|
|
|
@ -126,8 +126,12 @@ TQString LDAPManager::ldapdnForRealm(TQString realm) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
TQString LDAPManager::openssldcForRealm(TQString realm) {
|
|
|
|
TQString LDAPManager::openssldcForRealm(TQString realm) {
|
|
|
|
|
|
|
|
TQStringList reversedDomainChunks;
|
|
|
|
TQStringList domainChunks = TQStringList::split(".", realm.lower());
|
|
|
|
TQStringList domainChunks = TQStringList::split(".", realm.lower());
|
|
|
|
TQString basedc = "DC=" + domainChunks.join("/DC=");
|
|
|
|
for (TQStringList::Iterator it = domainChunks.begin(); it != domainChunks.end(); it++) {
|
|
|
|
|
|
|
|
reversedDomainChunks.prepend(*it);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
TQString basedc = "DC=" + reversedDomainChunks.join("/DC=");
|
|
|
|
basedc = "/" + basedc;
|
|
|
|
basedc = "/" + basedc;
|
|
|
|
return basedc;
|
|
|
|
return basedc;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -3862,7 +3866,7 @@ int LDAPManager::generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAP
|
|
|
|
common_name = TQString("/CN=%1").arg(realmcfg.kdc);
|
|
|
|
common_name = TQString("/CN=%1").arg(realmcfg.kdc);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(common_name).arg(openssldcForRealm(realmcfg.name));
|
|
|
|
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
|
|
|
|
command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(certinfo.kerberosExpiryDays).arg(kdc_reqfile).arg(kdc_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
|
|
|
|
command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(certinfo.kerberosExpiryDays).arg(kdc_reqfile).arg(kdc_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
|
|
|
|
if (system(command) < 0) {
|
|
|
|
if (system(command) < 0) {
|
|
|
|
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
|
|
|
|
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
|
|
|
|
@ -3913,7 +3917,7 @@ int LDAPManager::generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPReal
|
|
|
|
common_name = TQString("/CN=%1").arg(realmcfg.kdc);
|
|
|
|
common_name = TQString("/CN=%1").arg(realmcfg.kdc);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(common_name).arg(openssldcForRealm(realmcfg.name));
|
|
|
|
subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
|
|
|
|
command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(certinfo.ldapExpiryDays).arg(ldap_reqfile).arg(ldap_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
|
|
|
|
command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(certinfo.ldapExpiryDays).arg(ldap_reqfile).arg(ldap_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
|
|
|
|
if (system(command) < 0) {
|
|
|
|
if (system(command) < 0) {
|
|
|
|
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
|
|
|
|
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
|
|
|
|
|
Timothy Pearson
9 years ago