aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--addressbook/ChangeLog23
-rw-r--r--addressbook/backend/ebook/e-book-listener.c2
-rw-r--r--addressbook/backend/ebook/e-book-types.h1
-rw-r--r--addressbook/backend/idl/addressbook.idl3
-rw-r--r--addressbook/backend/pas/pas-backend-ldap.c73
5 files changed, 86 insertions, 16 deletions
diff --git a/addressbook/ChangeLog b/addressbook/ChangeLog
index ab1eb8eb3d..ab61673333 100644
--- a/addressbook/ChangeLog
+++ b/addressbook/ChangeLog
@@ -1,5 +1,28 @@
2002-03-09 Chris Toshok <toshok@ximian.com>
+ * backend/idl/addressbook.idl: add TLSNotAvailable to
+ BookLister_CallStatus.
+
+ * backend/ebook/e-book-types.h: add TLS_NOT_AVAILABLE to the EBookStatus enum.
+
+ * backend/ebook/e-book-listener.c
+ (e_book_listener_convert_status): add TLS_NOT_AVAILABLE to the
+ switch.
+
+ * backend/pas/pas-backend-ldap.c
+ (pas_backend_ldap_get_static_capabilities): fix name.
+ (pas_backend_ldap_class_init): fix name.
+ (pas_backend_ldap_connect): change return type to CallStatus so we
+ can return different errors from here. Also, do STARTTLS if the
+ user has asked for it and the connection supports it, returning
+ TLSNotAvailable (and close the connection) if they chose to
+ require it.
+ (pas_backend_ldap_load_uri): return pas_backend_ldap_connect.
+ (func_beginswith): pull in change from evolution-1-0-branch to
+ make full_name beginswith search both cn and sn.
+
+2002-03-09 Chris Toshok <toshok@ximian.com>
+
* gui/widgets/e-addressbook-view.c (jump_to_letter): since I've
gone ahead and made the file backend (by way of
pas-backend-card-sexp.c) use case insensitive searches for
diff --git a/addressbook/backend/ebook/e-book-listener.c b/addressbook/backend/ebook/e-book-listener.c
index 139eb849fa..ce85ed75ba 100644
--- a/addressbook/backend/ebook/e-book-listener.c
+++ b/addressbook/backend/ebook/e-book-listener.c
@@ -630,6 +630,8 @@ e_book_listener_convert_status (const GNOME_Evolution_Addressbook_BookListener_C
return E_BOOK_STATUS_CARD_ID_ALREADY_EXISTS;
case GNOME_Evolution_Addressbook_BookListener_ProtocolNotSupported:
return E_BOOK_STATUS_PROTOCOL_NOT_SUPPORTED;
+ case GNOME_Evolution_Addressbook_BookListener_TLSNotAvailable:
+ return E_BOOK_STATUS_TLS_NOT_AVAILABLE;
case GNOME_Evolution_Addressbook_BookListener_OtherError:
return E_BOOK_STATUS_OTHER_ERROR;
default:
diff --git a/addressbook/backend/ebook/e-book-types.h b/addressbook/backend/ebook/e-book-types.h
index 9ce3323bdf..398e46d74c 100644
--- a/addressbook/backend/ebook/e-book-types.h
+++ b/addressbook/backend/ebook/e-book-types.h
@@ -26,6 +26,7 @@ typedef enum {
E_BOOK_STATUS_PROTOCOL_NOT_SUPPORTED,
E_BOOK_STATUS_CANCELLED,
E_BOOK_STATUS_AUTHENTICATION_FAILED,
+ E_BOOK_STATUS_TLS_NOT_AVAILABLE,
E_BOOK_STATUS_OTHER_ERROR
} EBookStatus;
diff --git a/addressbook/backend/idl/addressbook.idl b/addressbook/backend/idl/addressbook.idl
index 21479d1de2..fe2870fcde 100644
--- a/addressbook/backend/idl/addressbook.idl
+++ b/addressbook/backend/idl/addressbook.idl
@@ -99,6 +99,9 @@ module Addressbook {
AuthenticationFailed,
AuthenticationRequired,
UnsupportedField,
+
+ TLSNotAvailable,
+
OtherError
};
diff --git a/addressbook/backend/pas/pas-backend-ldap.c b/addressbook/backend/pas/pas-backend-ldap.c
index aebe05d98d..f9f092117d 100644
--- a/addressbook/backend/pas/pas-backend-ldap.c
+++ b/addressbook/backend/pas/pas-backend-ldap.c
@@ -46,6 +46,11 @@
#include <stdlib.h>
+typedef enum {
+ PAS_BACKEND_LDAP_TLS_NO,
+ PAS_BACKEND_LDAP_TLS_ALWAYS,
+ PAS_BACKEND_LDAP_TLS_WHEN_POSSIBLE,
+} PASBackendLDAPUseTLS;
/* interval for our poll_ldap timeout */
#define LDAP_POLL_INTERVAL 20
@@ -77,6 +82,7 @@ typedef struct _PASBackendLDAPCursorPrivate PASBackendLDAPCursorPrivate;
typedef struct _PASBackendLDAPBookView PASBackendLDAPBookView;
typedef struct LDAPOp LDAPOp;
+
struct _PASBackendLDAPPrivate {
char *uri;
gboolean connected;
@@ -91,6 +97,11 @@ struct _PASBackendLDAPPrivate {
gboolean ldap_v3; /* TRUE if the server supports protocol
revision 3 (necessary for TLS) */
+ gboolean starttls; /* TRUE if the *library* supports
+ starttls. will be false if openssl
+ was not built into openldap. */
+ PASBackendLDAPUseTLS use_tls;
+
GList *book_views;
LDAP *ldap;
@@ -522,7 +533,7 @@ query_ldap_root_dse (PASBackendLDAP *bl)
}
-static void
+static GNOME_Evolution_Addressbook_BookListener_CallStatus
pas_backend_ldap_connect (PASBackendLDAP *bl)
{
PASBackendLDAPPrivate *blpriv = bl->priv;
@@ -532,7 +543,7 @@ pas_backend_ldap_connect (PASBackendLDAP *bl)
ldap_unbind (blpriv->ldap);
blpriv->ldap = ldap_init (blpriv->ldap_host, blpriv->ldap_port);
-#ifdef DEBUG
+#if defined (DEBUG) && defined (LDAP_OPT_DEBUG_LEVEL)
{
int debug_level = 4;
ldap_set_option (blpriv->ldap, LDAP_OPT_DEBUG_LEVEL, &debug_level);
@@ -552,23 +563,32 @@ pas_backend_ldap_connect (PASBackendLDAP *bl)
}
}
-#if notyet
- if (TRUE /* the user wants to use TLS */) {
+ if (bl->priv->use_tls) {
if (bl->priv->ldap_v3 /* the server supports v3 */) {
ldap_error = ldap_start_tls_s (blpriv->ldap, NULL, NULL);
if (LDAP_SUCCESS != ldap_error) {
- g_warning ("ldap_start_tls_s failed with ldap_error 0x%2x (%s)",
- ldap_error,
- ldap_err2string (ldap_error));
+ if (bl->priv->use_tls == PAS_BACKEND_LDAP_TLS_ALWAYS) {
+ g_message ("TLS not available (fatal version), (ldap_error 0x%02x)", ldap_error);
+ ldap_unbind (blpriv->ldap);
+ blpriv->ldap = NULL;
+ return GNOME_Evolution_Addressbook_BookListener_TLSNotAvailable;
+ }
+ else {
+ g_message ("TLS not available (ldap_error 0x%02x)", ldap_error);
+ }
}
else
g_message ("TLS active");
}
else {
g_warning ("user wants to use TLS, but server doesn't support LDAPv3");
+ if (bl->priv->use_tls == PAS_BACKEND_LDAP_TLS_ALWAYS) {
+ ldap_unbind (blpriv->ldap);
+ blpriv->ldap = NULL;
+ return GNOME_Evolution_Addressbook_BookListener_TLSNotAvailable;
+ }
}
}
-#endif
blpriv->connected = TRUE;
@@ -576,6 +596,8 @@ pas_backend_ldap_connect (PASBackendLDAP *bl)
might not be able to if we can't authenticate. if we
can't, try again in auth_user.) */
check_schema_support (bl);
+
+ return GNOME_Evolution_Addressbook_BookListener_Success;
}
else {
g_warning ("pas_backend_ldap_connect failed for "
@@ -584,6 +606,7 @@ pas_backend_ldap_connect (PASBackendLDAP *bl)
blpriv->ldap_port,
blpriv->ldap_rootdn ? blpriv->ldap_rootdn : "");
blpriv->connected = FALSE;
+ return GNOME_Evolution_Addressbook_BookListener_RepositoryOffline;
}
}
@@ -2317,7 +2340,13 @@ func_beginswith(struct _ESExp *f, int argc, struct _ESExpResult **argv, void *da
the right thing if the server supports them or not,
and for entries that have no fileAs attribute. */
if (ldap_attr) {
- if (!strcmp (ldap_attr, "fileAs")) {
+ if (!strcmp (propname, "full_name")) {
+ ldap_data->list = g_list_prepend(ldap_data->list,
+ g_strdup_printf(
+ "(|(cn=%s*)(sn=%s*))",
+ str, str));
+ }
+ else if (!strcmp (ldap_attr, "fileAs")) {
ldap_data->list = g_list_prepend(ldap_data->list,
g_strdup_printf(
"(|(fileAs=%s*)(&(!(fileAs=*))(sn=%s*)))",
@@ -2966,6 +2995,22 @@ pas_backend_ldap_load_uri (PASBackend *backend,
if (value)
limit = atoi(value);
}
+ else if (key_length == strlen("use_tls") && !strncmp (attributes[i], "use_tls", key_length)) {
+ if (value) {
+ if (!strncmp (value, "always", 6)) {
+ bl->priv->use_tls = PAS_BACKEND_LDAP_TLS_ALWAYS;
+ }
+ else if (!strncmp (value, "when-possible", 3)) {
+ bl->priv->use_tls = PAS_BACKEND_LDAP_TLS_WHEN_POSSIBLE;
+ }
+ else {
+ g_warning ("unhandled value for use_tls, not using it");
+ }
+ }
+ else {
+ bl->priv->use_tls = PAS_BACKEND_LDAP_TLS_WHEN_POSSIBLE;
+ }
+ }
}
ldap_error = ldap_url_parse ((char*)attributes[0], &lud);
@@ -2985,11 +3030,7 @@ pas_backend_ldap_load_uri (PASBackend *backend,
ldap_free_urldesc(lud);
- pas_backend_ldap_connect (bl);
- if (bl->priv->ldap == NULL)
- return GNOME_Evolution_Addressbook_BookListener_RepositoryOffline;
- else
- return GNOME_Evolution_Addressbook_BookListener_Success;
+ return pas_backend_ldap_connect (bl);
} else
return GNOME_Evolution_Addressbook_BookListener_OtherError;
}
@@ -3088,7 +3129,7 @@ pas_backend_ldap_remove_client (PASBackend *backend,
}
static char *
-pas_backend_ldap_get_static_capabilites (PASBackend *backend)
+pas_backend_ldap_get_static_capabilities (PASBackend *backend)
{
return g_strdup("net");
}
@@ -3173,7 +3214,7 @@ pas_backend_ldap_class_init (PASBackendLDAPClass *klass)
parent_class->get_uri = pas_backend_ldap_get_uri;
parent_class->add_client = pas_backend_ldap_add_client;
parent_class->remove_client = pas_backend_ldap_remove_client;
- parent_class->get_static_capabilities = pas_backend_ldap_get_static_capabilites;
+ parent_class->get_static_capabilities = pas_backend_ldap_get_static_capabilities;
object_class->destroy = pas_backend_ldap_destroy;
}