Commit Graph

352 Commits

Author SHA1 Message Date
Emmanuel Dreyfus
0d10236da9 Use newer DES API so that smbk5pwd loads with newer OpenSSL
OpenSSL removed old DES API which used des_* functions.
24956ca00f

In order to link with libcrypto from recent OpenSSL releases, we need
to replace the older API des_* functions by the newer API DES_* functions.

Signed-off-by: Emmanuel Dreyfus <manu@netbsd.org>
2016-11-29 09:35:08 -08:00
Hallvard Furuseth
2996fda0ee Fix contrib prototypes - add ConfigReply* 2016-06-12 10:19:03 +02:00
Hallvard Furuseth
23c5d6bbdd ITS#8435 Fix uninited slap_callback.sc_writewait 2016-06-12 08:30:58 +02:00
Devin J. Pohly
fb5b3a0df2 ITS#6826 conversion scripts
These were provided as part of the original ITS but not previously committed.
Perl scripts to convert between Apache and OpenLDAP hash formats.
2016-04-11 13:35:39 +01:00
Quanah Gibson-Mount
6c4d6c880b Happy New Year! 2016-01-29 13:32:05 -06:00
Howard Chu
fb00ef1915 ITS#8294 more for prev commit 2015-10-29 20:31:36 +00:00
Howard Chu
01c27e1342 ITS#8294 avoid symbol clash with other crypto libs 2015-10-29 20:19:00 +00:00
Howard Chu
639da48fdc ITS#8230 add GnuTLS/nettle support 2015-09-25 19:28:18 +01:00
Howard Chu
ccedb68ee2 ITS#8230 fix padding count 2015-09-25 18:53:05 +01:00
Howard Chu
6e4c747d5d ITS#8230 Don't skip tval on big-endian 2015-09-25 18:52:24 +01:00
Ryan Tandy
f81bec6184 ITS#8235 fix compiler warnings 2015-09-02 13:15:23 -07:00
Ryan Tandy
9d2dc5dd24 ITS#8198 use #elif instead of #else for gnutls cases
Reserve #else for actual fallback cases.
2015-08-22 18:59:13 -07:00
Luca Bruno
709a0f4a97 ITS#8198 Optionally use libnettle instead of OpenSSL for crypto
OpenLDAP can be configured to be either built with OpenSSL or
GnuTLS. This commit adds support for building pw-pbkbdf2 module
without OpenSSL, by using PBKDF2 crypto primitives provided by
libnettle.
Closes hamano/openldap-pbkdf2#2

Signed-off-by: Luca Bruno <luca.bruno@rocket-internet.de>
2015-08-22 19:35:38 +00:00
Luca Bruno
ba20d70d2b ITS#8198 Fix an always-true check
Fixed asprintf return value check, in order to properly catch
error conditions. This has been caught by clang -Wtautological-compare:

pw-pbkdf2.c:132:17: warning: comparison of unsigned expression < 0 is always false
        if(msg->bv_len < 0){
           ~~~~~~~~~~~ ^ ~

Signed-off-by: Luca Bruno <luca.bruno@rocket-internet.de>
2015-08-22 19:35:34 +00:00
Howard Chu
768967f176 More filter tweaks 2015-08-10 19:36:06 +01:00
Howard Chu
571a7c72fc Shortcut name mapping
If the naming attribute is in the RDN we don't need to look it up.
2015-08-09 20:57:49 +01:00
Howard Chu
523f989d8f More filter mapping
Was only handling (objectclass=<group>)(<memberUid>=bar).
Now handles (objectclass=<group>)(<groupname>=bar) too.
2015-08-07 04:04:22 +01:00
Howard Chu
706bbd42d9 Fix interaction with rwm 2015-08-01 00:35:44 +01:00
Howard Chu
20c0464fed Also remap explicitly requested attr names 2015-08-01 00:20:49 +01:00
Howard Chu
024d4cbee2 Fix filter init
compound filters f_next is not ignored
2015-07-28 12:10:54 +01:00
Howard Chu
fb7470d82f More tweaks
Check for error on internal search, init AttributeAssertions in
constructed filter
2015-07-25 23:23:41 +01:00
Howard Chu
3770a2c1e3 tweak filter mapping in prev commit
Don't bypass downcasing
2015-07-25 22:31:43 +01:00
Howard Chu
4cbd3b63c0 Add filter remapping 2015-07-25 22:23:46 +01:00
Howard Chu
a8491a63e6 Fix setting authTimestamp on non-TOTP binds 2015-07-16 03:28:37 +01:00
Howard Chu
34e7cbb6fe Plug memleak on mismatched length 2015-07-13 17:17:42 +01:00
Howard Chu
1ab08d2f8e Fix whitespace in manpage 2015-07-07 19:10:00 +01:00
Howard Chu
b6208a4474 New ADremap overlay 2015-07-03 20:11:25 +01:00
Howard Chu
e4278b5731 Fix cfg OID typos 2015-07-03 10:52:20 +01:00
Howard Chu
ea43ac38bf Merge authTimestamp from lastbind overlay
This code duplicates the basic function of lastbind. The two overlays
cannot be used together. The timestamp Mod op is changed to require
the old value to still be present at the end of the Bind. This allows
us to detect collisions (multiple successful Binds in the same time
window) and properly fail the extra Bind attempts.
2015-07-02 20:12:51 +01:00
Howard Chu
e069a79239 Add TOTP pw mechanism 2015-07-02 17:05:14 +01:00
Ryan Tandy
0146e3ddfc ITS#8097 nssov: clean up some compiler warnings 2015-04-16 03:41:48 +01:00
Ryan Tandy
dc277009e2 ITS#8097 nssov: update to protocol version 2
This updates nssov for the protocol changes in nss-pam-ldapd commits
5f55781 and 6a74d8d. The protocol was changed to network byte order,
uid_t and gid_t were changed to int32_t, and the READ_TYPE and
WRITE_TYPE macros were removed. The PAM protocol was restructured to
drop the DN field and to use a common basic set of fields for all
requests.
2015-04-16 03:41:30 +01:00
Ryan Tandy
6a28f3dc20 ITS#8097 nssov: update nss-pam-ldapd files to 0.9.4 2015-04-16 03:41:05 +01:00
Howard Chu
2d9f33072b ITS#8080 nssov: use old pwd if it's given 2015-03-18 20:50:19 +00:00
Ryan Tandy
0200c6d92c ITS#8080 nssov: allow user pwmod without pwdmgr configured 2015-03-18 20:48:15 +00:00
Ryan Tandy
957d4770eb ITS#8080 nssov: only allow root to become pwdmgr 2015-03-18 20:47:57 +00:00
Ryan Tandy
7e3177070a ITS#8080 nssov: require old password unless pwdmgr 2015-03-18 20:47:32 +00:00
Ryan Tandy
05ea78703b ITS#8079 nssov: fix compare for usergroup
More for 5c527bc49e
2015-03-15 19:32:29 +00:00
Howard Chu
1859a6f069 ITS#8065 more for syncrepl compat
Use opextra to detect our own internal ops, not a public control
2015-03-09 19:05:07 +00:00
Howard Chu
9655b23ce0 ITS#8006 more rootdn privs 2015-02-26 00:14:41 +00:00
Howard Chu
91f14e6c39 ITS#8065 don't log/replicate internal ops 2015-02-25 15:34:00 +00:00
Howard Chu
46c07bbfb5 More for prev commit 2015-02-25 00:39:14 +00:00
Howard Chu
79bbf05c5a More for ITS#6970
modrdn had the same bug
2015-02-25 00:30:36 +00:00
Quanah Gibson-Mount
1705fa7e55 Happy New Year 2015-02-11 15:36:57 -06:00
Howard Chu
9232232397 More for ITS#6970 2015-02-02 19:28:59 +00:00
SATOH Fumiyasu
ea58e1ee55 ITS#7782 tweak contrib/slapd-modules/**/Makefile
Set LDAP_BUILD=$(LDAP_SRC) by default
2014-12-16 19:52:44 +00:00
Howard Chu
a8bfed69fd ITS#8006 Use rootdn consistently on internal ops 2014-12-15 20:20:23 +00:00
Howard Chu
b8912c33ba ITS#8000 silence warnings 2014-12-10 22:24:25 +00:00
Howard Chu
62818acd0a ITS#7998 silence warning 2014-12-10 21:59:45 +00:00
Howard Chu
f05a39268d ITS#7997 silence warning 2014-12-10 21:57:44 +00:00