Fix up cert-updater variable names

pull/1/head
Timothy Pearson 9 years ago
parent 2ab7d242de
commit 3ca881c599

@ -68,7 +68,7 @@ void signalHandler(int signum)
} }
} }
int get_certificate_from_server(TQString certificateName, LDAPRealmConfig realmcfg) int get_certificate_from_server(TQString certificateName, TQString certificateFileName, LDAPRealmConfig realmcfg)
{ {
int retcode = 0; int retcode = 0;
TQString errorstring; TQString errorstring;
@ -85,8 +85,8 @@ int get_certificate_from_server(TQString certificateName, LDAPRealmConfig realmc
ldap_mgr->writeSudoersConfFile(&errorstring); ldap_mgr->writeSudoersConfFile(&errorstring);
// Get and install the CA root certificate from LDAP // Get and install the CA root certificate from LDAP
printf("[INFO] Updating certificate %s from LDAP\n", certificateName.ascii()); printf("[INFO] Updating certificate %s from LDAP\n", certificateFileName.ascii());
if (ldap_mgr->getTDECertificate("publicRootCertificate", certificateName, &errorstring) != 0) { if (ldap_mgr->getTDECertificate(certificateName, certificateFileName, &errorstring) != 0) {
printf("[ERROR] Unable to obtain root certificate for realm %s: %s", realmcfg.name.upper().ascii(), errorstring.ascii()); printf("[ERROR] Unable to obtain root certificate for realm %s: %s", realmcfg.name.upper().ascii(), errorstring.ascii());
retcode = 1; retcode = 1;
} }
@ -154,18 +154,18 @@ int main(int argc, char *argv[])
LDAPRealmConfigList::Iterator it; LDAPRealmConfigList::Iterator it;
for (it = realms.begin(); it != realms.end(); ++it) { for (it = realms.begin(); it != realms.end(); ++it) {
LDAPRealmConfig realmcfg = it.data(); LDAPRealmConfig realmcfg = it.data();
TQString certificateName = KERBEROS_PKI_PUBLICDIR + realmcfg.admin_server + ".ldap.crt"; TQString certificateFileName = KERBEROS_PKI_PUBLICDIR + realmcfg.admin_server + ".ldap.crt";
TQDateTime certExpiry; TQDateTime certExpiry;
TQDateTime soon = now.addDays(7); // Keep in sync with src/ldapcontroller.cpp TQDateTime soon = now.addDays(7); // Keep in sync with src/ldapcontroller.cpp
if (TQFile::exists(certificateName)) { if (TQFile::exists(certificateFileName)) {
certExpiry = LDAPManager::getCertificateExpiration(certificateName); certExpiry = LDAPManager::getCertificateExpiration(certificateFileName);
if (certExpiry >= now) { if (certExpiry >= now) {
printf("[INFO] Certificate %s expires %s\n", certificateName.ascii(), certExpiry.toString().ascii()); fflush(stdout); printf("[INFO] Certificate %s expires %s\n", certificateFileName.ascii(), certExpiry.toString().ascii()); fflush(stdout);
} }
if ((certExpiry < now) || ((certExpiry >= now) && (certExpiry < soon))) { if ((certExpiry < now) || ((certExpiry >= now) && (certExpiry < soon))) {
if (get_certificate_from_server(certificateName, realmcfg) != 0) { if (get_certificate_from_server("publicRootCertificate", certificateFileName, realmcfg) != 0) {
allDownloadsOK = false; allDownloadsOK = false;
} }
} }
@ -176,7 +176,7 @@ int main(int argc, char *argv[])
else { else {
mkdir(TDE_CERTIFICATE_DIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH); mkdir(TDE_CERTIFICATE_DIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);
mkdir(KERBEROS_PKI_PUBLICDIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH); mkdir(KERBEROS_PKI_PUBLICDIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);
if (get_certificate_from_server(certificateName, realmcfg) != 0) { if (get_certificate_from_server("publicRootCertificate", certificateFileName, realmcfg) != 0) {
allDownloadsOK = false; allDownloadsOK = false;
} }
} }

Loading…
Cancel
Save