Author: rhafer Date: Mon Jul 18 15:31:49 2011 New Revision: 64875 URL: http://svn.opensuse.org/viewcvs/yast?rev=64875&view=rev Log: Allow to set a CA Certificate when setting up a slave (bnc#706447) Modified: branches/SuSE-Code-11-SP2-Branch/ldap-server/src/agent/SlapdConfigAgent.cc branches/SuSE-Code-11-SP2-Branch/ldap-server/src/dialogs.ycp Modified: branches/SuSE-Code-11-SP2-Branch/ldap-server/src/agent/SlapdConfigAgent.cc URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap-server/src/agent/SlapdConfigAgent.cc?rev=64875&r1=64874&r2=64875&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap-server/src/agent/SlapdConfigAgent.cc (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap-server/src/agent/SlapdConfigAgent.cc Mon Jul 18 15:31:49 2011 @@ -203,6 +203,11 @@ } else { + TlsOptions tls = m_lc->getTlsOptions(); + if ( ! argMap->value(YCPString("cacert")).isNull() ) + { + tls.setOption( TlsOptions::CACERTFILE, argMap->value( YCPString("cacert"))->asString()->value_cstr() ); + } if ( argMap->value(YCPString("starttls"))->asBoolean()->value() ) { m_lc->start_tls(); Modified: branches/SuSE-Code-11-SP2-Branch/ldap-server/src/dialogs.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap-server/src/dialogs.ycp?rev=64875&r1=64874&r2=64875&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap-server/src/dialogs.ycp (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap-server/src/dialogs.ycp Mon Jul 18 15:31:49 2011 @@ -800,7 +800,17 @@ ) ), `VSpacing(0.3), - `Password( `id( `te_config_cred ), `opt(`hstretch), _("Administration Password for the \"cn=config\" Database"), "" ) + `Password( `id( `te_config_cred ), `opt(`hstretch), _("Administration Password for the \"cn=config\" Database"), "" ), + `VSpacing(0.3), + `VSquash( + `HBox( + `InputField( `id( `te_ca_file ), `opt( `hstretch ), _("C&A Certificate File (PEM Format)") ), + `HSpacing( 0.5 ), + `Bottom( + `PushButton( `id( `pb_ca_file ), _("Bro&wse...") ) + ) + ) + ) ) ); @@ -810,9 +820,12 @@ Label::BackButton(), Label::NextButton() ); any ret = nil; + string cacert = "/etc/ssl/certs/YaST-CA.pem"; + while ( true ) { UI::ChangeWidget(`cb_start_tls, `Enabled, false ); + UI::ChangeWidget(`te_ca_file, `Value, cacert ); map synbase = LdapServer::ReadSyncreplBaseConfig(); if ( size(synbase) > 0 ) { @@ -830,8 +843,23 @@ ret = UI::UserInput(); } y2milestone( "SlaveSetupDialog: seeing return value '%1'", ret ); - if ( ret == `next ) + if( ret == `pb_ca_file ) + { + string name = UI::AskForExistingFile( "/etc/ssl/certs", "*.pem *.crt *", _("Select CA Certificate File") ); + if( name != nil ) + { + cacert = name; + } + continue; + } + else if ( ret == `next ) { + if ( cacert == "" || cacert == nil ) + { + Popup::Error( _("Please select a valid CA Certificate File") ); + continue; + } + // test connection map<string,any> provider = $[ "protocol" : (string)UI::QueryWidget( `cb_sync_prot, `Value ), @@ -852,6 +880,11 @@ testparm = add(testparm, "basedn", "cn=config" ); testparm = add(testparm, "binddn", "cn=config" ); testparm = add(testparm, "credentials", (string)UI::QueryWidget(`te_config_cred, `Value) ); + if ( cacert != "" && cacert != nil ) + { + testparm = add( testparm, "cacert", cacert ); + } + if (! LdapServer::ReadModeInstProposal() ) // Doing these checks during installation will // most probably fail { -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org