[yast-commit] r59911 - in /branches/SuSE-Code-11-SP1-Branch/ldap-server/src: agent/SlapdConfigAgent.cc lib/slapd-config.cpp lib/slapd-config.h - YaST Commits

2 Dec 2009

Author: rhafer
Date: Wed Dec  2 16:57:58 2009
New Revision: 59911

URL: http://svn.opensuse.org/viewcvs/yast?rev=59911&view=rev
Log:
Always add "tls_reqcert demand" to workaround bnc#558397)

Modified:
    branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc
    branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp
    branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h

Modified: branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc?rev=59911&r1=59910&r2=59911&view=diff
==============================================================================

--- branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/ldap-server/src/agent/SlapdConfigAgent.cc Wed Dec  2 16:57:58 2009
@@ -1709,6 +1709,7 @@
                             sr->setCredentials( cred );
                             // default retry (every 120 seconds)
                             sr->setRetryString( "120 +" );
+                            sr->setTlsReqCert("demand");
 
                             if ( starttls )
                             {

Modified: branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp?rev=59911&r1=59910&r2=59911&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp (original)
+++ branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.cpp Wed Dec  2 16:57:58 2009
@@ -846,6 +846,7 @@
 const std::string OlcSyncRepl::INTERVAL="interval";
 const std::string OlcSyncRepl::STARTTLS="starttls";
 const std::string OlcSyncRepl::RETRY="retry";
+const std::string OlcSyncRepl::TLS_REQCERT="tls_reqcert";
 
 OlcSyncRepl::OlcSyncRepl( const std::string &syncreplLine): 
         rid(1), 
@@ -944,6 +945,10 @@
             {
                 this->setRetryString(value);
             }
+            else if ( key == TLS_REQCERT )
+            {
+                this->setTlsReqCert(value);
+            }
             else
             {
                 otherValues.push_back(make_pair(key, value));
@@ -977,6 +982,10 @@
     {
         srlStream << "starttls=critical ";
     }
+    if (! this->tlsReqCert.empty() )
+    {
+        srlStream << "tls_reqcert=" << tlsReqCert  << " ";
+    }
     srlStream << "bindmethod=\"" << this->bindmethod << "\" "
               << "binddn=\"" << this->binddn << "\" "
               << "credentials=\"" << this->credentials << "\"";
@@ -1043,6 +1052,11 @@
     retryString = value;
 }
 
+void OlcSyncRepl::setTlsReqCert( const std::string &value )
+{
+    tlsReqCert = value;
+}
+
 int OlcSyncRepl::getRid() const
 {
     return rid;
@@ -1093,6 +1107,10 @@
     return starttls;
 }
 
+std::string OlcSyncRepl::getTlsReqCert() const
+{
+    return tlsReqCert;
+}
 
 OlcSecurity::OlcSecurity(const std::string &securityVal)
 {

Modified: branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h?rev=59911&r1=59910&r2=59911&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h (original)
+++ branches/SuSE-Code-11-SP1-Branch/ldap-server/src/lib/slapd-config.h Wed Dec  2 16:57:58 2009
@@ -252,6 +252,7 @@
         const static std::string INTERVAL;
         const static std::string STARTTLS;
         const static std::string RETRY;
+        const static std::string TLS_REQCERT;
 
         std::string toSyncReplLine() const;
 
@@ -265,6 +266,7 @@
         void setInterval( int days, int hours, int mins, int secs );
         void setStartTls( StartTls tls );
         void setRetryString( const std::string &value );
+        void setTlsReqCert( const std::string &value );
 
         int getRid() const;
         LDAPUrl getProvider() const;
@@ -275,6 +277,7 @@
         std::string getCredentials() const;
         void getInterval( int &days, int &hours, int &mins, int &secs ) const;
         StartTls getStartTls() const;
+        std::string getTlsReqCert() const;
 
     private:
         int rid;
@@ -285,6 +288,7 @@
         std::string binddn;
         std::string credentials;
         std::string retryString;
+        std::string tlsReqCert;
         int refreshOnlyDays;
         int refreshOnlyHours;
         int refreshOnlyMins;

-- 
To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org
For additional commands, e-mail: yast-commit+help@opensuse.org

    

[yast-commit] r59911 - in /branches/SuSE-Code-11-SP1-Branch/ldap-server/src: agent/SlapdConfigAgent.cc lib/slapd-config.cpp lib/slapd-config.h

rhafer＠svn.opensuse.org

tags

participants (1)