Commit Graph

723 Commits

Author SHA1 Message Date
Kurt Zeilenga
10a6e51521 All close and redirect stdin, stdout, stderr. 2000-01-11 08:04:59 +00:00
Kurt Zeilenga
1fb42bf957 Revamp detach code to ensure stdin, stdout, stderr get closed. 2000-01-11 02:20:01 +00:00
Kurt Zeilenga
34fe70cc71 Validate krb5_init_context 2000-01-10 21:37:04 +00:00
Kurt Zeilenga
38f0b890ab Borrowed a bit to literally... s/pop/ldap/ s/popper/slapd/ 2000-01-09 00:20:00 +00:00
Kurt Zeilenga
e988e175a6 Minor fixes. 2000-01-08 18:51:27 +00:00
Kurt Zeilenga
6437785a82 Initial implementation of Kerberos password verification for
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Luke Howard
5a0bbd7eed Imported <ldap.h> in <ldap_pvt.h> so ldap_pvt_sasl_bind() has necessary
types. Changed const sasl_callback_t * to LDAP_CONST sasl_callback_t *.
2000-01-05 12:56:17 +00:00
Luke Howard
a466a64318 Added support for connecting to LDAP servers located using DNS
SRV records. Added lock around resolver library which is shared
by the DNS SRV code and the getdxbyname() code.
2000-01-03 02:33:22 +00:00
Luke Howard
57b62dc7d4 Added ldap_pvt_sasl_bind() prototype to ldap_pvt.h. This
required importing sasl.h into ldap_pvt.h, thus that import
was removed from ldap-int.h.
2000-01-03 00:15:30 +00:00
Luke Howard
736b8d0a24 Braced ldap_connect_to_path() in #ifdef LDAP_PF_LOCAL so as to compile
without PF_LOCAL support.
2000-01-02 01:56:01 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library;
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
2000-01-02 01:21:25 +00:00
Howard Chu
d92d403a76 NT requires $(SECURITY_LIBS) at link time. 1999-12-26 00:11:14 +00:00
Kurt Zeilenga
4c7739e6e5 ITS#408: add missing LDAP_END_DECL 1999-12-22 00:42:05 +00:00
Kurt Zeilenga
f3a650b8af Add comment about removing HANDSOFF may case alignment problems 1999-12-18 19:51:49 +00:00
Kurt Zeilenga
37d28e7d0d Add ber_bvstr and ber_bvstrdup string to berval allocators. 1999-12-17 05:37:33 +00:00
Kurt Zeilenga
ab7c490960 Add BINDDN user-only directive to .ldaprc
Used only for simple bind when dn == NULL and password != NULL.
1999-12-17 03:27:16 +00:00
Kurt Zeilenga
30411f8402 Add slappasswd to generate rootpw. 1999-12-16 02:18:50 +00:00
Kurt Zeilenga
30ffb54064 ITS#399: timelimit/timeout handling
ITS#400: LDAP_TIMEOUT handling
1999-12-16 00:41:18 +00:00
Kurt Zeilenga
096dcdc580 Add support for useronly configuration attributes. 1999-12-14 02:26:37 +00:00
Kurt Zeilenga
b1639dadd6 Remove lint
Add copyrights
1999-12-13 04:53:59 +00:00
Kurt Zeilenga
d331d4c1f3 Remove lint. 1999-12-12 05:07:17 +00:00
Kurt Zeilenga
cda19446ef s/generate/hash/ 1999-12-12 05:06:36 +00:00
Kurt Zeilenga
18fad04e69 Fix == != typo 1999-12-12 05:02:03 +00:00
Kurt Zeilenga
c1a31ac9a2 Fix decoding of sasl bind and extended operation responses. 1999-12-12 03:16:46 +00:00
Mark Valence
7ee49bc676 Fix mem leak in ldap_start_tls(), treat empty host name as localhost when opening a connection. 1999-12-11 03:50:33 +00:00
Mark Valence
c0faf75a90 Unescape host:port when parsing a host list. 1999-12-11 03:46:07 +00:00
Mark Valence
a76c9f18a9 Start TLS extension: check that TLS was inited successfully, return default referral on failure as appropriate. 1999-12-10 19:18:33 +00:00
Mark Valence
e0e7e9842e client/server controls added to ldap_start_tls(). 1999-12-10 18:26:12 +00:00
Mark Valence
268dd9beaf Condition ldap_start_tls on HAVE_TLS. 1999-12-10 17:18:59 +00:00
Kurt Zeilenga
431dad371c Fix slapd SASL/ExternalOps encoding
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
1999-12-10 04:52:32 +00:00
Mark Valence
454284f1ea Adds for Start TLS functionality on slapd and LDAP C API. 1999-12-09 22:33:22 +00:00
Mark Valence
ccb9e1e9e3 Changed URL to URI for conf/env setting. 1999-12-09 22:17:08 +00:00
Kurt Zeilenga
354d0d5b50 Modify password code such that backend end routine calls into
frontend to complete parsing of extended op reqdata.
Modify password extended operation to allow optional id (DN)
entry to change (not tested).  Also, provide room to allow
server side password generation (not implemented).  Added optional old
password field to support proxying (not implemented).
Need to implement replog() support.
1999-12-09 21:30:32 +00:00
Kurt Zeilenga
b973e61dda Fix {CRYPT} and {UNIX} passwords 1999-12-09 01:24:38 +00:00
Kurt Zeilenga
5e12c84a6f Add simple password test program.
Rework lutil_passwd routines to use struct berval instead of strings.
1999-12-09 01:11:16 +00:00
Kurt Zeilenga
fd9f76f911 Fix reader/writer bug that allowed 2 writers! Yiks.
Reported by tsarna@endicor.com
1999-12-08 23:54:33 +00:00
Howard Chu
6a26e68a02 Backout fix in r1.38 1999-12-08 23:50:59 +00:00
Howard Chu
3c5848a71e Fix ldap_chase_referrals to treat "ldap://host/" referrals the same as
"ldap://host".
1999-12-08 21:37:55 +00:00
Kurt Zeilenga
aeb2de33d7 Found and fixed stupid bug in seeded hash generation. 1999-12-08 19:23:32 +00:00
Kurt Zeilenga
96a126e36a Need to adjust len by saltlen 1999-12-08 07:07:18 +00:00
Kurt Zeilenga
26c7d69e8c Update for new password codes for MSVC5 1999-12-08 06:44:22 +00:00
Kurt Zeilenga
d5edb4bff6 Reengineered ldappasswd(1). Uses extended operation to set
user password.  Likely to be modified to use bind control
instead.  Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Mark Valence
601c1530a8 Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost. 1999-12-07 19:47:00 +00:00
Mark Valence
83e2f38543 Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost. 1999-12-07 18:52:05 +00:00
Mark Valence
5f86e47aa8 Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost. 1999-12-07 18:42:25 +00:00
Kurt Zeilenga
942d37afc5 Set ber_errno here and there. 1999-12-06 06:33:26 +00:00
Mark Valence
15c83bef9d Changed ldap_pvt_tls_init_def_ctx() to not fail if there is no cacertfile/dir specified. This lets LDAP_OPT_X_TLS_REQUIRE_CERT=0 work. If LDAP_OPT_X_TLS_REQUIRE_CERT=1, connection will fail as appropriate since there is no CA list. 1999-12-06 04:44:22 +00:00
Mark Valence
402c511534 Removed some unused vars. 1999-12-06 04:11:50 +00:00
Mark Valence
aa8c95a24a Bug fix. == NULL changed to != NULL before freeing mem. 1999-12-05 22:22:37 +00:00
Mark Valence
7d98b59dfa Removed unused local var. 1999-12-05 22:19:08 +00:00