diff options
| author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2025-09-29 22:37:04 -0500 |
|---|---|---|
| committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2025-10-05 14:48:09 -0500 |
| commit | 65f35eb4d99739393bbf5030cc0f29b14da6e418 (patch) | |
| tree | 31b2899b1f2e7451e958d025ca39b413fb7b3792 | |
| parent | 84cc11c9ed634acc6b9e2b4a1b84c80238848c98 (diff) | |
| download | kcmldapcontroller-65f35eb4d99739393bbf5030cc0f29b14da6e418.tar.gz kcmldapcontroller-65f35eb4d99739393bbf5030cc0f29b14da6e418.zip | |
Don't attempt to access the LDAP server if the realm DC is blank
If the realm DC is blank, it indicates that configuration has not reached
a point where connection to the LDAP server is possible. Providing a blank
DC to LDAP will always result in an invalid DN error.
This resolves spurious popups when creating the first realm control server
in a given realm.
Signed-off-by: Timothy Pearson <kb9vqf@pearsoncomputing.net>
| -rw-r--r-- | src/ldapcontroller.cpp | 25 |
1 files changed, 18 insertions, 7 deletions
diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp index 33aa245..e8465a4 100644 --- a/src/ldapcontroller.cpp +++ b/src/ldapcontroller.cpp @@ -531,7 +531,10 @@ void LDAPController::updateCertDisplay() { credentials->username = ""; credentials->password = ""; credentials->realm = realmname; - LDAPManager* ldap_mgr = new LDAPManager(realmname, "ldapi://", credentials); + LDAPManager* ldap_mgr = NULL; + if (realmname != "") { + ldap_mgr = new LDAPManager(realmname, "ldapi://", credentials); + } // Certificate Authority if (TQFile::exists(KERBEROS_PKI_PEM_FILE)) { @@ -601,7 +604,7 @@ void LDAPController::updateCertDisplay() { // Certificate Revocation List TQByteArray certificateContents; - if (ldap_mgr->getTDECertificate("publicRootCertificateRevocationList", &certificateContents, NULL) == 0) { + if (ldap_mgr && ldap_mgr->getTDECertificate("publicRootCertificateRevocationList", &certificateContents, NULL) == 0) { certExpiry = LDAPManager::getCertificateExpiration(certificateContents); if (certExpiry >= now) { m_base->crlExpiryString->setText("Expires " + certExpiry.toString()); @@ -622,7 +625,9 @@ void LDAPController::updateCertDisplay() { m_base->crlExpiryString->setPaletteForegroundColor(CERT_STATUS_COLOR_NOTFOUND); } - delete ldap_mgr; + if (ldap_mgr) { + delete ldap_mgr; + } } void LDAPController::btncaSetMaster() { @@ -1055,9 +1060,13 @@ void LDAPController::save() { credentials->username = ""; credentials->password = ""; credentials->realm = realmname; - LDAPManager* ldap_mgr = new LDAPManager(realmname, "ldapi://", credentials); + LDAPManager* ldap_mgr = NULL; - if (ldap_mgr->setLdapCertificateStoreAttribute("publicRootCRLIntervalDays", TQString("%1").arg(m_certconfig.caCrlExpiryDays), &errorstring) != 0) { + if (realmname != "") { + ldap_mgr = new LDAPManager(realmname, "ldapi://", credentials); + } + + if (ldap_mgr && ldap_mgr->setLdapCertificateStoreAttribute("publicRootCRLIntervalDays", TQString("%1").arg(m_certconfig.caCrlExpiryDays), &errorstring) != 0) { KMessageBox::error(this, i18n("<qt><b>Unable to update CRL interval entry in LDAP database</b><p>Details: %1</qt>").arg(errorstring), i18n("LDAP Update Failure")); } @@ -1087,13 +1096,15 @@ void LDAPController::save() { replicationSettings.ignore_ssl_failure = m_base->ignoreReplicationSSLFailures->isChecked(); - if (ldap_mgr->setLDAPMasterReplicationSettings(replicationSettings, NULL) != 0) { + if (ldap_mgr && ldap_mgr->setLDAPMasterReplicationSettings(replicationSettings, NULL) != 0) { // ERROR } } } - delete ldap_mgr; + if (ldap_mgr) { + delete ldap_mgr; + } load(); } |