From 59d8eb6221a9098d8fc3525b809cc8b6b08e261a Mon Sep 17 00:00:00 2001 From: Michael Rasmussen Date: Sat, 22 May 2010 11:20:04 +0000 Subject: [PATCH] 2010-05-22 [mir] 3.7.6cvs8 * src/ldapctrl.c Fix bug 2208. Encode encrypted password to qouted printable to avoid making invalid XML. Encoding will be activated the first time the password is changed. --- ChangeLog | 8 ++++++++ PATCHSETS | 1 + configure.ac | 4 ++-- src/ldapctrl.c | 37 ++++++++++++++++++++++++++++++------- 4 files changed, 41 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index f572d64b9..4a5f1d447 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2010-05-22 [mir] 3.7.6cvs8 + + * src/ldapctrl.c + Fix bug 2208. Encode encrypted password to qouted + printable to avoid making invalid XML. Encoding + will be activated the first time the password is + changed. + 2010-05-22 [paul] 3.7.6cvs7 * manual/advanced.xml diff --git a/PATCHSETS b/PATCHSETS index b53b971cb..09928633c 100644 --- a/PATCHSETS +++ b/PATCHSETS @@ -4003,3 +4003,4 @@ ( cvs diff -u -r 1.9.2.30 -r 1.9.2.31 src/gtk/sslcertwindow.c; ) > 3.7.6cvs5.patchset ( cvs diff -u -r 1.382.2.550 -r 1.382.2.551 src/compose.c; ) > 3.7.6cvs6.patchset ( cvs diff -u -r 1.1.2.53 -r 1.1.2.54 manual/advanced.xml; cvs diff -u -r 1.382.2.551 -r 1.382.2.552 src/compose.c; cvs diff -u -r 1.204.2.196 -r 1.204.2.197 src/prefs_common.c; cvs diff -u -r 1.103.2.129 -r 1.103.2.130 src/prefs_common.h; ) > 3.7.6cvs7.patchset +( cvs diff -u -r 1.2.2.20 -r 1.2.2.21 src/ldapctrl.c; ) > 3.7.6cvs8.patchset diff --git a/configure.ac b/configure.ac index ea2f99b6a..21f7c1374 100644 --- a/configure.ac +++ b/configure.ac @@ -12,7 +12,7 @@ MINOR_VERSION=7 MICRO_VERSION=6 INTERFACE_AGE=0 BINARY_AGE=0 -EXTRA_VERSION=7 +EXTRA_VERSION=8 EXTRA_RELEASE= EXTRA_GTK2_VERSION= @@ -174,7 +174,7 @@ case "$target" in ;; *-*-solaris*) CPPFLAGS="$CPPFLAGS -D_POSIX_PTHREAD_SEMANTICS" - CFLAGS="$CFLAGS -DSOLARIS" + CFLAGS="$CFLAGS -std=gnu99 -DSOLARIS" ;; esac diff --git a/src/ldapctrl.c b/src/ldapctrl.c index f9693882e..e436c0ef4 100644 --- a/src/ldapctrl.c +++ b/src/ldapctrl.c @@ -36,6 +36,7 @@ #include "passcrypt.h" #include "editaddress_other_attributes_ldap.h" #include "common/utils.h" +#include "common/quoted-printable.h" /** * Create new LDAP control block object. @@ -140,7 +141,7 @@ void ldapctl_set_bind_dn( LdapControl* ctl, const gchar *value ) { */ void ldapctl_set_bind_password( LdapControl* ctl, const gchar *value, gboolean encrypt, gboolean change ) { - gchar *buf = NULL, *tmp; + gchar *buf, *tmp; ctl->bindPass = mgu_replace_string( ctl->bindPass, value ); @@ -148,23 +149,36 @@ void ldapctl_set_bind_password( return; g_strstrip( ctl->bindPass ); - + + buf = tmp = NULL; if ( encrypt ) { /* If first char is not ! the password is not encrypted */ if (ctl->bindPass[0] == '!' || change) { if (ctl->bindPass[0] != '!' && change) buf = mgu_replace_string( buf, ctl->bindPass ); - else - buf = mgu_replace_string( buf, ctl->bindPass + 1 ); + else { + if (ctl->bindPass[1] != '|') + buf = mgu_replace_string( buf, ctl->bindPass + 1 ); + else { + /* quoted printable decode */ + buf = mgu_replace_string( buf, ctl->bindPass + 2 ); + qp_decode_line(buf); + } + } + passcrypt_encrypt( buf, strlen(buf) ); if (ctl->bindPass[0] != '!' && change) { - tmp = g_strconcat( "!", buf, NULL ); + /* quoted printable encode */ + tmp = g_malloc0(qp_get_q_encoding_len(buf) + 1); + qp_q_encode(tmp, buf); g_free(buf); - buf = g_strdup(tmp); + buf = g_strconcat( "!|", tmp, NULL ); g_free(tmp); } + ctl->bindPass = mgu_replace_string( ctl->bindPass, buf ); g_free(buf); + } } debug_print("setting bindPassword\n"); @@ -182,9 +196,18 @@ gchar* ldapctl_get_bind_password( LdapControl* ctl ) { pwd = mgu_replace_string( pwd, ctl->bindPass ); /* If first char is not ! the password is not encrypted */ if (pwd && pwd[0] == '!') { - buf = g_strdup(pwd + 1); + if (pwd[1] && pwd[1] == '|') { + buf = g_strdup(pwd + 2); + /* quoted printable decode */ + qp_decode_line(buf); + } + else { + buf = g_strdup(pwd + 1); + } g_free(pwd); + passcrypt_decrypt( buf, strlen(buf) ); + pwd = g_strdup(buf); g_free(buf); } -- 2.25.1