summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-06-11 14:09:06 -0500
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2012-06-11 14:09:06 -0500
commitec23f4b717dc7e47e9000d2d135ac4914cc2180b (patch)
tree11f0f93fba577d68433fa8a5d0d177997eab0ac2 /src
parent02cfa8d8afb2c84b0683e4071f4482a54d2e459e (diff)
downloadkcmldapcontroller-ec23f4b717dc7e47e9000d2d135ac4914cc2180b.tar.gz
kcmldapcontroller-ec23f4b717dc7e47e9000d2d135ac4914cc2180b.zip
Move primary realm wizard sources to separate directory
Add cert-updater
Diffstat (limited to 'src')
-rw-r--r--src/Makefile.am8
-rw-r--r--src/ldapcontroller.cpp36
-rw-r--r--src/ldapcontroller.h3
-rw-r--r--src/primaryrealmwizard/Makefile.am5
-rw-r--r--src/primaryrealmwizard/certconfigpage.cpp (renamed from src/certconfigpage.cpp)0
-rw-r--r--src/primaryrealmwizard/certconfigpage.h (renamed from src/certconfigpage.h)0
-rw-r--r--src/primaryrealmwizard/certconfigpagedlg.ui (renamed from src/certconfigpagedlg.ui)0
-rw-r--r--src/primaryrealmwizard/realmconfigpage.cpp (renamed from src/realmconfigpage.cpp)0
-rw-r--r--src/primaryrealmwizard/realmconfigpage.h (renamed from src/realmconfigpage.h)0
-rw-r--r--src/primaryrealmwizard/realmconfigpagedlg.ui (renamed from src/realmconfigpagedlg.ui)0
-rw-r--r--src/primaryrealmwizard/realmfinishpage.cpp (renamed from src/realmfinishpage.cpp)0
-rw-r--r--src/primaryrealmwizard/realmfinishpage.h (renamed from src/realmfinishpage.h)0
-rw-r--r--src/primaryrealmwizard/realmfinishpagedlg.ui (renamed from src/realmfinishpagedlg.ui)0
-rw-r--r--src/primaryrealmwizard/realmintropage.cpp (renamed from src/realmintropage.cpp)0
-rw-r--r--src/primaryrealmwizard/realmintropage.h (renamed from src/realmintropage.h)0
-rw-r--r--src/primaryrealmwizard/realmintropagedlg.ui (renamed from src/realmintropagedlg.ui)0
-rw-r--r--src/primaryrealmwizard/realmwizard.cpp (renamed from src/realmwizard.cpp)3
-rw-r--r--src/primaryrealmwizard/realmwizard.h (renamed from src/realmwizard.h)0
18 files changed, 46 insertions, 9 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index da959c7..518370c 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,13 +1,13 @@
INCLUDES = $(all_includes) $(KDE_INCLUDES)/tde
METASOURCES = AUTO
+SUBDIRS = primaryrealmwizard
# Install this plugin in the KDE modules directory
kde_module_LTLIBRARIES = kcm_ldapcontroller.la
-kcm_ldapcontroller_la_SOURCES = ldapcontroller.cpp ldapcontrollerconfigbase.ui realmwizard.cpp realmintropagedlg.ui certconfigpagedlg.ui certconfigpage.cpp realmintropage.cpp realmconfigpagedlg.ui realmconfigpage.cpp realmfinishpagedlg.ui realmfinishpage.cpp processingdialog.cpp sha1.cc
-kcm_ldapcontroller_la_LIBADD = -lkio $(LIB_TDEUI) -ltdeldap
-kcm_ldapcontroller_la_LDFLAGS = -avoid-version -module -no-undefined \
- $(all_libraries)
+kcm_ldapcontroller_la_SOURCES = ldapcontroller.cpp ldapcontrollerconfigbase.ui processingdialog.cpp sha1.cc
+kcm_ldapcontroller_la_LIBADD = primaryrealmwizard/libprimaryrealmwizard.la -lkio $(LIB_TDEUI) -ltdeldap
+kcm_ldapcontroller_la_LDFLAGS = -avoid-version -module -no-undefined $(all_libraries)
xdg_apps_DATA = ldapcontroller.desktop
diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp
index 4f7ff1b..ff716aa 100644
--- a/src/ldapcontroller.cpp
+++ b/src/ldapcontroller.cpp
@@ -51,9 +51,11 @@
#include "sha1.h"
#include "ldapcontroller.h"
-#include "realmwizard.h"
+#include "primaryrealmwizard/realmwizard.h"
#include "processingdialog.h"
+#include "ldapcontrollerconfigbase.h"
+
// FIXME
// Connect this to CMake/Automake
#define KDE_CONFDIR "/etc/trinity"
@@ -76,6 +78,9 @@
#define KEY_STRENGTH 2048
+// RAJA FIXME
+// Certificate manager/updater (CLI, callable from crontab) still needs to be written...
+
typedef KGenericFactory<LDAPController, TQWidget> ldapFactory;
K_EXPORT_COMPONENT_FACTORY( kcm_ldapcontroller, ldapFactory("kcmldapcontroller"))
@@ -345,7 +350,7 @@ void LDAPController::load() {
void LDAPController::updateCertDisplay() {
TQDateTime certExpiry;
TQDateTime now = TQDateTime::currentDateTime();
- TQDateTime soon = now.addDays(7);
+ TQDateTime soon = now.addDays(7); // Keep in sync with cert-updater/main.cpp
TQString kdc_certfile = KERBEROS_PKI_KDC_FILE;
kdc_certfile.replace("@@@KDCSERVER@@@", m_realmconfig[m_defaultRealm].kdc);
@@ -397,7 +402,7 @@ void LDAPController::updateCertDisplay() {
}
// LDAP
- if (TQFile::exists(kdc_certfile)) {
+ if (TQFile::exists(ldap_certfile)) {
certExpiry = LDAPManager::getCertificateExpiration(ldap_certfile);
if (certExpiry >= now) {
m_base->ldapExpiryString->setText("Expires " + certExpiry.toString());
@@ -435,6 +440,8 @@ void LDAPController::btncaRegenerate() {
KMessageBox::error(0, i18n("<qt>Unable to upload new certificate to LDAP server!<p>%1</qt>").arg(errorstring), i18n("Internal Failure"));
}
+ delete ldap_mgr;
+
load();
}
@@ -1173,6 +1180,19 @@ int LDAPController::uploadKerberosCAFileToLDAP(LDAPManager* ldap_mgr, TQString*
return -1;
}
+int LDAPController::uploadKerberosCAKeyFileToLDAP(LDAPManager* ldap_mgr, TQString* errstr) {
+ // Upload the contents of KERBEROS_PKI_PEMKEY_FILE to the LDAP server
+ TQFile cafile(KERBEROS_PKI_PEMKEY_FILE);
+ if (cafile.open(IO_ReadOnly)) {
+ TQByteArray cafiledata = cafile.readAll();
+ if (ldap_mgr->writeCertificateFileIntoDirectory(cafiledata, "privateRootCertificateKey", errstr) != 0) {
+ return -1;
+ }
+ return 0;
+ }
+ return -1;
+}
+
// #define STRICT_SETUP 1
int LDAPController::createNewLDAPRealm(TQWidget* dialogparent, LDAPRealmConfig realmconfig, TQString adminUserName, TQString adminGroupName, TQString machineAdminGroupName, TQString standardUserGroupName, const char * adminPassword, TQString rootUserName, const char * rootPassword, TQString adminRealm, LDAPCertConfig certinfo, TQString *errstr) {
@@ -1201,7 +1221,6 @@ int LDAPController::createNewLDAPRealm(TQWidget* dialogparent, LDAPRealmConfig r
KTempDir configTempDir;
configTempDir.setAutoDelete(true);
-configTempDir.setAutoDelete(false); // RAJA DEBUG ONLY FIXME
TQString destDir = "/etc/";
pdialog.setStatusMessage(i18n("Stopping servers..."));
@@ -1486,6 +1505,15 @@ configTempDir.setAutoDelete(false); // RAJA DEBUG ONLY FIXME
return -1;
}
+ // Upload the contents of KERBEROS_PKI_PEMKEY_FILE to the LDAP server
+ if (uploadKerberosCAKeyFileToLDAP(ldap_mgr, &errorstring) != 0) {
+ delete ldap_mgr;
+ delete credentials;
+ if (errstr) *errstr = errorstring;
+ pdialog.closeDialog();
+ return -1;
+ }
+
// Set @@@ADMINUSER@@@ password in kadmin
LDAPCredentials adminuser;
adminuser.username = adminUserName;
diff --git a/src/ldapcontroller.h b/src/ldapcontroller.h
index da41004..9f5e504 100644
--- a/src/ldapcontroller.h
+++ b/src/ldapcontroller.h
@@ -34,7 +34,7 @@
#include <libtdeldap.h>
-#include "ldapcontrollerconfigbase.h"
+class LDAPControllerConfigBase;
enum sc_command {
SC_START,
@@ -92,6 +92,7 @@ class LDAPController: public KCModule
int setKerberosPasswordForUser(LDAPCredentials user, TQString *errstr);
int createRealmCertificates(LDAPCertConfig certinfo, LDAPRealmConfig realmconfig, uid_t ldap_uid, gid_t ldap_gid);
int uploadKerberosCAFileToLDAP(LDAPManager* ldap_mgr, TQString* errstr=0);
+ int uploadKerberosCAKeyFileToLDAP(LDAPManager* ldap_mgr, TQString* errstr=0);
private:
KAboutData *myAboutData;
diff --git a/src/primaryrealmwizard/Makefile.am b/src/primaryrealmwizard/Makefile.am
new file mode 100644
index 0000000..fd2c48a
--- /dev/null
+++ b/src/primaryrealmwizard/Makefile.am
@@ -0,0 +1,5 @@
+INCLUDES = $(all_includes) $(KDE_INCLUDES)/tde -I$(top_srcdir)/src
+METASOURCES = AUTO
+
+noinst_LTLIBRARIES = libprimaryrealmwizard.la
+libprimaryrealmwizard_la_SOURCES = realmwizard.cpp realmintropagedlg.ui certconfigpagedlg.ui certconfigpage.cpp realmintropage.cpp realmconfigpagedlg.ui realmconfigpage.cpp realmfinishpagedlg.ui realmfinishpage.cpp \ No newline at end of file
diff --git a/src/certconfigpage.cpp b/src/primaryrealmwizard/certconfigpage.cpp
index 2a5b6e6..2a5b6e6 100644
--- a/src/certconfigpage.cpp
+++ b/src/primaryrealmwizard/certconfigpage.cpp
diff --git a/src/certconfigpage.h b/src/primaryrealmwizard/certconfigpage.h
index 57259fc..57259fc 100644
--- a/src/certconfigpage.h
+++ b/src/primaryrealmwizard/certconfigpage.h
diff --git a/src/certconfigpagedlg.ui b/src/primaryrealmwizard/certconfigpagedlg.ui
index 0fad03d..0fad03d 100644
--- a/src/certconfigpagedlg.ui
+++ b/src/primaryrealmwizard/certconfigpagedlg.ui
diff --git a/src/realmconfigpage.cpp b/src/primaryrealmwizard/realmconfigpage.cpp
index 03df77d..03df77d 100644
--- a/src/realmconfigpage.cpp
+++ b/src/primaryrealmwizard/realmconfigpage.cpp
diff --git a/src/realmconfigpage.h b/src/primaryrealmwizard/realmconfigpage.h
index 99ff81f..99ff81f 100644
--- a/src/realmconfigpage.h
+++ b/src/primaryrealmwizard/realmconfigpage.h
diff --git a/src/realmconfigpagedlg.ui b/src/primaryrealmwizard/realmconfigpagedlg.ui
index 1661407..1661407 100644
--- a/src/realmconfigpagedlg.ui
+++ b/src/primaryrealmwizard/realmconfigpagedlg.ui
diff --git a/src/realmfinishpage.cpp b/src/primaryrealmwizard/realmfinishpage.cpp
index ec5b8de..ec5b8de 100644
--- a/src/realmfinishpage.cpp
+++ b/src/primaryrealmwizard/realmfinishpage.cpp
diff --git a/src/realmfinishpage.h b/src/primaryrealmwizard/realmfinishpage.h
index 969d13b..969d13b 100644
--- a/src/realmfinishpage.h
+++ b/src/primaryrealmwizard/realmfinishpage.h
diff --git a/src/realmfinishpagedlg.ui b/src/primaryrealmwizard/realmfinishpagedlg.ui
index 514bbc7..514bbc7 100644
--- a/src/realmfinishpagedlg.ui
+++ b/src/primaryrealmwizard/realmfinishpagedlg.ui
diff --git a/src/realmintropage.cpp b/src/primaryrealmwizard/realmintropage.cpp
index a1f2450..a1f2450 100644
--- a/src/realmintropage.cpp
+++ b/src/primaryrealmwizard/realmintropage.cpp
diff --git a/src/realmintropage.h b/src/primaryrealmwizard/realmintropage.h
index 1c5a9e0..1c5a9e0 100644
--- a/src/realmintropage.h
+++ b/src/primaryrealmwizard/realmintropage.h
diff --git a/src/realmintropagedlg.ui b/src/primaryrealmwizard/realmintropagedlg.ui
index fabd670..fabd670 100644
--- a/src/realmintropagedlg.ui
+++ b/src/primaryrealmwizard/realmintropagedlg.ui
diff --git a/src/realmwizard.cpp b/src/primaryrealmwizard/realmwizard.cpp
index f2a7760..2b10dc5 100644
--- a/src/realmwizard.cpp
+++ b/src/primaryrealmwizard/realmwizard.cpp
@@ -152,6 +152,9 @@ void RealmWizard::next() {
}
else if (currentPage()==certpage) {
// Save certificate information
+ // RAJA FIXME
+ // If generate_certs == false, we need to load m_certconfig structure with data from the provided certificate!
+ // If this is not done, the automatic certificate updater will fail!!!
m_certconfig.generate_certs = certpage->generateKeysEnabled->isOn();
m_certconfig.provided_kerberos_pem = certpage->kerberosPEM->url();
m_certconfig.provided_kerberos_pemkey = certpage->kerberosPEMKEY->url();
diff --git a/src/realmwizard.h b/src/primaryrealmwizard/realmwizard.h
index 34de72b..34de72b 100644
--- a/src/realmwizard.h
+++ b/src/primaryrealmwizard/realmwizard.h