Commit Graph

1754 Commits

Author SHA1 Message Date
Kurt Zeilenga
e6fd8bfbb0 Remove version from encoding
(previously removed from SASL choices, but should be always absent)
2011-01-03 19:21:03 +00:00
Howard Chu
8018924efd ITS#6741 support Bitstring in ldap_X509dn2bv() 2010-12-30 19:38:57 +00:00
Kurt Zeilenga
46f4813632 Remove dead code. 2010-12-30 17:46:26 +00:00
Pierangelo Masarati
f3dd90a553 s/0/O/ 2010-12-30 15:58:48 +00:00
Pierangelo Masarati
538b582cdc fix perror; removed extra sequence opening (is it needed; if yes, it must also be closed, see #if 0) 2010-12-30 15:51:25 +00:00
Pierangelo Masarati
7dfc54378c s/VCRequest/VCResponse/ 2010-12-30 14:12:26 +00:00
Howard Chu
f697a3ffed ITS#6742 from Rich Megginson @ Red Hat 2010-12-24 00:29:31 +00:00
Howard Chu
1bb648841b ITS#6453 cleanup on LDAP_TIMEOUT 2010-12-23 23:18:41 +00:00
Kurt Zeilenga
6119ad7294 Misc vc updates 2010-12-15 00:59:42 +00:00
Kurt Zeilenga
8a692a0034 Add comment regarding ASN.1 syntax
rm version field
2010-12-14 22:09:50 +00:00
Kurt Zeilenga
25aa65f693 cleanup 2010-12-14 21:14:31 +00:00
Kurt Zeilenga
d3b51f2614 LDAP "Verify Credentials" operation
Client library implementation only
2010-12-14 20:58:02 +00:00
Hallvard Furuseth
5feeec67d7 ITS#6747 Fix LDAP_CONNECTIONLESS Debug(), warnings 2010-12-14 15:06:32 +00:00
Howard Chu
439030a16d ITS#6714 non-blocking support from Richard Megginson @ Red Hat 2010-12-11 04:57:10 +00:00
Howard Chu
0215833bcd Cleanup prev commit 2010-12-11 04:51:21 +00:00
Howard Chu
a2053729f0 ITS#6744 - plug leak 2010-12-11 04:35:01 +00:00
Howard Chu
75bb972859 Partial fix for non-string types in cert DNs. (Need to add explicit support
for Bitstring, maybe a few others.)
2010-12-10 02:05:18 +00:00
Pierangelo Masarati
d5f101f836 typo in comment 2010-12-07 10:11:06 +00:00
Hallvard Furuseth
16b7df8397 ITS#6625 Remove some LDAP_R_COMPILEs 2010-12-06 11:31:58 +00:00
Hallvard Furuseth
5ecd624f50 Fix ITS#6625: mutex-protect ldap_free_connection() 2010-12-06 10:51:55 +00:00
Hallvard Furuseth
7cb9c496bf ITS#6625 concurrency patch cleanup 2010-12-06 10:41:41 +00:00
Pierangelo Masarati
603eec5758 remove #ifdef EAGAIN, EWOULDBLOCK (ITS#6603) 2010-11-24 14:47:46 +00:00
Hallvard Furuseth
7c29e2c7c5 ITS#6723: Handle EOF in test programs 2010-11-23 12:12:54 +00:00
Hallvard Furuseth
b75b769471 Fix cyrus.c rev 1.159 for --without-cyrus-sasl:
It modified ldap_int_sasl_bind()'s prototype with but not without SASL.
2010-11-19 12:32:05 +00:00
Howard Chu
1ed2d0a485 ITS#6706 from Rich Megginson @ Red Hat - improve diagnostic messages 2010-11-15 20:47:24 +00:00
Howard Chu
750f7f895b ITS#6705 from Rich Megginson @ Red Hat - only use .0 files in cacertdir 2010-11-15 20:45:47 +00:00
Howard Chu
4c31652ee8 ITS#6704 from Rich Megginson @ Red Hat - use both cacert and cacertdir 2010-11-15 20:44:32 +00:00
Howard Chu
208308d4dd ITS#6703 from Rich Megginson @ Red Hat - reject non-files for cert/key pem files 2010-11-15 20:43:53 +00:00
Howard Chu
f26b5b6692 ITS#6689 from Rich Megginson @ Red Hat 2010-10-29 10:30:30 +00:00
Howard Chu
0f30db1c46 ITS#6625 concurrency patch from Doug Leavitt @ Oracle .com 2010-10-22 21:45:48 +00:00
Howard Chu
abe4a5f83b ITS#6673 GnuTLS hangs if you tell it to shut the read direction. Just
shut the write direction; it will all be irrelevant since the socket
will be closed immediately after.
2010-10-16 12:11:11 +00:00
Howard Chu
845bf30c5b Fix prev commit 2010-10-15 13:53:12 +00:00
Howard Chu
f1a18f4e53 Cleanup prev commit 2010-10-14 03:11:26 +00:00
Howard Chu
120d2ce228 More for prev commit. What about ldap_pvt_sasl_getmechs() ? 2010-10-14 01:47:09 +00:00
Howard Chu
fca72f333b Add ldap_sasl_interactive_bind() 2010-10-14 01:29:32 +00:00
Howard Chu
0b660dc9f6 ITS#6672 mutex cleanup 2010-10-13 08:43:15 +00:00
Pierangelo Masarati
2b1b37cd4b do not use lutil_atoix() (ITS#6654) 2010-09-21 00:10:44 +00:00
Pierangelo Masarati
9d77d61314 don't use lud_host when NULL (ITS#6653, fixed differently) 2010-09-21 00:05:36 +00:00
Howard Chu
f32f1a45d4 ITS#6639 set sock err to EAGAIN on partial write 2010-09-12 10:09:45 +00:00
Pierangelo Masarati
4601107e4e fix format specifier (ITS#6644) 2010-09-09 16:05:26 +00:00
Pierangelo Masarati
6c6e187b98 do not alter ld_nextref_proc (ITS#6602) 2010-07-27 00:55:51 +00:00
Pierangelo Masarati
d27038f6b4 fix previous commit 2010-07-26 19:45:36 +00:00
Pierangelo Masarati
c2ab1778a0 check mutex ownership 2010-07-26 19:26:59 +00:00
Howard Chu
71f062afee ITS#6595 remove unneeded token init code. From Rich Megginson @ RedHat. 2010-07-21 22:57:01 +00:00
Howard Chu
e0cac8a048 ITS#6589 allow self-signed server certs, from Rich Megginson @ RedHat.com 2010-07-14 23:11:34 +00:00
Howard Chu
ce1e201343 add ifdefs for SASL_GSS_CREDS to accomodate ancient Cyrus SASL 2010-06-12 22:10:16 +00:00
Howard Chu
33bfd730a1 ITS#6569 return server's error code on Disconnect 2010-06-02 03:30:19 +00:00
Howard Chu
d3a1be4e3f ITS#6568 plug cldap memleaks 2010-06-02 03:10:39 +00:00
Howard Chu
2dd75cf206 Support option SASL_GSS_CREDS 2010-05-13 06:08:21 +00:00
Pierangelo Masarati
a94b978e9d (blind) fix off-by-one bug (ITS#6223; fixed differently) 2010-04-18 02:42:56 +00:00
Howard Chu
b8013e828c No longer used 2010-04-15 21:29:50 +00:00
Pierangelo Masarati
ee156cfd7a serial can be longer than ber_int_t (ITS#6460) 2010-04-14 20:26:24 +00:00
Kurt Zeilenga
3dadeb3efe happy belated New Year 2010-04-13 22:17:29 +00:00
Pierangelo Masarati
9331182a07 union of operation-specific data in LDIFRecord (ITS#6194, by Rich Megginson) 2010-04-13 07:37:59 +00:00
Howard Chu
68b292d869 Cleanup prev commit 2010-04-12 20:21:13 +00:00
Howard Chu
86c361cdb8 In tmp_rsa_cb, new API is in 0.9.8 inclusive, not exclusive 2010-04-12 03:21:05 +00:00
Howard Chu
1dbefa75be ITS#6432 updated MozNSS context and PEM support 2010-04-12 02:44:28 +00:00
Pierangelo Masarati
d033f680b5 (ITS#6194) Patch - Enhancement - provide LDIF support as libldif 2010-04-12 02:01:55 +00:00
Howard Chu
e5302c2431 ITS#6510 ignore referrals on Bind response 2010-04-09 18:30:29 +00:00
Kurt Zeilenga
abdb6c683f ldap_parse_result should always free result when freeit is true. 2010-03-26 14:05:47 +00:00
Kurt Zeilenga
f967ec3b4e Set res parameter to NULL upon ldap_search_ext_s entry. Likewise for friends.
Note in manual that res parameter should be freed regardless of return value
of ldap_search_ext_s (or friends).
2010-01-29 23:11:24 +00:00
Pierangelo Masarati
797387c4ef skip the serial, whatever its length (ITS#6460) 2010-01-24 19:16:57 +00:00
Howard Chu
127e504015 ITS#6405 in ldap_pvt_gettime, also check for microsecs going backward 2009-11-30 21:47:38 +00:00
Howard Chu
61be1d55d3 More for prev commit - only set if URL was provided.
(should URL be mandatory?)
2009-11-18 22:37:02 +00:00
Howard Chu
a248701ed2 ITS#6386 Must init conn->lconn_server 2009-11-18 22:23:14 +00:00
Pierangelo Masarati
a95b8cd488 honor -1 timeout (ITS#6388) 2009-11-18 14:57:52 +00:00
Howard Chu
b99fdb6506 ITS#6283 add missing env options 2009-11-15 21:48:49 +00:00
Howard Chu
9a65f35f2e partially revert prev commit 2009-11-06 02:20:40 +00:00
Howard Chu
86d9e86afd Minor cleanup in strval2str 2009-11-06 01:37:09 +00:00
Hallvard Furuseth
7b22b22202 ITS#6355: Fix uninitialiezed lso_tmp_rsa_cb() return value 2009-10-30 17:08:57 +00:00
Howard Chu
585940984c Fix prev commit, s/errno/err/g 2009-10-27 01:55:45 +00:00
Howard Chu
405c68abf9 For prev commit, check for EINTR/EAGAIN/EWOULDBLOCK 2009-10-26 23:52:55 +00:00
Howard Chu
a05d7015e0 ITS#6327, #6334 take ret=-1/EINTR into account 2009-10-26 23:36:39 +00:00
Howard Chu
30c55952d3 Cleanup prev commit 2009-10-26 19:19:20 +00:00
Howard Chu
1155f5ff20 ITS#6327 fix sb_sasl_generic_write retval for partial writes 2009-10-26 18:49:42 +00:00
Ralf Haferkamp
8fcdc29405 In case of certificate verification failures include failure reason
into the error message (openssl only)
2009-09-30 16:25:23 +00:00
Howard Chu
e0431681ad On OpenSSL 0.9.8 and newer, use RSA_generate_key_ex since
RSA_generate_key is deprecated
2009-09-25 23:31:24 +00:00
Pierangelo Masarati
4b4db7b529 keep compatibility with slapd's gmtime_mutex (ITS#6262) 2009-09-08 23:21:21 +00:00
Howard Chu
2ba0e44ad1 ITS#6278 PEM support for MozNSS from rmeggins@redhat.com, with header cleanups 2009-08-29 03:41:53 +00:00
Pierangelo Masarati
ba2bddafbd copy username, much like other string-valued options (more about ITS#6257) 2009-08-19 21:46:07 +00:00
Pierangelo Masarati
a846dad6fb cleanup previous commit 2009-08-19 13:10:30 +00:00
Pierangelo Masarati
9abaf38d1f silence warnings 2009-08-19 12:23:27 +00:00
Pierangelo Masarati
8776630509 address signedness issue 2009-08-19 12:06:04 +00:00
Hallvard Furuseth
f0d775609b More ITS#6262: Also define ldap_pvt_gmtime_[un]lock if localtime_r is missing 2009-08-19 10:10:31 +00:00
Pierangelo Masarati
637182b8f4 fix previous commit 2009-08-19 00:12:39 +00:00
Pierangelo Masarati
f3cdcadf89 wrap gmtime for reentrancy (ITS#6262) 2009-08-18 23:48:15 +00:00
Pierangelo Masarati
5c916588b8 fix previous commit 2009-08-18 19:09:12 +00:00
Pierangelo Masarati
98a8b74d53 expose SASL_USERNAME when it makes sense (EXTERN needs work, much like SASL_SSL) (ITS#6257) 2009-08-18 18:47:56 +00:00
Howard Chu
b87553684a More for prev commit 2009-08-14 20:02:08 +00:00
Howard Chu
9b764c3f9e Fix prev commit again, IPPROTO_TCP is the documented correct approach 2009-08-13 21:35:38 +00:00
Howard Chu
f5bad5673b Fix prev commit, it was not Linux-only as it claimed to be. 2009-08-13 20:55:04 +00:00
Hallvard Furuseth
791035d93f Fix last commit: cast strcasecmp unsigned char* to char* 2009-08-07 21:46:25 +00:00
Howard Chu
e229b7c398 In session_chkhost get the last CN, not the first. 2009-08-07 11:59:42 +00:00
Howard Chu
d479db53e0 Minor cleanup 2009-07-31 03:26:03 +00:00
Howard Chu
403ee0b62e Fix, reqcert == ALLOW should ignore cert verification failures 2009-07-31 01:51:34 +00:00
Howard Chu
3f2101198b ITS#6239 use our own hostname checking for MozNSS 2009-07-31 01:32:51 +00:00
Howard Chu
d4f2a06887 Check for CN length match as well in chkhost 2009-07-30 21:52:09 +00:00
Howard Chu
91dc4501d4 Add VLV Error 2009-07-13 13:13:38 +00:00
Hallvard Furuseth
bbe015f65b ITS#6197 - normalize & speed up ldap_err2string/ldap_perror():
Use same result code -> string mapping for both, removing ldap_int_error():
- Classify unknown error codes as API/extension/etc like _err2string did.
- Pass all strings through _(), i.e. the optional gettext, as _perror did.

Also use a switch instead of linear search for the code->string mapping.
Hopefully the compiler will optimize that.  Though the extra gettext,
if anyone uses it, probably counters that speedup.
2009-07-07 20:05:09 +00:00
Howard Chu
8680c13c5f Cleanup ciphernum 2009-07-03 02:06:24 +00:00