diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 9ae53ed..1721bc5 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -4346,11 +4346,14 @@
TQString common_name = TQString::null;
if (user.name != "") {
- common_name = TQString("/uid=%1").arg(user.name);
+ // TODO
+ // Determine if uid or CN is the best identifier
+ // common_name = TQString("/uid=%1").arg(user.name);
+ common_name = TQString("/CN=%1").arg(user.name);
}
- subject = TQString("\"/CN=%1%2%3\"").arg(user.name).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
- command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(expirydays).arg(client_reqfile).arg(client_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
+ subject = TQString("\"%1%2\"").arg(openssldcForRealm(realmcfg.name)).arg(common_name);
+ command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(expirydays).arg(client_reqfile).arg(client_keyfile).arg(client_cfgfile).arg(subject);
if (system(command) < 0) {
if (errstr) *errstr = TQString("Execution of \"%s\" failed").arg(command);
return -1;
@@ -4913,6 +4916,12 @@
stream << "# This file was automatically generated by TDE\n";
stream << "# All changes will be lost!\n";
stream << "\n";
+ stream << "oid_section = new_oids" << "\n";
+ stream << "\n";
+ stream << "[new_oids]" << "\n";
+ stream << "uid = 0.9.2342.19200300.100.1.1" << "\n";
+ stream << "pkkdcekuoid = 1.3.6.1.5.2.3.5" << "\n";
+ stream << "\n";
stream << "[ca]" << "\n";
stream << "default_ca = certificate_authority" << "\n";
stream << "\n";
|