Hello community,
here is the log from the commit of package yast2-ldap-client for openSUSE:Factory
checked in at Tue Aug 2 17:19:46 CEST 2011.
--------
--- yast2-ldap-client/yast2-ldap-client.changes 2011-07-26 10:40:25.000000000 +0200
+++ /mounts/work_src_done/STABLE/yast2-ldap-client/yast2-ldap-client.changes 2011-08-02 14:50:31.000000000 +0200
@@ -1,0 +2,6 @@
+Tue Aug 2 14:48:20 CEST 2011 - jsuchome@suse.cz
+
+- check LDAP connection before writing the settings (bnc#709236)
+- 2.21.9
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
yast2-ldap-client-2.21.8.tar.bz2
New:
----
yast2-ldap-client-2.21.9.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-ldap-client.spec ++++++
--- /var/tmp/diff_new_pack.FV36lP/_old 2011-08-02 17:19:18.000000000 +0200
+++ /var/tmp/diff_new_pack.FV36lP/_new 2011-08-02 17:19:18.000000000 +0200
@@ -19,11 +19,11 @@
Name: yast2-ldap-client
-Version: 2.21.8
+Version: 2.21.9
Release: 1
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source0: yast2-ldap-client-2.21.8.tar.bz2
+Source0: yast2-ldap-client-2.21.9.tar.bz2
Prefix: /usr
@@ -58,7 +58,7 @@
OpenLDAP server will be used for user authentication.
%prep
-%setup -n yast2-ldap-client-2.21.8
+%setup -n yast2-ldap-client-2.21.9
%build
%{prefix}/bin/y2tool y2autoconf
++++++ yast2-ldap-client-2.21.8.tar.bz2 -> yast2-ldap-client-2.21.9.tar.bz2 ++++++
++++ 3301 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.21.8/VERSION new/yast2-ldap-client-2.21.9/VERSION
--- old/yast2-ldap-client-2.21.8/VERSION 2011-07-26 10:24:48.000000000 +0200
+++ new/yast2-ldap-client-2.21.9/VERSION 2011-08-02 14:48:37.000000000 +0200
@@ -1 +1 @@
-2.21.8
+2.21.9
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.21.8/configure.in new/yast2-ldap-client-2.21.9/configure.in
--- old/yast2-ldap-client-2.21.8/configure.in 2011-07-26 10:21:50.000000000 +0200
+++ new/yast2-ldap-client-2.21.9/configure.in 2011-06-23 15:51:37.000000000 +0200
@@ -3,7 +3,7 @@
dnl -- This file is generated by y2autoconf 2.18.11 - DO NOT EDIT! --
dnl (edit configure.in.in instead)
-AC_INIT(yast2-ldap-client, 2.21.7, http://bugs.opensuse.org/, yast2-ldap-client)
+AC_INIT(yast2-ldap-client, 2.21.5, http://bugs.opensuse.org/, yast2-ldap-client)
dnl Check for presence of file 'RPMNAME'
AC_CONFIG_SRCDIR([RPMNAME])
@@ -18,7 +18,7 @@
AM_INIT_AUTOMAKE(tar-ustar -Wno-portability)
dnl Important YaST2 variables
-VERSION="2.21.7"
+VERSION="2.21.5"
RPMNAME="yast2-ldap-client"
MAINTAINER="Jiri Suchomel "
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.21.8/src/Ldap.ycp new/yast2-ldap-client-2.21.9/src/Ldap.ycp
--- old/yast2-ldap-client-2.21.8/src/Ldap.ycp 2011-07-01 14:49:08.000000000 +0200
+++ new/yast2-ldap-client-2.21.9/src/Ldap.ycp 2011-08-02 14:48:00.000000000 +0200
@@ -327,6 +327,16 @@
// enumerate users/group
global boolean sssd_enumerate = false;
+ global map ldap_error_hints = $[
+ // hint to error message
+ -1 : _("Verify that the LDAP Server is running and reachable."),
+ // hint to error message
+ -11 : _("Failed to establish TLS encryption.
+Verify that the correct CA Certificate is installed and the Server Certificate is valid."),
+ // hint to error message
+ 2 : _("Failed to establish TLS encryption.
+Verify that the Server has StartTLS support enabled."),
+ ];
//----------------------------------------------------------------
/**
@@ -1054,7 +1064,12 @@
*/
global define map LDAPErrorMap () ``{
- return ((map)SCR::Read(.ldap.error));
+ map ret = ((map)SCR::Read(.ldap.error));
+ if (ldap_error_hints[ret["code"]:0]:"" != "")
+ {
+ ret["hint"] = ldap_error_hints[ret["code"]:0]:"";
+ }
+ return ret;
}
/**
@@ -1066,7 +1081,7 @@
string error = err_map["msg"]:"";
if (err_map["server_msg"]:"" != "")
{
- error = sformat ("%1\n%2", error, err_map["server_msg"]:"");
+ error = sformat ("%1\n(%2)", error, err_map["server_msg"]:"");
}
return error;
}
@@ -1164,6 +1179,96 @@
}
/**
+ * Initializes LDAP agent; use the data passed as argument instead global values
+ * Returns whole error map, not just message
+ */
+ global map LDAPInitArgs (map args) {
+
+ map ret = $[];
+ boolean init = (boolean) SCR::Execute (.ldap, args);
+ if (init == nil)
+ {
+ // error message
+ ret["msg"] = _("Unknown error. Perhaps 'yast2-ldap' is not available.");
+ }
+ else
+ {
+ ldap_initialized = init;
+ if (!init)
+ {
+ ret = LDAPErrorMap ();
+ }
+ else
+ {
+ tls_when_initialized= args["use_tls"]:"" == "yes";
+ }
+ }
+ return ret;
+ }
+
+ /**
+ * Check if LDAP connection can be established with given values.
+ */
+ global boolean CheckLDAPConnection (map args) {
+
+ LDAPClose ();
+ map errmap = LDAPInitArgs (args);
+
+ if (errmap == $[])
+ return true;
+
+ string details = errmap["msg"]:"";
+ if (errmap["server_msg"]:"" != "")
+ details = sformat ("%1\n%2", details, errmap["server_msg"]:"");
+ string hint = errmap["hint"]:"";
+
+ UI::OpenDialog (`HBox(`HSpacing (0.5),
+ `VBox(
+ `VSpacing (0.5),
+ // label
+ `Left (`Heading (Label::ErrorMsg())),
+ // error message
+ `Left (`Label (_("Connection to the LDAP server cannot be established."))),
+ `ReplacePoint (`id(`rp), `Empty()),
+ `VSpacing (0.2),
+ `Left (`CheckBox (`id(`details), `opt (`notify),
+ // checkbox label
+ _("&Show Details"), false)),
+ `VSpacing (),
+ hint != "" ? `VBox (
+ `Left (`Label (hint)),
+ `VSpacing ()
+ ) : `VBox (),
+ `Left (`Label (
+ // question following error message (yes/no buttons follow)
+_("Really keep this configuration?"))),
+ `HBox (
+ `PushButton (`id(`yes), `opt(`key_F10,`default), Label::YesButton()),
+ `PushButton (`id(`no),`opt(`key_F9), Label::NoButton())
+ )
+ ),
+ `HSpacing(0.5))
+ );
+ any ret = nil;
+ do
+ {
+ ret = UI::UserInput();
+ if (ret == `details)
+ {
+ if ((boolean)UI::QueryWidget (`id(`details), `Value))
+ {
+ UI::ReplaceWidget (`id(`rp), `VBox (`Label (details)));
+ }
+ else
+ UI::ReplaceWidget (`id(`rp), `Empty());
+ }
+ }
+ while (ret != `yes && ret != `no);
+ UI::CloseDialog ();
+ return ret == `yes;
+ }
+
+ /**
* popup shown after failed connection: ask for retry withou TLS (see bug 246397)
* @return true if user wants to retry without TLS
*/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.21.8/src/ui.ycp new/yast2-ldap-client-2.21.9/src/ui.ycp
--- old/yast2-ldap-client-2.21.8/src/ui.ycp 2011-07-21 10:19:35.000000000 +0200
+++ new/yast2-ldap-client-2.21.9/src/ui.ycp 2011-08-02 14:48:00.000000000 +0200
@@ -547,6 +547,24 @@
continue;
}
}
+ // test the connection in case of TLS
+ if (start && ldap_tls && Ldap::tls_when_initialized != ldap_tls)
+ {
+ map args = $[
+ "hostname" : Ldap::GetFirstServer (server),
+ "port" : Ldap::GetFirstPort (server),
+ "version" : Ldap::ldap_v2 ? 2 : 3,
+ "use_tls" : ldap_tls ? "yes" : "no",
+ "cacertdir" : Ldap::tls_cacertdir,
+ "cacertfile" : Ldap::tls_cacertfile
+ ];
+ if (!Ldap::CheckLDAPConnection (args))
+ {
+
+ result = `not_next;
+ continue;
+ }
+ }
}
} while (!contains ([`back, `next, `cancel, `abort, `advanced], result));
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org