Ondřej Kuzník
3258bf40eb
ITS#8291 Reopen cursor after delete
2017-10-11 14:32:08 -07:00
Ondřej Kuzník
5e531214b5
ITS#8291 Enable slapmodify logging in tests
2017-10-11 14:32:04 -07:00
Emmanuel Lécharny
77408ac781
ITS#8153 - olcTimeLimit should be Single Value
2017-10-11 14:31:51 -07:00
Ivan Nejgebauer
cb9a4d01bc
ITS#8037 - Add support for relax control to delta-syncrepl
2017-10-11 14:31:45 -07:00
ck@test-centos64.cksoft.de
44e9bda0e4
ITS#7721 - Allow authTimestamp updates to be forwarded via updateref
2017-10-11 14:31:38 -07:00
Nathaniel McCallum
29f6260364
ITS#7532 - Add new function ldap_connect().
...
This function is used to manually establish a connection after
a call to ldap_initialize(). This is primarily so that a file
descriptor can be obtained before any requests are sent for the
purposes of polling for writability.
2017-10-11 14:31:22 -07:00
Quanah Gibson-Mount
9bef357403
ITS#6475 - Man page updates to slapd.conf/slapd-config for the new olcSaslAuxpropsDontUseCopy and olcSaslAuxpropsDontUseCopyIgnore parameters for use with SASL/OTP
2017-10-11 14:31:01 -07:00
Michael Ströder
636b63b5fd
ITS#8692 let back-sock generate increment: line in case of LDAP_MOD_INCREMENT (see RFC 4525, section 3)
2017-10-11 13:04:38 -07:00
Jan Vcelak
cbf5f03476
ITS#7389 - MozNSS: load certificates from certdb, fallback to PEM
...
If TLS_CACERT pointed to a PEM file and TLS_CACERTDIR was set to NSS
certificate database, the backend assumed that the certificate is always
located in the certificate database. This assumption might be wrong.
This patch makes the library to try to load the certificate from NSS
database and fallback to PEM file if unsuccessfull.
2017-10-06 13:59:07 -07:00
Ian Puleston
46c93e41f4
ITS#8167 Fix non-blocking TLS with referrals
2017-10-06 13:57:13 -07:00
Quanah Gibson-Mount
35a880c53e
ITS#8687 - EGD is disabled by default in OpenSSL 1.1. We need to comment out this block if it is not detected. Particularly affects cross compilation.
2017-10-06 13:48:40 -07:00
Quanah Gibson-Mount
a795d7cc0b
ITS#8583 - Fix C++ LDAP Control structure
2017-10-06 10:45:21 -07:00
sca+openldap@andreasschulze.de
90835da72f
ITS#8578 - remove unused-variables in RE24 testing call (2.4.45)
2017-10-06 10:45:08 -07:00
Nadezhda Ivanova
da170cbe3b
ITS#8404 Fix an assertion failure during modify of olcDbRewrite in back-meta
2017-10-06 10:44:54 -07:00
Quanah Gibson-Mount
fba60ab2ed
ITS#8121 - Note ldap_sasl_bind and ldap_sasl_bind_s can be used to make simple binds via the LDAP_SASL_SIMPLE mechanism
2017-10-06 10:44:38 -07:00
Ted C. Cheng
e20ac6b539
ITS#7520 - back-ldap omit-unknown-schema changes
2017-10-06 10:44:31 -07:00
Jan Vcelak
19fd969d21
ITS#7374 - MozNSS: better file name matching for hashed CA certificate directory
...
CA certificate files in OpenSSL compatible CACERTDIR were loaded if the
file extension was '.0'. However the file name should be 8 letters long
certificate hash of the certificate subject name, followed by a numeric
suffix which is used to differentiate between two certificates with the
same subject name.
Wit this patch, certificate file names are matched correctly (using
regular expressions).
2017-10-06 10:44:13 -07:00
Jan Vcelak
acc5b88661
ITS#7373 - TLS: do not reuse tls_session if hostname check fails
...
If multiple servers are specified, the connection to the first one
succeeds, and the hostname verification fails, *tls_session is not
dropped, but reused when connecting to the second server.
This is a problem with Mozilla NSS backend because another handshake
cannot be performed on the same file descriptor. From this reason,
hostname checking was moved into ldap_int_tls_connect() before
connection error handling.
2017-10-06 10:44:07 -07:00
Ondřej Kuzník
08492987a0
ITS#7100 Update entryTtl behaviour to match RFC 2589
2017-10-06 10:43:48 -07:00
Ondřej Kuzník
61cfb80f8d
ITS#7100 Test for entryTtl reflecting time to live
2017-10-06 10:40:20 -07:00
Quanah Gibson-Mount
44b9fd1c81
ITS#5048 - index on entryCSN is mandatory
2017-10-06 10:39:43 -07:00
Howard Chu
70e54d2527
ITS#8752 fix syncrepl null_callback
...
Make sure it's last in callback stack
2017-10-05 22:13:39 +01:00
Quanah Gibson-Mount
78626aeb4a
Fix script so it exits
2017-10-05 09:23:02 -07:00
Quanah Gibson-Mount
ae2a2a794b
ITS#8444 - Fix description to match the actual issue that was fixed
2017-10-04 20:42:54 -07:00
Quanah Gibson-Mount
53a41a22da
ITS#8752 - Add regression test
2017-10-04 20:36:25 -07:00
Hallvard Furuseth
ff2d7cc798
ITS#8733 Allow a raw integer to be decoded from a berval
2017-09-28 14:15:06 +01:00
Hallvard Furuseth
62811e8f65
ITS#8733 Allow extraction of the complete ber element
2017-09-28 14:14:55 +01:00
Ondřej Kuzník
6aa6daf2f0
ITS#8732 Extend CIRCLEQ macros
2017-09-28 08:53:58 +01:00
Quanah Gibson-Mount
0d4cd89786
LDAP_FEATURE_SUBORDINATE_SCOPE is from expired draft-sermersheim-ldap-subordinate-scope, leave behind LDAP_DEVEL
2017-09-26 11:51:27 -07:00
Quanah Gibson-Mount
30e2a904dc
Move a bunch of featuers back behind LDAP_DEVEL for 2.5
...
SLAP_AUXPROP_DONTUSECOPY is ok for release
2017-09-26 11:35:50 -07:00
Quanah Gibson-Mount
86105092bd
CHECK_CSN is a debug only flag for testing. It should always remain
...
behind LDAP_DEVEL
2017-09-26 11:30:50 -07:00
Quanah Gibson-Mount
a9ff0e97fc
ITS#6817 - back-meta work for SLAP_AUTH_DN was never finished according
...
to the ITS notes. In addition, this would need man page updates for the
feature
2017-09-26 11:27:15 -07:00
Quanah Gibson-Mount
41a9010773
The support for unindexed attributes being tracked in back-monitor needs
...
to remain behind LDAP_DEVEL for now. Right now, the mutex in
back-monitor cannot properly handle the load if the server had a lot
of unindexed attributes that were being accessed in search filters.
2017-09-26 11:04:45 -07:00
Quanah Gibson-Mount
43a039eba4
ITS#7428 - Non-blocking TLS is not compatible with MOZNSS
2017-09-26 10:59:08 -07:00
Quanah Gibson-Mount
7246da8a66
Whitespace cleanup
2017-09-26 10:33:01 -07:00
Ondřej Kuzník
a8f01cc885
ITS#8638 Add a recursive mutex to libldap_r for libevent
...
Most thread implementations suppport a native recursive mutex, use that
where possible (especially when a regular mutex is recursive already).
Also provide a macro for applications to test whether they can use the
lock functions interchangeably.
2017-09-26 16:26:33 +01:00
Ondřej Kuzník
5adcdb7642
Fix warnings issued by autoconf 2.68+
2017-09-26 14:41:11 +01:00
Quanah Gibson-Mount
04cfd144d9
Fix additional compile for /dev/poll support. /dev/poll is neither tested nor supported.
2017-09-22 12:05:18 -07:00
Quanah Gibson-Mount
2085def079
Merge branch 'master' of ssh://git-master.openldap.org/~git/git/openldap
2017-09-19 15:21:56 -07:00
Quanah Gibson-Mount
09bec057e5
Fix calls to SLAP_DEVPOLL_SOCK_LX for multi-listener support. Support
...
for /dev/poll is neither enabled nor tested, so other issues may exist.
2017-09-19 15:20:56 -07:00
Howard Chu
20e46d8494
ITS#8725 fix 75999a18c3
...
Not needed since callback uses tmpalloc
2017-09-08 21:36:05 +01:00
Quanah Gibson-Mount
c1512eea58
Fix typo "errror" -> "error"
2017-09-08 12:03:02 -07:00
Nadezhda Ivanova
82737719c8
ITS#8725 Always remove listener descriptors from daemon on shutdown
2017-09-08 19:43:59 +01:00
Howard Chu
db3909d27d
ITS#8725 add slap_sl_mark / slap_sl_release
...
For fast cleanup after constructing disposable entries
2017-09-08 17:39:22 +01:00
Howard Chu
68e064ca84
ITS#8725 Avoid listener thread startup race
...
Typically only shows up under valgrind, not in regular runs
2017-09-08 17:39:22 +01:00
Howard Chu
8b1fb962fc
ITS#8725 connection fixes
...
Fix op_finish, must resched connection to pick up pending ops.
Fix op completion counter.
2017-09-08 17:39:14 +01:00
Howard Chu
63308ef6bb
ITS#8725 backover fixes for async
...
Fix some valgrind race conditions - wait for frontend to finish up
Don't set callbacks for abandon or unbind - since they have no response
Use tmpalloc for backover callback
2017-09-08 17:25:55 +01:00
Nadezhda Ivanova
c6e00c7b0f
ITS#8725 Fix an invalid data access during add operations if backend is asynchronous
2017-09-08 16:51:27 +01:00
Howard Chu
01a5eeac1d
ITS#8727 plug ber leaks
2017-09-08 16:35:32 +01:00
Howard Chu
75999a18c3
ITS#8725 Add SLAPD_ASYNCOP return code
...
Tell frontend the op will finish asynchronously, leave it alone
2017-09-07 18:07:39 +01:00