Use TDE cmake macro to set version

Signed-off-by: Michele Calgaro <michele.calgaro@yahoo.it>
(cherry picked from commit 5e4a41a6a5)

CMakeLists.txt

@@ -7,11 +7,7 @@
 ############################################
 
 
-##### set project version ########################
-
-include( TDEVersion )
-cmake_minimum_required( VERSION ${TDE_CMAKE_MINIMUM_VERSION} )
-tde_set_project_version( )
+cmake_minimum_required( VERSION 3.1 )
 
 
 #### general package setup
@@ -35,6 +31,11 @@ include( CheckCXXSourceCompiles )
 include( TDEMacros )
 
 
+##### set version number ########################
+
+tde_set_project_version( )
+
+
 ##### setup install paths
 
 include( TDESetupPaths )
@@ -58,8 +59,6 @@ option( WITH_GCC_VISIBILITY "Enable fvisibility and fvisibility-inlines-hidden"
 
 set( KDE_CONFDIR "/etc/trinity" CACHE STRING "TDE Settings Directory" )
 set( KRB5_FILE "/etc/krb5.conf" CACHE STRING "Kerberos config file"   )
-set( SYSTEM_CA_STORE_CERT_LOCATION "/usr/local/share/ca-certificates/" CACHE STRING "Location of ca-certificates" )
-set( SYSTEM_CA_STORE_REGENERATE_COMMAND "update-ca-certificates" CACHE STRING "Command to update ca-certificates" )
 set( CRON_UPDATE_PRIMARY_REALM_CERTIFICATES_OPENLDAP_RELOAD_COMMAND "/etc/init.d/slapd force-reload" CACHE STRING "Cron command to update openLDAP" )
 
 
@@ -70,7 +69,7 @@ include( ConfigureChecks.cmake )
 
 ###### global compiler settings
 
-add_definitions( -DHAVE_CONFIG_H ${ENABLE_PERMISSIVE_FLAG} )
+add_definitions( -DHAVE_CONFIG_H )
 
 set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${TQT_CXX_FLAGS}" )
 set( CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,--no-undefined" )

ConfigureChecks.cmake

@@ -26,104 +26,9 @@ if( WITH_GCC_VISIBILITY )
 endif( WITH_GCC_VISIBILITY )
 
 
-##### get the system's default path for libraries
-
-tde_save_and_set( CMAKE_INSTALL_PREFIX "/usr" )
-include( GNUInstallDirs OPTIONAL )
-if( CMAKE_INSTALL_LIBDIR )
-  set( SYSTEM_LIBDIR "${CMAKE_INSTALL_LIBDIR}" )
-else( )
-  set( SYSTEM_LIBDIR "lib${LIB_SUFFIX}" )
-endif( )
-tde_restore( CMAKE_INSTALL_PREFIX )
-
-
 ##### check for ldap
 
 find_library( HAVE_LIBLDAP ldap )
 if( NOT HAVE_LIBLDAP )
   tde_message_fatal( "ldap is required, but was not found on your system" )
 endif( NOT HAVE_LIBLDAP )
-
-
-##### check for krb5
-
-pkg_search_module( KRB5 heimdal-krb5 krb5 )
-if( NOT KRB5_FOUND)
-  if( NOT DEFINED KRB5_CONFIG_EXECUTABLE )
-    find_program( KRB5_CONFIG_EXECUTABLE NAMES krb5-config.heimdal krb5-config )
-    if( NOT KRB5_CONFIG_EXECUTABLE )
-      tde_message_fatal( "krb5 library is required but not found on your system" )
-    endif( )
-  endif( )
-
-  execute_process(
-    COMMAND ${KRB5_CONFIG_EXECUTABLE} --libs
-    OUTPUT_VARIABLE KRB5_LIBRARIES
-    ERROR_VARIABLE KRB5_LIBRARIES
-    OUTPUT_STRIP_TRAILING_WHITESPACE
-    ERROR_STRIP_TRAILING_WHITESPACE
-  )
-  execute_process(
-    COMMAND ${KRB5_CONFIG_EXECUTABLE} --cflags
-    OUTPUT_VARIABLE KRB5_INCLUDE_DIRS
-    ERROR_VARIABLE KRB5_INCLUDE_DIRS
-    OUTPUT_STRIP_TRAILING_WHITESPACE
-    ERROR_STRIP_TRAILING_WHITESPACE
-  )
-  if( NOT "${KRB5_LIBRARIES}" STREQUAL "" )
-    set( KRB5_FOUND 1 )
-  endif( )
-endif( )
-
-find_path( HEIMDAL_INCLUDEDIR
-    NAMES krb5_asn1.h
-    HINTS ${KRB5_INCLUDE_DIRS} ${KRB5_INCLUDEDIR} /usr/include
-    PATH_SUFFIXES "heimdal"
-)
-if( NOT "${HEIMDAL_INCLUDEDIR}" STREQUAL "${KRB5_INCLUDEDIR}" )
-  # fix Heimdal include dirs
-  set( KRB5_INCLUDE_DIRS "${HEIMDAL_INCLUDEDIR}" )
-endif( )
-
-find_path( HEIMDAL_LIBDIR
-    NAMES libhdb.so
-    HINTS
-      ${KRB5_LIBRARY_DIRS} ${KRB5_LIBDIR}
-      /usr/${SYSTEM_LIBDIR} /usr/local/${SYSTEM_LIBDIR}
-    PATH_SUFFIXES "heimdal"
-)
-if( NOT "${HEIMDAL_LIBDIR}" STREQUAL "${KRB5_LIBDIR}" )
-  # fix Heimdal library dirs
-  set( KRB5_LIBRARY_DIRS "${HEIMDAL_LIBDIR}" )
-endif( )
-
-if( "${HEIMDAL_INCLUDEDIR}" STREQUAL "HEIMDAL_INCLUDEDIR-NOTFOUND" OR
-    "${HEIMDAL_LIBDIR}" STREQUAL "HEIMDAL_LIBDIR-NOTFOUND" )
-    tde_message_fatal( "Heimdal Kerberos is required, but was not found on our system" )
-endif( )
-
-
-# check compiler permissive flag
-check_cxx_compiler_flag( -fpermissive HAVE_PERMISSIVE_SUPPORT )
-if( HAVE_PERMISSIVE_SUPPORT )
-  set( ENABLE_PERMISSIVE_FLAG "-fpermissive" )
-endif( )
-
-
-##### check for tdehwlib
-
-tde_save_and_set( CMAKE_REQUIRED_INCLUDES "${TDE_INCLUDE_DIR}" )
-check_cxx_source_compiles( "
-  #include <tdemacros.h>
-    #ifndef __TDE_HAVE_TDEHWLIB
-    #error tdecore is not build with tdehwlib
-    #endif
-    int main() { return 0; } "
-  HAVE_TDEHWLIB
-)
-tde_restore( CMAKE_REQUIRED_INCLUDES )
-if( NOT HAVE_TDEHWLIB )
-  tde_message_fatal( "tdehwlib is required, but not built in tdecore" )
-endif( NOT HAVE_TDEHWLIB )
-set( TDEHW_LIBRARIES "tdehw-shared" )

config.h.cmake

@@ -1,7 +1,7 @@
 #define VERSION "@VERSION@"
 
 // Defined if you have fvisibility and fvisibility-inlines-hidden support.
-#cmakedefine __TDE_HAVE_GCC_VISIBILITY 1
+#cmakedefine __KDE_HAVE_GCC_VISIBILITY 1
 
 /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
    significant byte first (like Motorola and SPARC, unlike Intel). */
@@ -13,11 +13,5 @@
 /* Define Kerberos config file */
 #cmakedefine KRB5_FILE "@KRB5_FILE@"
 
-/* Define Location of ca-certificates */
-#cmakedefine SYSTEM_CA_STORE_CERT_LOCATION "@SYSTEM_CA_STORE_CERT_LOCATION@"
-
-/* Define Command to update ca-certificats */
-#cmakedefine SYSTEM_CA_STORE_REGENERATE_COMMAND "@SYSTEM_CA_STORE_REGENERATE_COMMAND@"
-
 /* Define Cron command to update openLDAP certificats */
 #cmakedefine CRON_UPDATE_PRIMARY_REALM_CERTIFICATES_OPENLDAP_RELOAD_COMMAND "@CRON_UPDATE_PRIMARY_REALM_CERTIFICATES_OPENLDAP_RELOAD_COMMAND@"

src/CMakeLists.txt

@@ -11,7 +11,6 @@ include_directories(
 link_directories(
   ${TQT_LIBRARY_DIRS}
   ${TDE_LIB_DIR}
-  ${KRB5_LIBRARY_DIRS}
 )
 
 
@@ -28,9 +27,8 @@ tde_add_library( tdeldap SHARED AUTOMOC
      tdeui-shared
      tdecore-shared
      tdeio-shared
-     ${TDEHW_LIBRARIES}
      tdesu
-     krb5 kadm5clnt kadm5srv hdb lber 
+     lber
      ldap
 
   VERSION 1.0.0

src/ldaplogindlg.cpp

@@ -23,13 +23,13 @@
 #include <tqmap.h>
 
 #include <tdeapplication.h>
-#include <tdesimpleconfig.h>
+#include <ksimpleconfig.h>
 #include <tdelocale.h>
 #include <kdebug.h>
-#include <tdestandarddirs.h>
+#include <kstandarddirs.h>
 #include <kiconloader.h>
 #include <dcopclient.h>
-#include <tdeprocess.h>
+#include <kprocess.h>
 #include <kcombobox.h>
 
 #include "ldaplogindlg.h"

src/ldaplogindlg.h

@@ -30,7 +30,7 @@ class TQStringList;
   */
 
 class LDAPLogin : public LDAPLoginDlg  {
-	TQ_OBJECT
+	Q_OBJECT
 public:
 	LDAPLogin(TQWidget *parent=0, const char *name=0);
 	~LDAPLogin();

src/ldappasswddlg.cpp

@@ -32,8 +32,8 @@
 #include "ldaplogindlg.h"
 #include "ldappasswddlg.h"
 
-LDAPPasswordDialog::LDAPPasswordDialog(TQWidget* parent, const char* name, bool allowGSSAPI, bool allowSmartCard)
-	: KDialogBase(parent, name, true, i18n("LDAP Authentication"), Ok|Cancel|((allowGSSAPI)?User1:0)|((allowSmartCard)?User2:0), Ok, true, i18n("Authenticate with SASL/GSSAPI"), i18n("Authenticate with cryptographic card"))
+LDAPPasswordDialog::LDAPPasswordDialog(TQWidget* parent, const char* name, bool allowGSSAPI)
+	: KDialogBase(parent, name, true, i18n("LDAP Authentication"), (allowGSSAPI)?Ok|Cancel|User1:Ok|Cancel, Ok, true, i18n("Authenticate with SASL/GSSAPI"))
 {
 	m_base = new LDAPLogin(this);
 
@@ -42,19 +42,11 @@ LDAPPasswordDialog::LDAPPasswordDialog(TQWidget* parent, const char* name, bool
 
 void LDAPPasswordDialog::slotOk() {
 	use_gssapi = false;
-	use_smartcard = false;
 	accept();
 }
 
 void LDAPPasswordDialog::slotUser1() {
 	use_gssapi = true;
-	use_smartcard = false;
-	accept();
-}
-
-void LDAPPasswordDialog::slotUser2() {
-	use_gssapi = false;
-	use_smartcard = true;
 	accept();
 }
 

src/ldappasswddlg.h

@@ -26,22 +26,20 @@
 
 class LDAPLogin;
 
-class TDE_EXPORT LDAPPasswordDialog : public KDialogBase
+class KDE_EXPORT LDAPPasswordDialog : public KDialogBase
 {
-	TQ_OBJECT
+	Q_OBJECT
 
 public:
-	LDAPPasswordDialog(TQWidget* parent = 0, const char* name = 0, bool allowGSSAPI = true, bool allowSmartCard = false);
+	LDAPPasswordDialog(TQWidget* parent = 0, const char* name = 0, bool allowGSSAPI = true);
 
 public slots:
 	void slotOk();
 	void slotUser1();
-	void slotUser2();
 
 public:
 	LDAPLogin *m_base;
 	bool use_gssapi;
-	bool use_smartcard;
 };
 
 #endif

src/libtdeldap.h

@@ -1,5 +1,5 @@
 /***************************************************************************
- *   Copyright (C) 2012-2015 by Timothy Pearson                            *
+ *   Copyright (C) 2012-2013 by Timothy Pearson                            *
  *   kb9vqf@pearsoncomputing.net                                           *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
@@ -21,19 +21,16 @@
 #ifndef _LIBTDELDAP_H_
 #define _LIBTDELDAP_H_
 
-#include <stdint.h>
 #include <unistd.h>
 #include <sys/stat.h>
 #include <ldap.h>
-#include <kadm5/admin.h>
 
 #include <tqobject.h>
 #include <tqstring.h>
 #include <tqdatetime.h>
 #include <tqvaluelist.h>
-#include <tqfile.h>
 
-#include <tdesimpleconfig.h>
+#include <ksimpleconfig.h>
 
 // FIXME
 // Connect this to CMake/Automake
@@ -50,8 +47,6 @@
 
 #define KERBEROS_PKI_PEM_FILE KERBEROS_PKI_ANCHORDIR "tdeca.pem"
 #define KERBEROS_PKI_PEMKEY_FILE KERBEROS_PKI_ANCHORDIR "tdeca.key.pem"
-#define KERBEROS_PKI_CRL_FILE KERBEROS_PKI_ANCHORDIR "tdecrl.pem"
-#define KERBEROS_PKI_CRLDB_FILE KERBEROS_PKI_ANCHORDIR "tdecrl.db"
 #define KERBEROS_PKI_KDC_FILE KERBEROS_PKI_PUBLICDIR "@@@KDCSERVER@@@.pki.crt"
 #define KERBEROS_PKI_KDCKEY_FILE KERBEROS_PKI_PRIVATEDIR "@@@KDCSERVER@@@.pki.key"
 #define KERBEROS_PKI_KDCREQ_FILE KERBEROS_PKI_PRIVATEDIR "@@@KDCSERVER@@@.pki.req"
@@ -59,23 +54,14 @@
 #define LDAP_CERT_FILE KERBEROS_PKI_PUBLICDIR "@@@ADMINSERVER@@@.ldap.crt"
 #define LDAP_CERTKEY_FILE KERBEROS_PKI_PRIVATEDIR "@@@ADMINSERVER@@@.ldap.key"
 #define LDAP_CERTREQ_FILE KERBEROS_PKI_PRIVATEDIR "@@@ADMINSERVER@@@.ldap.req"
-#define LDAP_CERTREVOC_FILE KERBEROS_PKI_PUBLICDIR "@@@ADMINSERVER@@@.ldap.crl"
 
-#define OPENSSL_EXTENSIONS_FILE TDE_CERTIFICATE_DIR "openssl.cfg"
+#define OPENSSL_EXTENSIONS_FILE TDE_CERTIFICATE_DIR "pki_extensions"
 
 #define DEFAULT_IGNORED_USERS_LIST "avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,haldaemon,hplip,irc,klog,landscape,libuuid,list,lp,mail,man,messagebus,news,ntp,polkituser,postfix,proxy,pulse,root,rtkit,saned,sshd,statd,sync,sys,syslog,timidity,usbmux,uucp,www-data"
 
 #define CRON_UPDATE_PRIMARY_REALM_CERTIFICATES_FILE "/etc/cron.daily/tde-upd-pri-rlm-certs"
 #define CRON_UPDATE_PRIMARY_REALM_CERTIFICATES_COMMAND TDE_BINDIR "/primaryrccertupdater"
 
-// 1 year
-#define KERBEROS_PKI_PEMKEY_EXPIRY_DAYS 365
-
-// 1 month
-#define KERBEROS_PKI_CRL_EXPIRY_DAYS 30
-#define KERBEROS_PKI_KRB_EXPIRY_DAYS 30
-#define KERBEROS_PKI_LDAP_EXPIRY_DAYS 30
-
 // Values from hdb.asn1
 enum LDAPKRB5Flags {
 	KRB5_INITIAL			= 0x00000001,
@@ -155,20 +141,7 @@ inline KRB5TicketFlags operator&(KRB5TicketFlags a, KRB5TicketFlags b)
 typedef TQValueList<uid_t> UserList;
 typedef TQValueList<gid_t> GroupList;
 
-namespace PKICertificateStatus {
-	enum PKICertificateStatusEnum {
-		Invalid		= 0,
-		Valid		= 1,
-		Revoked		= 2
-	};
-}
-
-typedef TQValueList<TQByteArray> TQByteArrayList;
-
-typedef TQPair<uint32_t, TQByteArray> PKICertificateEntry;
-typedef TQValueList<PKICertificateEntry> PKICertificateEntryList;
-
-class TDE_EXPORT LDAPCredentials
+class KDE_EXPORT LDAPCredentials
 {
 	public:
 		LDAPCredentials();
@@ -176,16 +149,15 @@ class TDE_EXPORT LDAPCredentials
 
 	public:
 		TQString username;
-		TQString password;
+		TQCString password;
 		TQString realm;
 		bool use_tls;
 		bool use_gssapi;
-		bool use_smartcard;
 		TQString service;
 };
 
 // PRIVATE
-class TDE_EXPORT LDAPRealmConfig
+class KDE_EXPORT LDAPRealmConfig
 {
 	public:
 		TQString name;
@@ -201,16 +173,11 @@ class TDE_EXPORT LDAPRealmConfig
 		bool pkinit_require_krbtgt_otherName;
 		bool win2k_pkinit;
 		bool win2k_pkinit_require_binding;
-		TQString certificate_revocation_list_url;
 };
 
 // PRIVATE
-class TDE_EXPORT LDAPCertConfig
+class KDE_EXPORT LDAPCertConfig
 {
-	public:
-		LDAPCertConfig();
-		~LDAPCertConfig();
-
 	public:
 		bool generate_certs;
 		TQString provided_kerberos_pem;
@@ -220,11 +187,6 @@ class TDE_EXPORT LDAPCertConfig
 		TQString provided_ldap_crt;
 		TQString provided_ldap_key;
 
-		int caExpiryDays;
-		int caCrlExpiryDays;
-		int kerberosExpiryDays;
-		int ldapExpiryDays;
-
 		TQString countryName;
 		TQString stateOrProvinceName;
 		TQString localityName;
@@ -235,15 +197,13 @@ class TDE_EXPORT LDAPCertConfig
 };
 
 // PRIVATE
-class TDE_EXPORT LDAPPamConfig
+class KDE_EXPORT LDAPPamConfig
 {
 	public:
 		LDAPPamConfig();
 		~LDAPPamConfig();
 
 	public:
-		bool enable_pkcs11_login;
-		int pkcs11_login_card_slot;
 		bool enable_cached_credentials;
 		bool autocreate_user_directories_enable;
 		mode_t autocreate_user_directories_umask;
@@ -251,7 +211,7 @@ class TDE_EXPORT LDAPPamConfig
 };
 
 // PRIVATE
-class TDE_EXPORT LDAPClientRealmConfig
+class KDE_EXPORT LDAPClientRealmConfig
 {
 	public:
 		bool enable_bonding;
@@ -274,7 +234,7 @@ class TDE_EXPORT LDAPClientRealmConfig
 
 typedef TQMap<TQString, LDAPRealmConfig> LDAPRealmConfigList;
 
-class TDE_EXPORT LDAPUserInfo
+class KDE_EXPORT LDAPUserInfo
 {
 	public:
 		LDAPUserInfo();
@@ -292,7 +252,7 @@ class TDE_EXPORT LDAPUserInfo
 		gid_t primary_gid;
 		bool tde_builtin_account;
 		LDAPKRB5Flags status;			// Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT]
-		TQString new_password;
+		TQCString new_password;
 		TQDateTime account_created;
 		TQDateTime account_modified;
 		TQDateTime password_last_changed;
@@ -352,12 +312,9 @@ class TDE_EXPORT LDAPUserInfo
 		TQString businessCategory;
 		TQString carLicense;
 		TQString notes;
-
-		// PKI
-		PKICertificateEntryList pkiCertificates;
 };
 
-class TDE_EXPORT LDAPGroupInfo
+class KDE_EXPORT LDAPGroupInfo
 {
 	public:
 		LDAPGroupInfo();
@@ -374,7 +331,7 @@ class TDE_EXPORT LDAPGroupInfo
 		TQStringList userlist;
 };
 
-class TDE_EXPORT LDAPMachineInfo
+class KDE_EXPORT LDAPMachineInfo
 {
 	public:
 		LDAPMachineInfo();
@@ -391,7 +348,7 @@ class TDE_EXPORT LDAPMachineInfo
 		LDAPKRB5Flags status;		// Default is 126 [KRB5_MACHINE_ACCOUNT_DEFAULT]
 };
 
-class TDE_EXPORT LDAPServiceInfo
+class KDE_EXPORT LDAPServiceInfo
 {
 	public:
 		LDAPServiceInfo();
@@ -409,7 +366,7 @@ class TDE_EXPORT LDAPServiceInfo
 		LDAPKRB5Flags status;		// Default is 126 [KRB5_SERVICE_PRINCIPAL_DEFAULT]
 };
 
-class TDE_EXPORT LDAPTDEBuiltinsInfo
+class KDE_EXPORT LDAPTDEBuiltinsInfo
 {
 	public:
 		LDAPTDEBuiltinsInfo();
@@ -423,7 +380,7 @@ class TDE_EXPORT LDAPTDEBuiltinsInfo
 		TQString builtinStandardUserGroup;
 };
 
-class TDE_EXPORT LDAPMasterReplicationMapping
+class KDE_EXPORT LDAPMasterReplicationMapping
 {
 	public:
 		LDAPMasterReplicationMapping();
@@ -436,7 +393,7 @@ class TDE_EXPORT LDAPMasterReplicationMapping
 
 typedef TQValueList<LDAPMasterReplicationMapping> LDAPMasterReplicationMap;
 
-class TDE_EXPORT LDAPMasterReplicationInfo
+class KDE_EXPORT LDAPMasterReplicationInfo
 {
 	public:
 		LDAPMasterReplicationInfo();
@@ -450,14 +407,14 @@ class TDE_EXPORT LDAPMasterReplicationInfo
 		int timeout;
 		int syncMethod;
 		TQString syncDN;
-		TQString syncPassword;
+		TQCString syncPassword;
 		TQString certificateFile;
 		TQString caCertificateFile;
 		bool ignore_ssl_failure;
 		bool replicate_olcGlobal;
 };
 
-class TDE_EXPORT KerberosTicketInfo
+class KDE_EXPORT KerberosTicketInfo
 {
 	public:
 		KerberosTicketInfo();
@@ -488,8 +445,8 @@ typedef TQValueList<KerberosTicketInfo> KerberosTicketInfoList;
 
 class PtyProcess;
 
-class TDE_EXPORT LDAPManager : public TQObject {
-	TQ_OBJECT
+class KDE_EXPORT LDAPManager : public TQObject {
+	Q_OBJECT
 
 	public:
 		LDAPManager(TQString realm, TQString host, TQObject *parent=0, const char *name=0);
@@ -522,54 +479,37 @@ class TDE_EXPORT LDAPManager : public TQObject {
 		int deleteServiceInfo(LDAPServiceInfo service, TQString *errstr=0);
 
 		int exportKeytabForPrincipal(TQString principal, TQString fileName, TQString *errstr=0);
-		int deleteKeytabEntriesForPrincipal(TQString principal, TQString fileName, TQString *errstr=0);
 
-		LDAPCredentials currentLDAPCredentials(bool inferGSSAPIData=false);
+		LDAPCredentials currentLDAPCredentials();
 
 		int moveKerberosEntries(TQString newSuffix, TQString* errstr=0);
 		int writeCertificateFileIntoDirectory(TQByteArray cert, TQString attr, TQString* errstr=0);
-		int writePKICertificateFilesIntoDirectory(LDAPUserInfo user, TQString attr, TQString* errstr=0);
 
 		TQString getRealmCAMaster(TQString* errstr=0);
 		int setRealmCAMaster(TQString masterFQDN, TQString* errstr=0);
-		int getLdapCertificateStoreAttribute(TQString attribute, TQString* value, TQString* errstr=0);
-		int setLdapCertificateStoreAttribute(TQString attribute, TQString value, TQString* errstr=0);
 
 		LDAPTDEBuiltinsInfo getTDEBuiltinMappings(TQString *errstr=0);
 		LDAPMasterReplicationInfo getLDAPMasterReplicationSettings(TQString *errstr=0);
 		int setLDAPMasterReplicationSettings(LDAPMasterReplicationInfo replicationinfo, TQString *errstr=0);
 		int writeSudoersConfFile(TQString *errstr=0);
-		int getTDECertificate(TQString certificateName, TQFile *fileHandle, TQString *errstr=0);
 		int getTDECertificate(TQString certificateName, TQString fileName, TQString *errstr=0);
-		int getTDECertificate(TQString certificateName, TQByteArray *certificate, TQString *errstr=0);
 		int setPasswordForUser(LDAPUserInfo user, TQString *errstr);
 
 		static int writePrimaryRealmCertificateUpdateCronFile(TQString *errstr=0);
-		static int installCACertificateInHostCAStore(TQString *errstr=0);
-		static int retrieveAndInstallCaCrl(LDAPManager* manager=0, TQString *errstr=0);
 		static TQString getMachineFQDN();
-		static int writeTDERealmList(LDAPRealmConfigList realms, TDESimpleConfig* config, TQString *errstr=0);
-		static LDAPRealmConfigList fetchAndReadTDERealmList(TQString *defaultRealm=0);
-		static LDAPRealmConfigList readTDERealmList(TDESimpleConfig* config, bool disableAllBonds=false);
+		static int writeTDERealmList(LDAPRealmConfigList realms, KSimpleConfig* config, TQString *errstr=0);
+		static LDAPRealmConfigList readTDERealmList(KSimpleConfig* config, bool disableAllBonds=false);
 		static TQDateTime getCertificateExpiration(TQString certfile);
-		static TQDateTime getCertificateExpiration(TQByteArray certfileContents);
 
-		static int generatePublicKerberosCACertificate(LDAPCertConfig certinfo, LDAPRealmConfig realmcfg);
+		static int generatePublicKerberosCACertificate(LDAPCertConfig certinfo);
 		static int generatePublicKerberosCertificate(LDAPCertConfig certinfo, LDAPRealmConfig realmcfg);
 		static int generatePublicLDAPCertificate(LDAPCertConfig certinfo, LDAPRealmConfig realmcfg, uid_t ldap_uid, gid_t ldap_gid);
 
-		static int generateClientCertificatePair(int expirydays, LDAPUserInfo user, LDAPRealmConfig realmcfg, TQString signingPrivateKeyFile, TQString privateKeyFile, TQString publicCertFile, int clientKeyBitLength=2048, TQString autoLoginPIN=TQString::null, TQString *errstr=0);
-		static int generateClientCertificatePrivateKey(TQString privateKeyFile, int clientKeyBitLength=2048, TQString *errstr=0);
-		static int generateClientCertificatePublicCertificate(int expirydays, LDAPUserInfo user, LDAPRealmConfig realmcfg, TQString signingPrivateKeyFile, TQString privateKeyFile, TQString publicCertFile, TQString autoLoginPIN=TQString::null, TQString *errstr=0);
-
-		int generatePKICRL(int expirydays, LDAPRealmConfig realmcfg, TQString crlFile, TQString signingPrivateKeyFile, TQString revocationDatabaseFile, TQString *errstr=0);
-
 		static TQString ldapdnForRealm(TQString realm);
-		static TQString openssldcForRealm(TQString realm);
 		static TQString cnFromDn(TQString dn);
 
 		static KerberosTicketInfoList getKerberosTicketList(TQString cache=TQString::null, TQString *cacheFileName=0);
-		static int getKerberosPassword(LDAPCredentials &creds, TQString prompt, bool requestServicePrincipal=false, bool allowSmartCard=false, TQWidget* parent=0);
+		static int getKerberosPassword(LDAPCredentials &creds, TQString prompt, bool requestServicePrincipal=false, TQWidget* parent=0);
 		static int obtainKerberosTicket(LDAPCredentials creds, TQString principal, TQString *errstr=0);
 		static int obtainKerberosServiceTicket(TQString principal, TQString *errstr=0);
 		static int destroyKerberosTicket(TQString principal, TQString *errstr=0);
@@ -577,28 +517,18 @@ class TDE_EXPORT LDAPManager : public TQObject {
 		static TQString detailedKAdminErrorMessage(TQString initialMessage);
 		static TQString readFullLineFromPtyProcess(PtyProcess* proc);
 
-		static LDAPClientRealmConfig loadClientRealmConfig(TDESimpleConfig* config, bool useDefaults=false);
-		static int saveClientRealmConfig(LDAPClientRealmConfig clientRealmConfig, TDESimpleConfig* config, TQString *errstr=0);
+		static LDAPClientRealmConfig loadClientRealmConfig(KSimpleConfig* config, bool useDefaults=false);
+		static int saveClientRealmConfig(LDAPClientRealmConfig clientRealmConfig, KSimpleConfig* config, TQString *errstr=0);
 		static int writeClientKrb5ConfFile(LDAPClientRealmConfig clientRealmConfig, LDAPRealmConfigList realmList, TQString *errstr=0);
 		static int writeLDAPConfFile(LDAPRealmConfig realmcfg, LDAPMachineRole machineRole, TQString *errstr=0);
 		static int writeNSSwitchFile(TQString *errstr=0);
-		static int writeOpenSSLConfigurationFile(LDAPRealmConfig realmcfg, TQString *errstr=0);
-		static int writeOpenSSLConfigurationFile(LDAPRealmConfig realmcfg, LDAPUserInfo user, TQString opensslConfigFile, TQString caRootKeyFile=TQString::null, TQString caRootCertFile=TQString::null, TQString caRootDatabaseFile=TQString::null, TQString autoLoginPIN=TQString::null, TQString *errstr=0);
 		static int writeClientCronFiles(TQString *errstr=0);
-		static int rehashClientPKCSCertificates(TQString *errstr=0);
 		static int writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr=0);
-		static bool pkcsLoginEnabled();
 
-		static int bondRealm(const TQString &adminUserName, const TQString &adminPassword,
-					const TQString &adminRealm, TQString *errstr=0);
-		static int unbondRealm(LDAPRealmConfig realmcfg, const TQString &adminUserName,
-					const TQString &adminPassword, const TQString &adminRealm, TQString *errstr=0);
+		static int bondRealm(TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0);
+		static int unbondRealm(LDAPRealmConfig realmcfg, TQString adminUserName, const char * adminPassword, TQString adminRealm, TQString *errstr=0);
 
 	private:
-		int bindKAdmin(LDAPCredentials *administrativeCredentials=NULL, TQString *errstr=0);
-		int unbindKAdmin(TQString *errstr=0);
-		int kAdminAddNewPrincipal(TQString principalName, TQString newPassword, TQString *errstr=0);
-		int kAdminDeletePrincipal(TQString principalName, TQString *errstr=0);
 		LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry);
 		LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry);
 		LDAPMachineInfo parseLDAPMachineRecord(LDAPMessage* entry);
@@ -607,7 +537,6 @@ class TDE_EXPORT LDAPManager : public TQObject {
 		LDAPMasterReplicationInfo parseLDAPMasterReplicationRecord(LDAPMasterReplicationInfo replicationinfo, LDAPMessage* entry);
 		TQString parseLDAPSyncProvOverlayConfigRecord(LDAPMessage* entry);
 		bool parseLDAPTDEStringAttribute(LDAPMessage* entry, TQString attribute, TQString& retval);
-		static TQString getOpenSSLVersion();
 
 	private:
 		TQString m_realm;
@@ -616,12 +545,6 @@ class TDE_EXPORT LDAPManager : public TQObject {
 		TQString m_basedc;
 		LDAPCredentials* m_creds;
 		LDAP *m_ldap;
-
-		// kadmin interface
-		krb5_context m_krb5admContext;
-		void* m_krb5admHandle;
-		char* m_krb5admKeytabFilename;
-		char* m_krb5admRealmName;
 };
 
 #endif // _LIBTDELDAP_H_