[Commits] [SCM] claws branch, master, updated. 3.13.2-117-g8d59235
ticho at claws-mail.org
ticho at claws-mail.org
Sat Apr 9 18:03:21 CEST 2016
The branch, master has been updated
via 8d59235e93965971d61375baa4a35a86a16e99a3 (commit)
from 39a8fb83ee7abecd487ec28c17d83235968e5f6b (commit)
Summary of changes:
src/addrindex.c | 9 +++--
src/editldap.c | 18 +++++-----
src/ldapctrl.c | 96 +++---------------------------------------------------
src/ldapctrl.h | 1 -
src/ldapserver.c | 8 +++--
src/ldaputil.c | 1 -
6 files changed, 25 insertions(+), 108 deletions(-)
- Log -----------------------------------------------------------------
commit 8d59235e93965971d61375baa4a35a86a16e99a3
Author: Andrej Kacian <ticho at claws-mail.org>
Date: Sat Apr 9 18:03:01 2016 +0200
Addressbook now uses password store for LDAP passwords.
diff --git a/src/addrindex.c b/src/addrindex.c
index 307527f..f102e96 100644
--- a/src/addrindex.c
+++ b/src/addrindex.c
@@ -42,6 +42,7 @@
#include "addr_compl.h"
#include "utils.h"
#include "alertpanel.h"
+#include "passwordstore.h"
#ifndef DEV_STANDALONE
#include "prefs_gtk.h"
@@ -1354,6 +1355,7 @@ static AddressDataSource *addrindex_parse_ldap( XMLFile *file ) {
gboolean bDynSearch;
gboolean bTLS, bSSL;
gint iMatch;
+ gchar *password = NULL;
/* g_print( "addrindex_parse_ldap\n" ); */
/* Set up some defaults */
@@ -1387,7 +1389,7 @@ static AddressDataSource *addrindex_parse_ldap( XMLFile *file ) {
ldapctl_set_bind_dn( ctl, value );
}
else if( strcmp( name, ATTAG_LDAP_BIND_PASS ) == 0 ) {
- ldapctl_set_bind_password( ctl, value, FALSE, FALSE );
+ password = value;
}
else if( strcmp( name, ATTAG_LDAP_CRITERIA ) == 0 ) {
g_free( criteria );
@@ -1430,6 +1432,9 @@ static AddressDataSource *addrindex_parse_ldap( XMLFile *file ) {
attr = g_list_next( attr );
}
+ if (password != NULL)
+ passwd_store_set(PWS_CORE, "LDAP", ctl->hostName, password, TRUE);
+
server = ldapsvr_create_noctl();
ldapsvr_set_name( server, serverName );
ldapsvr_set_search_flag( server, bDynSearch );
@@ -1484,8 +1489,6 @@ static int addrindex_write_ldap( FILE *fp, AddressDataSource *ds, gint lvl ) {
return -1;
if (addrindex_write_attr( fp, ATTAG_LDAP_BIND_DN, ctl->bindDN ) < 0)
return -1;
- if (addrindex_write_attr( fp, ATTAG_LDAP_BIND_PASS, ctl->bindPass ) < 0)
- return -1;
sprintf( value, "%d", ctl->maxEntries );
if (addrindex_write_attr( fp, ATTAG_LDAP_MAX_ENTRY, value ) < 0)
diff --git a/src/editldap.c b/src/editldap.c
index 8213ce3..cb7927b 100644
--- a/src/editldap.c
+++ b/src/editldap.c
@@ -45,6 +45,7 @@
#include "manage_window.h"
#include "gtkutils.h"
#include "prefs_gtk.h"
+#include "passwordstore.h"
#define PAGE_BASIC 0
#define PAGE_SEARCH 1
@@ -885,7 +886,6 @@ static void edit_ldap_clear_fields(void) {
static void edit_ldap_set_fields( LdapServer *server ) {
LdapControl *ctl;
gchar *crit;
- gchar *pwd;
if( ldapsvr_get_name( server ) )
gtk_entry_set_text(GTK_ENTRY(ldapedit.entry_name),
@@ -901,11 +901,8 @@ static void edit_ldap_set_fields( LdapServer *server ) {
if( ctl->bindDN )
gtk_entry_set_text(
GTK_ENTRY(ldapedit.entry_bindDN), ctl->bindDN );
- if( ctl->bindPass ) {
- pwd = ldapctl_get_bind_password( ctl );
- gtk_entry_set_text( GTK_ENTRY(ldapedit.entry_bindPW), pwd );
- g_free(pwd);
- }
+ gtk_entry_set_text( GTK_ENTRY(ldapedit.entry_bindPW),
+ passwd_store_get(PWS_CORE, "LDAP", ctl->hostName));
gtk_spin_button_set_value(
GTK_SPIN_BUTTON(ldapedit.spinbtn_timeout), ctl->timeOut );
gtk_spin_button_set_value(
@@ -1036,7 +1033,6 @@ AdapterDSource *addressbook_edit_ldap(
ldapctl_set_host( ctl, sHost );
ldapctl_set_base_dn( ctl, sBase );
ldapctl_set_bind_dn( ctl, sBind );
- ldapctl_set_bind_password( ctl, sPass, TRUE, TRUE );
ldapctl_set_port( ctl, iPort );
ldapctl_set_max_entries( ctl, iMaxE );
ldapctl_set_timeout( ctl, iTime );
@@ -1049,6 +1045,9 @@ AdapterDSource *addressbook_edit_ldap(
addrindex_save_data(addrIndex);
+ passwd_store_set(PWS_CORE, "LDAP", sHost, sPass, FALSE);
+ passwd_store_write_config();
+
/* Save attributes */
editldap_parse_criteria( sCrit, ctl );
@@ -1057,9 +1056,12 @@ AdapterDSource *addressbook_edit_ldap(
g_free( sHost );
g_free( sBase );
g_free( sBind );
- g_free( sPass );
g_free( sCrit );
+ if (sPass != NULL && strlen(sPass) > 0)
+ memset(sPass, 0, strlen(sPass));
+ g_free( sPass );
+
return ads;
}
diff --git a/src/ldapctrl.c b/src/ldapctrl.c
index 052dc12..dd273b9 100644
--- a/src/ldapctrl.c
+++ b/src/ldapctrl.c
@@ -34,7 +34,7 @@
#include "ldapctrl.h"
#include "mgutils.h"
-#include "passcrypt.h"
+#include "passwordstore.h"
#include "editaddress_other_attributes_ldap.h"
#include "common/utils.h"
#include "common/quoted-printable.h"
@@ -51,7 +51,6 @@ LdapControl *ldapctl_create( void ) {
ctl->port = LDAPCTL_DFL_PORT;
ctl->baseDN = NULL;
ctl->bindDN = NULL;
- ctl->bindPass = NULL;
ctl->listCriteria = NULL;
ctl->attribEMail = g_strdup( LDAPCTL_ATTR_EMAIL );
ctl->attribCName = g_strdup( LDAPCTL_ATTR_COMMONNAME );
@@ -134,92 +133,6 @@ void ldapctl_set_bind_dn( LdapControl* ctl, const gchar *value ) {
}
/**
- * Specify bind password to be used.
- * \param ctl Control object to process.
- * \param value Password.
- * \param encrypt Encrypt password
- * \param change Save encrypted
- */
-void ldapctl_set_bind_password(
- LdapControl* ctl, const gchar *value, gboolean encrypt, gboolean change ) {
- gchar *buf, *tmp;
-
- ctl->bindPass = mgu_replace_string( ctl->bindPass, value );
-
- if ( ctl->bindPass == NULL )
- return;
-
- g_strstrip( ctl->bindPass );
-
- buf = tmp = NULL;
- if ( encrypt ) {
- /* If first char is not ! the password is not encrypted */
- if (ctl->bindPass[0] == '!' || change) {
- if (ctl->bindPass[0] != '!' && change)
- buf = mgu_replace_string( buf, ctl->bindPass );
- else {
- if (ctl->bindPass[1] != '|')
- buf = mgu_replace_string( buf, ctl->bindPass + 1 );
- else {
- /* quoted printable decode */
- buf = mgu_replace_string( buf, ctl->bindPass + 2 );
- qp_decode_line(buf);
- }
- }
-
- passcrypt_encrypt( buf, strlen(buf) );
- if (ctl->bindPass[0] != '!' && change) {
- /* quoted printable encode */
- tmp = g_malloc0(qp_get_q_encoding_len(buf) + 1);
- qp_q_encode(tmp, buf);
- g_free(buf);
- buf = g_strconcat( "!|", tmp, NULL );
- g_free(tmp);
- }
-
- ctl->bindPass = mgu_replace_string( ctl->bindPass, buf );
- g_free(buf);
-
- }
- }
- debug_print("setting bindPassword\n");
-}
-
-/**
- * Fetch bind password to be used.
- * \param ctl Control object to process.
- * \return Decrypted password.
- */
-gchar* ldapctl_get_bind_password( LdapControl* ctl ) {
- gchar *pwd = NULL, *buf;
-
- if ( ctl->bindPass != NULL ) {
- pwd = mgu_replace_string( pwd, ctl->bindPass );
- /* If first char is not ! the password is not encrypted */
- if (pwd && pwd[0] == '!') {
- if (pwd[1] && pwd[1] == '|') {
- buf = g_strdup(pwd + 2);
- /* quoted printable decode */
- qp_decode_line(buf);
- }
- else {
- buf = g_strdup(pwd + 1);
- }
- g_free(pwd);
-
- passcrypt_decrypt( buf, strlen(buf) );
-
- pwd = g_strdup(buf);
- g_free(buf);
- }
- }
-
- debug_print("getting bindPassword\n");
-
- return pwd;
-}
-
-/**
* Specify maximum number of entries to retrieve.
* \param ctl Control object to process.
* \param value Maximum entries.
@@ -361,7 +274,6 @@ static void ldapctl_clear( LdapControl *ctl ) {
g_free( ctl->hostName );
g_free( ctl->baseDN );
g_free( ctl->bindDN );
- g_free( ctl->bindPass );
g_free( ctl->attribEMail );
g_free( ctl->attribCName );
g_free( ctl->attribFName );
@@ -375,7 +287,6 @@ static void ldapctl_clear( LdapControl *ctl ) {
ctl->port = 0;
ctl->baseDN = NULL;
ctl->bindDN = NULL;
- ctl->bindPass = NULL;
ctl->attribEMail = NULL;
ctl->attribCName = NULL;
ctl->attribFName = NULL;
@@ -425,8 +336,10 @@ void ldapctl_print( const LdapControl *ctl, FILE *stream ) {
fprintf( stream, " port: %d\n", ctl->port );
fprintf( stream, " base dn: '%s'\n", ctl->baseDN?ctl->baseDN:"null" );
fprintf( stream, " bind dn: '%s'\n", ctl->bindDN?ctl->bindDN:"null" );
- pwd = ldapctl_get_bind_password((LdapControl *) ctl);
+ pwd = passwd_store_get(PWS_CORE, "LDAP", ctl->hostName);
fprintf( stream, "bind pass: '%s'\n", pwd?pwd:"null" );
+ if (pwd != NULL && strlen(pwd) > 0)
+ memset(pwd, 0, strlen(pwd));
g_free(pwd);
fprintf( stream, "attr mail: '%s'\n", ctl->attribEMail?ctl->attribEMail:"null" );
fprintf( stream, "attr comn: '%s'\n", ctl->attribCName?ctl->attribCName:"null" );
@@ -474,7 +387,6 @@ void ldapctl_copy( const LdapControl *ctlFrom, LdapControl *ctlTo ) {
ctlTo->hostName = g_strdup( ctlFrom->hostName );
ctlTo->baseDN = g_strdup( ctlFrom->baseDN );
ctlTo->bindDN = g_strdup( ctlFrom->bindDN );
- ctlTo->bindPass = g_strdup( ctlFrom->bindPass );
ctlTo->attribEMail = g_strdup( ctlFrom->attribEMail );
ctlTo->attribCName = g_strdup( ctlFrom->attribCName );
ctlTo->attribFName = g_strdup( ctlFrom->attribFName );
diff --git a/src/ldapctrl.h b/src/ldapctrl.h
index b76500f..4167361 100644
--- a/src/ldapctrl.h
+++ b/src/ldapctrl.h
@@ -64,7 +64,6 @@ struct _LdapControl {
gint port;
gchar *baseDN;
gchar *bindDN;
- gchar *bindPass;
gint maxEntries;
gint timeOut;
gint maxQueryAge;
diff --git a/src/ldapserver.c b/src/ldapserver.c
index 5006f46..9507b52 100644
--- a/src/ldapserver.c
+++ b/src/ldapserver.c
@@ -41,6 +41,7 @@
#include "ldaputil.h"
#include "utils.h"
#include "adbookbase.h"
+#include "passwordstore.h"
/**
* Create new LDAP server interface object with no control object.
@@ -851,16 +852,17 @@ LDAP *ldapsvr_connect(LdapControl *ctl) {
/* Bind to the server, if required */
if (ctl->bindDN) {
if (* ctl->bindDN != '\0') {
- pwd = ldapctl_get_bind_password(ctl);
+ pwd = passwd_store_get(PWS_CORE, "LDAP", ctl->hostName);
rc = claws_ldap_simple_bind_s(ld, ctl->bindDN, pwd);
+ if (pwd != NULL && strlen(pwd) > 0)
+ memset(pwd, 0, strlen(pwd));
+ g_free(pwd);
if (rc != LDAP_SUCCESS) {
g_printerr("bindDN: %s, bindPass xxx\n", ctl->bindDN);
g_printerr("LDAP Error(bind): ldap_simple_bind_s: %s\n",
ldaputil_get_error(ld));
- g_free(pwd);
return NULL;
}
- g_free(pwd);
}
}
return ld;
diff --git a/src/ldaputil.c b/src/ldaputil.c
index 305036c..060c82d 100644
--- a/src/ldaputil.c
+++ b/src/ldaputil.c
@@ -247,7 +247,6 @@ GList *ldaputil_read_basedn(
ldapctl_set_host(ctl, host);
ldapctl_set_timeout(ctl, tov);
ldapctl_set_bind_dn(ctl, bindDN);
- ldapctl_set_bind_password(ctl, bindPW, FALSE, FALSE);
ld = ldapsvr_connect(ctl);
if (ld == NULL) {
-----------------------------------------------------------------------
hooks/post-receive
--
Claws Mail
More information about the Commits
mailing list