summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-08-25 17:33:57 +0000
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-08-25 17:33:57 +0000
commit4df015f3265e825cf1375f8a68b3f096d56d084d (patch)
tree5223f829ad6eaabea8a40a1d12fbe26ed5c9559c
parent66331c5f8887fa0d8f1cbbcda7a2c094eacbe8b0 (diff)
downloadkcmldapcontroller-4df015f3.tar.gz
kcmldapcontroller-4df015f3.zip
Add certificate lifetime configuration options
-rw-r--r--src/ldapcontroller.cpp33
-rw-r--r--src/ldapcontroller.h4
-rw-r--r--src/ldapcontrollerconfigbase.ui97
3 files changed, 134 insertions, 0 deletions
diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp
index ad2e313..d88bd34 100644
--- a/src/ldapcontroller.cpp
+++ b/src/ldapcontroller.cpp
@@ -45,6 +45,7 @@
#include <tqcheckbox.h>
#include <ktempdir.h>
#include <kprocess.h>
+#include <knuminput.h>
#include <tdesu/process.h>
#include <libtdeldap.h>
#include <tdefiledialog.h>
@@ -143,6 +144,10 @@ LDAPController::LDAPController(TQWidget *parent, const char *name, const TQStrin
connect(m_base->multiMasterReplicationMappings, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(multiMasterReplicationHighlighted()));
connect(m_base->multiMasterReplicationMappings, TQT_SIGNAL(executed(TQListViewItem*)), this, TQT_SLOT(modifySelectedMultiMasterReplication()));
+ connect(m_base->advancedCaCertExpiry, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(caCertExpiryChanged()));
+ connect(m_base->advancedKerberosCertExpiry, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(kerberosCertExpiryChanged()));
+ connect(m_base->advancedLdapCertExpiry, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(ldapCertExpiryChanged()));
+
m_fqdn = LDAPManager::getMachineFQDN();
m_roleFullyConfigured = true;
@@ -378,6 +383,9 @@ void LDAPController::load() {
// Load cert config
m_systemconfig->setGroup("Certificates");
+ m_certconfig.caExpiryDays = m_systemconfig->readNumEntry("caExpiryDays", KERBEROS_PKI_PEMKEY_EXPIRY_DAYS);
+ m_certconfig.kerberosExpiryDays = m_systemconfig->readNumEntry("kerberosExpiryDays", KERBEROS_PKI_KRB_EXPIRY_DAYS);
+ m_certconfig.ldapExpiryDays = m_systemconfig->readNumEntry("ldapExpiryDays", KERBEROS_PKI_LDAP_EXPIRY_DAYS);
m_certconfig.countryName = m_systemconfig->readEntry("countryName");
m_certconfig.stateOrProvinceName = m_systemconfig->readEntry("stateOrProvinceName");
m_certconfig.localityName = m_systemconfig->readEntry("localityName");
@@ -461,6 +469,10 @@ void LDAPController::load() {
m_base->caSetMaster->setEnabled(true);
}
+ m_base->advancedCaCertExpiry->setValue(m_certconfig.caExpiryDays);
+ m_base->advancedKerberosCertExpiry->setValue(m_certconfig.kerberosExpiryDays);
+ m_base->advancedLdapCertExpiry->setValue(m_certconfig.ldapExpiryDays);
+
updateCertDisplay();
m_certRefreshTimer.start(60*1000);
}
@@ -908,6 +920,24 @@ void LDAPController::defaults() {
//
}
+void LDAPController::caCertExpiryChanged() {
+ m_certconfig.caExpiryDays = m_base->advancedCaCertExpiry->value();
+
+ emit(changed());
+}
+
+void LDAPController::kerberosCertExpiryChanged() {
+ m_certconfig.kerberosExpiryDays = m_base->advancedKerberosCertExpiry->value();
+
+ emit(changed());
+}
+
+void LDAPController::ldapCertExpiryChanged() {
+ m_certconfig.ldapExpiryDays = m_base->advancedLdapCertExpiry->value();
+
+ emit(changed());
+}
+
void LDAPController::save() {
TQString prevRole = m_systemconfig->readEntry("LDAPRole", "Workstation");
@@ -922,6 +952,9 @@ void LDAPController::save() {
// Write cert config
m_systemconfig->setGroup("Certificates");
+ m_systemconfig->writeEntry("caExpiryDays", m_certconfig.caExpiryDays);
+ m_systemconfig->writeEntry("kerberosExpiryDays", m_certconfig.kerberosExpiryDays);
+ m_systemconfig->writeEntry("ldapExpiryDays", m_certconfig.ldapExpiryDays);
m_systemconfig->writeEntry("countryName", m_certconfig.countryName);
m_systemconfig->writeEntry("stateOrProvinceName", m_certconfig.stateOrProvinceName);
m_systemconfig->writeEntry("localityName", m_certconfig.localityName);
diff --git a/src/ldapcontroller.h b/src/ldapcontroller.h
index bee45df..84bfc7c 100644
--- a/src/ldapcontroller.h
+++ b/src/ldapcontroller.h
@@ -90,6 +90,10 @@ class LDAPController: public TDECModule
void multiMasterReplicationHighlighted();
void modifySelectedMultiMasterReplication();
+ void caCertExpiryChanged();
+ void kerberosCertExpiryChanged();
+ void ldapCertExpiryChanged();
+
private:
int controlKAdminDaemon(sc_command command);
int controlSASLServer(sc_command command);
diff --git a/src/ldapcontrollerconfigbase.ui b/src/ldapcontrollerconfigbase.ui
index 3834e32..85a4a00 100644
--- a/src/ldapcontrollerconfigbase.ui
+++ b/src/ldapcontrollerconfigbase.ui
@@ -449,6 +449,103 @@
</widget>
</grid>
</widget>
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <widget class="TQGroupBox" row="1" column="0">
+ <property name="name">
+ <cstring>groupCertificateExpiry</cstring>
+ </property>
+ <property name="title">
+ <string>Certificate Lifetime (days)</string>
+ </property>
+ <grid>
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <widget class="TQLabel" row="0" column="0">
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <property name="text">
+ <string>Certificate Authority:</string>
+ </property>
+ </widget>
+ <widget class="KIntNumInput" row="0" column="1" >
+ <property name="name">
+ <cstring>advancedCaCertExpiry</cstring>
+ </property>
+ <property name="minValue">
+ <number>1</number>
+ </property>
+ <property name="maxValue">
+ <number>7200</number>
+ </property>
+ <property name="sizePolicy">
+ <sizepolicy>
+ <hsizetype>0</hsizetype>
+ <vsizetype>0</vsizetype>
+ <horstretch>0</horstretch>
+ <verstretch>0</verstretch>
+ </sizepolicy>
+ </property>
+ </widget>
+ <widget class="TQLabel" row="1" column="0">
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <property name="text">
+ <string>Kerberos:</string>
+ </property>
+ </widget>
+ <widget class="KIntNumInput" row="1" column="1" >
+ <property name="name">
+ <cstring>advancedKerberosCertExpiry</cstring>
+ </property>
+ <property name="minValue">
+ <number>1</number>
+ </property>
+ <property name="maxValue">
+ <number>7200</number>
+ </property>
+ <property name="sizePolicy">
+ <sizepolicy>
+ <hsizetype>0</hsizetype>
+ <vsizetype>0</vsizetype>
+ <horstretch>0</horstretch>
+ <verstretch>0</verstretch>
+ </sizepolicy>
+ </property>
+ </widget>
+ <widget class="TQLabel" row="2" column="0">
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <property name="text">
+ <string>LDAP TLS:</string>
+ </property>
+ </widget>
+ <widget class="KIntNumInput" row="2" column="1" >
+ <property name="name">
+ <cstring>advancedLdapCertExpiry</cstring>
+ </property>
+ <property name="minValue">
+ <number>1</number>
+ </property>
+ <property name="maxValue">
+ <number>7200</number>
+ </property>
+ <property name="sizePolicy">
+ <sizepolicy>
+ <hsizetype>0</hsizetype>
+ <vsizetype>0</vsizetype>
+ <horstretch>0</horstretch>
+ <verstretch>0</verstretch>
+ </sizepolicy>
+ </property>
+ </widget>
+ </grid>
+ </widget>
</grid>
</widget>
</widget>