Store CRL expiry in LDAP

author: Timothy Pearson <kb9vqf@pearsoncomputing.net> 2015-09-03 06:31:38 +0000
committer: Timothy Pearson <kb9vqf@pearsoncomputing.net> 2015-09-03 06:31:38 +0000
commit: 0fce8b42b6e69cd01b1640799345d83129e0ee1d (patch)
tree: 71bc23752a3571d068e03ae2510b4575750f45e1 /src
parent: efb81441defd8685d0db0cc143137e8a4e7a35b1 (diff)
download: libtdeldap-0fce8b42b6e69cd01b1640799345d83129e0ee1d.tar.gz
libtdeldap-0fce8b42b6e69cd01b1640799345d83129e0ee1d.zip
2 files changed, 38 insertions, 0 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 8f6ad0c..950d653 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -2842,6 +2842,43 @@ int LDAPManager::setRealmCAMaster(TQString masterFQDN, TQString* errstr) {
 	}
 }
 
+int LDAPManager::setLdapCertificateStoreAttribute(TQString attribute, TQString value, TQString* errstr) {
+	int retcode;
+	int i;
+
+	if (bind() < 0) {
+		return -1;
+	}
+	else {
+		// Assemble the LDAPMod structure
+		// We will replace any existing attributes with the new values
+		int number_of_parameters = 1;				// 1 primary attribute
+		LDAPMod *mods[number_of_parameters+1];
+		set_up_attribute_operations(mods, number_of_parameters);
+
+		// Load LDAP modification requests from provided data structure
+		i=0;
+		add_single_attribute_operation(mods, &i, attribute, value);
+		LDAPMod *prevterm = mods[i];
+		mods[i] = NULL;
+
+		// Perform LDAP update
+		retcode = ldap_modify_ext_s(m_ldap, TQString("cn=certificate store,o=tde,cn=tde realm data,ou=master services,ou=core,ou=realm,%1").arg(m_basedc).ascii(), mods, NULL, NULL);
+
+		// Clean up
+		clean_up_attribute_operations(i, mods, prevterm, number_of_parameters);
+
+		if (retcode != LDAP_SUCCESS) {
+			if (errstr) *errstr = i18n("<qt>LDAP certificate store attribute modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
+			else KMessageBox::error(0, i18n("<qt>LDAP certificate store attribute modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+			return -2;
+		}
+		else {
+			return 0;
+		}
+	}
+}
+
 // Special method, used when creating a new Kerberos realm
 int LDAPManager::moveKerberosEntries(TQString newSuffix, TQString* errstr) {
 	int retcode;
diff --git a/src/libtdeldap.h b/src/libtdeldap.h
index d4c759f..0d08e59 100644
--- a/src/libtdeldap.h
+++ b/src/libtdeldap.h
@@ -526,6 +526,7 @@ class LDAPManager : public TQObject {
 
 		TQString getRealmCAMaster(TQString* errstr=0);
 		int setRealmCAMaster(TQString masterFQDN, TQString* errstr=0);
+		int setLdapCertificateStoreAttribute(TQString attribute, TQString value, TQString* errstr=0);
 
 		LDAPTDEBuiltinsInfo getTDEBuiltinMappings(TQString *errstr=0);
 		LDAPMasterReplicationInfo getLDAPMasterReplicationSettings(TQString *errstr=0);
author	Timothy Pearson <kb9vqf@pearsoncomputing.net>	2015-09-03 06:31:38 +0000
committer	Timothy Pearson <kb9vqf@pearsoncomputing.net>	2015-09-03 06:31:38 +0000
commit	0fce8b42b6e69cd01b1640799345d83129e0ee1d (patch)
tree	71bc23752a3571d068e03ae2510b4575750f45e1 /src
parent	efb81441defd8685d0db0cc143137e8a4e7a35b1 (diff)
download	libtdeldap-0fce8b42b6e69cd01b1640799345d83129e0ee1d.tar.gz libtdeldap-0fce8b42b6e69cd01b1640799345d83129e0ee1d.zip