Index: ChangeLog =================================================================== RCS file: /cvs/gnome/evolution/addressbook/ChangeLog,v retrieving revision 1.1183.2.9 diff -u -r1.1183.2.9 ChangeLog --- ChangeLog 28 Nov 2002 22:29:32 -0000 1.1183.2.9 +++ ChangeLog 1 Dec 2002 04:14:41 -0000 @@ -1,4 +1,13 @@ +2002-11-30 Chris Toshok + + * backend/pas/pas-backend-ldap.c (pas_backend_ldap_connect): only + enale the LDAPv3 stuff if TLS is being used. Also, deal with + naming errors returned from query_ldap_root_dse, as some servers + (older openldap servers among others i'm sure) don't have a root + dse at all. + 2002-11-28 Chris Toshok + [ partial fix for #31763 ] * gui/component/select-names/select-names.glade: add the Find button back in. Index: backend/pas/pas-backend-ldap.c =================================================================== RCS file: /cvs/gnome/evolution/addressbook/backend/pas/pas-backend-ldap.c,v retrieving revision 1.110.4.1 diff -u -r1.110.4.1 pas-backend-ldap.c --- backend/pas/pas-backend-ldap.c 25 Nov 2002 03:24:06 -0000 1.110.4.1 +++ backend/pas/pas-backend-ldap.c 1 Dec 2002 04:14:42 -0000 @@ -566,7 +566,7 @@ "(objectclass=*)", attrs, 0, NULL, NULL, &timeout, LDAP_NO_LIMIT, &resp); if (ldap_error != LDAP_SUCCESS) { - g_warning ("could not perform query on Root DSE"); + g_warning ("could not perform query on Root DSE (ldap_error 0x%02x)", ldap_error); return ldap_error; } @@ -636,34 +636,43 @@ if (NULL != blpriv->ldap) { int ldap_error; - int protocol_version = LDAP_VERSION3; - ldap_error = ldap_set_option (blpriv->ldap, LDAP_OPT_PROTOCOL_VERSION, &protocol_version); - if (LDAP_OPT_SUCCESS != ldap_error) { - g_warning ("failed to set protocol version to LDAPv3"); - bl->priv->ldap_v3 = FALSE; - } - else - bl->priv->ldap_v3 = TRUE; + if (bl->priv->use_tls != PAS_BACKEND_LDAP_TLS_NO) { + int protocol_version = LDAP_VERSION3; + ldap_error = ldap_set_option (blpriv->ldap, LDAP_OPT_PROTOCOL_VERSION, &protocol_version); + if (LDAP_OPT_SUCCESS != ldap_error) { + g_warning ("failed to set protocol version to LDAPv3"); + bl->priv->ldap_v3 = FALSE; + } + else + bl->priv->ldap_v3 = TRUE; - if (bl->priv->ldap_port == LDAPS_PORT && bl->priv->use_tls == PAS_BACKEND_LDAP_TLS_ALWAYS) { - int tls_level = LDAP_OPT_X_TLS_HARD; - ldap_set_option (blpriv->ldap, LDAP_OPT_X_TLS, &tls_level); - } - else if (bl->priv->use_tls) { - ldap_error = ldap_start_tls_s (blpriv->ldap, NULL, NULL); - if (LDAP_SUCCESS != ldap_error) { - if (bl->priv->use_tls == PAS_BACKEND_LDAP_TLS_ALWAYS) { - g_message ("TLS not available (fatal version), (ldap_error 0x%02x)", ldap_error); - ldap_unbind (blpriv->ldap); - blpriv->ldap = NULL; - return GNOME_Evolution_Addressbook_BookListener_TLSNotAvailable; - } - else { - g_message ("TLS not available (ldap_error 0x%02x)", ldap_error); + if (!bl->priv->ldap_v3 && bl->priv->use_tls == PAS_BACKEND_LDAP_TLS_ALWAYS) { + g_message ("TLS not available (fatal version), v3 protocol could not be established (ldap_error 0x%02x)", ldap_error); + ldap_unbind (blpriv->ldap); + blpriv->ldap = NULL; + return GNOME_Evolution_Addressbook_BookListener_TLSNotAvailable; + } + + if (bl->priv->ldap_port == LDAPS_PORT && bl->priv->use_tls == PAS_BACKEND_LDAP_TLS_ALWAYS) { + int tls_level = LDAP_OPT_X_TLS_HARD; + ldap_set_option (blpriv->ldap, LDAP_OPT_X_TLS, &tls_level); + } + else if (bl->priv->use_tls) { + ldap_error = ldap_start_tls_s (blpriv->ldap, NULL, NULL); + if (LDAP_SUCCESS != ldap_error) { + if (bl->priv->use_tls == PAS_BACKEND_LDAP_TLS_ALWAYS) { + g_message ("TLS not available (fatal version), (ldap_error 0x%02x)", ldap_error); + ldap_unbind (blpriv->ldap); + blpriv->ldap = NULL; + return GNOME_Evolution_Addressbook_BookListener_TLSNotAvailable; + } + else { + g_message ("TLS not available (ldap_error 0x%02x)", ldap_error); + } } + else + g_message ("TLS active"); } - else - g_message ("TLS active"); } ldap_error = query_ldap_root_dse (bl); @@ -671,7 +680,11 @@ connect(), so any tcpip problems will show up here */ - if (LDAP_SUCCESS == ldap_error) { + /* we can't just check for LDAP_SUCCESS here since in + older servers (namely openldap1.x servers), there's + not a root DSE at all, so the query will fail with + LDAP_NO_SUCH_OBJECT. */ + if (ldap_error == LDAP_SUCCESS || LDAP_NAME_ERROR (ldap_error)) { blpriv->connected = TRUE; /* check to see if evolutionPerson is supported, if we can (me @@ -684,7 +697,6 @@ } else g_warning ("Failed to perform root dse query anonymously, (ldap_error 0x%02x)", ldap_error); - } g_warning ("pas_backend_ldap_connect failed for "