OpenLDAP now initializes, but login is not possible and kadmin does not work yet

8 files changed, 730 insertions, 12 deletions

diff --git a/src/Makefile.am b/src/Makefile.am
index 5ad0fd3..5aa0043 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -4,7 +4,7 @@ METASOURCES = AUTO
 # Install this plugin in the KDE modules directory
 kde_module_LTLIBRARIES = kcm_ldapcontroller.la
 
-kcm_ldapcontroller_la_SOURCES = ldapcontroller.cpp ldapcontrollerconfigbase.ui realmwizard.cpp realmintropagedlg.ui realmintropage.cpp realmconfigpagedlg.ui realmconfigpage.cpp realmfinishpagedlg.ui realmfinishpage.cpp processingdialog.cpp
+kcm_ldapcontroller_la_SOURCES = ldapcontroller.cpp ldapcontrollerconfigbase.ui realmwizard.cpp realmintropagedlg.ui realmintropage.cpp realmconfigpagedlg.ui realmconfigpage.cpp realmfinishpagedlg.ui realmfinishpage.cpp processingdialog.cpp sha1.cc
 kcm_ldapcontroller_la_LIBADD = -lkio $(LIB_TDEUI)
 kcm_ldapcontroller_la_LDFLAGS = -avoid-version -module -no-undefined \
 	$(all_libraries)
diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp
index 0b30db9..427148b 100644
--- a/src/ldapcontroller.cpp
+++ b/src/ldapcontroller.cpp
@@ -41,6 +41,9 @@
 #include <kmessagebox.h>
 #include <tqcheckbox.h>
 #include <ktempdir.h>
+#include <kprocess.h>
+
+#include "sha1.h"
 
 #include "ldapcontroller.h"
 #include "realmwizard.h"
@@ -225,11 +228,109 @@ void LDAPController::save() {
 	load();
 }
 
-void replacePlaceholdersInFile(TQString infile, TQString outfile) {
+void replacePlaceholdersInFile(TQString infile, TQString outfile, LDAPRealmConfig realmconfig, TQString adminUserName, TQString adminGroupName, const char * adminPassword, TQString rootUserName, const char * rootPassword, int ldifSchemaNumber=-1, uid_t userid=-1, gid_t groupid=-1) {
+	SHA1 sha;
+	sha.process(rootPassword, strlen(rootPassword));
+	TQString rootpw_hash = sha.base64Hash();
+	sha.reset();
+	sha.process(adminPassword, strlen(rootPassword));
+	TQString adminpw_hash = sha.base64Hash();
+
 	// RAJA FIXME
+
+	// Created needed strings
+	TQStringList domainChunks = TQStringList::split(".", realmconfig.name.lower());
+	TQString basedcname = "dc=" + domainChunks.join(",dc=");
+	TQString simpledcname = domainChunks[0];
+	TQString simpledcnamecap = simpledcname.lower();
+	simpledcnamecap[0] = simpledcnamecap[0].upper();
+	TQString timestamp = TQDateTime::currentDateTime().toString(TQt::ISODate);
+	timestamp.replace("-", "");
+	timestamp.replace(":", "");
+	timestamp.replace("T", "");
+
+	TQFile ifile(infile);
+	TQFile ofile(outfile);
+	if (ifile.open(IO_ReadOnly) && ofile.open(IO_WriteOnly)) {
+		TQString line;
+		TQTextStream istream(&ifile);
+		TQTextStream ostream(&ofile);
+		while (!istream.atEnd()) {
+			line = istream.readLine();
+			line.replace("@@@REALM_DCNAME@@@", basedcname);
+			line.replace("@@@REALM_UCNAME@@@", realmconfig.name.upper());
+			line.replace("@@@REALM_LCNAME@@@", realmconfig.name.lower());
+			line.replace("@@@ADMINSERVER@@@", realmconfig.admin_server);
+			line.replace("@@@ADMINPORT@@@", TQString("%1").arg(realmconfig.admin_server_port));
+			line.replace("@@@KDCSERVER@@@", realmconfig.kdc);
+			line.replace("@@@KDCPORT@@@", TQString("%1").arg(realmconfig.kdc_port));
+			line.replace("@@@ROOTUSER@@@", rootUserName);
+			line.replace("@@@ROOTPW_SHA@@@", rootpw_hash);
+			line.replace("@@@ADMINUSER@@@", adminUserName);
+			line.replace("@@@ADMINGROUP@@@", adminGroupName);
+			line.replace("@@@ADMINPW_SHA@@@", adminpw_hash);
+			line.replace("@@@PKINIT_REQUIRE_EKU@@@", (realmconfig.pkinit_require_eku)?"yes":"no");
+			line.replace("@@@PKINIT_REQUIRE_KRBTGT_OTHERNAME@@@", (realmconfig.pkinit_require_krbtgt_otherName)?"yes":"no");
+			line.replace("@@@WIN2K_PKINIT@@@", (realmconfig.win2k_pkinit)?"yes":"no");
+			line.replace("@@@WIN2K_PKINIT_REQUIRE_BINDING@@@", (realmconfig.win2k_pkinit_require_binding)?"yes":"no");
+			line.replace("@@@REALM_SIMPLE_CP_NAME@@@", simpledcnamecap);
+			line.replace("@@@REALM_SIMPLE_LC_NAME@@@", simpledcname.lower());
+			line.replace("@@@TIMESTAMP@@@", timestamp);
+			if (ldifSchemaNumber >= 0) {
+				line.replace("@@@LDIFSCHEMANUMBER@@@", TQString("%1").arg(ldifSchemaNumber));
+			}
+			ostream << line << "\n";
+		}
+		ifile.close();
+		ofile.close();
+	}
+
+	// Set permissions
+	if ((userid > 0) && (groupid > 0)) {
+		chown(outfile.ascii(), userid, groupid);
+	}
+
+	// Keep UI responsive
+	tqApp->processEvents();
 }
 
-int LDAPController::createNewLDAPRealm(TQWidget* dialogparent, LDAPRealmConfig realmconfig, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr) {
+int LDAPController::controlLDAPServer(sc_command command, uid_t userid, gid_t groupid) {
+	if (command == SC_START) {
+		// FIXME
+		// This assumes Debian!
+		return system("/etc/init.d/slapd start");
+	}
+	if (command == SC_STOP) {
+		// FIXME
+		// This assumes Debian!
+		return system("/etc/init.d/slapd stop");
+	}
+	if (command == SC_RESTART) {
+		// FIXME
+		// This assumes Debian!
+		return system("/etc/init.d/slapd restart");
+	}
+	if (command == SC_PURGE) {
+		controlLDAPServer(SC_STOP);
+		// FIXME
+		// This assumes Debian!
+		system("rm -rf /var/lib/ldap/*");
+	}
+	if (command == SC_SETDBPERMS) {
+		if ((userid > 0) && (groupid > 0)) {
+			TQString command;
+			command = TQString("chown -R %1 /var/lib/ldap/*").arg(userid);
+			system(command.ascii());
+			command = TQString("chgrp -R %1 /var/lib/ldap/*").arg(groupid);
+			system(command.ascii());
+		}
+	}
+	return -2;
+}
+
+int LDAPController::createNewLDAPRealm(TQWidget* dialogparent, LDAPRealmConfig realmconfig, TQString adminUserName, TQString adminGroupName, const char * adminPassword, TQString rootUserName, const char * rootPassword, TQString adminRealm, TQString *errstr) {
+	int ldifSchemaNumber;
+
 	ProcessingDialog pdialog(dialogparent);
 	pdialog.setStatusMessage(i18n("Loading data for realm deployment..."));
 	pdialog.raise();
@@ -237,16 +338,100 @@ int LDAPController::createNewLDAPRealm(TQWidget* dialogparent, LDAPRealmConfig r
 	tqApp->processEvents();
 
 	// Find the templates
-	TQString templateDir = locate("data", "kcmldapcontroller/skel");
-printf("[RAJA DEBUG 100.0] templateDir: %s\n\r", templateDir.ascii()); fflush(stdout);
+	TQString templateDir = locate("data", "kcmldapcontroller/skel/heimdal/heimdal.defaults");
+	templateDir.replace("heimdal/heimdal.defaults", "");
 	if (templateDir == "") {
+		if (errstr) *errstr = i18n("Unable to locate required template files");
 		pdialog.closeDialog();
 		return -1;
 	}
 
 	KTempDir configTempDir;
 	configTempDir.setAutoDelete(true);
-	replacePlaceholdersInFile(templateDir + "heimdal/heimdal.defaults", configTempDir.name() + "heimdal/heimdal.defaults");
+configTempDir.setAutoDelete(false);	// RAJA DEBUG ONLY
+	TQString destDir = "/etc/";
+
+	mkdir(TQString(destDir + "heimdal").ascii(), S_IRUSR|S_IWUSR|S_IXUSR);
+	mkdir(TQString(destDir + "openldap").ascii(), S_IRUSR|S_IWUSR|S_IXUSR);
+	mkdir(TQString(destDir + "openldap/ldap").ascii(), S_IRUSR|S_IWUSR|S_IXUSR);
+
+	replacePlaceholdersInFile(templateDir + "heimdal/heimdal.defaults", destDir + "heimdal.defaults", realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword);
+	replacePlaceholdersInFile(templateDir + "heimdal/kadmind.acl", destDir + "kadmind.acl", realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword);
+	replacePlaceholdersInFile(templateDir + "heimdal/kdc.conf", destDir + "kdc.conf", realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword);
+	replacePlaceholdersInFile(templateDir + "heimdal/krb5.conf", destDir + "krb5.conf", realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword);
+
+	replacePlaceholdersInFile(templateDir + "openldap/skel.ldif", configTempDir.name() + "skel.ldif", realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword);
+	replacePlaceholdersInFile(templateDir + "openldap/ldap/slapd.conf", destDir + "ldap/slapd.conf", realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword);
+	replacePlaceholdersInFile(templateDir + "openldap/ldap/slapd.defaults", destDir + "ldap/slapd.defaults", realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword);
+
+	struct stat sb;
+	uid_t slapd_uid = 0;
+	gid_t slapd_gid = 0;
+	if (stat(destDir + "ldap/slapd.d/cn=config/cn=schema", &sb) == 0) {
+		slapd_uid = sb.st_uid;
+		slapd_gid = sb.st_gid;
+	}
+
+	// Base database configuration
+	ldifSchemaNumber = 1;
+	replacePlaceholdersInFile(templateDir + "openldap/ldif/olcDatabase.ldif", destDir + "ldap/slapd.d/cn=config/" + TQString("olcDatabase={%1}hdb.ldif").arg(ldifSchemaNumber), realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword, ldifSchemaNumber, slapd_uid, slapd_gid);
+
+	// Schema files
+	ldifSchemaNumber = 10;
+	replacePlaceholdersInFile(templateDir + "openldap/ldif/ems-core.ldif", destDir + "ldap/slapd.d/cn=config/cn=schema/" + TQString("cn={%1}ems-core.ldif").arg(ldifSchemaNumber), realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword, ldifSchemaNumber, slapd_uid, slapd_gid);
+	ldifSchemaNumber = 11;
+	replacePlaceholdersInFile(templateDir + "openldap/ldif/hdb.ldif", destDir + "ldap/slapd.d/cn=config/cn=schema/" + TQString("cn={%1}hdb.ldif").arg(ldifSchemaNumber), realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword, ldifSchemaNumber, slapd_uid, slapd_gid);
+	ldifSchemaNumber = 12;
+	replacePlaceholdersInFile(templateDir + "openldap/ldif/tde-core.ldif", destDir + "ldap/slapd.d/cn=config/cn=schema/" + TQString("cn={%1}tde-core.ldif").arg(ldifSchemaNumber), realmconfig, adminUserName, adminGroupName, adminPassword, rootUserName, rootPassword, ldifSchemaNumber, slapd_uid, slapd_gid);
+
+	// Set permissions
+	chmod(TQString(destDir + "heimdal.defaults").ascii(), S_IRUSR|S_IWUSR|S_IRGRP);
+	chmod(TQString(destDir + "kadmind.acl").ascii(), S_IRUSR|S_IWUSR|S_IRGRP);
+	chmod(TQString(destDir + "kdc.conf").ascii(), S_IRUSR|S_IWUSR|S_IRGRP);
+	chmod(TQString(destDir + "krb5.conf").ascii(), S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
+
+	chmod(TQString(configTempDir.name() + "skel.ldif").ascii(), S_IRUSR|S_IWUSR);
+	chmod(TQString(destDir + "ldap/slapd.conf").ascii(), S_IRUSR|S_IWUSR);
+	chmod(TQString(destDir + "ldap/slapd.defaults").ascii(), S_IRUSR|S_IWUSR|S_IRGRP);
+
+	pdialog.setStatusMessage(i18n("Purging existing LDAP database..."));
+	tqApp->processEvents();
+	controlLDAPServer(SC_PURGE);
+
+	pdialog.setStatusMessage(i18n("Loading initial database into LDAP..."));
+	tqApp->processEvents();
+
+	// Stop slapd
+	if (controlLDAPServer(SC_STOP) != 0) {
+		if (errstr) *errstr = i18n("Unable to stop LDAP server");
+		pdialog.closeDialog();
+		return -1;
+	}
+
+	// Load database
+	KProcess slapadd;
+	slapadd << "slapadd" << "-l" << configTempDir.name() + "skel.ldif";
+	slapadd.start();
+	while (slapadd.isRunning()) {
+		tqApp->processEvents();
+	}
+	if (slapadd.exitStatus() != 0) {
+		if (errstr) *errstr = i18n("Unable to import initial database into LDAP");
+		pdialog.closeDialog();
+		return -1;
+	}
+
+	controlLDAPServer(SC_SETDBPERMS, slapd_uid, slapd_gid);
+
+	pdialog.setStatusMessage(i18n("Starting LDAP server..."));
+	tqApp->processEvents();
+
+	// Start slapd
+	if (controlLDAPServer(SC_START) != 0) {
+		if (errstr) *errstr = i18n("Unable to start LDAP server");
+		pdialog.closeDialog();
+		return -1;
+	}
 
 	// RAJA FIXME
 	pdialog.closeDialog();
diff --git a/src/ldapcontroller.h b/src/ldapcontroller.h
index b09a46c..f5bd2a7 100644
--- a/src/ldapcontroller.h
+++ b/src/ldapcontroller.h
@@ -32,6 +32,14 @@
 
 #include "ldapcontrollerconfigbase.h"
 
+enum sc_command {
+	SC_START,
+	SC_STOP,
+	SC_RESTART,
+	SC_PURGE,
+	SC_SETDBPERMS
+};
+
 // PRIVATE
 class LDAPRealmConfig
 {
@@ -67,7 +75,7 @@ class LDAPController: public KCModule
 		virtual const KAboutData *aboutData() const { return myAboutData; };
 
 	public:
-		int createNewLDAPRealm(TQWidget* dialogparent, LDAPRealmConfig realmconfig, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr);
+		int createNewLDAPRealm(TQWidget* dialogparent, LDAPRealmConfig realmconfig, TQString adminUserName, TQString adminGroupName, const char * adminPassword, TQString rootUserName, const char * rootPassword, TQString adminRealm, TQString *errstr);
 
 		// FIXME
 		// This should be moved to a TDE core library
@@ -78,6 +86,9 @@ class LDAPController: public KCModule
 		void processLockouts();
 
 	private:
+		int controlLDAPServer(sc_command command, uid_t userid=-1, gid_t groupid=-1);
+
+	private:
 		KAboutData *myAboutData;
 
 		LDAPControllerConfigBase *m_base;
diff --git a/src/realmfinishpage.cpp b/src/realmfinishpage.cpp
index c71fc0b..f2fd1b6 100644
--- a/src/realmfinishpage.cpp
+++ b/src/realmfinishpage.cpp
@@ -43,6 +43,7 @@ RealmFinishPage::RealmFinishPage(TQWidget *parent, const char *name ) : RealmFin
 	px_introSidebar->setPixmap(UserIcon("step3.png"));
 
 	connect(ldapAdminUsername, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(validateEntries()));
+	connect(ldapAdminGroupname, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(validateEntries()));
 
 	m_parentWizard = dynamic_cast<KWizard*>(parent);
 	m_parentDialog = dynamic_cast<KDialogBase*>(parent);
@@ -54,7 +55,7 @@ RealmFinishPage::~RealmFinishPage(){
 
 void RealmFinishPage::validateEntries() {
 	if (m_parentWizard) {
-		if (ldapAdminUsername->text() != "") {
+		if ((ldapAdminUsername->text() != "") && (ldapAdminGroupname->text() != "")) {
 			m_parentWizard->finishButton()->setEnabled(true);
 		}
 		else {
@@ -62,7 +63,7 @@ void RealmFinishPage::validateEntries() {
 		}
 	}
 	if (m_parentDialog) {
-		if (ldapAdminUsername->text() != "") {
+		if ((ldapAdminUsername->text() != "") && (ldapAdminGroupname->text() != "")) {
 			m_parentDialog->enableButton(KDialogBase::Ok, true);
 		}
 		else {
diff --git a/src/realmfinishpagedlg.ui b/src/realmfinishpagedlg.ui
index 121e632..5cd11d6 100644
--- a/src/realmfinishpagedlg.ui
+++ b/src/realmfinishpagedlg.ui
@@ -99,15 +99,28 @@
 					<cstring>unnamed</cstring>
 				</property>
 				<property name="text">
-					<string>LDAP Realm</string>
+					<string>Administration Group</string>
 				</property>
 			</widget>
 			<widget class="KLineEdit" row="5" column="2">
 				<property name="name">
+					<cstring>ldapAdminGroupname</cstring>
+				</property>
+			</widget>
+			<widget class="TQLabel" row="6" column="1">
+				<property name="name">
+					<cstring>unnamed</cstring>
+				</property>
+				<property name="text">
+					<string>LDAP Realm</string>
+				</property>
+			</widget>
+			<widget class="KLineEdit" row="6" column="2">
+				<property name="name">
 					<cstring>ldapAdminRealm</cstring>
 				</property>
 			</widget>
-			<spacer row="6" column="1">
+			<spacer row="7" column="1">
 				<property name="name">
 					<cstring>Spacer6</cstring>
 				</property>
diff --git a/src/realmwizard.cpp b/src/realmwizard.cpp
index a8c9b81..fa720c2 100644
--- a/src/realmwizard.cpp
+++ b/src/realmwizard.cpp
@@ -202,7 +202,8 @@ void RealmWizard::accept() {
 	// Try to create realm
 	TQString errorString;
 	// RAJA FIXME
-	if (m_controller->createNewLDAPRealm(this, m_realmconfig, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text(), &errorString) == 0) {
+	// root account should not be locked to "admin"!
+	if (m_controller->createNewLDAPRealm(this, m_realmconfig, finishpage->ldapAdminUsername->text(), finishpage->ldapAdminGroupname->text(), finishpage->ldapAdminPassword->password(), "admin", finishpage->ldapAdminPassword->password(), finishpage->ldapAdminRealm->text(), &errorString) == 0) {
 		done(0);
 	}
 	else {
diff --git a/src/sha1.cc b/src/sha1.cc
new file mode 100644
index 0000000..3f5dbd9
--- /dev/null
+++ b/src/sha1.cc
@@ -0,0 +1,433 @@
+/* This file is part of the KDE project
+   Copyright (C) 2001 George Staikos <staikos@kde.org>
+   Based heavily on SHA1 code from GPG 1.0.3 (C) 1998 FSF
+ 
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public
+   License as published by the Free Software Foundation; either
+   version 2 of the License, or (at your option) any later version.
+ 
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+ 
+   You should have received a copy of the GNU Library General Public License
+   along with this library; see the file COPYING.LIB.  If not, write to
+   the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+   Boston, MA 02110-1301, USA.
+*/
+
+#include <config.h>
+
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_STDINT_H
+#include <stdint.h> /* For uintXX_t on OSX */
+#endif
+#ifdef HAVE_SYS_BITYPES_H
+#include <sys/bitypes.h> /* For uintXX_t on Tru64 */
+#endif
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+
+#include "sha1.h"
+#include <string.h>
+
+// FIXME: this can be optimized to one instruction on most cpus.
+#define rol(x,y) ((x << y) | (x >> (32-y)))
+
+
+#define K1 0x5a827999L
+#define K2 0x6ed9eba1L
+#define K3 0x8f1bbcdcL
+#define K4 0xca62c1d6L
+#define F1(x,y,z) ( z ^ ( x & ( y ^ z ) ) )
+#define F2(x,y,z) ( x ^ y ^ z )
+#define F3(x,y,z) ( ( x & y ) | ( z & ( x | y ) ) )
+#define F4(x,y,z) ( x ^ y ^ z )
+
+#define M(i) ( tm = x[i&0x0f] ^ x[(i-14)&0x0f]            \
+                  ^ x[(i-8)&0x0f] ^ x[(i-3)&0x0f]         \
+                  , (x[i&0x0f] = (tm << 1) | (tm >> 31)))
+
+#define R(a,b,c,d,e,f,k,m)   do { e += rol(a, 5)          \
+                                    +  f(b, c, d)         \
+                                    +  k                  \
+                                    +  m;                 \
+                                  b  = rol(b, 30);        \
+                                } while(0)
+
+const char Base64EncMap[64] =
+{
+  0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48,
+  0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F, 0x50,
+  0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58,
+  0x59, 0x5A, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
+  0x67, 0x68, 0x69, 0x6A, 0x6B, 0x6C, 0x6D, 0x6E,
+  0x6F, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76,
+  0x77, 0x78, 0x79, 0x7A, 0x30, 0x31, 0x32, 0x33,
+  0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x2B, 0x2F
+};
+
+void base64Encode( const TQByteArray& in, TQByteArray& out, bool insertLFs )
+{
+    // clear out the output buffer
+    out.resize (0);
+    if ( in.isEmpty() )
+        return;
+
+    unsigned int sidx = 0;
+    unsigned int didx = 0;
+    const char* data = in.data();
+    const unsigned int len = in.size();
+
+    unsigned int out_len = ((len+2)/3)*4;
+
+    // Deal with the 76 characters or less per
+    // line limit specified in RFC 2045 on a
+    // pre request basis.
+    insertLFs = (insertLFs && out_len > 76);
+    if ( insertLFs )
+      out_len += ((out_len-1)/76);
+
+    int count = 0;
+    out.resize( out_len );
+
+    // 3-byte to 4-byte conversion + 0-63 to ascii printable conversion
+    if ( len > 1 )
+    {
+        while (sidx < len-2)
+        {
+            if ( insertLFs )
+            {
+                if ( count && (count%76) == 0 )
+                    out[didx++] = '\n';
+                count += 4;
+            }
+            out[didx++] = Base64EncMap[(data[sidx] >> 2) & 077];
+            out[didx++] = Base64EncMap[(data[sidx+1] >> 4) & 017 |
+                                       (data[sidx] << 4) & 077];
+            out[didx++] = Base64EncMap[(data[sidx+2] >> 6) & 003 |
+                                       (data[sidx+1] << 2) & 077];
+            out[didx++] = Base64EncMap[data[sidx+2] & 077];
+            sidx += 3;
+        }
+    }
+
+    if (sidx < len)
+    {
+        if ( insertLFs && (count > 0) && (count%76) == 0 )
+           out[didx++] = '\n';
+
+        out[didx++] = Base64EncMap[(data[sidx] >> 2) & 077];
+        if (sidx < len-1)
+        {
+            out[didx++] = Base64EncMap[(data[sidx+1] >> 4) & 017 |
+                                       (data[sidx] << 4) & 077];
+            out[didx++] = Base64EncMap[(data[sidx+1] << 2) & 077];
+        }
+        else
+        {
+            out[didx++] = Base64EncMap[(data[sidx] << 4) & 077];
+        }
+    }
+
+    // Add padding
+    while (didx < out.size())
+    {
+        out[didx] = '=';
+        didx++;
+    }
+}
+
+SHA1::SHA1() {
+	_hashlen = 160;
+	_init = false;
+	reset();
+}
+
+
+int SHA1::reset() {
+	_h0 = 0x67452301;
+	_h1 = 0xefcdab89;
+	_h2 = 0x98badcfe;
+	_h3 = 0x10325476;
+	_h4 = 0xc3d2e1f0;
+	_nblocks = 0;
+	_count = 0;
+	memset(_buf, 0, 56);      // clear the buffer
+
+	_init = true;
+	return 0;
+}
+
+
+int SHA1::size() const {
+	return _hashlen;
+}
+
+
+SHA1::~SHA1() {
+
+}
+
+
+void SHA1::transform(void *data) {
+	unsigned int a, b, c, d, e, tm;
+	unsigned int x[16];
+	unsigned char *_data = (unsigned char *)data;
+
+	a = _h0;
+	b = _h1;
+	c = _h2;
+	d = _h3;
+	e = _h4;
+
+#ifdef WORDS_BIGENDIAN
+	memcpy(x, _data, 64);
+#else
+	int i;
+	unsigned char *p2;
+	for (i = 0, p2 = (unsigned char *)x;
+			i < 16; i++, p2 += 4) {
+		p2[3] = *_data++;
+		p2[2] = *_data++;
+		p2[1] = *_data++;
+		p2[0] = *_data++;
+	}
+#endif
+
+	R(a, b, c, d, e, F1, K1, x[ 0]);
+	R(e, a, b, c, d, F1, K1, x[ 1]);
+	R(d, e, a, b, c, F1, K1, x[ 2]);
+	R(c, d, e, a, b, F1, K1, x[ 3]);
+	R(b, c, d, e, a, F1, K1, x[ 4]);
+	R(a, b, c, d, e, F1, K1, x[ 5]);
+	R(e, a, b, c, d, F1, K1, x[ 6]);
+	R(d, e, a, b, c, F1, K1, x[ 7]);
+	R(c, d, e, a, b, F1, K1, x[ 8]);
+	R(b, c, d, e, a, F1, K1, x[ 9]);
+	R(a, b, c, d, e, F1, K1, x[10]);
+	R(e, a, b, c, d, F1, K1, x[11]);
+	R(d, e, a, b, c, F1, K1, x[12]);
+	R(c, d, e, a, b, F1, K1, x[13]);
+	R(b, c, d, e, a, F1, K1, x[14]);
+	R(a, b, c, d, e, F1, K1, x[15]);
+	R(e, a, b, c, d, F1, K1, M(16));
+	R(d, e, a, b, c, F1, K1, M(17));
+	R(c, d, e, a, b, F1, K1, M(18));
+	R(b, c, d, e, a, F1, K1, M(19));
+	R(a, b, c, d, e, F2, K2, M(20));
+	R(e, a, b, c, d, F2, K2, M(21));
+	R(d, e, a, b, c, F2, K2, M(22));
+	R(c, d, e, a, b, F2, K2, M(23));
+	R(b, c, d, e, a, F2, K2, M(24));
+	R(a, b, c, d, e, F2, K2, M(25));
+	R(e, a, b, c, d, F2, K2, M(26));
+	R(d, e, a, b, c, F2, K2, M(27));
+	R(c, d, e, a, b, F2, K2, M(28));
+	R(b, c, d, e, a, F2, K2, M(29));
+	R(a, b, c, d, e, F2, K2, M(30));
+	R(e, a, b, c, d, F2, K2, M(31));
+	R(d, e, a, b, c, F2, K2, M(32));
+	R(c, d, e, a, b, F2, K2, M(33));
+	R(b, c, d, e, a, F2, K2, M(34));
+	R(a, b, c, d, e, F2, K2, M(35));
+	R(e, a, b, c, d, F2, K2, M(36));
+	R(d, e, a, b, c, F2, K2, M(37));
+	R(c, d, e, a, b, F2, K2, M(38));
+	R(b, c, d, e, a, F2, K2, M(39));
+	R(a, b, c, d, e, F3, K3, M(40));
+	R(e, a, b, c, d, F3, K3, M(41));
+	R(d, e, a, b, c, F3, K3, M(42));
+	R(c, d, e, a, b, F3, K3, M(43));
+	R(b, c, d, e, a, F3, K3, M(44));
+	R(a, b, c, d, e, F3, K3, M(45));
+	R(e, a, b, c, d, F3, K3, M(46));
+	R(d, e, a, b, c, F3, K3, M(47));
+	R(c, d, e, a, b, F3, K3, M(48));
+	R(b, c, d, e, a, F3, K3, M(49));
+	R(a, b, c, d, e, F3, K3, M(50));
+	R(e, a, b, c, d, F3, K3, M(51));
+	R(d, e, a, b, c, F3, K3, M(52));
+	R(c, d, e, a, b, F3, K3, M(53));
+	R(b, c, d, e, a, F3, K3, M(54));
+	R(a, b, c, d, e, F3, K3, M(55));
+	R(e, a, b, c, d, F3, K3, M(56));
+	R(d, e, a, b, c, F3, K3, M(57));
+	R(c, d, e, a, b, F3, K3, M(58));
+	R(b, c, d, e, a, F3, K3, M(59));
+	R(a, b, c, d, e, F4, K4, M(60));
+	R(e, a, b, c, d, F4, K4, M(61));
+	R(d, e, a, b, c, F4, K4, M(62));
+	R(c, d, e, a, b, F4, K4, M(63));
+	R(b, c, d, e, a, F4, K4, M(64));
+	R(a, b, c, d, e, F4, K4, M(65));
+	R(e, a, b, c, d, F4, K4, M(66));
+	R(d, e, a, b, c, F4, K4, M(67));
+	R(c, d, e, a, b, F4, K4, M(68));
+	R(b, c, d, e, a, F4, K4, M(69));
+	R(a, b, c, d, e, F4, K4, M(70));
+	R(e, a, b, c, d, F4, K4, M(71));
+	R(d, e, a, b, c, F4, K4, M(72));
+	R(c, d, e, a, b, F4, K4, M(73));
+	R(b, c, d, e, a, F4, K4, M(74));
+	R(a, b, c, d, e, F4, K4, M(75));
+	R(e, a, b, c, d, F4, K4, M(76));
+	R(d, e, a, b, c, F4, K4, M(77));
+	R(c, d, e, a, b, F4, K4, M(78));
+	R(b, c, d, e, a, F4, K4, M(79));
+
+	_h0 += a;
+	_h1 += b;
+	_h2 += c;
+	_h3 += d;
+	_h4 += e;
+
+}
+
+
+bool SHA1::readyToGo() const {
+	return _init;
+}
+
+
+int SHA1::process(const void *block, int len) {
+	if (!_init) {
+		return -1;
+	}
+
+	unsigned char *_block = (unsigned char *)block;
+
+	int cnt = 0;
+	// Flush the buffer before proceeding
+	if (_count == 64) {
+		transform(_buf);
+		_count = 0;
+		_nblocks++;
+	}
+
+	if (!_block) {
+		return 0;
+	}
+
+	if (_count) {
+		for (; len && _count < 64; len--, cnt++) {
+			_buf[_count++] = *_block++;
+		}
+		process(0, 0);       // flush the buffer if necessary
+		if (!len) {
+			return cnt;
+		}
+	}
+
+	while (len >= 64) {
+		transform(_block);
+		_count = 0;
+		_nblocks++;
+		len -= 64;
+		cnt += 64;
+		_block += 64;
+	}
+
+	for (; len && _count < 64; len--, cnt++) {
+		_buf[_count++] = *_block++;
+	}
+
+	return cnt;
+}
+
+
+const unsigned char *SHA1::hash() {
+	unsigned int t, msb, lsb;
+	unsigned char *p;
+
+
+	if (!_init) {
+		return (unsigned char *)_buf;
+	}
+
+	process(0, 0);
+
+	msb = 0;
+	t = _nblocks;
+
+	if ((lsb = t << 6) < t) {
+		msb++;
+	}
+
+	msb += t >> 26;
+	t = lsb;
+
+	if ((lsb = t + _count) < t) {
+		msb++;
+	}
+
+	t = lsb;
+
+	if ((lsb = t << 3) < t) {
+		msb++;
+	}
+
+	msb += t >> 29;
+
+	_buf[_count++] = 0x80;
+
+	if (_count < 56) {
+		while (_count < 56) {
+			_buf[_count++] = 0;
+		}
+	} else {
+		while (_count < 64) {
+			_buf[_count++] = 0;
+		}
+		process(0, 0);
+		memset(_buf, 0, 56);
+	}
+
+	_buf[56] = msb >> 24;
+	_buf[57] = msb >> 16;
+	_buf[58] = msb >>  8;
+	_buf[59] = msb;
+	_buf[60] = lsb >> 24;
+	_buf[61] = lsb >> 16;
+	_buf[62] = lsb >>  8;
+	_buf[63] = lsb;
+
+	transform(_buf);
+
+	p = _buf;
+
+#ifdef WORDS_BIGENDIAN
+#define X( a ) do { *( uint32_t * )p = _h##a; p += 4; } while ( 0 )
+#else
+#define X(a) do { *p++ = _h##a >> 24;  *p++ = _h##a >> 16;             \
+			*p++ = _h##a >>  8;  *p++ = _h##a;        } while (0)
+#endif
+
+		X(0);
+	X(1);
+	X(2);
+	X(3);
+	X(4);
+
+#undef X
+
+	_init = false;
+
+	return (unsigned char *)_buf;
+}
+
+TQString SHA1::base64Hash()
+{
+    const char * output = (const char *)hash();
+    TQByteArray binhash(20);
+    TQByteArray enchash(28);
+    memcpy(binhash.data(), output, 20);
+    base64Encode(binhash, enchash, false);
+    return TQString(enchash);
+}
+
diff --git a/src/sha1.h b/src/sha1.h
new file mode 100644
index 0000000..0341827
--- /dev/null
+++ b/src/sha1.h
@@ -0,0 +1,74 @@
+/* This file is part of the KDE project
+   Copyright (C) 2001 George Staikos <staikos@kde.org>
+   Based heavily on SHA1 code from GPG 1.0.3 (C) 1998 FSF
+ 
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public
+   License as published by the Free Software Foundation; either
+   version 2 of the License, or (at your option) any later version.
+ 
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+ 
+   You should have received a copy of the GNU Library General Public License
+   along with this library; see the file COPYING.LIB.  If not, write to
+   the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+   Boston, MA 02110-1301, USA.
+*/
+
+
+#ifndef __sha1__ko__h
+#define __sha1__ko__h
+
+#include <tqstring.h>
+
+/* @internal
+ */
+class SHA1 {
+	public:
+		SHA1();
+		virtual ~SHA1();
+
+		/*
+		 *  The number of bits in the hash generated.
+		 */
+		virtual int size() const;
+
+		/*
+		 *  True if all settings are good and we are ready to hash.
+		 */
+		virtual bool readyToGo() const;
+
+		/*
+		 *  Process a block of data for the hash function.
+		 */
+		virtual int process(const void *block, int len);
+
+		/*
+		 *  Return the digest as a 20 byte array reference.
+		 *  Calling this makes readyToGo() == false.
+		 */
+		virtual const unsigned char *hash();
+
+		TQString base64Hash();
+
+		/*
+		 *  Reset the digest so a new one can be calculated.
+		 */
+		virtual int reset();
+
+	protected:
+		int _hashlen;
+		bool _init;
+
+		long _h0, _h1, _h2, _h3, _h4;
+		long _nblocks;
+		int _count;
+		unsigned char _buf[64];
+		void transform(void *data);
+};
+
+
+#endif