mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-21 03:10:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
23,027 Commits 38 Branches 307 Tags 74 MiB
2b512ea79c
Commit Graph

23027 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan Tandy
bbe20cbf4c ITS#8731 cleanup unused logbuf 2020-04-13 18:57:50 +00:00
Ryan Tandy
e18764465f ITS#9212 Restore snprintf to caller-provided buffer 
76df74dbea removed some snprintfs to
buffers that are actually returned to the client. Restore these.
 2020-04-13 18:57:50 +00:00
Quanah Gibson-Mount
e50741e459 ITS#6567 - More cleanup 2020-04-13 17:19:35 +00:00
Howard Chu
735e1ab14b ITS#8650 loop on incomplete TLS handshake 
Always retry ldap_int_tls_connect() if it didn't complete,
regardless of blocking or non-blocking socket. Code from
ITS#7428 was wrong to only retry for async.
 2020-04-12 23:51:09 +01:00
Quanah Gibson-Mount
c6493c45b5 ITS#6567 - Remove non-cyrus-sasl GSSAPI bits 2020-04-10 18:19:33 +00:00
Quanah Gibson-Mount
5ba456b23d ITS#9177 -- regenerate 2020-04-10 18:14:45 +00:00
Quanah Gibson-Mount
1a55a5c61b ITS#9177 - Finish updating migration to latest autoconf and related build tools 2020-04-10 17:44:56 +00:00
Quanah Gibson-Mount
eaf7f88a40 Temporarily disable asyncmeta until deadlock is fixed 2020-04-10 15:05:32 +00:00
Quanah Gibson-Mount
e557c696a4 Run autoreconf before running configure 2020-04-10 14:42:50 +00:00
Howard Chu
5bfd8d8888 ITS#9121 Fix MatchingRuleAssertion init 2020-04-07 16:26:35 +01:00
Ondřej Kuzník
6d6a330057 ITS#8245 Use Relax control to avoid uniqueness checks 
Still needs to retrieve the entry for ACL resolution until we can
restrict controls with ACLs.
 2020-04-06 20:44:09 +00:00
Quanah Gibson-Mount
4358ab5d73 ITS#9184 - Document V[V[V]] option to slapd 2020-04-06 18:46:01 +00:00
Quanah Gibson-Mount
0668877847 ITS#9191 - Avoid div 0 error 2020-04-06 15:42:00 +00:00
Howard Chu
0debad5830 ITS#9121 memberOf shortcut 
Don't try to generate it if it wasn't requested
 2020-04-04 03:48:14 +01:00
Howard Chu
15a922a5a3 ITS#9121 memberof fix 
Fix for groupURI with no filter
 2020-04-03 21:38:41 +01:00
Howard Chu
8180326ffe ITS#9121 typos 2020-04-03 21:29:25 +01:00
Howard Chu
5d82ba4905 ITS#9121 fix typo 2020-04-03 21:27:48 +01:00
Howard Chu
906cab755d ITS#9121 fix memberOf filtering 
Replace (memberOf=<groupDN>) filter with expansion of group's URI
 2020-04-03 21:25:58 +01:00
Howard Chu
015eae8fde ITS#9121 optimize dyngroup membership checking 
parse dyngroup URLs in advance, don't use the ACL engine's
evaluator any more
 2020-04-03 21:25:43 +01:00
Howard Chu
c9ff501e6d ITS#9121 memberof counting 
Keep track of number of uses of memberOf in config, to
allow bypassing code if not in use.
 2020-04-03 21:25:34 +01:00
Quanah Gibson-Mount
4ac88b219d ITS#8383 - Regenerate configure 2020-04-03 17:02:14 +00:00
Ryan Tandy
27545be45f ITS#8383 Look for socklen_t in <ws2tcpip.h> too 
MinGW targets do not have the <sys/socket.h> header. The configure check
would conclude that there is no socklen_t type, resulting in portable.h
containing its own definition of socklen_t, which would later conflict
with the actual definition in <ws2tcpip.h>.

Add <ws2tcpip.h> to the configure check for socklen_t, so that the
defined type is correctly detected.
 2020-04-03 16:59:15 +00:00
Ondřej Kuzník
e0c80d6b09 ITS#6207 Add GitLab CI 2020-04-03 10:27:03 +01:00
Ondřej Kuzník
6d9e9e6cb0 ITS#6207 Print out test timings 2020-04-03 09:47:46 +01:00
Ondřej Kuzník
720057f4f3 ITS#8753 Fix pinning test script with no openssl 2020-04-03 09:47:46 +01:00
Quanah Gibson-Mount
05e0780558 ITS#6035 - regenerate configure 2020-04-02 16:28:58 +00:00
Ryan Tandy
2b01b8dd56 ITS#6035 Create test script 2020-04-02 09:10:51 -07:00
Ryan Tandy
1d562a7a52 ITS#6035 olcAuthIDRewrite insert/delete support 2020-04-02 09:10:51 -07:00
Ryan Tandy
c4db906107 ITS#6035 olcAuthzRegexp insert/delete support 2020-04-02 09:10:51 -07:00
Ryan Tandy
822ed8c11d ITS#6035 saslauthz cleanups (no functional change) 
- give authid-rewrite's argument a name
- tidy saslauthz.c whitespace (mixed spaces/tabs)
- always declare slap_sasl_regexp_destroy: fixes an implicit declaration
  warning when configured without librewrite
- delete dead code: ENABLE_REWRITE implies SLAP_AUTH_REWRITE, so this
  code is never compiled
- make slap_sasl_regexp_rewrite_config static
- omit sasl_regexp unused fields when built with librewrite
 2020-04-02 09:10:51 -07:00
Ryan Tandy
7732cb2794 ITS#9086 Add debug logging for more GnuTLS errors 2020-04-02 15:52:31 +00:00
Peter Marschall
52fad51dcc ITS#8628 - contrib/passwd/pbkdf2: new Makefile variables SSL_LIB & SSL_INC 2020-04-01 22:29:10 +00:00
Quanah Gibson-Mount
a5b8a41c13 ITS#9003 
Note that with slapd-ldap, the special character "*" actually allows anonymous rather than denies, as is the case with authz-policy
 2020-04-01 19:40:27 +00:00
Ryan Tandy
d86caacaa1 ITS#8837 Fix pw-pbkdf2 manpage name to get it installed 2020-03-29 10:00:45 -07:00
Sergei Trofimovich
57b7003a64 thr_posix.c: fix implicit function declaration for 'pthread_setconcurrency' 
thr_posix.c: In function 'ldap_pvt_thread_set_concurrency':
thr_posix.c:96:9: error: implicit declaration of function 'pthread_setconcurrency'
  return pthread_setconcurrency( n );
         ^~~~~~~~~~~~~~~~~~~~~~
         pthread_setcanceltype

Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
 2020-03-26 22:06:41 +00:00
Kurt Zeilenga
23af2c36e2 ITS#8675 - Fix tools to not continue on TLS error 
The spec says that upon StartTLS 'success', both TLS communications is
established on the octet following the Start TLS response (and the
request)... and that once one starts TLS communications, one can never
go back to LDAP without TLS. So if there's a TLS failure (whether as
part of TLS nego or later), LDAP communications cannot be continued
(without TLS).

Only ignoring LDAP errors (rc > 0) ensures that if TLS negotiation
fails, we don't attempt to send LDAP operations without TLS.
 2020-03-26 18:45:00 +00:00
Emily Backes
f4bfb5e0a5 ITS#7074 - change olcDatabaseDummy initialization for windows 2020-03-20 19:08:22 +00:00
Howard Chu
4f7ea78c95 ITS#9181 Fix race on Windows mutex init 2020-03-16 17:07:43 +00:00
Howard Chu
2d87a1c7b5 ITS#9182 pcache: fix private DB init 2020-03-11 19:17:10 +00:00
Ryan Tandy
d34d2c3945 ITS#8639 Delete LM hash support from smbk5pwd 2020-03-07 16:55:35 +00:00
Ryan Tandy
0de74408f2 ITS#8639 Regenerate configure and portable.hin 2020-03-07 16:55:35 +00:00
Andrew Lawrence
6f5cc45f93 ITS#8639 remove LANMAN hashed passwords 2020-03-07 16:55:35 +00:00
Howard Chu
1c05dce379 ITS#9121 fix filter error message 
Filters use parentheses, not brackets.
 2020-03-06 17:29:44 +00:00
Ryan Tandy
1dbb82ec8c Fix SLAPD_OVER_RETCODE description 2020-02-28 12:00:14 -08:00
Ryan Tandy
c2f75cd108 Regenerate portable.hin with autoheader 2.69 2020-02-28 12:00:10 -08:00
Howard Chu
2c6fccb49b ITS#9121 plug entry leak 2020-02-25 18:06:15 +00:00
Quanah Gibson-Mount
6bd2a3721d ITS#9175 - Fix argument cast 
Fixes potential segfault in ldapsearch
 2020-02-21 21:10:49 +00:00
Ondřej Kuzník
a2a859fd0b Correct cyrus-sasl version verison check 2020-02-21 10:44:59 +00:00
Ondřej Kuzník
140b676bc1 ITS#9171 Insert callback in the right place 2020-02-21 10:44:59 +00:00
Howard Chu
299fb490a2 ITS#9121 fix prev commit 
Only flush entry if dynlist_prepare_entry altered it
 2020-02-14 22:32:03 +00:00