Hello community, here is the log from the commit of package yast2-ldap-client for openSUSE:Factory checked in at Tue Aug 2 17:19:46 CEST 2011.
-------- --- yast2-ldap-client/yast2-ldap-client.changes 2011-07-26 10:40:25.000000000 +0200 +++ /mounts/work_src_done/STABLE/yast2-ldap-client/yast2-ldap-client.changes 2011-08-02 14:50:31.000000000 +0200 @@ -1,0 +2,6 @@ +Tue Aug 2 14:48:20 CEST 2011 - jsuch...@suse.cz + +- check LDAP connection before writing the settings (bnc#709236) +- 2.21.9 + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- yast2-ldap-client-2.21.8.tar.bz2 New: ---- yast2-ldap-client-2.21.9.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-ldap-client.spec ++++++ --- /var/tmp/diff_new_pack.FV36lP/_old 2011-08-02 17:19:18.000000000 +0200 +++ /var/tmp/diff_new_pack.FV36lP/_new 2011-08-02 17:19:18.000000000 +0200 @@ -19,11 +19,11 @@ Name: yast2-ldap-client -Version: 2.21.8 +Version: 2.21.9 Release: 1 BuildRoot: %{_tmppath}/%{name}-%{version}-build -Source0: yast2-ldap-client-2.21.8.tar.bz2 +Source0: yast2-ldap-client-2.21.9.tar.bz2 Prefix: /usr @@ -58,7 +58,7 @@ OpenLDAP server will be used for user authentication. %prep -%setup -n yast2-ldap-client-2.21.8 +%setup -n yast2-ldap-client-2.21.9 %build %{prefix}/bin/y2tool y2autoconf ++++++ yast2-ldap-client-2.21.8.tar.bz2 -> yast2-ldap-client-2.21.9.tar.bz2 ++++++ ++++ 3301 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.21.8/VERSION new/yast2-ldap-client-2.21.9/VERSION --- old/yast2-ldap-client-2.21.8/VERSION 2011-07-26 10:24:48.000000000 +0200 +++ new/yast2-ldap-client-2.21.9/VERSION 2011-08-02 14:48:37.000000000 +0200 @@ -1 +1 @@ -2.21.8 +2.21.9 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.21.8/configure.in new/yast2-ldap-client-2.21.9/configure.in --- old/yast2-ldap-client-2.21.8/configure.in 2011-07-26 10:21:50.000000000 +0200 +++ new/yast2-ldap-client-2.21.9/configure.in 2011-06-23 15:51:37.000000000 +0200 @@ -3,7 +3,7 @@ dnl -- This file is generated by y2autoconf 2.18.11 - DO NOT EDIT! -- dnl (edit configure.in.in instead) -AC_INIT(yast2-ldap-client, 2.21.7, http://bugs.opensuse.org/, yast2-ldap-client) +AC_INIT(yast2-ldap-client, 2.21.5, http://bugs.opensuse.org/, yast2-ldap-client) dnl Check for presence of file 'RPMNAME' AC_CONFIG_SRCDIR([RPMNAME]) @@ -18,7 +18,7 @@ AM_INIT_AUTOMAKE(tar-ustar -Wno-portability) dnl Important YaST2 variables -VERSION="2.21.7" +VERSION="2.21.5" RPMNAME="yast2-ldap-client" MAINTAINER="Jiri Suchomel <jsuch...@suse.cz>" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.21.8/src/Ldap.ycp new/yast2-ldap-client-2.21.9/src/Ldap.ycp --- old/yast2-ldap-client-2.21.8/src/Ldap.ycp 2011-07-01 14:49:08.000000000 +0200 +++ new/yast2-ldap-client-2.21.9/src/Ldap.ycp 2011-08-02 14:48:00.000000000 +0200 @@ -327,6 +327,16 @@ // enumerate users/group global boolean sssd_enumerate = false; + global map ldap_error_hints = $[ + // hint to error message + -1 : _("Verify that the LDAP Server is running and reachable."), + // hint to error message + -11 : _("Failed to establish TLS encryption. +Verify that the correct CA Certificate is installed and the Server Certificate is valid."), + // hint to error message + 2 : _("Failed to establish TLS encryption. +Verify that the Server has StartTLS support enabled."), + ]; //---------------------------------------------------------------- /** @@ -1054,7 +1064,12 @@ */ global define map LDAPErrorMap () ``{ - return ((map)SCR::Read(.ldap.error)); + map ret = ((map)SCR::Read(.ldap.error)); + if (ldap_error_hints[ret["code"]:0]:"" != "") + { + ret["hint"] = ldap_error_hints[ret["code"]:0]:""; + } + return ret; } /** @@ -1066,7 +1081,7 @@ string error = err_map["msg"]:""; if (err_map["server_msg"]:"" != "") { - error = sformat ("%1\n%2", error, err_map["server_msg"]:""); + error = sformat ("%1\n(%2)", error, err_map["server_msg"]:""); } return error; } @@ -1164,6 +1179,96 @@ } /** + * Initializes LDAP agent; use the data passed as argument instead global values + * Returns whole error map, not just message + */ + global map LDAPInitArgs (map args) { + + map ret = $[]; + boolean init = (boolean) SCR::Execute (.ldap, args); + if (init == nil) + { + // error message + ret["msg"] = _("Unknown error. Perhaps 'yast2-ldap' is not available."); + } + else + { + ldap_initialized = init; + if (!init) + { + ret = LDAPErrorMap (); + } + else + { + tls_when_initialized= args["use_tls"]:"" == "yes"; + } + } + return ret; + } + + /** + * Check if LDAP connection can be established with given values. + */ + global boolean CheckLDAPConnection (map args) { + + LDAPClose (); + map errmap = LDAPInitArgs (args); + + if (errmap == $[]) + return true; + + string details = errmap["msg"]:""; + if (errmap["server_msg"]:"" != "") + details = sformat ("%1\n%2", details, errmap["server_msg"]:""); + string hint = errmap["hint"]:""; + + UI::OpenDialog (`HBox(`HSpacing (0.5), + `VBox( + `VSpacing (0.5), + // label + `Left (`Heading (Label::ErrorMsg())), + // error message + `Left (`Label (_("Connection to the LDAP server cannot be established."))), + `ReplacePoint (`id(`rp), `Empty()), + `VSpacing (0.2), + `Left (`CheckBox (`id(`details), `opt (`notify), + // checkbox label + _("&Show Details"), false)), + `VSpacing (), + hint != "" ? `VBox ( + `Left (`Label (hint)), + `VSpacing () + ) : `VBox (), + `Left (`Label ( + // question following error message (yes/no buttons follow) +_("Really keep this configuration?"))), + `HBox ( + `PushButton (`id(`yes), `opt(`key_F10,`default), Label::YesButton()), + `PushButton (`id(`no),`opt(`key_F9), Label::NoButton()) + ) + ), + `HSpacing(0.5)) + ); + any ret = nil; + do + { + ret = UI::UserInput(); + if (ret == `details) + { + if ((boolean)UI::QueryWidget (`id(`details), `Value)) + { + UI::ReplaceWidget (`id(`rp), `VBox (`Label (details))); + } + else + UI::ReplaceWidget (`id(`rp), `Empty()); + } + } + while (ret != `yes && ret != `no); + UI::CloseDialog (); + return ret == `yes; + } + + /** * popup shown after failed connection: ask for retry withou TLS (see bug 246397) * @return true if user wants to retry without TLS */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.21.8/src/ui.ycp new/yast2-ldap-client-2.21.9/src/ui.ycp --- old/yast2-ldap-client-2.21.8/src/ui.ycp 2011-07-21 10:19:35.000000000 +0200 +++ new/yast2-ldap-client-2.21.9/src/ui.ycp 2011-08-02 14:48:00.000000000 +0200 @@ -547,6 +547,24 @@ continue; } } + // test the connection in case of TLS + if (start && ldap_tls && Ldap::tls_when_initialized != ldap_tls) + { + map args = $[ + "hostname" : Ldap::GetFirstServer (server), + "port" : Ldap::GetFirstPort (server), + "version" : Ldap::ldap_v2 ? 2 : 3, + "use_tls" : ldap_tls ? "yes" : "no", + "cacertdir" : Ldap::tls_cacertdir, + "cacertfile" : Ldap::tls_cacertfile + ]; + if (!Ldap::CheckLDAPConnection (args)) + { + + result = `not_next; + continue; + } + } } } while (!contains ([`back, `next, `cancel, `abort, `advanced], result)); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org