Use shared realm certificate file name to allow syncrepl to work

pull/1/head
Timothy Pearson 12 years ago
parent c1ea876011
commit a8d5dff35b

@ -1 +1 @@
Subproject commit 65ecce459d54e772303052de50d08557ba9cc7ed Subproject commit 4027b878fb556a51ed29affd578e78aa70997480

@ -122,9 +122,9 @@ int main(int argc, char *argv[])
TQDateTime soon = now.addDays(7); // Keep in sync with src/ldapcontroller.cpp TQDateTime soon = now.addDays(7); // Keep in sync with src/ldapcontroller.cpp
TQString kdc_certfile = KERBEROS_PKI_KDC_FILE; TQString kdc_certfile = KERBEROS_PKI_KDC_FILE;
kdc_certfile.replace("@@@KDCSERVER@@@", m_realmconfig[m_defaultRealm].kdc); kdc_certfile.replace("@@@KDCSERVER@@@", m_realmconfig[m_defaultRealm].name.lower());
TQString ldap_certfile = LDAP_CERT_FILE; TQString ldap_certfile = LDAP_CERT_FILE;
ldap_certfile.replace("@@@ADMINSERVER@@@", m_realmconfig[m_defaultRealm].admin_server); ldap_certfile.replace("@@@ADMINSERVER@@@", m_realmconfig[m_defaultRealm].name.lower());
// Certificate Authority // Certificate Authority
TQString fqdn = LDAPManager::getMachineFQDN(); TQString fqdn = LDAPManager::getMachineFQDN();

@ -493,9 +493,9 @@ void LDAPController::updateCertDisplay() {
TQDateTime soon = now.addDays(7); // Keep in sync with cert-updater/main.cpp TQDateTime soon = now.addDays(7); // Keep in sync with cert-updater/main.cpp
TQString kdc_certfile = KERBEROS_PKI_KDC_FILE; TQString kdc_certfile = KERBEROS_PKI_KDC_FILE;
kdc_certfile.replace("@@@KDCSERVER@@@", m_realmconfig[m_defaultRealm].kdc); kdc_certfile.replace("@@@KDCSERVER@@@", m_realmconfig[m_defaultRealm].name.lower());
TQString ldap_certfile = LDAP_CERT_FILE; TQString ldap_certfile = LDAP_CERT_FILE;
ldap_certfile.replace("@@@ADMINSERVER@@@", m_realmconfig[m_defaultRealm].admin_server); ldap_certfile.replace("@@@ADMINSERVER@@@", m_realmconfig[m_defaultRealm].name.lower());
// Certificate Authority // Certificate Authority
if (TQFile::exists(KERBEROS_PKI_PEM_FILE)) { if (TQFile::exists(KERBEROS_PKI_PEM_FILE)) {
@ -642,7 +642,7 @@ void LDAPController::btnkrbRegenerate() {
void LDAPController::btnkrbExportKey() { void LDAPController::btnkrbExportKey() {
TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE; TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE;
kdc_keyfile.replace("@@@KDCSERVER@@@", m_realmconfig[m_defaultRealm].kdc); kdc_keyfile.replace("@@@KDCSERVER@@@", m_realmconfig[m_defaultRealm].name.lower());
KURL src = kdc_keyfile; KURL src = kdc_keyfile;
KURL dest = KFileDialog::getSaveURL(TQString::null, "*.key|Private Key (*.key)", this, i18n("Select a location to save a copy of the private key...")); KURL dest = KFileDialog::getSaveURL(TQString::null, "*.key|Private Key (*.key)", this, i18n("Select a location to save a copy of the private key..."));
@ -654,7 +654,7 @@ void LDAPController::btnkrbExportKey() {
void LDAPController::btnkrbExportCert() { void LDAPController::btnkrbExportCert() {
TQString kdc_certfile = KERBEROS_PKI_KDC_FILE; TQString kdc_certfile = KERBEROS_PKI_KDC_FILE;
kdc_certfile.replace("@@@KDCSERVER@@@", m_realmconfig[m_defaultRealm].kdc); kdc_certfile.replace("@@@KDCSERVER@@@", m_realmconfig[m_defaultRealm].name.lower());
KURL src = kdc_certfile; KURL src = kdc_certfile;
KURL dest = KFileDialog::getSaveURL(TQString::null, "*.pem|PKI Certificate Files (*.pem)", this, i18n("Select a location to save a copy of the certificate...")); KURL dest = KFileDialog::getSaveURL(TQString::null, "*.pem|PKI Certificate Files (*.pem)", this, i18n("Select a location to save a copy of the certificate..."));
@ -681,7 +681,7 @@ void LDAPController::btnldapRegenerate() {
void LDAPController::btnldapExportKey() { void LDAPController::btnldapExportKey() {
TQString ldap_keyfile = LDAP_CERTKEY_FILE; TQString ldap_keyfile = LDAP_CERTKEY_FILE;
ldap_keyfile.replace("@@@ADMINSERVER@@@", m_realmconfig[m_defaultRealm].admin_server); ldap_keyfile.replace("@@@ADMINSERVER@@@", m_realmconfig[m_defaultRealm].name.lower());
KURL src = ldap_keyfile; KURL src = ldap_keyfile;
KURL dest = KFileDialog::getSaveURL(TQString::null, "*.key|Private Key (*.key)", this, i18n("Select a location to save a copy of the private key...")); KURL dest = KFileDialog::getSaveURL(TQString::null, "*.key|Private Key (*.key)", this, i18n("Select a location to save a copy of the private key..."));
@ -693,7 +693,7 @@ void LDAPController::btnldapExportKey() {
void LDAPController::btnldapExportCert() { void LDAPController::btnldapExportCert() {
TQString ldap_certfile = LDAP_CERT_FILE; TQString ldap_certfile = LDAP_CERT_FILE;
ldap_certfile.replace("@@@ADMINSERVER@@@", m_realmconfig[m_defaultRealm].admin_server); ldap_certfile.replace("@@@ADMINSERVER@@@", m_realmconfig[m_defaultRealm].name.lower());
KURL src = ldap_certfile; KURL src = ldap_certfile;
KURL dest = KFileDialog::getSaveURL(TQString::null, "*.pem|PKI Certificate Files (*.pem)", this, i18n("Select a location to save a copy of the certificate...")); KURL dest = KFileDialog::getSaveURL(TQString::null, "*.pem|PKI Certificate Files (*.pem)", this, i18n("Select a location to save a copy of the certificate..."));
@ -1009,10 +1009,10 @@ void replacePlaceholdersInFile(TQString infile, TQString outfile, LDAPRealmConfi
TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE; TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE;
TQString ldap_certfile = LDAP_CERT_FILE; TQString ldap_certfile = LDAP_CERT_FILE;
TQString ldap_keyfile = LDAP_CERTKEY_FILE; TQString ldap_keyfile = LDAP_CERTKEY_FILE;
kdc_certfile.replace("@@@KDCSERVER@@@", realmconfig.kdc); kdc_certfile.replace("@@@KDCSERVER@@@", realmconfig.name.lower());
kdc_keyfile.replace("@@@KDCSERVER@@@", realmconfig.kdc); kdc_keyfile.replace("@@@KDCSERVER@@@", realmconfig.name.lower());
ldap_certfile.replace("@@@ADMINSERVER@@@", realmconfig.admin_server); ldap_certfile.replace("@@@ADMINSERVER@@@", realmconfig.name.lower());
ldap_keyfile.replace("@@@ADMINSERVER@@@", realmconfig.admin_server); ldap_keyfile.replace("@@@ADMINSERVER@@@", realmconfig.name.lower());
TQFile ifile(infile); TQFile ifile(infile);
TQFile ofile(outfile); TQFile ofile(outfile);
@ -1026,9 +1026,9 @@ void replacePlaceholdersInFile(TQString infile, TQString outfile, LDAPRealmConfi
line.replace("@@@REALM_DCNAME@@@", basedcname); line.replace("@@@REALM_DCNAME@@@", basedcname);
line.replace("@@@REALM_UCNAME@@@", realmconfig.name.upper()); line.replace("@@@REALM_UCNAME@@@", realmconfig.name.upper());
line.replace("@@@REALM_LCNAME@@@", realmconfig.name.lower()); line.replace("@@@REALM_LCNAME@@@", realmconfig.name.lower());
line.replace("@@@ADMINSERVER@@@", realmconfig.admin_server); line.replace("@@@ADMINSERVER@@@", realmconfig.name.lower());
line.replace("@@@ADMINPORT@@@", TQString("%1").arg(realmconfig.admin_server_port)); line.replace("@@@ADMINPORT@@@", TQString("%1").arg(realmconfig.admin_server_port));
line.replace("@@@KDCSERVER@@@", realmconfig.kdc); line.replace("@@@KDCSERVER@@@", realmconfig.name.lower());
line.replace("@@@KDCPORT@@@", TQString("%1").arg(realmconfig.kdc_port)); line.replace("@@@KDCPORT@@@", TQString("%1").arg(realmconfig.kdc_port));
line.replace("@@@ROOTUSER@@@", rootUserName); line.replace("@@@ROOTUSER@@@", rootUserName);
line.replace("@@@ROOTPW_SHA@@@", rootpw_hash); line.replace("@@@ROOTPW_SHA@@@", rootpw_hash);
@ -1564,9 +1564,9 @@ int LDAPController::createRealmCertificates(LDAPCertConfig certinfo, LDAPRealmCo
TQString kdc_certfile = KERBEROS_PKI_KDC_FILE; TQString kdc_certfile = KERBEROS_PKI_KDC_FILE;
TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE; TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE;
TQString kdc_reqfile = KERBEROS_PKI_KDCREQ_FILE; TQString kdc_reqfile = KERBEROS_PKI_KDCREQ_FILE;
kdc_certfile.replace("@@@KDCSERVER@@@", realmconfig.kdc); kdc_certfile.replace("@@@KDCSERVER@@@", realmconfig.name.lower());
kdc_keyfile.replace("@@@KDCSERVER@@@", realmconfig.kdc); kdc_keyfile.replace("@@@KDCSERVER@@@", realmconfig.name.lower());
kdc_reqfile.replace("@@@KDCSERVER@@@", realmconfig.kdc); kdc_reqfile.replace("@@@KDCSERVER@@@", realmconfig.name.lower());
command = TQString("openssl genrsa -out %1 %2").arg(kdc_keyfile).arg(KEY_STRENGTH); command = TQString("openssl genrsa -out %1 %2").arg(kdc_keyfile).arg(KEY_STRENGTH);
system_safe(command); system_safe(command);
chmod(kdc_keyfile.ascii(), S_IRUSR|S_IWUSR); chmod(kdc_keyfile.ascii(), S_IRUSR|S_IWUSR);
@ -1578,9 +1578,9 @@ int LDAPController::createRealmCertificates(LDAPCertConfig certinfo, LDAPRealmCo
TQString ldap_certfile = LDAP_CERT_FILE; TQString ldap_certfile = LDAP_CERT_FILE;
TQString ldap_keyfile = LDAP_CERTKEY_FILE; TQString ldap_keyfile = LDAP_CERTKEY_FILE;
TQString ldap_reqfile = LDAP_CERTREQ_FILE; TQString ldap_reqfile = LDAP_CERTREQ_FILE;
ldap_certfile.replace("@@@ADMINSERVER@@@", realmconfig.admin_server); ldap_certfile.replace("@@@ADMINSERVER@@@", realmconfig.name.lower());
ldap_keyfile.replace("@@@ADMINSERVER@@@", realmconfig.admin_server); ldap_keyfile.replace("@@@ADMINSERVER@@@", realmconfig.name.lower());
ldap_reqfile.replace("@@@ADMINSERVER@@@", realmconfig.admin_server); ldap_reqfile.replace("@@@ADMINSERVER@@@", realmconfig.name.lower());
command = TQString("openssl genrsa -out %1 %2").arg(ldap_keyfile).arg(KEY_STRENGTH); command = TQString("openssl genrsa -out %1 %2").arg(ldap_keyfile).arg(KEY_STRENGTH);
system_safe(command); system_safe(command);
chmod(ldap_keyfile.ascii(), S_IRUSR|S_IWUSR); chmod(ldap_keyfile.ascii(), S_IRUSR|S_IWUSR);
@ -1865,12 +1865,12 @@ int LDAPController::createNewLDAPRealm(TQWidget* dialogparent, LDAPRealmConfig r
// Copy certificates // Copy certificates
TQString kdc_certfile = KERBEROS_PKI_KDC_FILE; TQString kdc_certfile = KERBEROS_PKI_KDC_FILE;
TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE; TQString kdc_keyfile = KERBEROS_PKI_KDCKEY_FILE;
kdc_certfile.replace("@@@KDCSERVER@@@", realmconfig.kdc); kdc_certfile.replace("@@@KDCSERVER@@@", realmconfig.name.lower());
kdc_keyfile.replace("@@@KDCSERVER@@@", realmconfig.kdc); kdc_keyfile.replace("@@@KDCSERVER@@@", realmconfig.name.lower());
TQString ldap_certfile = LDAP_CERT_FILE; TQString ldap_certfile = LDAP_CERT_FILE;
TQString ldap_keyfile = LDAP_CERTKEY_FILE; TQString ldap_keyfile = LDAP_CERTKEY_FILE;
ldap_certfile.replace("@@@ADMINSERVER@@@", realmconfig.admin_server); ldap_certfile.replace("@@@ADMINSERVER@@@", realmconfig.name.lower());
ldap_keyfile.replace("@@@ADMINSERVER@@@", realmconfig.admin_server); ldap_keyfile.replace("@@@ADMINSERVER@@@", realmconfig.name.lower());
// Copy files // Copy files
// FIXME // FIXME

Loading…
Cancel
Save