Author: jsuchome Date: Tue Aug 2 14:48:52 2011 New Revision: 65134 URL: http://svn.opensuse.org/viewcvs/yast?rev=65134&view=rev Log: - check LDAP connection before writing the settings (bnc#709236) - 2.17.31 Modified: branches/SuSE-Code-11-SP2-Branch/ldap-client/VERSION branches/SuSE-Code-11-SP2-Branch/ldap-client/package/yast2-ldap-client.changes branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp branches/SuSE-Code-11-SP2-Branch/ldap-client/src/ui.ycp Modified: branches/SuSE-Code-11-SP2-Branch/ldap-client/VERSION URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap-client/VERSION?rev=65134&r1=65133&r2=65134&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap-client/VERSION (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap-client/VERSION Tue Aug 2 14:48:52 2011 @@ -1 +1 @@ -2.17.30 +2.17.31 Modified: branches/SuSE-Code-11-SP2-Branch/ldap-client/package/yast2-ldap-client.changes URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap-client/package/yast2-ldap-client.changes?rev=65134&r1=65133&r2=65134&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap-client/package/yast2-ldap-client.changes (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap-client/package/yast2-ldap-client.changes Tue Aug 2 14:48:52 2011 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Tue Aug 2 09:22:12 CEST 2011 - jsuchome@suse.cz + +- check LDAP connection before writing the settings (bnc#709236) +- 2.17.31 + +------------------------------------------------------------------- Wed Jul 27 13:59:53 CEST 2011 - jsuchome@suse.cz - correctly set sssd value during Read (bnc#708562) Modified: branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp?rev=65134&r1=65133&r2=65134&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp Tue Aug 2 14:48:52 2011 @@ -350,6 +350,16 @@ // enumerate users/group global boolean sssd_enumerate = false; + global map ldap_error_hints = $[ + // hint to error message + -1 : _("Verify that the LDAP Server is running and reachable."), + // hint to error message + -11 : _("Failed to establish TLS encryption. +Verify that the correct CA Certificate is installed and the Server Certificate is valid."), + // hint to error message + 2 : _("Failed to establish TLS encryption. +Verify that the Server has StartTLS support enabled."), + ]; //---------------------------------------------------------------- /** @@ -1088,7 +1098,12 @@ */ global define map LDAPErrorMap () ``{ - return ((map)SCR::Read(.ldap.error)); + map ret = ((map)SCR::Read(.ldap.error)); + if (ldap_error_hints[ret["code"]:0]:"" != "") + { + ret["hint"] = ldap_error_hints[ret["code"]:0]:""; + } + return ret; } /** @@ -1100,7 +1115,7 @@ string error = err_map["msg"]:""; if (err_map["server_msg"]:"" != "") { - error = sformat ("%1\n%2", error, err_map["server_msg"]:""); + error = sformat ("%1\n(%2)", error, err_map["server_msg"]:""); } return error; } @@ -1192,6 +1207,96 @@ } /** + * Initializes LDAP agent; use the data passed as argument instead global values + * Returns whole error map, not just message + */ + global map LDAPInitArgs (map args) { + + map ret = $[]; + boolean init = (boolean) SCR::Execute (.ldap, args); + if (init == nil) + { + // error message + ret["msg"] = _("Unknown error. Perhaps 'yast2-ldap' is not available."); + } + else + { + ldap_initialized = init; + if (!init) + { + ret = LDAPErrorMap (); + } + else + { + tls_when_initialized= args["use_tls"]:"" == "yes"; + } + } + return ret; + } + + /** + * Check if LDAP connection can be established with given values. + */ + global boolean CheckLDAPConnection (map args) { + + LDAPClose (); + map errmap = LDAPInitArgs (args); + + if (errmap == $[]) + return true; + + string details = errmap["msg"]:""; + if (errmap["server_msg"]:"" != "") + details = sformat ("%1\n%2", details, errmap["server_msg"]:""); + string hint = errmap["hint"]:""; + + UI::OpenDialog (`HBox(`HSpacing (0.5), + `VBox( + `VSpacing (0.5), + // label + `Left (`Heading (Label::ErrorMsg())), + // error message + `Left (`Label (_("Connection to the LDAP server cannot be established."))), + `ReplacePoint (`id(`rp), `Empty()), + `VSpacing (0.2), + `Left (`CheckBox (`id(`details), `opt (`notify), + // checkbox label + _("&Show Details"), false)), + `VSpacing (), + hint != "" ? `VBox ( + `Left (`Label (hint)), + `VSpacing () + ) : `VBox (), + `Left (`Label ( + // question following error message (yes/no buttons follow) +_("Really keep this configuration?"))), + `HBox ( + `PushButton (`id(`yes), `opt(`key_F10,`default), Label::YesButton()), + `PushButton (`id(`no),`opt(`key_F9), Label::NoButton()) + ) + ), + `HSpacing(0.5)) + ); + any ret = nil; + do + { + ret = UI::UserInput(); + if (ret == `details) + { + if ((boolean)UI::QueryWidget (`id(`details), `Value)) + { + UI::ReplaceWidget (`id(`rp), `VBox (`Label (details))); + } + else + UI::ReplaceWidget (`id(`rp), `Empty()); + } + } + while (ret != `yes && ret != `no); + UI::CloseDialog (); + return ret == `yes; + } + + /** * popup shown after failed connection: ask for retry withou TLS (see bug 246397) * @return true if user wants to retry without TLS */ Modified: branches/SuSE-Code-11-SP2-Branch/ldap-client/src/ui.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap-client/src/ui.ycp?rev=65134&r1=65133&r2=65134&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap-client/src/ui.ycp (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap-client/src/ui.ycp Tue Aug 2 14:48:52 2011 @@ -554,6 +554,24 @@ continue; } } + // test the connection in case of TLS + if (start && ldap_tls && Ldap::tls_when_initialized != ldap_tls) + { + map args = $[ + "hostname" : Ldap::GetFirstServer (server), + "port" : Ldap::GetFirstPort (server), + "version" : Ldap::ldap_v2 ? 2 : 3, + "use_tls" : ldap_tls ? "yes" : "no", + "cacertdir" : Ldap::tls_cacertdir, + "cacertfile" : Ldap::tls_cacertfile + ]; + if (!Ldap::CheckLDAPConnection (args)) + { + + result = `not_next; + continue; + } + } } } while (!contains ([`back, `next, `cancel, `abort, `advanced], result)); -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org