From: Colin Leroy Date: Thu, 16 Dec 2010 23:08:58 +0000 (+0000) Subject: 2010-12-16 [colin] 3.7.8cvs5 X-Git-Tag: REL_3_7_9~74 X-Git-Url: http://git.claws-mail.org/?p=claws.git;a=commitdiff_plain;h=e8a58b4d6712be493080f78f1a45a598893d8e92 2010-12-16 [colin] 3.7.8cvs5 * src/addrindex.c * src/editldap.c * src/ldapctrl.c * src/ldapquery.c * src/ldapserver.c * src/ldapserver.h * src/ldapupdate.c * src/ldaputil.c Try to rationalize a bit LDAP connections --- diff --git a/ChangeLog b/ChangeLog index 89f6d9908..ded67848d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,15 @@ +2010-12-16 [colin] 3.7.8cvs5 + + * src/addrindex.c + * src/editldap.c + * src/ldapctrl.c + * src/ldapquery.c + * src/ldapserver.c + * src/ldapserver.h + * src/ldapupdate.c + * src/ldaputil.c + Try to rationalize a bit LDAP connections + 2010-12-16 [colin] 3.7.8cvs4 * src/prefs_spelling.c diff --git a/PATCHSETS b/PATCHSETS index fd428cbe4..d73656e66 100644 --- a/PATCHSETS +++ b/PATCHSETS @@ -4078,3 +4078,4 @@ ( cvs diff -u -r 1.9.2.69 -r 1.9.2.70 src/gtk/gtkaspell.c; ) > 3.7.8cvs2.patchset ( cvs diff -u -r 1.43.2.85 -r 1.43.2.86 src/prefs_matcher.c; ) > 3.7.8cvs3.patchset ( cvs diff -u -r 1.5.2.40 -r 1.5.2.41 src/prefs_spelling.c; cvs diff -u -r 1.9.2.49 -r 1.9.2.50 src/common/defs.h; ) > 3.7.8cvs4.patchset +( cvs diff -u -r 1.28.2.44 -r 1.28.2.45 src/addrindex.c; cvs diff -u -r 1.8.2.37 -r 1.8.2.38 src/editldap.c; cvs diff -u -r 1.2.2.21 -r 1.2.2.22 src/ldapctrl.c; cvs diff -u -r 1.3.2.34 -r 1.3.2.35 src/ldapquery.c; cvs diff -u -r 1.4.2.18 -r 1.4.2.19 src/ldapserver.c; cvs diff -u -r 1.2.2.11 -r 1.2.2.12 src/ldapserver.h; cvs diff -u -r 1.1.2.24 -r 1.1.2.25 src/ldapupdate.c; cvs diff -u -r 1.1.4.16 -r 1.1.4.17 src/ldaputil.c; ) > 3.7.8cvs5.patchset diff --git a/configure.ac b/configure.ac index 5b5cc292e..8928365fe 100644 --- a/configure.ac +++ b/configure.ac @@ -12,7 +12,7 @@ MINOR_VERSION=7 MICRO_VERSION=8 INTERFACE_AGE=0 BINARY_AGE=0 -EXTRA_VERSION=4 +EXTRA_VERSION=5 EXTRA_RELEASE= EXTRA_GTK2_VERSION= diff --git a/src/addrindex.c b/src/addrindex.c index cb7044d24..953051f23 100644 --- a/src/addrindex.c +++ b/src/addrindex.c @@ -1429,10 +1429,8 @@ static AddressDataSource *addrindex_parse_ldap( XMLFile *file ) { ldapsvr_set_name( server, serverName ); ldapsvr_set_search_flag( server, bDynSearch ); ldapctl_set_matching_option( ctl, iMatch ); -#ifdef USE_LDAP_TLS ldapctl_set_tls( ctl, bTLS ); ldapctl_set_ssl( ctl, bSSL ); -#endif g_free( serverName ); ldapsvr_set_control( server, ctl ); ds->rawDataSource = server; @@ -2033,28 +2031,6 @@ static void addrindex_consume_tree( XMLFile *file ) { } } -/* -* Print temporary tree. -*/ -static void addrindex_print_node( AddressCvtNode *node, FILE *stream ) { - GList *list; - - fprintf( stream, "Node:\ttype :%d:\n", node->type ); - fprintf( stream, "\tname :%s:\n", node->name ); - fprintf( stream, "\taddr :%s:\n", node->address ); - fprintf( stream, "\trems :%s:\n", node->remarks ); - if( node->list ) { - fprintf( stream, "\t--list----\n" ); - } - list = node->list; - while( list ) { - AddressCvtNode *lNode = list->data; - list = g_list_next( list ); - addrindex_print_node( lNode, stream ); - } - fprintf( stream, "\t==list-%d==\n", node->type ); -} - /* * Free up temporary tree. */ diff --git a/src/editldap.c b/src/editldap.c index 13096adab..ff061ee50 100644 --- a/src/editldap.c +++ b/src/editldap.c @@ -1048,10 +1048,8 @@ AdapterDSource *addressbook_edit_ldap( ldapctl_set_max_entries( ctl, iMaxE ); ldapctl_set_timeout( ctl, iTime ); ldapctl_set_max_query_age( ctl, iAge ); -#ifdef USE_LDAP_TLS ldapctl_set_tls( ctl, tls ); ldapctl_set_ssl( ctl, ssl ); -#endif ldapctl_set_matching_option( ctl, bMatch ? LDAPCTL_MATCH_CONTAINS : LDAPCTL_MATCH_BEGINWITH ); diff --git a/src/ldapctrl.c b/src/ldapctrl.c index e436c0ef4..8a9c42fab 100644 --- a/src/ldapctrl.c +++ b/src/ldapctrl.c @@ -294,13 +294,17 @@ void ldapctl_set_matching_option( LdapControl* ctl, const gint value ) { * \param value TRUE to enable TLS. */ void ldapctl_set_tls( LdapControl* ctl, const gboolean value ) { +#ifdef USE_LDAP_TLS ctl->enableTLS = value; debug_print("setting TLS: %d\n", ctl->enableTLS); +#endif } void ldapctl_set_ssl( LdapControl* ctl, const gboolean value ) { +#ifdef USE_LDAP_TLS ctl->enableSSL = value; debug_print("setting SSL: %d\n", ctl->enableSSL); +#endif } /** diff --git a/src/ldapquery.c b/src/ldapquery.c index b8bb4eddb..4e78a7e71 100644 --- a/src/ldapquery.c +++ b/src/ldapquery.c @@ -36,6 +36,7 @@ #include "ldaputil.h" #include "ldapquery.h" #include "ldapctrl.h" +#include "ldapserver.h" #include "mgutils.h" #include "addritem.h" @@ -688,10 +689,6 @@ void ldapqry_touch( LdapQuery *qry ) { static gint ldapqry_connect( LdapQuery *qry ) { LdapControl *ctl; LDAP *ld = NULL; - gint rc; - gint version; - gchar *uri = NULL; - gchar *pwd; /* Initialize connection */ if (debug_get_mode()) { @@ -708,13 +705,7 @@ static gint ldapqry_connect( LdapQuery *qry ) { qry->elapsedTime = -1; ADDRQUERY_RETVAL(qry) = LDAPRC_INIT; - ldapsrv_set_options (ctl->timeOut, NULL); - - uri = g_strdup_printf("ldap%s://%s:%d", - ctl->enableSSL?"s":"", - ctl->hostName, ctl->port); - ldap_initialize(&ld, uri); - g_free(uri); + ld = ldapsvr_connect(ctl); if (ld == NULL) return ADDRQUERY_RETVAL(qry); @@ -729,44 +720,6 @@ static gint ldapqry_connect( LdapQuery *qry ) { debug_print("connected to LDAP host %s on port %d\n", ctl->hostName?ctl->hostName:"null", ctl->port); -#ifdef USE_LDAP_TLS - /* Handle TLS */ - version = LDAP_VERSION3; - rc = ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ); - if( rc == LDAP_OPT_SUCCESS ) { - ctl->version = LDAP_VERSION3; - } - - if( ctl->version == LDAP_VERSION3 ) { - if( ctl->enableTLS && !ctl->enableSSL ) { - ADDRQUERY_RETVAL(qry) = LDAPRC_TLS; - rc = ldap_start_tls_s( ld, NULL, NULL ); - - debug_print("rc=%d\n", rc); - debug_print("LDAP Status: set_option: %s\n", ldap_err2string(rc)); - - if( rc != LDAP_SUCCESS ) { - return ADDRQUERY_RETVAL(qry); - } - } - } -#endif - - /* Bind to the server, if required */ - ADDRQUERY_RETVAL(qry) = LDAPRC_BIND; - if( ctl->bindDN ) { - if( * ctl->bindDN != '\0' ) { - debug_print("binding...\n"); - pwd = ldapctl_get_bind_password(ctl); - rc = claws_ldap_simple_bind_s(ld, ctl->bindDN, pwd); - g_free(pwd); - debug_print("rc=%d\n", rc); - if( rc != LDAP_SUCCESS ) { - debug_print("LDAP Error: ldap_simple_bind_s: %s\n", ldap_err2string(rc)); - return ADDRQUERY_RETVAL(qry); - } - } - } ADDRQUERY_RETVAL(qry) = LDAPRC_STOP_FLAG; if( ldapqry_get_stop_flag( qry ) ) { return ADDRQUERY_RETVAL(qry); @@ -900,19 +853,10 @@ static gint ldapqry_search_retrieve( LdapQuery *qry ) { listEMail = ldapqry_process_single_entry( cache, qry, ld, e ); /* Process callback */ - if( qry->callBackEntry ) { + if( qry->callBackEntry ) qry->callBackEntry( qry, ADDRQUERY_ID(qry), listEMail, qry->data ); - } - else { - /*if (debug_get_mode()) { - GList *node = listEMail; - while (node) { - addritem_print_item_email(node->data, stdout); - node = g_list_next(node); - } - }*/ + else g_list_free( listEMail ); - } pthread_mutex_unlock( qry->mutexEntry ); } diff --git a/src/ldapserver.c b/src/ldapserver.c index 1506938ee..86d5ad86f 100644 --- a/src/ldapserver.c +++ b/src/ldapserver.c @@ -723,14 +723,91 @@ void ldapsrv_set_options (gint secs, LDAP *ld) int rc; timeout.tv_sec = secs; timeout.tv_usec = 0; - rc=ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &i); + rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &i); debug_print("cert %s\n", ldap_err2string(rc)); /* can crash old libldaps... */ - rc=ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, &timeout); + rc = ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, &timeout); debug_print("tm %s\n", ldap_err2string(rc)); } + +/** + * Connect to LDAP server. + * \param ctl Control object to process. + * \return LDAP Resource to LDAP. + */ +LDAP *ldapsvr_connect(LdapControl *ctl) { + LDAP *ld = NULL; + gint rc; + gint version; + gchar *uri = NULL; + gchar *pwd; + + cm_return_val_if_fail(ctl != NULL, NULL); + + ldapsrv_set_options (ctl->timeOut, NULL); + uri = g_strdup_printf("ldap%s://%s:%d", + ctl->enableSSL?"s":"", + ctl->hostName, ctl->port); + ldap_initialize(&ld, uri); + g_free(uri); + + if (ld == NULL) + return NULL; + + + debug_print("connected to LDAP host %s on port %d\n", ctl->hostName, ctl->port); + +#ifdef USE_LDAP_TLS + /* Handle TLS */ + version = LDAP_VERSION3; + rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); + if (rc == LDAP_OPT_SUCCESS) { + ctl->version = LDAP_VERSION3; + } + + if (ctl->version == LDAP_VERSION3) { + if (ctl->enableTLS && !ctl->enableSSL) { + rc = ldap_start_tls_s(ld, NULL, NULL); + + if (rc != LDAP_SUCCESS) { + g_printerr("LDAP Error(tls): ldap_simple_bind_s: %s\n", + ldap_err2string(rc)); + return NULL; + } + } + } +#endif + + /* Bind to the server, if required */ + if (ctl->bindDN) { + if (* ctl->bindDN != '\0') { + pwd = ldapctl_get_bind_password(ctl); + rc = claws_ldap_simple_bind_s(ld, ctl->bindDN, pwd); + if (rc != LDAP_SUCCESS) { + g_printerr("bindDN: %s, bindPass xxx\n", ctl->bindDN); + g_printerr("LDAP Error(bind): ldap_simple_bind_s: %s\n", + ldap_err2string(rc)); + g_free(pwd); + return NULL; + } + g_free(pwd); + } + } + return ld; +} + +/** + * Disconnect to LDAP server. + * \param ld Resource to LDAP. + */ +void ldapsvr_disconnect(LDAP *ld) { + /* Disconnect */ + cm_return_if_fail(ld != NULL); + ldap_unbind_ext(ld, NULL, NULL); +} + #endif /* USE_LDAP */ /* diff --git a/src/ldapserver.h b/src/ldapserver.h index 471c809c8..665ec8251 100644 --- a/src/ldapserver.h +++ b/src/ldapserver.h @@ -93,8 +93,9 @@ void ldapsvr_retire_query ( LdapServer *server ); gboolean ldapsvr_reuse_previous ( const LdapServer *server, const QueryRequest *req ); - void ldapsrv_set_options (gint secs, LDAP *ld); +LDAP *ldapsvr_connect(LdapControl *ctl); +void ldapsvr_disconnect(LDAP *ld); #endif /* USE_LDAP */ #endif /* __LDAPSERVER_H__ */ diff --git a/src/ldapupdate.c b/src/ldapupdate.c index d81833821..397a95a89 100644 --- a/src/ldapupdate.c +++ b/src/ldapupdate.c @@ -307,82 +307,6 @@ ItemPerson *ldapsvr_get_contact(LdapServer *server, gchar *uid) { return NULL; } -/** - * Connect to LDAP server. - * \param ctl Control object to process. - * \return LDAP Resource to LDAP. - */ -LDAP *ldapsvr_connect(LdapControl *ctl) { - LDAP *ld = NULL; - gint rc; - gint version; - gchar *uri = NULL; - gchar *pwd; - - cm_return_val_if_fail(ctl != NULL, NULL); - - ldapsrv_set_options (ctl->timeOut, NULL); - uri = g_strdup_printf("ldap%s://%s:%d", - ctl->enableSSL?"s":"", - ctl->hostName, ctl->port); - ldap_initialize(&ld, uri); - g_free(uri); - - if (ld == NULL) - return NULL; - - - debug_print("connected to LDAP host %s on port %d\n", ctl->hostName, ctl->port); - -#ifdef USE_LDAP_TLS - /* Handle TLS */ - version = LDAP_VERSION3; - rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); - if (rc == LDAP_OPT_SUCCESS) { - ctl->version = LDAP_VERSION3; - } - - if (ctl->version == LDAP_VERSION3) { - if (ctl->enableTLS && !ctl->enableSSL) { - rc = ldap_start_tls_s(ld, NULL, NULL); - - if (rc != LDAP_SUCCESS) { - g_printerr("LDAP Error(tls): ldap_simple_bind_s: %s\n", - ldap_err2string(rc)); - return NULL; - } - } - } -#endif - - /* Bind to the server, if required */ - if (ctl->bindDN) { - if (* ctl->bindDN != '\0') { - pwd = ldapctl_get_bind_password(ctl); - rc = claws_ldap_simple_bind_s(ld, ctl->bindDN, pwd); - if (rc != LDAP_SUCCESS) { - g_printerr("bindDN: %s, bindPass: %s\n", ctl->bindDN, pwd); - g_printerr("LDAP Error(bind): ldap_simple_bind_s: %s\n", - ldap_err2string(rc)); - g_free(pwd); - return NULL; - } - g_free(pwd); - } - } - return ld; -} - -/** - * Disconnect to LDAP server. - * \param ld Resource to LDAP. - */ -void ldapsvr_disconnect(LDAP *ld) { - /* Disconnect */ - cm_return_if_fail(ld != NULL); - ldap_unbind_ext(ld, NULL, NULL); -} - /** * Create an initial Rdn structure * @@ -776,17 +700,8 @@ int ldapsvr_compare_manual_attr(LDAP *ld, LdapServer *server, gchar *dn, char *a attrkeyvalue_free(mail); if (ctl) { -#ifdef OPEN_LDAP_API_AT_LEAST_3000 - rc = ldap_search_ext_s(ld, ctl->baseDN, LDAP_SCOPE_ONELEVEL, filter, NULL, 0, NULL, NULL, NULL, 0, &res); -#else - - /* This is deprecated as of OpenLDAP-2.3.0 */ - rc = ldap_search_s(ld, ctl->baseDN, LDAP_SCOPE_ONELEVEL, filter, NULL, 0, &res); - -#endif - if (rc) { g_printerr("ldap_search for attr=%s\" failed[0x%x]: %s\n",attr, rc, ldap_err2string(rc)); retVal = -2; diff --git a/src/ldaputil.c b/src/ldaputil.c index 1bfb6c3a6..2dc77cfe8 100644 --- a/src/ldaputil.c +++ b/src/ldaputil.c @@ -34,6 +34,8 @@ #include #include #include "common/utils.h" +#include "ldapserver.h" +#include "ldapctrl.h" #define SYLDAP_TEST_FILTER "(objectclass=*)" #define SYLDAP_SEARCHBASE_V2 "cn=config" @@ -210,9 +212,6 @@ int claws_ldap_simple_bind_s( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *pa NULL, NULL, NULL ); } -/* from ldapsrc.c */ -void ldapsrv_set_options (gint secs, LDAP *ld); - /** * Attempt to discover the base DN for the server. * \param host Host name. @@ -229,78 +228,40 @@ GList *ldaputil_read_basedn( { GList *baseDN = NULL; LDAP *ld = NULL; + LdapControl *ctl = ldapctl_create(); gint rc; - gchar *uri = NULL; - gint version; - - if( host == NULL ) return baseDN; - if( port < 1 ) return baseDN; - - /* Connect to server. */ - - ldapsrv_set_options (tov, NULL); - - uri = g_strdup_printf("ldap%s://%s:%d", - ssl?"s":"", - host, port); - debug_print("URI: %s\n", uri); - rc = ldap_initialize(&ld, uri); - g_free(uri); - - if( ld == NULL ) { - return baseDN; - } - - if ((bindDN && *bindDN) -#ifdef USE_LDAP_TLS - || (tls && !ssl) -#endif - ) { - version = LDAP_VERSION3; - rc = ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ); - } -#ifdef USE_LDAP_TLS - - if( tls && !ssl ) { - /* Handle TLS */ - if( rc != LDAP_OPT_SUCCESS ) { - ldap_unbind_ext( ld, NULL, NULL ); - return baseDN; - } - rc = ldap_start_tls_s( ld, NULL, NULL ); - if (rc != 0) { - ldap_unbind_ext( ld, NULL, NULL ); - return baseDN; - } - } -#endif - /* Bind to the server, if required */ - if( bindDN ) { - if( *bindDN != '\0' ) { - rc = claws_ldap_simple_bind_s( ld, bindDN, bindPW ); - if( rc != LDAP_SUCCESS ) { - g_printerr("LDAP: %s\n", ldap_err2string(rc)); - ldap_unbind_ext( ld, NULL, NULL ); - return baseDN; - } - } + if( host == NULL ) + return NULL; + if( port < 1 ) + return NULL; + + ldapctl_set_tls(ctl, tls); + ldapctl_set_ssl(ctl, ssl); + ldapctl_set_port(ctl, port); + ldapctl_set_host(ctl, host); + ldapctl_set_timeout(ctl, tov); + ldapctl_set_bind_dn(ctl, bindDN); + ldapctl_set_bind_password(ctl, bindPW, FALSE, FALSE); + + ld = ldapsvr_connect(ctl); + if (ld == NULL) { + ldapctl_free(ctl); + return NULL; } - - /* Test for LDAP version 3 */ baseDN = ldaputil_test_v3( ld, tov, &rc ); - if (baseDN) { + if (baseDN) debug_print("Using LDAP v3\n"); - } if( baseDN == NULL && !LDAP_API_ERROR(rc) ) { baseDN = ldaputil_test_v2( ld, tov ); - if (baseDN) { + if (baseDN) debug_print("Using LDAP v2\n"); - } } - if (ld && !LDAP_API_ERROR(rc)) - ldap_unbind_ext( ld, NULL, NULL ); + if (ld) + ldapsvr_disconnect(ld); + + ldapctl_free(ctl); return baseDN; } @@ -314,56 +275,23 @@ GList *ldaputil_read_basedn( */ gboolean ldaputil_test_connect( const gchar *host, const gint port, int ssl, int tls, int secs ) { gboolean retVal = FALSE; + LdapControl *ctl = ldapctl_create(); LDAP *ld; -#ifdef USE_LDAP_TLS - gint rc; - gint version; -#endif - gchar *uri = NULL; - - if( host == NULL ) return retVal; - if( port < 1 ) return retVal; - - ldapsrv_set_options (secs, NULL); - uri = g_strdup_printf("ldap%s://%s:%d", - ssl?"s":"", - host, port); - debug_print("URI: %s\n", uri); - ldap_initialize(&ld, uri); - g_free(uri); - if (ld == NULL) - return FALSE; - -#ifdef USE_LDAP_TLS - if (ssl) { - GList *dummy = ldaputil_test_v3( ld, secs, &rc ); - if (dummy) - g_list_free(dummy); - if (LDAP_API_ERROR(rc)) - return FALSE; - } - if( tls && !ssl ) { - /* Handle TLS */ - version = LDAP_VERSION3; - rc = ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ); - if( rc != LDAP_OPT_SUCCESS ) { - ldap_unbind_ext( ld, NULL, NULL ); - return FALSE; - } + ldapctl_set_tls(ctl, tls); + ldapctl_set_ssl(ctl, ssl); + ldapctl_set_port(ctl, port); + ldapctl_set_host(ctl, host); + ldapctl_set_timeout(ctl, secs); - rc = ldap_start_tls_s( ld, NULL, NULL ); - if (rc != 0) { - ldap_unbind_ext( ld, NULL, NULL ); - return FALSE; - } - } -#endif + ld = ldapsvr_connect(ctl); if( ld != NULL ) { - ldap_unbind_ext( ld, NULL, NULL ); + ldapsvr_disconnect(ld); debug_print("ld != NULL\n"); retVal = TRUE; } + ldapctl_free(ctl); + return retVal; }