Kurt Zeilenga
10a6e51521
All close and redirect stdin, stdout, stderr.
2000-01-11 08:04:59 +00:00
Kurt Zeilenga
1fb42bf957
Revamp detach code to ensure stdin, stdout, stderr get closed.
2000-01-11 02:20:01 +00:00
Kurt Zeilenga
34fe70cc71
Validate krb5_init_context
2000-01-10 21:37:04 +00:00
Kurt Zeilenga
38f0b890ab
Borrowed a bit to literally... s/pop/ldap/ s/popper/slapd/
2000-01-09 00:20:00 +00:00
Kurt Zeilenga
e988e175a6
Minor fixes.
2000-01-08 18:51:27 +00:00
Kurt Zeilenga
6437785a82
Initial implementation of Kerberos password verification for
...
simple bind via:
{KERBEROS}principal
Code is disabled by default (for security reasons). Use
--enable-kpasswd to enable. Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support. Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Luke Howard
5a0bbd7eed
Imported <ldap.h> in <ldap_pvt.h> so ldap_pvt_sasl_bind() has necessary
...
types. Changed const sasl_callback_t * to LDAP_CONST sasl_callback_t *.
2000-01-05 12:56:17 +00:00
Luke Howard
a466a64318
Added support for connecting to LDAP servers located using DNS
...
SRV records. Added lock around resolver library which is shared
by the DNS SRV code and the getdxbyname() code.
2000-01-03 02:33:22 +00:00
Luke Howard
57b62dc7d4
Added ldap_pvt_sasl_bind() prototype to ldap_pvt.h. This
...
required importing sasl.h into ldap_pvt.h, thus that import
was removed from ldap-int.h.
2000-01-03 00:15:30 +00:00
Luke Howard
736b8d0a24
Braced ldap_connect_to_path() in #ifdef LDAP_PF_LOCAL so as to compile
...
without PF_LOCAL support.
2000-01-02 01:56:01 +00:00
Luke Howard
9b4e3b2234
Merged in preliminary support for Cyrus SASL library;
...
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
2000-01-02 01:21:25 +00:00
Howard Chu
d92d403a76
NT requires $(SECURITY_LIBS) at link time.
1999-12-26 00:11:14 +00:00
Kurt Zeilenga
4c7739e6e5
ITS#408: add missing LDAP_END_DECL
1999-12-22 00:42:05 +00:00
Kurt Zeilenga
f3a650b8af
Add comment about removing HANDSOFF may case alignment problems
1999-12-18 19:51:49 +00:00
Kurt Zeilenga
37d28e7d0d
Add ber_bvstr and ber_bvstrdup string to berval allocators.
1999-12-17 05:37:33 +00:00
Kurt Zeilenga
ab7c490960
Add BINDDN user-only directive to .ldaprc
...
Used only for simple bind when dn == NULL and password != NULL.
1999-12-17 03:27:16 +00:00
Kurt Zeilenga
30411f8402
Add slappasswd to generate rootpw.
1999-12-16 02:18:50 +00:00
Kurt Zeilenga
30ffb54064
ITS#399: timelimit/timeout handling
...
ITS#400: LDAP_TIMEOUT handling
1999-12-16 00:41:18 +00:00
Kurt Zeilenga
096dcdc580
Add support for useronly configuration attributes.
1999-12-14 02:26:37 +00:00
Kurt Zeilenga
b1639dadd6
Remove lint
...
Add copyrights
1999-12-13 04:53:59 +00:00
Kurt Zeilenga
d331d4c1f3
Remove lint.
1999-12-12 05:07:17 +00:00
Kurt Zeilenga
cda19446ef
s/generate/hash/
1999-12-12 05:06:36 +00:00
Kurt Zeilenga
18fad04e69
Fix == != typo
1999-12-12 05:02:03 +00:00
Kurt Zeilenga
c1a31ac9a2
Fix decoding of sasl bind and extended operation responses.
1999-12-12 03:16:46 +00:00
Mark Valence
7ee49bc676
Fix mem leak in ldap_start_tls(), treat empty host name as localhost when opening a connection.
1999-12-11 03:50:33 +00:00
Mark Valence
c0faf75a90
Unescape host:port when parsing a host list.
1999-12-11 03:46:07 +00:00
Mark Valence
a76c9f18a9
Start TLS extension: check that TLS was inited successfully, return default referral on failure as appropriate.
1999-12-10 19:18:33 +00:00
Mark Valence
e0e7e9842e
client/server controls added to ldap_start_tls().
1999-12-10 18:26:12 +00:00
Mark Valence
268dd9beaf
Condition ldap_start_tls on HAVE_TLS.
1999-12-10 17:18:59 +00:00
Kurt Zeilenga
431dad371c
Fix slapd SASL/ExternalOps encoding
...
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
1999-12-10 04:52:32 +00:00
Mark Valence
454284f1ea
Adds for Start TLS functionality on slapd and LDAP C API.
1999-12-09 22:33:22 +00:00
Mark Valence
ccb9e1e9e3
Changed URL to URI for conf/env setting.
1999-12-09 22:17:08 +00:00
Kurt Zeilenga
354d0d5b50
Modify password code such that backend end routine calls into
...
frontend to complete parsing of extended op reqdata.
Modify password extended operation to allow optional id (DN)
entry to change (not tested). Also, provide room to allow
server side password generation (not implemented). Added optional old
password field to support proxying (not implemented).
Need to implement replog() support.
1999-12-09 21:30:32 +00:00
Kurt Zeilenga
b973e61dda
Fix {CRYPT} and {UNIX} passwords
1999-12-09 01:24:38 +00:00
Kurt Zeilenga
5e12c84a6f
Add simple password test program.
...
Rework lutil_passwd routines to use struct berval instead of strings.
1999-12-09 01:11:16 +00:00
Kurt Zeilenga
fd9f76f911
Fix reader/writer bug that allowed 2 writers! Yiks.
...
Reported by tsarna@endicor.com
1999-12-08 23:54:33 +00:00
Howard Chu
6a26e68a02
Backout fix in r1.38
1999-12-08 23:50:59 +00:00
Howard Chu
3c5848a71e
Fix ldap_chase_referrals to treat "ldap://host/" referrals the same as
...
"ldap://host".
1999-12-08 21:37:55 +00:00
Kurt Zeilenga
aeb2de33d7
Found and fixed stupid bug in seeded hash generation.
1999-12-08 19:23:32 +00:00
Kurt Zeilenga
96a126e36a
Need to adjust len by saltlen
1999-12-08 07:07:18 +00:00
Kurt Zeilenga
26c7d69e8c
Update for new password codes for MSVC5
1999-12-08 06:44:22 +00:00
Kurt Zeilenga
d5edb4bff6
Reengineered ldappasswd(1). Uses extended operation to set
...
user password. Likely to be modified to use bind control
instead. Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Mark Valence
601c1530a8
Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost.
1999-12-07 19:47:00 +00:00
Mark Valence
83e2f38543
Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost.
1999-12-07 18:52:05 +00:00
Mark Valence
5f86e47aa8
Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost.
1999-12-07 18:42:25 +00:00
Kurt Zeilenga
942d37afc5
Set ber_errno here and there.
1999-12-06 06:33:26 +00:00
Mark Valence
15c83bef9d
Changed ldap_pvt_tls_init_def_ctx() to not fail if there is no cacertfile/dir specified. This lets LDAP_OPT_X_TLS_REQUIRE_CERT=0 work. If LDAP_OPT_X_TLS_REQUIRE_CERT=1, connection will fail as appropriate since there is no CA list.
1999-12-06 04:44:22 +00:00
Mark Valence
402c511534
Removed some unused vars.
1999-12-06 04:11:50 +00:00
Mark Valence
aa8c95a24a
Bug fix. == NULL changed to != NULL before freeing mem.
1999-12-05 22:22:37 +00:00
Mark Valence
7d98b59dfa
Removed unused local var.
1999-12-05 22:19:08 +00:00