aboutsummaryrefslogtreecommitdiffstats
path: root/addressbook/backend
diff options
context:
space:
mode:
authorChris Toshok <toshok@ximian.com>2002-03-10 09:57:47 +0800
committerChris Toshok <toshok@src.gnome.org>2002-03-10 09:57:47 +0800
commit9ccdadd473a220eac94f67ff94d52ab9893e00b7 (patch)
tree6b1902a2fe7cc4e111c24c667080e82df85169e7 /addressbook/backend
parentb6d54c7762636036e6b9173ef8c40befd5ddd1d8 (diff)
downloadgsoc2013-evolution-9ccdadd473a220eac94f67ff94d52ab9893e00b7.tar.gz
gsoc2013-evolution-9ccdadd473a220eac94f67ff94d52ab9893e00b7.tar.zst
gsoc2013-evolution-9ccdadd473a220eac94f67ff94d52ab9893e00b7.zip
add TLSNotAvailable to BookLister_CallStatus.
2002-03-09 Chris Toshok <toshok@ximian.com> * backend/idl/addressbook.idl: add TLSNotAvailable to BookLister_CallStatus. * backend/ebook/e-book-types.h: add TLS_NOT_AVAILABLE to the EBookStatus enum. * backend/ebook/e-book-listener.c (e_book_listener_convert_status): add TLS_NOT_AVAILABLE to the switch. * backend/pas/pas-backend-ldap.c (pas_backend_ldap_get_static_capabilities): fix name. (pas_backend_ldap_class_init): fix name. (pas_backend_ldap_connect): change return type to CallStatus so we can return different errors from here. Also, do STARTTLS if the user has asked for it and the connection supports it, returning TLSNotAvailable (and close the connection) if they chose to require it. (pas_backend_ldap_load_uri): return pas_backend_ldap_connect. (func_beginswith): pull in change from evolution-1-0-branch to make full_name beginswith search both cn and sn. svn path=/trunk/; revision=16005
Diffstat (limited to 'addressbook/backend')
-rw-r--r--addressbook/backend/ebook/e-book-listener.c2
-rw-r--r--addressbook/backend/ebook/e-book-types.h1
-rw-r--r--addressbook/backend/idl/addressbook.idl3
-rw-r--r--addressbook/backend/pas/pas-backend-ldap.c73
4 files changed, 63 insertions, 16 deletions
diff --git a/addressbook/backend/ebook/e-book-listener.c b/addressbook/backend/ebook/e-book-listener.c
index 139eb849fa..ce85ed75ba 100644
--- a/addressbook/backend/ebook/e-book-listener.c
+++ b/addressbook/backend/ebook/e-book-listener.c
@@ -630,6 +630,8 @@ e_book_listener_convert_status (const GNOME_Evolution_Addressbook_BookListener_C
return E_BOOK_STATUS_CARD_ID_ALREADY_EXISTS;
case GNOME_Evolution_Addressbook_BookListener_ProtocolNotSupported:
return E_BOOK_STATUS_PROTOCOL_NOT_SUPPORTED;
+ case GNOME_Evolution_Addressbook_BookListener_TLSNotAvailable:
+ return E_BOOK_STATUS_TLS_NOT_AVAILABLE;
case GNOME_Evolution_Addressbook_BookListener_OtherError:
return E_BOOK_STATUS_OTHER_ERROR;
default:
diff --git a/addressbook/backend/ebook/e-book-types.h b/addressbook/backend/ebook/e-book-types.h
index 9ce3323bdf..398e46d74c 100644
--- a/addressbook/backend/ebook/e-book-types.h
+++ b/addressbook/backend/ebook/e-book-types.h
@@ -26,6 +26,7 @@ typedef enum {
E_BOOK_STATUS_PROTOCOL_NOT_SUPPORTED,
E_BOOK_STATUS_CANCELLED,
E_BOOK_STATUS_AUTHENTICATION_FAILED,
+ E_BOOK_STATUS_TLS_NOT_AVAILABLE,
E_BOOK_STATUS_OTHER_ERROR
} EBookStatus;
diff --git a/addressbook/backend/idl/addressbook.idl b/addressbook/backend/idl/addressbook.idl
index 21479d1de2..fe2870fcde 100644
--- a/addressbook/backend/idl/addressbook.idl
+++ b/addressbook/backend/idl/addressbook.idl
@@ -99,6 +99,9 @@ module Addressbook {
AuthenticationFailed,
AuthenticationRequired,
UnsupportedField,
+
+ TLSNotAvailable,
+
OtherError
};
diff --git a/addressbook/backend/pas/pas-backend-ldap.c b/addressbook/backend/pas/pas-backend-ldap.c
index aebe05d98d..f9f092117d 100644
--- a/addressbook/backend/pas/pas-backend-ldap.c
+++ b/addressbook/backend/pas/pas-backend-ldap.c
@@ -46,6 +46,11 @@
#include <stdlib.h>
+typedef enum {
+ PAS_BACKEND_LDAP_TLS_NO,
+ PAS_BACKEND_LDAP_TLS_ALWAYS,
+ PAS_BACKEND_LDAP_TLS_WHEN_POSSIBLE,
+} PASBackendLDAPUseTLS;
/* interval for our poll_ldap timeout */
#define LDAP_POLL_INTERVAL 20
@@ -77,6 +82,7 @@ typedef struct _PASBackendLDAPCursorPrivate PASBackendLDAPCursorPrivate;
typedef struct _PASBackendLDAPBookView PASBackendLDAPBookView;
typedef struct LDAPOp LDAPOp;
+
struct _PASBackendLDAPPrivate {
char *uri;
gboolean connected;
@@ -91,6 +97,11 @@ struct _PASBackendLDAPPrivate {
gboolean ldap_v3; /* TRUE if the server supports protocol
revision 3 (necessary for TLS) */
+ gboolean starttls; /* TRUE if the *library* supports
+ starttls. will be false if openssl
+ was not built into openldap. */
+ PASBackendLDAPUseTLS use_tls;
+
GList *book_views;
LDAP *ldap;
@@ -522,7 +533,7 @@ query_ldap_root_dse (PASBackendLDAP *bl)
}
-static void
+static GNOME_Evolution_Addressbook_BookListener_CallStatus
pas_backend_ldap_connect (PASBackendLDAP *bl)
{
PASBackendLDAPPrivate *blpriv = bl->priv;
@@ -532,7 +543,7 @@ pas_backend_ldap_connect (PASBackendLDAP *bl)
ldap_unbind (blpriv->ldap);
blpriv->ldap = ldap_init (blpriv->ldap_host, blpriv->ldap_port);
-#ifdef DEBUG
+#if defined (DEBUG) && defined (LDAP_OPT_DEBUG_LEVEL)
{
int debug_level = 4;
ldap_set_option (blpriv->ldap, LDAP_OPT_DEBUG_LEVEL, &debug_level);
@@ -552,23 +563,32 @@ pas_backend_ldap_connect (PASBackendLDAP *bl)
}
}
-#if notyet
- if (TRUE /* the user wants to use TLS */) {
+ if (bl->priv->use_tls) {
if (bl->priv->ldap_v3 /* the server supports v3 */) {
ldap_error = ldap_start_tls_s (blpriv->ldap, NULL, NULL);
if (LDAP_SUCCESS != ldap_error) {
- g_warning ("ldap_start_tls_s failed with ldap_error 0x%2x (%s)",
- ldap_error,
- ldap_err2string (ldap_error));
+ if (bl->priv->use_tls == PAS_BACKEND_LDAP_TLS_ALWAYS) {
+ g_message ("TLS not available (fatal version), (ldap_error 0x%02x)", ldap_error);
+ ldap_unbind (blpriv->ldap);
+ blpriv->ldap = NULL;
+ return GNOME_Evolution_Addressbook_BookListener_TLSNotAvailable;
+ }
+ else {
+ g_message ("TLS not available (ldap_error 0x%02x)", ldap_error);
+ }
}
else
g_message ("TLS active");
}
else {
g_warning ("user wants to use TLS, but server doesn't support LDAPv3");
+ if (bl->priv->use_tls == PAS_BACKEND_LDAP_TLS_ALWAYS) {
+ ldap_unbind (blpriv->ldap);
+ blpriv->ldap = NULL;
+ return GNOME_Evolution_Addressbook_BookListener_TLSNotAvailable;
+ }
}
}
-#endif
blpriv->connected = TRUE;
@@ -576,6 +596,8 @@ pas_backend_ldap_connect (PASBackendLDAP *bl)
might not be able to if we can't authenticate. if we
can't, try again in auth_user.) */
check_schema_support (bl);
+
+ return GNOME_Evolution_Addressbook_BookListener_Success;
}
else {
g_warning ("pas_backend_ldap_connect failed for "
@@ -584,6 +606,7 @@ pas_backend_ldap_connect (PASBackendLDAP *bl)
blpriv->ldap_port,
blpriv->ldap_rootdn ? blpriv->ldap_rootdn : "");
blpriv->connected = FALSE;
+ return GNOME_Evolution_Addressbook_BookListener_RepositoryOffline;
}
}
@@ -2317,7 +2340,13 @@ func_beginswith(struct _ESExp *f, int argc, struct _ESExpResult **argv, void *da
the right thing if the server supports them or not,
and for entries that have no fileAs attribute. */
if (ldap_attr) {
- if (!strcmp (ldap_attr, "fileAs")) {
+ if (!strcmp (propname, "full_name")) {
+ ldap_data->list = g_list_prepend(ldap_data->list,
+ g_strdup_printf(
+ "(|(cn=%s*)(sn=%s*))",
+ str, str));
+ }
+ else if (!strcmp (ldap_attr, "fileAs")) {
ldap_data->list = g_list_prepend(ldap_data->list,
g_strdup_printf(
"(|(fileAs=%s*)(&(!(fileAs=*))(sn=%s*)))",
@@ -2966,6 +2995,22 @@ pas_backend_ldap_load_uri (PASBackend *backend,
if (value)
limit = atoi(value);
}
+ else if (key_length == strlen("use_tls") && !strncmp (attributes[i], "use_tls", key_length)) {
+ if (value) {
+ if (!strncmp (value, "always", 6)) {
+ bl->priv->use_tls = PAS_BACKEND_LDAP_TLS_ALWAYS;
+ }
+ else if (!strncmp (value, "when-possible", 3)) {
+ bl->priv->use_tls = PAS_BACKEND_LDAP_TLS_WHEN_POSSIBLE;
+ }
+ else {
+ g_warning ("unhandled value for use_tls, not using it");
+ }
+ }
+ else {
+ bl->priv->use_tls = PAS_BACKEND_LDAP_TLS_WHEN_POSSIBLE;
+ }
+ }
}
ldap_error = ldap_url_parse ((char*)attributes[0], &lud);
@@ -2985,11 +3030,7 @@ pas_backend_ldap_load_uri (PASBackend *backend,
ldap_free_urldesc(lud);
- pas_backend_ldap_connect (bl);
- if (bl->priv->ldap == NULL)
- return GNOME_Evolution_Addressbook_BookListener_RepositoryOffline;
- else
- return GNOME_Evolution_Addressbook_BookListener_Success;
+ return pas_backend_ldap_connect (bl);
} else
return GNOME_Evolution_Addressbook_BookListener_OtherError;
}
@@ -3088,7 +3129,7 @@ pas_backend_ldap_remove_client (PASBackend *backend,
}
static char *
-pas_backend_ldap_get_static_capabilites (PASBackend *backend)
+pas_backend_ldap_get_static_capabilities (PASBackend *backend)
{
return g_strdup("net");
}
@@ -3173,7 +3214,7 @@ pas_backend_ldap_class_init (PASBackendLDAPClass *klass)
parent_class->get_uri = pas_backend_ldap_get_uri;
parent_class->add_client = pas_backend_ldap_add_client;
parent_class->remove_client = pas_backend_ldap_remove_client;
- parent_class->get_static_capabilities = pas_backend_ldap_get_static_capabilites;
+ parent_class->get_static_capabilities = pas_backend_ldap_get_static_capabilities;
object_class->destroy = pas_backend_ldap_destroy;
}