summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-09-03 06:31:38 +0000
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-09-03 06:31:38 +0000
commit0fce8b42b6e69cd01b1640799345d83129e0ee1d (patch)
tree71bc23752a3571d068e03ae2510b4575750f45e1
parentefb81441defd8685d0db0cc143137e8a4e7a35b1 (diff)
downloadlibtdeldap-0fce8b42.tar.gz
libtdeldap-0fce8b42.zip
Store CRL expiry in LDAP
-rw-r--r--src/libtdeldap.cpp37
-rw-r--r--src/libtdeldap.h1
2 files changed, 38 insertions, 0 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 8f6ad0c..950d653 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -2842,6 +2842,43 @@ int LDAPManager::setRealmCAMaster(TQString masterFQDN, TQString* errstr) {
}
}
+int LDAPManager::setLdapCertificateStoreAttribute(TQString attribute, TQString value, TQString* errstr) {
+ int retcode;
+ int i;
+
+ if (bind() < 0) {
+ return -1;
+ }
+ else {
+ // Assemble the LDAPMod structure
+ // We will replace any existing attributes with the new values
+ int number_of_parameters = 1; // 1 primary attribute
+ LDAPMod *mods[number_of_parameters+1];
+ set_up_attribute_operations(mods, number_of_parameters);
+
+ // Load LDAP modification requests from provided data structure
+ i=0;
+ add_single_attribute_operation(mods, &i, attribute, value);
+ LDAPMod *prevterm = mods[i];
+ mods[i] = NULL;
+
+ // Perform LDAP update
+ retcode = ldap_modify_ext_s(m_ldap, TQString("cn=certificate store,o=tde,cn=tde realm data,ou=master services,ou=core,ou=realm,%1").arg(m_basedc).ascii(), mods, NULL, NULL);
+
+ // Clean up
+ clean_up_attribute_operations(i, mods, prevterm, number_of_parameters);
+
+ if (retcode != LDAP_SUCCESS) {
+ if (errstr) *errstr = i18n("<qt>LDAP certificate store attribute modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
+ else KMessageBox::error(0, i18n("<qt>LDAP certificate store attribute modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+ return -2;
+ }
+ else {
+ return 0;
+ }
+ }
+}
+
// Special method, used when creating a new Kerberos realm
int LDAPManager::moveKerberosEntries(TQString newSuffix, TQString* errstr) {
int retcode;
diff --git a/src/libtdeldap.h b/src/libtdeldap.h
index d4c759f..0d08e59 100644
--- a/src/libtdeldap.h
+++ b/src/libtdeldap.h
@@ -526,6 +526,7 @@ class LDAPManager : public TQObject {
TQString getRealmCAMaster(TQString* errstr=0);
int setRealmCAMaster(TQString masterFQDN, TQString* errstr=0);
+ int setLdapCertificateStoreAttribute(TQString attribute, TQString value, TQString* errstr=0);
LDAPTDEBuiltinsInfo getTDEBuiltinMappings(TQString *errstr=0);
LDAPMasterReplicationInfo getLDAPMasterReplicationSettings(TQString *errstr=0);