From bf4dbda9682241deffb3ec704e2597a12496d2a8 Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Tue, 5 Jun 2012 03:15:33 -0500 Subject: [PATCH] Add (inactive) certificate configuration page --- src/Makefile.am | 2 +- src/certconfigpage.cpp | 119 ++++++++++++++++++++++ src/certconfigpage.h | 54 ++++++++++ src/certconfigpagedlg.ui | 206 +++++++++++++++++++++++++++++++++++++++ src/ldapcontroller.cpp | 3 + src/realmintropagedlg.ui | 2 +- src/realmwizard.cpp | 29 ++++-- src/realmwizard.h | 2 + 8 files changed, 405 insertions(+), 12 deletions(-) create mode 100644 src/certconfigpage.cpp create mode 100644 src/certconfigpage.h create mode 100644 src/certconfigpagedlg.ui diff --git a/src/Makefile.am b/src/Makefile.am index 04a1a71..da959c7 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -4,7 +4,7 @@ METASOURCES = AUTO # Install this plugin in the KDE modules directory kde_module_LTLIBRARIES = kcm_ldapcontroller.la -kcm_ldapcontroller_la_SOURCES = ldapcontroller.cpp ldapcontrollerconfigbase.ui realmwizard.cpp realmintropagedlg.ui realmintropage.cpp realmconfigpagedlg.ui realmconfigpage.cpp realmfinishpagedlg.ui realmfinishpage.cpp processingdialog.cpp sha1.cc +kcm_ldapcontroller_la_SOURCES = ldapcontroller.cpp ldapcontrollerconfigbase.ui realmwizard.cpp realmintropagedlg.ui certconfigpagedlg.ui certconfigpage.cpp realmintropage.cpp realmconfigpagedlg.ui realmconfigpage.cpp realmfinishpagedlg.ui realmfinishpage.cpp processingdialog.cpp sha1.cc kcm_ldapcontroller_la_LIBADD = -lkio $(LIB_TDEUI) -ltdeldap kcm_ldapcontroller_la_LDFLAGS = -avoid-version -module -no-undefined \ $(all_libraries) diff --git a/src/certconfigpage.cpp b/src/certconfigpage.cpp new file mode 100644 index 0000000..1e94336 --- /dev/null +++ b/src/certconfigpage.cpp @@ -0,0 +1,119 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * kb9vqf@pearsoncomputing.net * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "certconfigpage.h" + +CertConfigPage::CertConfigPage(TQWidget *parent, const char *name ) : CertConfigPageDlg(parent,name) { + + px_introSidebar->setPixmap(UserIcon("step2.png")); + + connect(generateKeysEnabled, TQT_SIGNAL(stateChanged(int)), this, TQT_SLOT(setUseGeneratedKeys(int))); + connect(generateKeysDisabled, TQT_SIGNAL(stateChanged(int)), this, TQT_SLOT(setUseProvidedKeys(int))); + + connect(kerberosPEM, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(validateEntries())); + connect(kerberosCRT, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(validateEntries())); + connect(kerberosKEY, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(validateEntries())); + connect(ldapCRT, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(validateEntries())); + connect(ldapKEY, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(validateEntries())); + + m_parentWizard = dynamic_cast(parent); + m_parentDialog = dynamic_cast(parent); +} + +CertConfigPage::~CertConfigPage() { + // +} + +void CertConfigPage::setUseGeneratedKeys(int state) { + if (state == TQButton::On) { + generateKeysDisabled->setChecked(false); + + processLockouts(); + validateEntries(); + } +} + +void CertConfigPage::setUseProvidedKeys(int state) { + if (state == TQButton::On) { + generateKeysEnabled->setChecked(false); + + processLockouts(); + validateEntries(); + } +} + +void CertConfigPage::processLockouts() { + kerberosPEM->setEnabled(generateKeysDisabled->isOn()); + kerberosCRT->setEnabled(generateKeysDisabled->isOn()); + kerberosKEY->setEnabled(generateKeysDisabled->isOn()); + ldapCRT->setEnabled(generateKeysDisabled->isOn()); + ldapKEY->setEnabled(generateKeysDisabled->isOn()); +} + +void CertConfigPage::validateEntries() { + if (m_parentWizard) { + if (generateKeysEnabled->isOn()) { + m_parentWizard->nextButton()->setEnabled(true); + } + else { + if ((kerberosPEM->url() != "") && (kerberosCRT->url() != "") && (kerberosKEY->url() != "") && (ldapCRT->url() != "") && (ldapKEY->url() != "")) { + m_parentWizard->nextButton()->setEnabled(true); + } + else { + m_parentWizard->nextButton()->setEnabled(false); + } + } + } + if (m_parentDialog) { + if (generateKeysEnabled->isOn()) { + m_parentDialog->enableButton(KDialogBase::Ok, true); + } + else { + if ((kerberosPEM->url() != "") && (kerberosCRT->url() != "") && (kerberosKEY->url() != "") && (ldapCRT->url() != "") && (ldapKEY->url() != "")) { + m_parentDialog->enableButton(KDialogBase::Ok, true); + } + else { + m_parentDialog->enableButton(KDialogBase::Ok, false); + } + } + } +} + +#include "certconfigpage.moc" diff --git a/src/certconfigpage.h b/src/certconfigpage.h new file mode 100644 index 0000000..57259fc --- /dev/null +++ b/src/certconfigpage.h @@ -0,0 +1,54 @@ +/*************************************************************************** + * Copyright (C) 2012 by Timothy Pearson * + * kb9vqf@pearsoncomputing.net * + * * + * This program is free software; you can redistribute it and/or modify * + * it under the terms of the GNU General Public License as published by * + * the Free Software Foundation; either version 2 of the License, or * + * (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program; if not, write to the * + * Free Software Foundation, Inc., * + * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + ***************************************************************************/ + +#ifndef CERTCONFIGPAGE_H +#define CERTCONFIGPAGE_H + +#include + +#include "certconfigpagedlg.h" + +class TQStringList; + +/**Abstract class for the first wizard page. Sets the according selection on save() + *@author Timothy Pearson + */ + +class CertConfigPage : public CertConfigPageDlg { + Q_OBJECT + +public: + CertConfigPage(TQWidget *parent=0, const char *name=0); + ~CertConfigPage(); + +public slots: + void validateEntries(); + void processLockouts(); + +private slots: + void setUseGeneratedKeys(int state); + void setUseProvidedKeys(int state); + +private: + KWizard* m_parentWizard; + KDialogBase* m_parentDialog; +}; + +#endif diff --git a/src/certconfigpagedlg.ui b/src/certconfigpagedlg.ui new file mode 100644 index 0000000..80d64da --- /dev/null +++ b/src/certconfigpagedlg.ui @@ -0,0 +1,206 @@ + + CertConfigPageDlg + + + CertConfigPageDlg + + + + 0 + 0 + 678 + 452 + + + + + unnamed + + + + px_introSidebar + + + + 0 + 0 + 0 + 0 + + + + + 170 + 430 + + + + Panel + + + Sunken + + + true + + + 0 + + + + + groupCertInfo + + + Realm Certificate Information (required) + + + + unnamed + + + + generateKeysEnabled + + + Generate New Certificates and Keys + + + + + generateKeysDisabled + + + Install Provided Certificates and Keys + + + + + unnamed + + + Kerberos PKI Anchor + + + + + kerberosPEM + + + 25 + + + *.pem|PKI Anchor Files (*.pem) + + + + + unnamed + + + Kerberos Public Certificate + + + + + kerberosCRT + + + 25 + + + *.crt|Public Certificate (*.crt) + + + + + unnamed + + + Kerberos Private Key + + + + + kerberosKEY + + + 25 + + + *.key|Private Key (*.key) + + + + + unnamed + + + LDAP TLS Public Certificate + + + + + ldapCRT + + + 25 + + + *.crt|Public Certificate (*.crt) + + + + + unnamed + + + LDAP TLS Private Key + + + + + ldapKEY + + + 25 + + + *.key|Private Key (*.key) + + + + + + + Spacer6 + + + Vertical + + + Fixed + + + + 20 + 30 + + + + + + Spacer5 + + + Vertical + + + Expanding + + + + + + + diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp index 87c6949..58cfff1 100644 --- a/src/ldapcontroller.cpp +++ b/src/ldapcontroller.cpp @@ -692,6 +692,9 @@ int LDAPController::createNewLDAPRealm(TQWidget* dialogparent, LDAPRealmConfig r pdialog.setActiveWindow(); tqApp->processEvents(); + // RAJA FIXME + // Threading would be a good idea here, to keep the GUI responsive while the backend code works + // Reset improperly uninitialized variables realmconfig.bonded = true; diff --git a/src/realmintropagedlg.ui b/src/realmintropagedlg.ui index 3b4c649..fabd670 100644 --- a/src/realmintropagedlg.ui +++ b/src/realmintropagedlg.ui @@ -68,7 +68,7 @@ - <p>This Wizard will help you create a new LDAP realm in three quick, easy steps.</p> + <p>This Wizard will help you create a new LDAP realm in four quick, easy steps.</p> <p>Please note that this Wizard will overwrite any existing LDAP realms and data.</p> <p>If you wish to quit the Wizard, click <b>Cancel</b> at any time.</p> <p><b>NOTE:</b> Kerberos and LDAP rely heavily on proper DNS resolution in order to function correctly. Therefore, you must have functional forward and reverse DNS entries for this system in order to complete this Wizard.</p> diff --git a/src/realmwizard.cpp b/src/realmwizard.cpp index a0f4ced..1676ca5 100644 --- a/src/realmwizard.cpp +++ b/src/realmwizard.cpp @@ -29,6 +29,7 @@ #include #include #include +#include #include #include @@ -51,6 +52,7 @@ #include "realmintropage.h" #include "realmconfigpage.h" +#include "certconfigpage.h" #include "realmfinishpage.h" #include "realmwizard.h" @@ -69,10 +71,14 @@ RealmWizard::RealmWizard(LDAPController* controller, TQString fqdn, TQWidget *pa addPage (realmpage, i18n( "Step 2: Set Up New Realm" ) ); setHelpEnabled(TQWizard::page(1), false); - finishpage = new RealmFinishPage(this); - addPage (finishpage, i18n( "Step 3: Initialize New Realm" ) ); + certpage = new CertConfigPage(this); + addPage (certpage, i18n( "Step 3: Set Up Certificates" ) ); setHelpEnabled(TQWizard::page(2), false); + finishpage = new RealmFinishPage(this); + addPage (finishpage, i18n( "Step 4: Initialize New Realm" ) ); + setHelpEnabled(TQWizard::page(3), false); + // Set up some defaults realmpage->txtKDCPort->setValue(88); realmpage->txtAdminServerPort->setValue(749); @@ -88,6 +94,7 @@ RealmWizard::RealmWizard(LDAPController* controller, TQString fqdn, TQWidget *pa realmpage->txtKDC->setText(m_fqdn); realmpage->txtAdminServer->setText(m_fqdn); realmpage->realmNameChanged(); + certpage->generateKeysEnabled->setChecked(true); finishpage->ldapAdminGroupname->setText("realmadmins"); finishpage->ldapMachineAdminGroupname->setText("machineadmins"); @@ -97,7 +104,7 @@ RealmWizard::RealmWizard(LDAPController* controller, TQString fqdn, TQWidget *pa // Kerberos won't work unless the DNS suffix matches the realm name realmpage->txtRealmName->setEnabled(false); - setFinishEnabled(TQWizard::page(2), true); + setFinishEnabled(TQWizard::page(3), true); setPosition(); } @@ -128,6 +135,14 @@ void RealmWizard::next() { m_realmconfig.win2k_pkinit_require_binding = realmpage->checkWin2kPkinitRequireBinding->isChecked(); finishpage->ldapAdminRealm->setText(realmpage->txtRealmName->text()); + TQWizard::next(); + certpage->processLockouts(); + certpage->validateEntries(); + } + else if (currentPage()==certpage) { + // RAJA FIXME + // What to do with the certificate information? + TQWizard::next(); finishpage->validateEntries(); } @@ -150,17 +165,11 @@ bool RealmWizard::askClose(){ return true; } else { - if (currentPage()==realmpage) { + if ((currentPage()==certpage) || (currentPage()==finishpage)) { text = i18n("

Are you sure you want to quit the LDAP Realm Wizard?

" "

If yes, click Quit and all changes will be lost." "
If not, click Cancel to return and finish your setup.

"); } - else if (currentPage()==finishpage) { - // RAJA FIXME - text = i18n("

Are you sure you want to quit the LDAP Realm Wizard?

" - "

If yes, click Quit and the new realm will remain deactivated pending bonding." - "
If not, click Cancel to return and finish your setup.

"); - } else { text = i18n("

Are you sure you want to quit the LDAP Realm Wizard?

" "

If not, click Cancel to return and finish setup.

"); diff --git a/src/realmwizard.h b/src/realmwizard.h index 35624e7..f913a02 100644 --- a/src/realmwizard.h +++ b/src/realmwizard.h @@ -34,6 +34,7 @@ class KLanguageCombo; class RealmIntroPage; class RealmConfigPage; +class CertConfigPage; class RealmFinishPage; /** RealmWizard is the base class of the project */ @@ -69,6 +70,7 @@ private: private: RealmIntroPage* intropage; RealmConfigPage* realmpage; + CertConfigPage* certpage; RealmFinishPage* finishpage; bool realm_dirty; LDAPController* m_controller;