[Commits] [SCM] claws branch, master, updated. 3.13.2-117-g8d59235

ticho at claws-mail.org ticho at claws-mail.org
Sat Apr 9 18:03:21 CEST 2016


The branch, master has been updated
       via  8d59235e93965971d61375baa4a35a86a16e99a3 (commit)
      from  39a8fb83ee7abecd487ec28c17d83235968e5f6b (commit)

Summary of changes:
 src/addrindex.c  |    9 +++--
 src/editldap.c   |   18 +++++-----
 src/ldapctrl.c   |   96 +++---------------------------------------------------
 src/ldapctrl.h   |    1 -
 src/ldapserver.c |    8 +++--
 src/ldaputil.c   |    1 -
 6 files changed, 25 insertions(+), 108 deletions(-)


- Log -----------------------------------------------------------------
commit 8d59235e93965971d61375baa4a35a86a16e99a3
Author: Andrej Kacian <ticho at claws-mail.org>
Date:   Sat Apr 9 18:03:01 2016 +0200

    Addressbook now uses password store for LDAP passwords.

diff --git a/src/addrindex.c b/src/addrindex.c
index 307527f..f102e96 100644
--- a/src/addrindex.c
+++ b/src/addrindex.c
@@ -42,6 +42,7 @@
 #include "addr_compl.h"
 #include "utils.h"
 #include "alertpanel.h"
+#include "passwordstore.h"
 
 #ifndef DEV_STANDALONE
 #include "prefs_gtk.h"
@@ -1354,6 +1355,7 @@ static AddressDataSource *addrindex_parse_ldap( XMLFile *file ) {
 	gboolean bDynSearch;
 	gboolean bTLS, bSSL;
 	gint iMatch;
+	gchar *password = NULL;
 
 	/* g_print( "addrindex_parse_ldap\n" ); */
 	/* Set up some defaults */
@@ -1387,7 +1389,7 @@ static AddressDataSource *addrindex_parse_ldap( XMLFile *file ) {
 			ldapctl_set_bind_dn( ctl, value );
 		}
 		else if( strcmp( name, ATTAG_LDAP_BIND_PASS ) == 0 ) {
-			ldapctl_set_bind_password( ctl, value, FALSE, FALSE );
+			password = value;
 		}
 		else if( strcmp( name, ATTAG_LDAP_CRITERIA ) == 0 ) {
 			g_free( criteria );
@@ -1430,6 +1432,9 @@ static AddressDataSource *addrindex_parse_ldap( XMLFile *file ) {
 		attr = g_list_next( attr );
 	}
 
+	if (password != NULL)
+		passwd_store_set(PWS_CORE, "LDAP", ctl->hostName, password, TRUE);
+
 	server = ldapsvr_create_noctl();
 	ldapsvr_set_name( server, serverName );
 	ldapsvr_set_search_flag( server, bDynSearch );
@@ -1484,8 +1489,6 @@ static int addrindex_write_ldap( FILE *fp, AddressDataSource *ds, gint lvl ) {
 		return -1;
 	if (addrindex_write_attr( fp, ATTAG_LDAP_BIND_DN, ctl->bindDN ) < 0)
 		return -1;
-	if (addrindex_write_attr( fp, ATTAG_LDAP_BIND_PASS, ctl->bindPass ) < 0)
-		return -1;
 
 	sprintf( value, "%d", ctl->maxEntries );
 	if (addrindex_write_attr( fp, ATTAG_LDAP_MAX_ENTRY, value ) < 0)
diff --git a/src/editldap.c b/src/editldap.c
index 8213ce3..cb7927b 100644
--- a/src/editldap.c
+++ b/src/editldap.c
@@ -45,6 +45,7 @@
 #include "manage_window.h"
 #include "gtkutils.h"
 #include "prefs_gtk.h"
+#include "passwordstore.h"
 
 #define PAGE_BASIC      0
 #define PAGE_SEARCH     1
@@ -885,7 +886,6 @@ static void edit_ldap_clear_fields(void) {
 static void edit_ldap_set_fields( LdapServer *server ) {
 	LdapControl *ctl;
 	gchar *crit;
-	gchar *pwd;
 
 	if( ldapsvr_get_name( server ) )
 		gtk_entry_set_text(GTK_ENTRY(ldapedit.entry_name),
@@ -901,11 +901,8 @@ static void edit_ldap_set_fields( LdapServer *server ) {
 	if( ctl->bindDN )
 		gtk_entry_set_text(
 			GTK_ENTRY(ldapedit.entry_bindDN), ctl->bindDN );
-	if( ctl->bindPass ) {
-		pwd = ldapctl_get_bind_password( ctl );
-		gtk_entry_set_text(	GTK_ENTRY(ldapedit.entry_bindPW),  pwd );
-		g_free(pwd);
-	}
+	gtk_entry_set_text(	GTK_ENTRY(ldapedit.entry_bindPW),
+			passwd_store_get(PWS_CORE, "LDAP", ctl->hostName));
 	gtk_spin_button_set_value(
 		GTK_SPIN_BUTTON(ldapedit.spinbtn_timeout), ctl->timeOut );
 	gtk_spin_button_set_value(
@@ -1036,7 +1033,6 @@ AdapterDSource *addressbook_edit_ldap(
 		ldapctl_set_host( ctl, sHost );
 		ldapctl_set_base_dn( ctl, sBase );
 		ldapctl_set_bind_dn( ctl, sBind );
-		ldapctl_set_bind_password( ctl, sPass, TRUE, TRUE );
 		ldapctl_set_port( ctl, iPort );
 		ldapctl_set_max_entries( ctl, iMaxE );
 		ldapctl_set_timeout( ctl, iTime );
@@ -1049,6 +1045,9 @@ AdapterDSource *addressbook_edit_ldap(
 
 		addrindex_save_data(addrIndex);
 
+		passwd_store_set(PWS_CORE, "LDAP", sHost, sPass, FALSE);
+		passwd_store_write_config();
+
 		/* Save attributes */
 		editldap_parse_criteria( sCrit, ctl );
 
@@ -1057,9 +1056,12 @@ AdapterDSource *addressbook_edit_ldap(
 	g_free( sHost );
 	g_free( sBase );
 	g_free( sBind );
-	g_free( sPass );
 	g_free( sCrit );
 
+	if (sPass != NULL && strlen(sPass) > 0)
+		memset(sPass, 0, strlen(sPass));
+	g_free( sPass );
+
 	return ads;
 }
 
diff --git a/src/ldapctrl.c b/src/ldapctrl.c
index 052dc12..dd273b9 100644
--- a/src/ldapctrl.c
+++ b/src/ldapctrl.c
@@ -34,7 +34,7 @@
 
 #include "ldapctrl.h"
 #include "mgutils.h"
-#include "passcrypt.h"
+#include "passwordstore.h"
 #include "editaddress_other_attributes_ldap.h"
 #include "common/utils.h"
 #include "common/quoted-printable.h"
@@ -51,7 +51,6 @@ LdapControl *ldapctl_create( void ) {
 	ctl->port = LDAPCTL_DFL_PORT;
 	ctl->baseDN = NULL;
 	ctl->bindDN = NULL;
-	ctl->bindPass = NULL;
 	ctl->listCriteria = NULL;
 	ctl->attribEMail = g_strdup( LDAPCTL_ATTR_EMAIL );
 	ctl->attribCName = g_strdup( LDAPCTL_ATTR_COMMONNAME );
@@ -134,92 +133,6 @@ void ldapctl_set_bind_dn( LdapControl* ctl, const gchar *value ) {
 }
 
 /**
- * Specify bind password to be used.
- * \param ctl  Control object to process.
- * \param value Password.
- * \param encrypt Encrypt password
- * \param change Save encrypted
- */
-void ldapctl_set_bind_password( 
-	LdapControl* ctl, const gchar *value, gboolean encrypt, gboolean change ) {
-	gchar *buf, *tmp;
-
-	ctl->bindPass = mgu_replace_string( ctl->bindPass, value );
-
-	if ( ctl->bindPass == NULL )
-		return;
-
-	g_strstrip( ctl->bindPass );
-	
-	buf = tmp = NULL;
-	if ( encrypt ) {
-		/* If first char is not ! the password is not encrypted */
-		if (ctl->bindPass[0] == '!' || change) {
-			if (ctl->bindPass[0] != '!' && change)
-				buf = mgu_replace_string( buf, ctl->bindPass );
-			else {
-				if (ctl->bindPass[1] != '|')
-					buf = mgu_replace_string( buf, ctl->bindPass + 1 );
-				else {
-					/* quoted printable decode */
-					buf = mgu_replace_string( buf, ctl->bindPass + 2 );
-					qp_decode_line(buf);
-				}
-			}
-			
-			passcrypt_encrypt( buf, strlen(buf) );
-			if (ctl->bindPass[0] != '!' && change) {
-				/* quoted printable encode */
-				tmp = g_malloc0(qp_get_q_encoding_len(buf) + 1);
-				qp_q_encode(tmp, buf);
-				g_free(buf);
-				buf = g_strconcat( "!|", tmp, NULL );
-				g_free(tmp);
-			}
-
-			ctl->bindPass = mgu_replace_string( ctl->bindPass, buf );
-			g_free(buf);
-			
-		}
-	}
-	debug_print("setting bindPassword\n");
-}
-
-/**
- * Fetch bind password to be used.
- * \param ctl  Control object to process.
- * \return Decrypted password.
- */
-gchar* ldapctl_get_bind_password( LdapControl* ctl ) {
-	gchar *pwd = NULL, *buf;
-
-	if ( ctl->bindPass != NULL ) {
-		pwd = mgu_replace_string( pwd, ctl->bindPass );
-		/* If first char is not ! the password is not encrypted */
-		if (pwd && pwd[0] == '!') {
-			if (pwd[1] && pwd[1] == '|') {
-				buf = g_strdup(pwd + 2);
-				/* quoted printable decode */
-				qp_decode_line(buf);
-			}
-			else {
-				buf = g_strdup(pwd + 1);
-			}
-			g_free(pwd);
-			
-			passcrypt_decrypt( buf, strlen(buf) );
-
-			pwd = g_strdup(buf);
-			g_free(buf);
-		}
-	}
-
-	debug_print("getting bindPassword\n");
-
-	return pwd;
-}
-
-/**
  * Specify maximum number of entries to retrieve.
  * \param ctl  Control object to process.
  * \param value Maximum entries.
@@ -361,7 +274,6 @@ static void ldapctl_clear( LdapControl *ctl ) {
 	g_free( ctl->hostName );
 	g_free( ctl->baseDN );
 	g_free( ctl->bindDN );
-	g_free( ctl->bindPass );
 	g_free( ctl->attribEMail );
 	g_free( ctl->attribCName );
 	g_free( ctl->attribFName );
@@ -375,7 +287,6 @@ static void ldapctl_clear( LdapControl *ctl ) {
 	ctl->port = 0;
 	ctl->baseDN = NULL;
 	ctl->bindDN = NULL;
-	ctl->bindPass = NULL;
 	ctl->attribEMail = NULL;
 	ctl->attribCName = NULL;
 	ctl->attribFName = NULL;
@@ -425,8 +336,10 @@ void ldapctl_print( const LdapControl *ctl, FILE *stream ) {
 	fprintf( stream, "     port: %d\n",   ctl->port );
 	fprintf( stream, "  base dn: '%s'\n", ctl->baseDN?ctl->baseDN:"null" );
 	fprintf( stream, "  bind dn: '%s'\n", ctl->bindDN?ctl->bindDN:"null" );
-	pwd = ldapctl_get_bind_password((LdapControl *) ctl);
+	pwd = passwd_store_get(PWS_CORE, "LDAP", ctl->hostName);
 	fprintf( stream, "bind pass: '%s'\n", pwd?pwd:"null" );
+	if (pwd != NULL && strlen(pwd) > 0)
+		memset(pwd, 0, strlen(pwd));
 	g_free(pwd);
 	fprintf( stream, "attr mail: '%s'\n", ctl->attribEMail?ctl->attribEMail:"null" );
 	fprintf( stream, "attr comn: '%s'\n", ctl->attribCName?ctl->attribCName:"null" );
@@ -474,7 +387,6 @@ void ldapctl_copy( const LdapControl *ctlFrom, LdapControl *ctlTo ) {
 	ctlTo->hostName = g_strdup( ctlFrom->hostName );
 	ctlTo->baseDN = g_strdup( ctlFrom->baseDN );
 	ctlTo->bindDN = g_strdup( ctlFrom->bindDN );
-	ctlTo->bindPass = g_strdup( ctlFrom->bindPass );
 	ctlTo->attribEMail = g_strdup( ctlFrom->attribEMail );
 	ctlTo->attribCName = g_strdup( ctlFrom->attribCName );
 	ctlTo->attribFName = g_strdup( ctlFrom->attribFName );
diff --git a/src/ldapctrl.h b/src/ldapctrl.h
index b76500f..4167361 100644
--- a/src/ldapctrl.h
+++ b/src/ldapctrl.h
@@ -64,7 +64,6 @@ struct _LdapControl {
 	gint      port;
 	gchar     *baseDN;
 	gchar     *bindDN;
-	gchar     *bindPass;
 	gint      maxEntries;
 	gint      timeOut;
 	gint      maxQueryAge;
diff --git a/src/ldapserver.c b/src/ldapserver.c
index 5006f46..9507b52 100644
--- a/src/ldapserver.c
+++ b/src/ldapserver.c
@@ -41,6 +41,7 @@
 #include "ldaputil.h"
 #include "utils.h"
 #include "adbookbase.h"
+#include "passwordstore.h"
 
 /**
  * Create new LDAP server interface object with no control object.
@@ -851,16 +852,17 @@ LDAP *ldapsvr_connect(LdapControl *ctl) {
 	/* Bind to the server, if required */
 	if (ctl->bindDN) {
 		if (* ctl->bindDN != '\0') {
-			pwd = ldapctl_get_bind_password(ctl);
+			pwd = passwd_store_get(PWS_CORE, "LDAP", ctl->hostName);
 			rc = claws_ldap_simple_bind_s(ld, ctl->bindDN, pwd);
+			if (pwd != NULL && strlen(pwd) > 0)
+				memset(pwd, 0, strlen(pwd));
+			g_free(pwd);
 			if (rc != LDAP_SUCCESS) {
 				g_printerr("bindDN: %s, bindPass xxx\n", ctl->bindDN);
 				g_printerr("LDAP Error(bind): ldap_simple_bind_s: %s\n",
 					ldaputil_get_error(ld));
-				g_free(pwd);
 				return NULL;
 			}
-			g_free(pwd);
 		}
 	}
 	return ld;
diff --git a/src/ldaputil.c b/src/ldaputil.c
index 305036c..060c82d 100644
--- a/src/ldaputil.c
+++ b/src/ldaputil.c
@@ -247,7 +247,6 @@ GList *ldaputil_read_basedn(
 	ldapctl_set_host(ctl, host);
 	ldapctl_set_timeout(ctl, tov);
 	ldapctl_set_bind_dn(ctl, bindDN);
-	ldapctl_set_bind_password(ctl, bindPW, FALSE, FALSE);
 
 	ld = ldapsvr_connect(ctl);
 	if (ld == NULL) {

-----------------------------------------------------------------------


hooks/post-receive
-- 
Claws Mail


More information about the Commits mailing list