| 4df015f3 | 2015-08-25 12:33:57 | Timothy Pearson |
Add certificate lifetime configuration options |
||
|
M src/ldapcontroller.cpp M src/ldapcontroller.h M src/ldapcontrollerconfigbase.ui |
||
diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp
index ad2e313..d88bd34 100644
--- a/src/ldapcontroller.cpp
+++ b/src/ldapcontroller.cpp
@@ -45,6 +45,7 @@
#include <tqcheckbox.h>
#include <ktempdir.h>
#include <kprocess.h>
+#include <knuminput.h>
#include <tdesu/process.h>
#include <libtdeldap.h>
#include <tdefiledialog.h>
@@ -142,6 +143,10 @@
connect(m_base->multiMasterReplicationMappings, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(multiMasterReplicationHighlighted()));
connect(m_base->multiMasterReplicationMappings, TQT_SIGNAL(executed(TQListViewItem*)), this, TQT_SLOT(modifySelectedMultiMasterReplication()));
+
+ connect(m_base->advancedCaCertExpiry, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(caCertExpiryChanged()));
+ connect(m_base->advancedKerberosCertExpiry, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(kerberosCertExpiryChanged()));
+ connect(m_base->advancedLdapCertExpiry, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(ldapCertExpiryChanged()));
m_fqdn = LDAPManager::getMachineFQDN();
m_roleFullyConfigured = true;
@@ -378,6 +383,9 @@
// Load cert config
m_systemconfig->setGroup("Certificates");
+ m_certconfig.caExpiryDays = m_systemconfig->readNumEntry("caExpiryDays", KERBEROS_PKI_PEMKEY_EXPIRY_DAYS);
+ m_certconfig.kerberosExpiryDays = m_systemconfig->readNumEntry("kerberosExpiryDays", KERBEROS_PKI_KRB_EXPIRY_DAYS);
+ m_certconfig.ldapExpiryDays = m_systemconfig->readNumEntry("ldapExpiryDays", KERBEROS_PKI_LDAP_EXPIRY_DAYS);
m_certconfig.countryName = m_systemconfig->readEntry("countryName");
m_certconfig.stateOrProvinceName = m_systemconfig->readEntry("stateOrProvinceName");
m_certconfig.localityName = m_systemconfig->readEntry("localityName");
@@ -460,6 +468,10 @@
else {
m_base->caSetMaster->setEnabled(true);
}
+
+ m_base->advancedCaCertExpiry->setValue(m_certconfig.caExpiryDays);
+ m_base->advancedKerberosCertExpiry->setValue(m_certconfig.kerberosExpiryDays);
+ m_base->advancedLdapCertExpiry->setValue(m_certconfig.ldapExpiryDays);
updateCertDisplay();
m_certRefreshTimer.start(60*1000);
@@ -908,6 +920,24 @@
//
}
+void LDAPController::caCertExpiryChanged() {
+ m_certconfig.caExpiryDays = m_base->advancedCaCertExpiry->value();
+
+ emit(changed());
+}
+
+void LDAPController::kerberosCertExpiryChanged() {
+ m_certconfig.kerberosExpiryDays = m_base->advancedKerberosCertExpiry->value();
+
+ emit(changed());
+}
+
+void LDAPController::ldapCertExpiryChanged() {
+ m_certconfig.ldapExpiryDays = m_base->advancedLdapCertExpiry->value();
+
+ emit(changed());
+}
+
void LDAPController::save() {
TQString prevRole = m_systemconfig->readEntry("LDAPRole", "Workstation");
@@ -922,6 +952,9 @@
// Write cert config
m_systemconfig->setGroup("Certificates");
+ m_systemconfig->writeEntry("caExpiryDays", m_certconfig.caExpiryDays);
+ m_systemconfig->writeEntry("kerberosExpiryDays", m_certconfig.kerberosExpiryDays);
+ m_systemconfig->writeEntry("ldapExpiryDays", m_certconfig.ldapExpiryDays);
m_systemconfig->writeEntry("countryName", m_certconfig.countryName);
m_systemconfig->writeEntry("stateOrProvinceName", m_certconfig.stateOrProvinceName);
m_systemconfig->writeEntry("localityName", m_certconfig.localityName);
diff --git a/src/ldapcontroller.h b/src/ldapcontroller.h
index bee45df..84bfc7c 100644
--- a/src/ldapcontroller.h
+++ b/src/ldapcontroller.h
@@ -90,6 +90,10 @@
void multiMasterReplicationHighlighted();
void modifySelectedMultiMasterReplication();
+ void caCertExpiryChanged();
+ void kerberosCertExpiryChanged();
+ void ldapCertExpiryChanged();
+
private:
int controlKAdminDaemon(sc_command command);
int controlSASLServer(sc_command command);
diff --git a/src/ldapcontrollerconfigbase.ui b/src/ldapcontrollerconfigbase.ui
index 3834e32..85a4a00 100644
--- a/src/ldapcontrollerconfigbase.ui
+++ b/src/ldapcontrollerconfigbase.ui
@@ -449,6 +449,103 @@
</widget>
</grid>
</widget>
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <widget class="TQGroupBox" row="1" column="0">
+ <property name="name">
+ <cstring>groupCertificateExpiry</cstring>
+ </property>
+ <property name="title">
+ <string>Certificate Lifetime (days)</string>
+ </property>
+ <grid>
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <widget class="TQLabel" row="0" column="0">
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <property name="text">
+ <string>Certificate Authority:</string>
+ </property>
+ </widget>
+ <widget class="KIntNumInput" row="0" column="1" >
+ <property name="name">
+ <cstring>advancedCaCertExpiry</cstring>
+ </property>
+ <property name="minValue">
+ <number>1</number>
+ </property>
+ <property name="maxValue">
+ <number>7200</number>
+ </property>
+ <property name="sizePolicy">
+ <sizepolicy>
+ <hsizetype>0</hsizetype>
+ <vsizetype>0</vsizetype>
+ <horstretch>0</horstretch>
+ <verstretch>0</verstretch>
+ </sizepolicy>
+ </property>
+ </widget>
+ <widget class="TQLabel" row="1" column="0">
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <property name="text">
+ <string>Kerberos:</string>
+ </property>
+ </widget>
+ <widget class="KIntNumInput" row="1" column="1" >
+ <property name="name">
+ <cstring>advancedKerberosCertExpiry</cstring>
+ </property>
+ <property name="minValue">
+ <number>1</number>
+ </property>
+ <property name="maxValue">
+ <number>7200</number>
+ </property>
+ <property name="sizePolicy">
+ <sizepolicy>
+ <hsizetype>0</hsizetype>
+ <vsizetype>0</vsizetype>
+ <horstretch>0</horstretch>
+ <verstretch>0</verstretch>
+ </sizepolicy>
+ </property>
+ </widget>
+ <widget class="TQLabel" row="2" column="0">
+ <property name="name">
+ <cstring>unnamed</cstring>
+ </property>
+ <property name="text">
+ <string>LDAP TLS:</string>
+ </property>
+ </widget>
+ <widget class="KIntNumInput" row="2" column="1" >
+ <property name="name">
+ <cstring>advancedLdapCertExpiry</cstring>
+ </property>
+ <property name="minValue">
+ <number>1</number>
+ </property>
+ <property name="maxValue">
+ <number>7200</number>
+ </property>
+ <property name="sizePolicy">
+ <sizepolicy>
+ <hsizetype>0</hsizetype>
+ <vsizetype>0</vsizetype>
+ <horstretch>0</horstretch>
+ <verstretch>0</verstretch>
+ </sizepolicy>
+ </property>
+ </widget>
+ </grid>
+ </widget>
</grid>
</widget>
</widget>
|
||