Commit Graph

409 Commits

Author SHA1 Message Date
Howard Chu
608a822349 ITS#9318 add TLS_REQSAN option
Add an option to specify how subjectAlternativeNames should be
handled when validating the names in a server certificate.
2020-08-21 18:05:08 +00:00
Howard Chu
e3875c1819 ITS#9279 Netscape passwordExp controls came from draft-vchu-ldap-pwd-policy 2020-08-04 22:04:14 +00:00
Quanah Gibson-Mount
de3db36bf6 Issue#9279 - Add comments with links to upstream docs from Oracle 2020-07-22 23:17:31 +00:00
Ondřej Kuzník
fd921e7121 ITS#9279 Expose Netscape password policy controls in libldap 2020-07-22 18:57:38 +00:00
Ondřej Kuzník
1129df533d ITS#8701 Expose account usability in libldap 2020-07-07 16:43:35 +01:00
Ryan Tandy
fab49ef4a3 ITS#9235 Restore LDAP_API_FEATURE_X_OPENLDAP_REENTRANT 2020-07-03 17:24:16 -07:00
Ryan Tandy
a4474d3584 ITS#9235 Delete LDAP_THREAD_SAFE 2020-07-03 17:24:16 -07:00
Isaac Boukris
3cd50fa8b3 ITS#9189 rework sasl-cbinding support
Add LDAP_OPT_X_SASL_CBINDING option to define the binding type to use,
defaults to "none".

Add "tls-endpoint" binding type implementing "tls-server-end-point" from
RCF 5929, which is compatible with Windows.

Fix "tls-unique" to include the prefix in the bindings as per RFC 5056.
2020-04-23 21:00:39 +02:00
Quanah Gibson-Mount
e50741e459 ITS#6567 - More cleanup 2020-04-13 17:19:35 +00:00
Quanah Gibson-Mount
c6493c45b5 ITS#6567 - Remove non-cyrus-sasl GSSAPI bits 2020-04-10 18:19:33 +00:00
Ondřej Kuzník
76c43165ea Remove LDAP_X_TXN and rename accordingly 2020-01-28 12:09:09 +00:00
Ondřej Kuzník
9ce2d2f9d2 ITS#9156 Implement pwdMaxLength 2020-01-23 23:46:43 +00:00
Quanah Gibson-Mount
f6ad222e41 Happy New Year! 2020-01-09 16:50:21 +00:00
Jame Gerwe
6c177e6629 ITS#8794 - Fix implicit declaration for ldap_is_ldapc_url
Fix building OpenLDAP with -DLDAP_CONNECTIONLESS so that ldap_is_ldapc_url function is defined
2019-06-17 17:25:29 +00:00
Nadezhda Ivanova
f239bbd3c6 Add LDAP_OPT_KEEPCONN option
This option instructs try_read1msg to not free the connection on read error
or on Notice of disconnections, but leave it to the caller. It is needed,
for example, by back-asyncmeta, who expects to have control on when
its target connections are freed. Must be used with caution.
2019-02-28 17:27:54 +00:00
Howard Chu
06d289f985 ITS#8983 Add draft Persistent Search 2019-02-25 15:19:33 +00:00
Howard Chu
e8c62bf8b4 ITS#8966 add changelog support to syncrepl consumer
Tested against DSEE7. The DSEE binaries must be in your path to run the test script.
2019-01-29 18:51:43 -08:00
Quanah Gibson-Mount
b45a6a7dc7 Happy New Year! 2019-01-14 18:46:16 +00:00
Howard Chu
18e0bcb7de Add MS AD persistent search ctrl 2018-12-13 05:44:46 -08:00
Howard Chu
a9bfce1292 Add some MS AD controls 2018-11-17 18:33:41 -08:00
Quanah Gibson-Mount
59e9ff6243 Happy New Year 2018-03-22 15:35:24 +00:00
Ondřej Kuzník
8e34ed8c78 ITS#8753 Public key pinning support in libldap 2017-11-13 17:24:49 +00:00
Nathaniel McCallum
29f6260364 ITS#7532 - Add new function ldap_connect().
This function is used to manually establish a connection after
a call to ldap_initialize(). This is primarily so that a file
descriptor can be obtained before any requests are sent for the
purposes of polling for writability.
2017-10-11 14:31:22 -07:00
Howard Chu
b402a2805f Add options to use DER format cert+keys directly
Instead of loading from files.
2017-04-09 00:13:42 +01:00
Quanah Gibson-Mount
1df85d3427 Happy New Year! 2017-01-03 12:36:47 -08:00
Quanah Gibson-Mount
6c4d6c880b Happy New Year! 2016-01-29 13:32:05 -06:00
Quanah Gibson-Mount
1705fa7e55 Happy New Year 2015-02-11 15:36:57 -06:00
Howard Chu
a32a2da33a ITS#8040 experimental Lazy Commit 2015-02-02 10:50:22 +00:00
Howard Chu
e9f5e59ba2 LDAP_TXN is now RFC 5805 2014-09-16 00:09:47 +01:00
Kurt Zeilenga
5c878c1bf2 Happy new year (belated) 2014-01-25 05:21:25 -08:00
Quanah Gibson-Mount
1a712bf18e Enable features that were hidden behind LDAP_DEVEL 2013-09-19 09:50:52 -07:00
Howard Chu
16f8b0902c ITS#7398 add LDAP_OPT_X_TLS_PEERCERT
retrieve peer cert for an active TLS session
2013-09-10 04:31:39 -07:00
Howard Chu
0045e56c34 ITS#7683 more for tls version/cipher info
Add LDAP_OPT_X_TLS_VERSION / LDAP_OPT_X_TLS_CIPHER for
retrieving from an LDAP session handle. Update ldap_get_option(3).
2013-09-09 11:52:10 -07:00
Howard Chu
e631ce808e ITS#7595 Add Elliptic Curve support for OpenSSL 2013-09-07 09:47:40 -07:00
Howard Chu
461db2de1a ITS#7497 fix lineno overflow in ldif_read_record() 2013-01-23 02:19:02 +00:00
Kurt Zeilenga
0fd1bf30b8 Happy New Year 2013-01-02 10:22:57 -08:00
Howard Chu
19aeb1cda9 ITS#7293 fix typo in ldap_create_session_tracking_control() decl 2012-06-23 05:38:57 -07:00
Kurt Zeilenga
2bbf9804b9 Happy New Year! 2012-01-01 07:10:53 -08:00
Quanah Gibson-Mount
692d6e4f55 ITS#6984 enable draft-wahl-ldap-session 2011-11-07 14:02:50 -08:00
Pierangelo Masarati
92f4a3b2a7 response tag is [1] according to RFC 2589 (ITS#6886) 2011-06-30 21:24:12 +02:00
Howard Chu
9f7d119ce3 Add LDAP_OPT_X_TLS_PACKAGE
to return the name of the underlying TLS implementation
2011-06-10 02:11:26 -07:00
Kurt Zeilenga
868e11f6f5 use IANA assigned OID for dontUseCopy control, don't hide anymore 2011-03-16 19:24:41 +00:00
Kurt Zeilenga
be897b6679 Outline SASL interactive API (no meat) 2011-01-06 18:37:23 +00:00
Kurt Zeilenga
966cef8c9a Happy New Year 2011-01-05 00:42:37 +00:00
Kurt Zeilenga
390ba8c84e VC adjust controls tag 2011-01-04 16:01:07 +00:00
Kurt Zeilenga
4e515a8a65 Add VC support for ppolicy and authzid inner controls 2011-01-03 22:54:48 +00:00
Kurt Zeilenga
37dcb1d791 Remove authzid parameter from verify credential response.
If client wants authzid, it can ask by adding an Authorization Identity
Request inner control.
2011-01-03 22:05:23 +00:00
Kurt Zeilenga
7f4c7ebc1c Extend Verify Credentials encode/decode per -devel post.
(ldapvc doesn't yet request/handle inner password policy control.
2011-01-03 21:49:26 +00:00
Kurt Zeilenga
3242a3fab4 Fix prototype to match code 2010-12-28 22:59:15 +00:00
Kurt Zeilenga
6119ad7294 Misc vc updates 2010-12-15 00:59:42 +00:00