[yast-commit] r48589 - in /trunk/ldap-server: ./ agents/ src/ src/agent/ src/lib/
Author: rhafer Date: Fri Jun 27 15:56:38 2008 New Revision: 48589 URL: http://svn.opensuse.org/viewcvs/yast?rev=48589&view=rev Log: Initial import of back-config work Added: trunk/ldap-server/src/agent/ trunk/ldap-server/src/agent/Makefile.am trunk/ldap-server/src/agent/SlapdConfigAgent.cc trunk/ldap-server/src/agent/SlapdConfigAgent.h trunk/ldap-server/src/agent/Y2CCSlapdConfigAgent.cc trunk/ldap-server/src/lib/ trunk/ldap-server/src/lib/Makefile.am trunk/ldap-server/src/lib/backConfigTest.cpp trunk/ldap-server/src/lib/backConfigTest.h trunk/ldap-server/src/widgets.ycp Modified: trunk/ldap-server/agents/Makefile.am trunk/ldap-server/agents/ldapserver.scr trunk/ldap-server/configure.in.in trunk/ldap-server/src/LdapServer.pm trunk/ldap-server/src/Makefile.am trunk/ldap-server/src/complex.ycp trunk/ldap-server/src/dialogs.ycp trunk/ldap-server/src/ldap-server.ycp trunk/ldap-server/src/ldap-server_proposal.ycp trunk/ldap-server/src/tree_structure.ycp Modified: trunk/ldap-server/agents/Makefile.am URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/agents/Makefile.am?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/agents/Makefile.am (original) +++ trunk/ldap-server/agents/Makefile.am Fri Jun 27 15:56:38 2008 @@ -1,9 +1,8 @@ # Makefile.am for ldap-server/agents -agent_SCRIPTS = ag_ldapserver scrconf_DATA = \ ldapserver.scr \ cfg_openldap.scr -EXTRA_DIST = $(agent_SCRIPTS) $(scrconf_DATA) +EXTRA_DIST = $(scrconf_DATA) Modified: trunk/ldap-server/agents/ldapserver.scr URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/agents/ldapserver.scr?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/agents/ldapserver.scr (original) +++ trunk/ldap-server/agents/ldapserver.scr Fri Jun 27 15:56:38 2008 @@ -15,7 +15,6 @@ * Write (.ldapserver.database, string dbsuffix, map options) */ .ldapserver -`ag_ldapserver ( `LDAPCONFIG ($[ - "file" : "/etc/openldap/slapd.conf" - ]) +`ag_slapdconfig ( + `SlapdConfigAgent() ) Modified: trunk/ldap-server/configure.in.in URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/configure.in.in?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/configure.in.in (original) +++ trunk/ldap-server/configure.in.in Fri Jun 27 15:56:38 2008 @@ -2,11 +2,21 @@ ## Initialize @YAST2-INIT-COMMON@ +@YAST2-INIT-PROGRAM@ @YAST2-INIT-YCP@ ## some common checks @YAST2-CHECKS-COMMON@ +@YAST2-CHECKS-PROGRAM@ @YAST2-CHECKS-YCP@ +AC_LANG_PUSH(C++) +yast_found_ldappplib=no +AC_CHECK_HEADER(LDAPSchema.h,[yast_found_ldapcpplib=yes]) +if [[ "$yast_found_ldapcpplib" = "no" ]]; then + AC_MSG_ERROR(Headers for ldapcpplib are missing. Please install the package ldapcpplib-devel.) +fi +AC_LANG_POP(C++) + ## and generate the output... @YAST2-OUTPUT@ Modified: trunk/ldap-server/src/LdapServer.pm URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/src/LdapServer.pm (original) +++ trunk/ldap-server/src/LdapServer.pm Fri Jun 27 15:56:38 2008 @@ -2,7 +2,7 @@ # File: modules/LdapServer.pm # Package: Configuration of ldap-server # Summary: LdapServer settings, input and output functions -# Authors: Andreas Bauer <abauer@suse.de> +# Authors: Ralf Haferkamp <rhafer@suse.de>, Andreas Bauer <abauer@suse.de> # # $Id$ # @@ -14,395 +14,28 @@ use strict; -use ycp; -use YaST::YCP qw(Boolean); - -use YaPI; -textdomain("ldap-server"); +use Data::Dumper; -use YaPI::LdapServer; use X500::DN; +use ycp; +use YaST::YCP qw(Boolean); our %TYPEINFO; -YaST::YCP::Import ("Package"); YaST::YCP::Import ("Progress"); -YaST::YCP::Import ("Report"); -YaST::YCP::Import ("Summary"); -YaST::YCP::Import ("SuSEFirewall"); +YaST::YCP::Import ("Service"); +my %error = ( msg => undef, details => undef ); -## - # Data was modified? - # -my $modified = 0; +my $usesBackConfig = 0; +my $slapdConfChanged = 0; +my $serviceEnabled = 0; +my $registerSlp = 0; +my @loglevel = (); +my %dbDefaults = (); -## - # -my $proposal_valid = 0; - -## - # Write only, used during autoinstallation. - # Don't run services and SuSEconfig, it's all done at one place. - # -my $write_only = 0; - -## - # Data was modified? - # @return true if modified - # -BEGIN { $TYPEINFO {Modified} = ["function", "boolean"]; } -sub Modified { - y2debug ("modified=$modified"); - return $modified; -} - -## - # Data was modified - # -BEGIN { $TYPEINFO {SetModified} = ["function", "void", "boolean"]; } -sub SetModified { - $modified = shift; - y2debug ("modified=$modified"); -} - -# Settings: Define all variables needed for configuration of ldap-server -# TODO FIXME: Define all the variables necessary to hold -# TODO FIXME: the configuration here (with the appropriate -# TODO FIXME: description) -# TODO FIXME: For example: -# ## -# # List of the configured cards. -# # -# my @cards = (); -# -# ## -# # Some additional parameter needed for the configuration. -# # -# my $additional_parameter = 1; - - -my $dbList = []; - -my $overlays = {}; - -my $database = {}; - -my $allowList = []; - -my $loglevel = 256; - -my $tlsSettings = {}; - -my $configureCommonServerCertificate = 0; - -my $commonServerCertificateAvailable = 0; - -my $dbListNEW = []; - -my $databaseNEW = {}; - -my $serviceEnabled = 1; - -my $useRootPW = 0; - -my $importCertificates = {}; - -my $SLPEnabled = 1; - -my $schemaIncludeList = []; - -BEGIN { $TYPEINFO{WriteDbList} = ["function", "boolean", ["list", "string"]]; } -sub WriteDbList { - my $self = shift; - $dbList = shift; - return 1; -} - -BEGIN { $TYPEINFO{ReadDbList} = ["function", ["list", "string"]]; } -sub ReadDbList { - my $self = shift; - return $dbList; -} - -use Data::Dumper; -# -# Validate Suffix and Root-DN of a database -# -BEGIN { $TYPEINFO{CheckDatabase} = ["function", "string", ["map", "string", "any"]]; } -sub CheckDatabase { - my $self = shift; - my $data = shift; - - # validate Suffix - if(! defined $data->{suffix} || $data->{suffix} eq "") { - # error message - return __("Invalid suffix."); - } - my $object = X500::DN->ParseRFC2253($data->{suffix}); - - if(! defined $object) { - return __("Invalid suffix."); - } - - # validate Root DN - if(! defined X500::DN->ParseRFC2253($data->{rootdn})) { - # parameter check failed - return __("Invalid 'rootdn'."); - } - - # rootdn must be a child of the suffix - if($data->{suffix} ne substr($data->{rootdn}, - length($data->{rootdn}) - length($data->{suffix}))) { - # parameter check failed - return __("'rootdn' must be below the 'suffix'."); - } - - if(! defined $data->{rootdn} || $data->{rootdn} eq "" ) { - $data->{rootdn} = "cn=Administrator,".$data->{suffix}; - } - - if(! defined $data->{directory} || $data->{directory} !~ /^\// ) { - # error message - return __("Invalid directory path."); - } - - return ""; -} - -BEGIN { $TYPEINFO{WriteDatabase} = ["function", "boolean", ["map", "string", "any"]]; } -sub WriteDatabase { - my $self = shift; - $database = shift; - return 1; -} - -BEGIN { $TYPEINFO{ReadDatabase} = ["function", ["map", "string", "any"]]; } -sub ReadDatabase { - my $self = shift; - return $database; -} - -BEGIN { $TYPEINFO{WriteAllowList} = ["function", "boolean", ["list", "string"]]; } -sub WriteAllowList { - my $self = shift; - $allowList = shift; - return 1; -} -BEGIN { $TYPEINFO{ReadAllowList} = ["function", ["list", "string"]]; } -sub ReadAllowList { - my $self = shift; - return $allowList; -} - -BEGIN { $TYPEINFO{WriteLoglevel} = ["function", "boolean", "integer"]; } -sub WriteLoglevel { - my $self = shift; - $loglevel = shift; - return 1; -} -BEGIN { $TYPEINFO{ReadLoglevel} = ["function", "integer"]; } -sub ReadLoglevel { - my $self = shift; - return $loglevel; -} - -BEGIN { $TYPEINFO{WriteTlsSettings} = ["function", "boolean", ["map", "string", "any"]]; } -sub WriteTlsSettings { - my $self = shift; - $tlsSettings = shift; - return 1; -} -BEGIN { $TYPEINFO{ReadTlsSettings} = ["function", ["map", "string", "any"]]; } -sub ReadTlsSettings { - my $self = shift; - return $tlsSettings; -} - -BEGIN { $TYPEINFO{WriteConfigureCommonServerCertificate} = ["function", "boolean", "boolean"]; } -sub WriteConfigureCommonServerCertificate { - my $self = shift; - $configureCommonServerCertificate = shift; - return 1; -} -BEGIN { $TYPEINFO{ReadConfigureCommonServerCertificate} = ["function", "boolean"]; } -sub ReadConfigureCommonServerCertificate { - my $self = shift; - return $configureCommonServerCertificate; -} - -BEGIN { $TYPEINFO{ReadCommonServerCertificateAvailable} = ["function", "boolean"]; } -sub ReadCommonServerCertificateAvailable { - my $self = shift; - return $commonServerCertificateAvailable; -} - -BEGIN { $TYPEINFO{WriteDbListNEW} = ["function", "boolean", ["list", "string"]]; } -sub WriteDbListNEW { - my $self = shift; - $dbListNEW = shift; - return 1; -} - -BEGIN { $TYPEINFO{ReadDbListNEW} = ["function", ["list", "string"]]; } -sub ReadDbListNEW { - my $self = shift; - return $dbListNEW; -} - -BEGIN { $TYPEINFO{WriteDatabaseNEW} = ["function", "boolean", ["map", "string", "any"]]; } -sub WriteDatabaseNEW { - my $self = shift; - $databaseNEW = shift; - return 1; -} -BEGIN { $TYPEINFO{ReadDatabaseNEW} = ["function", ["map", "string", "any"]]; } -sub ReadDatabaseNEW { - my $self = shift; - return $databaseNEW; -} - -BEGIN { $TYPEINFO{WriteServiceEnabled} = ["function", "boolean", "boolean"]; } -sub WriteServiceEnabled { - my $self = shift; - $serviceEnabled = shift; - return 1; -} -BEGIN { $TYPEINFO{ReadServiceEnabled} = ["function", "boolean"]; } -sub ReadServiceEnabled { - my $self = shift; - return $serviceEnabled; -} - -BEGIN { $TYPEINFO{WriteUseRootPW} = ["function", "boolean", "boolean"]; } -sub WriteUseRootPW { - my $self = shift; - $useRootPW = shift; - return 1; -} - -BEGIN { $TYPEINFO{ReadUseRootPW} = ["function", "boolean"]; } -sub ReadUseRootPW { - my $self = shift; - return $useRootPW; -} - -BEGIN { $TYPEINFO{WriteImportCertificates} = ["function", "boolean", ["map", "string", "string"]]; } -sub WriteImportCertificates { - my $self = shift; - $importCertificates = shift; - return 1; -} - -BEGIN { $TYPEINFO{ReadImportCertificates} = ["function", ["map", "string", "string"]]; } -sub ReadImportCertificates { - my $self = shift; - return $importCertificates; -} - -BEGIN { $TYPEINFO{WriteSLPEnabled} = ["function", "boolean", "boolean"] } -sub WriteSLPEnabled -{ - my $self = shift; - $SLPEnabled = shift; - return 1; -} - -BEGIN { $TYPEINFO{ReadSLPEnabled} = ["function", "boolean"] } -sub ReadSLPEnabled -{ - my $self = shift; - return $SLPEnabled; -} - -BEGIN { $TYPEINFO{WriteSchemaIncludeList} = ["function", "boolean", ["list", "string"]] } -sub WriteSchemaIncludeList -{ - my $self = shift; - $schemaIncludeList = shift; - return 1; -} - -BEGIN { $TYPEINFO{ReadSchemaIncludeList} = ["function", ["list", "string"]] } -sub ReadSchemaIncludeList -{ - my $self = shift; - return $schemaIncludeList; -} - -BEGIN { $TYPEINFO{AddDatabase} = ["function", "boolean", ["map", "string", "any"]]; } -sub AddDatabase { - my $self = shift; - my $data = shift; - - my $chkResult = $self->CheckDatabase($data); - if ( $chkResult ne "" ) { - Report->Error($chkResult); - return 0; - } - - if(! defined $data->{database} || !grep( ($_ eq $data->{database}), ("bdb", "ldbm"))) { - $data->{database} = "bdb"; - } - - if(! defined $data->{rootdn} || $data->{rootdn} eq "" ) { - $data->{rootdn} = "cn=Administrator,".$data->{suffix}; - } - - if ((! defined $data->{passwd} || $data->{passwd} eq "" ) && - (! defined $data->{rootpw} || $data->{rootpw} eq "" ) ){ - # error message - Report->Error(__("Invalid password.")); - return 0; - } - - if(! defined $data->{cryptmethod} || !grep( ($_ eq $data->{cryptmethod}), - ("CRYPT", "SMD5", "SHA", "SSHA", "PLAIN"))) { - $data->{cryptmethod} = "SSHA"; - } - - if(! defined $data->{cachesize} || $data->{cachesize} !~ /^\d+$/ ) { - $data->{cachesize} = 10000; - } - - if($data->{database} eq "bdb") { - if(defined $data->{checkpoint} && $data->{checkpoint} ne "") { - my @cp = split(/\s+/, $data->{checkpoint}); - if(!defined $cp[0] || !defined $cp[1] || - $cp[0] !~ /^\d+$/ || $cp[1] !~ /^\d+$/) { - $cp[0] = "1024"; - $cp[1] = "5"; - } - $data->{checkpoint} = $cp[0]." ".$cp[1]; - } else { - $data->{checkpoint} = "1024 5"; - } - } - ####################################################### - - push @$dbListNEW, $data->{suffix}; - - $databaseNEW->{$data->{suffix}}->{database} = $data->{database}; - $databaseNEW->{$data->{suffix}}->{suffix} = $data->{suffix}; - $databaseNEW->{$data->{suffix}}->{rootdn} = $data->{rootdn}; - $databaseNEW->{$data->{suffix}}->{passwd} = $data->{passwd}; - $databaseNEW->{$data->{suffix}}->{rootpw} = $data->{rootpw}; - $databaseNEW->{$data->{suffix}}->{cryptmethod} = $data->{cryptmethod}; - $databaseNEW->{$data->{suffix}}->{directory} = $data->{directory}; - $databaseNEW->{$data->{suffix}}->{createdatabasedir} = $data->{createdatabasedir}; - $databaseNEW->{$data->{suffix}}->{cachesize} = $data->{cachesize}; - $databaseNEW->{$data->{suffix}}->{ppolicy_default_changed} = $data->{ppolicy_default_changed}; - if($data->{database} eq "bdb") { - $databaseNEW->{$data->{suffix}}->{checkpoint} = $data->{checkpoint}; - } - if( exists $data->{'overlay'} ) { - $databaseNEW->{$data->{'suffix'}}->{'overlay'} = $data->{'overlay'}; - } - - $modified = 1; - - return 1; -} +my @databases = (); +my @schema = (); ## # Read all ldap-server settings @@ -410,134 +43,66 @@ # BEGIN { $TYPEINFO{Read} = ["function", "boolean"]; } sub Read { + y2milestone(""); - # If we got here and the package in not installed, the service is - # not configured (e.g. we are called from AutoYaST clone system) - if (!Package->Installed("openldap2")) - { - y2milestone ("Openldap2 is not installed. --> service disabled"); - $serviceEnabled = 0; - return 1; - } - - # LdapServer read dialog caption - my $caption = __("Initializing LDAP Server Configuration"); - - # TODO FIXME Set the right number of stages - my $steps = 4; - - my $sl = 0.5; - #sleep($sl); - - # TODO FIXME Names of real stages - # We do not set help text here, because it was set outside - Progress->New( $caption, " ", $steps, [ - # Progress stage 1/3 - __("Read the database list"), - # Progress stage 2/3 - __("Read the databases"), - # Progress stage 3/3 - __("Read global options") - ], [ - # Progress step 1/3 - __("Reading the database list..."), - # Progress step 2/3 - __("Reading the databases..."), - # Progress step 3/3 - __("Reading global options..."), - # Progress finished - __("Finished") - ], - "" - ); - - # read database + my $progressItems = [ "Reading Startup Configuration", + "Reading Configuration Backend", + "Reading Configuration Data" ]; + Progress->New("Initializing LDAP Server Configuration", "Blub", 3, $progressItems, $progressItems, ""); Progress->NextStage(); + my $serviceInfo = Service->FullInfo("ldap"); + my $isRunning = $serviceInfo->{"started"} == 0; # 0 == "running" + my $isEnabled = $serviceInfo->{"start"} > 0; + y2milestone("Serviceinfo: ". Data::Dumper->Dump([$serviceInfo])); + y2milestone("IsRunning: " . $isRunning . " IsEnabled " . $isEnabled); + + Progress->NextStage(); + my $configBackend = SCR->Read('.sysconfig.openldap.OPENLDAP_CONFIG_BACKEND'); + y2milestone("ConfigBackend: " . $configBackend); - $dbList = YaPI::LdapServer->ReadDatabaseList(); - - if(! defined $dbList) + Progress->NextStage(); + if ( $configBackend eq "ldap" ) { - # Error message - Report->Error(__("Cannot read the database list.")); + $usesBackConfig = 1; + if ( $isRunning ) + { + # How do we get the LDAP password? + } + else + { + # LDAP Server not running. Use slapcat to import the config + y2milestone("Using slapcat to import configuration"); + my $rc = SCR->Execute('.target.bash_output', + "/usr/sbin/slapcat -F /etc/openldap/slapd.d -b cn=config" ); +# y2milestone("slapcat result: ". Data::Dumper->Dump([$rc])); + SCR->Execute('.ldapserver.initFromLdif', $rc->{'stdout'}); + $rc = SCR->Read('.ldapserver.databases' ); + y2milestone("Databases: ". Data::Dumper->Dump([$rc])); + #$rc = SCR->Read('.ldapserver.global.tlsSettings' ); + #y2milestone("tlsSettings: ". Data::Dumper->Dump([$rc])); + $rc = SCR->Read('.ldapserver.global.loglevel' ); + y2milestone("loglevel: ". Data::Dumper->Dump([$rc])); + @loglevel = @{$rc}; + } } - #sleep($sl); - - # read another database - Progress->NextStep(); + else + { + # Check if the config file was changed, otherwise we can assume + # that this server is unconfigured and start from scratch + my $exitcode = SCR->Execute('.target.bash', + "rpm -Vf /etc/openldap/slapd.conf | ". + "grep \"/etc/openldap/slapd.conf\"| ". + "cut -d \" \" -f 1 | grep 5" ); - foreach my $db (@$dbList) { - - $database->{$db} = YaPI::LdapServer->ReadDatabase($db); - if(! defined $database->{$db}) - { - # Error message - Report->Error(sprintf(__("Cannot read the database '%s'."), $db)); - } - - if(exists $database->{$db}->{rootpw}) { - my $rootpw = $database->{$db}->{rootpw}; - - if($rootpw =~ /^{(\w+)}/) { - $database->{$db}->{cryptmethod} = uc("$1"); - } else { - $database->{$db}->{cryptmethod} = "PLAIN"; - } - #$database->{$db}->{passwd} = undef; + if ( $exitcode == 0 ) + { + $slapdConfChanged = 1; } + y2milestone("ConfigModifed: " . $slapdConfChanged); } - #sleep($sl); - - # read current settings - Progress->NextStage(); - - $allowList = YaPI::LdapServer->ReadAllowList(); - if(! defined $allowList) - { - # Error message - Report->Error(__("Cannot read the allow list.")); - } - - $loglevel = YaPI::LdapServer->ReadLoglevel(); - if(! defined $loglevel) - { - # Error message - Report->Error(__("Cannot read the log level.")); - } - - $schemaIncludeList = YaPI::LdapServer->ReadSchemaIncludeList(); - if( !defined $schemaIncludeList ) - { - # Error message - Report->Error( __("Cannot read the schema include list.") ); - } - - - $tlsSettings = YaPI::LdapServer->ReadTLS(); - if(! defined $tlsSettings) - { - # Error message - Report->Error(__("Cannot read the TLS settings.")); - } - - $commonServerCertificateAvailable = YaPI::LdapServer->CheckCommonServerCertificate(); - - $serviceEnabled = YaPI::LdapServer->ReadService(); - - $SLPEnabled = YaPI::LdapServer->ReadSLPEnabled(); - $SLPEnabled = 0 if( !defined $SLPEnabled ); - my $progress_orig = Progress->set(0); - SuSEFirewall->Read(); - Progress->set($progress_orig); - #sleep($sl); - - # Progress finished - Progress->NextStage(); - #sleep($sl); - - $modified = 0; + Progress->Finish(); return 1; } @@ -547,297 +112,68 @@ # BEGIN { $TYPEINFO{Write} = ["function", "boolean"]; } sub Write { + my $self = shift; + y2milestone("LdapServer::Write"); + my $ret = 1; + my $progressItems = [ _("Writing Startup Configuration"), + _("Cleaning up config directory"), + _("Creating Configuration"), + _("Starting OpenLDAP Server")]; + Progress->New("Writing OpenLDAP Server Configuration", "", 4, $progressItems, $progressItems, ""); - # LdapServer read dialog caption - my $caption = __("Saving LDAP Server Configuration"); - - # TODO FIXME And set the right number of stages - my $steps = 3; - - my $ret = undef; - - my $sl = 0.5; - #sleep($sl); - - # TODO FIXME Names of real stages - # We do not set help text here, because it was set outside - Progress->New($caption, " ", $steps, [ - __("Write global settings"), - __("Add new databases"), - __("Edit databases"), - ], [ - __("Write global settings"), - __("Add new databases"), - __("Edit databases"), - __("Finished") - ], - "" - ); - - # write settings Progress->NextStage(); - - YaPI::LdapServer->ModifyService($serviceEnabled); - - if( $serviceEnabled ) + my $rc = SCR->Write('.sysconfig.openldap.OPENLDAP_CONFIG_BACKEND', 'ldap'); + if ( ! $rc ) { - $ret = YaPI::LdapServer->WriteAllowList($allowList); - if(! defined $ret) { - # error message - Report->Error (__("Cannot write 'allow list'.")); - } - - $ret = YaPI::LdapServer->WriteLoglevel($loglevel); - if(! defined $ret) { - # error message - Report->Error (__("Cannot write 'loglevel'.")); - } - - - $ret = YaPI::LdapServer->WriteSchemaIncludeList( $schemaIncludeList ); - if(! defined $ret) { - # error message - Report->Error (__("Cannot write schema include list.")); - } - - $ret = YaPI::LdapServer->WriteSLPEnabled( $SLPEnabled ); - if(! defined $ret) { - # error message - Report->Error (__("Cannot write to '/etc/sysconfig/openldap'.")); - } - - if($configureCommonServerCertificate) { - - $ret = YaPI::LdapServer->ConfigureCommonServerCertificate(); - if(! defined $ret) { - # error message - Report->Error (__("Cannot write 'TLS Settings'.")); - } - - } elsif( ( scalar keys %$importCertificates ) > 0 ) { - $ret = YaPI::LdapServer->ImportCertificates( $importCertificates ); - if(! defined $ret) { - # error message - Report->Error (__("Cannot write 'TLS Settings'.")); - y2error( "importCertificates failed" ); - } - } else { - $ret = YaPI::LdapServer->WriteTLS( $tlsSettings ); - if(! defined $ret) { - # error message - Report->Error (__("Cannot write 'TLS Settings'.")); - y2error( "WriteTLS failed" ); - } - } + y2error("Error while switch to config backend"); + $self->SetError( _("Switch from slapd.conf to config backend failed.") ); + Progress->Finish(); + return 0; } - #sleep($sl); - Progress->NextStage(); - my $failure = 0; - if( $serviceEnabled ) + $rc = SCR->Execute('.target.bash', 'rm -rf /etc/openldap/slapd.d/cn=config*' ); + if ( $rc ) { - foreach my $db (@$dbListNEW) { - - $ret = YaPI::LdapServer->AddDatabase($databaseNEW->{$db}); - - if(! defined $ret) - { - # Error message - Report->Error( sprintf( __("Cannot add new database '%s'."), $db ) ); - - # Stop here and don't start the server when creating the first db failed - if ( ( @{$dbList} == 0 ) && ( @{$dbListNEW} == 1 ) ) - { - $failure = 1; - last; - } else { - next; - } - } - - #add indexes - $ret = YaPI::LdapServer->AddIndex( $db, {attr=>"objectClass,uidNumber,gidNumber",param=>"eq"} ); - if(! defined $ret) - { - # Error message - Report->Error(sprintf(__("Cannot add new database '%s'."), $db)); - next; - } - - $ret = YaPI::LdapServer->AddIndex( $db, {attr=>"member,mail",param=>"eq,pres"} ); - if(! defined $ret) - { - # Error message - Report->Error(sprintf(__("Cannot add new database '%s'."), $db)); - next; - } - - $ret = YaPI::LdapServer->AddIndex( $db, {attr=>"cn,displayname,uid,sn,givenname", - param=>"sub,eq,pres"} ); - if(! defined $ret) - { - # Error message - Report->Error(sprintf(__("Cannot add new database '%s'."), $db)); - next; - } - - $ret = YaPI::LdapServer->RecreateIndex( $db ); - if(! defined $ret) - { - # Error message - Report->Error(sprintf(__("Cannot add new database '%s'."), $db)); - next; - } - } - } - if ( $failure ) - { - YaPI::LdapServer->ModifyService(0); + y2error("Error while cleaning up to config directory"); + $self->SetError( _("Config Directory cleanup failed.") ); Progress->Finish(); return 0; - } else { - Progress->NextStage(); - - if( $serviceEnabled ) - { - foreach my $db (@$dbList) { - - $ret = YaPI::LdapServer->EditDatabase($db, $database->{$db}); - - if(! defined $ret) - { - # Error message - Report->Error(sprintf(__("Cannot write the database '%s'."), $db)); - } - - } - } - - YaPI::LdapServer->SwitchService($serviceEnabled); - my $progress_orig = Progress->set(0); - SuSEFirewall->Write(); - Progress->set($progress_orig); - - #sleep($sl); - - # Progress finished - Progress->NextStage(); - sleep(1); - return 1; } -} - -BEGIN { $TYPEINFO{WritePPolicyObjects} = ["function", "boolean"]; } -sub WritePPolicyObjects { - - my $caption = __("Creating Password Policy Objects"); - - # TODO FIXME And set the right number of stages - my $steps = 1; - - my $ret = undef; - - # We do not set help text here, because it was set outside - Progress->New($caption, " ", $steps, [ - __("Check password policy objects"), - ], [ - __("Check password policy objects"), - __("Finished") - ], - "" - ); Progress->NextStage(); - if( $serviceEnabled ) + $rc = SCR->Execute('.target.bash_output', 'mktemp /tmp/slapd-conf-ldif.XXXXXX' ); + if ( $rc->{'exit'} == 0 ) { - foreach my $current ( [$dbList,$database], [$dbListNEW, $databaseNEW] ){ - my $currentDbList = $current->[0]; - my $currentDatabase = $current->[1]; - foreach my $base_dn (@$currentDbList) { - y2milestone("working on defaultpolicy for $base_dn"); - my $ppolicy_hash = LdapServer->GetPasswordPolicyOverlay($base_dn,$currentDatabase); - my $db = $currentDatabase->{$base_dn}; - y2debug("currentDatabase ".Data::Dumper->Dump([$db])); - y2debug("currentppolicy ".Data::Dumper->Dump([$ppolicy_hash])); - if( defined $ppolicy_hash && - exists $db->{ppolicy_default_changed} && - $ppolicy_hash->{'ppolicy_default'} ne "" ) - { - YaST::YCP::Import("Popup"); - YaST::YCP::Import("Ldap"); - YaST::YCP::Import("LdapPopup"); - Ldap->Import ({"ldap_server" => "localhost", - "bind_dn" => "" }); - Ldap->LDAPInit (); - my $res = SCR->Read (".ldap.search", {"base_dn" => $ppolicy_hash->{'ppolicy_default'}, - "filter" => "objectclass=*", - "scope" => 0} ); - if ( defined $res && scalar(@$res) != 0 ) { - # ppolicy object does already exist - y2milestone("default_policy does already exist"); - next; - } - if (! Popup->YesNo( sprintf(__("The default password policy object for -'%s' does not exist. - -Create that object now? -"),$base_dn ) )) - { - next; - } - y2milestone("going to create default_policy object"); - Ldap->Import ({"ldap_server" => "localhost", - "bind_dn" => $db->{'rootdn'} - }); - Ldap->LDAPInit (); - my $pw = $db->{'passwd'}; - my $bind_res = "tmp"; - while( $bind_res ne "" ) { - if (!$pw || $pw eq "" || $pw =~ /^\{/ ) { - $pw = Ldap->GetLDAPPassword(0); - } - $bind_res = Ldap->LDAPBind ($pw); - if ($bind_res ne "" ) { - if (Popup->YesNo( sprintf(__("Authentication failed. The password is probably incorrect. -The error message was: '%s'. -Try again? -"), $bind_res ) ) ) - { - $pw = ""; - } else { - last; - } - } - } - if ( $bind_res ne "" ) { - next; - } - Ldap->InitSchema (); - my $dn = $ppolicy_hash->{'ppolicy_default'}; - my $X500Dn = X500::DN->ParseRFC2253($dn); - my $num_rdn = $X500Dn->getRDNs; - my $rdn = $X500Dn->getRDN($num_rdn-1); - my @rdnAttrType = $rdn->getAttributeTypes(); - y2debug("rdnAttrType ".$rdnAttrType[0]); - my $rdnAttrVal = $rdn->getAttributeValue($rdnAttrType[0]); - my $ppolicy = {"dn" => $dn}; - $ppolicy = LdapPopup->PasswordPolicyDialog ($ppolicy); - if ( keys %{$ppolicy} ) - { - $ppolicy->{"objectclass"} = [ "namedObject", "pwdPolicy" ]; - $ppolicy->{"pwdattribute"} = ["userPassword"]; - $ppolicy->{$rdnAttrType[0]} = [ $rdnAttrVal ]; - SCR->Write (".ldap.add", { "dn" => $dn, "check_attrs" => 1}, $ppolicy) - } - } + my $tmpfile = $rc->{'stdout'}; + chomp $tmpfile; + y2milestone("using tempfile: ".$tmpfile ); + my $ldif = SCR->Read('.ldapserver.configAsLdif' ); + y2milestone($ldif); + $rc = SCR->Write('.target.string', $tmpfile, $ldif ); + if ( $rc ) + { + $rc = SCR->Execute('.target.bash_output', + "/usr/sbin/slapadd -F /etc/openldap/slapd.d -b cn=config -l $tmpfile" ); + if ( $rc->{'exit'} ) + { + y2error("Error during slapadd:" .$rc->{'stderr'}); + $ret = 0; } } + else + { + y2error("Error while write configuration to LDIF file"); + $ret = 0; + } + # cleanup + SCR->Execute('.target.bash', "rm -f $tmpfile" ); } - # Progress finished Progress->NextStage(); + + Progress->Finish(); sleep(1); - return 1; + return $ret; } ## @@ -851,44 +187,6 @@ my $self = shift; my $hash = shift; - if(exists $hash->{allowList}) { - $allowList = $hash->{allowList}; - } - - if(exists $hash->{loglevel}) { - $loglevel = $hash->{loglevel}; - } - - if(exists $hash->{tlsSettings}) { - $tlsSettings = $hash->{tlsSettings}; - } - - if(exists $hash->{schemaIncludeList}) { - $schemaIncludeList = $hash->{schemaIncludeList}; - } - - if(exists $hash->{configureCommonServerCertificate}) { - $configureCommonServerCertificate = $hash->{configureCommonServerCertificate}; - } elsif( exists $hash->{importCertificates} ) { - $importCertificates = $hash->{importCertificates}; - } elsif (exists $hash->{tlsSettings}) { - $tlsSettings = $hash->{tlsSettings}; - } - - if(exists $hash->{database}) { - my $dbs = $hash->{database}; - foreach my $db (@$dbs) { - $db->{createdatabasedir} = 1; - if(! $self->AddDatabase($db)) { - return 0; - } - - } - } - if(exists $hash->{serviceEnabled}) { - $serviceEnabled = $hash->{serviceEnabled}; - } - return 1; } @@ -903,45 +201,6 @@ my $hash = {}; - #$hash->{dbList} = $dbList; - #$hash->{dbListNEW} = $dbListNEW; - - my @database_tmp = (); - foreach my $db (@$dbList) { - push @database_tmp, $database->{$db}; - } - if (scalar(@database_tmp) > 0) { - $hash->{database} = \@database_tmp; - } - my @database_tmp_new = (); - foreach my $db (@$dbListNEW) { - if (! grep( /^$db$/, @$dbList) ){ - foreach my $key (keys %{$databaseNEW->{$db}}) { - if (! defined $databaseNEW->{$db}->{$key} ) { - delete $databaseNEW->{$db}->{$key}; - } - } - push @database_tmp_new, $databaseNEW->{$db}; - } - } - if (scalar(@database_tmp_new) > 0) { - push @{$hash->{database}}, @database_tmp_new; - } - $hash->{allowList} = $allowList; - $hash->{loglevel} = $loglevel; - if($configureCommonServerCertificate) { -#### CA-Management has no real support for AutoYaST-Cloning. So don't export -# commonServerCert CA-Settings for now. -# $hash->{commonServerCertificateAvailable} = $commonServerCertificateAvailable; -# $hash->{configureCommonServerCertificate} = $configureCommonServerCertificate; - } elsif( ( scalar keys %$importCertificates ) > 0 ) { - $hash->{importCertificates} = $importCertificates; - } else { - $hash->{tlsSettings} = $tlsSettings; - } - $hash->{schemaIncludeList} = $schemaIncludeList; - $hash->{serviceEnabled} = $serviceEnabled; - return $hash; } @@ -949,25 +208,21 @@ # Create a textual summary and a list of unconfigured cards # @return summary of the current configuration # -BEGIN { $TYPEINFO{Summary} = ["function", [ "list", "string" ] ]; } +BEGIN { $TYPEINFO{Summary} = ["function", "string" ]; } sub Summary { # Configuration summary text for autoyast - my $string = ""; + my $self = shift; + my $defaults = $self->GetInitialDefaults(); + my $string; -# if($serviceEnabled) { -# $string .= __("Start LDAP server with:<br>"); -# $string .= sprintf(__("<b>baseDN</b>: %s<br>"), $dbList->[0]); -# $string .= sprintf(__("<b>rootDN</b>: %s<br>"), $database->{$dbList->[0]}->{rootdn}); -# if($useRootPW) { -# $string .= __("<b>password</b>: <root password>"); -# } else { -# $string .= __("<b>password</b>: ***"); -# } -# } else { -# $string .= __("LDAP server not running."); -# } + $string .= '<h2>'._("Startup Configuration").'</h2>' + .'<p>'._("Start LDAP Server: ").'<code>'.($defaults->{'serviceEnabled'}->value?_("Yes"):_("No")).'</code></p>' + .'<p>'._("Register at SLP Service: ").'<code>'.($defaults->{'slpRegister'}->value?_("Yes"):_("No")).'</code></p>' + .'<h2>'._("Create initial Database with the following Parameters").'</h2>' + .'<p>'._("Database Suffix: ").'<code>'.$defaults->{'basedn'}.'</code></p>' + .'<p>'._("Administrator DN: ").'<code>'.$defaults->{'rootdn'}.'</code></p>'; - return [ $string ]; + return $string; } ## @@ -996,22 +251,202 @@ return \%ret; } -BEGIN { $TYPEINFO{GetPasswordPolicyOverlay} = ["function", ["map", "string", "string"], "string"]; } -sub GetPasswordPolicyOverlay { +## + # Data was modified? + # @return true if modified + # +BEGIN { $TYPEINFO {Modified} = ["function", "boolean"]; } +sub Modified { + y2milestone(); + return 0; +} +BEGIN { $TYPEINFO {ReadServiceEnabled} = ["function", "boolean"]; } +sub ReadServiceEnabled { + y2milestone("ReadServiceEnabled $serviceEnabled"); + return $serviceEnabled; +} + +BEGIN { $TYPEINFO {SetServiceEnabled} = ["function", "boolean", "boolean"]; } +sub SetServiceEnabled { + my $self = shift; + $serviceEnabled = shift; + return 1; +} + +BEGIN { $TYPEINFO {ReadSLPEnabled} = ["function", "boolean"]; } +sub ReadSLPEnabled { + y2milestone("ReadSLPEnabled"); + return $registerSlp; +} + +BEGIN { $TYPEINFO {SetSlpEnabled} = ["function", "boolean", "boolean"]; } +sub SetSlpEnabled { + my $self = shift; + y2milestone("ReadServiceEnabled"); + $registerSlp = shift; + return 1; +} + +BEGIN { $TYPEINFO {IsUsingBackconfig} = ["function", "boolean"]; } +sub IsUsingBackconfig +{ + return $usesBackConfig; +} + +BEGIN { $TYPEINFO {SlapdConfChanged} = ["function", "boolean"]; } +sub SlapdConfChanged +{ + return $slapdConfChanged; +} + +sub SetError +{ + my $self = shift; + my ( $msg, $details ) = @_; + $error{'msg'} = $msg; + $error{'details'} = $details; +} + +BEGIN { $TYPEINFO {GetError} = ["function", ["map", "string", "string"] ]; } +sub GetError +{ + return \%error; +} + +BEGIN { $TYPEINFO {GetLogLevels} = ["function", [ "list", "string" ] ]; } +sub GetLogLevels +{ + return \@loglevel; +} + +BEGIN { $TYPEINFO {MigrateSlapdConf} = ["function", "boolean"]; } +sub MigrateSlapdConf +{ my $self = shift; - my $prefix = shift; - my $db_hash = shift || $database; - my $db = $db_hash->{$prefix}; - my $overlays = $db->{'overlay'}; - - foreach my $overlay (@$overlays) { - if ( $overlay->[0] eq "ppolicy" ) { - y2debug("GetPasswordPolicyOverlay ".Data::Dumper->Dump([$database])); - return $overlay->[1]; + my $progressItems = [ _("Cleaning up directory for config database"), + _("Converting slapd.conf to config database"), + _("Switching startup configuration to use config database")]; + Progress->New("Migrating LDAP Server Configuration", "Blub", 3, $progressItems, $progressItems, ""); + Progress->NextStage(); + Progress->NextStage(); + + my $rc = SCR->Execute('.target.bash_output', + "/usr/sbin/slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d" ); + if ( $rc->{'exit'} ) + { + y2error("Error while migration slapd.conf"); + my $details = _("Output of \"slaptest\":\n"). $rc->{'stderr'}; + $self->SetError( _("Migration of existing configuration failed."), $details ); + Progress->Finish(); + return 0; + } + Progress->NextStage(); + $rc = SCR->Write('.sysconfig.openldap.OPENLDAP_CONFIG_BACKEND', 'ldap'); + if ( ! $rc ) + { + y2error("Error while switch to config backend"); + $self->SetError( _("Switch from slapd.conf to config backend failed.") ); + Progress->Finish(); + return 0; + } + Progress->Finish(); + return 1; +} + +BEGIN { $TYPEINFO {GetInitialDefaults} = ["function", [ "map", "string", "any"] ]; } +sub GetInitialDefaults +{ + y2milestone("GetInitialDefaults"); + my $self = shift; + if ( ! keys(%dbDefaults ) ) { + $self->InitDbDefaults(); + } + y2milestone(Data::Dumper->Dump([\%dbDefaults])); + return \%dbDefaults; +} + +BEGIN { $TYPEINFO {SetInitialDefaults} = ["function", "boolean", [ "map", "string", "any" ] ]; } +sub SetInitialDefaults +{ + my $self = shift; + my $defaults = shift; + $defaults->{'serviceEnabled'} = YaST::YCP::Boolean($defaults->{'serviceEnabled'}); + $defaults->{'slpRegister'} = YaST::YCP::Boolean($defaults->{'slpRegister'}); + y2milestone("SetInitialDefaults: ". Data::Dumper->Dump([$defaults])); + %dbDefaults = %$defaults; + return 1; +} + +BEGIN { $TYPEINFO {InitDbDefaults} = ["function", "boolean"]; } +sub InitDbDefaults +{ + y2milestone("InitDbDefaults"); + my $self = shift; + # generate base dn from domain; + my $rc = SCR->Execute( '.target.bash_output', "/bin/hostname -d" ); + my $domain = $rc->{"stdout"}; + if ( $domain eq "" ) + { + $domain = "site"; + } + chomp($domain); + y2milestone( "domain is: <".$domain.">" ); + my @domainparts = split /\./, $domain ; + my @rdn = (); + foreach my $rdn ( @domainparts ) + { + push @rdn, "dc=".$rdn; + } + my $basedn = join ',', @rdn ; + y2milestone("basedn: $basedn"); + $dbDefaults{'basedn'} = $basedn; + $dbDefaults{'rootdn'} = "cn=admin,".$basedn; + $dbDefaults{'pwenctype'} = "SSHA"; + $dbDefaults{'serviceEnabled'} = YaST::YCP::Boolean(0); + $dbDefaults{'slpRegister'} = YaST::YCP::Boolean(0); + return 1; +} + +BEGIN { $TYPEINFO {ReadFromDefaults} = ["function", "boolean"]; } +sub ReadFromDefaults +{ + my $database = { 'type' => 'bdb', + 'suffix' => $dbDefaults{'basedn'}, + 'rootdn' => $dbDefaults{'rootdn'}, + 'directory' => '/var/lib/ldap' + }; + my $cfgdatabase = { 'type' => 'config', + 'rootdn' => 'cn=config', + 'rootpw' => 'secret' + }; + + @schema = ( "core", "cosine", "inetorgperson" ); + + push @databases, ( $cfgdatabase, $database ); + + SCR->Execute('.ldapserver.initGlobals' ); + SCR->Execute('.ldapserver.initSchema', \@schema ); + SCR->Execute('.ldapserver.initDatabases', \@databases ); + return 1; +} + +BEGIN { $TYPEINFO {GetDatabaseList} = ["function", [ "list", [ "map" , "string", "string"] ] ]; } +sub GetDatabaseList +{ + y2milestone("GetDatabaseList"); + my $self = shift; + my $ret = (); + foreach my $db ( @databases ) + { + my $tmp = { 'type' => $db->{'type'}, 'suffix' => $db->{'suffix'} }; + if (! $tmp->{'suffix'} ) + { + $tmp->{'suffix'} = "unknown"; } + push @{$ret}, $tmp; } - y2debug("GetPasswordPolicyOverlay: overlay not found"); - return undef; + y2milestone(Data::Dumper->Dump([$ret])); + return $ret } 1; # EOF Modified: trunk/ldap-server/src/Makefile.am URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/Makefile.am?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/src/Makefile.am (original) +++ trunk/ldap-server/src/Makefile.am Fri Jun 27 15:56:38 2008 @@ -1,6 +1,6 @@ # Makefile.am for ldap-server/src -SUBDIRS = YaPI config +SUBDIRS = YaPI config lib agent yncludedir = @yncludedir@/ldap-server @@ -12,6 +12,7 @@ ynclude_DATA = \ helps.ycp \ wizards.ycp \ + widgets.ycp \ dialogs.ycp \ complex.ycp \ tree_structure.ycp Added: trunk/ldap-server/src/agent/Makefile.am URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/Makefile.am?rev=48589&view=auto ============================================================================== --- trunk/ldap-server/src/agent/Makefile.am (added) +++ trunk/ldap-server/src/agent/Makefile.am Fri Jun 27 15:56:38 2008 @@ -0,0 +1,27 @@ +# +# Makefile.am for SlapdConfig agent +# +AM_CPPFLAGS= -I$(top_srcdir)/src/lib +AM_CXXFLAGS = -DY2LOG=\"agent-slapdconfig\" -Wall -I/usr/include/YaST2 +plugin_LTLIBRARIES = libpy2ag_slapdconfig.la +noinst_LTLIBRARIES = liby2ag_slapdconfig.la + +liby2ag_slapdconfig_la_SOURCES = \ + SlapdConfigAgent.cc \ + SlapdConfigAgent.h +liby2ag_slapdconfig_la_LDFLAGS = -version-info 2:0 +liby2ag_slapdconfig_la_LIBADD = ../lib/libslapdconfig.la @AGENT_LIBADD@ -L$(libdir) + +libpy2ag_slapdconfig_la_SOURCES = \ + $(liby2ag_slapdconfig_la_SOURCES) \ + Y2CCSlapdConfigAgent.cc #Y2CCLdapAgent.h +libpy2ag_slapdconfig_la_LDFLAGS = -version-info 2:0 +libpy2ag_slapdconfig_la_LIBADD = ../lib/libslapdconfig.la @AGENT_LIBADD@ -L$(libdir) + +INCLUDES = -I$(includedir) + + +# ----------- temporary handle also perl/ycp files: + +include $(top_srcdir)/Makefile.am.common + Added: trunk/ldap-server/src/agent/SlapdConfigAgent.cc URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/SlapdConfigAgent.cc?rev=48589&view=auto ============================================================================== --- trunk/ldap-server/src/agent/SlapdConfigAgent.cc (added) +++ trunk/ldap-server/src/agent/SlapdConfigAgent.cc Fri Jun 27 15:56:38 2008 @@ -0,0 +1,273 @@ +#include "SlapdConfigAgent.h" +#include <LDAPConnection.h> +#include <LDAPException.h> +#include <LdifReader.h> +#include <LdifWriter.h> +#include <LDAPEntry.h> +#include <sstream> + +#define DEFAULT_PORT 389 +#define ANSWER 42 +#define MAX_LENGTH_ID 5 + +SlapdConfigAgent::SlapdConfigAgent() +{ + y2milestone("SlapdConfigAgent::SlapdConfigAgent"); +// LDAPConnection *lc = new LDAPConnection("ldap://localhost"); +// lc->bind("cn=config", "secret"); +// olc = OlcConfig(lc); +} + +SlapdConfigAgent::~SlapdConfigAgent() +{} + +YCPValue SlapdConfigAgent::Read( const YCPPath &path, + const YCPValue &arg, + const YCPValue &opt) +{ + y2milestone("Path %s Length %ld ", path->toString().c_str(), + path->length()); + y2milestone("Component %s ", path->component_str(0).c_str()); + + if ( path->length() < 1 ) { + return YCPNull(); + } + else if ( path->component_str(0) == "global" ) + { + y2milestone("Global read"); + return ReadGlobal(path->at(1), arg, opt); + } + else if ( path->component_str(0) == "databases" ) + { + y2milestone("read databases"); + return ReadDatabases(path->at(1), arg, opt); + } + else if ( path->component_str(0) == "configAsLdif" ) + { + return ConfigToLdif(); + } + return YCPNull(); +} + + +YCPBoolean SlapdConfigAgent::Write( const YCPPath &path, + const YCPValue &arg, + const YCPValue &arg2) +{ + y2milestone("Path %s Length %ld ", path->toString().c_str(), + path->length()); + + return YCPBoolean(true); + if ( path->length() < 2 ) { + return YCPNull(); + } else { + path->component_str(1) == "global"; + y2milestone("Global Write"); + return WriteGlobal(path->at(1), arg, arg2); + } +} + +YCPValue SlapdConfigAgent::Execute( const YCPPath &path, + const YCPValue &arg, + const YCPValue &arg2) +{ + y2milestone("Execute Path %s", path->toString().c_str() ); + if ( path->component_str(0) == "initFromLdif" ) + { + std::istringstream ldifstream(arg->asString()->value_cstr()); + LdifReader ldif(&ldifstream); + while ( ldif.readRecord() == LDAPMsg::SEARCH_ENTRY ) + { + LDAPEntry currentEntry = ldif.getEntryRecord(); + y2milestone( "EntryDN: %s", ldif.getEntryRecord().getDN().c_str() ); + StringList oc = currentEntry.getAttributeByName("objectclass")->getValues(); + string ocstring; + for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ ) + { + ocstring += *i; + ocstring += " "; + } + y2milestone( "objectclasses: %s", ocstring.c_str()); + y2milestone( "isDatabase: %i", OlcConfigEntry::isDatabaseEntry(currentEntry) ); + if (OlcConfigEntry::isDatabaseEntry(currentEntry) ) + { + boost::shared_ptr<OlcDatabase> olce(OlcDatabase::createFromLdapEntry(currentEntry)); + databases.push_back(olce); + } + else if (OlcConfigEntry::isGlobalEntry(currentEntry) ) + { + globals = boost::shared_ptr<OlcGlobalConfig>(new OlcGlobalConfig(currentEntry)); + } + } + } + else if ( path->component_str(0) == "initGlobals" ) + { + globals = boost::shared_ptr<OlcGlobalConfig>(new OlcGlobalConfig()); + } + else if ( path->component_str(0) == "initSchema" ) + { + schemaBase = boost::shared_ptr<OlcSchemaConfig>(new OlcSchemaConfig() ); + YCPList schemaList = arg->asList(); + for ( int i = 0; i < schemaList->size(); i++ ) + { + y2milestone("Schemafile to include: %s", schemaList->value(i)->asString()->value_cstr() ); + } + + } + else if ( path->component_str(0) == "initDatabases" ) + { + YCPList dbList = arg->asList(); + for ( int i = 0; i < dbList->size(); i++ ) + { + YCPMap dbMap = dbList->value(i)->asMap(); + std::string dbtype(dbMap->value(YCPString("type"))->asString()->value_cstr()); + y2milestone("Database Type: %s", dbtype.c_str()); + if ( dbtype == "bdb" ) + { + boost::shared_ptr<OlcBdbDatabase> db(new OlcBdbDatabase() ); + db->setIndex(i); + db->setSuffix(dbMap->value(YCPString("suffix"))->asString()->value_cstr()); + db->setRootDn(dbMap->value(YCPString("rootdn"))->asString()->value_cstr()); + db->setDirectory(dbMap->value(YCPString("directory"))->asString()->value_cstr()); +// db->setRootPw(dbMap->value(YCPString("rootpw"))->asString()->toString()); + databases.push_back(db); + } + else + { + y2error("Database Type \"%s\" not supported. Trying to use generic Database class", dbtype.c_str()); + boost::shared_ptr<OlcDatabase> db(new OlcDatabase(dbtype.c_str()) ); + db->setIndex(i); +// db->setSuffix(dbMap->value(YCPString("suffix"))->asString()->value_cstr()); + db->setRootDn(dbMap->value(YCPString("rootdn"))->asString()->value_cstr()); + db->setRootPw(dbMap->value(YCPString("rootpw"))->asString()->value_cstr()); + databases.push_back(db); + } + } + } + return YCPBoolean(true); +} + +YCPList SlapdConfigAgent::Dir( const YCPPath &path) +{ + return YCPNull(); +} + +YCPValue SlapdConfigAgent::otherCommand( const YCPTerm& term) +{ + y2milestone("SlapdConfigAgent::otherCommand -> %s ", term->name().c_str()); + std::string sym = term->name(); + + if (sym == "SlapdConfigAgent") { + /* Your initialization */ + return YCPVoid(); + } + + return YCPNull(); + +} + +YCPValue SlapdConfigAgent::ReadGlobal( const YCPPath &path, + const YCPValue &arg, + const YCPValue &opt) +{ + y2milestone("Path %s Length %ld ", path->toString().c_str(), + path->length()); + y2milestone("Component: %s", path->component_str(0).c_str()); + if ( path->length() == 0 ) + { + return YCPNull(); + } + else + { + if ( path->component_str(0) == "loglevel" ) + { + y2milestone("Read loglevel"); + YCPList yLevelList; + const std::vector<std::string> loglevel = globals->getLogLevelString(); + std::vector<std::string>::const_iterator i; + for ( i = loglevel.begin(); i != loglevel.end(); i++ ) + { + yLevelList.add(YCPString(*i) ); + } + return yLevelList; + } + if ( path->component_str(0) == "tlsSettings" ) + { + YCPMap ymap; + const OlcTlsSettings tls( globals->getTlsSettings() ); + ymap.add(YCPString("crlCheck"), YCPInteger( tls.getCrlCheck() ) ); + ymap.add(YCPString("verifyClient"), YCPInteger( tls.getVerifyClient() ) ); + return ymap; + } + } + return YCPNull(); +} + +YCPValue SlapdConfigAgent::ReadDatabases( const YCPPath &path, + const YCPValue &arg, + const YCPValue &opt) +{ + y2milestone("Path %s Length %ld ", path->toString().c_str(), + path->length()); + std::list<boost::shared_ptr<OlcDatabase> >::const_iterator i; + YCPList dbList; + for (i = databases.begin(); i != databases.end(); i++ ) + { + YCPMap ymap; + std::map<std::string, std::list<std::string> > dbMap = (*i)->toMap(); + std::map<std::string, std::list<std::string> >::const_iterator j; + for ( j = dbMap.begin(); j != dbMap.end(); j++ ) + { + YCPList l; + YCPString type(j->first); + std::list<std::string> vals = j->second; + std::list<std::string>::const_iterator k; + for (k = vals.begin(); k != vals.end(); k++ ) + { + l.add(YCPString(*k)); + } + ymap.add(type, l); + } + dbList.add(ymap); + } + return dbList; +} + +YCPBoolean SlapdConfigAgent::WriteGlobal( const YCPPath &path, + const YCPValue &arg, + const YCPValue &arg2) +{ + y2milestone("Path %s Length %ld ", path->toString().c_str(), + path->length()); + y2milestone("Component: %s", path->component_str(0).c_str()); + if ( path->length() == 0 ) { + return YCPNull(); + } else { + if ( path->component_str(0) == "loglevel" ) { + y2milestone("Write loglevel"); + OlcGlobalConfig olcg = olc.getGlobals(); + olcg.setLogLevel(arg->asInteger()->value()); + olc.setGlobals(olcg); + return YCPBoolean(true); + } + } + return YCPBoolean(false); +} + +YCPString SlapdConfigAgent::ConfigToLdif() const +{ + y2milestone("ConfigToLdif"); + std::list<boost::shared_ptr<OlcDatabase> >::const_iterator i = databases.begin(); + std::ostringstream ldif; + ldif << globals->toLdif(); + ldif << schemaBase->toLdif(); + LdifWriter writer(&ldif); + writer.writeIncludeRecord("/etc/openldap/schema/core.ldif"); + writer.writeIncludeRecord("/etc/openldap/schema/cosine.ldif"); + writer.writeIncludeRecord("/etc/openldap/schema/inetorgperson.ldif"); + for ( ; i != databases.end(); i++ ) + { + ldif << (*i)->toLdif(); + } + return YCPString(ldif.str()); +} Added: trunk/ldap-server/src/agent/SlapdConfigAgent.h URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/SlapdConfigAgent.h?rev=48589&view=auto ============================================================================== --- trunk/ldap-server/src/agent/SlapdConfigAgent.h (added) +++ trunk/ldap-server/src/agent/SlapdConfigAgent.h Fri Jun 27 15:56:38 2008 @@ -0,0 +1,59 @@ +/* SlapdConfigAgent.h + * + * Authors: Ralf Haferkamp <rhafer@suse.de> + * + * $Id$ + */ + +#ifndef _SlapdConfigAgent_h +#define _SlapdConfigAgent_h + +#include <Y2.h> +#include <scr/SCRAgent.h> +#include <boost/shared_ptr.hpp> +#include "backConfigTest.h" +/** + * @short An interface class between YaST2 and Ldap Agent + */ +class SlapdConfigAgent : public SCRAgent { + public : + SlapdConfigAgent(); + virtual ~SlapdConfigAgent(); + virtual YCPValue Read( const YCPPath &path, + const YCPValue &arg = YCPNull(), + const YCPValue &opt = YCPNull()); + + virtual YCPBoolean Write( const YCPPath &path, + const YCPValue &arg, + const YCPValue &arg2 = YCPNull()); + + virtual YCPValue Execute( const YCPPath &path, + const YCPValue &arg = YCPNull(), + const YCPValue &arg2 = YCPNull()); + + virtual YCPList Dir( const YCPPath &path); + + virtual YCPValue otherCommand( const YCPTerm& term); + + protected: + YCPValue ReadGlobal( const YCPPath &path, + const YCPValue &arg = YCPNull(), + const YCPValue &opt = YCPNull()); + + YCPValue ReadDatabases( const YCPPath &path, + const YCPValue &arg = YCPNull(), + const YCPValue &opt = YCPNull()); + YCPBoolean WriteGlobal( const YCPPath &path, + const YCPValue &arg = YCPNull(), + const YCPValue &opt = YCPNull()); + YCPString ConfigToLdif() const; + + private: + OlcConfig olc; + std::list<boost::shared_ptr<OlcDatabase> > databases; + boost::shared_ptr<OlcGlobalConfig> globals; + boost::shared_ptr<OlcSchemaConfig> schemaBase; +}; + +#endif /* _SlapdConfigAgent_h */ + Added: trunk/ldap-server/src/agent/Y2CCSlapdConfigAgent.cc URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/agent/Y2CCSlapdConfigAgent.cc?rev=48589&view=auto ============================================================================== --- trunk/ldap-server/src/agent/Y2CCSlapdConfigAgent.cc (added) +++ trunk/ldap-server/src/agent/Y2CCSlapdConfigAgent.cc Fri Jun 27 15:56:38 2008 @@ -0,0 +1,17 @@ +/* Y2CCSlapdConfigAgent.cc + * + * Slapd back-config agent implementation + * + * Authors: Ralf Haferkamp <rhafer@suse.de> + * + * $Id$ + */ + +#include <scr/Y2AgentComponent.h> +#include <scr/Y2CCAgentComponent.h> + +#include "SlapdConfigAgent.h" + +typedef Y2AgentComp <SlapdConfigAgent> Y2SlapdConfigAgentComp; + +Y2CCAgentComp <Y2SlapdConfigAgentComp> g_y2ccag_slapdconfig ("ag_slapdconfig"); Modified: trunk/ldap-server/src/complex.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/complex.ycp?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/src/complex.ycp (original) +++ trunk/ldap-server/src/complex.ycp Fri Jun 27 15:56:38 2008 @@ -17,6 +17,7 @@ import "Wizard_hw"; import "LdapServer"; import "Package"; +import "Service"; include "ldap-server/helps.ycp"; @@ -36,13 +37,28 @@ return UI::PollInput() == `abort; } +boolean DisplayError( map<string,string> error ) +{ + if ( error["msg"]:nil != nil ) + { + if ( error["details"]:nil != nil ) + { + Popup::ErrorDetails(error["msg"]:"", error["details"]:""); + } + else + { + Popup::Error(error["msg"]:""); + } + } +} + /** * Read settings dialog * @return `abort if aborted and `next otherwise */ symbol ReadDialog() { Wizard::RestoreHelp(HELPS["read"]:""); - + /* ensure openldap2 package is installed */ if( !Package::Install( "openldap2" ) ) { @@ -59,9 +75,135 @@ without installing the required packages.")); } return `abort; - } - // LdapServer::AbortFunction = PollAbort; + } + +/* Code for replacing the cn=config password temporarily + string oldRootPw = ""; + string newRootPw = ""; + string newRootPwCrypt = ""; + string entry = (string) SCR::Read(.target.string, "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif"); + list<string> attrlist = splitstring( entry, "\n"); + list<string> newAttrlist = []; + + // Generate a temporary password + map pwMap = (map) SCR::Execute( .target.bash_output, "/usr/sbin/slappasswd -g"); + if ( (integer)(pwMap["exit"]:0) == 0 ) + { + newRootPw = (string) pwMap["stdout"]:""; + string cmd = sformat("/usr/sbin/slappasswd -h {SSHA} -n -s %1", newRootPw); + map cryptPwMap = (map) SCR::Execute( .target.bash_output, cmd); + if ( (integer)(cryptPwMap["exit"]:0) == 0 ) + { + newRootPwCrypt = (string) cryptPwMap["stdout"]:""; + y2milestone("crypted PW: %1", newRootPwCrypt ); + } + } + + // find and replace (or append) the password + boolean replaced = false; + foreach( string i, attrlist, + { + y2milestone("attr <%1> len %2", i, size(i)); + if ( regexpmatch( tolower(i), "^olcrootpw" ) ) { + // attr might be the base64 encoded password hash (": <hash>") + list<string> attr = regexptokenize( i, "^([^:]+):(.+)"); + oldRootPw = attr[1]:""; + newAttrlist[size(newAttrlist)] = sformat("olcRootPW: %1", newRootPwCrypt); + replaced = true; + } else { + if ( size(i) > 0 ) + { + newAttrlist[size(newAttrlist)] = i; + } + } + } + ); + if (! replaced ) + { + newAttrlist[size(newAttrlist)] = sformat("olcRootPW: %1", newRootPwCrypt); + } + newAttrlist[size(newAttrlist)] = ""; + string newEntry = mergestring(newAttrlist, "\n"); + boolean result = SCR::Write(.target.string, + "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif", newEntry); + + y2milestone("Updated config.ldif %1", result); + list<string> progress_items = []; + if ( switchToBackConfig ) { + if ( isRunning ) { + progress_items[size(progress_items)] = _("Stopping the OpenLDAP Server."); + } + progress_items[size(progress_items)] = _("Switching configuration backend to \"ldap\"."); + progress_items[size(progress_items)] = _("Cleaning up configuration directory."); + } + if ( convert ) { + progress_items[size(progress_items)] = _("Converting config file."); + } + Progress::New("Caption", "Progress Title", size(progress_items), progress_items, progress_items, ""); + foreach( string i, progress_items, { + Progress::NextStage(); + } + ); +*/ + boolean ret = LdapServer::Read(); + if ( ! ret ) + { + return `abort; + } + boolean hasBackconfig = LdapServer::IsUsingBackconfig(); + boolean configModified = LdapServer::SlapdConfChanged(); //original shipped slapd.conf? + boolean switchToBackConfig = false; + boolean convert = false; + + //y2milestone("OpenLDAP running: %1", isRunning); + y2milestone("OpenLDAP using backConfig: %1", hasBackconfig); + y2milestone("OpenLDAP modifed config: %1", configModified); + string configFile = "/etc/openldap/slapd.conf"; + if ( !hasBackconfig ) + { + switchToBackConfig = Popup::ContinueCancelHeadline( _("Convert to \"Back-Config\"?"), +_("Your system is currently configured to use the +configuration file /etc/openldap/slapd.conf. This YaST +module will switch OpenLDAP to use the dynamic configuration +database of OpenLDAP (back-config).")); + if (switchToBackConfig) + { + if ( configModified ) + { + convert = Popup::YesNoHeadline( _("Convert existing configuration?"), +_("Do you want to convert your existing configuration +files, to the dynamic configuration backend? +Note: This will remove any preexisting configuration data +from \"/etc/openldap/slapd.d/\". +If you click \"No\" here, an empty configuration will +be created")); + if (convert) + { + // Convert the existing configuration and after that + // re-read it. + if (! LdapServer::MigrateSlapdConf()) + { + y2milestone("LdapServer::MigrateSlapdConf failed"); + DisplayError( LdapServer::GetError() ); + return `abort; + } + LdapServer::Read(); + } + } + else + { + // Start new config wizward + LdapServer::InitDbDefaults(); + return `initial; + } + } + else + { + return `abort; + } + } + return ret ? `next : `abort; } @@ -76,7 +218,7 @@ if (! ret ) { return `abort; } - ret = LdapServer::WritePPolicyObjects(); +// ret = LdapServer::WritePPolicyObjects(); return ret ? `next : `abort; } @@ -87,16 +229,18 @@ any SummaryDialog() { /* LdapServer summary dialog caption */ - string caption = _("LDAP Server Configuration"); + string caption = _("LDAP Server Configuration Summary"); - /* FIXME */ - list summary = LdapServer::Summary(); - list unconfigured = summary[1]:[]; - string configured = summary[0]:""; + string summary = LdapServer::Summary(); /* Frame label */ - term contents = Wizard_hw::DetectedContent(_("LDAP Server to Configure"), - unconfigured, false, configured); + term contents = + `VBox( + `RichText( summary ), + `Right( + `PushButton( `id(`pb_advanced), _("Advanced Configuration") ) + ) + ); Wizard::SetContentsButtons(caption, contents, HELPS["summary"]:"", Label::BackButton(), Label::FinishButton()); @@ -107,89 +251,32 @@ ret = UI::UserInput(); /* abort? */ - if(ret == `abort || ret == `cancel || ret == `back) { - if(ReallyAbort()) break; - else continue; - } - /* overview dialog */ - else if(ret == `edit_button) { - ret = `overview; - break; - } - /* configure the selected device */ - else if(ret == `configure_button) { - // TODO FIXME: check for change of the configuration - any selected = UI::QueryWidget(`id(`detected_selbox), `CurrentItem); - if(selected == `other) { - ret = `other; + if (ret == `abort || ret == `cancel ) + { + if(ReallyAbort()) + { + break; } - else { - ret = `configure; + else + { + continue; } - break; - } - else if(ret == `next) { - break; - } - else { - y2error("unexpected retcode: %1", ret); - continue; - } - } - - return ret; -} - -/** - * Overview dialog - * @return dialog result - */ -any OverviewDialog() { - - /* LdapServer overview dialog caption */ - string caption = _("LDAP Server Overview"); - - list overview = LdapServer::Overview(); - - /* FIXME table header */ - term contents = Wizard_hw::ConfiguredContent( - /* Table header */ - `header(_("Number"), _("LDAP Server")), - overview, nil, nil, nil, nil ); - - contents = Wizard_hw::SpacingAround(contents, 1.5, 1.5, 1.0, 1.0); - - Wizard::SetContentsButtons(caption, contents, HELPS["overview"]:"", - Label::BackButton(), Label::FinishButton()); - - any ret = nil; - while(true) { - - ret = UI::UserInput(); - - /* abort? */ - if(ret == `abort || ret == `cancel) { - if(ReallyAbort()) break; - else continue; } - /* add */ - else if(ret == `add_button) { - /* FIXME */ - ret = `add; + else if ( ret == `pb_advanced ) + { + Popup::Error("Not there yet"); + LdapServer::ReadFromDefaults(); + ret = `advanced; break; } - /* edit */ - else if(ret == `edit_button) { - /* FIXME */ - ret = `edit; + else if ( ret == `next ) + { + LdapServer::ReadFromDefaults(); + ret = `next; break; } - /* delete */ - else if(ret == `delete_button) { - /* FIXME */ - continue; - } - else if(ret == `next || ret == `back) { + else if ( ret == `back ) + { break; } else { Modified: trunk/ldap-server/src/dialogs.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/dialogs.ycp?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/src/dialogs.ycp (original) +++ trunk/ldap-server/src/dialogs.ycp Fri Jun 27 15:56:38 2008 @@ -15,7 +15,7 @@ import "Label"; import "Wizard"; import "LdapServer"; -import "LdapServerConf"; +//import "LdapServerConf"; import "HTML"; import "DNS"; import "CaMgm"; @@ -47,8 +47,9 @@ error_str = "item "+item+" does not exist but is referenced by '"+parent+"'!"; return nil; } - y2debug( "adding tree item '%1'", item ); + y2milestone( "adding tree item '%1' to parent %2", item, parent ); tree = Wizard::AddTreeItem( tree, parent, (string)item_map["name"]:"", item ); + y2milestone( "tree '%1'", tree ); if( haskey( item_map, "children" ) ) { list<string> childlist = (list<string>)item_map["children"]:[]; @@ -71,7 +72,7 @@ error_str = "item "+item+" does not exist but is referenced by 'base'!"; return nil; } - y2debug( "adding tree item '%1'", item ); + y2milestone( "adding tree item '%1' to root", item ); tree = Wizard::AddTreeItem( tree, "", (string)item_map["name"]:"", item ); if( haskey( item_map, "children" ) ) { @@ -127,47 +128,59 @@ ** dialog functions ** **********************/ +term dlg_service = `HSquash( + `VBox( + `Heading( _("General Settings") ), + `VBox( + `Frame( _("&Start LDAP Server"), + `VBox( + `RadioButtonGroup( + `VBox( + `Left( `RadioButton( `id( `rb_yes ), `opt( `notify ), + Label::YesButton(), + false ) ), + `Left( `RadioButton( `id( `rb_no ), `opt( `notify ), + Label::NoButton(), + true ) ) + ) + ), + `Left( `CheckBox( `id( `cb_register_slp ), + _("Register at an &SLP Daemon"), + LdapServer::ReadSLPEnabled() )), + `HStretch() + ) + ) + ), + `VSpacing(), + `VBox( + `Frame( _("Firewall Settings"), + `VBox( + fw_widget["custom_widget"]:`Empty(), + `HStretch() + ) + ) + ) + ) +); any EnableServiceDialog() { + map <string, any> defaults = LdapServer::GetInitialDefaults(); map<string, any> firewall_settings = $[ "services": [ "ldap" , "ldaps" ], "display_details": true, ]; - map<string, any> firewall_widget = + map<string, any> firewall_widget = CWMFirewallInterfaces::CreateOpenFirewallWidget (firewall_settings); - term dlg_service = `VBox( - /* radiobutton group headline */ - `HSquash( `VBox( - `Frame( _("Start LDAP Server"), `RadioButtonGroup( - `VBox( - `Left( `RadioButton( `id( `rb_no ), `opt( `notify ), Label::NoButton(), !LdapServer::ReadServiceEnabled() ) ), - `VSpacing( 1 ), - `Left( `RadioButton( `id( `rb_yes ), `opt( `notify ), Label::YesButton(), LdapServer::ReadServiceEnabled() ) ), - `VSpacing( 0.5 ), - `HBox( - `HSpacing( 4 ), - `HSquash( `VBox( - /* button text */ - `PushButton( `id( `pb_configure ), `opt( `hstretch ), _("&Configure...") ), - `VSpacing( 1 ), - `CheckBox( `id( `cb_register_slp ), _("Register at an &SLP Daemon"), LdapServer::ReadSLPEnabled() ) - ) ), - `HSpacing( 1 ) - ), - `VSpacing( 0.5 ) - ) - )), - `VSpacing( 1 ), firewall_widget["custom_widget"]:`Empty() - )) - ); - Wizard::SetContentsButtons( caption, dlg_service, HELPS["service_dialog"]:"help not found", - Label::BackButton(), Label::FinishButton() ); + Label::BackButton(), Label::NextButton() ); - if( !LdapServer::ReadServiceEnabled() ) + if( (boolean)defaults["serviceEnabled"]:true ) + { + UI::ChangeWidget( `rb_yes, `Value, true ); + } + else { - UI::ChangeWidget( `pb_configure, `Enabled, false ); UI::ChangeWidget( `cb_register_slp, `Enabled, false ); } @@ -179,29 +192,30 @@ event = UI::WaitForEvent (); ret = event["ID"]:nil; CWMFirewallInterfaces::OpenFirewallHandle (firewall_widget, "", event); - y2debug( "EnableServiceDialog: seeing return value '%1'", ret ); + y2milestone( "EnableServiceDialog: seeing return value '%1'", ret ); if( ret == `back || ret == `abort || ret == `cancel) break; else if( ret == `next || ret == `finish ) { CWMFirewallInterfaces::OpenFirewallStore (firewall_widget, "", event); - LdapServer::WriteSLPEnabled( (boolean)UI::QueryWidget( `cb_register_slp, `Value ) ); + if ( (boolean)UI::QueryWidget( `cb_register_slp, `Value ) ) + { + defaults["slpRegister"] = 1; + } + else + { + defaults["slpRegister"] = 0; + } + LdapServer::SetInitialDefaults(defaults); break; } - else if( ret == `pb_configure ) + else if( ret == `rb_yes ) { - CWMFirewallInterfaces::OpenFirewallStore (firewall_widget, "", event); - LdapServer::WriteSLPEnabled( (boolean)UI::QueryWidget( `cb_register_slp, `Value ) ); - return `config; - } else if( ret == `rb_yes ) - { - LdapServer::WriteServiceEnabled( true ); - UI::ChangeWidget( `pb_configure, `Enabled, true ); + defaults["serviceEnabled"] = true; UI::ChangeWidget( `cb_register_slp, `Enabled, true ); } else if( ret == `rb_no ) { - LdapServer::WriteServiceEnabled( false ); - UI::ChangeWidget( `pb_configure, `Enabled, false ); + defaults["serviceEnabled"] = false; UI::ChangeWidget( `cb_register_slp, `Enabled, false ); } } @@ -211,29 +225,24 @@ any ProposalDialog() { - string baseDN = LdapServerConf::baseDN; - string rootDN = LdapServerConf::rootDN; - string rootPW = LdapServerConf::rootPW; - string enctype = LdapServerConf::enctype; - boolean useCommonCA = LdapServerConf::useCommonCA; - boolean registerSLP = LdapServerConf::registerSLP; - boolean service_enabled = LdapServer::ReadServiceEnabled(); + map <string, any> defaults = LdapServer::GetInitialDefaults(); + string enctype = ""; + boolean useCommonCA = false; boolean common_ca_available = ( CaMgm::prop_selection == `def || CaMgm::prop_selection == `floppy || CaMgm::prop_selection == `expert ); if( !common_ca_available ) { - LdapServerConf::useCommonCA = false; useCommonCA = false; } boolean append_checked = true; - if( rootDN != "" ) + if( defaults["rootdn"]:"" != "" ) { - integer pos = find( rootDN, baseDN ); + integer pos = search( defaults["rootdn"]:"", defaults["basedn"]:"" ); if( pos > -1 ) { - rootDN = substring( rootDN, 0, pos-1 ); + defaults["rootdn"] = substring( defaults["rootdn"]:"", 0, pos-1 ); } else { append_checked = false; @@ -248,61 +257,54 @@ `item( `id( "PLAIN" ), "PLAIN", enctype == "PLAIN" ) ]; - map<string, any> firewall_settings = $[ - "services": [ "ldap" , "ldaps" ], - "display_details": true, - ]; - map<string, any> firewall_widget = - CWMFirewallInterfaces::CreateOpenFirewallWidget (firewall_settings); term dlg_propose = - /* Headline */ - `VBox( `Heading( _("OpenLDAP Server Settings") ), - `VSpacing( 0.5 ), - `RadioButtonGroup( `id( `rbg_service ), `HBox( - /* radiobutton text */ - `RadioButton( `id( `rb_enable ), `opt( `notify ), _("E&nable Server"), service_enabled ), - /* radiobutton text */ - `RadioButton( `id( `rb_disable ), `opt( `notify ), _("&Disable Server"), !service_enabled ) - ) ), - `VSpacing( 1 ), - /* textentry description */ - `TextEntry( `id( `te_basedn ), _("&Base DN"), baseDN ), - `VSpacing( `opt( `hstretch ), 1 ), - /* textentry description */ - `VSquash( `HBox( `TextEntry( `id( `te_rootdn ), _("&Root DN"), rootDN ), - /*checkbox text*/ - `VBox( `Bottom( `CheckBox( `id( `cb_append_basedn ), _("A&ppend Base DN"), append_checked ) ), - `VSpacing( 0.3 ) - ) - ) ), - `VSpacing( 1 ), - /* textentry description */ - `HBox( `Password( `id( `te_rootpw ), _("LDAP &Password"), rootPW ), - /* textentry description */ - `Password( `id( `te_valid_rootpw ), _("&Validate Password"), rootPW ), - /* combobox text */ - `ComboBox( `id( `cmb_cryptmethod ), _("&Encryption"), enc_types ) - ), - `VSpacing( 1 ), - /* checkbox text */ - `Left( `CheckBox( `id( `cb_use_common_ca ), _("Activate Start&TLS with Common Server Certificate"), useCommonCA ) ), - `Left( `CheckBox( `id( `cb_register_slp ), _("Register at an &SLP Daemon"), registerSLP ) ), - `VSpacing( 1 ), - firewall_widget["custom_widget"]:`Empty() - ); + `VBox( + `Heading( _("Database Settings") ), + `HSquash( + `VBox ( + `Left( + `InputField(`id( `te_basedn), `opt(`hstretch) , _("&Base DN"), defaults["basedn"]:"" ) + ), + `VSpacing(0.5), + `Left( + `VSquash( + `HBox( + `InputField( `id( `te_rootdn ), _("&Administrator DN"), defaults["rootdn"]:"" ), + `HSpacing(), + `VBox( + `Bottom( + `CheckBox( `id( `cb_append_basedn ), _("A&ppend Base DN"), append_checked ) + ), + `VSpacing( 0.3 ) + ) + ) + ) + ), + `VSpacing(0.5), + `Left( + `Password( `id( `te_rootpw ), `opt(`hstretch), _("LDAP Administrator &Password"), defaults["rootpw"]:"" ) + ), + `Left( + `Password( `id( `te_valid_rootpw ), `opt(`hstretch), _("&Validate Password"), defaults["rootpw"]:"" ) + ), + `Left( + `ComboBox( `id( `cmb_cryptmethod ), _("Password &Encryption"), enc_types ) + ) + ) + ) + ); Wizard::SetContentsButtons( caption, dlg_propose, HELPS["propose"]:"<p><b>no proposal help text</b></p>", Label::BackButton(), Label::NextButton() ); - if( !LdapServerConf::proposal_changed ) - { - /* notify message */ - Popup::Notify( _("Changing anything in this dialog disables the automatic -generation of base DN, root DN, and LDAP password. -") ); - } - - if( !service_enabled ) +// if( !LdapServerConf::proposal_changed ) +// { +// /* notify message */ +// Popup::Notify( _("Changing anything in this dialog disables the automatic +//generation of base DN, root DN, and LDAP password. +//") ); +// } + if ( ! (boolean)defaults["serviceEnabled"]:false ) { UI::ChangeWidget( `id( `te_basedn ), `Enabled, false ); UI::ChangeWidget( `id( `te_rootdn ), `Enabled, false ); @@ -310,94 +312,54 @@ UI::ChangeWidget( `id( `te_rootpw ), `Enabled, false ); UI::ChangeWidget( `id( `te_valid_rootpw ), `Enabled, false ); UI::ChangeWidget( `id( `cmb_cryptmethod ), `Enabled, false ); - UI::ChangeWidget( `id( `cb_use_common_ca ), `Enabled, false ); - UI::ChangeWidget( `id( `cb_register_slp ), `Enabled, false ); } - if( !common_ca_available ) - { - UI::ChangeWidget( `id( `cb_use_common_ca ), `Enabled, false ); - } - - CWMFirewallInterfaces::OpenFirewallInit (firewall_widget, ""); any ret = nil; map event = $[]; while( true ) { event = UI::WaitForEvent (); ret = event["ID"]:nil; - CWMFirewallInterfaces::OpenFirewallHandle (firewall_widget, "", event); - y2debug( "ProposeDialog: seeing return value %1", ret ); - if( ret == `back || ret == `abort || ret == `cancel ) break; + y2milestone( "ProposeDialog: seeing return value %1", ret ); + if( ret == `back || ret == `abort || ret == `cancel ) + { + break; + } else if( ret == `next ) { - //is server enabled? - LdapServerConf::proposal_changed = true; - symbol service_status = (symbol)UI::QueryWidget( `id( `rbg_service ), `CurrentButton ); - if( service_status == `rb_disable ) + //validate/update rootpw + defaults["rootpw"] = (string)UI::QueryWidget( `id( `te_rootpw ), `Value ); + if ( defaults["rootpw"]:"" == "" ) { - LdapServer::WriteServiceEnabled( false ); - break; - } else { - LdapServer::WriteServiceEnabled( true ); + Popup::Error( _("Please enter a password for the Administrator user") ); + continue; } - CWMFirewallInterfaces::OpenFirewallStore (firewall_widget, "", event); - //validate/update rootpw - rootPW = (string)UI::QueryWidget( `id( `te_rootpw ), `Value ); - if( rootPW != "" ) + if( defaults["rootpw"]:"" != "" ) { - if( rootPW != UI::QueryWidget( `id( `te_valid_rootpw ), `Value ) ) + if( defaults["rootpw"]:"" != UI::QueryWidget( `id( `te_valid_rootpw ), `Value ) ) { /* error popup */ Popup::Error( _("Password validation failed.") ); + defaults["rootpw"] = ""; continue; } - //update root password - LdapServerConf::rootPW = rootPW; - LdapServer::WriteUseRootPW( false ); - - //be paranoid - rootPW = ""; } //update enctype string enctype = (string)UI::QueryWidget( `id( `cmb_cryptmethod ), `Value ); y2debug( "changing enctype to %1", enctype ); - LdapServerConf::enctype = enctype; +// LdapServerConf::enctype = enctype; //update Base DN - baseDN = (string)UI::QueryWidget( `id( `te_basedn ), `Value ); - y2debug( "changing baseDN to %1", baseDN ); - LdapServerConf::baseDN = baseDN; + defaults["basedn"] = (string)UI::QueryWidget( `id( `te_basedn ), `Value ); + y2debug( "changing baseDN to %1", defaults["basedn"]:"" ); //update rootDN - rootDN = (string)UI::QueryWidget( `id( `te_rootdn ), `Value ); + defaults["rootdn"] = (string)UI::QueryWidget( `id( `te_rootdn ), `Value ); if( (boolean)UI::QueryWidget( `id( `cb_append_basedn ), `Value ) ) { - rootDN = rootDN + "," + baseDN; - } - y2debug( "changing rootDN to %1", rootDN ); - LdapServerConf::rootDN = rootDN; - - //update useCommonCA - useCommonCA = (boolean)UI::QueryWidget( `id( `cb_use_common_ca ), `Value ); - y2debug( "changing useCommonCA to %1", useCommonCA ); - LdapServerConf::useCommonCA = useCommonCA; - - //update registerSLP - registerSLP = (boolean)UI::QueryWidget( `id( `cb_register_slp ), `Value ); - y2debug( "changing registerSLP to %1", registerSLP ); - LdapServerConf::registerSLP = registerSLP; - string checkResult = LdapServer::CheckDatabase( $[ "database":"bdb", - "suffix": LdapServerConf::baseDN, - "rootdn" : LdapServerConf::rootDN, - "passwd" : LdapServerConf::rootPW, - "cryptmethod" : LdapServerConf::enctype, - "directory" : "/var/lib/ldap" - ] ); - if (checkResult != "" ) { - Popup::Error(checkResult); - continue; + defaults["rootdn"] = defaults["rootdn"]:"" + "," + defaults["basedn"]:""; } + LdapServer::SetInitialDefaults(defaults); break; } else if( ret == `rb_enable ) { @@ -409,10 +371,6 @@ UI::ChangeWidget( `id( `te_rootpw ), `Enabled, true ); UI::ChangeWidget( `id( `te_valid_rootpw ), `Enabled, true ); UI::ChangeWidget( `id( `cmb_cryptmethod ), `Enabled, true ); - UI::ChangeWidget( `id( `cb_register_slp ), `Enabled, true ); - if( common_ca_available ) { - UI::ChangeWidget( `id( `cb_use_common_ca ), `Enabled, true ); - } } else if ( ret == `rb_disable ) { y2debug( "disable server clicked" ); @@ -423,8 +381,6 @@ UI::ChangeWidget( `id( `te_rootpw ), `Enabled, false ); UI::ChangeWidget( `id( `te_valid_rootpw ), `Enabled, false ); UI::ChangeWidget( `id( `cmb_cryptmethod ), `Enabled, false ); - UI::ChangeWidget( `id( `cb_use_common_ca ), `Enabled, false ); - UI::ChangeWidget( `id( `cb_register_slp ), `Enabled, false ); } } return ret; @@ -433,10 +389,10 @@ any TreeDialog() { //close service dialog - UI::CloseDialog(); +// UI::CloseDialog(); Wizard::CreateTreeDialog(); //item selected at start - current_tree_item = "databases"; + current_tree_item = "daemon"; //trigger initial build of widget tree rebuild_widget_tree = true; @@ -456,16 +412,14 @@ y2error( "error when generating widget tree: %1", error_str ); } - /* tree widget headline */ + /* tree widget headline */ Wizard::CreateTree( widget_tree, _("Configuration:") ); //select&show current item Wizard::SelectTreeItem( current_tree_item ); showTreeDialog( current_tree_item, ( widget_tree == [] ) ? false : true ); - //initialize current dialog callHandler( current_tree_item, "cb_read" ); - rebuild_widget_tree = false; } ret = UI::UserInput(); @@ -494,7 +448,8 @@ callHandler( new_item, "cb_read" ); - } else if( is( ret, symbol ) ) + } + else if( is( ret, symbol ) ) { symbol sym_ret = (symbol)ret; if( sym_ret == `back || sym_ret == `abort || sym_ret == `cancel || sym_ret == `reread ) break; Modified: trunk/ldap-server/src/ldap-server.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/ldap-server.ycp?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/src/ldap-server.ycp (original) +++ trunk/ldap-server/src/ldap-server.ycp Fri Jun 27 15:56:38 2008 @@ -34,23 +34,23 @@ ["enable", "disable" ] ); if( command == nil ) return false; - LdapServer::WriteServiceEnabled( command == "enable" ); +// LdapServer::WriteServiceEnabled( command == "enable" ); return true; } define boolean getDatabaseListHandler (map options) { - map<string, any> edb = LdapServer::ReadDatabase(); +// map<string, any> edb = LdapServer::ReadDatabase(); +// +// string s = ""; +// foreach( string suffix, any value, edb, +// { +// s = s + suffix + "<br>"; +// }); +// +// CommandLine::Print (RichText::Rich2Plain("<br>"+s)); - string s = ""; - foreach( string suffix, any value, edb, - { - s = s + suffix + "<br>"; - }); - - CommandLine::Print (RichText::Rich2Plain("<br>"+s)); - return false; } @@ -59,52 +59,52 @@ boolean ret = false; map<string, string> db = $[]; - map<string, any> edb = LdapServer::ReadDatabase(); - y2milestone("DBs: %1", edb); - - - if (options["basedn"]:nil != nil && - edb[options["basedn"]:""]:nil == nil) - { - db["suffix"] = options["basedn"]:""; - } - else - { - CommandLine::Print (_("No basedn provided or a database with the provided basedn does already \nexist")); - return false; - } - if (options["rootdn"]:nil != nil) - { - db["rootdn"] = options["rootdn"]:""; - } - if (options["password"]:nil != nil) - { - db["passwd"] = options["password"]:""; - } - if (options["enctype"]:nil != nil) - { - db["cryptmethod"] = options["enctype"]:""; - } - if (options["dbdir"]:nil != nil) - { - db["directory"] = options["dbdir"]:""; - } - - if(LdapServer::ReadServiceEnabled() == false) - { - // Database cannot be written when the service is not enabled - LdapServer::WriteServiceEnabled(true); - } - - y2milestone("db-options : %1", db); - - ret = LdapServer::AddDatabase(db); - - if(!ret) - { - CommandLine::Print (_("Error while adding the database")); - return false; - } +// map<string, any> edb = LdapServer::ReadDatabase(); +// y2milestone("DBs: %1", edb); +// +// +// if (options["basedn"]:nil != nil && +// edb[options["basedn"]:""]:nil == nil) +// { +// db["suffix"] = options["basedn"]:""; +// } +// else +// { +// CommandLine::Print (_("No basedn provided or a database with the provided basedn does already \nexist")); +// return false; +// } +// if (options["rootdn"]:nil != nil) +// { +// db["rootdn"] = options["rootdn"]:""; +// } +// if (options["password"]:nil != nil) +// { +// db["passwd"] = options["password"]:""; +// } +// if (options["enctype"]:nil != nil) +// { +// db["cryptmethod"] = options["enctype"]:""; +// } +// if (options["dbdir"]:nil != nil) +// { +// db["directory"] = options["dbdir"]:""; +// } +// +// if(LdapServer::ReadServiceEnabled() == false) +// { +// // Database cannot be written when the service is not enabled +// LdapServer::WriteServiceEnabled(true); +// } +// +// y2milestone("db-options : %1", db); +// +// ret = LdapServer::AddDatabase(db); +// +// if(!ret) +// { +// CommandLine::Print (_("Error while adding the database")); +// return false; +// } return true; } @@ -112,54 +112,54 @@ string s = ""; integer i = 0; - foreach(string v, LdapServer::ReadSchemaIncludeList (), - { - i = i + 1; - s = s + tostring(i) + " "+ v +"<br>"; - }); - - CommandLine::Print (RichText::Rich2Plain("<br>"+s)); +// foreach(string v, LdapServer::ReadSchemaIncludeList (), +// { +// i = i + 1; +// s = s + tostring(i) + " "+ v +"<br>"; +// }); +// +// CommandLine::Print (RichText::Rich2Plain("<br>"+s)); return false; // do not call Write... } define boolean addSchemaHandler (map options ) { boolean ret = false; - if (options["file"]:"" != "") - { - string file = options["file"]:""; - if(options["pos"]:"" != "") - { - integer pos = tointeger (options["pos"]:""); - if (pos == nil || pos < 0) - { - // error: wrong input (probably string or negative integer) - Report::Error (_("The value for pos must be a positive integer.")); - return false; - } - - list<string> l = LdapServer::ReadSchemaIncludeList (); - list<string> rl = []; - boolean added = false; - integer i = 0; - foreach(string s, l, - { - i = i + 1; - if(i == pos) - { - rl = add(rl, file); - added = true; - } - rl = add(rl, s); - }); - if(!added) - { - rl = add(rl, file); - } - LdapServer::WriteSchemaIncludeList (rl); - ret = true; - } - } +// if (options["file"]:"" != "") +// { +// string file = options["file"]:""; +// if(options["pos"]:"" != "") +// { +// integer pos = tointeger (options["pos"]:""); +// if (pos == nil || pos < 0) +// { +// // error: wrong input (probably string or negative integer) +// Report::Error (_("The value for pos must be a positive integer.")); +// return false; +// } +// +// list<string> l = LdapServer::ReadSchemaIncludeList (); +// list<string> rl = []; +// boolean added = false; +// integer i = 0; +// foreach(string s, l, +// { +// i = i + 1; +// if(i == pos) +// { +// rl = add(rl, file); +// added = true; +// } +// rl = add(rl, s); +// }); +// if(!added) +// { +// rl = add(rl, file); +// } +// LdapServer::WriteSchemaIncludeList (rl); +// ret = true; +// } +// } return ret; } @@ -167,30 +167,30 @@ define boolean delSchemaHandler (map options ) { boolean ret = false; - if(options["pos"]:"" != "") - { - integer pos = tointeger (options["pos"]:""); - if (pos == nil || pos < 0) - { - // error: wrong input (probably string or negative integer) - Report::Error (_("The value for pos must be a positive integer.")); - return false; - } - - list<string> l = LdapServer::ReadSchemaIncludeList (); - list<string> rl = []; - integer i = 0; - foreach(string s, l, - { - i = i + 1; - if(i != pos) - { - rl = add(rl, s); - } - }); - LdapServer::WriteSchemaIncludeList (rl); - ret = true; - } +// if(options["pos"]:"" != "") +// { +// integer pos = tointeger (options["pos"]:""); +// if (pos == nil || pos < 0) +// { +// // error: wrong input (probably string or negative integer) +// Report::Error (_("The value for pos must be a positive integer.")); +// return false; +// } +// +// list<string> l = LdapServer::ReadSchemaIncludeList (); +// list<string> rl = []; +// integer i = 0; +// foreach(string s, l, +// { +// i = i + 1; +// if(i != pos) +// { +// rl = add(rl, s); +// } +// }); +// LdapServer::WriteSchemaIncludeList (rl); +// ret = true; +// } return ret; } @@ -273,7 +273,7 @@ ]; /* is this proposal or not? */ -boolean propose = false; +boolean propose = true; list args = WFM::Args(); if(size(args) > 0) { if(is(WFM::Args(0), path) && WFM::Args(0) == .propose) { Modified: trunk/ldap-server/src/ldap-server_proposal.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/ldap-server_proposal.ycp?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/src/ldap-server_proposal.ycp (original) +++ trunk/ldap-server/src/ldap-server_proposal.ycp Fri Jun 27 15:56:38 2008 @@ -59,11 +59,11 @@ if (!Package::Installed ("openldap2")) { y2milestone ("Openldap2 is not installed. --> service disabled"); - LdapServer::WriteServiceEnabled (false); + // LdapServer::WriteServiceEnabled (false); } else { - LdapServer::WriteServiceEnabled( true ); + //LdapServer::WriteServiceEnabled( true ); } map bash_out = (map<string,any>)SCR::Execute( .target.bash_output, "/bin/hostname -d" ); string domain = (string)bash_out["stdout"]:""; @@ -94,13 +94,13 @@ } LdapServerConf::rootPW = Users::GetRootPassword(); LdapServerConf::enctype = "SSHA"; - LdapServer::WriteUseRootPW( true ); + //LdapServer::WriteUseRootPW( true ); } } //y2error( "sysconfig var is '%1'", SCR::Read( .sysconfig.openldap.OPENLDAP_REGISTER_SLP ) ); - if( LdapServer::ReadServiceEnabled() ) + if( true ) // LdapServer::ReadServiceEnabled() ) { string rootPWString = ""; if( LdapServerConf::rootPW == Users::GetRootPassword() ) @@ -112,12 +112,12 @@ /*proposal password information*/ rootPWString = _("[manually set]"); } - if( LdapServer::ReadUseRootPW() && Users::GetRootPassword() == "" ) - { - /* proposal error */ - warning = _("Unable to retrieve the system root password. Set an LDAP server password to continue."); - warning_level = `blocker; - } +// if( LdapServer::ReadUseRootPW() && Users::GetRootPassword() == "" ) +// { +// /* proposal error */ +// warning = _("Unable to retrieve the system root password. Set an LDAP server password to continue."); +// warning_level = `blocker; +// } // Try to get Firewall status string fw_text = ""; if ( SuSEFirewall::GetEnableService()) { @@ -179,9 +179,9 @@ seq = `back; } else { - stored = LdapServer::Export(); +// stored = LdapServer::Export(); seq = (symbol) WFM::CallFunction("ldap-server", [.propose]); - if(seq != `next) LdapServer::Import(stored); +// if(seq != `next) LdapServer::Import(stored); } y2debug("stored=%1",stored); y2debug("seq=%1",seq); @@ -204,86 +204,86 @@ if( LdapServerConf::wroteDatabase ) return ret; LdapServerConf::wroteDatabase = true; - if( LdapServer::ReadServiceEnabled() ) - { - /* ensure openldap2 package is installed */ - if( !Package::Install( "openldap2" ) ) - { - if( !Package::Available( "openldap2" ) ) { - // translators: error popup before aborting the module - Popup::Error( sformat( _("The package '%1' is not available. -YaST2 cannot continue the configuration -without installing the package."), "openldap2" ) ); - } else { - // translators: error popup before aborting the module - Popup::Error (_("YaST2 cannot continue the configuration -without installing the required packages.")); - } - - return ret; - } - } +// if( LdapServer::ReadServiceEnabled() ) +// { +// /* ensure openldap2 package is installed */ +// if( !Package::Install( "openldap2" ) ) +// { +// if( !Package::Available( "openldap2" ) ) { +// // translators: error popup before aborting the module +// Popup::Error( sformat( _("The package '%1' is not available. +//YaST2 cannot continue the configuration +//without installing the package."), "openldap2" ) ); +// } else { +// // translators: error popup before aborting the module +// Popup::Error (_("YaST2 cannot continue the configuration +//without installing the required packages.")); +// } +// +// return ret; +// } +// } //string rootPW = ""; - if( LdapServer::ReadServiceEnabled() ) - { - Progress::off(); - LdapServer::Read(); - LdapServer::WriteServiceEnabled( true ); - LdapServer::WriteLoglevel( 0 ); - Ldap::Read(); - Progress::on(); - map ldap_defaults = Ldap::Export(); - y2debug( "ldap settings map: %1", ldap_defaults ); - - //map bash_out = (map<string,any>)SCR::Execute( .target.bash_output, "/bin/hostname --long" ); - //string fqdn = (string)bash_out["stdout"]:""; - //fqdn = substring( fqdn, 0, size(fqdn)-1 ); - - ldap_defaults["ldap_server"] = "localhost"; - ldap_defaults["base_config_dn"] = "ou=ldapconfig,"+LdapServerConf::baseDN; - ldap_defaults["bind_dn"] = LdapServerConf::rootDN; - ldap_defaults["ldap_domain"] = LdapServerConf::baseDN; - ldap_defaults["ldap_tls"] = false; - ldap_defaults["file_server"] = true; - ldap_defaults["create_ldap"] = true; - - if( LdapServerConf::useCommonCA ) - { - if( !YaPI::LdapServer::CheckCommonServerCertificate() ) - { - /* Error popup */ - Report::Error( _("OpenLDAP Server: Common server certificate not available. -StartTLS is disabled.") ); - LdapServerConf::useCommonCA = false; - ldap_defaults["ldap_tls"] = false; - } else - { - LdapServer::WriteConfigureCommonServerCertificate( true ); - ldap_defaults["ldap_tls"] = true; - } - } - - LdapServer::WriteSLPEnabled( LdapServerConf::registerSLP ); - - LdapServer::AddDatabase( $[ "database":"bdb", - "suffix": LdapServerConf::baseDN, - "rootdn" : LdapServerConf::rootDN, - "passwd" : LdapServerConf::rootPW, - "cryptmethod" : LdapServerConf::enctype, - "directory" : "/var/lib/ldap" - ] ); - y2debug( "ldap settings map after setting: %1", ldap_defaults ); - Ldap::SetDefaults( ldap_defaults ); - Ldap::SetBindPassword( LdapServerConf::rootPW ); - } - - LdapServer::Write(); - - //be paranoid - LdapServerConf::rootPW = ""; +// if( LdapServer::ReadServiceEnabled() ) +// { +// Progress::off(); +// LdapServer::Read(); +// LdapServer::WriteServiceEnabled( true ); +// LdapServer::WriteLoglevel( 0 ); +// Ldap::Read(); +// Progress::on(); +// map ldap_defaults = Ldap::Export(); +// y2debug( "ldap settings map: %1", ldap_defaults ); +// +// //map bash_out = (map<string,any>)SCR::Execute( .target.bash_output, "/bin/hostname --long" ); +// //string fqdn = (string)bash_out["stdout"]:""; +// //fqdn = substring( fqdn, 0, size(fqdn)-1 ); +// +// ldap_defaults["ldap_server"] = "localhost"; +// ldap_defaults["base_config_dn"] = "ou=ldapconfig,"+LdapServerConf::baseDN; +// ldap_defaults["bind_dn"] = LdapServerConf::rootDN; +// ldap_defaults["ldap_domain"] = LdapServerConf::baseDN; +// ldap_defaults["ldap_tls"] = false; +// ldap_defaults["file_server"] = true; +// ldap_defaults["create_ldap"] = true; +// +// if( LdapServerConf::useCommonCA ) +// { +// if( !YaPI::LdapServer::CheckCommonServerCertificate() ) +// { +// /* Error popup */ +// Report::Error( _("OpenLDAP Server: Common server certificate not available. +//StartTLS is disabled.") ); +// LdapServerConf::useCommonCA = false; +// ldap_defaults["ldap_tls"] = false; +// } else +// { +// LdapServer::WriteConfigureCommonServerCertificate( true ); +// ldap_defaults["ldap_tls"] = true; +// } +// } +// +// LdapServer::WriteSLPEnabled( LdapServerConf::registerSLP ); +// +// LdapServer::AddDatabase( $[ "database":"bdb", +// "suffix": LdapServerConf::baseDN, +// "rootdn" : LdapServerConf::rootDN, +// "passwd" : LdapServerConf::rootPW, +// "cryptmethod" : LdapServerConf::enctype, +// "directory" : "/var/lib/ldap" +// ] ); +// y2debug( "ldap settings map after setting: %1", ldap_defaults ); +// Ldap::SetDefaults( ldap_defaults ); +// Ldap::SetBindPassword( LdapServerConf::rootPW ); +// } +// +// LdapServer::Write(); +// +// //be paranoid +// LdapServerConf::rootPW = ""; } /* unknown function */ else { Added: trunk/ldap-server/src/lib/Makefile.am URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/Makefile.am?rev=48589&view=auto ============================================================================== --- trunk/ldap-server/src/lib/Makefile.am (added) +++ trunk/ldap-server/src/lib/Makefile.am Fri Jun 27 15:56:38 2008 @@ -0,0 +1,8 @@ +lib_LTLIBRARIES = libslapdconfig.la + +libslapdconfig_la_SOURCES = backConfigTest.cpp + +include_HEADERS = backConfigTest.h + +libslapdconfig_la_LIBADD = -lldapcpp +libslapdconfig_la_LDFLAGS = -version-info 0:1:0 Added: trunk/ldap-server/src/lib/backConfigTest.cpp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/backConfigTest.cpp?rev=48589&view=auto ============================================================================== --- trunk/ldap-server/src/lib/backConfigTest.cpp (added) +++ trunk/ldap-server/src/lib/backConfigTest.cpp Fri Jun 27 15:56:38 2008 @@ -0,0 +1,705 @@ +#include <LDAPConnection.h> +#include <LDAPResult.h> +#include <string> +#include <iostream> +#include <sstream> +#include <map> +#include <vector> +#include <LDAPEntry.h> +#include <LdifWriter.h> +#include "backConfigTest.h" + +static bool nocase_compare( char c1, char c2){ + return toupper(c1) == toupper(c2); +} + +static bool strCaseIgnoreEquals(const std::string &s1, const std::string &s2) +{ + if(s1.size() == s2.size()){ + if(equal(s1.begin(), s1.end(), s2.begin(), + nocase_compare)){ + return true; + } + } + return false; +} + +OlcDatabase::OlcDatabase( const LDAPEntry& le=LDAPEntry()) : OlcConfigEntry(le) { } + +OlcDatabase::OlcDatabase( const std::string& type ) : m_type(type) +{ + std::ostringstream dnstr; + dnstr << "olcDatabase=" << m_type << ",cn=config"; + m_dbEntryChanged.setDN(dnstr.str()); + m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcDatabaseConfig")); + m_dbEntryChanged.addAttribute(LDAPAttribute("olcDatabase", m_type)); +} + +void OlcDatabase::updateEntryDn() +{ + std::cerr << "updateEntryDN()" << std::endl; + std::ostringstream dn, name; + name << "{" << entryIndex << "}" << m_type; + dn << "olcDatabase=" << name.str() << ",cn=config" ; + m_dbEntryChanged.setDN(dn.str()); + m_dbEntryChanged.replaceAttribute(LDAPAttribute("olcDatabase", name.str())); +} + +OlcBdbDatabase::OlcBdbDatabase() : OlcDatabase("bdb") +{ + m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcBdbConfig")); +} + +OlcBdbDatabase::OlcBdbDatabase( const LDAPEntry& le) : OlcDatabase(le) { } + +OlcBdbDatabase::IndexMap OlcBdbDatabase::getIndexes() +{ + const LDAPAttributeList *al = m_dbEntry.getAttributes(); + const LDAPAttribute *attr = al->getAttributeByName("olcdbindex"); + OlcBdbDatabase::IndexMap res; + StringList sl = attr->getValues(); + StringList::const_iterator i; + for (i = sl.begin(); i != sl.end(); i++ ) { + std::cout << "Index Value: " << *i << std::endl; + std::string::size_type pos = i->find_first_of(" \t"); + std::string attrType = i->substr(0, pos); + std::cout << "AttributeType: <" << attrType << ">" << std::endl; + std::string indexes; + if ( pos != std::string::npos ) { + pos = i->find_first_not_of(" \t", pos); + if ( pos != std::string::npos ) { + indexes = i->substr( pos, std::string::npos ); + std::cout << "Indexes: <" << indexes << ">" << std::endl; + std::string::size_type oldpos = 0; + std::vector<OlcBdbDatabase::IndexType> idx; + do { + pos = indexes.find( ',', oldpos ); + std::string index = indexes.substr( oldpos, + (pos == std::string::npos ? std::string::npos : pos - oldpos) ); + std::cout << "Index: <" << index << ">" << std::endl; + oldpos = indexes.find_first_not_of( ", ", pos ); + if ( index == "pres" ) { + idx.push_back(OlcBdbDatabase::Present); + } else if (index == "eq" ) { + idx.push_back(OlcBdbDatabase::Eq); + } else if (index == "approx" ) { + idx.push_back(OlcBdbDatabase::Approx); + } else if (index == "sub" ) { + idx.push_back(OlcBdbDatabase::Sub); + } else if (index == "subinital" ) { + idx.push_back(OlcBdbDatabase::SpecialSubInitial); + } else if (index == "subany" ) { + idx.push_back(OlcBdbDatabase::SpecialSubAny); + } else if (index == "subfinal" ) { + idx.push_back(OlcBdbDatabase::SpecialSubFinal); + } else if (index == "nolang" ) { + idx.push_back(OlcBdbDatabase::SpecialNoLang); + } else if (index == "nosubtypes" ) { + idx.push_back(OlcBdbDatabase::SpecialNoSubTypes); + } + } while (pos != std::string::npos); + res.insert(make_pair(attrType, idx)); + } + } + } + return res; +} + +void OlcBdbDatabase::setDirectory( const std::string &dir ) +{ + this->setStringValue("olcDbDirectory", dir); +} + +OlcGlobalConfig::OlcGlobalConfig() : OlcConfigEntry() +{ + m_dbEntryChanged.setDN("cn=config"); + m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcGlobal")); + m_dbEntryChanged.addAttribute(LDAPAttribute("cn", "config")); +} + +int OlcGlobalConfig::getLogLevel() const +{ + const LDAPAttribute *attr = m_dbEntryChanged.getAttributeByName("olcloglevel"); + if (attr) { + StringList sl = attr->getValues(); + StringList::const_iterator i; + for (i = sl.begin(); i != sl.end(); i++ ) { + std::cout << "loglevel: " << *i << std::endl; + } + } else { + return 0; + } +} + +const std::vector<std::string> OlcGlobalConfig::getLogLevelString() const +{ + StringList lvalues = this->getStringValues("olcLogLevel"); + StringList::const_iterator i; + std::vector<std::string> lvls; + for ( i = lvalues.begin(); i != lvalues.end(); i++ ) + { + std::istringstream iss(*i); + int intlogValue; + if ( iss >> intlogValue ) { + std::cerr << "IntegerValue" << *i << std::endl; + } + else + { + std::cerr << "StringValue" << *i << std::endl; + lvls.push_back(*i); + } + } + return lvls; +} + +//int OlcGlobalConfig::getIdleTimeout() +//{ +// +//} + +void OlcGlobalConfig::setLogLevel(int level) { + const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcloglevel"); + LDAPAttribute attr; + if ( sattr ) { + attr = *sattr; + } + std::ostringstream o; + StringList values; + o << level; + values.add(o.str()); + attr.setValues(values); + m_dbEntryChanged.replaceAttribute(attr); +} + +void OlcGlobalConfig::setLogLevel(std::string level) { + const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcloglevel"); + LDAPAttribute attr; + if ( sattr ) { + attr = *sattr; + } + StringList values; + values.add(level); + attr.setValues(values); + m_dbEntryChanged.replaceAttribute(attr); +} + +void OlcGlobalConfig::addLogLevel(std::string level) { + const LDAPAttribute *sattr = m_dbEntryChanged.getAttributeByName("olcloglevel"); + LDAPAttribute attr; + if ( sattr ) { + attr = *sattr; + } + attr.addValue(level); + m_dbEntryChanged.replaceAttribute(attr); +} + +OlcSchemaConfig::OlcSchemaConfig() : OlcConfigEntry() +{ + m_dbEntryChanged.setDN("cn=schema,cn=config"); + m_dbEntryChanged.addAttribute(LDAPAttribute("objectclass", "olcSchemaConfig")); + m_dbEntryChanged.addAttribute(LDAPAttribute("cn", "schema")); +} + +OlcTlsSettings OlcGlobalConfig::getTlsSettings() const { + return OlcTlsSettings( m_dbEntryChanged ); +} + +std::map<std::string, std::list<std::string> > OlcGlobalConfig::toMap() const +{ + std::map<std::string, std::list<std::string> > resMap; + const LDAPAttribute *at = m_dbEntryChanged.getAttributeByName("olcsuffix"); + if ( at ) + { + StringList values = at->getValues(); + StringList::const_iterator j; + std::list<std::string> valList; + for ( j = values.begin(); j != values.end(); j++ ) + { + valList.push_back(*j); + } + resMap.insert(std::make_pair("suffix", valList)); + } + at = m_dbEntryChanged.getAttributeByName("olcDatabase"); + if ( at ) + { + StringList values = at->getValues(); + StringList::const_iterator j; + std::list<std::string> valList; + for ( j = values.begin(); j != values.end(); j++ ) + { + valList.push_back(*j); + } + resMap.insert(std::make_pair("type", valList)); + } + return resMap; +} + +bool OlcConfigEntry::isDatabaseEntry ( const LDAPEntry& e ) +{ + StringList oc = e.getAttributeByName("objectclass")->getValues(); + for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ ) + { + if ( strCaseIgnoreEquals(*i, "olcDatabaseConfig" ) ) + { + return true; + } + } + return false; +} + +bool OlcConfigEntry::isGlobalEntry ( const LDAPEntry& e ) +{ + StringList oc = e.getAttributeByName("objectclass")->getValues(); + for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ ) + { + if ( strCaseIgnoreEquals(*i, "olcGlobal" ) ) + { + return true; + } + } + return false; +} + +bool OlcConfigEntry::isOverlayEntry ( const LDAPEntry& e ) +{ + StringList oc = e.getAttributeByName("objectclass")->getValues(); + for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ ) + { + if ( strCaseIgnoreEquals(*i, "olcOverlayConfig" ) ) + { + return true; + } + } + return false; +} + +bool OlcConfigEntry::isScheamEntry ( const LDAPEntry& e ) +{ + StringList oc = e.getAttributeByName("objectclass")->getValues(); + for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ ) + { + if ( strCaseIgnoreEquals(*i, "olcSchemaConfig" ) ) + { + return true; + } + } + return false; +} + +OlcConfigEntry* OlcConfigEntry::createFromLdapEntry( const LDAPEntry& e ) +{ + if ( OlcConfigEntry::isGlobalEntry(e) ) + { + std::cerr << "creating OlcGlobalConfig" << std::endl; + return new OlcGlobalConfig(e); + } + else if ( OlcConfigEntry::isScheamEntry(e) ) + { + std::cerr << "creating OlcSchemaConfig" << std::endl; + return new OlcConfigEntry(e); + } + else if ( OlcConfigEntry::isDatabaseEntry(e) ) + { + std::cerr << "creating OlcDatabase" << std::endl; + return OlcDatabase::createFromLdapEntry(e); + } + else if ( OlcConfigEntry::isOverlayEntry(e) ) + { + std::cerr << "creating OlcOverlay" << std::endl; + return new OlcConfigEntry(e); + } + else + { + std::cerr << "unknown Config Object" << std::endl; + return 0; + } +} + +std::map<std::string, std::list<std::string> > OlcConfigEntry::toMap() const +{ + std::map<std::string, std::list<std::string> > resMap; +// std::string value = this->getStringValue("olcConcurrency"); +// resMap.insert( std::make_pair( "concurrency", value ) ); +// +// value = this->getStringValue("olcThreads"); +// resMap.insert( std::make_pair("threads", value ) ); + + return resMap; +} + +void OlcConfigEntry::setIndex( int index ) +{ + this->entryIndex = index; + this->updateEntryDn(); +} + +void OlcConfigEntry::updateEntryDn() +{ +} + +std::map<std::string, std::list<std::string> > OlcDatabase::toMap() const +{ + std::map<std::string, std::list<std::string> > resMap; + const LDAPAttribute *at = m_dbEntryChanged.getAttributeByName("olcsuffix"); + if ( at ) + { + StringList values = at->getValues(); + StringList::const_iterator j; + std::list<std::string> valList; + for ( j = values.begin(); j != values.end(); j++ ) + { + valList.push_back(*j); + } + resMap.insert(std::make_pair("suffix", valList)); + } + at = m_dbEntryChanged.getAttributeByName("olcDatabase"); + if ( at ) + { + StringList values = at->getValues(); + StringList::const_iterator j; + std::list<std::string> valList; + for ( j = values.begin(); j != values.end(); j++ ) + { + valList.push_back(*j); + } + resMap.insert(std::make_pair("type", valList)); + } + return resMap; +} + +void OlcDatabase::setSuffix( const std::string &suffix) +{ + this->setStringValue("olcSuffix", suffix); +} + +void OlcDatabase::setRootDn( const std::string &rootdn) +{ + this->setStringValue("olcRootDN", rootdn); +} + +void OlcDatabase::setRootPw( const std::string &rootpw) +{ + this->setStringValue("olcRootPW", rootpw); +} + +std::map<std::string, std::list<std::string> > OlcBdbDatabase::toMap() const +{ + std::map<std::string, std::list<std::string> > resMap = + OlcDatabase::toMap(); + + const LDAPAttribute *at = m_dbEntryChanged.getAttributeByName("olcDbNoSync"); + if ( at ) + { + StringList values = at->getValues(); + StringList::const_iterator j; + std::list<std::string> valList; + for ( j = values.begin(); j != values.end(); j++ ) + { + valList.push_back(*j); + } + resMap.insert(std::make_pair("nosync", valList)); + } + return resMap; +} + +bool OlcDatabase::isBdbDatabase( const LDAPEntry& e ) +{ + StringList oc = e.getAttributeByName("objectclass")->getValues(); + for( StringList::const_iterator i = oc.begin(); i != oc.end(); i++ ) + { + if ( strCaseIgnoreEquals(*i, "olcBdbConfig" ) ) + { + return true; + } + } + return false; +} + +OlcDatabase* OlcDatabase::createFromLdapEntry( const LDAPEntry& e) +{ + if ( OlcDatabase::isBdbDatabase( e ) ) + { + std::cerr << "creating OlcBbdDatabase()" << std::endl; + return new OlcBdbDatabase(e); + } + else + { + std::cerr << "creating OlcDatabase()" << std::endl; + return new OlcDatabase(e); + } +} + +StringList OlcConfigEntry::getStringValues(const std::string &type) const +{ + const LDAPAttribute *attr = m_dbEntryChanged.getAttributeByName(type); + if ( attr ) { + return attr->getValues(); + } else { + return StringList(); + } +} + +std::string OlcConfigEntry::getStringValue(const std::string &type) const +{ + StringList sl = this->getStringValues(type); + if ( sl.size() == 1 ) { + return *(sl.begin()); + } else { + return ""; + } +} + +void OlcConfigEntry::setStringValues(const std::string &type, const StringList &values) +{ + LDAPAttribute attr(type, values); + m_dbEntryChanged.replaceAttribute(attr); +} + +void OlcConfigEntry::setStringValue(const std::string &type, const std::string &value) +{ + LDAPAttribute attr(type, value); + m_dbEntryChanged.replaceAttribute(attr); +} + +std::string OlcConfigEntry::toLdif() const +{ + std::ostringstream ldifStream; + LdifWriter ldif(&ldifStream); + ldif.writeRecord( m_dbEntryChanged ); + return ldifStream.str(); +} + +LDAPModList OlcConfigEntry::entryDifftoMod() { + LDAPAttributeList::const_iterator i = m_dbEntry.getAttributes()->begin(); + LDAPModList modifications; + for(; i != m_dbEntry.getAttributes()->end(); i++ ) + { + std::cout << i->getName() << std::endl; + const LDAPAttribute *changedAttr = m_dbEntryChanged.getAttributeByName(i->getName()); + if ( changedAttr ) { + StringList::const_iterator j = i->getValues().begin(); + StringList delValues, addValues; + for(; j != i->getValues().end(); j++ ) + { + bool deleted = true; + StringList::const_iterator k = changedAttr->getValues().begin(); + for( ; k != changedAttr->getValues().end(); k++ ) { + if ( *k == *j ) { + deleted = false; + break; + } + } + if ( deleted ) + { + delValues.add(*j); + std::cout << "Value deleted: " << *j << std::endl; + } + } + j = changedAttr->getValues().begin(); + for(; j != changedAttr->getValues().end(); j++ ) + { + bool added = true; + StringList::const_iterator k = i->getValues().begin(); + for( ; k != i->getValues().end(); k++ ) { + if ( *k == *j ) { + std::cout << "Value unchanged: " << *k << std::endl; + added = false; + break; + } + } + if ( added ) + { + addValues.add(*j); + std::cout << "Value added: " << *j << std::endl; + } + } + bool replace = false; + if ( delValues.size() > 0 ) { + if ( (int) delValues.size() == i->getNumValues() ) { + std::cout << "All Values deleted, this is a replace" << std::endl; + modifications.addModification( + LDAPModification( LDAPAttribute(i->getName(), addValues), + LDAPModification::OP_REPLACE) + ); + replace = true; + } else { + modifications.addModification( + LDAPModification( LDAPAttribute(i->getName(), delValues), + LDAPModification::OP_DELETE) + ); + } + } + if (addValues.size() > 0 && !replace ) { + modifications.addModification( + LDAPModification( LDAPAttribute(i->getName(), addValues), + LDAPModification::OP_ADD) + ); + } + } else { + std::cout << "removed Attribute: " << i->getName() << std::endl; + modifications.addModification( + LDAPModification( LDAPAttribute(i->getName()), + LDAPModification::OP_DELETE) + ); + } + } + return modifications; +} + +OlcConfig::OlcConfig(LDAPConnection *lc) : m_lc(lc) +{ + +} + +OlcGlobalConfig OlcConfig::getGlobals() +{ + LDAPSearchResults *sr; + LDAPEntry *dbEntry; + try { + sr = m_lc->search( "cn=config", LDAPConnection::SEARCH_BASE); + dbEntry = sr->getNext(); + } catch (LDAPException e) { + std::cout << e << std::endl; + throw; + } + if ( dbEntry ) { + std::cout << "Got GlobalConfig: " << dbEntry->getDN() << std::endl; + OlcGlobalConfig gc(*dbEntry); + return gc; + } + return OlcGlobalConfig(); +} + +void OlcConfig::setGlobals( OlcGlobalConfig &olcg) +{ + try { + LDAPModList ml = olcg.entryDifftoMod(); + m_lc->modify( olcg.getDn(), &ml ); + } catch (LDAPException e) { + std::cout << e << std::endl; + throw; + } +} + +OlcBdbDatabase getDatabase(std::string &basedn) +{ +} + +OlcTlsSettings::OlcTlsSettings( const OlcGlobalConfig &ogc ) +{ + std::string value = ogc.getStringValue("olcTLSCRLCheck"); + if ( value == "none" ) + { + m_crlCheck = 0; + } + else if ( value == "peer" ) + { + m_crlCheck = 1; + } + else if ( value == "all" ) + { + m_crlCheck = 2; + } + value = ogc.getStringValue("olcTLSVerifyClient"); + if ( value == "never" ) + { + m_verifyCient = 0; + } + else if ( value == "allow" ) + { + m_verifyCient = 1; + } + else if ( value == "try" ) + { + m_verifyCient = 2; + } + else if ( value == "demand" ) + { + m_verifyCient = 3; + } + + m_caCertDir = ogc.getStringValue("olcTlsCaCertificatePath"); + m_caCertFile = ogc.getStringValue("olcTlsCaCertificateFile"); +} + +int OlcTlsSettings::getCrlCheck() const +{ + return m_crlCheck; +} + +void OlcTlsSettings::setCrlCheck() +{ +} + +int OlcTlsSettings::getVerifyClient() const +{ + return m_verifyCient; +} + +void setVerifyClient() +{ +} + +const std::string& OlcTlsSettings::getCaCertDir() const +{ + return m_caCertDir; +} + +const std::string& OlcTlsSettings::getCaCertFile() const +{ + return m_caCertFile; +} + +/* +int main(char** argv, int argc) +{ + LDAPConnection lc("localhost"); + LDAPSearchResults *sr; + LDAPEntry *dbEntry; + try { + lc.bind("cn=config","secret"); + sr = lc.search( "olcdatabase={1}bdb,cn=config", lc.SEARCH_BASE); + dbEntry = sr->getNext(); + } catch (LDAPException e) { + std::cout << e << std::endl; + exit(-1); + } + if ( dbEntry ) { + std::cout << "Got DBEntry: " << dbEntry->getDN() << std::endl; + OlcBdbDatabase db(*dbEntry); + OlcBdbDatabase::IndexMap idx = db.getIndexes(); + OlcBdbDatabase::IndexMap::const_iterator i = idx.find("cn"); + + std::cout << "Idx: " << i->second[0] << " " << OlcBdbDatabase::Eq << std::endl; + } + try { + // read globalConfig + sr = lc.search( "cn=config", lc.SEARCH_BASE); + dbEntry = sr->getNext(); + } catch (LDAPException e) { + std::cout << e << std::endl; + exit(-1); + } + if ( dbEntry ) { + std::cout << "Got GlobalConfig: " << dbEntry->getDN() << std::endl; + OlcGlobalConfig gc(*dbEntry); +// gc.getLogLevel(); +// gc.setLogLevel("stats stats2"); + std::cout << "Config file: " << gc.getStringValue("olcConfigFile") << std::endl; + std::cout << "args file: " << gc.getStringValue("olcArgsFile") << std::endl; + gc.setStringValue("olcArgsFile", "/tmp/slapd.args" ); + try { + LDAPModList ml = gc.entryDifftoMod(); + lc.modify( dbEntry->getDN(), &ml ); + } catch (LDAPException e) { + std::cout << e << std::endl; + exit(-1); + } + } else { + std::cout << "no Entry" << std::endl; + } + + + +} +*/ Added: trunk/ldap-server/src/lib/backConfigTest.h URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/lib/backConfigTest.h?rev=48589&view=auto ============================================================================== --- trunk/ldap-server/src/lib/backConfigTest.h (added) +++ trunk/ldap-server/src/lib/backConfigTest.h Fri Jun 27 15:56:38 2008 @@ -0,0 +1,144 @@ +#ifndef BACK_CONFIG_TEST_H +#define BACK_CONFIG_TEST_H +#include <LDAPConnection.h> +#include <LDAPResult.h> +#include <string> +#include <iostream> +#include <sstream> +#include <map> +#include <vector> +#include <LDAPEntry.h> + +class OlcConfigEntry +{ + public: + static OlcConfigEntry* createFromLdapEntry( const LDAPEntry& le); + static bool isDatabaseEntry( const LDAPEntry& le); + static bool isScheamEntry( const LDAPEntry& le); + static bool isOverlayEntry( const LDAPEntry& le); + static bool isGlobalEntry( const LDAPEntry& le); + + inline OlcConfigEntry() : m_dbEntry(), m_dbEntryChanged() {} + inline OlcConfigEntry(const LDAPEntry& le) : m_dbEntry(le), m_dbEntryChanged(le) {} + inline std::string getDn() { + return m_dbEntry.getDN(); + } + LDAPModList entryDifftoMod(); + + StringList getStringValues(const std::string &type) const; + void setStringValues(const std::string &type, const StringList &values); + + // shortcuts for single-valued Attributes + std::string getStringValue(const std::string &type) const; + void setStringValue(const std::string &type, const std::string &value); + + void setIndex( int index ); + void getEntryDn(); + + virtual std::map<std::string, std::list<std::string> > toMap() const; + virtual std::string toLdif() const; + + protected: + virtual void updateEntryDn(); + + int entryIndex; + LDAPEntry m_dbEntry; + LDAPEntry m_dbEntryChanged; +}; + +class OlcDatabase : public OlcConfigEntry +{ + public : + static OlcDatabase* createFromLdapEntry( const LDAPEntry& le ); + + OlcDatabase( const LDAPEntry &le ); + OlcDatabase( const std::string& type ); + static bool isBdbDatabase( const LDAPEntry& le ); + + void setSuffix( const std::string &suffix); + void setRootDn( const std::string &rootdn); + void setRootPw( const std::string &rootpw); + + virtual std::map<std::string, std::list<std::string> > toMap() const; + + protected: + virtual void updateEntryDn(); + std::string m_type; + +}; + +class OlcBdbDatabase : public OlcDatabase +{ + public: + OlcBdbDatabase(); + OlcBdbDatabase( const LDAPEntry& le ); + virtual std::map<std::string, std::list<std::string> > toMap() const; + void setDirectory( const std::string &dir); + + enum IndexType { + Default, + Present, + Eq, + Approx, + Sub, + SpecialSubInitial, + SpecialSubAny, + SpecialSubFinal, + SpecialNoLang, + SpecialNoSubTypes, + }; + + typedef std::map<std::string, std::vector<OlcBdbDatabase::IndexType> > IndexMap; + IndexMap getIndexes(); +}; + +class OlcTlsSettings; + +class OlcGlobalConfig : public OlcConfigEntry +{ + public: + OlcGlobalConfig(); + inline OlcGlobalConfig( const LDAPEntry &le) : OlcConfigEntry(le) {} + int getLogLevel() const; + const std::vector<std::string> getLogLevelString() const; + void setLogLevel(int level); + void setLogLevel(std::string level); + void addLogLevel(std::string level); + OlcTlsSettings getTlsSettings() const; + virtual std::map<std::string, std::list<std::string> > toMap() const; +}; + +class OlcSchemaConfig : public OlcConfigEntry +{ + public: + OlcSchemaConfig(); +}; + +class OlcConfig { + public: + OlcConfig(LDAPConnection *lc=0 ); + OlcGlobalConfig getGlobals(); + void setGlobals( OlcGlobalConfig &olcg); + OlcBdbDatabase getDatabase(std::string &basedn); + private: + LDAPConnection *m_lc; +}; + +class OlcTlsSettings { + public : + OlcTlsSettings( const OlcGlobalConfig &le ); + int getCrlCheck() const; + void setCrlCheck(); + int getVerifyClient() const; + void setVerifyClient(); + const std::string& getCaCertDir() const; + const std::string& getCaCertFile() const; + + private: + int m_crlCheck; + int m_verifyCient; + std::string m_caCertDir; + std::string m_caCertFile; +}; + +#endif /* BACK_CONFIG_TEST_H */ Modified: trunk/ldap-server/src/tree_structure.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/tree_structure.ycp?rev=48589&r1=48588&r2=48589&view=diff ============================================================================== --- trunk/ldap-server/src/tree_structure.ycp (original) +++ trunk/ldap-server/src/tree_structure.ycp Fri Jun 27 15:56:38 2008 @@ -15,6 +15,8 @@ import "HTML"; import "String"; +include "ldap-server/widgets.ycp"; + /* forward declaration of the widget tree */ define map<string,map<string,any> > widget_map = nil; @@ -40,17 +42,6 @@ */ define string current_tree_item = ""; -/* list of valid encoding methods for password inputs, used by add database and edit database - * dialogs - */ -list enc_types = [ - `item( `id( "CRYPT" ), "CRYPT" ), - `item( `id( "SMD5" ), "SMD5" ), - `item( `id( "SHA" ), "SHA" ), - `item( `id( "SSHA" ), "SSHA", true ), - `item( `id( "PLAIN" ), "PLAIN" ) -]; - define void addDatabaseWidgetMap( string suffix, boolean new_db ); /********************************* @@ -98,9 +89,9 @@ define boolean cb_read_schema() ``{ y2milestone( "calling schema read handler" ); - list<string> inclist = LdapServer::ReadSchemaIncludeList(); - //store current include list for later order changes - show_new_schemalist( inclist, nil ); +// list<string> inclist = LdapServer::ReadSchemaIncludeList(); +// //store current include list for later order changes +// show_new_schemalist( inclist, nil ); return true; } @@ -116,7 +107,7 @@ define boolean cb_write_schema() ``{ y2milestone( "calling schema write handler" ); - LdapServer::WriteSchemaIncludeList( (list<string>)widget_map["g_schema","inclist"]:[] ); +// LdapServer::WriteSchemaIncludeList( (list<string>)widget_map["g_schema","inclist"]:[] ); return true; } @@ -243,17 +234,14 @@ define boolean cb_read_loglevel() ``{ y2milestone( "calling loglevel read handler" ); + list<string> lvls = LdapServer::GetLogLevels(); + list<symbol> ids = []; - integer loglevel = LdapServer::ReadLoglevel(); - list<integer> idlist = []; - foreach( integer i, [1,2,4,8,16,32,64,128,256,512,1024,2048], { - if( ( loglevel & i ) > 0 ) - { - idlist = add( idlist, i ); - } + foreach( string i, lvls, { + ids = add( ids, symbolof(toterm(i)) ); } ); - UI::ChangeWidget( `msb_loglevel, `SelectedItems, idlist ); + UI::ChangeWidget( `msb_loglevel, `SelectedItems, ids ); return true; } @@ -267,7 +255,7 @@ } ); y2milestone( "writing loglevel: '%1'", loglevel ); - LdapServer::WriteLoglevel( loglevel ); +// LdapServer::WriteLoglevel( loglevel ); return true; } @@ -283,8 +271,8 @@ define boolean cb_read_allow() ``{ y2milestone( "calling allow read handler" ); - list<string> allowlist = LdapServer::ReadAllowList(); - UI::ChangeWidget( `msb_allow, `SelectedItems, allowlist ); +// list<string> allowlist = LdapServer::ReadAllowList(); +// UI::ChangeWidget( `msb_allow, `SelectedItems, allowlist ); return true; } @@ -295,7 +283,7 @@ allowlist = (list<string>)UI::QueryWidget( `msb_allow, `SelectedItems ); y2milestone( "writing allowlist: '%1'", allowlist ); - LdapServer::WriteAllowList( allowlist ); +// LdapServer::WriteAllowList( allowlist ); return true; } @@ -307,20 +295,20 @@ ``{ y2milestone( "calling tls check handler" ); - map<string,string> importPaths = LdapServer::ReadImportCertificates(); - boolean use_common_ca = LdapServer::ReadConfigureCommonServerCertificate(); - map<string,string> tlsSettings = (map<string,string>)LdapServer::ReadTlsSettings(); - - if( (boolean)UI::QueryWidget( `rb_yes, `Value ) && !( - haskey( importPaths, "ServerCertificateFile" ) || - use_common_ca || - ( tlsSettings["TLSCertificateFile"]:nil != nil && tlsSettings["TLSCertificateKeyFile"]:nil != nil ) ) - ) - { - /*error popup*/ - callback_error = _("Choose a certificate if you want to activate TLS."); - return false; - } +// map<string,string> importPaths = LdapServer::ReadImportCertificates(); +// boolean use_common_ca = LdapServer::ReadConfigureCommonServerCertificate(); +// map<string,string> tlsSettings = (map<string,string>)LdapServer::ReadTlsSettings(); +// +// if( (boolean)UI::QueryWidget( `rb_yes, `Value ) && !( +// haskey( importPaths, "ServerCertificateFile" ) || +// use_common_ca || +// ( tlsSettings["TLSCertificateFile"]:nil != nil && tlsSettings["TLSCertificateKeyFile"]:nil != nil ) ) +// ) +// { +// /*error popup*/ +// callback_error = _("Choose a certificate if you want to activate TLS."); +// return false; +// } return true; } @@ -328,50 +316,50 @@ define boolean cb_read_tls() ``{ y2milestone( "calling tls read handler" ); - map<string,string> importPaths = LdapServer::ReadImportCertificates(); - boolean use_common_ca = LdapServer::ReadConfigureCommonServerCertificate(); - map<string,string> tlsSettings = (map<string,string>)LdapServer::ReadTlsSettings(); - - /* tls configuration info text 1/4 */ - string info = HTML::Bold( _("Current Configuration:") )+HTML::Newline()+HTML::ListStart(); - foreach( string key, string val, tlsSettings, { - if ( val != nil ) { - info = info + HTML::ListItem( HTML::Bold( key ) + ": " + val ); - } - } ); - info = info + HTML::ListEnd() + HTML::Newline(); - /* tls configuration info text 2/4 */ - info = info + HTML::Bold( _("The following changes will be made:") )+HTML::Newline() + HTML::Newline(); - - if( use_common_ca ) - { - /* tls configuration info text 3/4 */ - info = info + _("Configuring Common Server Certificate") + HTML::Newline(); - } else if( haskey( importPaths, "ServerCertificateFile" ) ) - { - /* tls configuration info text 4/4 */ - info = info + _("Importing the Following Certificates:") + HTML::Newline() + HTML::ListStart(); - foreach( string key, string val, importPaths, { - info = info + HTML::ListItem( HTML::Bold( key ) + ": " + val ); - } ); - - info = info + HTML::ListEnd(); - } - - UI::ChangeWidget( `rt_tls_info, `Value, info ); - - if( use_common_ca - || haskey( importPaths, "ServerCertificateFile" ) - || ( tlsSettings["TLSCertificateFile"]:nil != nil && tlsSettings["TLSCertificateKeyFile"]:nil != nil ) - ) - { - UI::ChangeWidget( `rb_yes, `Value, true ); - } else - { - UI::ChangeWidget( `rb_no, `Value, true ); - UI::ChangeWidget( `rt_tls_info, `Enabled, false ); - UI::ChangeWidget( `pb_edit, `Enabled, false ); - } +// map<string,string> importPaths = LdapServer::ReadImportCertificates(); +// boolean use_common_ca = LdapServer::ReadConfigureCommonServerCertificate(); +// map<string,string> tlsSettings = (map<string,string>)LdapServer::ReadTlsSettings(); +// +// /* tls configuration info text 1/4 */ +// string info = HTML::Bold( _("Current Configuration:") )+HTML::Newline()+HTML::ListStart(); +// foreach( string key, string val, tlsSettings, { +// if ( val != nil ) { +// info = info + HTML::ListItem( HTML::Bold( key ) + ": " + val ); +// } +// } ); +// info = info + HTML::ListEnd() + HTML::Newline(); +// /* tls configuration info text 2/4 */ +// info = info + HTML::Bold( _("The following changes will be made:") )+HTML::Newline() + HTML::Newline(); +// +// if( use_common_ca ) +// { +// /* tls configuration info text 3/4 */ +// info = info + _("Configuring Common Server Certificate") + HTML::Newline(); +// } else if( haskey( importPaths, "ServerCertificateFile" ) ) +// { +// /* tls configuration info text 4/4 */ +// info = info + _("Importing the Following Certificates:") + HTML::Newline() + HTML::ListStart(); +// foreach( string key, string val, importPaths, { +// info = info + HTML::ListItem( HTML::Bold( key ) + ": " + val ); +// } ); +// +// info = info + HTML::ListEnd(); +// } +// +// UI::ChangeWidget( `rt_tls_info, `Value, info ); +// +// if( use_common_ca +// || haskey( importPaths, "ServerCertificateFile" ) +// || ( tlsSettings["TLSCertificateFile"]:nil != nil && tlsSettings["TLSCertificateKeyFile"]:nil != nil ) +// ) +// { +// UI::ChangeWidget( `rb_yes, `Value, true ); +// } else +// { +// UI::ChangeWidget( `rb_no, `Value, true ); +// UI::ChangeWidget( `rt_tls_info, `Enabled, false ); +// UI::ChangeWidget( `pb_edit, `Enabled, false ); +// } return true; } @@ -381,15 +369,16 @@ symbol tls_active = (symbol)UI::QueryWidget( `rbg_tls, `CurrentButton ); if( tls_active == `rb_no ) { - LdapServer::WriteConfigureCommonServerCertificate( false ); - LdapServer::WriteImportCertificates( $[] ); - map<string,string> tlsSettings = $[ - "TLSCertificateKeyFile" : nil, - "TLSCertificateFile" : nil, - "TLSCACertificateFile" : nil, - "TLSCACertificatePath" : nil ]; - - LdapServer::WriteTlsSettings( tlsSettings ); + y2milestone( "calling tls write handler" ); +// LdapServer::WriteConfigureCommonServerCertificate( false ); +// LdapServer::WriteImportCertificates( $[] ); +// map<string,string> tlsSettings = $[ +// "TLSCertificateKeyFile" : nil, +// "TLSCertificateFile" : nil, +// "TLSCACertificateFile" : nil, +// "TLSCACertificatePath" : nil ]; +// +// LdapServer::WriteTlsSettings( tlsSettings ); } return true; } @@ -398,138 +387,138 @@ ``{ y2milestone( "calling tls input handler" ); - boolean common_ca_available = LdapServer::ReadCommonServerCertificateAvailable(); - - if( handler_cmd == `rb_yes ) - { - UI::ChangeWidget( `rt_tls_info, `Enabled, true ); - UI::ChangeWidget( `pb_edit, `Enabled, true ); - } else if( handler_cmd == `rb_no ) - { - UI::ChangeWidget( `rt_tls_info, `Enabled, false ); - UI::ChangeWidget( `pb_edit, `Enabled, false ); - } else if( handler_cmd == `pb_edit ) - { - //show edit popup - any ret = nil; - string dlg_name = common_ca_available ? "type" : "import"; - term dlg = (term)widget_map["g_tls","dialogs",dlg_name]:nil; - if( dlg == nil ) - { - callback_error = _("An internal error occurred. View the log file."); - y2error( "cb_input_tls: type dialog is not in widget map" ); - return false; - } - - UI::OpenDialog( dlg ); - - map<string,string> importPaths = LdapServer::ReadImportCertificates(); - if( dlg_name == "input" ) - { - UI::ChangeWidget( `te_cert_file, `Value, importPaths["ServerCertificateFile"]:"" ); - UI::ChangeWidget( `te_key_file, `Value, importPaths["ServerKeyFile"]:"" ); - UI::ChangeWidget( `te_ca_file, `Value, importPaths["CACertificatesFile"]:"" ); - } - - if( dlg_name == "type" && haskey( importPaths, "ServerCertificateFile" ) ) - { - UI::ChangeWidget( `rb_common, `Value, false ); - UI::ChangeWidget( `rb_import, `Value, true ); - } - - y2milestone( ">>>> entering cb_input_tls input loop..." ); - while( true ) - { - ret = UI::UserInput(); - y2milestone( "cb_input_tls: dialog returns '%1'", ret ); - - if( dlg_name == "type" ) - { - if( ret == `cancel ) break; - else if( ret == `ok ) - { - any do_what = UI::QueryWidget( `rbg_type, `CurrentButton ); - y2milestone( "cb_input_tls: do_what is '%1'", do_what ); - if( do_what == `rb_common ) - { - //TODO: use common ca - y2milestone( "cb_input_tls: using common server certificate" ); - LdapServer::WriteConfigureCommonServerCertificate( true ); - LdapServer::WriteImportCertificates( $[] ); - break; - } else if( do_what == `rb_import ) - { - UI::CloseDialog(); - dlg_name = "import"; - UI::OpenDialog( (term)widget_map["g_tls","dialogs","import"]:`Label(_("Dialog not found"))); - - //fill textentries - UI::ChangeWidget( `te_cert_file, `Value, importPaths["ServerCertificateFile"]:"" ); - UI::ChangeWidget( `te_key_file, `Value, importPaths["ServerKeyFile"]:"" ); - UI::ChangeWidget( `te_ca_file, `Value, importPaths["CACertificatesFile"]:"" ); - continue; - } - } - } else if( dlg_name == "import" ) - { - if( ret == `cancel ) break; - else if( ret == `pb_ca_file ) - { - /* file selection headline */ - string name = UI::AskForExistingFile( "/var/lib/CAM", "*.pem *.crt *", _("Select CA Certificate File") ); - if( name != nil ) UI::ChangeWidget( `te_ca_file, `Value, name ); - continue; - } else if( ret == `pb_cert_file ) - { - /* file selection headline */ - string name = UI::AskForExistingFile( "/var/lib/CAM", "*.pem *.crt *", _("Select Certificate File") ); - if( name != nil ) UI::ChangeWidget( `te_cert_file, `Value, name ); - continue; - } else if( ret == `pb_key_file ) - { - /* file selection headline */ - string name = UI::AskForExistingFile( "/var/lib/CAM", "*.pem *.crt *", _("Select Certificate Key File") ); - if( name != nil ) UI::ChangeWidget( `te_key_file, `Value, name ); - continue; - } else if( ret == `ok ) - { - //TODO: import ca - //read values - string cert_file = String::CutBlanks( (string)UI::QueryWidget( `te_cert_file, `Value ) ); - string key_file = String::CutBlanks( (string)UI::QueryWidget( `te_key_file, `Value ) ); - string ca_file = String::CutBlanks( (string)UI::QueryWidget( `te_ca_file, `Value ) ); - - if( cert_file == "" ) - { - /* Error Popup */ - Popup::Error( _("Server certificate file is required.") ); - continue; - } - - if( key_file == "" ) - { - /* Error Popup */ - Popup::Error( _("Server key file is required.") ); - continue; - } - - importPaths["ServerCertificateFile"] = cert_file; - importPaths["ServerKeyFile"] = key_file; - if( ca_file != "" ) importPaths["CACertificatesFile"] = ca_file; - - y2milestone( "importing certificates" ); - LdapServer::WriteImportCertificates( importPaths ); - LdapServer::WriteConfigureCommonServerCertificate( false ); - - break; - } - } - } - y2milestone( "<<<< leaving cb_input_tls input loop..." ); - - UI::CloseDialog(); - eval( cb_read_tls() ); - } +// boolean common_ca_available = LdapServer::ReadCommonServerCertificateAvailable(); +// +// if( handler_cmd == `rb_yes ) +// { +// UI::ChangeWidget( `rt_tls_info, `Enabled, true ); +// UI::ChangeWidget( `pb_edit, `Enabled, true ); +// } else if( handler_cmd == `rb_no ) +// { +// UI::ChangeWidget( `rt_tls_info, `Enabled, false ); +// UI::ChangeWidget( `pb_edit, `Enabled, false ); +// } else if( handler_cmd == `pb_edit ) +// { +// //show edit popup +// any ret = nil; +// string dlg_name = common_ca_available ? "type" : "import"; +// term dlg = (term)widget_map["g_tls","dialogs",dlg_name]:nil; +// if( dlg == nil ) +// { +// callback_error = _("An internal error occurred. View the log file."); +// y2error( "cb_input_tls: type dialog is not in widget map" ); +// return false; +// } +// +// UI::OpenDialog( dlg ); +// +// map<string,string> importPaths = LdapServer::ReadImportCertificates(); +// if( dlg_name == "input" ) +// { +// UI::ChangeWidget( `te_cert_file, `Value, importPaths["ServerCertificateFile"]:"" ); +// UI::ChangeWidget( `te_key_file, `Value, importPaths["ServerKeyFile"]:"" ); +// UI::ChangeWidget( `te_ca_file, `Value, importPaths["CACertificatesFile"]:"" ); +// } +// +// if( dlg_name == "type" && haskey( importPaths, "ServerCertificateFile" ) ) +// { +// UI::ChangeWidget( `rb_common, `Value, false ); +// UI::ChangeWidget( `rb_import, `Value, true ); +// } +// +// y2milestone( ">>>> entering cb_input_tls input loop..." ); +// while( true ) +// { +// ret = UI::UserInput(); +// y2milestone( "cb_input_tls: dialog returns '%1'", ret ); +// +// if( dlg_name == "type" ) +// { +// if( ret == `cancel ) break; +// else if( ret == `ok ) +// { +// any do_what = UI::QueryWidget( `rbg_type, `CurrentButton ); +// y2milestone( "cb_input_tls: do_what is '%1'", do_what ); +// if( do_what == `rb_common ) +// { +// //TODO: use common ca +// y2milestone( "cb_input_tls: using common server certificate" ); +// LdapServer::WriteConfigureCommonServerCertificate( true ); +// LdapServer::WriteImportCertificates( $[] ); +// break; +// } else if( do_what == `rb_import ) +// { +// UI::CloseDialog(); +// dlg_name = "import"; +// UI::OpenDialog( (term)widget_map["g_tls","dialogs","import"]:`Label(_("Dialog not found"))); +// +// //fill textentries +// UI::ChangeWidget( `te_cert_file, `Value, importPaths["ServerCertificateFile"]:"" ); +// UI::ChangeWidget( `te_key_file, `Value, importPaths["ServerKeyFile"]:"" ); +// UI::ChangeWidget( `te_ca_file, `Value, importPaths["CACertificatesFile"]:"" ); +// continue; +// } +// } +// } else if( dlg_name == "import" ) +// { +// if( ret == `cancel ) break; +// else if( ret == `pb_ca_file ) +// { +// /* file selection headline */ +// string name = UI::AskForExistingFile( "/var/lib/CAM", "*.pem *.crt *", _("Select CA Certificate File") ); +// if( name != nil ) UI::ChangeWidget( `te_ca_file, `Value, name ); +// continue; +// } else if( ret == `pb_cert_file ) +// { +// /* file selection headline */ +// string name = UI::AskForExistingFile( "/var/lib/CAM", "*.pem *.crt *", _("Select Certificate File") ); +// if( name != nil ) UI::ChangeWidget( `te_cert_file, `Value, name ); +// continue; +// } else if( ret == `pb_key_file ) +// { +// /* file selection headline */ +// string name = UI::AskForExistingFile( "/var/lib/CAM", "*.pem *.crt *", _("Select Certificate Key File") ); +// if( name != nil ) UI::ChangeWidget( `te_key_file, `Value, name ); +// continue; +// } else if( ret == `ok ) +// { +// //TODO: import ca +// //read values +// string cert_file = String::CutBlanks( (string)UI::QueryWidget( `te_cert_file, `Value ) ); +// string key_file = String::CutBlanks( (string)UI::QueryWidget( `te_key_file, `Value ) ); +// string ca_file = String::CutBlanks( (string)UI::QueryWidget( `te_ca_file, `Value ) ); +// +// if( cert_file == "" ) +// { +// /* Error Popup */ +// Popup::Error( _("Server certificate file is required.") ); +// continue; +// } +// +// if( key_file == "" ) +// { +// /* Error Popup */ +// Popup::Error( _("Server key file is required.") ); +// continue; +// } +// +// importPaths["ServerCertificateFile"] = cert_file; +// importPaths["ServerKeyFile"] = key_file; +// if( ca_file != "" ) importPaths["CACertificatesFile"] = ca_file; +// +// y2milestone( "importing certificates" ); +// LdapServer::WriteImportCertificates( importPaths ); +// LdapServer::WriteConfigureCommonServerCertificate( false ); +// +// break; +// } +// } +// } +// y2milestone( "<<<< leaving cb_input_tls input loop..." ); +// +// UI::CloseDialog(); +// eval( cb_read_tls() ); +// } //reread tls page return true; } @@ -546,9 +535,12 @@ define boolean cb_read_databases() ``{ y2milestone( "calling databases read handler" ); - list<string> dblist = (list<string>)merge( LdapServer::ReadDbList(), LdapServer::ReadDbListNEW() ); + list<map<string,string> > dblist = LdapServer::GetDatabaseList(); string text = HTML::Para( HTML::Bold( _("Available Databases:") ) )+HTML::Newline(); - foreach( string s, dblist, { text = text + s + HTML::Newline(); } ); + foreach( map<string,string> db, dblist, { + string tmp = sformat("%1 (%2)", db["suffix"]:"", db["type"]:"" ); + text = text + tmp + HTML::Newline(); + } ); UI::ChangeWidget( `rt_databases, `Value, text ); return true; } @@ -561,170 +553,170 @@ define boolean cb_input_databases() ``{ y2milestone( "calling databases input handler" ); - if( handler_cmd == `pb_add ) - { - any ret = nil; - boolean user_changed_dbdir = false; - list<string> dblist = LdapServer::ReadDbList(); - integer numDbs = size(dblist); - - UI::OpenDialog( (term)widget_map["databases","dialogs","adddb"]:`Label(_("Dialog not found"))); - - UI::ChangeWidget( `te_rootdn, `Value, "cn=Administrator" ); - UI::ChangeWidget( `te_directory, `Value, "/var/lib/ldap/" ); - UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Enabled , false ); - UI::ChangeWidget( `cb_ppolicy_uselockout, `Enabled , false ); - UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Enabled , false ); - UI::ChangeWidget( `cb_pp_append_basedn ,`Enabled, false ); - while( true ) - { - ret = UI::UserInput(); - y2milestone( "cb_input_databases: dialog returns '%1'", ret ); - if( ret == `cancel ) break; - else if( ret == `pb_directory ) { - /*directory selection dialog heading*/ - string name = UI::AskForExistingDirectory( "/var/lib/ldap", _("Select Database Directory") ); - if( name != nil ) UI::ChangeWidget( `te_directory, `Value, name ); - continue; - } - else if ( ret == `te_directory ) { - user_changed_dbdir = true; - } - else if ( ret == `te_basedn ) { - if ( ( user_changed_dbdir != true ) && (numDbs > 0) ) { - string suffix = String::CutBlanks( (string)UI::QueryWidget( `te_basedn, `Value ) ); - suffix = String::Replace(suffix, ",", "_"); - suffix = String::CutRegexMatch(suffix, "[^0-9a-zA-Z_=-]", true); - string dbdir = "/var/lib/ldap/" + suffix; - UI::ChangeWidget( `te_directory, `Value, dbdir ); - } - } - else if ( ret == `cb_ppolicy_overlay ) { - if ( UI::QueryWidget( `cb_ppolicy_overlay, `Value ) == true ) { - UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Enabled , true ); - UI::ChangeWidget( `cb_ppolicy_uselockout, `Enabled , true ); - UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Enabled , true ); - UI::ChangeWidget( `cb_pp_append_basedn ,`Enabled, true ); - } else { - UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Enabled , false ); - UI::ChangeWidget( `cb_ppolicy_uselockout, `Enabled , false ); - UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Enabled , false ); - UI::ChangeWidget( `cb_pp_append_basedn ,`Enabled, false ); - } - } - else if( ret == `ok ) { - //TODO: add database - string suffix = String::CutBlanks( (string)UI::QueryWidget( `te_basedn, `Value ) ); - string rootdn = String::CutBlanks( (string)UI::QueryWidget( `te_rootdn, `Value ) ); - string rootpw = (string)UI::QueryWidget( `te_rootpw, `Value ); - string directory = String::CutBlanks( (string)UI::QueryWidget( `te_directory, `Value ) ); - boolean createdir = false; - string cryptmethod = (string)UI::QueryWidget( `cb_cryptmethod, `Value ); - - //check values - if( suffix == "" ) - { - /*error popup*/ - Popup::Error( _("Base DN must be set.") ); - continue; - } - - list<string> dblist = (list<string>)merge( LdapServer::ReadDbList(), LdapServer::ReadDbListNEW() ); - if( contains( dblist, suffix ) ) - { - /* Error Popup */ - Popup::Error( _("A database with that Base DN already exists.") ); - continue; - } - if( rootpw != "" && rootdn == "" ) - { - /* Error Popup */ - Popup::Error( _("Root DN must be set if a password is given.") ); - continue; - } - if( rootpw != "" && rootpw != (string)UI::QueryWidget( `te_valid_rootpw, `Value ) ) - { - /* Error Popup */ - Popup::Error( _("Password validation failed.") ); - continue; - } - if( directory == "" ) - { - /* Error Popup */ - Popup::Error( _("A directory must be specified.") ); - continue; - } - if ( SCR::Read(.target.dir, directory) == nil ) { - boolean res = Popup::AnyQuestion(Label::ErrorMsg(), - _("The directory does not exist. Create it?"), - Label::YesButton(), Label::NoButton(), `focus); - if ( res == false ) { - continue; - } else { - y2debug( "Create dir == true" ); - createdir = true; - } - } - - //create new database - map<string,any> db = $[ - "suffix" : suffix, - "directory" : directory, - "database" : "bdb", - "createdatabasedir" : createdir - ]; - if( rootdn != "" && (boolean)UI::QueryWidget( `cb_append_basedn, `Value ) ) - { - rootdn = rootdn+","+suffix; - } - if( rootdn != "" ) db = add( db, "rootdn", rootdn ); - if( rootpw != "" ) - { - db = add( db, "passwd", rootpw ); - db = add( db, "cryptmethod", cryptmethod ); - } - if( UI::QueryWidget( `cb_ppolicy_overlay, `Value ) == true ){ - boolean hashcleartext = (boolean)UI::QueryWidget( `cb_ppolicy_hashcleartext, `Value ); - boolean uselockout = (boolean)UI::QueryWidget( `cb_ppolicy_uselockout, `Value ); - string pp_default = (string)UI::QueryWidget( `te_ppolicy_defaultpolicy, `Value ); - map<string,any> ppolicy = $[]; - if (hashcleartext ) { - ppolicy = add( ppolicy, "ppolicy_hash_cleartext", ""); - } - if (uselockout ) { - ppolicy = add( ppolicy, "ppolicy_use_lockout", ""); - } - if (pp_default != "" ) { - if( (boolean)UI::QueryWidget( `cb_pp_append_basedn, `Value ) ) - { - pp_default = pp_default+","+suffix; - } - db = add(db, "ppolicy_default_changed", "1"); - ppolicy = add( ppolicy, "ppolicy_default", pp_default); - } - list<any> pp_overlay = [ "ppolicy", ppolicy ]; - list<any> overlays = [ pp_overlay ]; - db = add( db, "overlay", overlays); - - list<string> inclist = LdapServer::ReadSchemaIncludeList(); - if(! contains( inclist, "/etc/openldap/schema/ppolicy.schema" ) ){ - inclist = add(inclist, "/etc/openldap/schema/ppolicy.schema" ); - LdapServer::WriteSchemaIncludeList(inclist); - } - } - if( LdapServer::AddDatabase( db ) ) - { - y2milestone( "adding database was successful, now trying to add widget tree item" ); - rebuild_widget_tree = true; - break; - } else { - y2milestone( "adding database was not successful" ); - } - } - } - - UI::CloseDialog(); - } +// if( handler_cmd == `pb_add ) +// { +// any ret = nil; +// boolean user_changed_dbdir = false; +// list<string> dblist = LdapServer::ReadDbList(); +// integer numDbs = size(dblist); +// +// UI::OpenDialog( (term)widget_map["databases","dialogs","adddb"]:`Label( _("Dialog not found") ) ); +// +// UI::ChangeWidget( `te_rootdn, `Value, "cn=Administrator" ); +// UI::ChangeWidget( `te_directory, `Value, "/var/lib/ldap/" ); +// UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Enabled , false ); +// UI::ChangeWidget( `cb_ppolicy_uselockout, `Enabled , false ); +// UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Enabled , false ); +// UI::ChangeWidget( `cb_pp_append_basedn ,`Enabled, false ); +// while( true ) +// { +// ret = UI::UserInput(); +// y2milestone( "cb_input_databases: dialog returns '%1'", ret ); +// if( ret == `cancel ) break; +// else if( ret == `pb_directory ) { +// /*directory selection dialog heading*/ +// string name = UI::AskForExistingDirectory( "/var/lib/ldap", _("Select Database Directory") ); +// if( name != nil ) UI::ChangeWidget( `te_directory, `Value, name ); +// continue; +// } +// else if ( ret == `te_directory ) { +// user_changed_dbdir = true; +// } +// else if ( ret == `te_basedn ) { +// if ( ( user_changed_dbdir != true ) && (numDbs > 0) ) { +// string suffix = String::CutBlanks( (string)UI::QueryWidget( `te_basedn, `Value ) ); +// suffix = String::Replace(suffix, ",", "_"); +// suffix = String::CutRegexMatch(suffix, "[^0-9a-zA-Z_=-]", true); +// string dbdir = "/var/lib/ldap/" + suffix; +// UI::ChangeWidget( `te_directory, `Value, dbdir ); +// } +// } +// else if ( ret == `cb_ppolicy_overlay ) { +// if ( UI::QueryWidget( `cb_ppolicy_overlay, `Value ) == true ) { +// UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Enabled , true ); +// UI::ChangeWidget( `cb_ppolicy_uselockout, `Enabled , true ); +// UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Enabled , true ); +// UI::ChangeWidget( `cb_pp_append_basedn ,`Enabled, true ); +// } else { +// UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Enabled , false ); +// UI::ChangeWidget( `cb_ppolicy_uselockout, `Enabled , false ); +// UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Enabled , false ); +// UI::ChangeWidget( `cb_pp_append_basedn ,`Enabled, false ); +// } +// } +// else if( ret == `ok ) { +// //TODO: add database +// string suffix = String::CutBlanks( (string)UI::QueryWidget( `te_basedn, `Value ) ); +// string rootdn = String::CutBlanks( (string)UI::QueryWidget( `te_rootdn, `Value ) ); +// string rootpw = (string)UI::QueryWidget( `te_rootpw, `Value ); +// string directory = String::CutBlanks( (string)UI::QueryWidget( `te_directory, `Value ) ); +// boolean createdir = false; +// string cryptmethod = (string)UI::QueryWidget( `cb_cryptmethod, `Value ); +// +// //check values +// if( suffix == "" ) +// { +// /*error popup*/ +// Popup::Error( _("Base DN must be set.") ); +// continue; +// } +// +// list<string> dblist = (list<string>)merge( LdapServer::ReadDbList(), LdapServer::ReadDbListNEW() ); +// if( contains( dblist, suffix ) ) +// { +// /* Error Popup */ +// Popup::Error( _("A database with that Base DN already exists.") ); +// continue; +// } +// if( rootpw != "" && rootdn == "" ) +// { +// /* Error Popup */ +// Popup::Error( _("Root DN must be set if a password is given.") ); +// continue; +// } +// if( rootpw != "" && rootpw != (string)UI::QueryWidget( `te_valid_rootpw, `Value ) ) +// { +// /* Error Popup */ +// Popup::Error( _("Password validation failed.") ); +// continue; +// } +// if( directory == "" ) +// { +// /* Error Popup */ +// Popup::Error( _("A directory must be specified.") ); +// continue; +// } +// if ( SCR::Read(.target.dir, directory) == nil ) { +// boolean res = Popup::AnyQuestion(Label::ErrorMsg(), +// _("The directory does not exist. Create it?"), +// Label::YesButton(), Label::NoButton(), `focus); +// if ( res == false ) { +// continue; +// } else { +// y2debug( "Create dir == true" ); +// createdir = true; +// } +// } +// +// //create new database +// map<string,any> db = $[ +// "suffix" : suffix, +// "directory" : directory, +// "database" : "bdb", +// "createdatabasedir" : createdir +// ]; +// if( rootdn != "" && (boolean)UI::QueryWidget( `cb_append_basedn, `Value ) ) +// { +// rootdn = rootdn+","+suffix; +// } +// if( rootdn != "" ) db = add( db, "rootdn", rootdn ); +// if( rootpw != "" ) +// { +// db = add( db, "passwd", rootpw ); +// db = add( db, "cryptmethod", cryptmethod ); +// } +// if( UI::QueryWidget( `cb_ppolicy_overlay, `Value ) == true ){ +// boolean hashcleartext = (boolean)UI::QueryWidget( `cb_ppolicy_hashcleartext, `Value ); +// boolean uselockout = (boolean)UI::QueryWidget( `cb_ppolicy_uselockout, `Value ); +// string pp_default = (string)UI::QueryWidget( `te_ppolicy_defaultpolicy, `Value ); +// map<string,any> ppolicy = $[]; +// if (hashcleartext ) { +// ppolicy = add( ppolicy, "ppolicy_hash_cleartext", ""); +// } +// if (uselockout ) { +// ppolicy = add( ppolicy, "ppolicy_use_lockout", ""); +// } +// if (pp_default != "" ) { +// if( (boolean)UI::QueryWidget( `cb_pp_append_basedn, `Value ) ) +// { +// pp_default = pp_default+","+suffix; +// } +// db = add(db, "ppolicy_default_changed", "1"); +// ppolicy = add( ppolicy, "ppolicy_default", pp_default); +// } +// list<any> pp_overlay = [ "ppolicy", ppolicy ]; +// list<any> overlays = [ pp_overlay ]; +// db = add( db, "overlay", overlays); +// +// list<string> inclist = LdapServer::ReadSchemaIncludeList(); +// if(! contains( inclist, "/etc/openldap/schema/ppolicy.schema" ) ){ +// inclist = add(inclist, "/etc/openldap/schema/ppolicy.schema" ); +// LdapServer::WriteSchemaIncludeList(inclist); +// } +// } +// if( LdapServer::AddDatabase( db ) ) +// { +// y2milestone( "adding database was successful, now trying to add widget tree item" ); +// rebuild_widget_tree = true; +// break; +// } else { +// y2milestone( "adding database was not successful" ); +// } +// } +// } +// +// UI::CloseDialog(); +// } return true; } @@ -752,203 +744,203 @@ define boolean cb_write_db() ``{ string suffix = (string)widget_map[current_tree_item,"name"]:nil; - if( suffix == nil ) - { - /* Error Popup */ - callback_error = _("Unable to write settings for the current database."); - y2error( "'name' entry for item '%1' is nil", current_tree_item ); - return false; - } - - y2milestone( "calling db write handler for suffix '%1'", suffix ); - - boolean is_new_db = (boolean)widget_map[current_tree_item,"new_db"]:nil; - y2debug( "widget_map entry for item '%1': '%2'", suffix, widget_map[current_tree_item]:nil ); - if( is_new_db == nil ) - { - /* Error Popup */ - callback_error = _("Unable to write settings for the current database."); - y2error( "'new_db' key for item '%1' is nil", suffix ); - return false; - } - map<string,any> dbmap = is_new_db ? LdapServer::ReadDatabaseNEW() : LdapServer::ReadDatabase(); - y2debug( "settings map returned by ReadDatabase/ReadDatabaseNEW: %1", dbmap ); - - map<string,any> db = (map<string,any>)dbmap[suffix]:nil; - if( db == nil ) - { - /* Error Popup */ - callback_error = _("Unable to write settings for the current database."); - y2error( "database is not in dbmap returned by ReadDatabase" ); - y2debug( "trying to read database '%1', dbmap is: '%2'", suffix, dbmap ); - return false; - } - - string rootdn = ""; - rootdn = String::CutBlanks( (string)UI::QueryWidget( `te_rootdn, `Value ) ); - if( rootdn != "" && (boolean)UI::QueryWidget( `cb_append_basedn, `Value ) ) - { - rootdn = rootdn + "," + suffix; - } - db["rootdn"] = rootdn; - - string rootpw = (string)UI::QueryWidget( `te_rootpw, `Value ); - if( rootpw != "" ) { - db["passwd"] = rootpw; - db["cryptmethod"] = (string)UI::QueryWidget( `cb_cryptmethod, `Value ); - } - - if( UI::QueryWidget( `cb_ppolicy_overlay, `Value ) == true ){ - boolean hashcleartext = (boolean)UI::QueryWidget( `cb_ppolicy_hashcleartext, `Value ); - boolean uselockout = (boolean)UI::QueryWidget( `cb_ppolicy_uselockout, `Value ); - string pp_default = (string)UI::QueryWidget( `te_ppolicy_defaultpolicy, `Value ); - map<string,string> ppolicy_old = LdapServer::GetPasswordPolicyOverlay(suffix); - map<string,any> ppolicy = $[]; - if (hashcleartext ) { - ppolicy = add( ppolicy, "ppolicy_hash_cleartext", ""); - } - if (uselockout) { - ppolicy = add( ppolicy, "ppolicy_use_lockout", ""); - } - if (pp_default != "" ) { - if( (boolean)UI::QueryWidget( `cb_pp_append_basedn, `Value ) ) - { - pp_default = pp_default+","+suffix; - } - if (pp_default != ppolicy_old["ppolicy_default"]:nil ) { - db = add(db, "ppolicy_default_changed", "1"); - } - ppolicy = add( ppolicy, "ppolicy_default", pp_default); - } - list<any> pp_overlay = [ "ppolicy", ppolicy ]; - list<any> overlays = [ pp_overlay ]; - db = add( db, "overlay", overlays); - list<string> inclist = LdapServer::ReadSchemaIncludeList(); - if(! contains( inclist, "/etc/openldap/schema/ppolicy.schema" ) ){ - inclist = add(inclist, "/etc/openldap/schema/ppolicy.schema" ); - LdapServer::WriteSchemaIncludeList(inclist); - } - } else { - map<string,string> ppolicy_map = LdapServer::GetPasswordPolicyOverlay(suffix); - if ( ppolicy_map != nil ){ - list<any> newoverlay = []; - list<any> empty_pp_ol = ["ppolicy", nil ]; - integer i = 0; - foreach( list<any> i, db["overlay"]:[], { - if ((string)i[0]:"" != "ppolicy") { - newoverlay = add(newoverlay, i); - } else { - newoverlay = add(newoverlay, empty_pp_ol); - } - }); - db["overlay"] = newoverlay; - } - } - string checkResult = LdapServer::CheckDatabase( db ); - if( checkResult != "" ) { - callback_error = checkResult; - return false; - } - - //write changes - dbmap[suffix] = db; - if( is_new_db ) - { - LdapServer::WriteDatabaseNEW( dbmap ); - } else - { - LdapServer::WriteDatabase( dbmap ); - } + // if( suffix == nil ) + // { + // /* Error Popup */ + // callback_error = _("Unable to write settings for the current database."); + // y2error( "'name' entry for item '%1' is nil", current_tree_item ); + // return false; + // } + + // y2milestone( "calling db write handler for suffix '%1'", suffix ); + + // boolean is_new_db = (boolean)widget_map[current_tree_item,"new_db"]:nil; + // y2debug( "widget_map entry for item '%1': '%2'", suffix, widget_map[current_tree_item]:nil ); + // if( is_new_db == nil ) + // { + // /* Error Popup */ + // callback_error = _("Unable to write settings for the current database."); + // y2error( "'new_db' key for item '%1' is nil", suffix ); + // return false; + // } + // map<string,any> dbmap = is_new_db ? LdapServer::ReadDatabaseNEW() : LdapServer::ReadDatabase(); + // y2debug( "settings map returned by ReadDatabase/ReadDatabaseNEW: %1", dbmap ); + + // map<string,any> db = (map<string,any>)dbmap[suffix]:nil; + // if( db == nil ) + // { + // /* Error Popup */ + // callback_error = _("Unable to write settings for the current database."); + // y2error( "database is not in dbmap returned by ReadDatabase" ); + // y2debug( "trying to read database '%1', dbmap is: '%2'", suffix, dbmap ); + // return false; + // } + + // string rootdn = ""; + // rootdn = String::CutBlanks( (string)UI::QueryWidget( `te_rootdn, `Value ) ); + // if( rootdn != "" && (boolean)UI::QueryWidget( `cb_append_basedn, `Value ) ) + // { + // rootdn = rootdn + "," + suffix; + // } + // db["rootdn"] = rootdn; + + // string rootpw = (string)UI::QueryWidget( `te_rootpw, `Value ); + // if( rootpw != "" ) { + // db["passwd"] = rootpw; + // db["cryptmethod"] = (string)UI::QueryWidget( `cb_cryptmethod, `Value ); + // } + + // if( UI::QueryWidget( `cb_ppolicy_overlay, `Value ) == true ){ + // boolean hashcleartext = (boolean)UI::QueryWidget( `cb_ppolicy_hashcleartext, `Value ); + // boolean uselockout = (boolean)UI::QueryWidget( `cb_ppolicy_uselockout, `Value ); + // string pp_default = (string)UI::QueryWidget( `te_ppolicy_defaultpolicy, `Value ); + // map<string,string> ppolicy_old = LdapServer::GetPasswordPolicyOverlay(suffix); + // map<string,any> ppolicy = $[]; + // if (hashcleartext ) { + // ppolicy = add( ppolicy, "ppolicy_hash_cleartext", ""); + // } + // if (uselockout) { + // ppolicy = add( ppolicy, "ppolicy_use_lockout", ""); + // } + // if (pp_default != "" ) { + // if( (boolean)UI::QueryWidget( `cb_pp_append_basedn, `Value ) ) + // { + // pp_default = pp_default+","+suffix; + // } + // if (pp_default != ppolicy_old["ppolicy_default"]:nil ) { + // db = add(db, "ppolicy_default_changed", "1"); + // } + // ppolicy = add( ppolicy, "ppolicy_default", pp_default); + // } + // list<any> pp_overlay = [ "ppolicy", ppolicy ]; + // list<any> overlays = [ pp_overlay ]; + // db = add( db, "overlay", overlays); + // list<string> inclist = LdapServer::ReadSchemaIncludeList(); + // if(! contains( inclist, "/etc/openldap/schema/ppolicy.schema" ) ){ + // inclist = add(inclist, "/etc/openldap/schema/ppolicy.schema" ); + // LdapServer::WriteSchemaIncludeList(inclist); + // } + // } else { + // map<string,string> ppolicy_map = LdapServer::GetPasswordPolicyOverlay(suffix); + // if ( ppolicy_map != nil ){ + // list<any> newoverlay = []; + // list<any> empty_pp_ol = ["ppolicy", nil ]; + // integer i = 0; + // foreach( list<any> i, db["overlay"]:[], { + // if ((string)i[0]:"" != "ppolicy") { + // newoverlay = add(newoverlay, i); + // } else { + // newoverlay = add(newoverlay, empty_pp_ol); + // } + // }); + // db["overlay"] = newoverlay; + // } + // } + // string checkResult = LdapServer::CheckDatabase( db ); + // if( checkResult != "" ) { + // callback_error = checkResult; + // return false; + // } + + // //write changes + // dbmap[suffix] = db; + // if( is_new_db ) + // { + // LdapServer::WriteDatabaseNEW( dbmap ); + // } else + // { + // LdapServer::WriteDatabase( dbmap ); + // } return true; } define boolean cb_read_db() ``{ - string suffix = (string)widget_map[current_tree_item,"name"]:nil; - if( suffix == nil ) - { - /* Error Popup */ - callback_error = _("Unable to read settings for the current database."); - y2error( "'name' entry for item '%1' is nil", current_tree_item ); - return false; - } - y2milestone( "calling db read handler for suffix '%1'", suffix ); - - boolean is_new_db = (boolean)widget_map[current_tree_item,"new_db"]:nil; - y2debug( "widget_map entry for item '%1': '%2'", suffix, widget_map[current_tree_item]:nil ); - if( is_new_db == nil ) - { - /* Error Popup */ - callback_error = _("Unable to read settings for the current database."); - y2error( "'new_db' key for item '%1' is nil", current_tree_item ); - return false; - } - map<string,any> dbmap = is_new_db ? LdapServer::ReadDatabaseNEW() : LdapServer::ReadDatabase(); - y2debug( "settings map returned by ReadDatabase/ReadDatabaseNEW: %1", dbmap ); - - map<string,any> db = (map<string,any>)dbmap[suffix]:nil; - if( db == nil ) - { - /* Error Popup */ - callback_error = _("Unable to read settings for the current database."); - y2error( "Reading settings for database '%1' failed", suffix ); - return false; - } - - UI::ChangeWidget( `te_basedn, `Value, suffix ); - - string rootdn = (string)db["rootdn"]:""; - boolean append_checked = false; - integer pos = find( rootdn, suffix ); - if( pos > -1 ) - { - rootdn = substring( rootdn, 0, pos-1 ); - append_checked = true; - } - UI::ChangeWidget( `te_rootdn, `Value, rootdn ); - UI::ChangeWidget( `cb_append_basedn, `Value, append_checked ); - UI::ChangeWidget( `te_rootpw, `Value, db["passwd"]:"" ); - UI::ChangeWidget( `te_valid_rootpw, `Value, db["passwd"]:"" ); - UI::ChangeWidget( `cb_cryptmethod, `Value, (string)db["cryptmethod"]:"SSHA" ); - - // Check for ppolicy overlay - map<string,string> ppolicy_map = LdapServer::GetPasswordPolicyOverlay(suffix); - if ( ppolicy_map != nil ){ - UI::ChangeWidget( `cb_ppolicy_overlay, `Value, true ); - string pp_hash_cleartext = ppolicy_map["ppolicy_hash_cleartext"]:nil; - string pp_use_lockout = ppolicy_map["ppolicy_use_lockout"]:nil; - string pp_default = ppolicy_map["ppolicy_default"]:nil; - boolean pp_append_checked = false; - integer pos = find( pp_default, suffix ); - if( pos > -1 ) - { - pp_default = substring( pp_default, 0, pos-1 ); - pp_append_checked = true; - } - if ( pp_hash_cleartext != nil ){ - UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Value, true ); - } else { - UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Value, false ); - } - if ( pp_use_lockout != nil ){ - UI::ChangeWidget( `cb_ppolicy_uselockout, `Value, true ); - } else { - UI::ChangeWidget( `cb_ppolicy_uselockout, `Value, false ); - } - if ( pp_default != nil ){ - UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Value, pp_default ); - UI::ChangeWidget( `cb_pp_append_basedn, `Value, pp_append_checked ); - } else { - UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Value, "" ); - UI::ChangeWidget( `cb_pp_append_basedn, `Value, true ); - } - } else { - UI::ChangeWidget( `cb_ppolicy_overlay, `Value, false ); - UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Enabled , false ); - UI::ChangeWidget( `cb_ppolicy_uselockout, `Enabled , false ); - UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Enabled , false ); - } +// string suffix = (string)widget_map[current_tree_item,"name"]:nil; +// if( suffix == nil ) +// { +// /* Error Popup */ +// callback_error = _("Unable to read settings for the current database."); +// y2error( "'name' entry for item '%1' is nil", current_tree_item ); +// return false; +// } +// y2milestone( "calling db read handler for suffix '%1'", suffix ); +// +// boolean is_new_db = (boolean)widget_map[current_tree_item,"new_db"]:nil; +// y2debug( "widget_map entry for item '%1': '%2'", suffix, widget_map[current_tree_item]:nil ); +// if( is_new_db == nil ) +// { +// /* Error Popup */ +// callback_error = _("Unable to read settings for the current database."); +// y2error( "'new_db' key for item '%1' is nil", current_tree_item ); +// return false; +// } +// map<string,any> dbmap = is_new_db ? LdapServer::ReadDatabaseNEW() : LdapServer::ReadDatabase(); +// y2debug( "settings map returned by ReadDatabase/ReadDatabaseNEW: %1", dbmap ); +// +// map<string,any> db = (map<string,any>)dbmap[suffix]:nil; +// if( db == nil ) +// { +// /* Error Popup */ +// callback_error = _("Unable to read settings for the current database."); +// y2error( "Reading settings for database '%1' failed", suffix ); +// return false; +// } +// +// UI::ChangeWidget( `te_basedn, `Value, suffix ); +// +// string rootdn = (string)db["rootdn"]:""; +// boolean append_checked = false; +// integer pos = find( rootdn, suffix ); +// if( pos > -1 ) +// { +// rootdn = substring( rootdn, 0, pos-1 ); +// append_checked = true; +// } +// UI::ChangeWidget( `te_rootdn, `Value, rootdn ); +// UI::ChangeWidget( `cb_append_basedn, `Value, append_checked ); +// UI::ChangeWidget( `te_rootpw, `Value, db["passwd"]:"" ); +// UI::ChangeWidget( `te_valid_rootpw, `Value, db["passwd"]:"" ); +// UI::ChangeWidget( `cb_cryptmethod, `Value, (string)db["cryptmethod"]:"SSHA" ); +// +// // Check for ppolicy overlay +// map<string,string> ppolicy_map = LdapServer::GetPasswordPolicyOverlay(suffix); +// if ( ppolicy_map != nil ){ +// UI::ChangeWidget( `cb_ppolicy_overlay, `Value, true ); +// string pp_hash_cleartext = ppolicy_map["ppolicy_hash_cleartext"]:nil; +// string pp_use_lockout = ppolicy_map["ppolicy_use_lockout"]:nil; +// string pp_default = ppolicy_map["ppolicy_default"]:nil; +// boolean pp_append_checked = false; +// integer pos = find( pp_default, suffix ); +// if( pos > -1 ) +// { +// pp_default = substring( pp_default, 0, pos-1 ); +// pp_append_checked = true; +// } +// if ( pp_hash_cleartext != nil ){ +// UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Value, true ); +// } else { +// UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Value, false ); +// } +// if ( pp_use_lockout != nil ){ +// UI::ChangeWidget( `cb_ppolicy_uselockout, `Value, true ); +// } else { +// UI::ChangeWidget( `cb_ppolicy_uselockout, `Value, false ); +// } +// if ( pp_default != nil ){ +// UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Value, pp_default ); +// UI::ChangeWidget( `cb_pp_append_basedn, `Value, pp_append_checked ); +// } else { +// UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Value, "" ); +// UI::ChangeWidget( `cb_pp_append_basedn, `Value, true ); +// } +// } else { +// UI::ChangeWidget( `cb_ppolicy_overlay, `Value, false ); +// UI::ChangeWidget( `cb_ppolicy_hashcleartext, `Enabled , false ); +// UI::ChangeWidget( `cb_ppolicy_uselockout, `Enabled , false ); +// UI::ChangeWidget( `te_ppolicy_defaultpolicy, `Enabled , false ); +// } return true; } @@ -970,40 +962,28 @@ return true; } + /***************************************** ** tree structure definition ** *****************************************/ - widget_map = $[ "base" : $[ - "children" : [ "global", "databases" ] + "children" : [ "daemon", "global", "schema" , "databases" ] + ], + "daemon" : $[ + "name" : _("Startup Configuration"), + "widget" : dlg_service_new ], "global" : $[ - "children" : [ "g_schema", "g_loglevel", "g_allow", "g_tls" ], + "children" : [ "g_loglevel", "g_allow", "g_tls" ], /* Tree item */ "name" : _("Global Settings"), "widget" : `Empty() ], - "g_schema" : $[ + "schema" : $[ /* Tree item */ "name" : _("Schema Files"), - "widget" : - `HBox( - `VBox( - `ReplacePoint( `id( `rp_schemalist ), `Empty() ), - `Left( `HBox( - `PushButton( `id( `pb_add ), Label::AddButton() ), - `HSpacing( 0.5 ), - `PushButton( `id( `pb_delete ), Label::DeleteButton() ) - ) ), - `VSpacing( 1 ) - ), - `HSpacing( 0.5 ), - `VBox( - `PushButton( `id( `pb_up ), Label::UpButton() ), - `PushButton( `id( `pb_down ), Label::DownButton() ) - ) - ), + "widget" : schemaWidget, "inclist" : [], "cb_check" : ``( cb_check_schema() ), "cb_read" : ``( cb_read_schema() ), @@ -1013,34 +993,7 @@ "g_loglevel" : $[ /* Tree item */ "name" : _("Log Level Settings"), - "widget" : - /* Multi select box header */ - `MultiSelectionBox( `id( `msb_loglevel ), _("Select &Log Level Flags:"), [ - /* Multi select box item 1/12 */ - `item( `id( 1 ), _("Trace Function Calls") ), - /* Multi select box item 2/12 */ - `item( `id( 2 ), _("Debug Packet Handling") ), - /* Multi select box item 3/12 */ - `item( `id( 4 ), _("Heavy Trace Debugging") ), - /* Multi select box item 4/12 */ - `item( `id( 8 ), _("Connection Management") ), - /* Multi select box item 5/12 */ - `item( `id( 16 ), _("Print Packets Sent and Received") ), - /* Multi select box item 6/12 */ - `item( `id( 32 ), _("Search Filter Processing") ), - /* Multi select box item 7/12 */ - `item( `id( 64 ), _("Configuration File Processing") ), - /* Multi select box item 8/12 */ - `item( `id( 128 ), _("Access Control List Processing") ), - /* Multi select box item 9/12 */ - `item( `id( 256 ), _("Log Connections, Operations, and Result") ), - /* Multi select box item 10/12 */ - `item( `id( 512 ), _("Log Entries Sent") ), - /* Multi select box item 11/12 */ - `item( `id( 1024 ), _("Print Communication with Shell Back-Ends") ), - /* Multi select box item 12/12 */ - `item( `id( 2048 ), _("Entry Parsing") ) - ] ), + "widget" : loglevelWidget, "cb_check" : ``( cb_check_loglevel() ), "cb_read" : ``( cb_read_loglevel() ), "cb_write" : ``( cb_write_loglevel() ) @@ -1048,18 +1001,7 @@ "g_allow" : $[ /* Tree item */ "name" : _("Allow Settings"), - "widget" : - /* Multi select box header(allow flags) */ - `MultiSelectionBox( `id( `msb_allow ), _("Select &Allow Flags:"), [ - /* Multi select box item (allow flags) 1/4*/ - `item( `id( "bind_v2" ), _("LDAPv2 Bind Requests") ), - /* Multi select box item (allow flags) 2/4*/ - `item( `id( "bind_anon_cred" ), _("Anonymous Bind when Credentials Not Empty") ), - /* Multi select box item (allow flags) 3/4*/ - `item( `id( "bind_anon_dn" ), _("Unauthenticated Bind when DN Not Empty") ), - /* Multi select box item (allow flags) 4/4*/ - `item( `id( "update_anon" ), _("Unauthenticated Update Options to Process") ) - ] ), + "widget" : allowWidget, "cb_check" : ``( cb_check_allow() ), "cb_read" : ``( cb_read_allow() ), "cb_write" : ``( cb_write_allow() ) @@ -1067,63 +1009,10 @@ "g_tls" : $[ /* Tree item */ "name" : _("TLS Settings"), - "widget" : `VBox( - /* TLS Dialog Headline */ - `Heading( _("TLS Settings") ), - /* radiobutton group text */ - `Frame( _("TLS Active"), `RadioButtonGroup( `id( `rbg_tls ), `HBox( - `RadioButton( `id( `rb_yes ), `opt( `notify ), Label::YesButton() ), - `RadioButton( `id( `rb_no ), `opt( `notify ), Label::NoButton() ) - ) ) ), - `RichText( `id( `rt_tls_info ), "" ), - /* Button Text */ - `PushButton( `id( `pb_edit ), _("&Select Certificate...") ) - ), + "widget" : tlsWidget, "dialogs" : $[ - "type" : `VBox( - /* certificate type selection dialog Headline */ - `Heading( _("Select Type") ), - `VSpacing( 1 ), - `RadioButtonGroup( `id( `rbg_type ), `VBox ( - /* Radiobutton text */ - `Left( `RadioButton( `id( `rb_import ), _("&Import Certificates") ) ), - /* Radiobutton text */ - `Left( `RadioButton( `id( `rb_common ), _("Use C&ommon Server Certificate"), true ) ) - ) ), - `VSpacing( 1 ), - `HBox( `PushButton( `id( `ok ), Label::OKButton() ), - `PushButton( `id( `cancel ), Label::CancelButton() ) - ) - ), - "import": `VBox( - /* Dialog Headline */ - `Heading( _("Import Certificate") ), - `VSpacing( 1 ), - /* text entry description */ - `VSquash( `HBox( `TextEntry( `id( `te_cert_file ), _("Certificate &File (PEM Format)") ), - `HSpacing( 0.5 ), - /* Button Text */ - `Bottom( `PushButton( `id( `pb_cert_file ), _("&Browse...") ) ) - ) ), - `VSpacing( 0.5 ), - /* text entry description */ - `VSquash( `HBox( `TextEntry( `id( `te_key_file ), _("Certificate &Key File (PEM Format -- Unencrypted)")+" " ), - `HSpacing( 0.5 ), - /* Button Text */ - `Bottom( `PushButton( `id( `pb_key_file ), _("B&rowse...") ) ) - ) ), - `VSpacing( 0.5 ), - /* text entry description */ - `VSquash( `HBox( `TextEntry( `id( `te_ca_file ), _("C&A Certificate File (PEM Format)") ), - `HSpacing( 0.5 ), - /* Button Text */ - `Bottom( `PushButton( `id( `pb_ca_file ), _("Bro&wse...") ) ) - ) ), - `VSpacing( 1 ), - `HBox( `PushButton( `id( `ok ), Label::OKButton() ), - `PushButton( `id( `cancel ), Label::CancelButton() ) - ) - ) + "type" : tlsTypeWidget, + "import": tlsImportWidget, ], "cb_check" : ``( cb_check_tls() ), "cb_read" : ``( cb_read_tls() ), @@ -1139,62 +1028,7 @@ `PushButton( `id( `pb_add ), _("A&dd Database...") ) ), "dialogs" : $[ - "adddb" : `HBox( `HSpacing(0.25),`VBox( - /* Dialog Headline */ - `Heading( _("Add Database") ), - `VSpacing( 1 ), - /* Textentry description */ - `Frame( _("General Settings"), `VBox( - `TextEntry( `id( `te_basedn ), `opt(`notify ), _("&Base DN") ), - `VSpacing( 0.5 ), - /* Textentry description */ - `VSquash( `HBox( `TextEntry( `id( `te_rootdn ), _("&Root DN") ), - `HSpacing( 0.5 ), - /* checkbox description */ - `VBox( `Bottom( `CheckBox( `id( `cb_append_basedn ), _("&Append Base DN"), true ) ), - `VSpacing( 0.3 ) - ) - ) ), - `VSpacing( 0.5 ), - /* Textentry description */ - `HBox( `Password( `id( `te_rootpw ), _("LDAP &Password") ), - `HSpacing( 0.5 ), - /* Textentry description */ - `Password( `id( `te_valid_rootpw ), _("&Validate Password") ), - `HSpacing( 0.5 ), - /* Combobox description */ - `ComboBox( `id( `cb_cryptmethod ), _("&Encryption"), enc_types ) - ), - `VSpacing( 0.5 ), - /* Textentry description */ - `VSquash( `HBox( `TextEntry( `id( `te_directory ),`opt(`notify ), _("&Database Directory") ), - `HSpacing( 0.5 ), - /* Button text */ - `Bottom( `PushButton( `id( `pb_directory ), _("&Browse...") ) ) - ) ))), - `VSpacing( 1 ), - `Frame( _("Password Policy Settings"), `VBox( `VSpacing(0.25), - `HBox( `CheckBox( `id( `cb_ppolicy_overlay ), - `opt(`notify ), _("Enable Password Policies"), false ), - `HSpacing( `opt(`hstretch))), - `HBox( `CheckBox( `id( `cb_ppolicy_hashcleartext ), - _("Hash Clear Text Passwords"), false ), - `HSpacing( `opt(`hstretch))), - `HBox( `CheckBox( `id( `cb_ppolicy_uselockout ), - _("Disclose \"Account Locked\" Status"), false ), - `HSpacing( `opt(`hstretch))), - `HBox( `TextEntry( `id( `te_ppolicy_defaultpolicy ), - _("Default Policy Object DN"), "cn=Default Password Policy" ), - `HSpacing( 0.5 ), - `VBox(`Bottom( `CheckBox( `id( `cb_pp_append_basedn ), - _("&Append Base DN"), true ) - ),`VSpacing( 0.3 ))), - `VSpacing(0.25) - )), - `HBox( `PushButton( `id( `ok ), Label::OKButton() ), - `PushButton( `id( `cancel ), Label::CancelButton() ) - ) - ), `HSpacing(0.25)) + "adddb" : addDbWidget, ], "cb_check" : ``( cb_check_databases() ), "cb_read" : ``( cb_read_databases() ), @@ -1210,62 +1044,10 @@ void addDatabaseWidgetMap( string suffix, boolean new_db ) { if( haskey( widget_map, suffix ) ) return; - term dlg_database = - /* Dialog Headline */ - `VBox( `Heading( _("Edit Database") ), - `VSpacing( 1 ), - /* textentry description */ - `Frame ( _("General Settings"), `VBox( - `TextEntry( `id( `te_basedn ), `opt( `disabled ), _("&Base DN") ), - `VSpacing( 0.5 ), - /* textentry description */ - `VSquash( `HBox( `TextEntry( `id( `te_rootdn ), _("&Root DN") ), - `HSpacing( 0.5 ), - /* checkbox text */ - `VBox( `Bottom( `CheckBox( `id( `cb_append_basedn ), _("&Append Base DN") ) ), - `VSpacing( 0.3 ) - ) - ) ), - `VSpacing( 0.5 ), - /* textentry description */ - `HBox( `Password( `id( `te_rootpw ), _("LDAP &Password") ), - `HSpacing( 0.5 ), - /* textentry description */ - `Password( `id( `te_valid_rootpw ), _("&Validate Password") ), - `HSpacing( 0.5 ), - /* combobox text */ - `ComboBox( `id( `cb_cryptmethod ), _("&Encryption"), enc_types ) - ) - )), - `VSpacing( 1 ), - `Frame( _("Password Policy Settings"), `VBox( `VSpacing(0.25), - `HBox( `CheckBox( `id( `cb_ppolicy_overlay ),`opt(`notify ), - _("Enable Password Policies"), false ), - `HSpacing( `opt(`hstretch))), - `HBox( `CheckBox( `id( `cb_ppolicy_hashcleartext ), - _("Hash Clear Text Passwords"), false ), - `HSpacing( `opt(`hstretch))), - `HBox( `CheckBox( `id( `cb_ppolicy_uselockout ), - _("Disclose \"Account Locked\" Status"), false ), - `HSpacing( `opt(`hstretch))), - `VSquash( `HBox( - `TextEntry( `id( `te_ppolicy_defaultpolicy ), - _("Default Policy Object DN"), "cn=Default Policy" ), - `HSpacing( 0.5 ), - `VBox(`Bottom( `CheckBox( `id( `cb_pp_append_basedn ), - _("&Append Base DN"), true ) - ), - `VSpacing( 0.3 ) - ) - ) - ), - `VSpacing(0.25) - )) - ); map<string,any> item_map = $[ "name" : suffix, - "widget" : dlg_database, + "widget" : editDbWidget, "new_db" : new_db, "dynamic" : true, "help_page" : "database_detail", @@ -1286,21 +1068,12 @@ y2debug( "generating database tree items" ); //generate database entries - - list<string> dblist = LdapServer::ReadDbList(); - y2debug( "ycp: dblist is '%1'", dblist ); - - foreach( string suffix, dblist, { - addDatabaseWidgetMap( suffix, false ); - } ); - - list<string> dblistNEW = LdapServer::ReadDbListNEW(); - y2debug( "ycp: dblistNEW is '%1'", dblistNEW ); - - foreach( string suffix, dblistNEW, { - addDatabaseWidgetMap( suffix, true ); + y2milestone( "calling databases read handler" ); + list<map<string,string> > dblist = LdapServer::GetDatabaseList(); + foreach( map<string,string> db, dblist, { + string tmp = sformat("%1 (%2)", db["suffix"]:"", db["type"]:"" ); + addDatabaseWidgetMap( tmp , false ); } ); - y2debug( "databases map is '%1'", (map<string,any>)widget_map["databases"]:$[] ); } Added: trunk/ldap-server/src/widgets.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/widgets.ycp?rev=48589&view=auto ============================================================================== --- trunk/ldap-server/src/widgets.ycp (added) +++ trunk/ldap-server/src/widgets.ycp Fri Jun 27 15:56:38 2008 @@ -0,0 +1,367 @@ + +{ + textdomain "ldap-server"; + map<string, any> firewall_settings = $[ + "services": [ "ldap" , "ldaps" ], + "display_details": true, + ]; + + /* list of valid encoding methods for password inputs, used by add database and edit database + * dialogs + */ + list enc_types = [ + `item( `id( "CRYPT" ), "CRYPT" ), + `item( `id( "SMD5" ), "SMD5" ), + `item( `id( "SHA" ), "SHA" ), + `item( `id( "SSHA" ), "SSHA", true ), + `item( `id( "PLAIN" ), "PLAIN" ) + ]; + + map<string, any> fw_widget = CWMFirewallInterfaces::CreateOpenFirewallWidget (firewall_settings); + term dlg_service_new = `Top( + `VBox( + `VBox( + `Frame( _("&Start LDAP Server"), + `VBox( + `RadioButtonGroup( + `VBox( + `Left( `RadioButton( `id( `rb_no ), `opt( `notify ), Label::NoButton(), !LdapServer::ReadServiceEnabled() ) ), + `Left( `RadioButton( `id( `rb_yes ), `opt( `notify ), Label::YesButton(), LdapServer::ReadServiceEnabled() ) ) + ) + ), + `Left( `CheckBox( `id( `cb_register_slp ), _("Register at an &SLP Daemon"), LdapServer::ReadSLPEnabled() )), + `HStretch() + ) + ) + ), + `VSpacing(), + `VBox( + `Frame( _("Protocol Listeners"), + `VBox( + `Left( + `HBox( + `HWeight(1, `CheckBox( `id( `cb_interface_ldap), _("LDAP"), false )), + `HWeight(1, `PushButton( `id( `pb_interface_ldap), "Interfaces ...")), + `HWeight(1, `HStretch()) + ) + ), + `Left( + `HBox( + `HWeight(1, `CheckBox( `id( `cb_interface_ldaps), _("LDAP over SSL (ldaps)"), false )), + `HWeight(1, `PushButton( `id( `pb_interface_ldaps), "Interfaces ...")), + `HWeight(1, `HStretch()) + ) + ), + `Left( + `HBox( + `HWeight(1, `CheckBox( `id( `cb_interface_ldapi), _("LDAP over IPC (ldapi)"), false ) ), + `HWeight(1, `PushButton( `id( `pb_interface_ldapi), "Interfaces ...") ), + `HWeight(1, `HStretch()) + ) + ) + ) + ) + ), + `VSpacing(), + `VBox( + `Frame( _("Firewall Settings"), + `VBox( + fw_widget["custom_widget"]:`Empty(), + `HStretch() + ) + ) + ) + ) + ); + + term schemaWidget = + `HBox( + `VBox( + `ReplacePoint( + `id( `rp_schemalist ), `Empty() + ), + `Left( + `HBox( + `PushButton( `id( `pb_add ), Label::AddButton() ), + `HSpacing( 0.5 ), + `PushButton( `id( `pb_delete ), Label::DeleteButton() ) + ) + ), + `VSpacing( 1 ) + ), + `HSpacing( 0.5 ), + `VBox( + `PushButton( `id( `pb_up ), Label::UpButton() ), + `PushButton( `id( `pb_down ), Label::DownButton() ) + ) + ); + + term loglevelWidget = + `MultiSelectionBox( + `id( `msb_loglevel ), _("Select &Log Level Flags:"), [ + `item( `id( `trace ), _("Trace Function Calls") ), + `item( `id( `packets ), _("Debug Packet Handling") ), + `item( `id( `args ), _("Heavy Trace Debugging (function args)") ), + `item( `id( `conns ), _("Connection Management") ), + `item( `id( `BER ), _("Print Packets Sent and Received") ), + `item( `id( `filter ), _("Search Filter Processing") ), + `item( `id( `config ), _("Configuration File Processing") ), + `item( `id( `ACL ), _("Access Control List Processing") ), + `item( `id( `stats ), _("Log Connections, Operations, and Result") ), + `item( `id( `stats2 ), _("Log Entries Sent") ), + `item( `id( `shell ), _("Print Communication with Shell Back-Ends") ), + `item( `id( `parse ), _("Entry Parsing") ), + `item( `id( `sync ), _("Entry Parsing") ), + `item( `id( `none ), _("None") ), + `item( `id( `cache ), _("Proxy Cache") ) + ] + ); + + term allowWidget = + `MultiSelectionBox( + `id( `msb_allow ), _("Select &Allow Flags:"), [ + `item( `id( "bind_v2" ), _("LDAPv2 Bind Requests") ), + `item( `id( "bind_anon_cred" ), _("Anonymous Bind when Credentials Not Empty") ), + `item( `id( "bind_anon_dn" ), _("Unauthenticated Bind when DN Not Empty") ), + `item( `id( "update_anon" ), _("Unauthenticated Update Options to Process") ) + ] + ); + + term tlsWidget = + `VBox( + `Heading( _("TLS Settings") ), + `Frame( + _("TLS Active"), + `RadioButtonGroup( + `id( `rbg_tls ), + `HBox( + `RadioButton( `id( `rb_yes ), `opt( `notify ), Label::YesButton() ), + `RadioButton( `id( `rb_no ), `opt( `notify ), Label::NoButton() ) + ) + ) + ), + `RichText( `id( `rt_tls_info ), "" ), + `PushButton( `id( `pb_edit ), _("&Select Certificate...") ) + ); + term tlsTypeWidget = + `VBox( + `Heading( _("Select Type") ), + `VSpacing( 1 ), + `RadioButtonGroup( + `id( `rbg_type ), + `VBox ( + `Left( + `RadioButton( `id( `rb_import ), _("&Import Certificates") ) + ), + `Left( + `RadioButton( `id( `rb_common ), _("Use C&ommon Server Certificate"), true ) + ) + ) + ), + `VSpacing( 1 ), + `HBox( + `PushButton( `id( `ok ), Label::OKButton() ), + `PushButton( `id( `cancel ), Label::CancelButton()) + ) + ); + term tlsImportWidget = + `VBox( + `Heading( _("Import Certificate") ), + `VSpacing( 1 ), + `VSquash( + `HBox( + `TextEntry( `id( `te_cert_file ), _("Certificate &File (PEM Format)") ), + `HSpacing( 0.5 ), + `Bottom( + `PushButton( `id( `pb_cert_file ), _("&Browse...") ) + ) + ) + ), + `VSpacing( 0.5 ), + `VSquash( + `HBox( + `TextEntry( `id( `te_key_file ), _("Certificate &Key File (PEM Format -- Unencrypted)")+" " ), + `HSpacing( 0.5 ), + `Bottom( + `PushButton( `id( `pb_key_file ), _("B&rowse...") ) + ) + ) + ), + `VSpacing( 0.5 ), + `VSquash( + `HBox( + `TextEntry( `id( `te_ca_file ), _("C&A Certificate File (PEM Format)") ), + `HSpacing( 0.5 ), + `Bottom( + `PushButton( `id( `pb_ca_file ), _("Bro&wse...") ) + ) + ) + ), + `VSpacing( 1 ), + `HBox( + `PushButton( `id( `ok ), Label::OKButton() ), + `PushButton( `id( `cancel ), Label::CancelButton() ) + ) + ); + + term addDbWidget = + `HBox( + `HSpacing(0.25), + `VBox( + `Heading( _("Add Database") ), + `VSpacing( 1 ), + `Frame( _("General Settings"), + `VBox( + `TextEntry( `id( `te_basedn ), `opt(`notify ), _("&Base DN") ), + `VSpacing( 0.5 ), + `VSquash( + `HBox( + `TextEntry( `id( `te_rootdn ), _("&Root DN") ), + `HSpacing( 0.5 ), + `VBox( + `Bottom( + `CheckBox( `id( `cb_append_basedn ), _("&Append Base DN"), true ) + ), + `VSpacing( 0.3 ) + ) + ) + ), + `VSpacing( 0.5 ), + `HBox( + `Password( `id( `te_rootpw ), _("LDAP &Password") ), + `HSpacing( 0.5 ), + `Password( `id( `te_valid_rootpw ), _("&Validate Password") ), + `HSpacing( 0.5 ), + `ComboBox( `id( `cb_cryptmethod ), _("&Encryption"), enc_types ) + ), + `VSpacing( 0.5 ), + `VSquash( + `HBox( + `TextEntry( `id( `te_directory ),`opt(`notify ), _("&Database Directory") ), + `HSpacing( 0.5 ), + `Bottom( + `PushButton( `id( `pb_directory ), _("&Browse...") ) + ) + ) + ) + ) + ), + `VSpacing( 1 ), + `Frame( _("Password Policy Settings"), + `VBox( + `VSpacing(0.25), + `HBox( + `CheckBox( `id( `cb_ppolicy_overlay ), + `opt(`notify ), _("Enable Password Policies"), false + ), + `HSpacing( `opt(`hstretch)) + ), + `HBox( + `CheckBox( `id( `cb_ppolicy_hashcleartext ), + _("Hash Clear Text Passwords"), false + ), + `HSpacing( `opt(`hstretch)) + ), + `HBox( + `CheckBox( `id( `cb_ppolicy_uselockout ), + _("Disclose \"Account Locked\" Status"), false + ), + `HSpacing( `opt(`hstretch)) + ), + `HBox( + `TextEntry( `id( `te_ppolicy_defaultpolicy ), + _("Default Policy Object DN"), "cn=Default Password Policy" ), + `HSpacing( 0.5 ), + `VBox( + `Bottom( + `CheckBox( `id( `cb_pp_append_basedn ), + _("&Append Base DN"), true + ) + ), + `VSpacing( 0.3 ) + ) + ), + `VSpacing(0.25) + ) + ), + `HBox( + `PushButton( `id( `ok ), Label::OKButton() ), + `PushButton( `id( `cancel ), Label::CancelButton() ) + ) + ), + `HSpacing(0.25) + ); + + term editDbWidget = + `VBox( + `Heading( _("Edit Database") ), + `VSpacing( 1 ), + `Frame ( _("General Settings"), + `VBox( + `TextEntry( `id( `te_basedn ), `opt( `disabled ), _("&Base DN") ), + `VSpacing( 0.5 ), + `VSquash( + `HBox( + `TextEntry( `id( `te_rootdn ), _("&Root DN") ), + `HSpacing( 0.5 ), + `VBox( + `Bottom( + `CheckBox( `id( `cb_append_basedn ), _("&Append Base DN") ) + ), + `VSpacing( 0.3 ) + ) + ) + ), + `VSpacing( 0.5 ), + `HBox( + `Password( `id( `te_rootpw ), _("LDAP &Password") ), + `HSpacing( 0.5 ), + `Password( `id( `te_valid_rootpw ), _("&Validate Password") ), + `HSpacing( 0.5 ), + `ComboBox( `id( `cb_cryptmethod ), _("&Encryption"), enc_types ) + ) + ) + ), + `VSpacing( 1 ), + `Frame( _("Password Policy Settings"), + `VBox( `VSpacing(0.25), + `HBox( + `CheckBox( `id( `cb_ppolicy_overlay ),`opt(`notify ), + _("Enable Password Policies"), false + ), + `HSpacing( `opt(`hstretch)) + ), + `HBox( + `CheckBox( `id( `cb_ppolicy_hashcleartext ), + _("Hash Clear Text Passwords"), false + ), + `HSpacing( `opt(`hstretch)) + ), + `HBox( + `CheckBox( `id( `cb_ppolicy_uselockout ), + _("Disclose \"Account Locked\" Status"), false + ), + `HSpacing( `opt(`hstretch)) + ), + `VSquash( + `HBox( + `TextEntry( `id( `te_ppolicy_defaultpolicy ), + _("Default Policy Object DN"), "cn=Default Policy" + ), + `HSpacing( 0.5 ), + `VBox( + `Bottom( + `CheckBox( `id( `cb_pp_append_basedn ), + _("&Append Base DN"), true + ) + ), + `VSpacing( 0.3 ) + ) + ) + ), + `VSpacing(0.25) + ) + ) + ); +} + -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org
participants (1)
-
rhafer@svn.opensuse.org