diff options
Diffstat (limited to 'cert-updater')
-rw-r--r-- | cert-updater/main.cpp | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/cert-updater/main.cpp b/cert-updater/main.cpp index 855324a..8c96f2e 100644 --- a/cert-updater/main.cpp +++ b/cert-updater/main.cpp @@ -68,7 +68,7 @@ void signalHandler(int signum) } } -int get_certificate_from_server(TQString certificateName, LDAPRealmConfig realmcfg) +int get_certificate_from_server(TQString certificateName, TQString certificateFileName, LDAPRealmConfig realmcfg) { int retcode = 0; TQString errorstring; @@ -85,8 +85,8 @@ int get_certificate_from_server(TQString certificateName, LDAPRealmConfig realmc ldap_mgr->writeSudoersConfFile(&errorstring); // Get and install the CA root certificate from LDAP - printf("[INFO] Updating certificate %s from LDAP\n", certificateName.ascii()); - if (ldap_mgr->getTDECertificate("publicRootCertificate", certificateName, &errorstring) != 0) { + printf("[INFO] Updating certificate %s from LDAP\n", certificateFileName.ascii()); + if (ldap_mgr->getTDECertificate(certificateName, certificateFileName, &errorstring) != 0) { printf("[ERROR] Unable to obtain root certificate for realm %s: %s", realmcfg.name.upper().ascii(), errorstring.ascii()); retcode = 1; } @@ -154,18 +154,18 @@ int main(int argc, char *argv[]) LDAPRealmConfigList::Iterator it; for (it = realms.begin(); it != realms.end(); ++it) { LDAPRealmConfig realmcfg = it.data(); - TQString certificateName = KERBEROS_PKI_PUBLICDIR + realmcfg.admin_server + ".ldap.crt"; + TQString certificateFileName = KERBEROS_PKI_PUBLICDIR + realmcfg.admin_server + ".ldap.crt"; TQDateTime certExpiry; TQDateTime soon = now.addDays(7); // Keep in sync with src/ldapcontroller.cpp - if (TQFile::exists(certificateName)) { - certExpiry = LDAPManager::getCertificateExpiration(certificateName); + if (TQFile::exists(certificateFileName)) { + certExpiry = LDAPManager::getCertificateExpiration(certificateFileName); if (certExpiry >= now) { - printf("[INFO] Certificate %s expires %s\n", certificateName.ascii(), certExpiry.toString().ascii()); fflush(stdout); + printf("[INFO] Certificate %s expires %s\n", certificateFileName.ascii(), certExpiry.toString().ascii()); fflush(stdout); } if ((certExpiry < now) || ((certExpiry >= now) && (certExpiry < soon))) { - if (get_certificate_from_server(certificateName, realmcfg) != 0) { + if (get_certificate_from_server("publicRootCertificate", certificateFileName, realmcfg) != 0) { allDownloadsOK = false; } } @@ -176,7 +176,7 @@ int main(int argc, char *argv[]) else { mkdir(TDE_CERTIFICATE_DIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH); mkdir(KERBEROS_PKI_PUBLICDIR, S_IRUSR|S_IWUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH); - if (get_certificate_from_server(certificateName, realmcfg) != 0) { + if (get_certificate_from_server("publicRootCertificate", certificateFileName, realmcfg) != 0) { allDownloadsOK = false; } } |