Kurt Zeilenga
8064bb6ef1
A better find_connection() port fix
2004-08-28 03:53:31 +00:00
Kurt Zeilenga
44485522e0
Allow LDAP_PVT_SASL_LOCAL_SSF to be set externally
2004-06-27 19:39:11 +00:00
Kurt Zeilenga
3c598e89fb
Happy new year
2004-01-01 19:15:16 +00:00
Kurt Zeilenga
159de0f135
Updated notices and acknowledgements
2003-11-26 07:16:36 +00:00
Hallvard Furuseth
a4f93a6908
Really rename ldap_int_get_controls() to ldap_pvt_get_controls().
2003-10-14 11:27:32 +00:00
Kurt Zeilenga
4f003dbdaf
mv ldap_int_get_controls to ldap_pvt_get_controls
2003-10-12 08:14:28 +00:00
Jong Hyuk Choi
c468defe24
cleanup
2003-04-30 22:41:37 +00:00
Howard Chu
4b73446ab5
ITS#2424 reset SASL on an existing connection
2003-04-30 15:38:32 +00:00
Hallvard Furuseth
6d59c23c55
Make string parameter to ldap_charray_add() and ldap_charray_inlist() const.
2003-04-29 16:34:37 +00:00
Kurt Zeilenga
a609f87eb6
remove lint
2003-04-24 23:15:59 +00:00
Jong Hyuk Choi
203c2aad41
move ldap_get_message_ber() from ldap.h to ldap_pvt.h
2003-04-22 23:02:11 +00:00
Howard Chu
d46ab4c065
Move ldap_dnfree_x etc. decls from ldap.h to ldap_pvt.h
2003-04-11 10:26:25 +00:00
Howard Chu
873e498829
Silence warning in prev commit
2003-03-05 01:37:56 +00:00
Howard Chu
e87f588f00
Added ldap_pvt_get_hname. Use instead of ldap_pvt_gethostbyaddr_a when
...
all you want is the hostname.
2003-03-05 01:34:31 +00:00
Kurt Zeilenga
6939c53170
Happy new year
2003-01-03 20:20:47 +00:00
Kurt Zeilenga
a83cc88edd
Move ldap_control_dup() to ldap_pvt.h
2002-09-04 02:14:12 +00:00
Pierangelo Masarati
4046c4226e
add upper/lower funcs that also compute the length of the string (not used yet)
2002-08-23 08:45:17 +00:00
Howard Chu
de3e81cebb
Changed ldap_pvt_tls_get_my_dn and ldap_pvt_tls_get_peer_dn to store result
...
in dn parameter and return a result code.
2002-04-30 13:50:56 +00:00
Howard Chu
17ae956518
Added ldap_X509dn2bv()
...
deleted ldap_pvt_tls_get_peer()
changed ldap_pvt_tls_get_peer_dn() to use ldap_X509dn2bv()
added ldap_pvt_tls_get_my_dn()
2002-04-18 12:29:30 +00:00
Howard Chu
5c70106657
ITS#1708 ldap_pvt_tls_sb_ctx() et al
2002-04-05 06:48:03 +00:00
Kurt Zeilenga
7250ffb1cc
move ldap_int_put_filter to ldap_pvt_put_filter
2002-03-30 00:41:26 +00:00
Howard Chu
996eb58011
Fix ASCII detection; can't use "< 0x80" on a signed char.
2002-01-05 10:33:38 +00:00
Kurt Zeilenga
c38027902a
Update copyright notices
2002-01-04 20:40:29 +00:00
Kurt Zeilenga
763c0de59b
Rework filter code
...
Misc cleanup / lint removal
2002-01-02 17:06:56 +00:00
Kurt Zeilenga
52a354f753
Mark more stuff as deprecated and remove some unused deprecated
...
routines.
2001-12-27 23:01:17 +00:00
Kurt Zeilenga
cddf7e0e00
More struct berval DN changes
...
decrease dependency on dn_validate/dn_normalize
2001-12-27 07:13:13 +00:00
Kurt Zeilenga
25b5aaf262
Delete ldap_build_filter(), it's broke.
...
Clean up headers.
2001-12-24 03:49:54 +00:00
Howard Chu
33ace5610c
Added ldap_pvt_tls_destroy() to cleanup TLS library on shutdown
2001-11-06 20:52:59 +00:00
Kurt Zeilenga
77f776dfd1
Another round of TLS updates to support secure referral chasing
2001-06-25 19:17:42 +00:00
Kurt Zeilenga
c4f5497ac6
move TLS ctx to lconn struct in prep for supporting TLS with referrals
...
need to rework cert check to use per lconn host name
2001-06-25 07:33:42 +00:00
Kurt Zeilenga
be9a50af25
Update copyright (including with or without modification clarification)
2001-05-29 03:29:53 +00:00
Kurt Zeilenga
c0a06f25c2
Add ldap_pvt_tls_get_peer_dn() routine. Returns peer as an LDAP DN.
2001-01-18 00:40:58 +00:00
Kurt Zeilenga
a13fb520ab
Fix compilation problem when ldap.h is not included
2000-11-28 20:31:14 +00:00
Kurt Zeilenga
1f7874b724
Add ldap_url_parse_ext() prototype. Routine should likely be renamed
...
into ldap_pvt_ name space.
2000-11-28 19:59:57 +00:00
Kurt Zeilenga
2b82d4f486
remove lint
...
update bdb codes
2000-09-22 01:40:57 +00:00
Kurt Zeilenga
bfff7ce1f5
Bandaid ucdata build problems
2000-09-07 23:31:59 +00:00
Kurt Zeilenga
cee040a321
Bring UCdata infrastructure.
2000-09-03 23:48:35 +00:00
Kurt Zeilenga
b3b4342f8f
Raise ldapi:// SSF to 71. ldapi:// is likely more secure than
...
DES or other low end encryption.
2000-08-28 19:53:49 +00:00
Kurt Zeilenga
25a9f7427d
Remove CLDAP cruft
2000-08-18 04:25:00 +00:00
Howard Chu
0f8047b95e
Implemented ldap_pvt_tls_get_peer() for use with SASL/EXTERNAL.
...
Added ldap_pvt_tls_get_strength() - return encryption strength, for
use as a SASL session security factor.
2000-08-16 23:27:41 +00:00
Kurt Zeilenga
3b03b64b77
Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the
...
input. In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
2000-08-15 01:55:43 +00:00
Kurt Zeilenga
5fc22599e2
Update SASL code to reuse context through life of session.
...
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
0cfe5f75f8
Clarify LDAP_ATTRCHAR
2000-06-30 19:08:40 +00:00
Kurt Zeilenga
e82d2e042b
Include tab in LDAP_SPACE
2000-06-30 02:19:39 +00:00
Kurt Zeilenga
aa4a44263d
Fix inclusion of <sasl.h>
2000-06-29 19:36:32 +00:00
Kurt Zeilenga
9ef1a740c2
Round one of LDAP_F() macro changes. In this round we rename
...
macros into our namespace and limit use to headers. A subsequent
round will add macros to separately handle forward declarations
of variables from declaration of function prototypes. The last
round will add additional macros for declaring actual variables and
functions.
2000-06-18 19:48:07 +00:00
Kurt Zeilenga
e5ebc553ac
Rework URI parser to provide true scheme not proto/properties.
...
Plus more pthread rwlock code
2000-06-07 01:09:40 +00:00
Kurt Zeilenga
0bb431d3b3
Y2k copyright update
2000-05-13 02:25:54 +00:00
Howard Chu
f0c4f83ea2
libldap/tls.c: change tls_verify_cb to no longer ignore verification errors.
...
This means a ldaps connection may drop before any LDAP protocol exchange
occurs (due to expired cert, unrecognized CAs, etc.).
Change ldap_pvt_tls_connect to copy any TLS error string to ld_error upon
connection failure, otherwise client just sees "can't contact LDAP server."
slapd/connection.c: add flush/delay when SSL_accept fails, to allow any
TLS alerts we generated to propagate back to the client. (Which will then
be picked up by ldap_pvt_tls_connect on the client...)
2000-05-10 17:07:09 +00:00
Kurt Zeilenga
d0555fffe6
Error handling changes including separation of client v. server
...
SASL to LDAP translation. plus comments and other minor changes
2000-05-03 18:59:58 +00:00