Greg Veldman
3be82f40d5
ITS#9055 Introduce a combined password scheme
2019-10-03 08:41:31 +01:00
Greg Veldman
711a96064e
ITS#9055 Accept previous token
2019-10-03 08:37:03 +01:00
Ondřej Kuzník
639e5f15fd
ITS#9081 Do not leak sb (ITS#8755 regression)
2019-09-23 17:27:18 +01:00
Ondřej Kuzník
81025cc8bf
ITS#9077 Let the loop finish
2019-09-23 16:37:38 +01:00
Ryan Tandy
63c82c0ed7
ITS#9069 Do not call gnutls_global_set_mutex()
...
Since GnuTLS moved to implicit initialization on library load, calling
this function deinitializes GnuTLS and then re-initializes it.
When GnuTLS uses /dev/urandom as an entropy source (getrandom() not
available, or older versions of GnuTLS), and the application closed all
file descriptors at startup, this could result in GnuTLS opening
/dev/urandom over one of the application's file descriptors when
re-initialized.
Additionally, the custom mutex functions are never reset, so if libldap
is unloaded (for example via dlclose()) after calling this, its code may
be unmapped and the application could crash when GnuTLS calls the mutex
functions.
On typical systems, GnuTLS system mutexes are probably the same as what
libldap uses anyway.
2019-09-12 13:16:30 -07:00
Ondřej Kuzník
dc3e450104
ITS#8731 Remove extra args
2019-09-10 19:00:24 +01:00
Ondřej Kuzník
a14fb731ac
ITS#9076 Set oldctrls correctly
2019-09-10 19:00:24 +01:00
Ryan Tandy
dbcdcb8258
ITS#8983 ignore psearchctrl.c symlink
2019-08-30 09:06:26 -07:00
Ondřej Kuzník
5b304a3ae6
ITS#9071 Document "tls none" for back-ldap
2019-08-30 14:02:31 +01:00
Ondřej Kuzník
e192a0e544
Only allow autoca building with openssl
2019-08-27 17:23:13 +01:00
Ryan Tandy
67f81dccc8
ITS#8753 Set minimum GnuTLS version to 3.2.2
...
Ensure gnutls_digest_get_id() is available
2019-08-27 16:56:48 +01:00
Julia Bremer
8514f2a771
ITS#9067 fix syntax evaluation of preferredDeliveryMethod
2019-08-26 17:14:25 +01:00
Quanah Gibson-Mount
efbfc1fe95
ITS#9065 - Document correct attribute pwdGraceAuthnLimit
2019-08-19 15:45:31 +00:00
Quanah Gibson-Mount
d98317488f
ITS#9062 -- Honor TMPDIR in mkdep
2019-08-13 15:03:45 +00:00
Quanah Gibson-Mount
7cc34fa722
ITS#9063 -- Fix missing bold tag for tls_reqcert
2019-08-12 23:49:50 +00:00
Quanah Gibson-Mount
0eed0ccefc
ITS#7585 - Windows doesn't support LDAPI
...
Adjust patch for ITS#7585 as Windows does not have LDAPI support.
2019-07-23 14:45:16 +00:00
Quanah Gibson-Mount
4ccd139355
Revert "use AI_ADDRCONFIG if defined in the environment"
...
This reverts commit ebf0ef5cb1
.
Depends on custom glibc from RedHat
2019-07-19 16:24:45 +00:00
Howard Chu
92b03e82e0
ITS#7657 honor unchecked limit
2019-07-17 10:17:43 +01:00
Howard Chu
e90e8c7d3c
ITS#7657 back-mdb improve alias deref
...
Don't search for scopes of entries with no children
2019-07-15 16:47:18 +01:00
Ondřej Kuzník
230b853488
ITS#8427 Take late TLS configuration into account
2019-07-15 17:01:08 +02:00
Ondřej Kuzník
39fc8a7c96
ITS#8427 Set up a regression test
2019-07-15 17:01:08 +02:00
Howard Chu
5fec7b777f
ITS#8977 don't use any stack allocated IDLs
...
Trying again, fixed previous attempt
2019-07-11 15:47:03 +01:00
Howard Chu
0fa0f8ff07
ITS#9052 zero out sasl_ssf in connection_init
2019-07-10 21:29:39 +01:00
Ondřej Kuzník
15137bf76f
ITS#9038 Another test028 typo
2019-07-08 23:29:04 +00:00
Howard Chu
f6766f1a1f
Revert "ITS#8977 don't use any stack allocated IDLs"
...
This reverts commit bfe9152c4c
.
2019-07-03 17:20:34 +01:00
Howard Chu
bfe9152c4c
ITS#8977 don't use any stack allocated IDLs
2019-07-03 16:59:53 +01:00
Quanah Gibson-Mount
403c01b5e6
Fix previous commit. It broke builds where --with-cyrus-sasl=no is set.
2019-06-27 17:44:18 +00:00
Howard Chu
ec411582d6
ITS#8977 make sure olcBackend entry is created
2019-06-27 15:33:09 +01:00
Quanah Gibson-Mount
c4df431c6c
ITS#8977 - Note allowed value range for idlexp
2019-06-26 18:15:32 +00:00
Howard Chu
b02807ea2f
Cleanup limits in cyrus.c
2019-06-25 15:31:31 +01:00
Ondřej Kuzník
12f0242589
ITS#9038 Fix typo in test script
2019-06-24 16:37:23 +02:00
Ondřej Kuzník
17b5b3d7f8
Separate VERSION to its own paragraph
2019-06-21 13:44:06 +02:00
Ondřej Kuzník
b2f4cacd47
ITS#7996 Use a separate mutex in ldap_int_initialize
2019-06-21 12:19:38 +02:00
Ondřej Kuzník
c06dc95cf9
ITS#8799 Let the common backend be configured through cn=config
2019-06-20 17:03:27 +02:00
Ondřej Kuzník
747679256c
Resolve conflict between ITS#7492 and ITS#7520
2019-06-20 17:03:27 +02:00
Ondřej Kuzník
60754d77c8
ITS#8755 Do not close the default SockBuf a second time
2019-06-20 16:58:25 +02:00
Ondřej Kuzník
75e0eba1f7
ITS#9000 memberof: noop a noop rename
2019-06-20 16:55:13 +02:00
Ondřej Kuzník
eb5a58487b
ITS#9038 Update test028 to test this is enforced
2019-06-19 18:47:32 +02:00
Howard Chu
fbe5611e60
ITS#9038 restrict rootDN proxyauthz to its own DBs.
...
Treat as normal user for any other DB.
2019-06-19 12:40:19 +01:00
Quanah Gibson-Mount
bc61773904
ITS#8286 - Add missing matching rules
...
Add missing matching rules for the cn=config schema elements for:
slapd-null
slapd-relay
slapo-chain
2019-06-18 17:31:55 +00:00
Jame Gerwe
6c177e6629
ITS#8794 - Fix implicit declaration for ldap_is_ldapc_url
...
Fix building OpenLDAP with -DLDAP_CONNECTIONLESS so that ldap_is_ldapc_url function is defined
2019-06-17 17:25:29 +00:00
Quanah Gibson-Mount
85ccf7bbac
ITS#8997 - Fix segfault by setting return code value
...
Fix case with back-ldap where an entry was returned but didn't match the filter being applied by setting the return code value before dropping to cleanup.
2019-06-17 17:15:00 +00:00
Ondřej Kuzník
be55ce8087
ITS#8637 Reject multiple chain URIs just like slapd.conf
2019-06-17 16:05:44 +00:00
HAMANO Tsukasa
77119a1f6f
ITS#8349 - Fix ppolicy behavior when pwdInHistory is changed
2019-06-17 15:55:15 +00:00
Ondřej Kuzník
d40b357f5d
ITS#8964 Do not free original filter
2019-06-17 12:49:25 +02:00
Ondřej Kuzník
6a5e30674b
ITS#8671 Expose OpenLDAP specific interfaces in openldap.h
2019-06-14 11:52:35 +02:00
Ondřej Kuzník
02df0b485a
ITS#8427 Only do StartTLS if configured
2019-06-13 12:12:54 +02:00
Ondřej Kuzník
5e8aa3f6d1
ITS#8754 Don't try IPv6 addresses unless configured to
2019-06-13 10:24:43 +02:00
Côme Chilliet
2cac3ceb03
ITS#8674 Return correct result from ldap_create_assertion_control_value
...
ldap_create_assertion_control_value was returning ld->ld_errno
upon success without reseting it to LDAP_SUCCESS first
2019-06-12 16:57:13 +02:00
Ondřej Kuzník
1273a38eda
ITS#8427 Set up TLS settings on each reconnection
2019-06-12 16:40:04 +02:00