Commit Graph

79 Commits

Author SHA1 Message Date
Kurt Zeilenga
8064bb6ef1 A better find_connection() port fix 2004-08-28 03:53:31 +00:00
Kurt Zeilenga
44485522e0 Allow LDAP_PVT_SASL_LOCAL_SSF to be set externally 2004-06-27 19:39:11 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Kurt Zeilenga
159de0f135 Updated notices and acknowledgements 2003-11-26 07:16:36 +00:00
Hallvard Furuseth
a4f93a6908 Really rename ldap_int_get_controls() to ldap_pvt_get_controls(). 2003-10-14 11:27:32 +00:00
Kurt Zeilenga
4f003dbdaf mv ldap_int_get_controls to ldap_pvt_get_controls 2003-10-12 08:14:28 +00:00
Jong Hyuk Choi
c468defe24 cleanup 2003-04-30 22:41:37 +00:00
Howard Chu
4b73446ab5 ITS#2424 reset SASL on an existing connection 2003-04-30 15:38:32 +00:00
Hallvard Furuseth
6d59c23c55 Make string parameter to ldap_charray_add() and ldap_charray_inlist() const. 2003-04-29 16:34:37 +00:00
Kurt Zeilenga
a609f87eb6 remove lint 2003-04-24 23:15:59 +00:00
Jong Hyuk Choi
203c2aad41 move ldap_get_message_ber() from ldap.h to ldap_pvt.h 2003-04-22 23:02:11 +00:00
Howard Chu
d46ab4c065 Move ldap_dnfree_x etc. decls from ldap.h to ldap_pvt.h 2003-04-11 10:26:25 +00:00
Howard Chu
873e498829 Silence warning in prev commit 2003-03-05 01:37:56 +00:00
Howard Chu
e87f588f00 Added ldap_pvt_get_hname. Use instead of ldap_pvt_gethostbyaddr_a when
all you want is the hostname.
2003-03-05 01:34:31 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Kurt Zeilenga
a83cc88edd Move ldap_control_dup() to ldap_pvt.h 2002-09-04 02:14:12 +00:00
Pierangelo Masarati
4046c4226e add upper/lower funcs that also compute the length of the string (not used yet) 2002-08-23 08:45:17 +00:00
Howard Chu
de3e81cebb Changed ldap_pvt_tls_get_my_dn and ldap_pvt_tls_get_peer_dn to store result
in dn parameter and return a result code.
2002-04-30 13:50:56 +00:00
Howard Chu
17ae956518 Added ldap_X509dn2bv()
deleted ldap_pvt_tls_get_peer()
  changed ldap_pvt_tls_get_peer_dn() to use ldap_X509dn2bv()
  added ldap_pvt_tls_get_my_dn()
2002-04-18 12:29:30 +00:00
Howard Chu
5c70106657 ITS#1708 ldap_pvt_tls_sb_ctx() et al 2002-04-05 06:48:03 +00:00
Kurt Zeilenga
7250ffb1cc move ldap_int_put_filter to ldap_pvt_put_filter 2002-03-30 00:41:26 +00:00
Howard Chu
996eb58011 Fix ASCII detection; can't use "< 0x80" on a signed char. 2002-01-05 10:33:38 +00:00
Kurt Zeilenga
c38027902a Update copyright notices 2002-01-04 20:40:29 +00:00
Kurt Zeilenga
763c0de59b Rework filter code
Misc cleanup / lint removal
2002-01-02 17:06:56 +00:00
Kurt Zeilenga
52a354f753 Mark more stuff as deprecated and remove some unused deprecated
routines.
2001-12-27 23:01:17 +00:00
Kurt Zeilenga
cddf7e0e00 More struct berval DN changes
decrease dependency on dn_validate/dn_normalize
2001-12-27 07:13:13 +00:00
Kurt Zeilenga
25b5aaf262 Delete ldap_build_filter(), it's broke.
Clean up headers.
2001-12-24 03:49:54 +00:00
Howard Chu
33ace5610c Added ldap_pvt_tls_destroy() to cleanup TLS library on shutdown 2001-11-06 20:52:59 +00:00
Kurt Zeilenga
77f776dfd1 Another round of TLS updates to support secure referral chasing 2001-06-25 19:17:42 +00:00
Kurt Zeilenga
c4f5497ac6 move TLS ctx to lconn struct in prep for supporting TLS with referrals
need to rework cert check to use per lconn host name
2001-06-25 07:33:42 +00:00
Kurt Zeilenga
be9a50af25 Update copyright (including with or without modification clarification) 2001-05-29 03:29:53 +00:00
Kurt Zeilenga
c0a06f25c2 Add ldap_pvt_tls_get_peer_dn() routine. Returns peer as an LDAP DN. 2001-01-18 00:40:58 +00:00
Kurt Zeilenga
a13fb520ab Fix compilation problem when ldap.h is not included 2000-11-28 20:31:14 +00:00
Kurt Zeilenga
1f7874b724 Add ldap_url_parse_ext() prototype. Routine should likely be renamed
into ldap_pvt_ name space.
2000-11-28 19:59:57 +00:00
Kurt Zeilenga
2b82d4f486 remove lint
update bdb codes
2000-09-22 01:40:57 +00:00
Kurt Zeilenga
bfff7ce1f5 Bandaid ucdata build problems 2000-09-07 23:31:59 +00:00
Kurt Zeilenga
cee040a321 Bring UCdata infrastructure. 2000-09-03 23:48:35 +00:00
Kurt Zeilenga
b3b4342f8f Raise ldapi:// SSF to 71. ldapi:// is likely more secure than
DES or other low end encryption.
2000-08-28 19:53:49 +00:00
Kurt Zeilenga
25a9f7427d Remove CLDAP cruft 2000-08-18 04:25:00 +00:00
Howard Chu
0f8047b95e Implemented ldap_pvt_tls_get_peer() for use with SASL/EXTERNAL.
Added ldap_pvt_tls_get_strength() - return encryption strength, for
use as a SASL session security factor.
2000-08-16 23:27:41 +00:00
Kurt Zeilenga
3b03b64b77 Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the
input.  In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
2000-08-15 01:55:43 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session.
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
0cfe5f75f8 Clarify LDAP_ATTRCHAR 2000-06-30 19:08:40 +00:00
Kurt Zeilenga
e82d2e042b Include tab in LDAP_SPACE 2000-06-30 02:19:39 +00:00
Kurt Zeilenga
aa4a44263d Fix inclusion of <sasl.h> 2000-06-29 19:36:32 +00:00
Kurt Zeilenga
9ef1a740c2 Round one of LDAP_F() macro changes. In this round we rename
macros into our namespace and limit use to headers.  A subsequent
round will add macros to separately handle forward declarations
of variables from declaration of function prototypes.  The last
round will add additional macros for declaring actual variables and
functions.
2000-06-18 19:48:07 +00:00
Kurt Zeilenga
e5ebc553ac Rework URI parser to provide true scheme not proto/properties.
Plus more pthread rwlock code
2000-06-07 01:09:40 +00:00
Kurt Zeilenga
0bb431d3b3 Y2k copyright update 2000-05-13 02:25:54 +00:00
Howard Chu
f0c4f83ea2 libldap/tls.c: change tls_verify_cb to no longer ignore verification errors.
This means a ldaps connection may drop before any LDAP protocol exchange
occurs (due to expired cert, unrecognized CAs, etc.).
  Change ldap_pvt_tls_connect to copy any TLS error string to ld_error upon
connection failure, otherwise client just sees "can't contact LDAP server."

slapd/connection.c: add flush/delay when SSL_accept fails, to allow any
TLS alerts we generated to propagate back to the client. (Which will then
be picked up by ldap_pvt_tls_connect on the client...)
2000-05-10 17:07:09 +00:00
Kurt Zeilenga
d0555fffe6 Error handling changes including separation of client v. server
SASL to LDAP translation.  plus comments and other minor changes
2000-05-03 18:59:58 +00:00