summaryrefslogtreecommitdiffstats
path: root/src/libtdeldap.cpp
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-08-31 23:53:33 +0000
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-08-31 23:53:33 +0000
commit0a81ad9d6e6de1748d6fcfa531c060a3a731c230 (patch)
tree5f492a736cdf85034061b9a2161b235bddbccbd7 /src/libtdeldap.cpp
parentbc95fa92b04a4e372e9e0615def79b6458e5f673 (diff)
downloadlibtdeldap-0a81ad9d6e6de1748d6fcfa531c060a3a731c230.tar.gz
libtdeldap-0a81ad9d6e6de1748d6fcfa531c060a3a731c230.zip
Fix CN/DN ordering
Diffstat (limited to 'src/libtdeldap.cpp')
-rw-r--r--src/libtdeldap.cpp10
1 files changed, 7 insertions, 3 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 66a1397..d0022f9 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -126,8 +126,12 @@ TQString LDAPManager::ldapdnForRealm(TQString realm) {
}
TQString LDAPManager::openssldcForRealm(TQString realm) {
+ TQStringList reversedDomainChunks;
TQStringList domainChunks = TQStringList::split(".", realm.lower());
- TQString basedc = "DC=" + domainChunks.join("/DC=");
+ for (TQStringList::Iterator it = domainChunks.begin(); it != domainChunks.end(); it++) {
+ reversedDomainChunks.prepend(*it);
+ }
+ TQString basedc = "DC=" + reversedDomainChunks.join("/DC=");
basedc = "/" + basedc;
return basedc;
}
@@ -3862,7 +3866,7 @@ int LDAPManager::generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAP
common_name = TQString("/CN=%1").arg(realmcfg.kdc);
}
- subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(common_name).arg(openssldcForRealm(realmcfg.name));
+ subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(certinfo.kerberosExpiryDays).arg(kdc_reqfile).arg(kdc_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
if (system(command) < 0) {
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());
@@ -3913,7 +3917,7 @@ int LDAPManager::generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPReal
common_name = TQString("/CN=%1").arg(realmcfg.kdc);
}
- subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(common_name).arg(openssldcForRealm(realmcfg.name));
+ subject = TQString("\"/C=%1/ST=%2/L=%3/O=%4/OU=%5%6%7\"").arg(certinfo.countryName).arg(certinfo.stateOrProvinceName).arg(certinfo.localityName).arg(certinfo.organizationName).arg(certinfo.orgUnitName).arg(openssldcForRealm(realmcfg.name)).arg(common_name);
command = TQString("openssl req -days %1 -new -out %2 -key %3 -config %4 -subj %5").arg(certinfo.ldapExpiryDays).arg(ldap_reqfile).arg(ldap_keyfile).arg(OPENSSL_EXTENSIONS_FILE).arg(subject);
if (system(command) < 0) {
printf("ERROR: Execution of \"%s\" failed!\n", command.ascii());