TDE
/
kcmldapcontroller
mirror of https://mirror.git.trinitydesktop.org/gitea/TDE/kcmldapcontroller
0
0
Fork 0
Code Issues Releases Wiki Activity

Don't attempt to access the LDAP server if the realm DC is blank

Browse Source 
If the realm DC is blank, it indicates that configuration has not reached
a point where connection to the LDAP server is possible.  Providing a blank
DC to LDAP will always result in an invalid DN error.

This resolves spurious popups when creating the first realm control server
in a given realm.

Signed-off-by: Timothy Pearson <kb9vqf@pearsoncomputing.net>
r14.1.x
Timothy Pearson 6 months ago committed by Timothy Pearson
parent 9011d2d03e
commit 1fb3a28fe6
1 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File

25
src/ldapcontroller.cpp
Unescape Escape View File

@ -531,7 +531,10 @@ void LDAPController::updateCertDisplay() {
credentials->username = "";
credentials->password = "";
credentials->realm = realmname;
LDAPManager* ldap_mgr = new LDAPManager(realmname, "ldapi://", credentials);
LDAPManager* ldap_mgr = NULL;
if (realmname != "") {
ldap_mgr = new LDAPManager(realmname, "ldapi://", credentials);
}
// Certificate Authority
if (TQFile::exists(KERBEROS_PKI_PEM_FILE)) {
@ -601,7 +604,7 @@ void LDAPController::updateCertDisplay() {
// Certificate Revocation List
TQByteArray certificateContents;
if (ldap_mgr->getTDECertificate("publicRootCertificateRevocationList", &certificateContents, NULL) == 0) {
if (ldap_mgr && ldap_mgr->getTDECertificate("publicRootCertificateRevocationList", &certificateContents, NULL) == 0) {
certExpiry = LDAPManager::getCertificateExpiration(certificateContents);
if (certExpiry >= now) {
m_base->crlExpiryString->setText("Expires " + certExpiry.toString());
@ -622,7 +625,9 @@ void LDAPController::updateCertDisplay() {
m_base->crlExpiryString->setPaletteForegroundColor(CERT_STATUS_COLOR_NOTFOUND);
}
delete ldap_mgr;
if (ldap_mgr) {
delete ldap_mgr;
}
}
void LDAPController::btncaSetMaster() {
@ -1055,9 +1060,13 @@ void LDAPController::save() {
credentials->username = "";
credentials->password = "";
credentials->realm = realmname;
LDAPManager* ldap_mgr = new LDAPManager(realmname, "ldapi://", credentials);
LDAPManager* ldap_mgr = NULL;
if (ldap_mgr->setLdapCertificateStoreAttribute("publicRootCRLIntervalDays", TQString("%1").arg(m_certconfig.caCrlExpiryDays), &errorstring) != 0) {
if (realmname != "") {
ldap_mgr = new LDAPManager(realmname, "ldapi://", credentials);
}
if (ldap_mgr && ldap_mgr->setLdapCertificateStoreAttribute("publicRootCRLIntervalDays", TQString("%1").arg(m_certconfig.caCrlExpiryDays), &errorstring) != 0) {
KMessageBox::error(this, i18n("<qt><b>Unable to update CRL interval entry in LDAP database</b><p>Details: %1</qt>").arg(errorstring), i18n("LDAP Update Failure"));
}
@ -1087,13 +1096,15 @@ void LDAPController::save() {
replicationSettings.ignore_ssl_failure = m_base->ignoreReplicationSSLFailures->isChecked();
if (ldap_mgr->setLDAPMasterReplicationSettings(replicationSettings, NULL) != 0) {
if (ldap_mgr && ldap_mgr->setLDAPMasterReplicationSettings(replicationSettings, NULL) != 0) {
// ERROR
}
}
}
delete ldap_mgr;
if (ldap_mgr) {
delete ldap_mgr;
}
load();
}

Write Preview
Loading…
Cancel
Save