mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-03 02:41:24 +08:00
Code Issues Packages Projects Releases Wiki Activity
23,560 Commits 38 Branches 307 Tags 74 MiB
32761fa3a1
Commit Graph

720 Commits

Author SHA1 Message Date
Ryan Tandy
dc277009e2 ITS#8097 nssov: update to protocol version 2 
This updates nssov for the protocol changes in nss-pam-ldapd commits
5f55781 and 6a74d8d. The protocol was changed to network byte order,
uid_t and gid_t were changed to int32_t, and the READ_TYPE and
WRITE_TYPE macros were removed. The PAM protocol was restructured to
drop the DN field and to use a common basic set of fields for all
requests.
 2015-04-16 03:41:30 +01:00
Ryan Tandy
6a28f3dc20 ITS#8097 nssov: update nss-pam-ldapd files to 0.9.4 2015-04-16 03:41:05 +01:00
Howard Chu
2d9f33072b ITS#8080 nssov: use old pwd if it's given 2015-03-18 20:50:19 +00:00
Ryan Tandy
0200c6d92c ITS#8080 nssov: allow user pwmod without pwdmgr configured 2015-03-18 20:48:15 +00:00
Ryan Tandy
957d4770eb ITS#8080 nssov: only allow root to become pwdmgr 2015-03-18 20:47:57 +00:00
Ryan Tandy
7e3177070a ITS#8080 nssov: require old password unless pwdmgr 2015-03-18 20:47:32 +00:00
Ryan Tandy
05ea78703b ITS#8079 nssov: fix compare for usergroup 
More for 5c527bc49e
 2015-03-15 19:32:29 +00:00
Howard Chu
1859a6f069 ITS#8065 more for syncrepl compat 
Use opextra to detect our own internal ops, not a public control
 2015-03-09 19:05:07 +00:00
Howard Chu
9655b23ce0 ITS#8006 more rootdn privs 2015-02-26 00:14:41 +00:00
Howard Chu
91f14e6c39 ITS#8065 don't log/replicate internal ops 2015-02-25 15:34:00 +00:00
Howard Chu
46c07bbfb5 More for prev commit 2015-02-25 00:39:14 +00:00
Howard Chu
79bbf05c5a More for ITS#6970 
modrdn had the same bug
 2015-02-25 00:30:36 +00:00
Quanah Gibson-Mount
1705fa7e55 Happy New Year 2015-02-11 15:36:57 -06:00
Howard Chu
9232232397 More for ITS#6970 2015-02-02 19:28:59 +00:00
Hallvard Breien Furuseth
0528f9f923 Update wrap_slap_ops. 
Catch a new bi_op_bind[]() case.  Silence warnings in END{}.
 2015-01-27 23:37:46 +01:00
SATOH Fumiyasu
ea58e1ee55 ITS#7782 tweak contrib/slapd-modules/**/Makefile 
Set LDAP_BUILD=$(LDAP_SRC) by default
 2014-12-16 19:52:44 +00:00
Howard Chu
a8bfed69fd ITS#8006 Use rootdn consistently on internal ops 2014-12-15 20:20:23 +00:00
Howard Chu
b8912c33ba ITS#8000 silence warnings 2014-12-10 22:24:25 +00:00
Howard Chu
62818acd0a ITS#7998 silence warning 2014-12-10 21:59:45 +00:00
Howard Chu
f05a39268d ITS#7997 silence warning 2014-12-10 21:57:44 +00:00
HAMANO Tsukasa
2a43a7d16f ITS#7977 Add PBKDF2 -SHA256 and -SHA512 2014-11-05 09:29:31 +00:00
Howard Chu
7e7ce79bd7 ITS#6970 more error checks in add_group 2014-07-21 11:32:31 -07:00
Howard Chu
4a1b7556a2 ITS#6970 all attrset params are required 2014-07-21 11:08:03 -07:00
Howard Chu
1f8945e8e4 ITS#6970 fix deadlocks 2014-07-21 10:47:36 -07:00
Howard Chu
316afb1190 ITS#6970 fix autogroup Add Entry processing 
Push modifications into response callback; only execute if
main Add actually succeeded.
 2014-07-21 07:56:05 -07:00
ryan@nardis.ca
b54ae0e2bd ITS#7851 contrib pw-sha2 fix int/size_t comparison 2014-07-18 09:43:36 -07:00
Ryan Tandy
9b36358270 ITS#7851 tell lutil_b64_pton the correct target buffer size 2014-07-18 09:42:22 -07:00
Howard Chu
44f797edad Fix EOL/whitespace 2014-07-18 09:28:27 -07:00
Ryan Tandy
1560c61fa2 ITS#7869 fix do_phk_hash arguments 2014-07-18 09:27:14 -07:00
Ryan Tandy
829027945f ITS#7877 use nettle instead of gcrypt 2014-06-30 20:07:41 -07:00
ryan@nardis.ca
d10652d33c ITS#7885 Wrong RPATH in contrib/passwd/Makefile 
Similar to #7858, another easy patch.
 2014-06-30 04:54:38 -07:00
Howard Chu
c5b48d0301 ITS#7858 fix install path 2014-05-25 12:49:06 -07:00
Howard Chu
5f524c4465 ITS#7831 fix double-free 
caused by c1e937c262 (ITS#6684)
 2014-04-04 03:25:17 -07:00
HAMANO Tsukasa
0fbabb115b ITS#7742 New: PBKDF2 module 
Signed-off-by: HAMANO Tsukasa <hamano@osstech.co.jp>
 2014-04-01 20:23:29 -07:00
Kevin H. Patterson
5791cc46a4 ITS#7806 fixed memory leak in LDAPAsynConnection.cpp 2014-02-26 11:06:44 -08:00
Kurt Zeilenga
5c878c1bf2 Happy new year (belated) 2014-01-25 05:21:25 -08:00
Hallvard Furuseth
7bb8b706c5 ITS#6758 Add SLAP_OP() &co, contrib:wrap_slap_ops. 
Add framework for debug macros SLAP_OP(), slap_be_op(),
slap_bi_op() around LDAP-operation backend calls.

contrib/slapd-tools/wrap_slap_ops converts code to use them.

Code compiles as before by default.  #define USE_RS_ASSERT
enables debugging, $NO_RS_ASSERT tweaks it. See slapd/result.c.
 2013-12-11 14:40:45 +01:00
Howard Chu
7915f51889 Fix modrdn unique check 
Just check normalized name match. Case-changes are allowed.
 2013-09-19 16:00:04 -07:00
Quanah Gibson-Mount
4eecd27729 Update example slapd.conf bits to use mdb instead of bdb 2013-09-19 14:28:12 -07:00
Landry Breuil
7c6b599de6 ITS#7580 Fix autogroup when no attrs in URI. 
Do not use lvals[], lnvals[] out of scope.
 2013-06-13 15:16:54 +02:00
Howard Chu
2b837de9c1 ITS#7518 fix manpage 2013-04-23 14:44:55 -07:00
Howard Chu
33fc2b54a5 ITS#7518 resync nss-pam-ldapd files 
Also note minimum version required.
 2013-04-23 12:49:25 -07:00
Ted C. Cheng
21ff23ac71 ITS#7569 fixed a group enumeration bug (Symas#2255) 2013-04-10 16:25:28 -07:00
Ted C. Cheng
1c99711ede ITS#7518 1. Sync'ed up with nss-pam-ldapd 0.8.11 * added nssov_config support * added password_prohibit_message, similar to PADL * self-password-changes are made as user identities; root changing user passwords as nssov-pam-pwdmgr-dn 2. Fixed a bug that connection DN was not constructed correctly 3. Fixed a service crash issue when protocol value is NULL 4. Added more debugging msgs. 4. added rights info 2013-02-05 15:55:54 -08:00
Ralf Haferkamp
de4de15a3f Add some simple checks for certificate directories/files 2013-01-31 14:32:20 +01:00
Quanah Gibson-Mount
ee12abc425 Clean up whitespace 2013-01-26 18:37:29 -08:00
Quanah Gibson-Mount
ad9f847bf4 ITS#7490 
Zero out the complete context buffer
From mhardin@symas.com
 2013-01-17 12:05:01 -08:00
Pierangelo Masarati
4a890d099c more about ITS#7493 2013-01-16 21:38:54 +01:00
Michael Stroeder
11bc731632 s/directoryOperation/dSAOperation/ (ITS#7493) 2013-01-16 20:37:40 +01:00
Kurt Zeilenga
0fd1bf30b8 Happy New Year 2013-01-02 10:22:57 -08:00
Howard Chu
88fad0dd41 ITS#7481 fix nssov-pam-session config 2012-12-23 06:11:39 -08:00
Ralf Haferkamp
7a8c9a6419 ldapc++: fix builds with gcc-4.7 (ITS#7281,ITS#7304) 2012-11-02 12:10:43 +01:00
Howard Chu
e584749808 ITS#7357 set NAS-Identifier in request 2012-08-21 13:30:02 -07:00
Jan Vcelak
759fe9c6d5 ITS#7327 smbk5pwd: error if crypto backend unsupported 2012-07-26 10:15:39 -07:00
SATOH Fumiyasu
251b4e69ca ITS#7309 contrib/slapd-modules: Unify the structure and usage of Makefile 2012-06-26 06:36:16 -07:00
SATOH Fumiyasu
0246435da9 ITS#7308 contrib/slapd-modules: Add missing Makefiles 2012-06-26 06:30:26 -07:00
SATOH Fumiyasu
899f3c994f ITS#7278 SHA-2: Add support salted SHA-2 password hashes 
Support {SSHA256}, {SSHA384} and {SSHA512} hash schemes
 2012-05-29 16:05:56 -07:00
SATOH Fumiyasu
3bc7f6d27d ITS#7269 SHA2: Avoid "static char real_hash[]" to support multithread 
Remove sha*_hex_hash() and replace chk_sha*() with
libraries/liblutil/passwd.c:chk_sha1() implementation to
avoid a race condition.
 2012-05-29 16:02:16 -07:00
SATOH Fumiyasu
e4f4322f6c SHA2: Make slapd-sha2 module portable 
contrib/slapd-modules/passwd/sha2/sha2.[ch] need portable.h and
some macros to be portable source.

contrib/slapd-modules/passwd/sha2/slapd-sha2.c:hash_sha*() must
declare "struct berval digest" before a statement for K&R C,
and must replace C++ "// foo"-style comments with C style.
 2012-05-08 12:16:25 -07:00
Pierangelo Masarati
762ef802f6 ITS#6598 make control global 2012-04-11 09:52:57 +02:00
Hallvard Furuseth
465942e74d ITS#7160 Support POSIX make: No $< in target rules 2012-02-18 18:17:40 +01:00
SATOH Fumiyasu
4069a34803 ITS#7138 smbk5pwd: fix ITS#6955 shadowLastChange 
Fix uninitialized keys[1] in shadowLastChange support
 2012-01-27 13:08:36 -08:00
Hallvard Furuseth
917c52014d Fix the configure.in $Id$ in configure 2012-01-27 21:30:12 +01:00
Kurt Zeilenga
2bbf9804b9 Happy New Year! 2012-01-01 07:10:53 -08:00
Ralf Haferkamp
7402cbb6f7 Fix compile problems with older gcc releases 2011-11-10 16:25:57 +01:00
Howard Chu
323e70ba13 ITS#7083 fix verb_to_mask usage 2011-11-07 16:41:35 -08:00
David Adam
29206f6d20 ITS#7082 Fix smbk5pwd:olcSmbK5PwdEnable 2011-11-07 22:30:00 +01:00
Quanah Gibson-Mount
e625581af3 Fix SLAP_CONFIG_DELETE ifdef (already fixed in RE24) 2011-11-04 15:21:34 -07:00
Howard Chu
3a096b300c ITS#6972 fix double-free in autogroup 2011-11-01 13:40:57 -07:00
Pierangelo Masarati
8df4c357be authTimestamp should be manageable (ITS#6873) 2011-06-30 21:55:28 +02:00
Ralf Haferkamp
1e4faaf1bd Additional getter methods for LDAPModification 2011-06-15 15:28:55 +02:00
SATOH Fumiyasu
d5920a42b1 ITS#6955 smbk5pwd: Support shadowLastChange 
Fix typo -- hyc
 2011-06-09 01:07:40 -07:00
Howard Chu
573b1e37ea ITS#6934 fix typo 2011-06-09 00:21:47 -07:00
Luke Howard
93c54fd158 Add GSS naming extensions ACL plugin 2011-05-09 13:55:40 +02:00
Hallvard Furuseth
fac36dcba7 ITS#6932: Clean up strange asserts & nearby code. 
Mostly found by Klocwork: Issues #213,298-300,331,342-343,374,390,410.
 2011-05-05 15:55:29 +02:00
Ralf Haferkamp
8b949b18c6 Fix build with gcc 4.6 2011-05-03 11:21:07 +02:00
Ralf Haferkamp
28adb589f2 fixed LDAPCtrl constructor when using char* 2011-04-14 15:44:00 +02:00
Ralf Haferkamp
36ba454bb6 renew SSL context when setting global Options 2011-04-01 10:06:05 +02:00
Ralf Haferkamp
0d5c46d838 Fixed SSL/TLS context renewal 
LDAP_OPT_X_TLS_NEWCTX needs a pointer to 0 as the value for
ldap_set_option when renewing a client's SSL context.
 2011-04-01 09:48:24 +02:00
Luke Howard
be0a8db087 get posixgroup.c compiling again 2011-03-31 00:35:27 +11:00
Kurt Zeilenga
cf49e43f86 Merge branch 'master' of ssh://git-master.openldap.org/~git/git/openldap 2011-03-28 18:42:22 -07:00
Kurt Zeilenga
cd1f718f01 Update guide Copyright/License handling 
Avoids redundant files.
And update various notices
 2011-03-28 18:40:52 -07:00
Quanah Gibson-Mount
0adef98b25 Update for git 2011-03-28 12:23:50 -07:00
Kurt Zeilenga
6921f1b7df fix typo in last commit 2011-03-27 17:49:21 -07:00
Kurt Zeilenga
364ae53526 handle $Id$ in configure.in (configure scripts need to be rebuilt) 2011-03-27 17:48:08 -07:00
Quanah Gibson-Mount
e8e711018f ITS#6879 
Fix typo
 2011-03-25 19:39:08 +00:00
Howard Chu
dc03b00857 ITS#6877 add LIBTOOL definition 2011-03-24 17:00:38 +00:00
Howard Chu
db5c70f89d More for ITS#6238 add install rule 2011-03-24 07:01:17 +00:00
Howard Chu
5fa1826370 Add CVS ID 2011-02-07 01:14:04 +00:00
Howard Chu
0561aa164a Drop unneeded scheme param 2011-02-07 01:12:49 +00:00
Howard Chu
e9e99fe612 Add APR1 to Makefile/README. Add {BSDMD5} mechanism. 2011-02-07 01:09:47 +00:00
Howard Chu
ffc1d68035 Use lutil_passwd_string64 instead of pw_string64 2011-02-07 00:49:55 +00:00
Howard Chu
4f8c0eddd2 ITS#6826 from Devin J. Pohly 2011-02-07 00:49:04 +00:00
Howard Chu
7f8b0560bd Replace pw_string64 with lutil_passwd_string64 2011-02-07 00:47:25 +00:00
Howard Chu
343bfa7ff4 ITS#6238 note lastbind 2011-02-05 00:59:18 +00:00
Howard Chu
ab8a0b7c77 DSA-specific opattrs don't replicate 2011-02-05 00:33:45 +00:00
Howard Chu
7d4cb05721 More cleanup 2011-02-05 00:29:24 +00:00
Howard Chu
fcb0c8c320 Add CVS IDs 2011-02-05 00:22:26 +00:00
Howard Chu
03cf13063d More cleanup, no C++ comments 2011-02-05 00:16:43 +00:00
Howard Chu
0403ca4f56 Allocate ConfigOID, use ISODE authTimestamp schema 2011-02-05 00:13:56 +00:00
Howard Chu
34347c66a0 ITS#6238 from Jonathan Clarke. Needs cleanup. 2011-02-04 23:59:44 +00:00
Howard Chu
f6871370f4 Fix agi_entry race conditions 2011-01-29 21:42:39 +00:00
Howard Chu
01e1b1e842 #6684 cleanup unneeded agi_mutex locks 2011-01-29 21:23:22 +00:00
Howard Chu
7b5dbc0b61 #6684 cleanup, acknowledgements 2011-01-29 21:15:19 +00:00
Howard Chu
c1e937c262 ITS#6684 preliminary from Norbert Pueschel and Christian Manal 2011-01-29 21:12:51 +00:00
Hallvard Furuseth
42cb7f06f1 cleanup: Rename rs_ensure_entry_modifiable(). 
The name rs_entry2modifiable() is more reasonably sized.
For now, leave behind a macro rs_ensure_entry_modifiable in proto-slap.h.
 2011-01-28 16:33:55 +00:00
Hallvard Furuseth
22aa7c51a0 vc: Fix last commit (checked for impossible error) 2011-01-17 13:59:51 +00:00
Hallvard Furuseth
b9609cedf5 Catch ber errors in vc (Verify Credentials) 2011-01-17 13:15:27 +00:00
Pierangelo Masarati
af38ed8bea remove cruft (ITS#6784) 2011-01-12 14:23:24 +00:00
Pierangelo Masarati
2c71596589 check restrictions; overlay must be global 2011-01-08 12:50:59 +00:00
Kurt Zeilenga
966cef8c9a Happy New Year 2011-01-05 00:42:37 +00:00
Pierangelo Masarati
169fa7447c fix previous commits 2011-01-04 20:43:55 +00:00
Pierangelo Masarati
e5f9e7822e fix multi-step binds otherwise 2011-01-04 20:43:10 +00:00
Pierangelo Masarati
d5f65267bd also works for multi-stage binds (ITS#6771; needs ITS#6773 patch) 2011-01-04 16:19:51 +00:00
Pierangelo Masarati
e26b196f69 fix cloak behavior; plug leak (ITS#6762) 2011-01-04 13:08:28 +00:00
Pierangelo Masarati
565110b249 fix previous commit 2011-01-04 11:17:33 +00:00
Pierangelo Masarati
2d635156dc add minimal support for RFC3829 (ITS#6771) 2011-01-04 10:57:35 +00:00
Pierangelo Masarati
54e2b1464e plug leak in previous commit 2011-01-04 01:13:58 +00:00
Pierangelo Masarati
1a0c8e1e6e fix control response handling 2011-01-04 01:04:04 +00:00
Pierangelo Masarati
c5afa82d58 fix request controls 2011-01-04 00:10:02 +00:00
Pierangelo Masarati
7614e03a63 harmonize with specs; fix bugs in previous commit 2011-01-03 23:40:53 +00:00
Pierangelo Masarati
9757235557 first cut at new spec (needs #define LDAP_TAG_EXOP_VERIFY_CREDENTIALS_CONTROLS) 2011-01-03 21:50:54 +00:00
Pierangelo Masarati
c544fb7fc3 sync with client-side 2011-01-03 19:40:22 +00:00
Pierangelo Masarati
cb1414ba28 fix logging 2011-01-01 17:26:15 +00:00
Pierangelo Masarati
cd1fb3003c check return value 2011-01-01 16:10:23 +00:00
Hallvard Furuseth
f4a3304477 ITS#6758 Use rs_*() to manage SlapReply entries. 
Some noop changes + fixes entry leaks and REP_ENTRY_MODIFIABLE flag leaks.
 2010-12-31 17:55:36 +00:00
Hallvard Furuseth
6d7c1880a8 ITS#6758 Avoid SlapReply reuse. 
Caller provides a SlapReply and reads the result after the operation,
then reuses it.  Reinitialize before reuse, or move declaration inwards.
 2010-12-31 13:08:11 +00:00
Hallvard Furuseth
13f52646b2 ITS#6758 Avoid SlapReply reuse, simple cases. 
Caller provides and reuses a SlapReply it does not read after
initialization.  So reinitialize or move the declaration inwards.
In case of refint, move the rs parameter into refint_repair().
 2010-12-31 10:46:22 +00:00
Hallvard Furuseth
cd6e9156e7 Remove lint (unused vars/labels/funcs/default:s) 2010-12-30 23:34:55 +00:00
Pierangelo Masarati
41aa82350e silence valgrind 2010-12-30 21:52:09 +00:00
Pierangelo Masarati
ce4f5abb6e should also work for SASL binds (whenever supported) 2010-12-30 21:41:36 +00:00
Howard Chu
41f15a0080 ITS#6684 fix ppolicy crash, fix Makefile install target 2010-12-30 18:40:01 +00:00
Pierangelo Masarati
2ad0a297b8 verify credentials extop: support for simple bind 2010-12-30 15:49:34 +00:00
Ralf Haferkamp
026713f497 plugin for retrieving and updating KRB5 TGT 2010-10-22 14:31:56 +00:00
Howard Chu
7600b22f3c ITS#6676 only close/unlink socket in Server mode 2010-10-16 12:14:49 +00:00
Pierangelo Masarati
a51b20d663 register/unregister control based on overlay instantiation (indirectly related to ITS#6647) 2010-09-14 18:50:45 +00:00
Pierangelo Masarati
afe2764a03 support for no-op search control (ITS#6598) 2010-09-09 16:00:01 +00:00
Pierangelo Masarati
677a390f4d fix previous commit 2010-09-05 22:02:24 +00:00
Pierangelo Masarati
86528cfa1d honor all user attrs 2010-08-26 23:19:43 +00:00
Pierangelo Masarati
9813ce5504 add (partial) support for draft-ietf-ldapext-ldapv3-dupent-08.txt (expired) 2010-08-26 06:22:07 +00:00
Howard Chu
b0ccdd79fc ITS#6536 use the attr part of URIs. from Raphael Ouazana @ Linagora 2010-07-29 03:08:48 +00:00
Howard Chu
d2aac4ef22 ITS#6604 use LUTIL_GETPEEREID() 2010-07-28 22:26:35 +00:00
Pierangelo Masarati
012bab8902 (almost) ready for add-if-not-present 2010-05-26 06:31:49 +00:00
Pierangelo Masarati
68e02f92c1 add version number overlay (needs configuration yet) 2010-05-25 07:56:36 +00:00
Pierangelo Masarati
33c328c216 add pguid overlay (not considered right now) 2010-04-21 05:19:29 +00:00
Pierangelo Masarati
4cc324cb51 cleanup 2010-04-21 05:02:08 +00:00
Pierangelo Masarati
0d18a60ca6 add slapo-rdnval in support to Samba4 2010-04-21 05:01:32 +00:00
Kurt Zeilenga
3dadeb3efe happy belated New Year 2010-04-13 22:17:29 +00:00
Howard Chu
b463d6164a ITS#6488 update from nss-ldapd to nss-pam-ldapd, refer to nss-pam-ldapd 
home page instead of bundling the full code
 2010-04-12 03:04:02 +00:00
Pierangelo Masarati
5812265a84 fix previous commit (completely screwed, sorry) 2010-04-10 04:36:44 +00:00