summaryrefslogtreecommitdiffstats
path: root/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp')
-rw-r--r--src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp57
1 files changed, 31 insertions, 26 deletions
diff --git a/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp b/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp
index 7d53e55..f0c65b1 100644
--- a/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp
+++ b/src/modules/UserConfigBackendKrb5/UserConfigBackendKrb5.cpp
@@ -30,12 +30,12 @@ namespace Modules {
namespace UserConfigBackendKrb5 {
void UserConfigBackendKrb5::_connect() {
- if(principal.empty()) {
+ if(principal.isEmpty()) {
application->log(Core::Logger::LOG_USER, Core::Logger::LOG_ERROR, "UserConfigBackendKrb5: no principal given");
return;
}
- if(realm.empty()) {
+ if(realm.isEmpty()) {
application->log(Core::Logger::LOG_USER, Core::Logger::LOG_ERROR, "UserConfigBackendKrb5: no realm given and no default realm available");
return;
}
@@ -49,20 +49,22 @@ void UserConfigBackendKrb5::_connect() {
}
kadm5_config_params params;
- params.realm = const_cast<char*>(realm.c_str());
+ std::string realmStr = realm.toLocale();
+ params.realm = const_cast<char*>(realmStr.c_str());
params.mask = KADM5_CONFIG_REALM;
- if(!server.empty()) {
- params.admin_server = const_cast<char*>(server.c_str());
+ std::string serverStr = server.toLocale();
+ if(!serverStr.empty()) {
+ params.admin_server = const_cast<char*>(serverStr.c_str());
params.mask |= KADM5_CONFIG_ADMIN_SERVER;
}
- std::string princ = principal;
- if(princ.find('@') == std::string::npos)
+ Core::String princ = principal;
+ if(princ.indexOf('@') < 0)
princ += "@" + realm;
- if(!password.empty() && keytab.empty()) {
- krb5_error_code err = kadm5_init_with_password(const_cast<char*>(princ.c_str()), const_cast<char*>(password.c_str()),
+ if(!password.isEmpty() && keytab.isEmpty()) {
+ krb5_error_code err = kadm5_init_with_password(const_cast<char*>(princ.toLocale().c_str()), const_cast<char*>(password.toLocale().c_str()),
const_cast<char*>(KADM5_ADMIN_SERVICE), &params, KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, 0, &handle);
if(err) {
@@ -72,10 +74,13 @@ void UserConfigBackendKrb5::_connect() {
}
else {
char *keytabName = 0;
- if(!keytab.empty())
- keytabName = const_cast<char*>(keytab.c_str());
- krb5_error_code err = kadm5_init_with_skey(const_cast<char*>(princ.c_str()), keytabName,
+ std::string keytabStr = keytab.toLocale();
+ if(!keytabStr.empty()) {
+ keytabName = const_cast<char*>(keytabStr.c_str());
+ }
+
+ krb5_error_code err = kadm5_init_with_skey(const_cast<char*>(princ.toLocale().c_str()), keytabName,
const_cast<char*>(KADM5_ADMIN_SERVICE), &params, KADM5_STRUCT_VERSION, KADM5_API_VERSION_2, 0, &handle);
if(err) {
@@ -102,23 +107,23 @@ bool UserConfigBackendKrb5::handleConfigEntry(const Core::ConfigEntry &entry, bo
if(entry[2].getKey().matches("Realm")) {
if(entry[3].isEmpty())
- realm = entry[2][0].extract();
+ realm = entry[2][0];
}
else if(entry[2].getKey().matches("Principal")) {
if(entry[3].isEmpty())
- principal = entry[2][0].extract();
+ principal = entry[2][0];
}
else if(entry[2].getKey().matches("Server")) {
if(entry[3].isEmpty())
- server = entry[2][0].extract();
+ server = entry[2][0];
}
else if(entry[2].getKey().matches("Password")) {
if(entry[3].isEmpty())
- password = entry[2][0].extract();
+ password = entry[2][0];
}
else if(entry[2].getKey().matches("Keytab")) {
if(entry[3].isEmpty())
- keytab = entry[2][0].extract();
+ keytab = entry[2][0];
}
else if(!entry[2].isEmpty())
return false;
@@ -133,7 +138,7 @@ void UserConfigBackendKrb5::configFinished() {
void UserConfigBackendKrb5::checkUserInfo(const Common::UserInfo &userInfo) throw(Core::Exception) {
- std::string username = userInfo.getUsername().extract();
+ std::string username = userInfo.getUsername().toLocale();
if(std::strcspn(username.c_str(), "/@") != username.length())
throw Core::Exception(Core::Exception::INVALID_INPUT);
@@ -147,11 +152,11 @@ void UserConfigBackendKrb5::addUser(const Common::UserInfo &userInfo) throw(Core
if(!context || !handle)
throw Core::Exception(Core::Exception::NOT_AVAILABLE);
- std::string princStr = userInfo.getUsername().extract() + "@" + realm;
+ Core::String princStr = userInfo.getUsername() + "@" + realm;
kadm5_principal_ent_rec princ;
- krb5_error_code err = krb5_parse_name(context, princStr.c_str(), &princ.principal);
+ krb5_error_code err = krb5_parse_name(context, princStr.toLocale().c_str(), &princ.principal);
if(err)
throw Core::Exception("krb5_parse_name", Core::Exception::INTERNAL_ERRNO, err);
@@ -230,10 +235,10 @@ void UserConfigBackendKrb5::deleteUser(const Common::UserInfo &userInfo) throw(C
if(!context || !handle)
throw Core::Exception(Core::Exception::NOT_AVAILABLE);
- std::string princStr = userInfo.getUsername().extract() + "@" + realm;
+ Core::String princStr = userInfo.getUsername() + "@" + realm;
krb5_principal princ;
- krb5_error_code err = krb5_parse_name(context, princStr.c_str(), &princ);
+ krb5_error_code err = krb5_parse_name(context, princStr.toLocale().c_str(), &princ);
if(err)
throw Core::Exception("krb5_parse_name", Core::Exception::INTERNAL_ERRNO, err);
@@ -255,7 +260,7 @@ void UserConfigBackendKrb5::deleteUser(const Common::UserInfo &userInfo) throw(C
application->logf(Core::Logger::LOG_USER, Core::Logger::LOG_WARNING, "kadm5_delete_principal: %s", krb5_get_error_message(context, err));
}
-void UserConfigBackendKrb5::setPassword(const Common::UserInfo &userInfo, const std::string &password) throw(Core::Exception) {
+void UserConfigBackendKrb5::setPassword(const Common::UserInfo &userInfo, const Core::String &password) throw(Core::Exception) {
application->getThreadManager()->detach();
boost::lock_guard<boost::mutex> lock(mutex);
@@ -263,17 +268,17 @@ void UserConfigBackendKrb5::setPassword(const Common::UserInfo &userInfo, const
if(!context || !handle)
throw Core::Exception(Core::Exception::NOT_AVAILABLE);
- std::string princStr = userInfo.getUsername().extract() + "@" + realm;
+ Core::String princStr = userInfo.getUsername() + "@" + realm;
krb5_principal princ;
- krb5_error_code err = krb5_parse_name(context, princStr.c_str(), &princ);
+ krb5_error_code err = krb5_parse_name(context, princStr.toLocale().c_str(), &princ);
if(err)
throw Core::Exception("krb5_parse_name", Core::Exception::INTERNAL_ERRNO, err);
int retryCount = 3;
do {
- err = kadm5_chpass_principal(handle, princ, const_cast<char*>(password.c_str()));
+ err = kadm5_chpass_principal(handle, princ, const_cast<char*>(password.toLocale().c_str()));
if(err == KADM5_RPC_ERROR && retryCount > 0) {
application->log(Core::Logger::LOG_USER, Core::Logger::LOG_VERBOSE, "Connection to kerberos admin server lost. Reconnecting...");
_connect();
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-06 02:38:36 +0200