diff options
| author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2013-03-21 00:05:19 -0500 |
|---|---|---|
| committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2013-03-21 00:05:19 -0500 |
| commit | fae0948a282c3cb72299692c9cb0af261ea5d80a (patch) | |
| tree | a1fa3a7808d966d8d196fa5e63e8c53bed676021 /src/libtdeldap.h | |
| parent | e0f5e6ac4e90ddd00a941914f1aca4494c9a0e31 (diff) | |
| download | libtdeldap-fae0948a282c3cb72299692c9cb0af261ea5d80a.tar.gz libtdeldap-fae0948a282c3cb72299692c9cb0af261ea5d80a.zip | |
Move core code from the bonding utility to this library
Diffstat (limited to 'src/libtdeldap.h')
| -rw-r--r-- | src/libtdeldap.h | 40 |
1 files changed, 35 insertions, 5 deletions
diff --git a/src/libtdeldap.h b/src/libtdeldap.h index f9bea53..a6d47b4 100644 --- a/src/libtdeldap.h +++ b/src/libtdeldap.h @@ -1,5 +1,5 @@ /*************************************************************************** - * Copyright (C) 2012 by Timothy Pearson * + * Copyright (C) 2012-2013 by Timothy Pearson * * kb9vqf@pearsoncomputing.net * * * * This program is free software; you can redistribute it and/or modify * @@ -35,7 +35,11 @@ // Connect this to CMake/Automake #define TDE_BINDIR "/opt/trinity/bin" +#define TDE_LDAP_PID_DIR "/etc/trinity/ldap/pid/" +#define TDE_LDAP_CERT_UPDATER_PID_FILE TDE_LDAP_PID_DIR "/tdeldapcertupdater.pid" + #define TDE_CERTIFICATE_DIR "/etc/trinity/ldap/tde-ca/" + #define KERBEROS_PKI_ANCHORDIR "/etc/trinity/ldap/tde-ca/anchors/" #define KERBEROS_PKI_PRIVATEDIR "/etc/trinity/ldap/tde-ca/private/" #define KERBEROS_PKI_PUBLICDIR "/etc/trinity/ldap/tde-ca/public/" @@ -185,6 +189,26 @@ class LDAPCertConfig TQString emailAddress; }; +// PRIVATE +class LDAPClientRealmConfig +{ + public: + bool enable_bonding; + TQString hostFQDN; + TQString defaultRealm; + int ticketLifetime; + TQString ldapRole; + + int ldapVersion; + int ldapTimeout; + TQString bindPolicy; + int ldapBindTimeout; + TQString passwordHash; + TQString ignoredUsers; + + bool configurationVerifiedForLocalMachine; +}; + typedef TQMap<TQString, LDAPRealmConfig> LDAPRealmConfigList; class LDAPUserInfo @@ -402,11 +426,9 @@ class LDAPManager : public TQObject { int getTDECertificate(TQString certificateName, TQString fileName, TQString *errstr=0); int setPasswordForUser(LDAPUserInfo user, TQString *errstr); - static void writeCronFiles(); static void writePrimaryRealmCertificateUpdateCronFile(); static TQString getMachineFQDN(); - static void writeLDAPConfFile(LDAPRealmConfig realmcfg); - static void writeTDERealmList(LDAPRealmConfigList realms, KSimpleConfig* config); + static int writeTDERealmList(LDAPRealmConfigList realms, KSimpleConfig* config, TQString *errstr=0); static LDAPRealmConfigList readTDERealmList(KSimpleConfig* config, bool disableAllBonds=false); static TQDateTime getCertificateExpiration(TQString certfile); @@ -426,7 +448,15 @@ class LDAPManager : public TQObject { static TQString detailedKAdminErrorMessage(TQString initialMessage); static TQString readFullLineFromPtyProcess(PtyProcess* proc); - static int bondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0); + static LDAPClientRealmConfig loadClientRealmConfig(KSimpleConfig* config, bool useDefaults=false); + static int saveClientRealmConfig(LDAPClientRealmConfig clientRealmConfig, KSimpleConfig* config, TQString *errstr=0); + static int writeClientKrb5ConfFile(LDAPClientRealmConfig clientRealmConfig, LDAPRealmConfigList realmList, TQString *errstr=0); + static int writeLDAPConfFile(LDAPRealmConfig realmcfg, TQString *errstr=0); + static int writeNSSwitchFile(TQString *errstr=0); + static int writeClientCronFiles(TQString *errstr=0); + static int writePAMFiles(TQString *errstr=0); + + static int bondRealm(TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0); static int unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0); private: |