ldapsearch:
use draft guidelines for determining when to use
-t only writes binary attributes to files
-tt writes all attributes to files
output now lists URL instead of path to such files
-T dir can be used to specify directory to create temp files in
-V urlprefix can be used to change the URL prefix
LDIF is now commented (can be disabled using -LL)
LDIF now contains version attribute (can be disabled with -LLL)
LDIF:
put interface changed to allow caller to specify how to encode
put interface uses draft guidelines for determine when to base64 encode
wrapping kludged to match old off by one bug
Tests:
removed trailing space from some attributes (to avoid base64 encoding)
enabled -LLL in defines.sh (should sed output to remove
wrapping/comments/redundant separators)
Misc:
updated codes outputting LDIF to use new put interface
TODO:
handling of version attribute on input
handling of URLs on input (ie: fetch URL)
time, skipping the filter, for instance. Also, we were parsing
twice the scope and the filter. I think this change is right,
but could use more eyeballs...
by <who> <access> changed to by <who>+ <access> (joined with AND)
added peername=<regex> sockname=<regex> url=<regex>
removed addr=<regex> (use peername instead).
replace dn_upcase with str2upper and str2lower. Use where needed.
not yet user-settable. Defaults "on" for now.
Partial support for temporary RSA keys, skeleton for DH.
Add call to X509V3_add_standard_extensions() on init, mod_ssl
does this too, but I am unsure about what it does.
Move management of client CA certificates to a new routine, since
it is going to get more complex than the current code.
be implemented.
The rest of this change mostly contains random ideas taken from
mod_ssl. The purpose is to get the repository in sync with the
code I am testing. I still can't manage to make Netscape send
its certificate to slapd, though it works with Apache/mod_ssl
(with the same certificates). Trying s_client against both
does not shed any light. If anyone manages to make it work,
please let us know.
Includes support for update referral for each replicated backend.
Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world. Still testing in LDAPv3 world.
Added default referral (test009) test.
More error checking and reporting.
Slowly getting there, SSL_accept succeeds now, but connection breaks
immediately after that (my glue logic with slapd is broken).
Change temporarily the default protocol from TLSv1 to SSLv3 with
fallback to SSLv2. This seems necessary for slapd to accept connections
from Netscape.
Try to set the cipher list in the default context. Does not semm to
work yet.
specific which methods may be used. This will facilate development
of a slapd config directive "passwordMethod ..." to specify which
methods should be allowed.
used to fetch the pw_passwd which is than passwd to crypt().
getspnam() is used instead of getpwnam() when available.
Added configration detection of pw_passwd, shadow.h, getpwnam()
and getspnam().
added lber_types.h.nt, lber_types.h.in
removal of NULLxxx internal macros (in favor of NULL).
ch_free added to slapd,slurpd/ch_malloc.c
#define free ch_free (should be removed after s/free/ch_free/g) in proto-slap.h
ch_malloc and friends use ber_memalloc and friends
ldap_defaults.h incorporates non-generated ldapconfig.h values.
ldap_config.h.in is new template for autoconf generated defaults
(namely directories and paths)
ldap_config.h.nt, NT template (must be manually copied)
s/<ldapconfig.h>/<ldap_defaults.h>/
s/DIRSEP/LDAP_DIRSEP/ & s/DEFAULT_/LDAP_/
setting to parse_noidlen so that it can grok that.
Propagate be_liberal parse_oids so that it only accepts a qdstring when
necessary (i.e. in SUP) to cater for another Netscapism.
Added place holder for LDAP_FILTER_EXTENDED code.
Added assert() here and there and removed lint.
Removed version promotion code (version must be manually set).
Added messages.c to MSVC project.
Make _MOD_SOFTADD 0x1000 to minimize chance of conflict with legit changes
to API spec.
Fix memory leak in ldap_mods_free() and minor memory allocator issues.
includes single to multiple hooks changes.
ber_mem* reimplementation.
namespace glue (finally naming has not be decided upon nor implemented).
Added ldap_int_strdup to handle "internal" strdup'ing, this version uses hooks.
ldap_pvt_strdup still available for when strdup() is missing, this version
directly uses system allocators.
Updated -lldif to use ber allocators. Items returned by ldif routines
should be ber_memfree()d as needed.
library use:
LBER_ macros expand to system routines.
LDAP_ macros expand to new ber_ allocators.
Add ber_ and ldap_ memory allocators/deallocator:
ber_ routines are wrappers of LBER_ macros.
ldap_ routines are wrappers of ber_ routines.
Removed safe_realloc() macro from various files. This issue
(if an issue) should be resolved across whole package.
ldapmodify.c now uses ber_ allocators to resolve ber_bvfree()
vs. WIN32 multiple heaps issue.
These changes should facilate implementation of
ber_set_option( NULL, LBER_OPT_MEMORY_FN, ...)
and
ldap_set_option( NULL, LDAP_OPT_MEMORY_FN, ...).
Added validation to exposed opaque data structures (BerElement, Sockbuf,
and LDAP). Added macros BER_VALID, SOCKBUF_VALID, LDAP_VALID.
Added ber_pvt_ber_bytes() and ber_pvt_ber_remaining() macros to hide
some ber internals. These really should be handled by ber_get_option().
added comments
removed LDAP_MAX_ATTR_LEN
removed LDAP_COMPAT* from <ldap.h> but not code.
move LDAP_DEFAULT_REFHOPCOUNT to ldap-int.h
added experimental options macros
added LDAP_CONTROL_REFERRALS macros
libldap:
Replace ld_attrbuffer with per use allocated attributed.
ldap_first/next_attribute attributes now must be freed (as per draft).
unifdef -DLDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS
This commit includes many changes. All changes compile under NT but
have not been tested under UNIX.
A Summary of changes (likely incomplete):
NT changes:
Removed lint.
Clean up configuration support for "Debug", "Release", "SDebug",
and "SRelease" configurations.
Share output directories for clients, libraries,
and slapd. (maybe they should be combined further
and moved to build/{,S}{Debug,Release}).
Enable threading when _MT is defined.
Enable debuging when _DEBUG is defined.
Disable setting of NDEBUG under Release/SRelease. Asserts
are disabled in <ac/assert.h> when LDAP_DEBUG is not
defined.
Added 'build/main.dsp' Master project.
Removed non-slapd projects from slapd.dsp (see main.dsp).
Removed replaced many uses of _WIN32 macro with feature based
macros.
ldap_cdefs.h changes
#define LDAP_CONST const
(see below)
#define LDAP_F(type) LDAP_F_PRE type LDAP_F_POST
To allow specifiers to be added before and after
the type declaration. (For DLL handling)
LBER/LDAP changes
Namespace changes:
s/lber_/ber_/ for here and there.
s/NAME_ERROR/LDAP_NAME_ERROR/g
Deleted NULLMSG and other NULL* macros for namespace reasons.
"const" libraries. Installed headers (ie: lber.h, ldap.h)
use LDAP_CONST macro. Normally set to 'const' when
__STDC__. Can be set externally to enable/disable
'constification' of external interface. Internal
interface always uses 'const'. Did not fix warnings
in -lldif (in lieu of new LDIF parser).
Added _ext API implementations (excepting search and bind).
Need to implement ldap_int_get_controls() for reponses
with controls.
Added numberous assert() checks.
LDAP_R
_MT defines HAVE_NT_THREADS
Added numberous assert() checks.
Changed ldap_pthread_t back to unsigned long. Used cast
to HANDLE in _join().
LDBM
Replaced _WIN32 with HAVE_SYSLOG
ud
Added version string if MKVERSION is not defined. (MKVERSION
needs to be set under UNIX).
slapd
Made connection sockbuf field a pointer to a sockbuf. This
removed slap.h dependency on lber-int.h. lber-int.h now only
included by those files needing to mess with the sockbuf.
Used ber_* functions/macros to access sockbuf internals whenever
possible.
Added version string if MKVERSION is not defined. (MKVERSION
needs to be set under UNIX).
Removed FD_SET unsigned lint
slapd/tools
Used EXEEXT to added ".exe" to routines. Need to define EXEEXT
under UNIX.
ldappasswd
Added ldappasswd.dsp. Ported to NT. Used getpid() to seed rand().
nt_debug
Minor cleanup. Added "portable.h" include and used <ac/*.h> where
appropriate. Added const to char* format argument.
Move all SunOS routines (ie: _sleep() and its helpers) to thr_lwp.c
so that it's internals can be 'static'. Add 'static' to thr_lwp.c.
Add comment to LWP: NEEDS WORK, may not compile! Need some
SunOS user to sort out the details. Volunteers?
Removed external include/library paths from projects. External paths should
be set via Tools | Options | Directories. This allows each developer the
freedom to install external libraries where they desire.
Used libdb.lib instead of libdbs.lib to avoid thread conflicts.
Added hs_regex.lib to library input. We require some form of regex, this
library works (and is relatively easy for the user to install).
Removed a little lint which MCVC5 detected.
Need to sort out single-threaded vs multithreaded library generation.
tcp_close -> closesocket
ioctl -> ioctlsocket
Modify codes to use tcp_close() instead of close() for sockets.
Modify ioctl codes to be compatible with WINSOCK.
library, not header. Eliminate need for <ac/unistd.h> to sometimes
include <fcntl.h> and/or <sys/file.h>. Change lock API to expect
fd not FILE*. Allows wider use and eliminates requirement that
lutil_lockf.h depencency on stdio.h.
Implemented lockf, fcntl, and flock locking in lutil/lockf.c.
Additional implementations (including no-op) may be needed.
Update slapd/lock.c and slurpd/lock.c to use new API.
by portable.h with NDEBUG undefined. This makes assert() is always
available and automatically disables itself when LDAP_DEBUG is undefined.
I've included a basic assert() for pre-STDC compilers. It relies on
abort() which may not actually be available. (well replace abort()
with whatever is appropriate if and when we're faced with a pre-STDC
compiler that doesn't have assert()).
