3 files changed, 134 insertions, 0 deletions

diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp
index ad2e313..d88bd34 100644
--- a/src/ldapcontroller.cpp
+++ b/src/ldapcontroller.cpp
@@ -45,6 +45,7 @@
 #include <tqcheckbox.h>
 #include <ktempdir.h>
 #include <kprocess.h>
+#include <knuminput.h>
 #include <tdesu/process.h>
 #include <libtdeldap.h>
 #include <tdefiledialog.h>
@@ -143,6 +144,10 @@ LDAPController::LDAPController(TQWidget *parent, const char *name, const TQStrin
 	connect(m_base->multiMasterReplicationMappings, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(multiMasterReplicationHighlighted()));
 	connect(m_base->multiMasterReplicationMappings, TQT_SIGNAL(executed(TQListViewItem*)), this, TQT_SLOT(modifySelectedMultiMasterReplication()));
 
+	connect(m_base->advancedCaCertExpiry, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(caCertExpiryChanged()));
+	connect(m_base->advancedKerberosCertExpiry, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(kerberosCertExpiryChanged()));
+	connect(m_base->advancedLdapCertExpiry, TQT_SIGNAL(valueChanged(int)), this, TQT_SLOT(ldapCertExpiryChanged()));
+
 	m_fqdn = LDAPManager::getMachineFQDN();
 	m_roleFullyConfigured = true;
 
@@ -378,6 +383,9 @@ void LDAPController::load() {
 
 	// Load cert config
 	m_systemconfig->setGroup("Certificates");
+	m_certconfig.caExpiryDays = m_systemconfig->readNumEntry("caExpiryDays", KERBEROS_PKI_PEMKEY_EXPIRY_DAYS);
+	m_certconfig.kerberosExpiryDays = m_systemconfig->readNumEntry("kerberosExpiryDays", KERBEROS_PKI_KRB_EXPIRY_DAYS);
+	m_certconfig.ldapExpiryDays = m_systemconfig->readNumEntry("ldapExpiryDays", KERBEROS_PKI_LDAP_EXPIRY_DAYS);
 	m_certconfig.countryName = m_systemconfig->readEntry("countryName");
 	m_certconfig.stateOrProvinceName = m_systemconfig->readEntry("stateOrProvinceName");
 	m_certconfig.localityName = m_systemconfig->readEntry("localityName");
@@ -461,6 +469,10 @@ void LDAPController::load() {
 			m_base->caSetMaster->setEnabled(true);
 		}
 
+		m_base->advancedCaCertExpiry->setValue(m_certconfig.caExpiryDays);
+		m_base->advancedKerberosCertExpiry->setValue(m_certconfig.kerberosExpiryDays);
+		m_base->advancedLdapCertExpiry->setValue(m_certconfig.ldapExpiryDays);
+
 		updateCertDisplay();
 		m_certRefreshTimer.start(60*1000);
 	}
@@ -908,6 +920,24 @@ void LDAPController::defaults() {
 	//
 }
 
+void LDAPController::caCertExpiryChanged() {
+	m_certconfig.caExpiryDays = m_base->advancedCaCertExpiry->value();
+
+	emit(changed());
+}
+
+void LDAPController::kerberosCertExpiryChanged() {
+	m_certconfig.kerberosExpiryDays = m_base->advancedKerberosCertExpiry->value();
+
+	emit(changed());
+}
+
+void LDAPController::ldapCertExpiryChanged() {
+	m_certconfig.ldapExpiryDays = m_base->advancedLdapCertExpiry->value();
+
+	emit(changed());
+}
+
 void LDAPController::save() {
 	TQString prevRole = m_systemconfig->readEntry("LDAPRole", "Workstation");
 
@@ -922,6 +952,9 @@ void LDAPController::save() {
 
 	// Write cert config
 	m_systemconfig->setGroup("Certificates");
+	m_systemconfig->writeEntry("caExpiryDays", m_certconfig.caExpiryDays);
+	m_systemconfig->writeEntry("kerberosExpiryDays", m_certconfig.kerberosExpiryDays);
+	m_systemconfig->writeEntry("ldapExpiryDays", m_certconfig.ldapExpiryDays);
 	m_systemconfig->writeEntry("countryName", m_certconfig.countryName);
 	m_systemconfig->writeEntry("stateOrProvinceName", m_certconfig.stateOrProvinceName);
 	m_systemconfig->writeEntry("localityName", m_certconfig.localityName);
diff --git a/src/ldapcontroller.h b/src/ldapcontroller.h
index bee45df..84bfc7c 100644
--- a/src/ldapcontroller.h
+++ b/src/ldapcontroller.h
@@ -90,6 +90,10 @@ class LDAPController: public TDECModule
 		void multiMasterReplicationHighlighted();
 		void modifySelectedMultiMasterReplication();
 
+		void caCertExpiryChanged();
+		void kerberosCertExpiryChanged();
+		void ldapCertExpiryChanged();
+
 	private:
 		int controlKAdminDaemon(sc_command command);
 		int controlSASLServer(sc_command command);
diff --git a/src/ldapcontrollerconfigbase.ui b/src/ldapcontrollerconfigbase.ui
index 3834e32..85a4a00 100644
--- a/src/ldapcontrollerconfigbase.ui
+++ b/src/ldapcontrollerconfigbase.ui
@@ -449,6 +449,103 @@
 							</widget>
 						</grid>
 					</widget>
+					<property name="name">
+						<cstring>unnamed</cstring>
+					</property>
+					<widget class="TQGroupBox" row="1" column="0">
+						<property name="name">
+							<cstring>groupCertificateExpiry</cstring>
+						</property>
+						<property name="title">
+							<string>Certificate Lifetime (days)</string>
+						</property>
+						<grid>
+							<property name="name">
+								<cstring>unnamed</cstring>
+							</property>
+							<widget class="TQLabel" row="0" column="0">
+								<property name="name">
+									<cstring>unnamed</cstring>
+								</property>
+								<property name="text">
+									<string>Certificate Authority:</string>
+								</property>
+							</widget>
+							<widget class="KIntNumInput" row="0" column="1" >
+								<property name="name">
+									<cstring>advancedCaCertExpiry</cstring>
+								</property>
+								<property name="minValue">
+									<number>1</number>
+								</property>
+								<property name="maxValue">
+									<number>7200</number>
+								</property>
+								<property name="sizePolicy">
+									<sizepolicy>
+										<hsizetype>0</hsizetype>
+										<vsizetype>0</vsizetype>
+										<horstretch>0</horstretch>
+										<verstretch>0</verstretch>
+									</sizepolicy>
+								</property>
+							</widget>
+							<widget class="TQLabel" row="1" column="0">
+								<property name="name">
+									<cstring>unnamed</cstring>
+								</property>
+								<property name="text">
+									<string>Kerberos:</string>
+								</property>
+							</widget>
+							<widget class="KIntNumInput" row="1" column="1" >
+								<property name="name">
+									<cstring>advancedKerberosCertExpiry</cstring>
+								</property>
+								<property name="minValue">
+									<number>1</number>
+								</property>
+								<property name="maxValue">
+									<number>7200</number>
+								</property>
+								<property name="sizePolicy">
+									<sizepolicy>
+										<hsizetype>0</hsizetype>
+										<vsizetype>0</vsizetype>
+										<horstretch>0</horstretch>
+										<verstretch>0</verstretch>
+									</sizepolicy>
+								</property>
+							</widget>
+							<widget class="TQLabel" row="2" column="0">
+								<property name="name">
+									<cstring>unnamed</cstring>
+								</property>
+								<property name="text">
+									<string>LDAP TLS:</string>
+								</property>
+							</widget>
+							<widget class="KIntNumInput" row="2" column="1" >
+								<property name="name">
+									<cstring>advancedLdapCertExpiry</cstring>
+								</property>
+								<property name="minValue">
+									<number>1</number>
+								</property>
+								<property name="maxValue">
+									<number>7200</number>
+								</property>
+								<property name="sizePolicy">
+									<sizepolicy>
+										<hsizetype>0</hsizetype>
+										<vsizetype>0</vsizetype>
+										<horstretch>0</horstretch>
+										<verstretch>0</verstretch>
+									</sizepolicy>
+								</property>
+							</widget>
+						</grid>
+					</widget>
 				</grid>
 			</widget>
 		</widget>