mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
23,029 Commits 38 Branches 307 Tags 74 MiB
331e587754
Commit Graph

699 Commits

Author SHA1 Message Date
Hallvard Furuseth
23c5d6bbdd ITS#8435 Fix uninited slap_callback.sc_writewait 2016-06-12 08:30:58 +02:00
Devin J. Pohly
fb5b3a0df2 ITS#6826 conversion scripts 
These were provided as part of the original ITS but not previously committed.
Perl scripts to convert between Apache and OpenLDAP hash formats.
 2016-04-11 13:35:39 +01:00
Quanah Gibson-Mount
6c4d6c880b Happy New Year! 2016-01-29 13:32:05 -06:00
Howard Chu
fb00ef1915 ITS#8294 more for prev commit 2015-10-29 20:31:36 +00:00
Howard Chu
01c27e1342 ITS#8294 avoid symbol clash with other crypto libs 2015-10-29 20:19:00 +00:00
Howard Chu
639da48fdc ITS#8230 add GnuTLS/nettle support 2015-09-25 19:28:18 +01:00
Howard Chu
ccedb68ee2 ITS#8230 fix padding count 2015-09-25 18:53:05 +01:00
Howard Chu
6e4c747d5d ITS#8230 Don't skip tval on big-endian 2015-09-25 18:52:24 +01:00
Ryan Tandy
f81bec6184 ITS#8235 fix compiler warnings 2015-09-02 13:15:23 -07:00
Ryan Tandy
9d2dc5dd24 ITS#8198 use #elif instead of #else for gnutls cases 
Reserve #else for actual fallback cases.
 2015-08-22 18:59:13 -07:00
Luca Bruno
709a0f4a97 ITS#8198 Optionally use libnettle instead of OpenSSL for crypto 
OpenLDAP can be configured to be either built with OpenSSL or
GnuTLS. This commit adds support for building pw-pbkbdf2 module
without OpenSSL, by using PBKDF2 crypto primitives provided by
libnettle.
Closes hamano/openldap-pbkdf2#2

Signed-off-by: Luca Bruno <luca.bruno@rocket-internet.de>
 2015-08-22 19:35:38 +00:00
Luca Bruno
ba20d70d2b ITS#8198 Fix an always-true check 
Fixed asprintf return value check, in order to properly catch
error conditions. This has been caught by clang -Wtautological-compare:

pw-pbkdf2.c:132:17: warning: comparison of unsigned expression < 0 is always false
        if(msg->bv_len < 0){
           ~~~~~~~~~~~ ^ ~

Signed-off-by: Luca Bruno <luca.bruno@rocket-internet.de>
 2015-08-22 19:35:34 +00:00
Howard Chu
768967f176 More filter tweaks 2015-08-10 19:36:06 +01:00
Howard Chu
571a7c72fc Shortcut name mapping 
If the naming attribute is in the RDN we don't need to look it up.
 2015-08-09 20:57:49 +01:00
Howard Chu
523f989d8f More filter mapping 
Was only handling (objectclass=<group>)(<memberUid>=bar).
Now handles (objectclass=<group>)(<groupname>=bar) too.
 2015-08-07 04:04:22 +01:00
Howard Chu
706bbd42d9 Fix interaction with rwm 2015-08-01 00:35:44 +01:00
Howard Chu
20c0464fed Also remap explicitly requested attr names 2015-08-01 00:20:49 +01:00
Howard Chu
024d4cbee2 Fix filter init 
compound filters f_next is not ignored
 2015-07-28 12:10:54 +01:00
Howard Chu
fb7470d82f More tweaks 
Check for error on internal search, init AttributeAssertions in
constructed filter
 2015-07-25 23:23:41 +01:00
Howard Chu
3770a2c1e3 tweak filter mapping in prev commit 
Don't bypass downcasing
 2015-07-25 22:31:43 +01:00
Howard Chu
4cbd3b63c0 Add filter remapping 2015-07-25 22:23:46 +01:00
Howard Chu
a8491a63e6 Fix setting authTimestamp on non-TOTP binds 2015-07-16 03:28:37 +01:00
Howard Chu
34e7cbb6fe Plug memleak on mismatched length 2015-07-13 17:17:42 +01:00
Howard Chu
1ab08d2f8e Fix whitespace in manpage 2015-07-07 19:10:00 +01:00
Howard Chu
b6208a4474 New ADremap overlay 2015-07-03 20:11:25 +01:00
Howard Chu
e4278b5731 Fix cfg OID typos 2015-07-03 10:52:20 +01:00
Howard Chu
ea43ac38bf Merge authTimestamp from lastbind overlay 
This code duplicates the basic function of lastbind. The two overlays
cannot be used together. The timestamp Mod op is changed to require
the old value to still be present at the end of the Bind. This allows
us to detect collisions (multiple successful Binds in the same time
window) and properly fail the extra Bind attempts.
 2015-07-02 20:12:51 +01:00
Howard Chu
e069a79239 Add TOTP pw mechanism 2015-07-02 17:05:14 +01:00
Ryan Tandy
0146e3ddfc ITS#8097 nssov: clean up some compiler warnings 2015-04-16 03:41:48 +01:00
Ryan Tandy
dc277009e2 ITS#8097 nssov: update to protocol version 2 
This updates nssov for the protocol changes in nss-pam-ldapd commits
5f55781 and 6a74d8d. The protocol was changed to network byte order,
uid_t and gid_t were changed to int32_t, and the READ_TYPE and
WRITE_TYPE macros were removed. The PAM protocol was restructured to
drop the DN field and to use a common basic set of fields for all
requests.
 2015-04-16 03:41:30 +01:00
Ryan Tandy
6a28f3dc20 ITS#8097 nssov: update nss-pam-ldapd files to 0.9.4 2015-04-16 03:41:05 +01:00
Howard Chu
2d9f33072b ITS#8080 nssov: use old pwd if it's given 2015-03-18 20:50:19 +00:00
Ryan Tandy
0200c6d92c ITS#8080 nssov: allow user pwmod without pwdmgr configured 2015-03-18 20:48:15 +00:00
Ryan Tandy
957d4770eb ITS#8080 nssov: only allow root to become pwdmgr 2015-03-18 20:47:57 +00:00
Ryan Tandy
7e3177070a ITS#8080 nssov: require old password unless pwdmgr 2015-03-18 20:47:32 +00:00
Ryan Tandy
05ea78703b ITS#8079 nssov: fix compare for usergroup 
More for 5c527bc49e
 2015-03-15 19:32:29 +00:00
Howard Chu
1859a6f069 ITS#8065 more for syncrepl compat 
Use opextra to detect our own internal ops, not a public control
 2015-03-09 19:05:07 +00:00
Howard Chu
9655b23ce0 ITS#8006 more rootdn privs 2015-02-26 00:14:41 +00:00
Howard Chu
91f14e6c39 ITS#8065 don't log/replicate internal ops 2015-02-25 15:34:00 +00:00
Howard Chu
46c07bbfb5 More for prev commit 2015-02-25 00:39:14 +00:00
Howard Chu
79bbf05c5a More for ITS#6970 
modrdn had the same bug
 2015-02-25 00:30:36 +00:00
Quanah Gibson-Mount
1705fa7e55 Happy New Year 2015-02-11 15:36:57 -06:00
Howard Chu
9232232397 More for ITS#6970 2015-02-02 19:28:59 +00:00
Hallvard Breien Furuseth
0528f9f923 Update wrap_slap_ops. 
Catch a new bi_op_bind[]() case.  Silence warnings in END{}.
 2015-01-27 23:37:46 +01:00
SATOH Fumiyasu
ea58e1ee55 ITS#7782 tweak contrib/slapd-modules/**/Makefile 
Set LDAP_BUILD=$(LDAP_SRC) by default
 2014-12-16 19:52:44 +00:00
Howard Chu
a8bfed69fd ITS#8006 Use rootdn consistently on internal ops 2014-12-15 20:20:23 +00:00
Howard Chu
b8912c33ba ITS#8000 silence warnings 2014-12-10 22:24:25 +00:00
Howard Chu
62818acd0a ITS#7998 silence warning 2014-12-10 21:59:45 +00:00
Howard Chu
f05a39268d ITS#7997 silence warning 2014-12-10 21:57:44 +00:00
HAMANO Tsukasa
2a43a7d16f ITS#7977 Add PBKDF2 -SHA256 and -SHA512 2014-11-05 09:29:31 +00:00
Howard Chu
7e7ce79bd7 ITS#6970 more error checks in add_group 2014-07-21 11:32:31 -07:00
Howard Chu
4a1b7556a2 ITS#6970 all attrset params are required 2014-07-21 11:08:03 -07:00
Howard Chu
1f8945e8e4 ITS#6970 fix deadlocks 2014-07-21 10:47:36 -07:00
Howard Chu
316afb1190 ITS#6970 fix autogroup Add Entry processing 
Push modifications into response callback; only execute if
main Add actually succeeded.
 2014-07-21 07:56:05 -07:00
ryan@nardis.ca
b54ae0e2bd ITS#7851 contrib pw-sha2 fix int/size_t comparison 2014-07-18 09:43:36 -07:00
Ryan Tandy
9b36358270 ITS#7851 tell lutil_b64_pton the correct target buffer size 2014-07-18 09:42:22 -07:00
Howard Chu
44f797edad Fix EOL/whitespace 2014-07-18 09:28:27 -07:00
Ryan Tandy
1560c61fa2 ITS#7869 fix do_phk_hash arguments 2014-07-18 09:27:14 -07:00
Ryan Tandy
829027945f ITS#7877 use nettle instead of gcrypt 2014-06-30 20:07:41 -07:00
ryan@nardis.ca
d10652d33c ITS#7885 Wrong RPATH in contrib/passwd/Makefile 
Similar to #7858, another easy patch.
 2014-06-30 04:54:38 -07:00
Howard Chu
c5b48d0301 ITS#7858 fix install path 2014-05-25 12:49:06 -07:00
Howard Chu
5f524c4465 ITS#7831 fix double-free 
caused by c1e937c262 (ITS#6684)
 2014-04-04 03:25:17 -07:00
HAMANO Tsukasa
0fbabb115b ITS#7742 New: PBKDF2 module 
Signed-off-by: HAMANO Tsukasa <hamano@osstech.co.jp>
 2014-04-01 20:23:29 -07:00
Kevin H. Patterson
5791cc46a4 ITS#7806 fixed memory leak in LDAPAsynConnection.cpp 2014-02-26 11:06:44 -08:00
Kurt Zeilenga
5c878c1bf2 Happy new year (belated) 2014-01-25 05:21:25 -08:00
Hallvard Furuseth
7bb8b706c5 ITS#6758 Add SLAP_OP() &co, contrib:wrap_slap_ops. 
Add framework for debug macros SLAP_OP(), slap_be_op(),
slap_bi_op() around LDAP-operation backend calls.

contrib/slapd-tools/wrap_slap_ops converts code to use them.

Code compiles as before by default.  #define USE_RS_ASSERT
enables debugging, $NO_RS_ASSERT tweaks it. See slapd/result.c.
 2013-12-11 14:40:45 +01:00
Howard Chu
7915f51889 Fix modrdn unique check 
Just check normalized name match. Case-changes are allowed.
 2013-09-19 16:00:04 -07:00
Quanah Gibson-Mount
4eecd27729 Update example slapd.conf bits to use mdb instead of bdb 2013-09-19 14:28:12 -07:00
Landry Breuil
7c6b599de6 ITS#7580 Fix autogroup when no attrs in URI. 
Do not use lvals[], lnvals[] out of scope.
 2013-06-13 15:16:54 +02:00
Howard Chu
2b837de9c1 ITS#7518 fix manpage 2013-04-23 14:44:55 -07:00
Howard Chu
33fc2b54a5 ITS#7518 resync nss-pam-ldapd files 
Also note minimum version required.
 2013-04-23 12:49:25 -07:00
Ted C. Cheng
21ff23ac71 ITS#7569 fixed a group enumeration bug (Symas#2255) 2013-04-10 16:25:28 -07:00
Ted C. Cheng
1c99711ede ITS#7518 1. Sync'ed up with nss-pam-ldapd 0.8.11 * added nssov_config support * added password_prohibit_message, similar to PADL * self-password-changes are made as user identities; root changing user passwords as nssov-pam-pwdmgr-dn 2. Fixed a bug that connection DN was not constructed correctly 3. Fixed a service crash issue when protocol value is NULL 4. Added more debugging msgs. 4. added rights info 2013-02-05 15:55:54 -08:00
Ralf Haferkamp
de4de15a3f Add some simple checks for certificate directories/files 2013-01-31 14:32:20 +01:00
Quanah Gibson-Mount
ee12abc425 Clean up whitespace 2013-01-26 18:37:29 -08:00
Quanah Gibson-Mount
ad9f847bf4 ITS#7490 
Zero out the complete context buffer
From mhardin@symas.com
 2013-01-17 12:05:01 -08:00
Pierangelo Masarati
4a890d099c more about ITS#7493 2013-01-16 21:38:54 +01:00
Michael Stroeder
11bc731632 s/directoryOperation/dSAOperation/ (ITS#7493) 2013-01-16 20:37:40 +01:00
Kurt Zeilenga
0fd1bf30b8 Happy New Year 2013-01-02 10:22:57 -08:00
Howard Chu
88fad0dd41 ITS#7481 fix nssov-pam-session config 2012-12-23 06:11:39 -08:00
Ralf Haferkamp
7a8c9a6419 ldapc++: fix builds with gcc-4.7 (ITS#7281,ITS#7304) 2012-11-02 12:10:43 +01:00
Howard Chu
e584749808 ITS#7357 set NAS-Identifier in request 2012-08-21 13:30:02 -07:00
Jan Vcelak
759fe9c6d5 ITS#7327 smbk5pwd: error if crypto backend unsupported 2012-07-26 10:15:39 -07:00
SATOH Fumiyasu
251b4e69ca ITS#7309 contrib/slapd-modules: Unify the structure and usage of Makefile 2012-06-26 06:36:16 -07:00
SATOH Fumiyasu
0246435da9 ITS#7308 contrib/slapd-modules: Add missing Makefiles 2012-06-26 06:30:26 -07:00
SATOH Fumiyasu
899f3c994f ITS#7278 SHA-2: Add support salted SHA-2 password hashes 
Support {SSHA256}, {SSHA384} and {SSHA512} hash schemes
 2012-05-29 16:05:56 -07:00
SATOH Fumiyasu
3bc7f6d27d ITS#7269 SHA2: Avoid "static char real_hash[]" to support multithread 
Remove sha*_hex_hash() and replace chk_sha*() with
libraries/liblutil/passwd.c:chk_sha1() implementation to
avoid a race condition.
 2012-05-29 16:02:16 -07:00
SATOH Fumiyasu
e4f4322f6c SHA2: Make slapd-sha2 module portable 
contrib/slapd-modules/passwd/sha2/sha2.[ch] need portable.h and
some macros to be portable source.

contrib/slapd-modules/passwd/sha2/slapd-sha2.c:hash_sha*() must
declare "struct berval digest" before a statement for K&R C,
and must replace C++ "// foo"-style comments with C style.
 2012-05-08 12:16:25 -07:00
Pierangelo Masarati
762ef802f6 ITS#6598 make control global 2012-04-11 09:52:57 +02:00
Hallvard Furuseth
465942e74d ITS#7160 Support POSIX make: No $< in target rules 2012-02-18 18:17:40 +01:00
SATOH Fumiyasu
4069a34803 ITS#7138 smbk5pwd: fix ITS#6955 shadowLastChange 
Fix uninitialized keys[1] in shadowLastChange support
 2012-01-27 13:08:36 -08:00
Hallvard Furuseth
917c52014d Fix the configure.in $Id$ in configure 2012-01-27 21:30:12 +01:00
Kurt Zeilenga
2bbf9804b9 Happy New Year! 2012-01-01 07:10:53 -08:00
Ralf Haferkamp
7402cbb6f7 Fix compile problems with older gcc releases 2011-11-10 16:25:57 +01:00
Howard Chu
323e70ba13 ITS#7083 fix verb_to_mask usage 2011-11-07 16:41:35 -08:00
David Adam
29206f6d20 ITS#7082 Fix smbk5pwd:olcSmbK5PwdEnable 2011-11-07 22:30:00 +01:00
Quanah Gibson-Mount
e625581af3 Fix SLAP_CONFIG_DELETE ifdef (already fixed in RE24) 2011-11-04 15:21:34 -07:00
Howard Chu
3a096b300c ITS#6972 fix double-free in autogroup 2011-11-01 13:40:57 -07:00
Pierangelo Masarati
8df4c357be authTimestamp should be manageable (ITS#6873) 2011-06-30 21:55:28 +02:00
Ralf Haferkamp
1e4faaf1bd Additional getter methods for LDAPModification 2011-06-15 15:28:55 +02:00