Kurt Zeilenga
e6fd8bfbb0
Remove version from encoding
...
(previously removed from SASL choices, but should be always absent)
2011-01-03 19:21:03 +00:00
Howard Chu
8018924efd
ITS#6741 support Bitstring in ldap_X509dn2bv()
2010-12-30 19:38:57 +00:00
Kurt Zeilenga
46f4813632
Remove dead code.
2010-12-30 17:46:26 +00:00
Pierangelo Masarati
f3dd90a553
s/0/O/
2010-12-30 15:58:48 +00:00
Pierangelo Masarati
538b582cdc
fix perror; removed extra sequence opening (is it needed; if yes, it must also be closed, see #if 0)
2010-12-30 15:51:25 +00:00
Pierangelo Masarati
7dfc54378c
s/VCRequest/VCResponse/
2010-12-30 14:12:26 +00:00
Howard Chu
f697a3ffed
ITS#6742 from Rich Megginson @ Red Hat
2010-12-24 00:29:31 +00:00
Howard Chu
1bb648841b
ITS#6453 cleanup on LDAP_TIMEOUT
2010-12-23 23:18:41 +00:00
Kurt Zeilenga
6119ad7294
Misc vc updates
2010-12-15 00:59:42 +00:00
Kurt Zeilenga
8a692a0034
Add comment regarding ASN.1 syntax
...
rm version field
2010-12-14 22:09:50 +00:00
Kurt Zeilenga
25aa65f693
cleanup
2010-12-14 21:14:31 +00:00
Kurt Zeilenga
d3b51f2614
LDAP "Verify Credentials" operation
...
Client library implementation only
2010-12-14 20:58:02 +00:00
Hallvard Furuseth
5feeec67d7
ITS#6747 Fix LDAP_CONNECTIONLESS Debug(), warnings
2010-12-14 15:06:32 +00:00
Howard Chu
439030a16d
ITS#6714 non-blocking support from Richard Megginson @ Red Hat
2010-12-11 04:57:10 +00:00
Howard Chu
0215833bcd
Cleanup prev commit
2010-12-11 04:51:21 +00:00
Howard Chu
a2053729f0
ITS#6744 - plug leak
2010-12-11 04:35:01 +00:00
Howard Chu
75bb972859
Partial fix for non-string types in cert DNs. (Need to add explicit support
...
for Bitstring, maybe a few others.)
2010-12-10 02:05:18 +00:00
Pierangelo Masarati
d5f101f836
typo in comment
2010-12-07 10:11:06 +00:00
Hallvard Furuseth
16b7df8397
ITS#6625 Remove some LDAP_R_COMPILEs
2010-12-06 11:31:58 +00:00
Hallvard Furuseth
5ecd624f50
Fix ITS#6625: mutex-protect ldap_free_connection()
2010-12-06 10:51:55 +00:00
Hallvard Furuseth
7cb9c496bf
ITS#6625 concurrency patch cleanup
2010-12-06 10:41:41 +00:00
Pierangelo Masarati
603eec5758
remove #ifdef EAGAIN, EWOULDBLOCK (ITS#6603)
2010-11-24 14:47:46 +00:00
Hallvard Furuseth
7c29e2c7c5
ITS#6723: Handle EOF in test programs
2010-11-23 12:12:54 +00:00
Hallvard Furuseth
b75b769471
Fix cyrus.c rev 1.159 for --without-cyrus-sasl:
...
It modified ldap_int_sasl_bind()'s prototype with but not without SASL.
2010-11-19 12:32:05 +00:00
Howard Chu
1ed2d0a485
ITS#6706 from Rich Megginson @ Red Hat - improve diagnostic messages
2010-11-15 20:47:24 +00:00
Howard Chu
750f7f895b
ITS#6705 from Rich Megginson @ Red Hat - only use .0 files in cacertdir
2010-11-15 20:45:47 +00:00
Howard Chu
4c31652ee8
ITS#6704 from Rich Megginson @ Red Hat - use both cacert and cacertdir
2010-11-15 20:44:32 +00:00
Howard Chu
208308d4dd
ITS#6703 from Rich Megginson @ Red Hat - reject non-files for cert/key pem files
2010-11-15 20:43:53 +00:00
Howard Chu
f26b5b6692
ITS#6689 from Rich Megginson @ Red Hat
2010-10-29 10:30:30 +00:00
Howard Chu
0f30db1c46
ITS#6625 concurrency patch from Doug Leavitt @ Oracle .com
2010-10-22 21:45:48 +00:00
Howard Chu
abe4a5f83b
ITS#6673 GnuTLS hangs if you tell it to shut the read direction. Just
...
shut the write direction; it will all be irrelevant since the socket
will be closed immediately after.
2010-10-16 12:11:11 +00:00
Howard Chu
845bf30c5b
Fix prev commit
2010-10-15 13:53:12 +00:00
Howard Chu
f1a18f4e53
Cleanup prev commit
2010-10-14 03:11:26 +00:00
Howard Chu
120d2ce228
More for prev commit. What about ldap_pvt_sasl_getmechs() ?
2010-10-14 01:47:09 +00:00
Howard Chu
fca72f333b
Add ldap_sasl_interactive_bind()
2010-10-14 01:29:32 +00:00
Howard Chu
0b660dc9f6
ITS#6672 mutex cleanup
2010-10-13 08:43:15 +00:00
Pierangelo Masarati
2b1b37cd4b
do not use lutil_atoix() (ITS#6654)
2010-09-21 00:10:44 +00:00
Pierangelo Masarati
9d77d61314
don't use lud_host when NULL (ITS#6653, fixed differently)
2010-09-21 00:05:36 +00:00
Howard Chu
f32f1a45d4
ITS#6639 set sock err to EAGAIN on partial write
2010-09-12 10:09:45 +00:00
Pierangelo Masarati
4601107e4e
fix format specifier (ITS#6644)
2010-09-09 16:05:26 +00:00
Pierangelo Masarati
6c6e187b98
do not alter ld_nextref_proc (ITS#6602)
2010-07-27 00:55:51 +00:00
Pierangelo Masarati
d27038f6b4
fix previous commit
2010-07-26 19:45:36 +00:00
Pierangelo Masarati
c2ab1778a0
check mutex ownership
2010-07-26 19:26:59 +00:00
Howard Chu
71f062afee
ITS#6595 remove unneeded token init code. From Rich Megginson @ RedHat.
2010-07-21 22:57:01 +00:00
Howard Chu
e0cac8a048
ITS#6589 allow self-signed server certs, from Rich Megginson @ RedHat.com
2010-07-14 23:11:34 +00:00
Howard Chu
ce1e201343
add ifdefs for SASL_GSS_CREDS to accomodate ancient Cyrus SASL
2010-06-12 22:10:16 +00:00
Howard Chu
33bfd730a1
ITS#6569 return server's error code on Disconnect
2010-06-02 03:30:19 +00:00
Howard Chu
d3a1be4e3f
ITS#6568 plug cldap memleaks
2010-06-02 03:10:39 +00:00
Howard Chu
2dd75cf206
Support option SASL_GSS_CREDS
2010-05-13 06:08:21 +00:00
Pierangelo Masarati
a94b978e9d
(blind) fix off-by-one bug (ITS#6223; fixed differently)
2010-04-18 02:42:56 +00:00
Howard Chu
b8013e828c
No longer used
2010-04-15 21:29:50 +00:00
Pierangelo Masarati
ee156cfd7a
serial can be longer than ber_int_t (ITS#6460)
2010-04-14 20:26:24 +00:00
Kurt Zeilenga
3dadeb3efe
happy belated New Year
2010-04-13 22:17:29 +00:00
Pierangelo Masarati
9331182a07
union of operation-specific data in LDIFRecord (ITS#6194, by Rich Megginson)
2010-04-13 07:37:59 +00:00
Howard Chu
68b292d869
Cleanup prev commit
2010-04-12 20:21:13 +00:00
Howard Chu
86c361cdb8
In tmp_rsa_cb, new API is in 0.9.8 inclusive, not exclusive
2010-04-12 03:21:05 +00:00
Howard Chu
1dbefa75be
ITS#6432 updated MozNSS context and PEM support
2010-04-12 02:44:28 +00:00
Pierangelo Masarati
d033f680b5
(ITS#6194) Patch - Enhancement - provide LDIF support as libldif
2010-04-12 02:01:55 +00:00
Howard Chu
e5302c2431
ITS#6510 ignore referrals on Bind response
2010-04-09 18:30:29 +00:00
Kurt Zeilenga
abdb6c683f
ldap_parse_result should always free result when freeit is true.
2010-03-26 14:05:47 +00:00
Kurt Zeilenga
f967ec3b4e
Set res parameter to NULL upon ldap_search_ext_s entry. Likewise for friends.
...
Note in manual that res parameter should be freed regardless of return value
of ldap_search_ext_s (or friends).
2010-01-29 23:11:24 +00:00
Pierangelo Masarati
797387c4ef
skip the serial, whatever its length (ITS#6460)
2010-01-24 19:16:57 +00:00
Howard Chu
127e504015
ITS#6405 in ldap_pvt_gettime, also check for microsecs going backward
2009-11-30 21:47:38 +00:00
Howard Chu
61be1d55d3
More for prev commit - only set if URL was provided.
...
(should URL be mandatory?)
2009-11-18 22:37:02 +00:00
Howard Chu
a248701ed2
ITS#6386 Must init conn->lconn_server
2009-11-18 22:23:14 +00:00
Pierangelo Masarati
a95b8cd488
honor -1 timeout (ITS#6388)
2009-11-18 14:57:52 +00:00
Howard Chu
b99fdb6506
ITS#6283 add missing env options
2009-11-15 21:48:49 +00:00
Howard Chu
9a65f35f2e
partially revert prev commit
2009-11-06 02:20:40 +00:00
Howard Chu
86d9e86afd
Minor cleanup in strval2str
2009-11-06 01:37:09 +00:00
Hallvard Furuseth
7b22b22202
ITS#6355: Fix uninitialiezed lso_tmp_rsa_cb() return value
2009-10-30 17:08:57 +00:00
Howard Chu
585940984c
Fix prev commit, s/errno/err/g
2009-10-27 01:55:45 +00:00
Howard Chu
405c68abf9
For prev commit, check for EINTR/EAGAIN/EWOULDBLOCK
2009-10-26 23:52:55 +00:00
Howard Chu
a05d7015e0
ITS#6327, #6334 take ret=-1/EINTR into account
2009-10-26 23:36:39 +00:00
Howard Chu
30c55952d3
Cleanup prev commit
2009-10-26 19:19:20 +00:00
Howard Chu
1155f5ff20
ITS#6327 fix sb_sasl_generic_write retval for partial writes
2009-10-26 18:49:42 +00:00
Ralf Haferkamp
8fcdc29405
In case of certificate verification failures include failure reason
...
into the error message (openssl only)
2009-09-30 16:25:23 +00:00
Howard Chu
e0431681ad
On OpenSSL 0.9.8 and newer, use RSA_generate_key_ex since
...
RSA_generate_key is deprecated
2009-09-25 23:31:24 +00:00
Pierangelo Masarati
4b4db7b529
keep compatibility with slapd's gmtime_mutex (ITS#6262)
2009-09-08 23:21:21 +00:00
Howard Chu
2ba0e44ad1
ITS#6278 PEM support for MozNSS from rmeggins@redhat.com, with header cleanups
2009-08-29 03:41:53 +00:00
Pierangelo Masarati
ba2bddafbd
copy username, much like other string-valued options (more about ITS#6257)
2009-08-19 21:46:07 +00:00
Pierangelo Masarati
a846dad6fb
cleanup previous commit
2009-08-19 13:10:30 +00:00
Pierangelo Masarati
9abaf38d1f
silence warnings
2009-08-19 12:23:27 +00:00
Pierangelo Masarati
8776630509
address signedness issue
2009-08-19 12:06:04 +00:00
Hallvard Furuseth
f0d775609b
More ITS#6262: Also define ldap_pvt_gmtime_[un]lock if localtime_r is missing
2009-08-19 10:10:31 +00:00
Pierangelo Masarati
637182b8f4
fix previous commit
2009-08-19 00:12:39 +00:00
Pierangelo Masarati
f3cdcadf89
wrap gmtime for reentrancy (ITS#6262)
2009-08-18 23:48:15 +00:00
Pierangelo Masarati
5c916588b8
fix previous commit
2009-08-18 19:09:12 +00:00
Pierangelo Masarati
98a8b74d53
expose SASL_USERNAME when it makes sense (EXTERN needs work, much like SASL_SSL) (ITS#6257)
2009-08-18 18:47:56 +00:00
Howard Chu
b87553684a
More for prev commit
2009-08-14 20:02:08 +00:00
Howard Chu
9b764c3f9e
Fix prev commit again, IPPROTO_TCP is the documented correct approach
2009-08-13 21:35:38 +00:00
Howard Chu
f5bad5673b
Fix prev commit, it was not Linux-only as it claimed to be.
2009-08-13 20:55:04 +00:00
Hallvard Furuseth
791035d93f
Fix last commit: cast strcasecmp unsigned char* to char*
2009-08-07 21:46:25 +00:00
Howard Chu
e229b7c398
In session_chkhost get the last CN, not the first.
2009-08-07 11:59:42 +00:00
Howard Chu
d479db53e0
Minor cleanup
2009-07-31 03:26:03 +00:00
Howard Chu
403ee0b62e
Fix, reqcert == ALLOW should ignore cert verification failures
2009-07-31 01:51:34 +00:00
Howard Chu
3f2101198b
ITS#6239 use our own hostname checking for MozNSS
2009-07-31 01:32:51 +00:00
Howard Chu
d4f2a06887
Check for CN length match as well in chkhost
2009-07-30 21:52:09 +00:00
Howard Chu
91dc4501d4
Add VLV Error
2009-07-13 13:13:38 +00:00
Hallvard Furuseth
bbe015f65b
ITS#6197 - normalize & speed up ldap_err2string/ldap_perror():
...
Use same result code -> string mapping for both, removing ldap_int_error():
- Classify unknown error codes as API/extension/etc like _err2string did.
- Pass all strings through _(), i.e. the optional gettext, as _perror did.
Also use a switch instead of linear search for the code->string mapping.
Hopefully the compiler will optimize that. Though the extra gettext,
if anyone uses it, probably counters that speedup.
2009-07-07 20:05:09 +00:00
Howard Chu
8680c13c5f
Cleanup ciphernum
2009-07-03 02:06:24 +00:00