mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-04-12 15:10:31 +08:00
Code Issues Packages Projects Releases Wiki Activity
24,598 Commits 38 Branches 307 Tags
Commit Graph

24598 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
HAMANO Tsukasa
efa9f173d2 ITS#10233 - fix idl intersection 
The `mdb_idl_intersection()` and `wt_idl_intersection()` functions derived from back-bdb return wrong results.

expect:
[1, 3] ∩ [2] = []

actual:
[1, 3] ∩ [2] = [2]

also
- Add scope checking for back-wt
- fix compiler warning
 2024-10-04 21:49:50 +00:00
Quanah Gibson-Mount
836cb913ef ITS#10237 2024-10-04 21:47:30 +00:00
Howard Chu
84a64fe354 ITS#10237 back-ldap: fix usage of multi-precision add for op counters 2024-10-04 21:41:34 +00:00
Howard Chu
0f984dd354 ITS#10230 slapo-memberof: fix addcheck search to omit dynamic values 2024-06-28 17:14:45 +00:00
Quanah Gibson-Mount
743ece8994 ITS#10235 2024-06-28 17:03:55 +00:00
Howard Chu
74f0e83eb4 ITS#10235 slapo-nestgroup: silence extraneous register_at message 2024-06-28 17:03:29 +00:00
Quanah Gibson-Mount
9937d5b9a7 ITS#10231 2024-06-28 17:02:02 +00:00
Howard Chu
8350e24c8f ITS#10231 slapadd: check for NULL suffix in error message 2024-06-28 17:01:55 +00:00
Quanah Gibson-Mount
5cd67e374e ITS#10230 2024-06-28 17:01:22 +00:00
Quanah Gibson-Mount
c8e2fbf398 ITS#10227 2024-06-28 17:00:39 +00:00
Nadezhda Ivanova
1ea9880ad0 ITS#10227 Asyncmeta will not reset a connection if a bind operation fails with LDAP_OTHER, leaving the connection in invalid state 2024-06-28 16:59:06 +00:00
Quanah Gibson-Mount
f30d23a911 ITS#10219 2024-06-28 16:58:22 +00:00
Nadezhda Ivanova
532b2e60da ITS#10219 Modify of olcDisabled by removing and adding a value invokes db_open twice 
Do not invoke db_open if the database is not actually disabled
 2024-06-28 16:58:12 +00:00
Quanah Gibson-Mount
8f05e9ed4d ITS#10218 2024-06-28 16:57:22 +00:00
Nadezhda Ivanova
dc358cbc8e ITS#10218 Disabling and re-enabling an asyncmeta database via cn=config leaks memory 
Make sure asyncmeta frees the pending operations structures, resets all connections, frees connection structures and stops the timeout-loop.
 2024-06-28 16:56:38 +00:00
Quanah Gibson-Mount
d0d0470f1f ITS#9827 2024-06-28 16:50:21 +00:00
Quanah Gibson-Mount
3516e19bc7 ITS#9827 - Use 7MB memory/5 iterations as default 
This has the same protections as 19MB/2 iterations, but requires less system memory
 2024-06-28 16:49:04 +00:00
François Kooman
d13a07bf94 ITS#9827 update Argon2 defaults 
- switch to argon2id by default (from argon2i)
- use OWASP recommended parameters as defaults

This only affects builds that use libargon2, e.g. Debian, and
not builds that use libsodium as argon2id is already the
default there, and better parameters are used

References: https://bugs.openldap.org/show_bug.cgi?id=9827
Signed-off-by: François Kooman <fkooman@tuxed.net>
 2024-06-28 16:48:57 +00:00
Quanah Gibson-Mount
9d07c21d76 ITS#10224 2024-06-28 16:47:55 +00:00
Howard Chu
1d556f230f ITS#10224 libldap: check for OpenSSL EVP_Digest* failure 2024-06-28 16:47:32 +00:00
Quanah Gibson-Mount
0e7dbc9973 ITS#10223 2024-06-28 16:47:27 +00:00
Howard Chu
a45e1fc4eb ITS#10223 libldap: check for OpenSSL SSL_CTX_set_ciphersuites failure 2024-06-28 16:46:13 +00:00
Quanah Gibson-Mount
d24499a93a Return to release engineering 2024-06-03 15:26:48 +00:00
Quanah Gibson-Mount
29eea85525 Prep for release (2.6.8) OPENLDAP_REL_ENG_2_6_8 2024-05-21 17:19:11 +00:00
Quanah Gibson-Mount
662ccd4cc7 Merge remote-tracking branch 'origin/mdb.RE/0.9' into OPENLDAP_REL_ENG_2_6 2024-05-21 17:16:47 +00:00
Quanah Gibson-Mount
3a29a24777 Prep for release LMDB_0.9.33 2024-05-21 17:16:06 +00:00
Quanah Gibson-Mount
a741fb5e98 ITS#10216 2024-05-21 16:06:30 +00:00
Howard Chu
051b9f05a1 ITS#10216 libldap: fix OpenSSL channel binding digest 
The OBJ_find_ API is undocumented but this is what OpenSSL libcrypto does itself.
 2024-05-21 15:42:03 +00:00
Quanah Gibson-Mount
3fbe399c3c ITS#10209 2024-05-09 19:09:18 +00:00
Howard Chu
1d37f7b005 ITS#10209 libldap: only use OPENSSL_INIT_NO_ATEXIT if it's defined 
Fake OpenSSL clones like LibreSSL don't support it.

In general we will make no effort to support fake OpenSSL clones.
 2024-05-09 19:08:33 +00:00
Quanah Gibson-Mount
2814365126 ITS#10214 2024-05-09 17:10:10 +00:00
Quanah Gibson-Mount
5747936fd5 ITS#10214 - Regenerate configure 2024-05-09 17:09:19 +00:00
HAMANO Tsukasa
71f8894a9c ITS#10214 Reduce library dependencies 
Currently, slapd links libsystemd to notify service state to systemd.
However, libsystemd link several unnecessary libraries, which increases security risks.
The systemd documentation provides a method to send state notifications to systemd using a simple protocol without the need to link against libsystemd.

https://www.freedesktop.org/software/systemd/man/devel/sd_notify.html
 2024-05-09 17:08:46 +00:00
Quanah Gibson-Mount
585c66a1c0 ITS#9921 2024-05-08 17:57:16 +00:00
Howard Chu
cfcb996084 ITS#9921 fix vlvResult comment 2024-05-08 15:30:06 +00:00
Quanah Gibson-Mount
2624ea1416 Merge remote-tracking branch 'origin/mdb.RE/0.9' into OPENLDAP_REL_ENG_2_6 2024-05-07 17:29:40 +00:00
Quanah Gibson-Mount
fd4db20d77 Merge remote-tracking branch 'origin/mdb.RE/0.9' into OPENLDAP_REL_ENG_2_6 2024-05-07 17:29:14 +00:00
Quanah Gibson-Mount
7c99799729 ITS#10212 2024-05-07 16:49:34 +00:00
Quanah Gibson-Mount
ccbec37209 ITS#10198 2024-05-07 16:49:00 +00:00
Quanah Gibson-Mount
ba13a88dbf ITS#10208 2024-05-07 16:45:11 +00:00
Ondřej Kuzník
d0a392b210 ITS#10084 Switch MECH default away from DIGEST-MD5 2024-05-07 16:43:54 +00:00
Quanah Gibson-Mount
b03015b273 ITS#10211 2024-05-07 16:38:07 +00:00
Nick Porter
0938316f3f ITS#10211 slapd: Fix peercred uid and gid format 
uid and gid are unsigned int and so should be formatted as such when
creating the authid string.
 2024-05-07 16:37:12 +00:00
Quanah Gibson-Mount
32db3dce4d ITS#10206 2024-05-07 16:35:27 +00:00
Ryan Tandy
b3c81ba171 ITS#10206 Include <kadm5/private.h> for kadm5_s_init_with_password_ctx 2024-05-07 16:35:12 +00:00
Quanah Gibson-Mount
7f5f4c635d ITS#10204 2024-05-07 16:33:24 +00:00
Howard Chu
3f752740b1 ITS#10204 slapo-constraint: fix double-free on invalid attr 2024-05-07 16:32:51 +00:00
Quanah Gibson-Mount
0feb4ef151 ITS#10197 2024-05-07 16:32:32 +00:00
Nadezhda Ivanova
5a0fb54284 ITS#10197 Back-meta and back-asyncmeta add a new target structure and increase the number of targets even if uri parsing fails 
Reproducible when adding a new target via cn=config
 2024-05-07 16:31:45 +00:00
Quanah Gibson-Mount
1a82434b92 ITS#10183 2024-05-07 16:31:32 +00:00