summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2013-07-02 17:10:45 +0000
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2013-07-02 17:10:45 +0000
commit999fcba2daf30ed9e596df579d0b172874a048f4 (patch)
tree423efc954278df18ecf1c58adbd5bcbcc4ad18c2
parentb1f6ac87e86415a3f2cec2ac1be2911eda978b45 (diff)
downloadkcmldapcontroller-999fcba2daf30ed9e596df579d0b172874a048f4.tar.gz
kcmldapcontroller-999fcba2daf30ed9e596df579d0b172874a048f4.zip
Set syncrepl TSL CA certificate by default
-rw-r--r--src/ldapcontroller.cpp20
-rw-r--r--src/ldapcontroller.h1
2 files changed, 21 insertions, 0 deletions
diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp
index d8f344a..cdf31e9 100644
--- a/src/ldapcontroller.cpp
+++ b/src/ldapcontroller.cpp
@@ -147,6 +147,7 @@ LDAPController::LDAPController(TQWidget *parent, const char *name, const TQStrin
connect(m_base->multiMasterReplicationMappings, TQT_SIGNAL(executed(TQListViewItem*)), this, TQT_SLOT(modifySelectedMultiMasterReplication()));
m_fqdn = LDAPManager::getMachineFQDN();
+ m_roleFullyConfigured = true;
// FIXME
// This assumes Debian!
@@ -201,6 +202,8 @@ void LDAPController::systemRoleChanged() {
m_base->systemRole->setCurrentItem(previousRole);
}
else {
+ m_roleFullyConfigured = false;
+
// Something will probably change
save();
@@ -215,6 +218,8 @@ void LDAPController::systemRoleChanged() {
// Wizard completed; commit changes
save();
}
+
+ m_roleFullyConfigured = true;
// Something probably changed
load();
@@ -238,6 +243,8 @@ void LDAPController::systemRoleChanged() {
m_base->systemRole->setCurrentItem(previousRole);
}
else {
+ m_roleFullyConfigured = false;
+
// Something will probably change
save();
@@ -252,6 +259,8 @@ void LDAPController::systemRoleChanged() {
// Wizard completed; commit changes
save();
}
+
+ m_roleFullyConfigured = true;
// Something probably changed
load();
@@ -417,9 +426,15 @@ void LDAPController::load() {
// Get builtin TDE account mappings from LDAP
LDAPTDEBuiltinsInfo builtins = ldap_mgr->getTDEBuiltinMappings(&errorstring);
+ if (m_roleFullyConfigured && errorstring != "") {
+ KMessageBox::error(0, errorstring);
+ }
// Get replication mappings from LDAP
LDAPMasterReplicationInfo replicationsettings = ldap_mgr->getLDAPMasterReplicationSettings(&errorstring);
+ if (m_roleFullyConfigured && errorstring != "") {
+ KMessageBox::error(0, errorstring);
+ }
m_base->advancedEnableMultiMasterReplication->setChecked(replicationsettings.enabled);
m_base->multiMasterReplicationMappings->clear();
LDAPMasterReplicationMap::iterator it;
@@ -429,6 +444,9 @@ void LDAPController::load() {
// Get certificate settings from LDAP
TQString realmCAMaster = ldap_mgr->getRealmCAMaster(&errorstring);
+ if (m_roleFullyConfigured && errorstring != "") {
+ KMessageBox::error(0, errorstring);
+ }
delete ldap_mgr;
delete credentials;
@@ -948,6 +966,8 @@ void LDAPController::save() {
m_systemconfig->setGroup("Replication");
replicationSettings.syncPassword = m_systemconfig->readEntry("Password");
m_systemconfig->setGroup(NULL);
+ // Use the TDE LDAP CA for replication TLS
+ replicationSettings.caCertificateFile = KERBEROS_PKI_PEM_FILE;
replicationSettings.ignore_ssl_failure = m_base->ignoreReplicationSSLFailures->isChecked();
diff --git a/src/ldapcontroller.h b/src/ldapcontroller.h
index 150addc..bee45df 100644
--- a/src/ldapcontroller.h
+++ b/src/ldapcontroller.h
@@ -111,6 +111,7 @@ class LDAPController: public TDECModule
TQString m_fqdn;
int m_prevRole;
+ bool m_roleFullyConfigured;
TQString m_ldapUserName;
TQString m_ldapGroupName;