From c14f2f4613cc75a6dd5ec0d1eebff9c855e40c46 Mon Sep 17 00:00:00 2001
From: Timothy Pearson <kb9vqf@pearsoncomputing.net>
Date: Thu, 3 Sep 2015 15:09:38 -0500
Subject: Add CRL support

---
 src/ldapbonding.cpp | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'src')

diff --git a/src/ldapbonding.cpp b/src/ldapbonding.cpp
index 85e1061..bf20050 100644
--- a/src/ldapbonding.cpp
+++ b/src/ldapbonding.cpp
@@ -276,6 +276,14 @@ void LDAPConfig::save() {
 			if (ldap_mgr->getTDECertificate("publicRootCertificate", KERBEROS_PKI_PUBLICDIR + m_realms[m_clientRealmConfig.defaultRealm].admin_server + ".ldap.crt", &errorstring) != 0) {
 				KMessageBox::sorry(this, i18n("<qt><b>Unable to obtain root certificate for realm %1!</b><p>Details: %2</qt>").arg(m_clientRealmConfig.defaultRealm.upper()).arg(errorstring), i18n("Unable to Obtain Certificate"));
 			}
+			if (ldap_mgr->installCACertificateInHostCAStore(&errorstring) != 0) {
+				KMessageBox::sorry(this, i18n("<qt><b>Unable to install root CA certificate for realm %1!</b><p>Details: %2</qt>").arg(m_clientRealmConfig.defaultRealm.upper()).arg(errorstring), i18n("Unable to Install Root CA"));
+			}
+
+			// Get and install the CA root CRL from LDAP
+			if (ldap_mgr->retrieveAndInstallCaCrl(ldap_mgr, &errorstring) != 0) {
+				KMessageBox::sorry(this, i18n("<qt><b>Unable to obtain root CRL for realm %1!</b><p>Details: %2</qt>").arg(m_clientRealmConfig.defaultRealm.upper()).arg(errorstring), i18n("Unable to Obtain CRL"));
+			}
 	
 			delete ldap_mgr;
 			delete credentials;
-- 
cgit v1.2.3