TDE
/
libtdeldap
mirror of https://mirror.git.trinitydesktop.org/gitea/TDE/libtdeldap
0
0
Fork 0
Code Issues Releases Wiki Activity

Write missing appdefaults section on client machines

Browse Source
pull/1/head
Timothy Pearson 10 years ago
parent d9172dad3c
commit 80c65755dc
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File

15
src/libtdeldap.cpp
Unescape View File

@ -4825,6 +4825,21 @@ int LDAPManager::writeClientKrb5ConfFile(LDAPClientRealmConfig clientRealmConfig
stream << "# All changes will be lost!\n";
stream << "\n";
// Appdefaults
stream << "[appdefaults]\n";
if (realmList.begin() != realmList.end()) {
LDAPRealmConfig realmcfg = *realmList.begin();
TQString ldap_certfile = LDAP_CERT_FILE;
TQString ldap_crlfile = LDAP_CERTREVOC_FILE;
ldap_certfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server);
ldap_crlfile.replace("@@@ADMINSERVER@@@", realmcfg.admin_server);
stream << " pkinit_anchors = FILE:" << ldap_certfile << "\n";
stream << " pkinit_revoke = FILE:" << ldap_crlfile << "\n";
}
stream << " pkinit_require_crl_checking = true\n";
stream << "\n";
// Defaults
stream << "[libdefaults]\n";
stream << " ticket_lifetime = " << clientRealmConfig.ticketLifetime << "\n";

1
src/libtdeldap.h
Unescape View File

@ -59,6 +59,7 @@
#define LDAP_CERT_FILE KERBEROS_PKI_PUBLICDIR "@@@ADMINSERVER@@@.ldap.crt"
#define LDAP_CERTKEY_FILE KERBEROS_PKI_PRIVATEDIR "@@@ADMINSERVER@@@.ldap.key"
#define LDAP_CERTREQ_FILE KERBEROS_PKI_PRIVATEDIR "@@@ADMINSERVER@@@.ldap.req"
#define LDAP_CERTREVOC_FILE KERBEROS_PKI_PUBLICDIR "@@@ADMINSERVER@@@.ldap.crl"
#define OPENSSL_EXTENSIONS_FILE TDE_CERTIFICATE_DIR "openssl.cfg"

Write Preview
Loading…
Cancel
Save