+2010-02-03 [mir] 3.7.5cvs5
+
+ * src/addrindex.c
+ * src/editldap.c
+ * src/ldapctrl.c
+ * src/ldapctrl.h
+ * src/ldapquery.c
+ * src/ldapupdate.c
+ Save LDAP password encrypted. See bug 2113.
+
+
2010-02-03 [colin] 3.7.5cvs4
* src/privacy.c
( cvs diff -u -r 1.1.2.63 -r 1.1.2.64 src/gtk/authors.h; ) > 3.7.5cvs2.patchset
( cvs diff -u -r 1.1.2.7 -r 1.1.2.8 src/plugins/smime/smime.c; cvs diff -u -r 1.10.2.23 -r 1.10.2.24 src/privacy.c; ) > 3.7.5cvs3.patchset
( cvs diff -u -r 1.10.2.24 -r 1.10.2.25 src/privacy.c; ) > 3.7.5cvs4.patchset
+( cvs diff -u -r 1.28.2.42 -r 1.28.2.43 src/addrindex.c; cvs diff -u -r 1.8.2.36 -r 1.8.2.37 src/editldap.c; cvs diff -u -r 1.2.2.19 -r 1.2.2.20 src/ldapctrl.c; cvs diff -u -r 1.1.4.14 -r 1.1.4.15 src/ldapctrl.h; cvs diff -u -r 1.3.2.33 -r 1.3.2.34 src/ldapquery.c; cvs diff -u -r 1.1.2.23 -r 1.1.2.24 src/ldapupdate.c; ) > 3.7.5cvs5.patchset
MICRO_VERSION=5
INTERFACE_AGE=0
BINARY_AGE=0
-EXTRA_VERSION=4
+EXTRA_VERSION=5
EXTRA_RELEASE=
EXTRA_GTK2_VERSION=
ldapctl_set_bind_dn( ctl, value );
}
else if( strcmp( name, ATTAG_LDAP_BIND_PASS ) == 0 ) {
- ldapctl_set_bind_password( ctl, value );
+ ldapctl_set_bind_password( ctl, value, FALSE, FALSE );
}
else if( strcmp( name, ATTAG_LDAP_CRITERIA ) == 0 ) {
g_free( criteria );
static void edit_ldap_set_fields( LdapServer *server ) {
LdapControl *ctl;
gchar *crit;
+ gchar *pwd;
if( ldapsvr_get_name( server ) )
gtk_entry_set_text(GTK_ENTRY(ldapedit.entry_name),
if( ctl->bindDN )
gtk_entry_set_text(
GTK_ENTRY(ldapedit.entry_bindDN), ctl->bindDN );
- if( ctl->bindPass )
- gtk_entry_set_text(
- GTK_ENTRY(ldapedit.entry_bindPW), ctl->bindPass );
+ if( ctl->bindPass ) {
+ pwd = ldapctl_get_bind_password( ctl );
+ gtk_entry_set_text( GTK_ENTRY(ldapedit.entry_bindPW), pwd );
+ g_free(pwd);
+ }
gtk_spin_button_set_value(
GTK_SPIN_BUTTON(ldapedit.spinbtn_timeout), ctl->timeOut );
gtk_spin_button_set_value(
ldapctl_set_host( ctl, sHost );
ldapctl_set_base_dn( ctl, sBase );
ldapctl_set_bind_dn( ctl, sBind );
- ldapctl_set_bind_password( ctl, sPass );
+ ldapctl_set_bind_password( ctl, sPass, TRUE, TRUE );
ldapctl_set_port( ctl, iPort );
ldapctl_set_max_entries( ctl, iMaxE );
ldapctl_set_timeout( ctl, iTime );
ctl, bMatch ?
LDAPCTL_MATCH_CONTAINS : LDAPCTL_MATCH_BEGINWITH );
+ addrindex_save_data(addrIndex);
+
/* Save attributes */
editldap_parse_criteria( sCrit, ctl );
#include "ldapctrl.h"
#include "mgutils.h"
+#include "passcrypt.h"
#include "editaddress_other_attributes_ldap.h"
#include "common/utils.h"
* Specify bind password to be used.
* \param ctl Control object to process.
* \param value Password.
+ * \param encrypt Encrypt password
+ * \param change Save encrypted
*/
-void ldapctl_set_bind_password( LdapControl* ctl, const gchar *value ) {
+void ldapctl_set_bind_password(
+ LdapControl* ctl, const gchar *value, gboolean encrypt, gboolean change ) {
+ gchar *buf = NULL, *tmp;
+
ctl->bindPass = mgu_replace_string( ctl->bindPass, value );
if ( ctl->bindPass == NULL )
return;
g_strstrip( ctl->bindPass );
+
+ if ( encrypt ) {
+ /* If first char is not ! the password is not encrypted */
+ if (ctl->bindPass[0] == '!' || change) {
+ if (ctl->bindPass[0] != '!' && change)
+ buf = mgu_replace_string( buf, ctl->bindPass );
+ else
+ buf = mgu_replace_string( buf, ctl->bindPass + 1 );
+ passcrypt_encrypt( buf, strlen(buf) );
+ if (ctl->bindPass[0] != '!' && change) {
+ tmp = g_strconcat( "!", buf, NULL );
+ g_free(buf);
+ buf = g_strdup(tmp);
+ g_free(tmp);
+ }
+ ctl->bindPass = mgu_replace_string( ctl->bindPass, buf );
+ g_free(buf);
+ }
+ }
debug_print("setting bindPassword\n");
}
+/**
+ * Fetch bind password to be used.
+ * \param ctl Control object to process.
+ * \return Decrypted password.
+ */
+gchar* ldapctl_get_bind_password( LdapControl* ctl ) {
+ gchar *pwd = NULL, *buf;
+
+ if ( ctl->bindPass != NULL ) {
+ pwd = mgu_replace_string( pwd, ctl->bindPass );
+ /* If first char is not ! the password is not encrypted */
+ if (pwd && pwd[0] == '!') {
+ buf = g_strdup(pwd + 1);
+ g_free(pwd);
+ passcrypt_decrypt( buf, strlen(buf) );
+ pwd = g_strdup(buf);
+ g_free(buf);
+ }
+ }
+
+ debug_print("getting bindPassword\n");
+
+ return pwd;
+}
+
/**
* Specify maximum number of entries to retrieve.
* \param ctl Control object to process.
*/
void ldapctl_print( const LdapControl *ctl, FILE *stream ) {
cm_return_if_fail( ctl != NULL );
+ gchar *pwd;
pthread_mutex_lock( ctl->mutexCtl );
fprintf( stream, "LdapControl:\n" );
fprintf( stream, " port: %d\n", ctl->port );
fprintf( stream, " base dn: '%s'\n", ctl->baseDN?ctl->baseDN:"null" );
fprintf( stream, " bind dn: '%s'\n", ctl->bindDN?ctl->bindDN:"null" );
- fprintf( stream, "bind pass: '%s'\n", ctl->bindPass?ctl->bindPass:"null" );
+ pwd = ldapctl_get_bind_password((LdapControl *) ctl);
+ fprintf( stream, "bind pass: '%s'\n", pwd?pwd:"null" );
+ g_free(pwd);
fprintf( stream, "attr mail: '%s'\n", ctl->attribEMail?ctl->attribEMail:"null" );
fprintf( stream, "attr comn: '%s'\n", ctl->attribCName?ctl->attribCName:"null" );
fprintf( stream, "attr frst: '%s'\n", ctl->attribFName?ctl->attribFName:"null" );
void ldapctl_set_port ( LdapControl* ctl, const gint value );
void ldapctl_set_base_dn ( LdapControl* ctl, const gchar *value );
void ldapctl_set_bind_dn ( LdapControl* ctl, const gchar *value );
-void ldapctl_set_bind_password ( LdapControl* ctl, const gchar *value );
+void ldapctl_set_bind_password
+ ( LdapControl* ctl, const gchar *value, gboolean encrypt, gboolean change );
+gchar* ldapctl_get_bind_password ( LdapControl* ctl );
void ldapctl_set_max_entries ( LdapControl* ctl, const gint value );
void ldapctl_set_timeout ( LdapControl* ctl, const gint value );
void ldapctl_set_max_query_age ( LdapControl* ctl, const gint value );
gint rc;
gint version;
gchar *uri = NULL;
+ gchar *pwd;
/* Initialize connection */
if (debug_get_mode()) {
if( ctl->bindDN ) {
if( * ctl->bindDN != '\0' ) {
debug_print("binding...\n");
- rc = claws_ldap_simple_bind_s( ld, ctl->bindDN, ctl->bindPass );
+ pwd = ldapctl_get_bind_password(ctl);
+ rc = claws_ldap_simple_bind_s(ld, ctl->bindDN, pwd);
+ g_free(pwd);
debug_print("rc=%d\n", rc);
if( rc != LDAP_SUCCESS ) {
debug_print("LDAP Error: ldap_simple_bind_s: %s\n", ldap_err2string(rc));
gint rc;
gint version;
gchar *uri = NULL;
+ gchar *pwd;
cm_return_val_if_fail(ctl != NULL, NULL);
/* Bind to the server, if required */
if (ctl->bindDN) {
if (* ctl->bindDN != '\0') {
- rc = claws_ldap_simple_bind_s(ld, ctl->bindDN, ctl->bindPass);
+ pwd = ldapctl_get_bind_password(ctl);
+ rc = claws_ldap_simple_bind_s(ld, ctl->bindDN, pwd);
if (rc != LDAP_SUCCESS) {
- g_printerr("bindDN: %s, bindPass: %s\n", ctl->bindDN, ctl->bindPass);
+ g_printerr("bindDN: %s, bindPass: %s\n", ctl->bindDN, pwd);
g_printerr("LDAP Error(bind): ldap_simple_bind_s: %s\n",
ldap_err2string(rc));
+ g_free(pwd);
return NULL;
}
+ g_free(pwd);
}
}
return ld;