Author: jsuchome Date: Fri Mar 18 08:54:54 2011 New Revision: 63586 URL: http://svn.opensuse.org/viewcvs/yast?rev=63586&view=rev Log: - added support for setting TLS options - added command to close the connection - 2.17.4 Modified: branches/SuSE-Code-11-SP2-Branch/ldap/VERSION branches/SuSE-Code-11-SP2-Branch/ldap/doc/ldap.html branches/SuSE-Code-11-SP2-Branch/ldap/package/yast2-ldap.changes branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.cc branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.h branches/SuSE-Code-11-SP2-Branch/ldap/yast2-ldap.spec.in Modified: branches/SuSE-Code-11-SP2-Branch/ldap/VERSION URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap/VERSION?rev=63586&r1=63585&r2=63586&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap/VERSION (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap/VERSION Fri Mar 18 08:54:54 2011 @@ -1 +1 @@ -2.17.3 +2.17.4 Modified: branches/SuSE-Code-11-SP2-Branch/ldap/doc/ldap.html URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap/doc/ldap.html?rev=63586&r1=63585&r2=63586&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap/doc/ldap.html (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap/doc/ldap.html Fri Mar 18 08:54:54 2011 @@ -450,6 +450,15 @@ </td> </tr> + <tr><td><tt>.ldap.close</td> + <td align="left">none</td> + <td>Closes current connection: does UNBIND and destroys current object.<br> + <pre> + Execute (.ldap.close) + </pre> + + </td> + </tr> </table> Modified: branches/SuSE-Code-11-SP2-Branch/ldap/package/yast2-ldap.changes URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap/package/yast2-ldap.changes?rev=63586&r1=63585&r2=63586&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap/package/yast2-ldap.changes (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap/package/yast2-ldap.changes Fri Mar 18 08:54:54 2011 @@ -1,4 +1,11 @@ ------------------------------------------------------------------- +Fri Mar 18 08:25:57 CET 2011 - jsuchome@suse.cz + +- added support for setting TLS options +- added command to close the connection +- 2.17.4 + +------------------------------------------------------------------- Wed Sep 3 14:34:14 CEST 2008 - jsuchome@suse.cz - LdapServerAccess.pm: adapted to new LdapServer API Modified: branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.cc URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.cc?rev=63586&r1=63585&r2=63586&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.cc (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.cc Fri Mar 18 08:54:54 2011 @@ -500,6 +500,33 @@ } /** + * Adapt TLS Settings of existing LDAP connection + * args is argument map got from YCP call + * tls is string, values are "yes" and "try" + */ +void LdapAgent::set_tls_options (YCPMap args, string set_tls) +{ + string cacertfile = getValue (args, "cacertfile"); + string cacertdir = getValue (args, "cacertdir"); + + TlsOptions tls = ldap->getTlsOptions(); + if (cacertfile != "") { + tls.setOption (TlsOptions::CACERTFILE, cacertfile); + } + if (cacertdir != "") { + tls.setOption (TlsOptions::CACERTDIR, cacertdir); + } + + if (set_tls == "yes") { + tls.setOption (TlsOptions::REQUIRE_CERT, TlsOptions::DEMAND); + } + if (set_tls == "try") { + tls.setOption (TlsOptions::REQUIRE_CERT, TlsOptions::TRY); + } +} + + +/** * Dir */ YCPList LdapAgent::Dir(const YCPPath& path) @@ -1230,7 +1257,6 @@ } port = getIntValue (argmap, "port", DEFAULT_PORT); - // int version = getIntValue (argmap, "version", 3); TODO // TODO how/where to set this? cons = new LDAPConstraints; @@ -1248,6 +1274,7 @@ // start TLS if proper parameter is given string tls = getValue (argmap, "use_tls"); + set_tls_options (argmap, tls); if (tls == "try" || tls == "yes") { try { @@ -1402,6 +1429,16 @@ ldap->unbind(); return YCPBoolean(true); } + /** + * close the connection, delete object + */ + else if (PC(0) == "close") { + ldap->unbind(); + delete ldap; + ldap = NULL; + ldap_initialized = false; + return YCPBoolean(true); + } /** * Initialize schema: read and parse it */ @@ -1436,6 +1473,7 @@ } else if (PC(0) == "start_tls") { + set_tls_options (argmap, "yes"); try { ldap->start_tls (); } @@ -1446,6 +1484,7 @@ } return YCPBoolean(true); } + else { y2error("Wrong path '%s' in Execute().", path->toString().c_str()); } Modified: branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.h URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.h?rev=63586&r1=63585&r2=63586&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.h (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap/src/LdapAgent.h Fri Mar 18 08:54:54 2011 @@ -157,6 +157,11 @@ void debug_referral (LDAPReferralException e, string action); /** + * Adapt TLS Settings of existing LDAP connection + */ + void set_tls_options (YCPMap args, string tls); + + /** * creates attributes for new LDAP object and fills their values */ void generate_attr_list (LDAPAttributeList* attrs, YCPMap map); Modified: branches/SuSE-Code-11-SP2-Branch/ldap/yast2-ldap.spec.in URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap/yast2-ldap.spec.in?rev=63586&r1=63585&r2=63586&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap/yast2-ldap.spec.in (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap/yast2-ldap.spec.in Fri Mar 18 08:54:54 2011 @@ -1,6 +1,8 @@ @HEADER-COMMENT@ @HEADER@ +Group: System/YaST +License: GPL v2 or later BuildRequires: gcc-c++ libldapcpp-devel libxcrypt-devel yast2-devtools doxygen yast2-core-devel yast2 Summary: SCR agent for accessing LDAP. Requires: ldapcpplib yast2 -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org