From 3b5b7d6a6c85348741c9bfc9533a01a709292067 Mon Sep 17 00:00:00 2001 From: Timothy Pearson Date: Sat, 19 Sep 2015 19:23:37 -0500 Subject: [PATCH] Add autopin option to user configuration --- src/userconfigbase.ui | 18 ++++++++++++++++-- src/userconfigdlg.cpp | 21 ++++++++++++++++++++- 2 files changed, 36 insertions(+), 3 deletions(-) diff --git a/src/userconfigbase.ui b/src/userconfigbase.ui index 4439222..581d1c8 100644 --- a/src/userconfigbase.ui +++ b/src/userconfigbase.ui @@ -935,7 +935,21 @@ 17 - + + + enableAutoPIN + + + Store PIN in certificate + + + + + autoPIN + + + + createCertificate @@ -943,7 +957,7 @@ Generate New PKI Certificate - + unnamed_layoutwidget1 diff --git a/src/userconfigdlg.cpp b/src/userconfigdlg.cpp index 9e90065..13d4b26 100644 --- a/src/userconfigdlg.cpp +++ b/src/userconfigdlg.cpp @@ -81,6 +81,8 @@ UserConfigDialog::UserConfigDialog(LDAPUserInfo user, LDAPConfig* parent, const connect(m_base->certGenPrivateKey, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); connect(m_base->certPrivateKeyFileName, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(processLockouts())); connect(m_base->certPublicCertFileName, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(processLockouts())); + connect(m_base->enableAutoPIN, TQT_SIGNAL(clicked()), this, TQT_SLOT(processLockouts())); + connect(m_base->autoPIN, TQT_SIGNAL(textChanged(const TQString&)), this, TQT_SLOT(processLockouts())); connect(m_base->createCertificate, TQT_SIGNAL(clicked()), this, TQT_SLOT(createPKICertificate())); connect(m_base->revokeCertificate, TQT_SIGNAL(clicked()), this, TQT_SLOT(revokePKICertificate())); connect(m_base->downloadCertificate, TQT_SIGNAL(clicked()), this, TQT_SLOT(downloadPKICertificate())); @@ -243,6 +245,13 @@ void UserConfigDialog::processLockouts() { m_base->passwordMinAge->setEnabled(false); } + if (m_base->enableAutoPIN->isChecked()) { + m_base->autoPIN->setEnabled(true); + } + else { + m_base->autoPIN->setEnabled(false); + } + // Disable the primary group checkbox in the group list TQListViewItemIterator it(m_base->secondary_group_list); while (it.current()) { @@ -287,6 +296,11 @@ void UserConfigDialog::processLockouts() { ok_enabled = false; } } + if (m_base->enableAutoPIN->isChecked()) { + if (m_base->autoPIN->text() == "") { + ok_enabled = false; + } + } m_base->createCertificate->setEnabled(ok_enabled); TQListViewItem* lvi = m_base->certPKIDatabaseList->selectedItem(); @@ -342,7 +356,12 @@ void UserConfigDialog::createPKICertificate() { } caPrivateKeyTempFile.sync(); - ret = LDAPManager::generateClientCertificatePublicCertificate(expirydays, m_user, realms[m_ldapconfig->m_ldapmanager->realm()], caPrivateKeyTempFile.name(), m_base->certPrivateKeyFileName->url(), m_base->certPublicCertFileName->url()); + if (m_base->enableAutoPIN->isChecked()) { + ret = LDAPManager::generateClientCertificatePublicCertificate(expirydays, m_user, realms[m_ldapconfig->m_ldapmanager->realm()], caPrivateKeyTempFile.name(), m_base->certPrivateKeyFileName->url(), m_base->certPublicCertFileName->url(), m_base->autoPIN->text()); + } + else { + ret = LDAPManager::generateClientCertificatePublicCertificate(expirydays, m_user, realms[m_ldapconfig->m_ldapmanager->realm()], caPrivateKeyTempFile.name(), m_base->certPrivateKeyFileName->url(), m_base->certPublicCertFileName->url()); + } // Delete the private key as soon as possible after certificate signing caPrivateKeyTempFile.unlink();