2 * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 2003-2009 Match Grun and the Claws Mail team
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
21 * Functions for LDAP control data.
36 #include "passcrypt.h"
37 #include "editaddress_other_attributes_ldap.h"
38 #include "common/utils.h"
39 #include "common/quoted-printable.h"
42 * Create new LDAP control block object.
43 * \return Initialized control object.
45 LdapControl *ldapctl_create( void ) {
48 ctl = g_new0( LdapControl, 1 );
50 ctl->port = LDAPCTL_DFL_PORT;
54 ctl->listCriteria = NULL;
55 ctl->attribEMail = g_strdup( LDAPCTL_ATTR_EMAIL );
56 ctl->attribCName = g_strdup( LDAPCTL_ATTR_COMMONNAME );
57 ctl->attribFName = g_strdup( LDAPCTL_ATTR_GIVENNAME );
58 ctl->attribLName = g_strdup( LDAPCTL_ATTR_SURNAME );
59 ctl->attribDName = g_strdup( LDAPCTL_ATTR_DISPLAYNAME );
60 ctl->maxEntries = LDAPCTL_MAX_ENTRIES;
61 ctl->timeOut = LDAPCTL_DFL_TIMEOUT;
62 ctl->maxQueryAge = LDAPCTL_DFL_QUERY_AGE;
63 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
65 ctl->enableTLS = FALSE;
66 ctl->enableSSL = FALSE;
68 /* Mutex to protect control block */
69 ctl->mutexCtl = g_malloc0( sizeof( pthread_mutex_t ) );
70 pthread_mutex_init( ctl->mutexCtl, NULL );
76 * Specify hostname to be used.
77 * \param ctl Control object to process.
78 * \param value Host name.
80 void ldapctl_set_host( LdapControl* ctl, const gchar *value ) {
81 ctl->hostName = mgu_replace_string( ctl->hostName, value );
83 if ( ctl->hostName == NULL )
86 g_strstrip( ctl->hostName );
87 debug_print("setting hostname: %s\n", ctl->hostName);
91 * Specify port to be used.
92 * \param ctl Control object to process.
95 void ldapctl_set_port( LdapControl* ctl, const gint value ) {
100 ctl->port = LDAPCTL_DFL_PORT;
102 debug_print("setting port: %d\n", ctl->port);
106 * Specify base DN to be used.
107 * \param ctl Control object to process.
108 * \param value Base DN.
110 void ldapctl_set_base_dn( LdapControl* ctl, const gchar *value ) {
111 ctl->baseDN = mgu_replace_string( ctl->baseDN, value );
113 if ( ctl->baseDN == NULL )
116 g_strstrip( ctl->baseDN );
117 debug_print("setting baseDN: %s\n", ctl->baseDN);
121 * Specify bind DN to be used.
122 * \param ctl Control object to process.
123 * \param value Bind DN.
125 void ldapctl_set_bind_dn( LdapControl* ctl, const gchar *value ) {
126 ctl->bindDN = mgu_replace_string( ctl->bindDN, value );
128 if ( ctl->bindDN == NULL )
131 g_strstrip( ctl->bindDN );
132 debug_print("setting bindDN: %s\n", ctl->bindDN);
136 * Specify bind password to be used.
137 * \param ctl Control object to process.
138 * \param value Password.
139 * \param encrypt Encrypt password
140 * \param change Save encrypted
142 void ldapctl_set_bind_password(
143 LdapControl* ctl, const gchar *value, gboolean encrypt, gboolean change ) {
146 ctl->bindPass = mgu_replace_string( ctl->bindPass, value );
148 if ( ctl->bindPass == NULL )
151 g_strstrip( ctl->bindPass );
155 /* If first char is not ! the password is not encrypted */
156 if (ctl->bindPass[0] == '!' || change) {
157 if (ctl->bindPass[0] != '!' && change)
158 buf = mgu_replace_string( buf, ctl->bindPass );
160 if (ctl->bindPass[1] != '|')
161 buf = mgu_replace_string( buf, ctl->bindPass + 1 );
163 /* quoted printable decode */
164 buf = mgu_replace_string( buf, ctl->bindPass + 2 );
169 passcrypt_encrypt( buf, strlen(buf) );
170 if (ctl->bindPass[0] != '!' && change) {
171 /* quoted printable encode */
172 tmp = g_malloc0(qp_get_q_encoding_len(buf) + 1);
173 qp_q_encode(tmp, buf);
175 buf = g_strconcat( "!|", tmp, NULL );
179 ctl->bindPass = mgu_replace_string( ctl->bindPass, buf );
184 debug_print("setting bindPassword\n");
188 * Fetch bind password to be used.
189 * \param ctl Control object to process.
190 * \return Decrypted password.
192 gchar* ldapctl_get_bind_password( LdapControl* ctl ) {
193 gchar *pwd = NULL, *buf;
195 if ( ctl->bindPass != NULL ) {
196 pwd = mgu_replace_string( pwd, ctl->bindPass );
197 /* If first char is not ! the password is not encrypted */
198 if (pwd && pwd[0] == '!') {
199 if (pwd[1] && pwd[1] == '|') {
200 buf = g_strdup(pwd + 2);
201 /* quoted printable decode */
205 buf = g_strdup(pwd + 1);
209 passcrypt_decrypt( buf, strlen(buf) );
216 debug_print("getting bindPassword\n");
222 * Specify maximum number of entries to retrieve.
223 * \param ctl Control object to process.
224 * \param value Maximum entries.
226 void ldapctl_set_max_entries( LdapControl* ctl, const gint value ) {
228 ctl->maxEntries = value;
231 ctl->maxEntries = LDAPCTL_MAX_ENTRIES;
233 debug_print("setting maxEntries: %d\n", ctl->maxEntries);
237 * Specify timeout value for LDAP operation (in seconds).
238 * \param ctl Control object to process.
239 * \param value Timeout.
241 void ldapctl_set_timeout( LdapControl* ctl, const gint value ) {
243 ctl->timeOut = value;
246 ctl->timeOut = LDAPCTL_DFL_TIMEOUT;
248 debug_print("setting timeOut: %d\n", ctl->timeOut);
252 * Specify maximum age of query (in seconds) before query is retired.
253 * \param ctl Control object to process.
254 * \param value Maximum age.
256 void ldapctl_set_max_query_age( LdapControl* ctl, const gint value ) {
257 if( value > LDAPCTL_MAX_QUERY_AGE ) {
258 ctl->maxQueryAge = LDAPCTL_MAX_QUERY_AGE;
260 else if( value < 1 ) {
261 ctl->maxQueryAge = LDAPCTL_DFL_QUERY_AGE;
264 ctl->maxQueryAge = value;
266 debug_print("setting maxAge: %d\n", ctl->maxQueryAge);
270 * Specify matching option to be used for searches.
271 * \param ctl Control object to process.
272 * \param value Matching option, as follows:
274 * <li><code>LDAPCTL_MATCH_BEGINWITH</code> for "begins with" search</li>
275 * <li><code>LDAPCTL_MATCH_CONTAINS</code> for "contains" search</li>
278 void ldapctl_set_matching_option( LdapControl* ctl, const gint value ) {
279 if( value < LDAPCTL_MATCH_BEGINWITH ) {
280 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
282 else if( value > LDAPCTL_MATCH_CONTAINS ) {
283 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
286 ctl->matchingOption = value;
288 debug_print("setting matchingOption: %d\n", ctl->matchingOption);
292 * Specify TLS option.
293 * \param ctl Control object to process.
294 * \param value <i>TRUE</i> to enable TLS.
296 void ldapctl_set_tls( LdapControl* ctl, const gboolean value ) {
297 ctl->enableTLS = value;
298 debug_print("setting TLS: %d\n", ctl->enableTLS);
301 void ldapctl_set_ssl( LdapControl* ctl, const gboolean value ) {
302 ctl->enableSSL = value;
303 debug_print("setting SSL: %d\n", ctl->enableSSL);
307 * Return search criteria list.
308 * \param ctl Control data object.
309 * \return Linked list of character strings containing LDAP attribute names to
310 * use for a search. This should not be modified directly. Use the
311 * <code>ldapctl_set_criteria_list()</code>,
312 * <code>ldapctl_criteria_list_clear()</code> and
313 * <code>ldapctl_criteria_list_add()</code> functions for this purpose.
315 GList *ldapctl_get_criteria_list( const LdapControl* ctl ) {
316 cm_return_val_if_fail( ctl != NULL, NULL );
317 return ctl->listCriteria;
321 * Clear list of LDAP search attributes.
322 * \param ctl Control data object.
324 void ldapctl_criteria_list_clear( LdapControl *ctl ) {
325 cm_return_if_fail( ctl != NULL );
326 mgu_free_dlist( ctl->listCriteria );
327 ctl->listCriteria = NULL;
331 * Add LDAP attribute to criteria list.
332 * \param ctl Control object to process.
333 * \param attr Attribute name to append. If not NULL and unique, a copy will
334 * be appended to the list.
336 void ldapctl_criteria_list_add( LdapControl *ctl, gchar *attr ) {
337 cm_return_if_fail( ctl != NULL );
339 if( mgu_list_test_unq_nc( ctl->listCriteria, attr ) ) {
340 debug_print("adding to criteria list: %s\n", attr);
341 ctl->listCriteria = g_list_append(
342 ctl->listCriteria, g_strdup( attr ) );
348 * Clear LDAP server member variables.
349 * \param ctl Control object to clear.
351 static void ldapctl_clear( LdapControl *ctl ) {
352 cm_return_if_fail( ctl != NULL );
354 debug_print("clearing ldap controller members\n");
355 /* Free internal stuff */
356 g_free( ctl->hostName );
357 g_free( ctl->baseDN );
358 g_free( ctl->bindDN );
359 g_free( ctl->bindPass );
360 g_free( ctl->attribEMail );
361 g_free( ctl->attribCName );
362 g_free( ctl->attribFName );
363 g_free( ctl->attribLName );
364 g_free( ctl->attribDName );
366 ldapctl_criteria_list_clear( ctl );
369 ctl->hostName = NULL;
373 ctl->bindPass = NULL;
374 ctl->attribEMail = NULL;
375 ctl->attribCName = NULL;
376 ctl->attribFName = NULL;
377 ctl->attribLName = NULL;
378 ctl->attribDName = NULL;
381 ctl->maxQueryAge = 0;
382 ctl->matchingOption = LDAPCTL_MATCH_BEGINWITH;
384 ctl->enableTLS = FALSE;
385 ctl->enableSSL = FALSE;
389 * Free up LDAP server interface object by releasing internal memory.
390 * \param ctl Control object to free.
392 void ldapctl_free( LdapControl *ctl ) {
393 cm_return_if_fail( ctl != NULL );
395 debug_print("releasing requested memory for ldap controller\n");
396 /* Free internal stuff */
397 ldapctl_clear( ctl );
400 pthread_mutex_destroy( ctl->mutexCtl );
401 g_free( ctl->mutexCtl );
402 ctl->mutexCtl = NULL;
404 /* Now release LDAP control object */
409 * Display object to specified stream.
410 * \param ctl Control object to process.
411 * \param stream Output stream.
413 void ldapctl_print( const LdapControl *ctl, FILE *stream ) {
414 cm_return_if_fail( ctl != NULL );
417 pthread_mutex_lock( ctl->mutexCtl );
418 fprintf( stream, "LdapControl:\n" );
419 fprintf( stream, "host name: '%s'\n", ctl->hostName?ctl->hostName:"null" );
420 fprintf( stream, " port: %d\n", ctl->port );
421 fprintf( stream, " base dn: '%s'\n", ctl->baseDN?ctl->baseDN:"null" );
422 fprintf( stream, " bind dn: '%s'\n", ctl->bindDN?ctl->bindDN:"null" );
423 pwd = ldapctl_get_bind_password((LdapControl *) ctl);
424 fprintf( stream, "bind pass: '%s'\n", pwd?pwd:"null" );
426 fprintf( stream, "attr mail: '%s'\n", ctl->attribEMail?ctl->attribEMail:"null" );
427 fprintf( stream, "attr comn: '%s'\n", ctl->attribCName?ctl->attribCName:"null" );
428 fprintf( stream, "attr frst: '%s'\n", ctl->attribFName?ctl->attribFName:"null" );
429 fprintf( stream, "attr last: '%s'\n", ctl->attribLName?ctl->attribLName:"null" );
430 fprintf( stream, "attr disn: '%s'\n", ctl->attribDName?ctl->attribDName:"null" );
431 fprintf( stream, "max entry: %d\n", ctl->maxEntries );
432 fprintf( stream, " timeout: %d\n", ctl->timeOut );
433 fprintf( stream, " max age: %d\n", ctl->maxQueryAge );
434 fprintf( stream, "match opt: %d\n", ctl->matchingOption );
435 fprintf( stream, " version: %d\n", ctl->version );
436 fprintf( stream, " TLS: %s\n", ctl->enableTLS ? "yes" : "no" );
437 fprintf( stream, " SSL: %s\n", ctl->enableSSL ? "yes" : "no" );
438 fprintf( stream, "crit list:\n" );
439 if( ctl->listCriteria ) {
440 mgu_print_dlist( ctl->listCriteria, stream );
443 fprintf( stream, "\t!!!none!!!\n" );
445 pthread_mutex_unlock( ctl->mutexCtl );
449 * Copy member variables to specified object. Mutex lock object is
451 * \param ctlFrom Object to copy from.
452 * \param ctlTo Destination object.
454 void ldapctl_copy( const LdapControl *ctlFrom, LdapControl *ctlTo ) {
457 cm_return_if_fail( ctlFrom != NULL );
458 cm_return_if_fail( ctlTo != NULL );
460 debug_print("ldap controller copy\n");
461 /* Lock both objects */
462 pthread_mutex_lock( ctlFrom->mutexCtl );
463 pthread_mutex_lock( ctlTo->mutexCtl );
465 /* Clear our destination */
466 ldapctl_clear( ctlTo );
469 ctlTo->hostName = g_strdup( ctlFrom->hostName );
470 ctlTo->baseDN = g_strdup( ctlFrom->baseDN );
471 ctlTo->bindDN = g_strdup( ctlFrom->bindDN );
472 ctlTo->bindPass = g_strdup( ctlFrom->bindPass );
473 ctlTo->attribEMail = g_strdup( ctlFrom->attribEMail );
474 ctlTo->attribCName = g_strdup( ctlFrom->attribCName );
475 ctlTo->attribFName = g_strdup( ctlFrom->attribFName );
476 ctlTo->attribLName = g_strdup( ctlFrom->attribLName );
477 ctlTo->attribDName = g_strdup( ctlFrom->attribDName );
479 /* Copy search criteria */
480 node = ctlFrom->listCriteria;
482 ctlTo->listCriteria = g_list_append(
483 ctlTo->listCriteria, g_strdup( node->data ) );
484 node = g_list_next( node );
487 /* Copy other members */
488 ctlTo->port = ctlFrom->port;
489 ctlTo->maxEntries = ctlFrom->maxEntries;
490 ctlTo->timeOut = ctlFrom->timeOut;
491 ctlTo->maxQueryAge = ctlFrom->maxQueryAge;
492 ctlTo->matchingOption = ctlFrom->matchingOption;
493 ctlTo->version = ctlFrom->version;
494 ctlTo->enableTLS = ctlFrom->enableTLS;
495 ctlTo->enableSSL = ctlFrom->enableSSL;
498 pthread_mutex_unlock( ctlTo->mutexCtl );
499 pthread_mutex_unlock( ctlFrom->mutexCtl );
503 * Search criteria fragment - two terms - begin with (default).
505 static gchar *_criteria2BeginWith = "(&(givenName=%s*)(sn=%s*))";
508 * Search criteria fragment - two terms - contains.
510 static gchar *_criteria2Contains = "(&(givenName=*%s*)(sn=*%s*))";
513 * Create an LDAP search criteria by parsing specified search term. The search
514 * term may contain two names separated by the first embedded space found in
515 * the search term. It is assumed that the two tokens are first name and last
516 * name, or vice versa. An appropriate search criteria will be constructed.
518 * \param searchTerm Reference to search term to process.
519 * \param matchOption Set to the following:
521 * <li><code>LDAPCTL_MATCH_BEGINWITH</code> for "begins with" search</li>
522 * <li><code>LDAPCTL_MATCH_CONTAINS</code> for "contains" search</li>
525 * \return Formatted search criteria, or <code>NULL</code> if there is no
526 * embedded spaces. The search term should be g_free() when no
529 static gchar *ldapctl_build_ldap_criteria(
530 const gchar *searchTerm, const gint matchOption )
539 if( matchOption == LDAPCTL_MATCH_CONTAINS ) {
540 criteriaFmt = _criteria2Contains;
543 criteriaFmt = _criteria2BeginWith;
546 term = g_strdup( searchTerm );
549 /* Find first space character */
554 t2 = g_strdup( 1 + p );
561 /* Format search criteria */
565 p1 = g_strdup_printf( criteriaFmt, t1, t2 );
566 p2 = g_strdup_printf( criteriaFmt, t2, t1 );
567 crit = g_strdup_printf( "(&(|%s%s)(mail=*))", p1, p2 );
574 debug_print("search criteria: %s\n", crit?crit:"null");
580 * Search criteria fragment - single term - begin with (default).
582 static gchar *_criteriaBeginWith = "(%s=%s*)";
585 * Search criteria fragment - single term - contains.
587 static gchar *_criteriaContains = "(%s=*%s*)";
590 * Build a formatted LDAP search criteria string from criteria list.
591 * \param ctl Control object to process.
592 * \param searchVal Value to search for.
593 * \return Formatted string. Should be g_free() when done.
595 gchar *ldapctl_format_criteria( LdapControl *ctl, const gchar *searchVal ) {
597 gchar *p1, *p2, *retVal;
600 cm_return_val_if_fail( ctl != NULL, NULL );
601 cm_return_val_if_fail( searchVal != NULL, NULL );
603 /* Test whether there are more that one search terms */
604 retVal = ldapctl_build_ldap_criteria( searchVal, ctl->matchingOption );
605 if( retVal ) return retVal;
607 if( ctl->matchingOption == LDAPCTL_MATCH_CONTAINS ) {
608 criteriaFmt = _criteriaContains;
611 criteriaFmt = _criteriaBeginWith;
614 /* No - just a simple search */
615 /* p1 contains previous formatted criteria */
616 /* p2 contains next formatted criteria */
617 retVal = p1 = p2 = NULL;
618 node = ctl->listCriteria;
622 node = g_list_next( node );
624 /* Switch pointers */
625 tmp = p1; p1 = p2; p2 = tmp;
628 /* Subsequent time through */
631 /* Format query criteria */
632 crit = g_strdup_printf( criteriaFmt, attr, searchVal );
634 /* Append to existing criteria */
636 p2 = g_strdup_printf( "(|%s%s)", p1, crit );
641 /* First time through - Format query criteria */
642 p2 = g_strdup_printf( criteriaFmt, attr, searchVal );
647 /* Nothing processed - format a default attribute */
648 retVal = g_strdup_printf( "(%s=*)", LDAPCTL_ATTR_EMAIL );
651 /* We have something - free up previous result */
655 debug_print("current search string: %s\n", retVal);
660 * Return array of pointers to attributes for LDAP query.
661 * \param ctl Control object to process.
662 * \return NULL terminated list.
664 char **ldapctl_attribute_array( LdapControl *ctl ) {
668 cm_return_val_if_fail( ctl != NULL, NULL );
670 node = ctl->listCriteria;
671 cnt = g_list_length( ctl->listCriteria );
672 ptrArray = g_new0( char *, 1 + cnt );
675 ptrArray[ i++ ] = node->data;
676 /*debug_print("adding search attribute: %s\n", (gchar *) node->data);*/
677 node = g_list_next( node );
679 ptrArray[ i ] = NULL;
684 * Return array of pointers to attributes for LDAP query.
685 * \param ctl Control object to process.
686 * \return NULL terminated list.
688 char **ldapctl_full_attribute_array( LdapControl *ctl ) {
693 cm_return_val_if_fail( ctl != NULL, NULL );
695 def = ctl->listCriteria;
697 tmp = g_list_append(tmp, g_strdup(def->data));
701 def = ldapctl_get_default_criteria_list();
704 if( g_list_find_custom(tmp, (gpointer)def->data,
705 (GCompareFunc)strcmp2) == NULL) {
706 tmp = g_list_append(tmp, g_strdup(def->data));
712 cnt = g_list_length( tmp );
713 ptrArray = g_new0( char *, 1 + cnt);
716 ptrArray[ i++ ] = node->data;
717 /*debug_print("adding search attribute: %s\n", (gchar *) node->data);*/
718 node = g_list_next( node );
720 ptrArray[ i ] = NULL;
725 * Free array of pointers allocated by ldapctl_criteria_array().
726 * param ptrArray Array to clear.
728 void ldapctl_free_attribute_array( char **ptrArray ) {
731 /* Clear array to NULL's */
732 for( i = 0; ptrArray[i] != NULL; i++ ) {
739 * Parse LDAP search string, building list of LDAP criteria attributes. This
740 * may be used to convert an old style Sylpheed LDAP search criteria to the
741 * new format. The old style uses a standard LDAP search string, for example:
743 * (&(mail=*)(cn=%s*))
745 * This function extracts the two LDAP attributes <code>mail</code> and
746 * <code>cn</code>, adding each to a list.
748 * \param ctl Control object to process.
749 * \param criteria LDAP search criteria string.
751 void ldapctl_parse_ldap_search( LdapControl *ctl, gchar *criteria ) {
757 cm_return_if_fail( ctl != NULL );
759 ldapctl_criteria_list_clear( ctl );
760 if( criteria == NULL ) return;
771 attrib = g_strndup( pFrom, iLen );
772 g_strstrip( attrib );
773 ldapctl_criteria_list_add( ctl, attrib );
783 * Return the default LDAP search criteria string.
784 * \return Formatted string or <i>""</i>. Should be g_free() when done.
786 gchar *ldapctl_get_default_criteria() {
787 gchar *retVal = g_strdup(LDAPCTL_DFL_ATTR_LIST);
788 const gchar **attrs = ATTRIBUTE;
791 gchar *tmp = g_strdup_printf("%s, %s", retVal, *attrs++);
795 debug_print("default search criteria: %s\n", retVal);
800 * Return the default LDAP search criteria list.
801 * \return GList or <i>NULL</i>.
803 GList *ldapctl_get_default_criteria_list() {
804 gchar *criteria, *item;
805 gchar **c_list, **w_list;
806 GList *attr_list = NULL;
808 criteria = ldapctl_get_default_criteria();
809 c_list = g_strsplit(criteria, " ", 0);
813 while ((criteria = *w_list++) != 0) {
814 /* copy string elimination <,> */
816 item = g_strndup(criteria, strlen(criteria) - 1);
818 item = g_strdup(criteria);
819 debug_print("adding attribute to list: %s\n", item);
820 attr_list = g_list_append(attr_list, g_strdup(item));
828 * Compare to GList for equality.
829 * \param l1 First GList
830 * \param l2 Second GList
831 * \Return TRUE or FALSE
833 gboolean ldapctl_compare_list(GList *l1, GList *l2) {
834 gchar *first, *second;
837 if ((! l1 && l2) || (l1 && ! l2))
840 first = (gchar *) l1->data;
841 second = (gchar *) l2->data;
842 /*debug_print("comparing: %s = %s\n", first, second);*/
843 if ( ! (first && second) || strcmp(first, second) != 0) {
846 l1 = g_list_next(l1);
847 l2 = g_list_next(l2);
852 #endif /* USE_LDAP */