[gq-commit] gq/src ref-browse.c,1.4,1.5 util.c,1.75,1.76 util.h,1.26,1.27
Status: Beta
Brought to you by:
sur5r
Menu
▾
▴
[gq-commit] gq/src ref-browse.c,1.4,1.5 util.c,1.75,1.76 util.h,1.26,1.27
|
From: <sta...@us...> - 2003-10-20 11:33:37
|
Update of /cvsroot/gqclient/gq/src
In directory sc8-pr-cvs1:/tmp/cvs-serv16958
Modified Files:
ref-browse.c util.c util.h
Log Message:
* Extended referral chasing - try different strategies to find
a proper binddn/pw for a referral - SECURITY: MUST think about security
implications.
Index: ref-browse.c
===================================================================
RCS file: /cvsroot/gqclient/gq/src/ref-browse.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** ref-browse.c 19 Oct 2003 12:01:31 -0000 1.4
--- ref-browse.c 20 Oct 2003 08:26:55 -0000 1.5
***************
*** 145,148 ****
--- 145,186 ----
if (ldap_url_parse(entry->uri, &desc) == 0) {
+ struct ldapserver *parent = NULL, *newserver = NULL;
+ const char *labels[] = { desc->lud_dn, NULL };
+ char *dummy[] = { "dummy", NULL };
+ GtkCTreeNode *new_item, *added = NULL;
+ browse_entry *new_entry;
+
+
+ /* find parent server */
+ GtkCTreeRow *row = NULL;
+ GtkCTreeNode *n;
+ browse_entry *e;
+
+ n = GTK_CTREE_ROW(node)->parent;
+ for ( ; n ; n = row->parent ) {
+ row = GTK_CTREE_ROW(n);
+ e = (browse_entry *)
+ gtk_ctree_node_get_row_data(ctree, n);
+
+ /* FIXME: This is not OO */
+ if (IS_SERVER_ENTRY(e)) {
+ parent = ((server_browse_entry*) e)->server;
+ break;
+ }
+ if (IS_REF_ENTRY(e)) {
+ parent = ((ref_browse_entry*) e)->server;
+ break;
+ }
+ }
+
+ if (!parent) {
+ return;
+ }
+
+ newserver = get_referral_server(parent, entry->uri);
+
+
+ #if 0
+
const char *labels[] = { desc->lud_dn, NULL };
char *dummy[] = { "dummy", NULL };
***************
*** 150,153 ****
--- 188,194 ----
GtkCTreeNode *new_item, *added = NULL;
browse_entry *new_entry;
+
+
+
GString *new_uri =
g_string_sized_new(strlen(entry->uri));
***************
*** 203,207 ****
g_free_and_dup(newserver->ldaphost, new_uri->str);
g_free_and_dup(newserver->basedn, desc->lud_dn);
!
canonicalize_ldapserver(newserver);
--- 244,249 ----
g_free_and_dup(newserver->ldaphost, new_uri->str);
g_free_and_dup(newserver->basedn, desc->lud_dn);
! #endif
! newserver->quiet = 1;
canonicalize_ldapserver(newserver);
Index: util.c
===================================================================
RCS file: /cvsroot/gqclient/gq/src/util.c,v
retrieving revision 1.75
retrieving revision 1.76
diff -C2 -d -r1.75 -r1.76
*** util.c 19 Oct 2003 11:51:35 -0000 1.75
--- util.c 20 Oct 2003 08:26:55 -0000 1.76
***************
*** 65,68 ****
--- 65,69 ----
#include "mainwin.h"
#include "input.h"
+ #include "mainwin.h" /* message_log_append */
#include "utf8-compat.h"
***************
*** 297,300 ****
--- 298,302 ----
*/
+
if (ld && server->show_ref) {
LDAPControl c;
***************
*** 337,340 ****
--- 339,448 ----
}
+ /** Returns a ldapserver object (either an existing or a newly
+ created) usable to search below the base_url.
+
+ The server gets looked up in the following way:
+
+ 1) the credentials of the parent server get used with a
+ newly created ldapserver
+
+ 2) The base_url gets looked up as the canonical name. If a match
+ is found and the credentials for this server work a copy of the
+ thus found object gets returned
+
+ 3) An anonymous bind gets attempted.
+ */
+ struct ldapserver *get_referral_server(struct ldapserver *parent,
+ const char *base_url)
+ {
+ LDAPURLDesc *desc = NULL;
+ struct ldapserver *newserver = NULL, *s;
+
+ assert(parent);
+
+ if (ldap_url_parse(base_url, &desc) == 0) {
+ GString *new_uri = g_string_sized_new(strlen(base_url));
+ g_string_sprintf(new_uri, "%s://%s:%d/",
+ desc->lud_scheme,
+ desc->lud_host,
+ desc->lud_port);
+
+ newserver = new_ldapserver();
+
+ copy_ldapserver(newserver, parent);
+
+ g_free_and_dup(newserver->name, new_uri->str);
+ g_free_and_dup(newserver->ldaphost, new_uri->str);
+ g_free_and_dup(newserver->basedn, desc->lud_dn);
+
+ /* some sensible settings for the "usual" case:
+ Anonymous bind. Also show referrals */
+ newserver->ask_pw = 0;
+ newserver->show_ref = 1;
+ newserver->quiet = 1;
+
+ if (open_connection(newserver)) {
+ close_connection(newserver, FALSE);
+
+ statusbar_msg(_("Initialized temporary server-definition '%1$s' from existing server '%2$s'"), new_uri->str, parent->name);
+
+ goto done;
+ }
+
+ /* check: do we have this server around already??? */
+ s = server_by_canon_name(new_uri->str, TRUE);
+
+ if (s) {
+ copy_ldapserver(newserver, s);
+
+ g_free_and_dup(newserver->name, new_uri->str);
+ g_free_and_dup(newserver->ldaphost, new_uri->str);
+ g_free_and_dup(newserver->basedn, desc->lud_dn);
+
+ /* some sensible settings for the "usual" case:
+ Anonymous bind. Also show referrals */
+ newserver->ask_pw = 0;
+ newserver->show_ref = 1;
+ newserver->quiet = 1;
+
+ if (open_connection(newserver)) {
+ close_connection(newserver, FALSE);
+ statusbar_msg(_("Initialized temporary server-definition '%1$s' from existing server '%2$s'"), new_uri->str, s->name);
+ goto done;
+ }
+ }
+
+ /* anonymous */
+ copy_ldapserver(newserver, parent);
+
+ g_free_and_dup(newserver->name, new_uri->str);
+ g_free_and_dup(newserver->ldaphost, new_uri->str);
+ g_free_and_dup(newserver->basedn, desc->lud_dn);
+
+ g_free_and_dup(newserver->binddn, "");
+ g_free_and_dup(newserver->bindpw, "");
+ g_free_and_dup(newserver->enteredpw, "");
+
+ newserver->bindtype = BINDTYPE_SIMPLE;
+
+ if (open_connection(newserver)) {
+ close_connection(newserver, FALSE);
+ statusbar_msg(_("Initialized temporary server-definition '%1$s' from existing server '%2$s'"), new_uri->str, parent->name);
+ goto done;
+ }
+ /* nothing usable found - retry */
+ }
+
+ done:
+ if (desc) ldap_free_urldesc(desc);
+ if (newserver) {
+ newserver->quiet = 0;
+ canonicalize_ldapserver(newserver);
+ }
+
+ return newserver;
+ }
+
+
/*
***************
*** 797,801 ****
msgid = gtk_statusbar_push(GTK_STATUSBAR(mainwin.statusbar),
context, buf);
!
g_free(buf);
--- 905,909 ----
msgid = gtk_statusbar_push(GTK_STATUSBAR(mainwin.statusbar),
context, buf);
! message_log_append(buf);
g_free(buf);
***************
*** 1613,1617 ****
/* try LDAP V3 style config */
! statusbar_msg(_("Base search on NULL DN"));
msg = ldap_search_s(ld, "", LDAP_SCOPE_BASE, "(objectclass=*)",
ldapv3_config, 0, &res);
--- 1721,1725 ----
/* try LDAP V3 style config */
! statusbar_msg(_("Base search on NULL DN on server '%s'"), server->name);
msg = ldap_search_s(ld, "", LDAP_SCOPE_BASE, "(objectclass=*)",
ldapv3_config, 0, &res);
Index: util.h
===================================================================
RCS file: /cvsroot/gqclient/gq/src/util.h,v
retrieving revision 1.26
retrieving revision 1.27
diff -C2 -d -r1.26 -r1.27
*** util.h 18 Oct 2003 08:27:00 -0000 1.26
--- util.h 20 Oct 2003 08:26:55 -0000 1.27
***************
*** 85,88 ****
--- 85,91 ----
gboolean include_transient);
+ struct ldapserver *get_referral_server(struct ldapserver *parent,
+ const char *base_url);
+
/* returns TRUE if server is NOT in the config ldapserver list */
gboolean is_transient_server(const struct ldapserver *server);
|
