diff options
Diffstat (limited to 'base/tps/lib/perl/PKI/TPS/Common.pm')
| -rwxr-xr-x | base/tps/lib/perl/PKI/TPS/Common.pm | 148 |
1 files changed, 148 insertions, 0 deletions
diff --git a/base/tps/lib/perl/PKI/TPS/Common.pm b/base/tps/lib/perl/PKI/TPS/Common.pm new file mode 100755 index 000000000..c66942599 --- /dev/null +++ b/base/tps/lib/perl/PKI/TPS/Common.pm @@ -0,0 +1,148 @@ +#!/usr/bin/perl +# +# --- BEGIN COPYRIGHT BLOCK --- +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; +# version 2.1 of the License. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301 USA +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +# + +package PKI::TPS::Common; + +use strict; +use warnings; +use Exporter; +use Mozilla::LDAP::Conn; +use Mozilla::LDAP::LDIF; + +use vars qw(@ISA @EXPORT @EXPORT_OK); +@ISA = qw(Exporter Autoloader); +@EXPORT = qw(r yes no import_ldif test_and_make_connection make_connection); + +$PKI::TPS::Common::VERSION = '1.00'; + +sub yes { + return sub {1}; +} + +sub no { + return sub {0}; +} + +sub r { + my $a = shift; + return sub { $a; } +} + +# special function to add schema elements. This assumes the entry +# is ldif update format with changetype "modify" and operation "add" +# +sub add_schema_update +{ + my ($conn, $aentry, $err_ref) = @_; + + my $sentry = $conn->search($aentry->{dn}, "base", "(objectclass=*)", 0, ("*", "aci")); + if (!$sentry) { + $$err_ref .= "Error: trying to update entry that does not exist: " . $aentry->{dn} . "\n"; + return 0; + } + + my @addtypes = ("attributeTypes", "objectClasses"); + + foreach my $attr (@addtypes) { + my @vals = $aentry->getValues($attr); + push @vals, $vals[0]; # HACK! for some reason, first value always fails with server unwilling to perform + + foreach my $val (@vals) { + $sentry->addValue( $attr, $val ); + $conn->update($sentry); + my $rc = $conn->getErrorCode(); + if ( $rc != 0 ) { + my $string = $conn->getErrorString(); + $$err_ref .= "Error: updating entry " . $sentry->{dn} . " with value $val : $string\n"; + } else { + $$err_ref .= "Updated entry ". $sentry->{dn} . " with value $val : rc = $rc\n"; + } + } + } + return 1; +} + +sub import_ldif +{ + my ($conn, $ldif_file, $msg_ref, $schema) = @_; + + if (!open( MYLDIF, "$ldif_file" )) { + $$msg_ref = "Could not open $ldif_file: $!\n"; + return 0; + } + + my $in = new Mozilla::LDAP::LDIF(*MYLDIF); + while (my $entry = readOneEntry $in) { + if (defined($schema) && ($schema == 1)) { + add_schema_update($conn, $entry, $msg_ref); + } else { + if (!$conn->add($entry)) { + $$msg_ref .= "Error: could not add entry " . $entry->getDN() . ":" . $conn->getErrorString() . "\n"; + } + } + } + close( MYLDIF ); + return 1; +} + +# this subroutine checks if an ldaps connection is successful first +# and then if an ldap connection is successful. +# This prevents a hanging condition when someone tries to connect to a ldaps +# port using LDAP +# +# The arg hash is assumed to have the certdir (key == cert) defined. + +sub test_and_make_connection +{ + my ($arg_ref, $secureconn, $msg_ref) = @_; + my $conn = new Mozilla::LDAP::Conn($arg_ref); + if ($conn) { #ldaps succeeds + if ($secureconn eq "false") { + $$msg_ref = "SSL not selected, but this looks like an SSL port."; + return undef; + } + } else { #ldaps failed + if ($secureconn eq "true") { + $$msg_ref = "Failed to connect to LDAPS port"; + return undef; + } + delete $arg_ref->{cert}; + $conn = new Mozilla::LDAP::Conn($arg_ref); + if (!$conn) { # ldap failed + $$msg_ref = "Failed to connect to LDAP port:"; + return undef; + } + } + return $conn; +} + +sub make_connection +{ + my ($arg_ref, $secureconn) = @_; + if ($secureconn eq "false") { + delete $arg_ref->{cert}; + } + return new Mozilla::LDAP::Conn($arg_ref); +} + +1; |