2 * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 2003-2011 Match Grun and the Claws Mail team
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 * Functions for LDAP control data.
36 #include "passcrypt.h"
37 #include "editaddress_other_attributes_ldap.h"
38 #include "common/utils.h"
39 #include "common/quoted-printable.h"
42 * Create new LDAP control block object.
43 * \return Initialized control object.
45 LdapControl *ldapctl_create( void ) {
48 ctl = g_new0( LdapControl, 1 );
50 ctl->port = LDAPCTL_DFL_PORT;
54 ctl->listCriteria = NULL;
55 ctl->attribEMail = g_strdup( LDAPCTL_ATTR_EMAIL );
56 ctl->attribCName = g_strdup( LDAPCTL_ATTR_COMMONNAME );
57 ctl->attribFName = g_strdup( LDAPCTL_ATTR_GIVENNAME );
58 ctl->attribLName = g_strdup( LDAPCTL_ATTR_SURNAME );
59 ctl->attribDName = g_strdup( LDAPCTL_ATTR_DISPLAYNAME );
60 ctl->maxEntries = LDAPCTL_MAX_ENTRIES;
61 ctl->timeOut = LDAPCTL_DFL_TIMEOUT;
62 ctl->maxQueryAge = LDAPCTL_DFL_QUERY_AGE;
63 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
65 ctl->enableTLS = FALSE;
66 ctl->enableSSL = FALSE;
68 /* Mutex to protect control block */
69 ctl->mutexCtl = g_malloc0( sizeof( pthread_mutex_t ) );
70 pthread_mutex_init( ctl->mutexCtl, NULL );
76 * Specify hostname to be used.
77 * \param ctl Control object to process.
78 * \param value Host name.
80 void ldapctl_set_host( LdapControl* ctl, const gchar *value ) {
81 ctl->hostName = mgu_replace_string( ctl->hostName, value );
83 if ( ctl->hostName == NULL )
86 g_strstrip( ctl->hostName );
87 debug_print("setting hostname: %s\n", ctl->hostName);
91 * Specify port to be used.
92 * \param ctl Control object to process.
95 void ldapctl_set_port( LdapControl* ctl, const gint value ) {
100 ctl->port = LDAPCTL_DFL_PORT;
102 debug_print("setting port: %d\n", ctl->port);
106 * Specify base DN to be used.
107 * \param ctl Control object to process.
108 * \param value Base DN.
110 void ldapctl_set_base_dn( LdapControl* ctl, const gchar *value ) {
111 ctl->baseDN = mgu_replace_string( ctl->baseDN, value );
113 if ( ctl->baseDN == NULL )
116 g_strstrip( ctl->baseDN );
117 debug_print("setting baseDN: %s\n", ctl->baseDN);
121 * Specify bind DN to be used.
122 * \param ctl Control object to process.
123 * \param value Bind DN.
125 void ldapctl_set_bind_dn( LdapControl* ctl, const gchar *value ) {
126 ctl->bindDN = mgu_replace_string( ctl->bindDN, value );
128 if ( ctl->bindDN == NULL )
131 g_strstrip( ctl->bindDN );
132 debug_print("setting bindDN: %s\n", ctl->bindDN);
136 * Specify bind password to be used.
137 * \param ctl Control object to process.
138 * \param value Password.
139 * \param encrypt Encrypt password
140 * \param change Save encrypted
142 void ldapctl_set_bind_password(
143 LdapControl* ctl, const gchar *value, gboolean encrypt, gboolean change ) {
146 ctl->bindPass = mgu_replace_string( ctl->bindPass, value );
148 if ( ctl->bindPass == NULL )
151 g_strstrip( ctl->bindPass );
155 /* If first char is not ! the password is not encrypted */
156 if (ctl->bindPass[0] == '!' || change) {
157 if (ctl->bindPass[0] != '!' && change)
158 buf = mgu_replace_string( buf, ctl->bindPass );
160 if (ctl->bindPass[1] != '|')
161 buf = mgu_replace_string( buf, ctl->bindPass + 1 );
163 /* quoted printable decode */
164 buf = mgu_replace_string( buf, ctl->bindPass + 2 );
169 passcrypt_encrypt( buf, strlen(buf) );
170 if (ctl->bindPass[0] != '!' && change) {
171 /* quoted printable encode */
172 tmp = g_malloc0(qp_get_q_encoding_len(buf) + 1);
173 qp_q_encode(tmp, buf);
175 buf = g_strconcat( "!|", tmp, NULL );
179 ctl->bindPass = mgu_replace_string( ctl->bindPass, buf );
184 debug_print("setting bindPassword\n");
188 * Fetch bind password to be used.
189 * \param ctl Control object to process.
190 * \return Decrypted password.
192 gchar* ldapctl_get_bind_password( LdapControl* ctl ) {
193 gchar *pwd = NULL, *buf;
195 if ( ctl->bindPass != NULL ) {
196 pwd = mgu_replace_string( pwd, ctl->bindPass );
197 /* If first char is not ! the password is not encrypted */
198 if (pwd && pwd[0] == '!') {
199 if (pwd[1] && pwd[1] == '|') {
200 buf = g_strdup(pwd + 2);
201 /* quoted printable decode */
205 buf = g_strdup(pwd + 1);
209 passcrypt_decrypt( buf, strlen(buf) );
216 debug_print("getting bindPassword\n");
222 * Specify maximum number of entries to retrieve.
223 * \param ctl Control object to process.
224 * \param value Maximum entries.
226 void ldapctl_set_max_entries( LdapControl* ctl, const gint value ) {
228 ctl->maxEntries = value;
231 ctl->maxEntries = LDAPCTL_MAX_ENTRIES;
233 debug_print("setting maxEntries: %d\n", ctl->maxEntries);
237 * Specify timeout value for LDAP operation (in seconds).
238 * \param ctl Control object to process.
239 * \param value Timeout.
241 void ldapctl_set_timeout( LdapControl* ctl, const gint value ) {
243 ctl->timeOut = value;
246 ctl->timeOut = LDAPCTL_DFL_TIMEOUT;
248 debug_print("setting timeOut: %d\n", ctl->timeOut);
252 * Specify maximum age of query (in seconds) before query is retired.
253 * \param ctl Control object to process.
254 * \param value Maximum age.
256 void ldapctl_set_max_query_age( LdapControl* ctl, const gint value ) {
257 if( value > LDAPCTL_MAX_QUERY_AGE ) {
258 ctl->maxQueryAge = LDAPCTL_MAX_QUERY_AGE;
260 else if( value < 1 ) {
261 ctl->maxQueryAge = LDAPCTL_DFL_QUERY_AGE;
264 ctl->maxQueryAge = value;
266 debug_print("setting maxAge: %d\n", ctl->maxQueryAge);
270 * Specify matching option to be used for searches.
271 * \param ctl Control object to process.
272 * \param value Matching option, as follows:
274 * <li><code>LDAPCTL_MATCH_BEGINWITH</code> for "begins with" search</li>
275 * <li><code>LDAPCTL_MATCH_CONTAINS</code> for "contains" search</li>
278 void ldapctl_set_matching_option( LdapControl* ctl, const gint value ) {
279 if( value < LDAPCTL_MATCH_BEGINWITH ) {
280 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
282 else if( value > LDAPCTL_MATCH_CONTAINS ) {
283 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
286 ctl->matchingOption = value;
288 debug_print("setting matchingOption: %d\n", ctl->matchingOption);
292 * Specify TLS option.
293 * \param ctl Control object to process.
294 * \param value <i>TRUE</i> to enable TLS.
296 void ldapctl_set_tls( LdapControl* ctl, const gboolean value ) {
298 ctl->enableTLS = value;
299 debug_print("setting TLS: %d\n", ctl->enableTLS);
303 void ldapctl_set_ssl( LdapControl* ctl, const gboolean value ) {
305 ctl->enableSSL = value;
306 debug_print("setting SSL: %d\n", ctl->enableSSL);
311 * Return search criteria list.
312 * \param ctl Control data object.
313 * \return Linked list of character strings containing LDAP attribute names to
314 * use for a search. This should not be modified directly. Use the
315 * <code>ldapctl_set_criteria_list()</code>,
316 * <code>ldapctl_criteria_list_clear()</code> and
317 * <code>ldapctl_criteria_list_add()</code> functions for this purpose.
319 GList *ldapctl_get_criteria_list( const LdapControl* ctl ) {
320 cm_return_val_if_fail( ctl != NULL, NULL );
321 return ctl->listCriteria;
325 * Clear list of LDAP search attributes.
326 * \param ctl Control data object.
328 void ldapctl_criteria_list_clear( LdapControl *ctl ) {
329 cm_return_if_fail( ctl != NULL );
330 mgu_free_dlist( ctl->listCriteria );
331 ctl->listCriteria = NULL;
335 * Add LDAP attribute to criteria list.
336 * \param ctl Control object to process.
337 * \param attr Attribute name to append. If not NULL and unique, a copy will
338 * be appended to the list.
340 void ldapctl_criteria_list_add( LdapControl *ctl, gchar *attr ) {
341 cm_return_if_fail( ctl != NULL );
343 if( mgu_list_test_unq_nc( ctl->listCriteria, attr ) ) {
344 debug_print("adding to criteria list: %s\n", attr);
345 ctl->listCriteria = g_list_append(
346 ctl->listCriteria, g_strdup( attr ) );
352 * Clear LDAP server member variables.
353 * \param ctl Control object to clear.
355 static void ldapctl_clear( LdapControl *ctl ) {
356 cm_return_if_fail( ctl != NULL );
358 debug_print("clearing ldap controller members\n");
359 /* Free internal stuff */
360 g_free( ctl->hostName );
361 g_free( ctl->baseDN );
362 g_free( ctl->bindDN );
363 g_free( ctl->bindPass );
364 g_free( ctl->attribEMail );
365 g_free( ctl->attribCName );
366 g_free( ctl->attribFName );
367 g_free( ctl->attribLName );
368 g_free( ctl->attribDName );
370 ldapctl_criteria_list_clear( ctl );
373 ctl->hostName = NULL;
377 ctl->bindPass = NULL;
378 ctl->attribEMail = NULL;
379 ctl->attribCName = NULL;
380 ctl->attribFName = NULL;
381 ctl->attribLName = NULL;
382 ctl->attribDName = NULL;
385 ctl->maxQueryAge = 0;
386 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
388 ctl->enableTLS = FALSE;
389 ctl->enableSSL = FALSE;
393 * Free up LDAP server interface object by releasing internal memory.
394 * \param ctl Control object to free.
396 void ldapctl_free( LdapControl *ctl ) {
397 cm_return_if_fail( ctl != NULL );
399 debug_print("releasing requested memory for ldap controller\n");
400 /* Free internal stuff */
401 ldapctl_clear( ctl );
404 pthread_mutex_destroy( ctl->mutexCtl );
405 g_free( ctl->mutexCtl );
406 ctl->mutexCtl = NULL;
408 /* Now release LDAP control object */
413 * Display object to specified stream.
414 * \param ctl Control object to process.
415 * \param stream Output stream.
417 void ldapctl_print( const LdapControl *ctl, FILE *stream ) {
418 cm_return_if_fail( ctl != NULL );
421 pthread_mutex_lock( ctl->mutexCtl );
422 fprintf( stream, "LdapControl:\n" );
423 fprintf( stream, "host name: '%s'\n", ctl->hostName?ctl->hostName:"null" );
424 fprintf( stream, " port: %d\n", ctl->port );
425 fprintf( stream, " base dn: '%s'\n", ctl->baseDN?ctl->baseDN:"null" );
426 fprintf( stream, " bind dn: '%s'\n", ctl->bindDN?ctl->bindDN:"null" );
427 pwd = ldapctl_get_bind_password((LdapControl *) ctl);
428 fprintf( stream, "bind pass: '%s'\n", pwd?pwd:"null" );
430 fprintf( stream, "attr mail: '%s'\n", ctl->attribEMail?ctl->attribEMail:"null" );
431 fprintf( stream, "attr comn: '%s'\n", ctl->attribCName?ctl->attribCName:"null" );
432 fprintf( stream, "attr frst: '%s'\n", ctl->attribFName?ctl->attribFName:"null" );
433 fprintf( stream, "attr last: '%s'\n", ctl->attribLName?ctl->attribLName:"null" );
434 fprintf( stream, "attr disn: '%s'\n", ctl->attribDName?ctl->attribDName:"null" );
435 fprintf( stream, "max entry: %d\n", ctl->maxEntries );
436 fprintf( stream, " timeout: %d\n", ctl->timeOut );
437 fprintf( stream, " max age: %d\n", ctl->maxQueryAge );
438 fprintf( stream, "match opt: %d\n", ctl->matchingOption );
439 fprintf( stream, " version: %d\n", ctl->version );
440 fprintf( stream, " TLS: %s\n", ctl->enableTLS ? "yes" : "no" );
441 fprintf( stream, " SSL: %s\n", ctl->enableSSL ? "yes" : "no" );
442 fprintf( stream, "crit list:\n" );
443 if( ctl->listCriteria ) {
444 mgu_print_dlist( ctl->listCriteria, stream );
447 fprintf( stream, "\t!!!none!!!\n" );
449 pthread_mutex_unlock( ctl->mutexCtl );
453 * Copy member variables to specified object. Mutex lock object is
455 * \param ctlFrom Object to copy from.
456 * \param ctlTo Destination object.
458 void ldapctl_copy( const LdapControl *ctlFrom, LdapControl *ctlTo ) {
461 cm_return_if_fail( ctlFrom != NULL );
462 cm_return_if_fail( ctlTo != NULL );
464 debug_print("ldap controller copy\n");
465 /* Lock both objects */
466 pthread_mutex_lock( ctlFrom->mutexCtl );
467 pthread_mutex_lock( ctlTo->mutexCtl );
469 /* Clear our destination */
470 ldapctl_clear( ctlTo );
473 ctlTo->hostName = g_strdup( ctlFrom->hostName );
474 ctlTo->baseDN = g_strdup( ctlFrom->baseDN );
475 ctlTo->bindDN = g_strdup( ctlFrom->bindDN );
476 ctlTo->bindPass = g_strdup( ctlFrom->bindPass );
477 ctlTo->attribEMail = g_strdup( ctlFrom->attribEMail );
478 ctlTo->attribCName = g_strdup( ctlFrom->attribCName );
479 ctlTo->attribFName = g_strdup( ctlFrom->attribFName );
480 ctlTo->attribLName = g_strdup( ctlFrom->attribLName );
481 ctlTo->attribDName = g_strdup( ctlFrom->attribDName );
483 /* Copy search criteria */
484 node = ctlFrom->listCriteria;
486 ctlTo->listCriteria = g_list_append(
487 ctlTo->listCriteria, g_strdup( node->data ) );
488 node = g_list_next( node );
491 /* Copy other members */
492 ctlTo->port = ctlFrom->port;
493 ctlTo->maxEntries = ctlFrom->maxEntries;
494 ctlTo->timeOut = ctlFrom->timeOut;
495 ctlTo->maxQueryAge = ctlFrom->maxQueryAge;
496 ctlTo->matchingOption = ctlFrom->matchingOption;
497 ctlTo->version = ctlFrom->version;
498 ctlTo->enableTLS = ctlFrom->enableTLS;
499 ctlTo->enableSSL = ctlFrom->enableSSL;
502 pthread_mutex_unlock( ctlTo->mutexCtl );
503 pthread_mutex_unlock( ctlFrom->mutexCtl );
507 * Search criteria fragment - two terms - begin with (default).
509 static gchar *_criteria2BeginWith = "(&(givenName=%s*)(sn=%s*))";
512 * Search criteria fragment - two terms - contains.
514 static gchar *_criteria2Contains = "(&(givenName=*%s*)(sn=*%s*))";
517 * Create an LDAP search criteria by parsing specified search term. The search
518 * term may contain two names separated by the first embedded space found in
519 * the search term. It is assumed that the two tokens are first name and last
520 * name, or vice versa. An appropriate search criteria will be constructed.
522 * \param searchTerm Reference to search term to process.
523 * \param matchOption Set to the following:
525 * <li><code>LDAPCTL_MATCH_BEGINWITH</code> for "begins with" search</li>
526 * <li><code>LDAPCTL_MATCH_CONTAINS</code> for "contains" search</li>
529 * \return Formatted search criteria, or <code>NULL</code> if there is no
530 * embedded spaces. The search term should be g_free() when no
533 static gchar *ldapctl_build_ldap_criteria(
534 const gchar *searchTerm, const gint matchOption )
543 if( matchOption == LDAPCTL_MATCH_CONTAINS ) {
544 criteriaFmt = _criteria2Contains;
547 criteriaFmt = _criteria2BeginWith;
550 term = g_strdup( searchTerm );
553 /* Find first space character */
558 t2 = g_strdup( 1 + p );
565 /* Format search criteria */
569 p1 = g_strdup_printf( criteriaFmt, t1, t2 );
570 p2 = g_strdup_printf( criteriaFmt, t2, t1 );
571 crit = g_strdup_printf( "(&(|%s%s)(mail=*))", p1, p2 );
578 debug_print("search criteria: %s\n", crit?crit:"null");
584 * Search criteria fragment - single term - begin with (default).
586 static gchar *_criteriaBeginWith = "(%s=%s*)";
589 * Search criteria fragment - single term - contains.
591 static gchar *_criteriaContains = "(%s=*%s*)";
594 * Build a formatted LDAP search criteria string from criteria list.
595 * \param ctl Control object to process.
596 * \param searchVal Value to search for.
597 * \return Formatted string. Should be g_free() when done.
599 gchar *ldapctl_format_criteria( LdapControl *ctl, const gchar *searchVal ) {
601 gchar *p1, *p2, *retVal;
604 cm_return_val_if_fail( ctl != NULL, NULL );
605 cm_return_val_if_fail( searchVal != NULL, NULL );
607 /* Test whether there are more that one search terms */
608 retVal = ldapctl_build_ldap_criteria( searchVal, ctl->matchingOption );
609 if( retVal ) return retVal;
611 if( ctl->matchingOption == LDAPCTL_MATCH_CONTAINS ) {
612 criteriaFmt = _criteriaContains;
615 criteriaFmt = _criteriaBeginWith;
618 /* No - just a simple search */
619 /* p1 contains previous formatted criteria */
620 /* p2 contains next formatted criteria */
621 retVal = p1 = p2 = NULL;
622 node = ctl->listCriteria;
626 node = g_list_next( node );
628 /* Switch pointers */
629 tmp = p1; p1 = p2; p2 = tmp;
632 /* Subsequent time through */
635 /* Format query criteria */
636 crit = g_strdup_printf( criteriaFmt, attr, searchVal );
638 /* Append to existing criteria */
640 p2 = g_strdup_printf( "(|%s%s)", p1, crit );
645 /* First time through - Format query criteria */
646 p2 = g_strdup_printf( criteriaFmt, attr, searchVal );
651 /* Nothing processed - format a default attribute */
652 retVal = g_strdup_printf( "(%s=*)", LDAPCTL_ATTR_EMAIL );
655 /* We have something - free up previous result */
659 debug_print("current search string: %s\n", retVal);
664 * Return array of pointers to attributes for LDAP query.
665 * \param ctl Control object to process.
666 * \return NULL terminated list.
668 char **ldapctl_attribute_array( LdapControl *ctl ) {
672 cm_return_val_if_fail( ctl != NULL, NULL );
674 node = ctl->listCriteria;
675 cnt = g_list_length( ctl->listCriteria );
676 ptrArray = g_new0( char *, 1 + cnt );
679 ptrArray[ i++ ] = node->data;
680 /*debug_print("adding search attribute: %s\n", (gchar *) node->data);*/
681 node = g_list_next( node );
683 ptrArray[ i ] = NULL;
688 * Return array of pointers to attributes for LDAP query.
689 * \param ctl Control object to process.
690 * \return NULL terminated list.
692 char **ldapctl_full_attribute_array( LdapControl *ctl ) {
697 cm_return_val_if_fail( ctl != NULL, NULL );
699 def = ctl->listCriteria;
701 tmp = g_list_append(tmp, g_strdup(def->data));
705 def = ldapctl_get_default_criteria_list();
708 if( g_list_find_custom(tmp, (gpointer)def->data,
709 (GCompareFunc)strcmp2) == NULL) {
710 tmp = g_list_append(tmp, g_strdup(def->data));
716 cnt = g_list_length( tmp );
717 ptrArray = g_new0( char *, 1 + cnt);
720 ptrArray[ i++ ] = node->data;
721 /*debug_print("adding search attribute: %s\n", (gchar *) node->data);*/
722 node = g_list_next( node );
724 ptrArray[ i ] = NULL;
729 * Free array of pointers allocated by ldapctl_criteria_array().
730 * param ptrArray Array to clear.
732 void ldapctl_free_attribute_array( char **ptrArray ) {
735 /* Clear array to NULL's */
736 for( i = 0; ptrArray[i] != NULL; i++ ) {
743 * Parse LDAP search string, building list of LDAP criteria attributes. This
744 * may be used to convert an old style Sylpheed LDAP search criteria to the
745 * new format. The old style uses a standard LDAP search string, for example:
747 * (&(mail=*)(cn=%s*))
749 * This function extracts the two LDAP attributes <code>mail</code> and
750 * <code>cn</code>, adding each to a list.
752 * \param ctl Control object to process.
753 * \param criteria LDAP search criteria string.
755 void ldapctl_parse_ldap_search( LdapControl *ctl, gchar *criteria ) {
761 cm_return_if_fail( ctl != NULL );
763 ldapctl_criteria_list_clear( ctl );
764 if( criteria == NULL ) return;
775 attrib = g_strndup( pFrom, iLen );
776 g_strstrip( attrib );
777 ldapctl_criteria_list_add( ctl, attrib );
787 * Return the default LDAP search criteria string.
788 * \return Formatted string or <i>""</i>. Should be g_free() when done.
790 gchar *ldapctl_get_default_criteria() {
791 gchar *retVal = g_strdup(LDAPCTL_DFL_ATTR_LIST);
792 const gchar **attrs = ATTRIBUTE;
795 gchar *tmp = g_strdup_printf("%s, %s", retVal, *attrs++);
799 debug_print("default search criteria: %s\n", retVal);
804 * Return the default LDAP search criteria list.
805 * \return GList or <i>NULL</i>.
807 GList *ldapctl_get_default_criteria_list() {
808 gchar *criteria, *item;
809 gchar **c_list, **w_list;
810 GList *attr_list = NULL;
812 criteria = ldapctl_get_default_criteria();
813 c_list = g_strsplit(criteria, " ", 0);
817 while ((criteria = *w_list++) != 0) {
818 /* copy string elimination <,> */
820 item = g_strndup(criteria, strlen(criteria) - 1);
822 item = g_strdup(criteria);
823 debug_print("adding attribute to list: %s\n", item);
824 attr_list = g_list_append(attr_list, g_strdup(item));
832 * Compare to GList for equality.
833 * \param l1 First GList
834 * \param l2 Second GList
835 * \Return TRUE or FALSE
837 gboolean ldapctl_compare_list(GList *l1, GList *l2) {
838 gchar *first, *second;
841 if ((! l1 && l2) || (l1 && ! l2))
844 first = (gchar *) l1->data;
845 second = (gchar *) l2->data;
846 /*debug_print("comparing: %s = %s\n", first, second);*/
847 if ( ! (first && second) || strcmp(first, second) != 0) {
850 l1 = g_list_next(l1);
851 l2 = g_list_next(l2);
856 #endif /* USE_LDAP */