUTODIRS) diff --git a/doc/en/Makefile.am b/doc/en/Makefile.am new file mode 100644 index 0000000..e7a9eb0 --- /dev/null +++ b/doc/en/Makefile.am @@ -0,0 +1,2 @@ +KDE_DOCS = ldap +KDE_LANG = en diff --git a/po/Makefile.am b/po/Makefile.am new file mode 100644 index 0000000..898f985 --- /dev/null +++ b/po/Makefile.am @@ -0,0 +1,2 @@ +POFILES = AUTO +# noinst_HEADERS = ldap.pot diff --git a/src/Makefile.am b/src/Makefile.am new file mode 100644 index 0000000..75816dd --- /dev/null +++ b/src/Makefile.am @@ -0,0 +1,11 @@ +INCLUDES = $(all_includes) +METASOURCES = AUTO + +# Create a shared library file +lib_LTLIBRARIES = libtdeldap.la + +libtdeldap_la_SOURCES = libtdeldap.cpp ldaplogindlgbase.ui ldaplogindlg.cpp ldappasswddlg.cpp +libtdeldap_la_LIBADD = -lkio $(LIB_TDEUI) -lldap +libtdeldap_la_LDFLAGS = -avoid-version -module -no-undefined \ + $(all_libraries) + diff --git a/src/ldaplogindlg.cpp b/src/ldaplogindlg.cpp new file mode 100644 index 0000000..7bd9147 --- /dev/null +++ b/src/ldaplogindlg.cpp @@ -0,0 +1,46 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * [email protected] * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#include <tqstringlist.h> +#include <tqlabel.h> +#include <tqmap.h> + +#include <kapplication.h> +#include <ksimpleconfig.h> +#include <klocale.h> +#include <kdebug.h> +#include <kstandarddirs.h> +#include <kiconloader.h> +#include <dcopclient.h> +#include <kprocess.h> +#include <kcombobox.h> + +#include "ldaplogindlg.h" + +LDAPLogin::LDAPLogin(TQWidget *parent, const char *name ) : LDAPLoginDlg(parent,name) { + px_icon->setPixmap(SmallIcon("password.png")); + ldapAdminRealm->setEditable(true); +} + +LDAPLogin::~LDAPLogin(){ + // +} + +// #include "ldaplogindlg.moc" diff --git a/src/ldaplogindlg.h b/src/ldaplogindlg.h new file mode 100644 index 0000000..c4b74f2 --- /dev/null +++ b/src/ldaplogindlg.h @@ -0,0 +1,39 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * [email protected] * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#ifndef LDAPLOGIN_H +#define LDAPLOGIN_H + +#include "ldaplogindlgbase.h" + +class TQStringList; + +/**LDAP login dialog + *@author Timothy Pearson + */ + +class LDAPLogin : public LDAPLoginDlg { + Q_OBJECT +public: + LDAPLogin(TQWidget *parent=0, const char *name=0); + ~LDAPLogin(); +}; + +#endif diff --git a/src/ldaplogindlgbase.ui b/src/ldaplogindlgbase.ui new file mode 100644 index 0000000..43ac9b4 --- /dev/null +++ b/src/ldaplogindlgbase.ui @@ -0,0 +1,87 @@ +<!DOCTYPE UI><UI version="3.0" stdsetdef="1"> +<class>LDAPLoginDlg</class> +<widget class="TQWidget"> + <property name="name"> + <cstring>LDAPLoginDlg</cstring> + </property> + <grid> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <widget class="TQLabel" row="1" column="0" rowspan="1" colspan="1"> + <property name="name"> + <cstring>px_icon</cstring> + </property> + <property name="sizePolicy"> + <sizepolicy> + <hsizetype>0</hsizetype> + <vsizetype>0</vsizetype> + <horstretch>0</horstretch> + <verstretch>0</verstretch> + </sizepolicy> + </property> + <property name="frameShape"> + <enum>NoFrame</enum> + </property> + <property name="frameShadow"> + <enum>Plain</enum> + </property> + <property name="scaledContents"> + <bool>true</bool> + </property> + <property name="indent"> + <number>0</number> + </property> + </widget> + <widget class="TQLabel" row="1" column="1" colspan="2"> + <property name="name"> + <cstring>passprompt</cstring> + </property> + <property name="text"> + <string>Please provide appropriate LDAP credentials below</string> + </property> + </widget> + <widget class="TQLabel" row="2" column="0" colspan="2"> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <property name="text"> + <string>Username</string> + </property> + </widget> + <widget class="KLineEdit" row="2" column="2"> + <property name="name"> + <cstring>ldapAdminUsername</cstring> + </property> + </widget> + <widget class="TQLabel" row="3" column="0" colspan="2"> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <property name="text"> + <string>Password</string> + </property> + </widget> + <widget class="KPasswordEdit" row="3" column="2"> + <property name="name"> + <cstring>ldapAdminPassword</cstring> + </property> + </widget> + <widget class="TQLabel" row="4" column="0" colspan="2"> + <property name="name"> + <cstring>unnamed</cstring> + </property> + <property name="text"> + <string>LDAP Realm</string> + </property> + </widget> + <widget class="KComboBox" row="4" column="2"> + <property name="name"> + <cstring>ldapAdminRealm</cstring> + </property> + </widget> + </grid> +</widget> +<layoutdefaults spacing="3" margin="6"/> +<layoutfunctions spacing="KDialog::spacingHint" margin="KDialog::marginHint"/> +</UI> diff --git a/src/ldappasswddlg.cpp b/src/ldappasswddlg.cpp new file mode 100644 index 0000000..054f9dc --- /dev/null +++ b/src/ldappasswddlg.cpp @@ -0,0 +1,46 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * [email protected] * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#include <klocale.h> +#include <klineedit.h> +#include <ktextedit.h> +#include <knuminput.h> +#include <kactionselector.h> +#include <tqlistbox.h> +#include <kpushbutton.h> +#include <tqpixmap.h> +#include <tqiconset.h> +#include <tqlabel.h> + +#include "ldappasswddlg.h" + +LDAPPasswordDialog::LDAPPasswordDialog(TQWidget* parent, const char* name) + : KDialogBase(parent, name, true, i18n("LDAP Authentication"), Ok|Cancel, Ok, true) +{ + m_base = new LDAPLogin(this); + + setMainWidget(m_base); +} + +void LDAPPasswordDialog::slotOk() { + accept(); +} + +#include "ldappasswddlg.moc" diff --git a/src/ldappasswddlg.h b/src/ldappasswddlg.h new file mode 100644 index 0000000..2c3c060 --- /dev/null +++ b/src/ldappasswddlg.h @@ -0,0 +1,43 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * [email protected] * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#ifndef _LDAPPASSWORDDIALOG_H_ +#define _LDAPPASSWORDDIALOG_H_ + +#include <kdialogbase.h> +#include <kcombobox.h> + +#include "ldaplogindlg.h" + +class LDAPPasswordDialog : public KDialogBase +{ + Q_OBJECT + +public: + LDAPPasswordDialog(TQWidget* parent = 0, const char* name = 0); + +public slots: + void slotOk(); + +public: + LDAPLogin *m_base; +}; + +#endif diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp new file mode 100644 index 0000000..af20e0e --- /dev/null +++ b/src/libtdeldap.cpp @@ -0,0 +1,1183 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * [email protected] * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#include <klocale.h> +#include <kmessagebox.h> +#include <klineedit.h> +#include <kpassdlg.h> + +#include <ldap.h> +#include <stdlib.h> +#include <sys/time.h> + +#include "libtdeldap.h" +#include "ldappasswddlg.h" + +#define LDAP_INSECURE_PORT 389 +#define LDAP_SECURE_PORT 636 + +int requested_ldap_version = LDAP_VERSION3; +int requested_ldap_auth_method = LDAP_AUTH_SIMPLE; // Is this safe and secure over an untrusted connection? +char* ldap_user_and_operational_attributes[2] = {"*", "+"}; + +LDAPManager::LDAPManager(TQString realm, TQString host, TQObject *parent, const char *name) : TQObject(parent, name), m_realm(realm), m_host(host), m_port(0), m_creds(0), m_ldap(0) +{ + TQStringList domainChunks = TQStringList::split(".", realm.lower()); + m_basedc = "dc=" + domainChunks.join(",dc="); +} + +LDAPManager::~LDAPManager() { + unbind(true); +} + +TQString LDAPManager::basedn() { + return m_basedc; +} + +TQString LDAPManager::realm() { + return m_realm; +} + +LDAPCredentials LDAPManager::currentLDAPCredentials() { + if (m_creds) { + return *m_creds; + } + else { + return LDAPCredentials(); + } +} + +int LDAPManager::bind() { +printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout); + if (m_ldap) { + return 0; + } + + int use_secure_connection = 0; + + TQString uri; + if (use_secure_connection == 1) { + m_port = LDAP_SECURE_PORT; + uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port); + } + else { + m_port = LDAP_INSECURE_PORT; + uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port); + } + + int retcode = ldap_initialize(&m_ldap, uri.ascii()); + if (retcode < 0) { + KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); + return -1; + } + retcode = ldap_set_option(m_ldap, LDAP_OPT_PROTOCOL_VERSION, &requested_ldap_version); + if (retcode != LDAP_OPT_SUCCESS) { + KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); + return -1; + } + + TQString errorString; + LDAPPasswordDialog passdlg(0); + passdlg.m_base->ldapAdminRealm->setEnabled(false); + passdlg.m_base->ldapAdminRealm->insertItem(m_realm); + if (passdlg.exec() == TQDialog::Accepted) { + char* mechanism = NULL; + struct berval cred; + TQString ldap_dn = passdlg.m_base->ldapAdminUsername->text(); + TQCString pass = passdlg.m_base->ldapAdminPassword->password(); + if (!m_creds) m_creds = new LDAPCredentials(); + m_creds->username = passdlg.m_base->ldapAdminUsername->text(); + m_creds->password = passdlg.m_base->ldapAdminPassword->password(); + m_creds->realm = passdlg.m_base->ldapAdminRealm->currentText(); + cred.bv_val = pass.data(); + cred.bv_len = pass.length(); + + if (!ldap_dn.contains(",")) { + // Look for a POSIX account with anonymous bind and the specified account name + TQString uri; + LDAP* ldapconn; + if (use_secure_connection == 1) { + m_port = LDAP_SECURE_PORT; + uri = TQString("ldaps://%1:%2").arg(m_host).arg(m_port); + } + else { + m_port = LDAP_INSECURE_PORT; + uri = TQString("ldap://%1:%2").arg(m_host).arg(m_port); + } + int retcode = ldap_initialize(&ldapconn, uri.ascii()); + if (retcode < 0) { + KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); + return -1; + } + retcode = ldap_set_option(ldapconn, LDAP_OPT_PROTOCOL_VERSION, &requested_ldap_version); + if (retcode != LDAP_OPT_SUCCESS) { + KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); + return -1; + } + struct berval anoncred; + anoncred.bv_val = ""; + anoncred.bv_len = strlen(""); + retcode = ldap_sasl_bind_s(ldapconn, "", mechanism, &anoncred, NULL, NULL, NULL); + if (retcode == LDAP_SUCCESS ) { + // Look for the DN for the specified user + LDAPMessage* msg; + TQString ldap_base_dn = m_basedc; + TQString ldap_filter = TQString("(&(objectclass=posixAccount)(uid=%1))").arg(passdlg.m_base->ldapAdminUsername->text()); + retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, NULL, 0, &msg); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + } + else { + // Iterate through the returned entries + char* dn = NULL; + LDAPMessage* entry; + for(entry = ldap_first_entry(ldapconn, msg); entry != NULL; entry = ldap_next_entry(ldapconn, entry)) { + if((dn = ldap_get_dn(ldapconn, entry)) != NULL) { + ldap_dn = dn; + ldap_memfree(dn); + } + } + } + // clean up + ldap_msgfree(msg); + + // All done! + ldap_unbind_ext_s(ldapconn, NULL, NULL); + } + } + + retcode = ldap_sasl_bind_s(m_ldap, ldap_dn.ascii(), mechanism, &cred, NULL, NULL, NULL); + + if (retcode != LDAP_SUCCESS ) { + KMessageBox::error(0, i18n("<qt>Unable to connect to LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to connect to server!")); + return -1; + } + + return 0; + } + else { + return -2; + } + + return -3; +} + +int LDAPManager::unbind(bool force) { +printf("[RAJA DEBUG 600.1] In LDAPManager::unbind()\n\r"); fflush(stdout); + if (!m_ldap) { + return 0; + } + + int retcode = ldap_unbind_ext_s(m_ldap, NULL, NULL); + if ((retcode < 0) && (force == false)) { + KMessageBox::error(0, i18n("<qt>Unable to disconnect from LDAP server %1 on port %2<p>Reason: [%3] %4</qt>").arg(m_host).arg(m_port).arg(retcode).arg(ldap_err2string(retcode)), i18n("Unable to disconnect from server!")); + return retcode; + } + else { + m_ldap = 0; + } + return retcode; +} + +LDAPUserInfo LDAPManager::parseLDAPUserRecord(LDAPMessage* entry) { + int i; + char* dn = NULL; + char* attr; + struct berval **vals; + BerElement* ber; + + LDAPUserInfo userinfo; + + if((dn = ldap_get_dn(m_ldap, entry)) != NULL) { + printf("Returned dn: %s\n", dn); + userinfo.distinguishedName = dn; + TQStringList dnParts = TQStringList::split(",", dn); + TQString id = dnParts[0]; + if (id.startsWith("uid=")) { + id = id.remove(0, 4); + userinfo.name = id; + } + ldap_memfree(dn); + } + + for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) { + if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) { +printf("[RAJA DEBUG 100.3] %s: %s\n\r", attr, vals[i]->bv_val); + userinfo.informationValid = true; + TQString ldap_field = attr; + i=0; + if (ldap_field == "creatorsName") { + userinfo.creatorsName = vals[i]->bv_val; + } + else if (ldap_field == "uidNumber") { + userinfo.uid = atoi(vals[i]->bv_val); + } + else if (ldap_field == "loginShell") { + userinfo.shell = vals[i]->bv_val; + } + else if (ldap_field == "homeDirectory") { + userinfo.homedir = vals[i]->bv_val; + } + else if (ldap_field == "gidNumber") { + userinfo.primary_gid = atoi(vals[i]->bv_val); + } + else if (ldap_field == "krb5KDCFlags") { + userinfo.status = (LDAPKRB5Flags)(atoi(vals[i]->bv_val)); + } + else if (ldap_field == "createTimestamp") { // YYYYMMDD000000Z + TQString formattedDate = vals[i]->bv_val; + formattedDate.insert(4,"-"); + formattedDate.insert(7,"-"); + formattedDate.insert(10,"T"); + formattedDate.insert(13,":"); + formattedDate.insert(16,":"); + formattedDate.remove(19, 1); + userinfo.account_created = TQDateTime::fromString(formattedDate, TQt::ISODate); + } + else if (ldap_field == "modifyTimestamp") { // YYYYMMDD000000Z + TQString formattedDate = vals[i]->bv_val; + formattedDate.insert(4,"-"); + formattedDate.insert(7,"-"); + formattedDate.insert(10,"T"); + formattedDate.insert(13,":"); + formattedDate.insert(16,":"); + formattedDate.remove(19, 1); + userinfo.account_modified = TQDateTime::fromString(formattedDate, TQt::ISODate); + } + // FIXME + // These two attributes do not seem to be available with a Heimdal KDC + // userinfo.password_last_changed = vals[i]->bv_val; + // userinfo.password_expires = vals[i]->bv_val; + else if (ldap_field == "krb5PasswordEnd") { // YYYYMMDD000000Z + TQString formattedDate = vals[i]->bv_val; + formattedDate.insert(4,"-"); + formattedDate.insert(7,"-"); + formattedDate.insert(10,"T"); + formattedDate.insert(13,":"); + formattedDate.insert(16,":"); + formattedDate.remove(19, 1); + userinfo.password_expiration = TQDateTime::fromString(formattedDate, TQt::ISODate); + } + // FIXME + // These six(!) attributes do not seem to be available with a Heimdal KDC + // userinfo.password_ages = vals[i]->bv_val; + // userinfo.new_password_interval = vals[i]->bv_val; + // userinfo.new_password_warn_interval = vals[i]->bv_val; + // userinfo.new_password_lockout_delay = vals[i]->bv_val; + // userinfo.password_has_minimum_age = vals[i]->bv_val; + // userinfo.password_minimum_age = vals[i]->bv_val; + else if (ldap_field == "krb5MaxLife") { // units: hours + userinfo.maximum_ticket_lifetime = atoi(vals[i]->bv_val); + } + else if (ldap_field == "cn") { + userinfo.commonName = vals[i]->bv_val; + } + else if (ldap_field == "givenName") { + userinfo.givenName = vals[i]->bv_val; + } + else if (ldap_field == "sn") { + userinfo.surName = vals[i]->bv_val; + } + else if (ldap_field == "initials") { + userinfo.initials = vals[i]->bv_val; + } + else if (ldap_field == "title") { + userinfo.title = vals[i]->bv_val; + } + else if (ldap_field == "mail") { + userinfo.email = vals[i]->bv_val; + } + else if (ldap_field == "description") { + userinfo.description = vals[i]->bv_val; + } + else if (ldap_field == "l") { + userinfo.locality = vals[i]->bv_val; + } + else if (ldap_field == "telephoneNumber") { + userinfo.telephoneNumber = vals[i]->bv_val; + } + else if (ldap_field == "facsimileTelephoneNumber") { + userinfo.faxNumber = vals[i]->bv_val; + } + else if (ldap_field == "homePhone") { + userinfo.homePhone = vals[i]->bv_val; + } + else if (ldap_field == "mobile") { + userinfo.mobilePhone = vals[i]->bv_val; + } + else if (ldap_field == "pager") { + userinfo.pagerNumber = vals[i]->bv_val; + } + // FIXME + // This attribute is not present in my current LDAP schema + // userinfo.website = vals[i]->bv_val; + else if (ldap_field == "postOfficeBox") { + userinfo.poBox = vals[i]->bv_val; + } + else if (ldap_field == "street") { + userinfo.street = vals[i]->bv_val; + } + else if (ldap_field == "postalAddress") { + userinfo.address = vals[i]->bv_val; + } + else if (ldap_field == "st") { + userinfo.state = vals[i]->bv_val; + } + else if (ldap_field == "postalCode") { + userinfo.postcode = vals[i]->bv_val; + } + else if (ldap_field == "registeredAddress") { + userinfo.registeredAddress = vals[i]->bv_val; + } + else if (ldap_field == "homePostalAddress") { + userinfo.homeAddress = vals[i]->bv_val; + } + else if (ldap_field == "seeAlso") { + userinfo.seeAlso = vals[i]->bv_val; + } + else if (ldap_field == "physicalDeliveryOfficeName") { + userinfo.deliveryOffice = vals[i]->bv_val; + } + else if (ldap_field == "departmentNumber") { + userinfo.department = vals[i]->bv_val; + } + else if (ldap_field == "roomNumber") { + userinfo.roomNumber = vals[i]->bv_val; + } + else if (ldap_field == "employeeType") { + userinfo.employeeType = vals[i]->bv_val; + } + else if (ldap_field == "employeeNumber") { + userinfo.employeeNumber = vals[i]->bv_val; + } + // FIXME + // These two attributes are not present in my current LDAP schema +// userinfo.manager = vals[i]->bv_val; +// userinfo.secretary = vals[i]->bv_val; + else if (ldap_field == "internationaliSDNNumber") { + userinfo.isdnNumber = vals[i]->bv_val; + } + // FIXME + // This attribute is not present in my current LDAP schema +// userinfo.teletexID = vals[i]->bv_val; + else if (ldap_field == "telexNumber") { + userinfo.telexNumber = vals[i]->bv_val; + } + // FIXME + // This attribute is not present in my current LDAP schema +// userinfo.preferredDelivery = vals[i]->bv_val; + else if (ldap_field == "destinationIndicator") { + userinfo.destinationIndicator = vals[i]->bv_val; + } + else if (ldap_field == "x121Address") { + userinfo.x121Address = vals[i]->bv_val; + } + else if (ldap_field == "displayName") { + userinfo.displayName = vals[i]->bv_val; + } + else if (ldap_field == "preferredLanguage") { + userinfo.preferredLanguage = vals[i]->bv_val; + } + // FIXME + // This attribute is not present in my current LDAP schema +// userinfo.uniqueIdentifier = vals[i]->bv_val; + else if (ldap_field == "businessCategory") { + userinfo.businessCategory = vals[i]->bv_val; + } + else if (ldap_field == "carLicense") { + userinfo.carLicense = vals[i]->bv_val; + } + // FIXME + // This attribute is not present in my current LDAP schema +// userinfo.notes = vals[i]->bv_val; + ldap_value_free_len(vals); + } + ldap_memfree(attr); + } + + if (ber != NULL) { + ber_free(ber, 0); + } + + printf("\n\r"); + + return userinfo; +} + +LDAPUserInfoList LDAPManager::users() { + int retcode; + LDAPUserInfoList users; +printf("[RAJA DEBUG 100.0] In LDAPManager::users()\n\r"); fflush(stdout); + + if (bind() < 0) { + return LDAPUserInfoList(); + } + else { +printf("[RAJA DEBUG 100.1] In LDAPManager::users() bind was OK\n\r"); fflush(stdout); + LDAPMessage* msg; + TQString ldap_base_dn = m_basedc; + TQString ldap_filter = "(objectClass=posixAccount)"; + retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, NULL, 0, &msg); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return LDAPUserInfoList(); + } + +printf("[RAJA DEBUG 100.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg)); + + // Iterate through the returned entries + LDAPMessage* entry; + for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) { + users.append(parseLDAPUserRecord(entry)); + } + + // clean up + ldap_msgfree(msg); + + return users; + } + + return LDAPUserInfoList(); +} + +LDAPUserInfo LDAPManager::getUserByDistinguishedName(TQString dn) { + int retcode; + LDAPUserInfo userinfo; + + if (bind() < 0) { + return LDAPUserInfo(); + } + else { + LDAPMessage* msg; + struct timeval timeout; + timeout.tv_sec = 10; // 10 second timeout + retcode = ldap_search_ext_s(m_ldap, dn.ascii(), LDAP_SCOPE_SUBTREE, NULL, ldap_user_and_operational_attributes, 0, NULL, NULL, &timeout, 0, &msg); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return LDAPUserInfo(); + } + + // Iterate through the returned entries + LDAPMessage* entry; + for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) { + userinfo = parseLDAPUserRecord(entry); + } + + // clean up + ldap_msgfree(msg); + + return userinfo; + } + + return LDAPUserInfo(); +} + +LDAPGroupInfo LDAPManager::getGroupByDistinguishedName(TQString dn) { + int retcode; + LDAPGroupInfo groupinfo; + + if (bind() < 0) { + return LDAPGroupInfo(); + } + else { + LDAPMessage* msg; + struct timeval timeout; + timeout.tv_sec = 10; // 10 second timeout + retcode = ldap_search_ext_s(m_ldap, dn.ascii(), LDAP_SCOPE_SUBTREE, NULL, ldap_user_and_operational_attributes, 0, NULL, NULL, &timeout, 0, &msg); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return LDAPGroupInfo(); + } + + // Iterate through the returned entries + LDAPMessage* entry; + for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) { + groupinfo = parseLDAPGroupRecord(entry); + } + + // clean up + ldap_msgfree(msg); + + return groupinfo; + } + + return LDAPGroupInfo(); +} + +void create_single_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQString value) { + if (value != "") { + char **values = (char**)malloc(2*sizeof(char*)); + values[0] = strdup(value.ascii()); + values[1] = NULL; + mods[*i]->mod_op = LDAP_MOD_ADD; + mods[*i]->mod_type = strdup(attr.ascii()); + mods[*i]->mod_values = values; + (*i)++; + } +} + +void create_multiple_attributes_operation(LDAPMod **mods, int *i, TQString attr, TQStringList strings) { + int j=0; + char **values = (char**)malloc((strings.count()+1)*sizeof(char*)); + for ( TQStringList::Iterator it = strings.begin(); it != strings.end(); ++it ) { + if ((*it) != "") { + values[j] = strdup((*it).ascii()); + j++; + } + } + values[j] = NULL; + mods[*i]->mod_op = LDAP_MOD_ADD; + mods[*i]->mod_type = strdup(attr.ascii()); + mods[*i]->mod_values = values; + (*i)++; +} + +void add_single_attribute_operation(LDAPMod **mods, int *i, TQString attr, TQString value) { + if (value != "") { + char **values = (char**)malloc(2*sizeof(char*)); + values[0] = strdup(value.ascii()); + values[1] = NULL; + mods[*i]->mod_op = LDAP_MOD_REPLACE; + mods[*i]->mod_type = strdup(attr.ascii()); + mods[*i]->mod_values = values; + (*i)++; + } +} + +void add_multiple_attributes_operation(LDAPMod **mods, int *i, TQString attr, TQStringList strings) { + int j=0; + char **values = (char**)malloc((strings.count()+1)*sizeof(char*)); + for ( TQStringList::Iterator it = strings.begin(); it != strings.end(); ++it ) { + if ((*it) != "") { + values[j] = strdup((*it).ascii()); + j++; + } + } + values[j] = NULL; + mods[*i]->mod_op = LDAP_MOD_REPLACE; + mods[*i]->mod_type = strdup(attr.ascii()); + mods[*i]->mod_values = values; + (*i)++; +} + +int LDAPManager::updateUserInfo(LDAPUserInfo user) { + int retcode; + int i; + LDAPUserInfo userinfo; + + if (bind() < 0) { + return -1; + } + else { + // Assemble the LDAPMod structure + // We will replace any existing attributes with the new values + int number_of_parameters = 40; // 40 primary attributes + LDAPMod *mods[number_of_parameters+1]; + for (i=0;i<number_of_parameters;i++) { + mods[i] = new LDAPMod; + mods[i]->mod_type = NULL; + mods[i]->mod_values = NULL; + } + mods[number_of_parameters] = NULL; + + // Load LDAP modification requests from provided data structure + i=0; + add_single_attribute_operation(mods, &i, "uidNumber", TQString("%1").arg(user.uid)); + add_single_attribute_operation(mods, &i, "loginShell", user.shell); + add_single_attribute_operation(mods, &i, "homeDirectory", user.homedir); + add_single_attribute_operation(mods, &i, "gidNumber", TQString("%1").arg(user.primary_gid)); + add_single_attribute_operation(mods, &i, "krb5KDCFlags", TQString("%1").arg(user.status)); // Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT] +// add_single_attribute_operation(mods, &i, "", user.password_expires); +// add_single_attribute_operation(mods, &i, "", user.password_expiration); +// add_single_attribute_operation(mods, &i, "", user.password_ages); +// add_single_attribute_operation(mods, &i, "", user.new_password_interval); +// add_single_attribute_operation(mods, &i, "", user.new_password_warn_interval); +// add_single_attribute_operation(mods, &i, "", user.new_password_lockout_delay); +// add_single_attribute_operation(mods, &i, "", user.password_has_minimum_age); +// add_single_attribute_operation(mods, &i, "", user.password_minimum_age); + add_single_attribute_operation(mods, &i, "krb5MaxLife", TQString("%1").arg(user.maximum_ticket_lifetime)); + add_single_attribute_operation(mods, &i, "cn", user.commonName); + add_single_attribute_operation(mods, &i, "givenName", user.givenName); + add_single_attribute_operation(mods, &i, "sn", user.surName); + add_single_attribute_operation(mods, &i, "initials", user.initials); + add_single_attribute_operation(mods, &i, "title", user.title); + add_single_attribute_operation(mods, &i, "mail", user.email); + add_single_attribute_operation(mods, &i, "description", user.description); + add_single_attribute_operation(mods, &i, "l", user.locality); + add_single_attribute_operation(mods, &i, "telephoneNumber", user.telephoneNumber); + add_single_attribute_operation(mods, &i, "facsimileTelephoneNumber", user.faxNumber); + add_single_attribute_operation(mods, &i, "homePhone", user.homePhone); + add_single_attribute_operation(mods, &i, "mobile", user.mobilePhone); + add_single_attribute_operation(mods, &i, "pager", user.pagerNumber); +// add_single_attribute_operation(mods, &i, "", user.website); + add_single_attribute_operation(mods, &i, "postOfficeBox", user.poBox); + add_single_attribute_operation(mods, &i, "street", user.street); + add_single_attribute_operation(mods, &i, "postalAddress", user.address); + add_single_attribute_operation(mods, &i, "st", user.state); + add_single_attribute_operation(mods, &i, "postalCode", user.postcode); + add_single_attribute_operation(mods, &i, "registeredAddress", user.registeredAddress); + add_single_attribute_operation(mods, &i, "homePostalAddress", user.homeAddress); + add_single_attribute_operation(mods, &i, "seeAlso", user.seeAlso); + add_single_attribute_operation(mods, &i, "physicalDeliveryOfficeName", user.deliveryOffice); + add_single_attribute_operation(mods, &i, "departmentNumber", user.department); + add_single_attribute_operation(mods, &i, "roomNumber", user.roomNumber); + add_single_attribute_operation(mods, &i, "employeeType", user.employeeType); + add_single_attribute_operation(mods, &i, "employeeNumber", user.employeeNumber); +// add_single_attribute_operation(mods, &i, "", user.manager); +// add_single_attribute_operation(mods, &i, "", user.secretary); + add_single_attribute_operation(mods, &i, "internationaliSDNNumber", user.isdnNumber); +// add_single_attribute_operation(mods, &i, "", user.teletexID); + add_single_attribute_operation(mods, &i, "telexNumber", user.telexNumber); +// add_single_attribute_operation(mods, &i, "", user.preferredDelivery); + add_single_attribute_operation(mods, &i, "destinationIndicator", user.destinationIndicator); + add_single_attribute_operation(mods, &i, "x121Address", user.x121Address); + add_single_attribute_operation(mods, &i, "displayName", user.displayName); + add_single_attribute_operation(mods, &i, "preferredLanguage", user.preferredLanguage); +// add_single_attribute_operation(mods, &i, "", user.uniqueIdentifier); + add_single_attribute_operation(mods, &i, "businessCategory", user.businessCategory); + add_single_attribute_operation(mods, &i, "carLicense", user.carLicense); +// add_single_attribute_operation(mods, &i, "", user.notes); + LDAPMod *prevterm = mods[i]; + mods[i] = NULL; + + // Perform LDAP update + retcode = ldap_modify_ext_s(m_ldap, user.distinguishedName.ascii(), mods, NULL, NULL); + + // Clean up + mods[i] = prevterm; + for (i=0;i<number_of_parameters;i++) { + if (mods[i]->mod_type != NULL) { + free(mods[i]->mod_type); + } + if (mods[i]->mod_values != NULL) { + int j = 0; + while (mods[i]->mod_values[j] != NULL) { + free(mods[i]->mod_values[j]); + j++; + } + free(mods[i]->mod_values); + } + delete mods[i]; + } + + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return 0; + } + } +} + +int LDAPManager::updateGroupInfo(LDAPGroupInfo group) { + int retcode; + int i; + LDAPGroupInfo groupinfo; + + if (bind() < 0) { + return -1; + } + else { + // Assemble the LDAPMod structure + // We will replace any existing attributes with the new values + int number_of_parameters = 2; // 2 primary attributes + LDAPMod *mods[number_of_parameters+1]; + for (i=0;i<number_of_parameters;i++) { + mods[i] = new LDAPMod; + mods[i]->mod_type = NULL; + mods[i]->mod_values = NULL; + } + mods[number_of_parameters] = NULL; + + // Load LDAP modification requests from provided data structure + i=0; + add_single_attribute_operation(mods, &i, "gidNumber", TQString("%1").arg(group.gid)); + TQStringList completeGroupList = group.userlist; + TQString placeholderGroup = "cn=placeholder," + m_basedc; + if (!completeGroupList.contains(placeholderGroup)) { + completeGroupList.prepend(placeholderGroup); + } + add_multiple_attributes_operation(mods, &i, "member", completeGroupList); + LDAPMod *prevterm = mods[i]; + mods[i] = NULL; + + // Perform LDAP update + retcode = ldap_modify_ext_s(m_ldap, group.distinguishedName.ascii(), mods, NULL, NULL); + + // Clean up + mods[i] = prevterm; + for (i=0;i<number_of_parameters;i++) { + if (mods[i]->mod_type != NULL) { + free(mods[i]->mod_type); + } + if (mods[i]->mod_values != NULL) { + int j = 0; + while (mods[i]->mod_values[j] != NULL) { + free(mods[i]->mod_values[j]); + j++; + } + free(mods[i]->mod_values); + } + delete mods[i]; + } + + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return 0; + } + } +} + +int LDAPManager::addUserInfo(LDAPUserInfo user) { + int retcode; + int i; + LDAPUserInfo userinfo; + + if (bind() < 0) { + return -1; + } + else { + // Create the base DN entry + int number_of_parameters = 13; // 13 primary attributes + LDAPMod *mods[number_of_parameters+1]; + for (i=0;i<number_of_parameters;i++) { + mods[i] = new LDAPMod; + mods[i]->mod_type = NULL; + mods[i]->mod_values = NULL; + } + mods[number_of_parameters] = NULL; + + // Load initial required LDAP object attributes + i=0; + create_single_attribute_operation(mods, &i, "uidNumber", TQString("%1").arg(user.uid)); + create_single_attribute_operation(mods, &i, "gidNumber", TQString("%1").arg(user.primary_gid)); + create_multiple_attributes_operation(mods, &i, "objectClass", TQStringList::split(" ", "inetOrgPerson krb5Realm krb5Principal krb5KDCEntry emsUser posixAccount")); + create_single_attribute_operation(mods, &i, "uid", user.name); + create_single_attribute_operation(mods, &i, "cn", user.commonName); + create_single_attribute_operation(mods, &i, "sn", user.surName); + create_single_attribute_operation(mods, &i, "homeDirectory", user.homedir); + // Kerberos + create_single_attribute_operation(mods, &i, "krb5KeyVersionNumber", "1"); + create_single_attribute_operation(mods, &i, "krb5PrincipalName", TQString(user.name.lower()) + "@" + m_realm.upper()); + create_single_attribute_operation(mods, &i, "krb5RealmName", m_realm.upper()); + // Zivios specific + create_single_attribute_operation(mods, &i, "emsdescription", "None"); + create_single_attribute_operation(mods, &i, "emsprimarygroupdn", "None"); + create_single_attribute_operation(mods, &i, "emstype", "UserEntry"); + LDAPMod *prevterm = mods[i]; + mods[i] = NULL; + + // Add new object + retcode = ldap_add_ext_s(m_ldap, user.distinguishedName.ascii(), mods, NULL, NULL); + + // Clean up + mods[i] = prevterm; + for (i=0;i<number_of_parameters;i++) { + if (mods[i]->mod_type != NULL) { + free(mods[i]->mod_type); + } + if (mods[i]->mod_values != NULL) { + int j = 0; + while (mods[i]->mod_values[j] != NULL) { + free(mods[i]->mod_values[j]); + j++; + } + free(mods[i]->mod_values); + } + delete mods[i]; + } + + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP addition failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return updateUserInfo(user); + } + } +} + +int LDAPManager::addGroupInfo(LDAPGroupInfo group) { + int retcode; + int i; + LDAPGroupInfo groupinfo; + + if (bind() < 0) { + return -1; + } + else { + // Create the base DN entry + int number_of_parameters = 6; // 6 primary attributes + LDAPMod *mods[number_of_parameters+1]; + for (i=0;i<number_of_parameters;i++) { + mods[i] = new LDAPMod; + mods[i]->mod_type = NULL; + mods[i]->mod_values = NULL; + } + mods[number_of_parameters] = NULL; + + TQString placeholderGroup = "cn=placeholder," + m_basedc; + + // Load initial required LDAP object attributes + i=0; + create_single_attribute_operation(mods, &i, "gidNumber", TQString("%1").arg(group.gid)); + create_multiple_attributes_operation(mods, &i, "objectClass", TQStringList::split(" ", "emsGroup groupOfNames posixGroup")); + create_single_attribute_operation(mods, &i, "cn", group.name); + create_multiple_attributes_operation(mods, &i, "member", TQStringList(placeholderGroup)); + // Zivios specific + create_single_attribute_operation(mods, &i, "emsdescription", "None"); + create_single_attribute_operation(mods, &i, "emstype", "GroupEntry"); + LDAPMod *prevterm = mods[i]; + mods[i] = NULL; + + // Add new object + retcode = ldap_add_ext_s(m_ldap, group.distinguishedName.ascii(), mods, NULL, NULL); + + // Clean up + mods[i] = prevterm; + for (i=0;i<number_of_parameters;i++) { + if (mods[i]->mod_type != NULL) { + free(mods[i]->mod_type); + } + if (mods[i]->mod_values != NULL) { + int j = 0; + while (mods[i]->mod_values[j] != NULL) { + free(mods[i]->mod_values[j]); + j++; + } + free(mods[i]->mod_values); + } + delete mods[i]; + } + + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP addition failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return updateGroupInfo(group); + } + } +} + +int LDAPManager::deleteUserInfo(LDAPUserInfo user) { + int retcode; + LDAPUserInfo userinfo; + + if (bind() < 0) { + return -1; + } + else { + // Delete the base DN entry + retcode = ldap_delete_ext_s(m_ldap, user.distinguishedName.ascii(), NULL, NULL); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP deletion failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return 0; + } + } +} + +int LDAPManager::deleteGroupInfo(LDAPGroupInfo group) { + int retcode; + LDAPGroupInfo groupinfo; + + if (bind() < 0) { + return -1; + } + else { + // Delete the base DN entry + retcode = ldap_delete_ext_s(m_ldap, group.distinguishedName.ascii(), NULL, NULL); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP deletion failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return 0; + } + } +} + +int LDAPManager::deleteMachineInfo(LDAPMachineInfo machine) { + int retcode; + LDAPMachineInfo machineinfo; + + if (bind() < 0) { + return -1; + } + else { + // Delete the base DN entry + retcode = ldap_delete_ext_s(m_ldap, machine.distinguishedName.ascii(), NULL, NULL); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP deletion failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return -2; + } + else { + return 0; + } + } +} + +LDAPGroupInfo LDAPManager::parseLDAPGroupRecord(LDAPMessage* entry) { + char* dn = NULL; + char* attr; + struct berval **vals; + BerElement* ber; + int i; + + LDAPGroupInfo groupinfo; + + if((dn = ldap_get_dn(m_ldap, entry)) != NULL) { + printf("Returned dn: %s\n", dn); + groupinfo.distinguishedName = dn; + TQStringList dnParts = TQStringList::split(",", dn); + TQString id = dnParts[0]; + if (id.startsWith("cn=")) { + id = id.remove(0, 3); + groupinfo.name = id; + } + ldap_memfree(dn); + } + + for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) { + if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) { +for(i = 0; vals[i] != NULL; i++) { + printf("[RAJA DEBUG 110.3] %s: %s\n\r", attr, vals[i]->bv_val); +} + groupinfo.informationValid = true; + TQString ldap_field = attr; + i=0; + if (ldap_field == "creatorsName") { + groupinfo.creatorsName = vals[i]->bv_val; + } + else if (ldap_field == "member") { + TQStringList members; + for(i = 0; vals[i] != NULL; i++) { + TQString userdn = vals[i]->bv_val; + if (userdn.startsWith("cn=placeholder,dc=")) { + continue; + } + members.append(userdn); + } + groupinfo.userlist = members; + } + else if (ldap_field == "gidNumber") { + groupinfo.gid = atoi(vals[i]->bv_val); + } + ldap_value_free_len(vals); + } + ldap_memfree(attr); + } + + if (ber != NULL) { + ber_free(ber, 0); + } + + printf("\n\r"); + + return groupinfo; +} + +LDAPMachineInfo LDAPManager::parseLDAPMachineRecord(LDAPMessage* entry) { + char* dn = NULL; + char* attr; + struct berval **vals; + BerElement* ber; + int i; + + LDAPMachineInfo machineinfo; + + if((dn = ldap_get_dn(m_ldap, entry)) != NULL) { + printf("Returned dn: %s\n", dn); + machineinfo.distinguishedName = dn; + TQStringList dnParts = TQStringList::split(",", dn); + TQString id = dnParts[0]; + if (id.startsWith("krb5PrincipalName=host/")) { + id = id.remove(0, 23); + id.replace("@"+m_realm, ""); + machineinfo.name = id; + } + ldap_memfree(dn); + } + + for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) { + if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) { +for(i = 0; vals[i] != NULL; i++) { + printf("[RAJA DEBUG 120.3] %s: %s\n\r", attr, vals[i]->bv_val); +} + machineinfo.informationValid = true; + TQString ldap_field = attr; + i=0; + if (ldap_field == "creatorsName") { + machineinfo.creatorsName = vals[i]->bv_val; + } + else if (ldap_field == "krb5KDCFlags") { + machineinfo.status = (LDAPKRB5Flags)(atoi(vals[i]->bv_val)); + } + ldap_value_free_len(vals); + } + ldap_memfree(attr); + } + + if (ber != NULL) { + ber_free(ber, 0); + } + + printf("\n\r"); + + return machineinfo; +} + +LDAPGroupInfoList LDAPManager::groups() { + int retcode; + LDAPGroupInfoList groups; +printf("[RAJA DEBUG 110.0] In LDAPManager::groups()\n\r"); fflush(stdout); + + if (bind() < 0) { + return LDAPGroupInfoList(); + } + else { +printf("[RAJA DEBUG 110.1] In LDAPManager::groups() bind was OK\n\r"); fflush(stdout); + LDAPMessage* msg; + TQString ldap_base_dn = m_basedc; + TQString ldap_filter = "(objectClass=posixGroup)"; + struct timeval timeout; + timeout.tv_sec = 10; // 10 second timeout + retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, &timeout, 0, &msg); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return LDAPGroupInfoList(); + } + +printf("[RAJA DEBUG 110.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg)); + + // Iterate through the returned entries + LDAPMessage* entry; + for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) { + // RAJA + groups.append(parseLDAPGroupRecord(entry)); + } + + // clean up + ldap_msgfree(msg); + + return groups; + } + + return LDAPGroupInfoList(); +} + +LDAPMachineInfoList LDAPManager::machines() { + int retcode; + LDAPMachineInfoList machines; +printf("[RAJA DEBUG 120.0] In LDAPManager::machines()\n\r"); fflush(stdout); + + if (bind() < 0) { + return LDAPMachineInfoList(); + } + else { +printf("[RAJA DEBUG 120.1] In LDAPManager::machines() bind was OK\n\r"); fflush(stdout); + LDAPMessage* msg; + TQString ldap_base_dn = m_basedc; + TQString ldap_filter = "(&(objectClass=krb5Principal)(uid=host/*))"; + retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, NULL, 0, &msg); + if (retcode != LDAP_SUCCESS) { + KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error")); + return LDAPMachineInfoList(); + } + +printf("[RAJA DEBUG 120.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg)); + + // Iterate through the returned entries + LDAPMessage* entry; + for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) { + // RAJA + machines.append(parseLDAPMachineRecord(entry)); + } + + // clean up + ldap_msgfree(msg); + + return machines; + } + + return LDAPMachineInfoList(); +} + +// =============================================================================================================== +// +// DATA CLASS CONSTRUCTORS AND DESTRUCTORS +// +// =============================================================================================================== + +LDAPUserInfo::LDAPUserInfo() { + // TQStrings are always initialized to TQString::null, so they don't need initialization here... + informationValid = false; + + uid = -1; + primary_gid = -1; + status = (LDAPKRB5Flags)0; + account_created = TQDateTime::fromString("1970-01-01T00:00:00", TQt::ISODate); + account_modified = TQDateTime::fromString("1970-01-01T00:00:00", TQt::ISODate); + password_last_changed = TQDateTime::fromString("1970-01-01T00:00:00", TQt::ISODate); + password_expires = false; + password_expiration = TQDateTime::fromString("1970-01-01T00:00:00", TQt::ISODate); + password_ages = false; + new_password_interval = -1; + new_password_warn_interval = -1; + new_password_lockout_delay = -1; + password_has_minimum_age = false; + password_minimum_age = -1; + maximum_ticket_lifetime = -1; +} + +LDAPUserInfo::~LDAPUserInfo() { + // +} + +LDAPGroupInfo::LDAPGroupInfo() { + // TQStrings are always initialized to TQString::null, so they don't need initialization here... + informationValid = false; + + gid = -1; +} + +LDAPGroupInfo::~LDAPGroupInfo() { + // +} + +LDAPMachineInfo::LDAPMachineInfo() { + // TQStrings are always initialized to TQString::null, so they don't need initialization here... + informationValid = false; + + status = (LDAPKRB5Flags)0; +} + +LDAPMachineInfo::~LDAPMachineInfo() { + // +} + +#include "libtdeldap.moc"
\ No newline at end of file diff --git a/src/libtdeldap.h b/src/libtdeldap.h new file mode 100644 index 0000000..a1369a1 --- /dev/null +++ b/src/libtdeldap.h @@ -0,0 +1,224 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * [email protected] * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#ifndef _LIBTDELDAP_H_ +#define _LIBTDELDAP_H_ + +#include <unistd.h> +#include <ldap.h> + +#include <tqobject.h> +#include <tqstring.h> +#include <tqdatetime.h> +#include <tqvaluelist.h> + +// Values from hdb.asn1 +enum LDAPKRB5Flags { + KRB5_INITIAL = 0x00000001, + KRB5_FORWARDABLE = 0x00000002, + KRB5_PROXIABLE = 0x00000004, + KRB5_RENEWABLE = 0x00000008, + KRB5_POSTDATE = 0x00000010, + KRB5_SERVER = 0x00000020, + KRB5_CLIENT = 0x00000040, + KRB5_INVALID = 0x00000080, + KRB5_REQUIRE_PREAUTH = 0x00000100, + KRB5_CHANGE_PW = 0x00000200, + KRB5_REQUIRE_HWAUTH = 0x00000400, + KRB5_OK_AS_DELEGATE = 0x00000800, + KRB5_USER_TO_USER = 0x00001000, + KRB5_IMMUTABLE = 0x00002000, + KRB5_TRUSTED_FOR_DELEGATION = 0x00004000, + KRB5_ALLOW_KERBEROS_4 = 0x00008000, + KRB5_ALLOW_DIGEST = 0x00010000, + KRB5_LOCKED_OUT = 0x00020000, + + KRB5_ACTIVE_DEFAULT = KRB5_FORWARDABLE | KRB5_RENEWABLE | KRB5_CLIENT | KRB5_CHANGE_PW, + KRB5_DISABLED_ACCOUNT = KRB5_FORWARDABLE | KRB5_SERVER | KRB5_INVALID | KRB5_REQUIRE_PREAUTH | KRB5_REQUIRE_HWAUTH | KRB5_OK_AS_DELEGATE | KRB5_USER_TO_USER, + KRB5_MACHINE_ACCOUNT_DEFAULT = KRB5_FORWARDABLE | KRB5_PROXIABLE | KRB5_RENEWABLE | KRB5_POSTDATE | KRB5_SERVER | KRB5_CLIENT, + KRB5_FLAG_MAX = 0x80000000 +}; + +typedef TQValueList<uid_t> UserList; +typedef TQValueList<gid_t> GroupList; + +class LDAPCredentials +{ + public: + TQString username; + TQCString password; + TQString realm; +}; + +class LDAPUserInfo +{ + public: + LDAPUserInfo(); + ~LDAPUserInfo(); + + public: + bool informationValid; + TQString distinguishedName; + TQString creatorsName; + + TQString name; + uid_t uid; + TQString shell; + TQString homedir; + gid_t primary_gid; + LDAPKRB5Flags status; // Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT] + TQCString new_password; + TQDateTime account_created; + TQDateTime account_modified; + TQDateTime password_last_changed; + bool password_expires; + TQDateTime password_expiration; + bool password_ages; + int new_password_interval; + int new_password_warn_interval; + int new_password_lockout_delay; + bool password_has_minimum_age; + int password_minimum_age; + int maximum_ticket_lifetime; + + // Page 1 + TQString commonName; + TQString givenName; + TQString surName; + TQString initials; + TQString title; + TQString email; + TQString description; + TQString locality; + TQString telephoneNumber; + TQString faxNumber; + TQString homePhone; + TQString mobilePhone; + TQString pagerNumber; + TQString website; + + // Page 2 + TQString poBox; + TQString street; + TQString address; + TQString state; + TQString postcode; + TQString registeredAddress; + TQString homeAddress; + + // Page 3 + TQString seeAlso; + TQString deliveryOffice; + TQString department; + TQString roomNumber; + TQString employeeType; + TQString employeeNumber; + TQString manager; + TQString secretary; + TQString isdnNumber; + TQString teletexID; + TQString telexNumber; + TQString preferredDelivery; + TQString destinationIndicator; + TQString x121Address; + TQString displayName; + TQString preferredLanguage; + TQString uniqueIdentifier; + TQString businessCategory; + TQString carLicense; + TQString notes; +}; + +class LDAPGroupInfo +{ + public: + LDAPGroupInfo(); + ~LDAPGroupInfo(); + + public: + bool informationValid; + TQString distinguishedName; + TQString creatorsName; + + TQString name; + gid_t gid; + TQStringList userlist; +}; + +class LDAPMachineInfo +{ + public: + LDAPMachineInfo(); + ~LDAPMachineInfo(); + + public: + bool informationValid; + TQString distinguishedName; + TQString creatorsName; + + TQString name; + LDAPKRB5Flags status; +}; + +typedef TQValueList<LDAPUserInfo> LDAPUserInfoList; +typedef TQValueList<LDAPGroupInfo> LDAPGroupInfoList; +typedef TQValueList<LDAPMachineInfo> LDAPMachineInfoList; + +class LDAPManager : public TQObject { + Q_OBJECT + + public: + LDAPManager(TQString realm, TQString host, TQObject *parent=0, const char *name=0); + ~LDAPManager(); + + TQString realm(); + TQString basedn(); + int bind(); + int unbind(bool force); + LDAPUserInfoList users(); + LDAPGroupInfoList groups(); + LDAPMachineInfoList machines(); + LDAPUserInfo getUserByDistinguishedName(TQString dn); + LDAPGroupInfo getGroupByDistinguishedName(TQString dn); + int updateUserInfo(LDAPUserInfo user); + int updateGroupInfo(LDAPGroupInfo group); + int addUserInfo(LDAPUserInfo user); + int addGroupInfo(LDAPGroupInfo group); + int deleteUserInfo(LDAPUserInfo user); + int deleteGroupInfo(LDAPGroupInfo group); + int deleteMachineInfo(LDAPMachineInfo machine); + + LDAPCredentials currentLDAPCredentials(); + + private: + LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry); + LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry); + LDAPMachineInfo parseLDAPMachineRecord(LDAPMessage* entry); + + private: + TQString m_realm; + TQString m_host; + int m_port; + TQString m_basedc; + LDAPCredentials* m_creds; + LDAP *m_ldap; +}; + +#endif // _LIBTDELDAP_H_
\ No newline at end of file diff --git a/stamp-h.in b/stamp-h.in new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/stamp-h.in @@ -0,0 +1,3 @@ +doc +po +src |