/*************************************************************************/ /* LDAPCONF - Linuxconf module for LDAP operation. Copyright (C) 1999,2000,2001 Stein Vråle This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the GNU General Public License for more details. **************************************************************************/ /* ldapconf profiles (FIXME: need better description of the ldapconf profile types) The client profiles are used to hold information for directory binding and layout. A client profile will point to: - a bind profile - which holds the authentication information for a directory - a form profile - which provides fields for updating a directory - other settings for handling this directory ***************************************************************************/ #include #include #include #include "profiles.h" #include "fields.h" #include "ldapconf_defs.h" HELP_FILE help_profile("ldapconf","profile"); static PROFILES profiles(PROFILE_DIR,"Directory"); static PROFILES bindings(DBBIND_DIR,"Binding"); static PROFILES forms(DBFORM_DIR,"Form"); /* static PRIVILEGES priv_profile; static void profiles_priv(){ profiles.setup_priv(priv_profile,MSG_U(T_PROFILE_PRIV,"LDAP Profile")); } static PRIVILEGE_DECLARATOR profiles_decl(profiles_priv); */ /* Edit LDAP user profile */ void profile_edit(const char *id) { (&profiles); profiles.use (id); CONFDB c_profile = *profiles.profile.data; D(debugf(2,"profile_edit profile.id = %s \n",profiles.id.get())); SSTRING bind_name = c_profile.getval ("profile","bind","userinfo"); SSTRING form_name = c_profile.getval ("profile","form","userinfo"); SSTRING ldap_protocol = c_profile.getval ("profile","protocol",mode_ldap_protocol.get()); SSTRING dn_prefix = c_profile.getval ("profile","prefix","ou=People"); SSTRING primary_key = c_profile.getval ("profile","primarykey","uid"); SSTRING group_prefix = c_profile.getval ("profile","groupprefix","ou=Group"); SSTRING member_key = c_profile.getval ("profile","memberkey","memberuid"); char userconf_comng = c_profile.getvalnum ("profile","userconf_comng",0); char userconf_pwsync = c_profile.getvalnum ("profile","userconf_pwsync",0); SSTRING crypt_hash = c_profile.getval ("profile","crypt_hash","crypt"); SSTRING comment = c_profile.getval ("profile","comment",""); char user_access = c_profile.getvalnum ("profile","useraccess",0); int max_uid = c_profile.getvalnum ("profile","max_uid",5000000); int min_uid = c_profile.getvalnum ("profile","min_uid",10000); SSTRING classes = c_profile.getval ("profile","classes",""); DIALOG dia; // General dia.newf_info("Profilename",profiles.profile.id.get()); dia.newf_str (MSG_U(F_PROFILE_COMMENT,"Comment"),comment,50); char protocol = atoi(ldap_protocol.get()); dia.newf_radio (MSG_U(F_PROFILE_PROTOCOL,"LDAP Protocol"),protocol,2,"v2"); dia.newf_radio("",protocol,3,"v3"); dia.newf_title(MSG_U(T_PROFILE_PERM,"Permission"),1,"",MSG_R(T_PROFILE_PERM)); FIELD_COMBO *bindlist = dia.newf_combo(MSG_U(F_PROFILE_BIND,"Bind profile"),bind_name); { SSTRINGS tb; int n = bindings.get_list(tb); for (int i=0; iaddopt(tb.getitem(i)->get()); } } dia.newf_chk (MSG_U(F_PROFILE_ACCESS,"User access"),user_access,"Allow"); dia.newf_title(MSG_U(T_PROFILE_FORM,"Form"),1,"",MSG_R(T_PROFILE_FORM)); FIELD_COMBO *formlist = dia.newf_combo(MSG_U(F_PROFILE_FORM,"Form profile"),form_name); { SSTRINGS tb; int n = forms.get_list(tb); for (int i=0; iaddopt(tb.getitem(i)->get()); } } dia.newf_str (MSG_U(F_CLASSES,"LDAP classes"),classes); // Accounts dia.newf_title(MSG_U(T_PROFILE_ACCOUNTS,"Accounts"),1,"",MSG_R(T_PROFILE_ACCOUNTS)); dia.newf_str (MSG_U(F_PROFILE_KEY,"Account key attribute"),primary_key); dia.newf_str (MSG_U(F_PROFILE_PREFIX,"Account prefix component"),dn_prefix); dia.newf_chk (MSG_U(F_PROFILE_COMNG,"Userconf comanager"),userconf_comng,"Enable"); dia.newf_chk (MSG_U(F_PROFILE_PWSYNC,"Userconf password sync"),userconf_pwsync,"Enable"); FIELD_COMBO *hashlist = dia.newf_combo(MSG_U(F_CRYPT_HASH,"Password crypt algorithm"),crypt_hash); hashlist->addopt ("none"); hashlist->addopt ("crypt"); hashlist->addopt ("md5"); hashlist->addopt ("smd5"); hashlist->addopt ("sha"); hashlist->addopt ("ssha"); dia.newf_num (MSG_U(F_PROFILE_MAXUID,"Max uid"),max_uid); dia.newf_num (MSG_U(F_PROFILE_MINUID,"Min uid"),min_uid); // Groups dia.newf_title(MSG_U(T_PROFILE_GROUPCONF,"Groups"),1,"",MSG_R(T_PROFILE_GROUPCONF)); dia.newf_str (MSG_U(F_PROFILE_MEMBER,"Member key attribute"),member_key); dia.newf_str (MSG_U(F_PROFILE_GROUP,"Group prefix component"),group_prefix); int nof = 0; while (1){ MENU_STATUS code = dia.edit (MSG_U(T_PROFILE_EDIT,"Profile") ,MSG_U(I_PROFILE_EDIT ,"Profile setup") ,help_formclient ,nof, MENUBUT_ACCEPT|MENUBUT_CANCEL|MENUBUT_ADD|MENUBUT_DEL); if (code == MENU_CANCEL || code == MENU_ESCAPE){ break; }else if (code == MENU_DEL && profiles.del()) { break; }else if (code == MENU_ADD && profiles.add(&c_profile)) { break; }else if (code == MENU_ACCEPT){ // Save profile ldap_protocol.setfrom(protocol); c_profile.replace ("profile","bind",bind_name); c_profile.replace ("profile","form",form_name); c_profile.replace ("profile","protocol",ldap_protocol.get()); c_profile.replace ("profile","prefix",dn_prefix); c_profile.replace ("profile","primarykey",primary_key); c_profile.replace ("profile","userconf_comng",userconf_comng); c_profile.replace ("profile","userconf_pwsync",userconf_pwsync); c_profile.replace ("profile","crypt_hash",crypt_hash); c_profile.replace ("profile","memberkey",member_key); c_profile.replace ("profile","groupprefix",group_prefix); c_profile.replace ("profile","useraccess",user_access); c_profile.replace ("profile","comment",comment); c_profile.replace ("profile","max_uid",max_uid); c_profile.replace ("profile","min_uid",min_uid); c_profile.replace ("profile","classes",classes); c_profile.save(); break; } } } void profile_select() { while (profiles.dia_select() != -1){ ldap_usermenu(profiles.profile.id.get()); } } /* Config binding */ void bindprofile_edit() { (&bindings); bindings.use (id); CONFDB conf = *bindings.profile.data; /* Defaults */ SSTRING binddn = conf.getval ("ldap","binddn"); SSTRING bindpw = conf.getval ("ldap","bindpw"); SSTRING host = conf.getval ("ldap","host"); SSTRING port = conf.getval ("port","port"); SSTRING base = conf.getval ("ldap","base"); char usesasl = conf.getvalnum ("ldap","usesasl",0); DIALOG dia; dia.newf_info("Profilename",bindings.profile.id.get()); dia.newf_str(MSG_U(F_BINDPROFILE_BASE,"Base"),base); dia.newf_str(MSG_U(F_BINDPROFILE_HOST,"Host"),host); dia.newf_str(MSG_U(F_BINDPROFILE_PORT,"Port"),port); dia.newf_str(MSG_U(F_BINDPROFILE_DN,"Bind DN"),binddn); dia.newf_str(MSG_U(F_BINDPROFILE_PW,"Password"),bindpw); dia.newf_chk(MSG_U(F_AUTHPROT,"Authentication protocol"),usesasl ,MSG_U(I_AUTHPROT,"Use SASL")); int nof = 0; while (1){ MENU_STATUS code = dia.edit (MSG_U(T_BINDPROFILE_CONFIG,"LDAP Bind profile") ,MSG_U(I_BINDPROFILE_CONFIG,"Configure LDAP binding profile") ,help_ldap ,nof ,MENUBUT_ADD|MENUBUT_ACCEPT|MENUBUT_CANCEL|MENUBUT_DEL); if (code == MENU_QUIT || code == MENU_CANCEL || code == MENU_ESCAPE){ break; }else if (code == MENU_DEL && bindings.del()){ break; }else if (code == MENU_ADD && bindings.add(&conf)){ break; }else if (code == MENU_ACCEPT){ conf.replace("ldap","base",base.get()); conf.replace("ldap","host",host.get()); conf.replace("ldap","port",port.get()); conf.replace("ldap","binddn",binddn.get()); conf.replace("ldap","bindpw",bindpw.get()); conf.replace("ldap","usesasl",usesasl); conf.save(); break; } } } /* Collections of database forms using FORM_DEFS from the userinfo module. All forms will be saved in separate files, to allow "dropin" forms from database implementations. The forms are saved in /etc/ldapconf/dbform. */ /* Edit form profiles */ void formprofile_edit() { (&forms); forms.use (id); FIELD_DEFS defs(forms.profile.data); defs.read(); defs.edit(); defs.write(); }