diff options
author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-08-31 23:53:33 +0000 |
---|---|---|
committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-08-31 23:53:33 +0000 |
commit | 0a81ad9d6e6de1748d6fcfa531c060a3a731c230 (patch) | |
tree | 5f492a736cdf85034061b9a2161b235bddbccbd7 /src/libtdeldap.cpp | |
parent | bc95fa92b04a4e372e9e0615def79b6458e5f673 (diff) | |
download | libtdeldap-0a81ad9d6e6de1748d6fcfa531c060a3a731c230.tar.gz libtdeldap-0a81ad9d6e6de1748d6fcfa531c060a3a731c230.zip |
Fix CN/DN ordering
Diffstat (limited to 'src/libtdeldap.cpp')
-rw-r--r-- | src/libtdeldap.cpp | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp index 66a1397..d0022f9 100644 --- a/src/libtdeldap.cpp +++ b/src/libtdeldap.cpp @@ -126,8 +126,12 @@ TQString LDAPManager::ldapdnForRealm(TQString realm) { } TQString LDAPManager::openssldcForRealm(TQString realm) { + TQStringList reversedDomainChunks; TQStringList domainChunks = TQStringList::split(".", realm.lower()); - TQString basedc = "DC=" + domainChunks.join("/DC="); + for (TQStringList::Iterator it = domainChunks.begin(); it != domainChunks.end(); it++) { + reversedDomainChunks.prepend(*it); + } + TQString basedc = "DC=" + reversedDomainChunks.join("/DC="); basedc = "/" + basedc; return basedc; } @@ -3862,7 +3866,7 @@ int LDAPManager::generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAP common_name = TQString("/CN=%1").arg(realmcfg.kdc); } - subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(common_name).arg(openssldcForRealm(realmcfg.name)); + subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name); command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(certinfo.kerberosExpiryDays).arg(kdc_reqfile).arg(kdc_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject); if (system(command) < 0) { printf("ERROR: Execution of \"%s\" failed!\n", command.ascii()); @@ -3913,7 +3917,7 @@ int LDAPManager::generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPReal common_name = TQString("/CN=%1").arg(realmcfg.kdc); } - subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(common_name).arg(openssldcForRealm(realmcfg.name)); + subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name); command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(certinfo.ldapExpiryDays).arg(ldap_reqfile).arg(ldap_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject); if (system(command) < 0) { printf("ERROR: Execution of \"%s\" failed!\n", command.ascii()); |