MinGW targets do not have the <sys/socket.h> header. The configure check
would conclude that there is no socklen_t type, resulting in portable.h
containing its own definition of socklen_t, which would later conflict
with the actual definition in <ws2tcpip.h>.
Add <ws2tcpip.h> to the configure check for socklen_t, so that the
defined type is correctly detected.
- give authid-rewrite's argument a name
- tidy saslauthz.c whitespace (mixed spaces/tabs)
- always declare slap_sasl_regexp_destroy: fixes an implicit declaration
warning when configured without librewrite
- delete dead code: ENABLE_REWRITE implies SLAP_AUTH_REWRITE, so this
code is never compiled
- make slap_sasl_regexp_rewrite_config static
- omit sasl_regexp unused fields when built with librewrite
thr_posix.c: In function 'ldap_pvt_thread_set_concurrency':
thr_posix.c:96:9: error: implicit declaration of function 'pthread_setconcurrency'
return pthread_setconcurrency( n );
^~~~~~~~~~~~~~~~~~~~~~
pthread_setcanceltype
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
The spec says that upon StartTLS 'success', both TLS communications is
established on the octet following the Start TLS response (and the
request)... and that once one starts TLS communications, one can never
go back to LDAP without TLS. So if there's a TLS failure (whether as
part of TLS nego or later), LDAP communications cannot be continued
(without TLS).
Only ignoring LDAP errors (rc > 0) ensures that if TLS negotiation
fails, we don't attempt to send LDAP operations without TLS.
This change implements argon2, which won the Password Hashing
Competition (https://password-hashing.net/) as a contrib-module in order
to provide a modern password hashing alternative in openldap. The
currently available password hashing algorithms are relatively old, and
modern hardware, especially GPUs can compute quite a few (ranging from
tens of thousands to millions) of hashes per second. Argon2 was designed
to withstand such attacks.
This implementation uses the default work factors used in the argon2
command line client, but the resulting hashes are stored in a way that
would allow retroactive changes to these values, or even exposing them
as configuration in the module.
Update config.guess and config.sub from official upstream project at https://savannah.gnu.org/projects/config/
Specifically in this case, commit 5256817ace8493502ec88501a19e4051c2e220b0 for the date Wed Jan 1 19:36:58 2020 +1100