diff options
| author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-09-02 17:28:10 -0500 |
|---|---|---|
| committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-09-02 17:28:10 -0500 |
| commit | a97c0c3d5446361d30fd5ede922d81560c763e0c (patch) | |
| tree | 8b43b236d26c34da0f1163895c8064bb5b6f7eeb /src/libtdeldap.h | |
| parent | 54d8d2580c72d1313182665d49d00b6fcadbe5a7 (diff) | |
| download | libtdeldap-a97c0c3d5446361d30fd5ede922d81560c763e0c.tar.gz libtdeldap-a97c0c3d5446361d30fd5ede922d81560c763e0c.zip | |
Implement several methods required for PKI certificate management
Diffstat (limited to 'src/libtdeldap.h')
| -rw-r--r-- | src/libtdeldap.h | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/src/libtdeldap.h b/src/libtdeldap.h index f472c6c..90b44af 100644 --- a/src/libtdeldap.h +++ b/src/libtdeldap.h @@ -21,6 +21,7 @@ #ifndef _LIBTDELDAP_H_ #define _LIBTDELDAP_H_ +#include <stdint.h> #include <unistd.h> #include <sys/stat.h> #include <ldap.h> @@ -149,6 +150,19 @@ inline KRB5TicketFlags operator&(KRB5TicketFlags a, KRB5TicketFlags b) typedef TQValueList<uid_t> UserList; typedef TQValueList<gid_t> GroupList; +namespace PKICertificateStatus { + enum PKICertificateStatusEnum { + Invalid = 0, + Valid = 1, + Revoked = 2 + }; +} + +typedef TQValueList<TQByteArray> TQByteArrayList; + +typedef TQPair<uint32_t, TQByteArray> PKICertificateEntry; +typedef TQValueList<PKICertificateEntry> PKICertificateEntryList; + class LDAPCredentials { public: @@ -329,6 +343,9 @@ class LDAPUserInfo TQString businessCategory; TQString carLicense; TQString notes; + + // PKI + PKICertificateEntryList pkiCertificates; }; class LDAPGroupInfo @@ -501,6 +518,7 @@ class LDAPManager : public TQObject { int moveKerberosEntries(TQString newSuffix, TQString* errstr=0); int writeCertificateFileIntoDirectory(TQByteArray cert, TQString attr, TQString* errstr=0); + int writePKICertificateFilesIntoDirectory(LDAPUserInfo user, TQString attr, TQString* errstr=0); TQString getRealmCAMaster(TQString* errstr=0); int setRealmCAMaster(TQString masterFQDN, TQString* errstr=0); @@ -524,9 +542,9 @@ class LDAPManager : public TQObject { static int generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAPRealmConfig realmcfg); static int generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPRealmConfig realmcfg, uid_t ldap_uid, gid_t ldap_gid); - static int generateClientCertificatePair(LDAPCertConfig certinfo, LDAPUserInfo user, LDAPRealmConfig realmcfg, TQString signingPrivateKeyFile, TQString privateKeyFile, TQString publicCertFile, TQString *errstr=0); + static int generateClientCertificatePair(int expirydays, LDAPUserInfo user, LDAPRealmConfig realmcfg, TQString signingPrivateKeyFile, TQString privateKeyFile, TQString publicCertFile, TQString *errstr=0); static int generateClientCertificatePrivateKey(LDAPUserInfo user, LDAPRealmConfig realmcfg, TQString privateKeyFile, TQString *errstr=0); - static int generateClientCertificatePublicCertificate(LDAPCertConfig certinfo, LDAPUserInfo user, LDAPRealmConfig realmcfg, TQString signingPrivateKeyFile, TQString privateKeyFile, TQString publicCertFile, TQString *errstr=0); + static int generateClientCertificatePublicCertificate(int expirydays, LDAPUserInfo user, LDAPRealmConfig realmcfg, TQString signingPrivateKeyFile, TQString privateKeyFile, TQString publicCertFile, TQString *errstr=0); static TQString ldapdnForRealm(TQString realm); static TQString openssldcForRealm(TQString realm); |