X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fldapauthenticator.cpp;h=9e9d46389924a79ca9f894e4f0438cec2d059419;hp=240e0ea3b7ea8b238315dac3abb365b7544023e7;hb=ce1feba3940c27dbce5eff9fa9705dce8240a64a;hpb=258d157a228d2b2b46b01d3b33ab932b9979436a

diff --git a/src/core/ldapauthenticator.cpp b/src/core/ldapauthenticator.cpp
index 240e0ea3..9e9d4638 100644
--- a/src/core/ldapauthenticator.cpp
+++ b/src/core/ldapauthenticator.cpp
@@ -1,5 +1,5 @@
 /***************************************************************************
- *   Copyright (C) 2005-2015 by the Quassel Project                        *
+ *   Copyright (C) 2005-2016 by the Quassel Project                        *
  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
@@ -50,8 +50,7 @@ LdapAuthenticator::LdapAuthenticator(QObject *parent)
 
 LdapAuthenticator::~LdapAuthenticator()
 {
-    if (_connection != 0)
-    {
+    if (_connection != 0) {
         ldap_unbind_ext(_connection, 0, 0);
     }
 }
@@ -63,51 +62,53 @@ bool LdapAuthenticator::isAvailable() const
     return true;
 }
 
+
 QString LdapAuthenticator::backendId() const
 {
-    // We identify the backend to use for the monolithic core by its displayname.
+    // We identify the backend to use for the monolithic core by this identifier.
     // so only change this string if you _really_ have to and make sure the core
     // setup for the mono client still works ;)
     return QString("LDAP");
 }
 
+
+QString LdapAuthenticator::displayName() const
+{
+    return tr("LDAP");
+}
+
+
 QString LdapAuthenticator::description() const
 {
     return tr("Authenticate users using an LDAP server.");
 }
 
-QStringList LdapAuthenticator::setupKeys() const
+
+QVariantList LdapAuthenticator::setupData() const
 {
     // The parameters needed for LDAP.
-    QStringList keys;
-    keys << "Hostname"
-         << "Port"
-         << "Bind DN"
-         << "Bind Password"
-         << "Base DN"
-         << "Filter"
-         << "UID Attribute";
-    return keys;
+    QVariantList data;
+    data << "Hostname"     << tr("Hostname")      << QString{"ldap://localhost"}
+         << "Port"         << tr("Port")          << DEFAULT_LDAP_PORT
+         << "BindDN"       << tr("Bind DN")       << QString{}
+         << "BindPassword" << tr("Bind Password") << QString{}
+         << "BaseDN"       << tr("Base DN")       << QString{}
+         << "Filter"       << tr("Filter")        << QString{}
+         << "UidAttribute" << tr("UID Attribute") << QString{"uid"}
+         ;
+    return data;
 }
 
-QVariantMap LdapAuthenticator::setupDefaults() const
-{
-    QVariantMap map;
-    map["Hostname"] = QVariant(QString("ldap://localhost"));
-    map["Port"] = QVariant(DEFAULT_LDAP_PORT);
-    map["UID Attribute"] = QVariant(QString("uid"));
-    return map;
-}
 
-void LdapAuthenticator::setConnectionProperties(const QVariantMap &properties)
+void LdapAuthenticator::setAuthProperties(const QVariantMap &properties)
 {
     _hostName = properties["Hostname"].toString();
     _port = properties["Port"].toInt();
-    _baseDN = properties["Base DN"].toString();
+    _bindDN = properties["BindDN"].toString();
+    _bindPassword = properties["BindPassword"].toString();
+    _baseDN = properties["BaseDN"].toString();
     _filter = properties["Filter"].toString();
-    _bindDN = properties["Bind DN"].toString();
-    _bindPassword = properties["Bind Password"].toString();
-    _uidAttribute = properties["UID Attribute"].toString();
+    _uidAttribute = properties["UidAttribute"].toString();
 }
 
 // TODO: this code is sufficiently general that in the future, perhaps an abstract
@@ -117,47 +118,49 @@ void LdapAuthenticator::setConnectionProperties(const QVariantMap &properties)
 UserId LdapAuthenticator::validateUser(const QString &username, const QString &password)
 {
     bool result = ldapAuth(username, password);
-    if (!result)
-    {
+    if (!result) {
         return UserId();
     }
 
+    // LDAP is case-insensitive, thus we will lowercase the username, in spite of
+    // a better solution :(
+    const QString lUsername = username.toLower();
+
     // If auth succeeds, but the user has not logged into quassel previously, make
     // a new user for them and return that ID.
     // Users created via LDAP have empty passwords, but authenticator column = LDAP.
     // On the other hand, if auth succeeds and the user already exists, do a final
     // cross-check to confirm we're using the right auth provider.
-    UserId quasselID = Core::validateUser(username, QString());
-    if (!quasselID.isValid())
-    {
-        return Core::addUser(username, QString(), backendId());
+    UserId quasselId = Core::validateUser(lUsername, QString());
+    if (!quasselId.isValid()) {
+        return Core::addUser(lUsername, QString(), backendId());
     }
-    else if (!(Core::checkAuthProvider(quasselID, backendId())))
-    {
+    else if (!(Core::checkAuthProvider(quasselId, backendId()))) {
         return 0;
     }
-    return quasselID;
+    return quasselId;
 }
 
+
 bool LdapAuthenticator::setup(const QVariantMap &settings)
 {
-    setConnectionProperties(settings);
+    setAuthProperties(settings);
     bool status = ldapConnect();
     return status;
 }
 
+
 Authenticator::State LdapAuthenticator::init(const QVariantMap &settings)
 {
-    setConnectionProperties(settings);
+    setAuthProperties(settings);
 
     bool status = ldapConnect();
-    if (!status)
-    {
-        quInfo() << qPrintable(backendId()) << "Authenticator cannot connect.";
+    if (!status) {
+        quInfo() << qPrintable(backendId()) << "authenticator cannot connect.";
         return NotAvailable;
     }
 
-    quInfo() << qPrintable(backendId()) << "Authenticator is ready.";
+    quInfo() << qPrintable(backendId()) << "authenticator is ready.";
     return IsReady;
 }
 
@@ -178,6 +181,8 @@ bool LdapAuthenticator::ldapConnect()
     serverURIArray = serverURI.toLocal8Bit();
     res = ldap_initialize(&_connection, serverURIArray);
 
+    quInfo() << "LDAP: Connecting to" << serverURI;
+
     if (res != LDAP_SUCCESS) {
         qWarning() << "Could not connect to LDAP server:" << ldap_err2string(res);
         return false;
@@ -195,6 +200,7 @@ bool LdapAuthenticator::ldapConnect()
     return true;
 }
 
+
 void LdapAuthenticator::ldapDisconnect()
 {
     if (_connection == 0) {
@@ -205,6 +211,7 @@ void LdapAuthenticator::ldapDisconnect()
     _connection = 0;
 }
 
+
 bool LdapAuthenticator::ldapAuth(const QString &username, const QString &password)
 {
     if (password.isEmpty()) {
@@ -215,7 +222,7 @@ bool LdapAuthenticator::ldapAuth(const QString &username, const QString &passwor
 
     // Attempt to establish a connection.
     if (_connection == 0) {
-        if (not ldapConnect()) {
+        if (!ldapConnect()) {
             return false;
         }
     }
@@ -228,7 +235,7 @@ bool LdapAuthenticator::ldapAuth(const QString &username, const QString &passwor
     QByteArray baseDN = _baseDN.toLocal8Bit();
     QByteArray uidAttribute = _uidAttribute.toLocal8Bit();
 
-    cred.bv_val = const_cast<char*>(bindPassword.size() > 0 ? bindPassword.constData() : NULL);
+    cred.bv_val = (bindPassword.size() > 0 ? bindPassword.data() : NULL);
     cred.bv_len = bindPassword.size();
 
     res = ldap_sasl_bind_s(_connection, bindDN.size() > 0 ? bindDN.constData() : 0, LDAP_SASL_SIMPLE, &cred, 0, 0, 0);
@@ -264,8 +271,8 @@ bool LdapAuthenticator::ldapAuth(const QString &username, const QString &passwor
         return false;
     }
 
-    const QByteArray passwordArray = password.toLocal8Bit();
-    cred.bv_val = const_cast<char*>(passwordArray.constData());
+    QByteArray passwordArray = password.toLocal8Bit();
+    cred.bv_val = passwordArray.data();
     cred.bv_len = password.size();
 
     char *userDN = ldap_get_dn(_connection, entry);