Hello community,
here is the log from the commit of package yast2-ldap-client for openSUSE:Factory
checked in at Wed Apr 21 01:54:00 CEST 2010.
--------
--- yast2-ldap-client/yast2-ldap-client.changes 2010-01-13 09:13:26.000000000 +0100
+++ /mounts/work_src_done/STABLE/yast2-ldap-client/yast2-ldap-client.changes 2010-04-20 11:54:57.000000000 +0200
@@ -1,0 +2,14 @@
+Tue Apr 20 08:42:15 CEST 2010 - jsuchome(a)suse.cz
+
+- added UI for downloading CA certificates, enable editing of
+ certificate directory (bnc#574704)
+- 2.19.1
+
+------------------------------------------------------------------
+Wed Jan 13 18:56:03 CET 2010 - kmachalkova(a)suse.cz
+
+- Adjusted .desktop file(s) to wrap /sbin/yast2/ calls in xdg-su
+ where root privileges are needed, removed X-KDE-SubstituteUID key
+ (bnc#540627)
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
yast2-ldap-client-2.19.0.tar.bz2
New:
----
yast2-ldap-client-2.19.1.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-ldap-client.spec ++++++
--- /var/tmp/diff_new_pack.qYW0G1/_old 2010-04-21 01:53:40.000000000 +0200
+++ /var/tmp/diff_new_pack.qYW0G1/_new 2010-04-21 01:53:40.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package yast2-ldap-client (Version 2.19.0)
+# spec file for package yast2-ldap-client (Version 2.19.1)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -19,27 +19,37 @@
Name: yast2-ldap-client
-Version: 2.19.0
+Version: 2.19.1
Release: 1
+
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source0: yast2-ldap-client-2.19.0.tar.bz2
+Source0: yast2-ldap-client-2.19.1.tar.bz2
+
Prefix: /usr
+
Group: System/YaST
License: GPLv2+
BuildRequires: doxygen perl-XML-Writer update-desktop-files yast2 yast2-devtools yast2-network yast2-pam yast2-testsuite
+
PreReq: %fillup_prereq
+
# SLPAPI.pm
Requires: yast2 >= 2.15.17
+
Requires: yast2-network
+
# removed lowercasing of LDAP object names
Requires: yast2-ldap >= 2.17.1
+
# new API of Pam.ycp
Requires: yast2-pam >= 2.14.0
Provides: yast2-config-ldap_client
Obsoletes: yast2-config-ldap_client
Provides: yast2-trans-ldap_client
Obsoletes: yast2-trans-ldap_client
+
BuildArch: noarch
+
Summary: YaST2 - LDAP Client Configuration
%description
@@ -47,14 +57,16 @@
OpenLDAP server will be used for user authentication.
%prep
-%setup -n yast2-ldap-client-2.19.0
+%setup -n yast2-ldap-client-2.19.1
%build
%{prefix}/bin/y2tool y2autoconf
%{prefix}/bin/y2tool y2automake
autoreconf --force --install
+
export CFLAGS="$RPM_OPT_FLAGS -DNDEBUG"
export CXXFLAGS="$RPM_OPT_FLAGS -DNDEBUG"
+
%{?suse_update_config:%{suse_update_config -f}}
./configure --libdir=%{_libdir} --prefix=%{prefix} --mandir=%{_mandir}
# V=1: verbose build in case we used AM_SILENT_RULES(yes)
@@ -87,5 +99,6 @@
/usr/share/YaST2/scrconf/*.scr
/usr/share/YaST2/schema/autoyast/rnc/ldap_client.rnc
%doc %{prefix}/share/doc/packages/yast2-ldap-client
+
/var/adm/fillup-templates/sysconfig.ldap
%changelog
++++++ yast2-ldap-client-2.19.0.tar.bz2 -> yast2-ldap-client-2.19.1.tar.bz2 ++++++
++++ 1860 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.19.0/VERSION new/yast2-ldap-client-2.19.1/VERSION
--- old/yast2-ldap-client-2.19.0/VERSION 2010-01-13 09:08:58.000000000 +0100
+++ new/yast2-ldap-client-2.19.1/VERSION 2010-04-20 08:43:05.000000000 +0200
@@ -1 +1 @@
-2.19.0
+2.19.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.19.0/src/Ldap.ycp new/yast2-ldap-client-2.19.1/src/Ldap.ycp
--- old/yast2-ldap-client-2.19.0/src/Ldap.ycp 2010-01-13 09:06:16.000000000 +0100
+++ new/yast2-ldap-client-2.19.1/src/Ldap.ycp 2010-04-20 11:54:38.000000000 +0200
@@ -5,7 +5,7 @@
* Authors: Thorsten Kukuk <kukuk(a)suse.de>
* Anas Nashif <nashif(a)suse.de>
*
- * $Id: Ldap.ycp 57771 2009-06-26 13:23:09Z jsuchome $
+ * $Id: Ldap.ycp 61773 2010-04-20 09:54:37Z jsuchome $
*/
{
@@ -110,6 +110,13 @@
global boolean ldap_v2 = false;
global boolean ldap_tls = false;
+ // CA certificates for server certificate verification
+ // At least one of these are required if tls_checkpeer is "yes"
+ global string tls_cacertdir = "";
+ global string tls_cacertfile = "";
+ // Require and verify server certificate (yes/no)
+ global string tls_checkpeer = "yes";
+
// Which crypt method should be used?
global string pam_password = "exop";
@@ -389,6 +396,9 @@
create_ldap = settings ["create_ldap"]:false;
login_enabled = settings ["login_enabled"]:true;
_start_autofs = settings ["start_autofs"]:false;
+ tls_cacertdir = settings ["tls_cacertdir"]:"";
+ tls_cacertfile = settings ["tls_cacertfile"]:"";
+ tls_checkpeer = settings ["tls_checkpeer"]:"yes";
if (_start_autofs)
required_packages = (list<string>) union (required_packages, ["autofs"]);
@@ -431,6 +441,12 @@
"create_ldap" : create_ldap,
"login_enabled" : login_enabled
];
+ if (tls_checkpeer != "yes")
+ e["tls_checkpeer"] = tls_checkpeer;
+ if (tls_cacertdir != "")
+ e["tls_cacertdir"] = tls_cacertdir;
+ if (tls_cacertfile != "")
+ e["tls_cacertfile"] = tls_cacertfile;
if (nss_base_passwd != base_dn)
e["nss_base_passwd"] = nss_base_passwd;
if (nss_base_shadow != base_dn)
@@ -676,6 +692,9 @@
ldap_v2 = (ReadLdapConfEntry ("ldap_version", "3") == "2");
ldap_tls = (ReadLdapConfEntry ("ssl", "no") == "start_tls");
+ tls_cacertdir = ReadLdapConfEntry ("tls_cacertdir", "");
+ tls_cacertfile = ReadLdapConfEntry ("tls_cacertfile", "");
+ tls_checkpeer = ReadLdapConfEntry ("tls_checkpeer", "yes");
nss_base_passwd = ReadLdapConfEntry ("nss_base_passwd", base_dn);
nss_base_shadow = ReadLdapConfEntry ("nss_base_shadow", base_dn);
@@ -1868,10 +1887,6 @@
[server]);
SCR::Write(.etc.ldap_conf.v."/etc/openldap/ldap.conf".base,
[base_dn]);
- if (ldap_tls)
- {
- SCR::Write(.etc.ldap_conf.v."/etc/openldap/ldap.conf".TLS_REQCERT, ["allow"]);
- }
y2milestone ("file /etc/openldap/ldap.conf was modified");
}
return write_openldap_conf;
@@ -2304,6 +2319,9 @@
else
WriteLdapConfEntry ("ssl", "no");
+ WriteLdapConfEntry ("tls_cacertdir", tls_cacertdir == "" ? nil : tls_cacertdir);
+ WriteLdapConfEntry ("tls_cacertfile", tls_cacertfile == "" ? nil : tls_cacertfile);
+
Pam::Set ("mkhomedir", mkhomedir);
WriteLdapConfEntry ("pam_password", pam_password);
@@ -2327,6 +2345,9 @@
WriteLdapConfEntry ("nss_base_group",
(nss_base_group != base_dn && nss_base_group != "") ?
nss_base_group : nil);
+
+ // default value is 'yes'
+ WriteLdapConfEntry ("tls_checkpeer", tls_checkpeer == "yes" ? nil : tls_checkpeer);
}
if (start) // ldap used for authentocation
{
@@ -2344,8 +2365,6 @@
WriteLdapConfEntry ("pam_password", pam_password);
}
- // override LDAPNOINIT (#217701)
- WriteLdapConfEntry ("tls_checkpeer", "no");
if (!oes)
{
@@ -2417,8 +2436,6 @@
{
Pam::Remove ("ldap-account_only");
}
-
- WriteLdapConfEntry ("tls_checkpeer", nil);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.19.0/src/ldap.desktop new/yast2-ldap-client-2.19.1/src/ldap.desktop
--- old/yast2-ldap-client-2.19.0/src/ldap.desktop 2009-09-02 16:22:39.000000000 +0200
+++ new/yast2-ldap-client-2.19.1/src/ldap.desktop 2010-01-15 09:17:28.000000000 +0100
@@ -21,9 +21,8 @@
X-SuSE-YaST-Keywords=ldap,authentication
Icon=yast-ldap
-Exec=/sbin/yast2 ldap
+Exec=xdg-su -c "/sbin/yast2 ldap"
Name=LDAP Client
GenericName=Configure the LDAP client
-X-KDE-SubstituteUID=true
StartupNotify=true
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.19.0/src/ui.ycp new/yast2-ldap-client-2.19.1/src/ui.ycp
--- old/yast2-ldap-client-2.19.0/src/ui.ycp 2009-06-26 15:30:53.000000000 +0200
+++ new/yast2-ldap-client-2.19.1/src/ui.ycp 2010-04-20 11:54:38.000000000 +0200
@@ -5,7 +5,7 @@
* Authors: Thorsten Kukuk <kukuk(a)suse.de>
* Anas Nashif <nashif(a)suse.de>
*
- * $Id: ui.ycp 57771 2009-06-26 13:23:09Z jsuchome $
+ * $Id: ui.ycp 61773 2010-04-20 09:54:37Z jsuchome $
*
* All user interface functions.
*/
@@ -15,6 +15,8 @@
import "Address";
import "Autologin";
+ import "Directory";
+ import "FileUtils";
import "Label";
import "Ldap";
import "LdapPopup";
@@ -200,13 +202,7 @@
// help text 6/9
_("<p>Some LDAP servers support StartTLS (RFC2830).
If your server supports it and it is configured, activate <b>LDAP TLS/SSL</b>
-to encrypt your communication with the LDAP server.</p>
-") +
-
- // help text 7/9
- _("<p>Normally, the LDAP version 3 protocol is used. If you have
-an LDAP server using protocol 2 (for example, OpenLDAP v1), activate
-<b>LDAP Version 2</b>.</p>
+to encrypt your communication with the LDAP server. You may download CA certificate file in PEM format from given URL.</p>
") +
// help text 8/9
@@ -231,8 +227,9 @@
string base_dn = Ldap::GetBaseDN ();
string server = Ldap::server;
boolean ldap_tls = Ldap::ldap_tls;
- boolean ldap_v2 = Ldap::ldap_v2;
+ string tls_checkpeer = Ldap::tls_checkpeer;
boolean login_enabled = Ldap::login_enabled;
+ string certTmpFile = sformat ("%1/__LDAPcert.crt", Directory::tmpdir);
boolean autofs = Ldap::_start_autofs;
term autofs_con = `Empty ();
@@ -300,14 +297,17 @@
`PushButton (`id(`fetch), _("F&etch DN"))
)
),
- `VSpacing (0.2),
- // check box label
- `Left (`CheckBox (`id(`ldaps), _("LDAP &TLS/SSL"), ldap_tls)),
- `VSpacing (0.2),
- // check box label
- `Left (`CheckBox (`id(`ldapv), _("LDAP &Version 2"), ldap_v2)),
`VSpacing (0.4)
), `HSpacing (0.5))),
+ `Frame (_("Secure Connection"), `HBox (`HSpacing (0.5), `VBox(
+ `HBox (
+ // check box label
+ `Left (`CheckBox (`id(`ldaps), `opt (`notify), _("LDAP &TLS/SSL"), ldap_tls)),
+ // push button label
+ `PushButton (`id(`import_cert), _("Download CA Certificate"))
+ ),
+ `VSpacing (0.2)
+ ), `HSpacing (0.5))),
autofs_con,
mkhomedir_term,
`VSpacing(0.4),
@@ -328,6 +328,7 @@
UI::ChangeWidget (`id(`server),`ValidChars, Address::ValidChars + " ");
+ UI::ChangeWidget (`id(`import_cert),`Enabled, ldap_tls);
symbol result = `not_next;
do {
@@ -338,10 +339,11 @@
login_enabled = (rb != `ldapnologin);
server = (string) UI::QueryWidget(`id(`server), `Value);
- ldap_v2 = (boolean) UI::QueryWidget(`id(`ldapv), `Value);
ldap_tls = (boolean) UI::QueryWidget(`id(`ldaps), `Value);
mkhomedir = (boolean) UI::QueryWidget (`id(`mkhomedir),`Value);
+ UI::ChangeWidget (`id(`import_cert), `Enabled, ldap_tls);
+
if (result == `slp)
{
string srv = "";
@@ -365,7 +367,7 @@
LdapPopup::InitAndBrowseTree ("", $[
"hostname" : Ldap::GetFirstServer (server),
"port" : Ldap::GetFirstPort (server),
- "version" : ldap_v2 ? 2 : 3,
+ "version" : Ldap::ldap_v2 ? 2 : 3,
"use_tls" : ldap_tls ? "yes" : "no"
]);
if (dn != "")
@@ -376,6 +378,75 @@
UI::ChangeWidget (`id (`ldaps), `Value, false);
}
}
+ if (result == `import_cert)
+ {
+ string dir = Ldap::tls_cacertdir;
+ if (Ldap::tls_cacertdir == "")
+ dir = "/etc/openldap/cacerts/";
+
+ UI::OpenDialog ( `opt(`decorated), `HBox(
+ `HSpacing(1),
+ `VBox (
+ `HSpacing (75),
+ // InputField label
+ `InputField (`id (`url), `opt (`hstretch),
+ _("CA Certificate URL for Download")),
+ `HBox (
+ `PushButton(`id(`ok),`opt(`default,`key_F10), Label::OKButton()),
+ `PushButton(`id(`cancel),`opt (`key_F9), Label::CancelButton())
+ )
+ ),
+ `HSpacing(1)
+ ));
+ UI::SetFocus (`id (`url));
+
+ any ret = nil;
+ boolean success = false;
+ string name = "";
+
+ while (true)
+ {
+ ret = UI::UserInput ();
+ if (ret == `cancel)
+ break;
+ if (ret == `ok)
+ {
+ string cert_url = (string) UI::QueryWidget (`id (`url), `Value);
+ string curlcmd = sformat("curl -f --connect-timeout 60 --max-time 120 '%1' -o %2", cert_url, certTmpFile);
+
+ if (SCR::Execute(.target.bash, curlcmd) != 0)
+ {
+ // error message
+ Popup::Error (_("Could not download the certificate file from specified URL."));
+ }
+ else if (FileUtils::CheckAndCreatePath (dir))
+ {
+ list <string> l = splitstring (cert_url, "/");
+ name = l[size(l) - 1]:"downloaded-by-yast2-ldap-client.pem";
+ success = SCR::Execute (.target.bash, sformat ("/bin/cp -a '%1' '%2/%3'", certTmpFile, dir, name)) == 0;
+ break;
+ }
+ }
+ }
+ UI::CloseDialog ();
+
+ if (ret == `cancel)
+ {
+ continue;
+ }
+ if (success)
+ {
+ // popup message, %1 is file name, %2 directory
+ Popup::Message (sformat (_("The downloaded certificate file
+
+'%1'
+
+was copied to '%2' directory"), name, dir));
+
+ Ldap::tls_cacertdir = dir;
+ Ldap::modified = true;
+ }
+ }
if (result == `next || result == `advanced)
{
@@ -468,7 +539,7 @@
Ldap::nss_base_group = base_dn;
}
if (Ldap::start != start || Ldap::GetBaseDN() != base_dn ||
- Ldap::server != server || Ldap::ldap_v2 != ldap_v2 ||
+ Ldap::server != server ||
Ldap::ldap_tls != ldap_tls || Ldap::_start_autofs != autofs ||
Ldap::login_enabled != login_enabled ||
Ldap::mkhomedir != mkhomedir)
@@ -500,6 +571,13 @@
if (message != "")
Popup::Message (message);
}
+ if (ldap_tls && tls_checkpeer == "no")
+ {
+ // yes/no question
+ if (Popup::YesNo (_("The security connection is enabled, but server certificate verification is disabled.
+Enable certificate checks now?")))
+ Ldap::tls_checkpeer = "yes";
+ }
// check if user changed part of imported settings (#252094)
if (start && Stage::cont () && size (Ldap::initial_defaults) > 0 &&
Ldap::create_ldap &&
@@ -515,7 +593,6 @@
Ldap::SetBaseDN (base_dn);
Ldap::start = start;
Ldap::server = server;
- Ldap::ldap_v2 = ldap_v2;
Ldap::ldap_tls = ldap_tls;
Ldap::_start_autofs = autofs;
Ldap::login_enabled = login_enabled;
@@ -551,7 +628,16 @@
sformat (_("<p>Set the type of LDAP groups to use.
The default value for <b>Group Member Attribute</b> is <i>%1</i>.</p>
"),
- "member"),
+ "member") +
+
+ _("<p>If secure connection requires certificate checking, you may specify where is your certificate file located. It is possible to enter either directory with certificates, or the explicit path to one certificate file.</p>") +
+
+ // help text 7/9
+ _("<p>Normally, the LDAP version 3 protocol is used. If you have
+an LDAP server using protocol 2 (for example, OpenLDAP v1), activate
+<b>LDAP Version 2</b>.</p>
+"),
+
`admin :
// help text caption 2
@@ -609,6 +695,9 @@
string nss_base_shadow = Ldap::nss_base_shadow;
string nss_base_group = Ldap::nss_base_group;
string pam_password = Ldap::pam_password;
+ boolean ldap_v2 = Ldap::ldap_v2;
+ string tls_cacertdir = Ldap::tls_cacertdir;
+ string tls_cacertfile = Ldap::tls_cacertfile;
list<term>member_attributes = [
`item (`id("member"), "member", member_attribute == "member"),
@@ -750,7 +839,7 @@
`VBox (
`Label (""),
// button label
- `PushButton (`id(`br_shadow), _("Br&owse"))
+ `PushButton (`id(`br_shadow), _("Brow&se"))
)
),
`HBox (
@@ -767,14 +856,39 @@
),
`HSpacing (1)
)),
- `VSpacing (0.5),
+ `VSpacing (0.4),
`ComboBox (`id (`pam_password), `opt(`notify,`hstretch,`editable),
// combobox label
- _("Pa&ssword Change Protocol"), pam_password_items),
- `VSpacing(0.5),
+ _("Passwor&d Change Protocol"), pam_password_items),
+ `VSpacing(0.4),
`ComboBox (`id (`group_style), `opt (`notify, `hstretch),
// combobox label
- _("G&roup Member Attribute"), member_attributes)
+ _("Group Member &Attribute"), member_attributes),
+ // check box label
+ `VSpacing(0.4),
+ `HBox (
+ `HWeight (1, `HBox (
+ `InputField (`id (`tls_cacertdir), `opt (`hstretch), _("Certificate Directory"),
+ tls_cacertdir
+ ),
+ `VBox (
+ `Label (""),
+ // button label
+ `PushButton (`id(`br_tls_cacertdir), _("B&rowse"))
+ )
+ )), `HWeight (1, `HBox (
+ `InputField (`id (`tls_cacertfile), `opt (`hstretch), _("CA Certificate File"),
+ tls_cacertfile
+ ),
+ `VBox (
+ `Label (""),
+ // button label
+ `PushButton (`id(`br_tls_cacertfile), _("Brows&e"))
+ )
+ ))
+ ),
+ `VSpacing(0.2),
+ `Left (`CheckBox (`id(`ldapv), _("LDAP &Version 2"), ldap_v2))
), `HSpacing (5)));
UI::ReplaceWidget (`tabContents, cont);
@@ -882,6 +996,10 @@
nss_base_group = (string)
UI::QueryWidget(`id(`nss_base_group),`Value);
pam_password = (string) UI::QueryWidget(`id(`pam_password), `Value);
+
+ tls_cacertfile = (string) UI::QueryWidget(`id(`tls_cacertfile), `Value);
+ tls_cacertdir = (string) UI::QueryWidget(`id(`tls_cacertdir), `Value);
+ ldap_v2 = (boolean) UI::QueryWidget(`id(`ldapv), `Value);
}
if (current == `admin)
{
@@ -931,6 +1049,24 @@
UI::ChangeWidget (`id(br2entry[result]:nil), `Value, dn);
}
}
+ if (result == `br_tls_cacertdir)
+ {
+ string dir = UI::AskForExistingDirectory (tls_cacertdir, _("Choose the directory with certificates"));
+ if (dir != nil)
+ {
+ tls_cacertdir = dir;
+ UI::ChangeWidget (`id (`tls_cacertdir), `Value, dir);
+ }
+ }
+ if (result == `br_tls_cacertfile)
+ {
+ string file = UI::AskForExistingFile (tls_cacertfile, "*.pem *.crt", _("Choose the certificate file"));
+ if (file != nil)
+ {
+ tls_cacertfile = file;
+ UI::ChangeWidget (`id (`tls_cacertfile), `Value, file);
+ }
+ }
if (result == `add)
{
string suffix = base_dn;
@@ -1094,7 +1230,10 @@
Ldap::pam_password != pam_password ||
Ldap::nss_base_passwd != nss_base_passwd ||
Ldap::nss_base_group != nss_base_group ||
- Ldap::nss_base_shadow != nss_base_shadow
+ Ldap::nss_base_shadow != nss_base_shadow ||
+ Ldap::ldap_v2 != ldap_v2 ||
+ Ldap::tls_cacertdir != tls_cacertdir ||
+ Ldap::tls_cacertfile != tls_cacertfile
)
{
Ldap::bind_dn = bind_dn;
@@ -1106,6 +1245,9 @@
Ldap::nss_base_passwd = nss_base_passwd;
Ldap::nss_base_group = nss_base_group;
Ldap::nss_base_shadow = nss_base_shadow;
+ Ldap::ldap_v2 = ldap_v2;
+ Ldap::tls_cacertdir = tls_cacertdir;
+ Ldap::tls_cacertfile = tls_cacertfile;
Ldap::modified = true;
}
break;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.19.0/testsuite/tests/Export.out new/yast2-ldap-client-2.19.1/testsuite/tests/Export.out
--- old/yast2-ldap-client-2.19.0/testsuite/tests/Export.out 2008-12-18 14:47:10.000000000 +0100
+++ new/yast2-ldap-client-2.19.1/testsuite/tests/Export.out 2010-04-20 11:17:38.000000000 +0200
@@ -3,6 +3,9 @@
Read .etc.ldap_conf.v."/etc/ldap.conf"."base" "dc=suse,dc=cz"
Read .etc.ldap_conf.v."/etc/ldap.conf"."ldap_version" nil
Read .etc.ldap_conf.v."/etc/ldap.conf"."ssl" nil
+Read .etc.ldap_conf.v."/etc/ldap.conf"."tls_cacertdir" "/etc/openldap/cacerts/"
+Read .etc.ldap_conf.v."/etc/ldap.conf"."tls_cacertfile" nil
+Read .etc.ldap_conf.v."/etc/ldap.conf"."tls_checkpeer" nil
Read .etc.ldap_conf.v."/etc/ldap.conf"."nss_base_passwd" nil
Read .etc.ldap_conf.v."/etc/ldap.conf"."nss_base_shadow" nil
Read .etc.ldap_conf.v."/etc/ldap.conf"."nss_base_group" "ou=group,dc=suse,dc=cz"
@@ -15,4 +18,4 @@
Read .passwd.passwd.pluslines ["+"]
Return true
Dump ============================================
-Return $["base_config_dn":"", "bind_dn":"uid=manager,dc=suse,dc=cz", "create_ldap":false, "file_server":false, "ldap_domain":"dc=suse,dc=cz", "ldap_server":"localhost", "ldap_tls":false, "ldap_v2":false, "login_enabled":true, "member_attribute":"member", "nss_base_group":"ou=group,dc=suse,dc=cz", "pam_password":"crypt", "start_autofs":false, "start_ldap":true]
+Return $["base_config_dn":"", "bind_dn":"uid=manager,dc=suse,dc=cz", "create_ldap":false, "file_server":false, "ldap_domain":"dc=suse,dc=cz", "ldap_server":"localhost", "ldap_tls":false, "ldap_v2":false, "login_enabled":true, "member_attribute":"member", "nss_base_group":"ou=group,dc=suse,dc=cz", "pam_password":"crypt", "start_autofs":false, "start_ldap":true, "tls_cacertdir":"/etc/openldap/cacerts/"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.19.0/testsuite/tests/Export.ycp new/yast2-ldap-client-2.19.1/testsuite/tests/Export.ycp
--- old/yast2-ldap-client-2.19.0/testsuite/tests/Export.ycp 2008-12-18 14:47:10.000000000 +0100
+++ new/yast2-ldap-client-2.19.1/testsuite/tests/Export.ycp 2010-04-20 11:54:38.000000000 +0200
@@ -2,7 +2,7 @@
* Read.ycp
* Test of Ldap:Read function
* Author: Jiri Suchomel <jsuchome(a)suse.cz>
- * $Id: Export.ycp 44643 2008-02-19 14:42:51Z jsuchome $
+ * $Id: Export.ycp 61773 2010-04-20 09:54:37Z jsuchome $
*/
{
@@ -29,6 +29,9 @@
"ldap_version": nil,
"ssl": nil,
"pam_password": "crypt",
+ "tls_cacertdir" : "/etc/openldap/cacerts/",
+ "tls_cacertfile": nil,
+ "tls_checkpeer" : nil
]
]
],
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.19.0/testsuite/tests/Read.out new/yast2-ldap-client-2.19.1/testsuite/tests/Read.out
--- old/yast2-ldap-client-2.19.0/testsuite/tests/Read.out 2008-12-18 14:47:10.000000000 +0100
+++ new/yast2-ldap-client-2.19.1/testsuite/tests/Read.out 2010-04-20 11:18:17.000000000 +0200
@@ -3,6 +3,9 @@
Read .etc.ldap_conf.v."/etc/ldap.conf"."base" "dc=suse,dc=cz"
Read .etc.ldap_conf.v."/etc/ldap.conf"."ldap_version" nil
Read .etc.ldap_conf.v."/etc/ldap.conf"."ssl" nil
+Read .etc.ldap_conf.v."/etc/ldap.conf"."tls_cacertdir" "/etc/openldap/cacerts/"
+Read .etc.ldap_conf.v."/etc/ldap.conf"."tls_cacertfile" nil
+Read .etc.ldap_conf.v."/etc/ldap.conf"."tls_checkpeer" "no"
Read .etc.ldap_conf.v."/etc/ldap.conf"."nss_base_passwd" nil
Read .etc.ldap_conf.v."/etc/ldap.conf"."nss_base_shadow" nil
Read .etc.ldap_conf.v."/etc/ldap.conf"."nss_base_group" nil
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.19.0/testsuite/tests/Read.ycp new/yast2-ldap-client-2.19.1/testsuite/tests/Read.ycp
--- old/yast2-ldap-client-2.19.0/testsuite/tests/Read.ycp 2008-12-18 14:47:10.000000000 +0100
+++ new/yast2-ldap-client-2.19.1/testsuite/tests/Read.ycp 2010-04-20 11:54:38.000000000 +0200
@@ -2,7 +2,7 @@
* Read.ycp
* Test of Ldap:Read function
* Author: Jiri Suchomel <jsuchome(a)suse.cz>
- * $Id: Read.ycp 32575 2006-08-25 13:33:55Z jsuchome $
+ * $Id: Read.ycp 61773 2010-04-20 09:54:37Z jsuchome $
*/
{
@@ -29,6 +29,9 @@
"ldap_version": nil,
"ssl": nil,
"pam_password": "crypt",
+ "tls_cacertdir" : "/etc/openldap/cacerts/",
+ "tls_cacertfile": nil,
+ "tls_checkpeer" : "no"
]
]
],
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-commit+help(a)opensuse.org
