Commit Graph

12247 Commits

Author SHA1 Message Date
Ondřej Kuzník
129dcfbd86 ITS#8731 General Debug() related fixes 2019-02-15 16:51:53 +00:00
Howard Chu
a70b887e6c ITS#8977 fix prev commit 2019-02-15 16:12:41 +00:00
Howard Chu
c8b806b676 ITS#8977 make IDL size configurable 2019-02-15 14:37:51 +00:00
Nadezhda Ivanova
17f1e32b65 ITS#8841 Fix an assertion error in back-meta when network interface is unavailable
Because an API error code was assigned to sr_err, on network error back-meta would cause
an assert error at result.c: 830

assert( !LDAP_API_ERROR( rs->sr_err ) );
2019-02-14 14:41:42 +00:00
Howard Chu
6e2bac6465 ITS#7770 schema fixup 2019-02-04 02:50:17 +00:00
Howard Chu
e19c683c41 ITS#7770 add mdb_stat info to cn=monitor 2019-02-03 11:08:24 +00:00
Howard Chu
299a6ca0f4 ITS#8971 tweak prev commit
Check for BVISNULL, maybe rootDSE is a valid reqDN
2019-02-02 22:48:53 +00:00
Howard Chu
f052e94593 ITS#8971 most exops have no reqDN 2019-02-02 21:45:04 +00:00
Howard Chu
765dfaf0e4 ITS#8963 use BIND timeout for start_tls
Since we only support it in conjunction with Bind anyway, not
as a standalone op
2019-01-31 23:37:03 +00:00
Howard Chu
86b486e20a Schema cleanup 2019-01-30 14:06:09 +00:00
Howard Chu
e8c62bf8b4 ITS#8966 add changelog support to syncrepl consumer
Tested against DSEE7. The DSEE binaries must be in your path to run the test script.
2019-01-29 18:51:43 -08:00
Howard Chu
7b587018ec ITS#8472 only do index cleanup if DB is running 2019-01-25 18:11:58 +00:00
Howard Chu
e33d1c5461 ITS#6300 fix kqueue initialization 2019-01-15 21:39:46 +00:00
Quanah Gibson-Mount
b45a6a7dc7 Happy New Year! 2019-01-14 18:46:16 +00:00
Ondřej Kuzník
518e857c03 ITS#8663 Fix memberof SLAP_CONFIG_EMIT 2019-01-14 11:44:35 +00:00
Howard Chu
054c91335b ITS#8952 use msec for epoll / devpoll event wait 2019-01-02 21:51:48 +00:00
Howard Chu
dd760f2abc More for NULL modrdn modlist 2018-12-22 12:58:08 -08:00
Howard Chu
43d5d99494 More for NULL modrdn modlist 2018-12-22 10:40:59 -08:00
Howard Chu
ff6a671e64 MSAD dirsync fixes
Don't hijack whenCreated attribute for createTimestamp
Don't add RDN to entry on modrdn
free cookie on cleanup
2018-12-22 09:08:10 -08:00
Howard Chu
48461cbf7f Allow NULL modlist in modrdn
For compat with MSAD which doesn't add the naming attribute to
the entry during a rename
2018-12-22 09:00:34 -08:00
Howard Chu
6e6e6083b0 cleanup attr.c
rename attr_list to attrs_list to avoid confusion with at.c in gdb
2018-12-22 08:59:20 -08:00
Howard Chu
b4364baca7 Dirsync delete/modrdn fixes
Delete could try to queue a NULL syncCSN (dirsync has none)
Modrdn could try to delete a nonexistent oldRDN (leftover from #7144)
2018-12-22 05:21:56 -08:00
Thorsten Glaser
e0a7049ee5 ITS#8890 fix benign typos
No functional impact
2018-12-18 22:56:18 +00:00
Howard Chu
d8f8a60be8 More for privateKey tweak
Leave olcTLSCertificateKey as its own attr, not a subtype
2018-12-18 21:59:59 +00:00
Howard Chu
0e8c2d5a54 Tweak privateKey schema
We're using PKCS#8 syntax, drop the OpenLDAP syntax OID.
Rename attribute accordingly.
Tweak validator to accept encrypted keys.
2018-12-18 21:27:24 +00:00
Quanah Gibson-Mount
4e23cfc4a9 ITS#8286 - Additional fixes
Fix incorrect matching rules for olcTLSCertificateKey and olcDbCryptKey
Fix SYNTAX for olcRootPW to be octetString
2018-12-18 21:05:09 +00:00
Quanah Gibson-Mount
71a5d7cc0f Fix integerMatch to booleanMatch 2018-12-18 19:26:37 +00:00
Quanah Gibson-Mount
3add82a3bb ITS#8286 -- Add matching rules for attributes
Add matching rules for all cases where it was missing.  Cleanup
incorrect types for a few attributes as well.  Fix network-timeout
handling in back-ldap/meta/asyncmeta.
2018-12-18 19:14:06 +00:00
Ondřej Kuzník
c29542c418 ITS#8845 sc_extendedops is read-only 2018-12-18 18:34:23 +01:00
Howard Chu
190fccbcdc Missed a schema conflict 2018-12-17 16:21:03 -08:00
Howard Chu
9cc97ea9e1 MS AD DirSync support
Requires "attribute_option range=" in config.
No test script provided yet, since testing requires an actual AD server.
2018-12-17 16:11:25 -08:00
Howard Chu
2731ff0c23 ITS#5927 additional fix
Fix 2ee43073e9 to recognize range tags
2018-12-17 13:44:25 -08:00
Howard Chu
12dbcc0eb3 More for revert batched writes 2018-12-14 12:39:07 -08:00
Howard Chu
79ced664b8 Revert batched writes experimental code
Reverts
bea2c5d438
535cf92ff4
5a3a54333c
afa9a9c3e0
due to backend deadlocks
2018-12-13 06:34:54 -08:00
Howard Chu
6081a0307c ITS#8752 cleanup prev commit 2018-12-06 10:26:33 -08:00
Howard Chu
34823321c3 ITS#8752 more for accesslog deadlock
Restructure response/cleanup invocation to avoid cleanup happening before response
2018-12-06 10:03:27 -08:00
Howard Chu
a4fddc7b11 ITS#8932 check rdnNormalize success 2018-11-09 21:16:10 +00:00
Ondřej Kuzník
04a52cef40 ITS#8927 ppolicy: accept replicated changes even in MMR 2018-10-31 09:51:22 +00:00
Ondřej Kuzník
c351616ccd ITS#8866 Fix use-after free 2018-10-26 15:16:41 +01:00
Quanah Gibson-Mount
cd82de56c8 ITS#8866 (cont) slapo-unique
use correct memory allocation/free functions
2018-10-26 01:58:35 +00:00
Michael Ströder
7359a5413a ITS#8866 slapo-unique to return filter used in diagnostic message 2018-10-26 01:54:39 +00:00
Ondřej Kuzník
a2d93d69f0 ITS#8772 Remove reliance on the local rmutex implementation 2018-10-19 13:08:10 +01:00
Nadezhda Ivanova
33876e22d6 ITS#8859 Allow backends which do not need a database to work 2018-10-19 13:08:09 +01:00
Nadezhda Ivanova
d10fc664f7 ITS#8859 Enable backend configuration 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
1f2caff7b9 ITS#8859 Record the correct RDN 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
7127d5db11 ITS#8850 Wait until backends are closed before freeing connection_pool 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
f4e824c8da ITS#8849 Introduce (un)pause callbacks to backends 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
0f4d656a57 ITS#8849 Use server pause facility during config changes 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
fa2ba35ae8 ITS#8849 Introduce slap_(un)pause_server 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
df83989f0f Skip ITS#6545 transition markers when we change mod op 2018-10-18 10:41:43 +01:00
Howard Chu
1e30640037 ITS#8923 fix dyngroup NO_SUCH_OBJECT error handling 2018-10-03 21:58:32 +01:00
Howard Chu
38f95b9ab8 ITS#8918 fix typo 2018-09-24 13:47:09 +01:00
Howard Chu
78229b3a5b ITS#8912 omit hidden DBs from rootDse 2018-09-05 11:42:05 +01:00
Howard Chu
a29391d495 More for multival
fix index record detection
2018-09-01 13:07:58 +01:00
Howard Chu
ba80b97505 Fix index delete
Deleting all indices should also reset default mask
2018-08-31 14:33:22 +01:00
Howard Chu
83acffd83c More for multival
Fix clashes with index records
2018-08-31 14:27:23 +01:00
Howard Chu
8ec9a3bcca More for multival
Tweak config validity check
2018-08-30 15:47:16 +01:00
Howard Chu
111329a2dc More for back-mdb multival
Allow configuring thresholds for specific attributes
2018-08-30 11:24:25 +01:00
Howard Chu
6c221e7730 ITS#8909 additional tweak
Set error code on failure
2018-08-29 02:02:13 +01:00
Howard Chu
36e4dd2828 ITS#8909 fix "authz-policy all" condition
Broken since original commit 113727ba
2018-08-29 01:14:19 +01:00
Ondřej Kuzník
0f320b3442 Fail if we can't change to a directory 2018-07-25 16:19:54 +01:00
Howard Chu
776de6d796 More for back-mdb multival
Make sure a->a_numvals matches id2v counts
2018-07-18 17:58:10 +01:00
Ondřej Kuzník
b06f5b0493 ITS#8663 Improve memberof cn=config handling 2018-07-02 16:19:54 +01:00
Ondřej Kuzník
dac02c7ef1 ITS#8667 Do not finish glue initialisation in tool mode unless requested 2018-07-02 16:19:48 +01:00
Ondřej Kuzník
242ab9c6ef ITS#8845 Recognise control-exop compatibility 2018-07-02 16:18:26 +01:00
Howard Chu
8568716376 ITS#8868 don't convert IDL to range needlessly
in idl_intersection. It may lose precision in a subsequent union.
2018-06-22 00:31:04 +01:00
Ondřej Kuzník
8a259e3df1 ITS#8573 allow all libldap options in tools -o option 2018-06-14 16:19:10 +01:00
Howard Chu
5292fb3a3b Fix ldif-wrap errmsg typo 2018-06-13 16:19:04 +01:00
Howard Chu
9069cbe543 ITS#8616 don't check for existing value when deleting values 2018-05-24 17:53:10 +01:00
Ondřej Kuzník
77e87690c0 Make syntax highlighting/folding happier 2018-05-10 11:58:21 +01:00
Howard Chu
0ba50a1d06 ITS#8843 check for NULL modlist 2018-05-02 16:51:49 +01:00
Quanah Gibson-Mount
f32384ef44 ITS#8840 Fix domainScope control to ensure the control value is absent as per Microsoft specification (https://msdn.microsoft.com/en-us/library/aa366979%28v=vs.85%29.aspx). 2018-04-30 17:33:22 +00:00
Quanah Gibson-Mount
59e9ff6243 Happy New Year 2018-03-22 15:35:24 +00:00
Howard Chu
8300eee017 back-mdb Multival fixes
Fix multival logic on Replace
Fix return codes from modify_internal, id2entry_put
2018-02-28 22:37:38 +00:00
Howard Chu
08851a8200 ITS#8789 revert previous patch
And try another approach. Always write contextCSN updates, but
don't set dont_replicate for updates we want propagated.
2018-02-28 22:19:57 +00:00
Howard Chu
e0cc94a0b7 ITS#8789 avoid unnecessary writes of context entry
If syncprov is present, only write contextCSN attribute on
actual state changes, not on per-entry modifications.
Continue to update in-memory cookieState. Saves overhead,
syncprov will eventually checkpoint it into the DB anyway.
2018-02-21 19:51:59 +00:00
Howard Chu
434c306cbe Add debug msg if adding entry to logDB fails 2018-02-21 19:50:45 +00:00
Howard Chu
9fc6b894ec ITS#8752 accesslog: partially revert 3bb8b737ed 2018-02-21 19:48:02 +00:00
Howard Chu
dc3b3be429 ITS#8486 Don't keep sl_mutex locked when playing the sessionlog 2018-02-11 16:47:47 +00:00
Howard Chu
0c1ebd178c ITS#8801 Fix CSN queue processing 2018-02-08 00:18:00 +00:00
Howard Chu
4d1077ffa4 ITS#8800 remove originator check in syncprov_search_response
Let the entryCSN check do all the work. Reloading a server from an old
backup needs this to go thru.
2018-02-08 00:17:07 +00:00
Howard Chu
0eb577632f ITS#8607 Don't record checkpoints 2018-02-08 00:16:50 +00:00
Howard Chu
ca7f697e14 ITS#8100 fixes for delta-syncrepl with empty accesslog
Update syncprov contextCSNs when context entry is added.
Fix accesslog to properly tag Add op when adding context entry.
2018-01-30 21:40:05 +00:00
Ondřej Kuzník
52f7daab01 ITS#8796 Fix SSF reset
Maintain the SSF across SASL binds.
2018-01-15 16:58:58 +00:00
Hallvard Furuseth
57253688b3 ITS#8778 Fix telephoneNumberNormalize("-" or " ") 2017-11-26 21:22:23 +01:00
Quanah Gibson-Mount
c5b73dd85b ITS#6300 -- Update for multi-listener support 2017-10-19 14:55:01 -07:00
Bryan Duncan
a25046535c ITS #6300: Added support for using kqueue in slapd (for systems that support kqueue(2).
Patch obtained from:
        http://public.me.com/bryan.duncan/bryan-duncan.kqueue.090922.patch

 # This patch file is derived from OpenLDAP Software. All of the
 # modifications to OpenLDAP Software represented in the following
 # patch(es) were developed by Apple.  I, Bryan Duncan, am authorized by
 # Apple, my employer, to release this work under the following terms.
 #
 # Copyright 2009 Apple Inc. All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted only as authorized by the OpenLDAP
 # Public License.
 #
 # A copy of this license is available in file LICENSE in the
 # top-level directory of the distribution or, alternatively, at
 # http://www.OpenLDAP.org/license.html.
 #
2017-10-19 14:54:50 -07:00
Howard Chu
3bb8b737ed ITS#8752 accesslog: cleanup should only be called on failures 2017-10-14 11:22:53 +01:00
Howard Chu
03ee55d725 Revert "ITS#8752 ppolicy: don't call same cleanup twice"
This reverts commit 1c963f4739.

Revert "ITS#8752 make sure all cleanups are called in overlay_op_walk"

This reverts commit b0ad788b8a.
2017-10-13 18:47:25 +01:00
Howard Chu
1c963f4739 ITS#8752 ppolicy: don't call same cleanup twice
fallout from b0ad788b8a
2017-10-13 17:39:37 +01:00
Howard Chu
0d7489b908 ITS#8752 fix syncrepl deadlock from updateCookie
Must release cookieState->cs_mutex before invoking backend.
Add a condvar to serialize calls of updateCookie, so we can
release the mutex and still update sequentially.

Also added tid logging, useful in conjunction with
7ab0e1aff0cc48cdfb299ca7dbd27900a9e3d1a8
2017-10-13 17:28:57 +01:00
Howard Chu
4a574324fd ITS#8752 additional debug info, thread ID of rmutex lockers 2017-10-13 17:28:46 +01:00
Howard Chu
b0ad788b8a ITS#8752 make sure all cleanups are called in overlay_op_walk 2017-10-13 17:28:38 +01:00
Howard Chu
065b315f0d fix syncprov_qtask race, test062 crashes
Keep s_mutex locked until we know we're removed from queue.
Remember qtask cookie so we can retract if ineeded when deleting
the overlay from running slapd.

config_delete is still unsafe, overlay_remove is running with active
threadpool instead of paused pool.
2017-10-13 17:28:28 +01:00
Josh Soref
10566c8be3 ITS#8605 - spelling fixes
* javascript
* kernel
* ldap
* length
* macros
* maintained
* manager
* matching
* maximum
* mechanism
* memory
* method
* mimic
* minimum
* modifiable
* modifiers
* modifying
* multiple
* necessary
* normalized
* objectclass
* occurrence
* occurring
* offered
* operation
* original
* overridden
* parameter
* permanent
* preemptively
* printable
* protocol
* provider
* really
* redistribution
* referenced
* refresh
* regardless
* registered
* request
* reserved
* resource
* response
* sanity
* separated
* setconcurrency
* should
* specially
* specifies
* structure
* structures
* subordinates
* substitution
* succeed
* successful
* successfully
* sudoers
* sufficient
* superiors
* supported
* synchronization
* terminated
* they're
* through
* traffic
* transparent
* unsigned
* unsupported
* version
* absence
* achieves
* adamson
* additional
* address
* against
* appropriate
* architecture
* associated
* async
* attribute
* authentication
* authorized
* auxiliary
* available
* begin
* beginning
* buffered
* canonical
* certificate
* charray
* check
* class
* compatibility
* compilation
* component
* configurable
* configuration
* configure
* conjunction
* constraints
* constructor
* contained
* containing
* continued
* control
* convenience
* correspond
* credentials
* cyrillic
* database
* definitions
* deloldrdn
* dereferencing
* destroy
* distinguish
* documentation
* emmanuel
* enabled
* entry
* enumerated
* everything
* exhaustive
* existence
* existing
* explicitly
* extract
* fallthru
* fashion
* february
* finally
* function
* generically
* groupname
* happened
* implementation
* including
* initialization
* initializes
* insensitive
* instantiated
* instantiation
* integral
* internal
* iterate
2017-10-11 14:39:38 -07:00
Quanah Gibson-Mount
fd5ad3ef39 ITS#8527 - Add additional debug logging on consumer/provider state when the consumer has a newer cookie than the provider 2017-10-11 14:32:25 -07:00
Ondřej Kuzník
3258bf40eb ITS#8291 Reopen cursor after delete 2017-10-11 14:32:08 -07:00
Emmanuel Lécharny
77408ac781 ITS#8153 - olcTimeLimit should be Single Value 2017-10-11 14:31:51 -07:00
Ivan Nejgebauer
cb9a4d01bc ITS#8037 - Add support for relax control to delta-syncrepl 2017-10-11 14:31:45 -07:00
Michael Ströder
636b63b5fd ITS#8692 let back-sock generate increment: line in case of LDAP_MOD_INCREMENT (see RFC 4525, section 3) 2017-10-11 13:04:38 -07:00
sca+openldap@andreasschulze.de
90835da72f ITS#8578 - remove unused-variables in RE24 testing call (2.4.45) 2017-10-06 10:45:08 -07:00
Nadezhda Ivanova
da170cbe3b ITS#8404 Fix an assertion failure during modify of olcDbRewrite in back-meta 2017-10-06 10:44:54 -07:00
Ted C. Cheng
e20ac6b539 ITS#7520 - back-ldap omit-unknown-schema changes 2017-10-06 10:44:31 -07:00
Ondřej Kuzník
08492987a0 ITS#7100 Update entryTtl behaviour to match RFC 2589 2017-10-06 10:43:48 -07:00
Howard Chu
70e54d2527 ITS#8752 fix syncrepl null_callback
Make sure it's last in callback stack
2017-10-05 22:13:39 +01:00
Quanah Gibson-Mount
0d4cd89786 LDAP_FEATURE_SUBORDINATE_SCOPE is from expired draft-sermersheim-ldap-subordinate-scope, leave behind LDAP_DEVEL 2017-09-26 11:51:27 -07:00
Quanah Gibson-Mount
30e2a904dc Move a bunch of featuers back behind LDAP_DEVEL for 2.5
SLAP_AUXPROP_DONTUSECOPY is ok for release
2017-09-26 11:35:50 -07:00
Quanah Gibson-Mount
86105092bd CHECK_CSN is a debug only flag for testing. It should always remain
behind LDAP_DEVEL
2017-09-26 11:30:50 -07:00
Quanah Gibson-Mount
a9ff0e97fc ITS#6817 - back-meta work for SLAP_AUTH_DN was never finished according
to the ITS notes.  In addition, this would need man page updates for the
feature
2017-09-26 11:27:15 -07:00
Quanah Gibson-Mount
41a9010773 The support for unindexed attributes being tracked in back-monitor needs
to remain behind LDAP_DEVEL for now.  Right now, the mutex in
back-monitor cannot properly handle the load if the server had a lot
of unindexed attributes that were being accessed in search filters.
2017-09-26 11:04:45 -07:00
Quanah Gibson-Mount
7246da8a66 Whitespace cleanup 2017-09-26 10:33:01 -07:00
Quanah Gibson-Mount
04cfd144d9 Fix additional compile for /dev/poll support. /dev/poll is neither tested nor supported. 2017-09-22 12:05:18 -07:00
Quanah Gibson-Mount
2085def079 Merge branch 'master' of ssh://git-master.openldap.org/~git/git/openldap 2017-09-19 15:21:56 -07:00
Quanah Gibson-Mount
09bec057e5 Fix calls to SLAP_DEVPOLL_SOCK_LX for multi-listener support. Support
for /dev/poll is neither enabled nor tested, so other issues may exist.
2017-09-19 15:20:56 -07:00
Howard Chu
20e46d8494 ITS#8725 fix 75999a18c3
Not needed since callback uses tmpalloc
2017-09-08 21:36:05 +01:00
Nadezhda Ivanova
82737719c8 ITS#8725 Always remove listener descriptors from daemon on shutdown 2017-09-08 19:43:59 +01:00
Howard Chu
db3909d27d ITS#8725 add slap_sl_mark / slap_sl_release
For fast cleanup after constructing disposable entries
2017-09-08 17:39:22 +01:00
Howard Chu
68e064ca84 ITS#8725 Avoid listener thread startup race
Typically only shows up under valgrind, not in regular runs
2017-09-08 17:39:22 +01:00
Howard Chu
8b1fb962fc ITS#8725 connection fixes
Fix op_finish, must resched connection to pick up pending ops.
Fix op completion counter.
2017-09-08 17:39:14 +01:00
Howard Chu
63308ef6bb ITS#8725 backover fixes for async
Fix some valgrind race conditions - wait for frontend to finish up
Don't set callbacks for abandon or unbind - since they have no response
Use tmpalloc for backover callback
2017-09-08 17:25:55 +01:00
Nadezhda Ivanova
c6e00c7b0f ITS#8725 Fix an invalid data access during add operations if backend is asynchronous 2017-09-08 16:51:27 +01:00
Howard Chu
75999a18c3 ITS#8725 Add SLAPD_ASYNCOP return code
Tell frontend the op will finish asynchronously, leave it alone
2017-09-07 18:07:39 +01:00
Howard Chu
afa861bf22 ITS#8719 add crypt_r() support 2017-09-06 21:25:16 +01:00
Michael Ströder
b65e0b5731 ITS#8714 Send out EXTENDED operation message from back-sock 2017-09-06 15:32:28 +01:00
Howard Chu
bb62d9cb73 ITS#8270 use the configured exop timeout for StartTLS
Also, there's no need for a retry loop here. Just wait for
the specified timeout or give up.
2017-08-31 16:53:45 +01:00
Ondřej Kuzník
9e156bf914 ITS#8444 Do not clear the pending operation when checkpointing
When a checkpoint happens, if we remove the CSN from the pending list,
accesslog won't pass it onto the accesslog DB. But in a delta-mmr
scenario, an accesslog entry without a CSN faces a race where it might
be applied twice - that usually fails and causes a full refresh, other
times it can cause a silent desync - both are undesirable.
2017-08-25 16:52:13 +01:00
Howard Chu
a9f462d615 ITS#8690 one more time 2017-08-04 20:58:07 +01:00
Howard Chu
c9e56b80f3 ITS#8690 fix again 2017-08-04 13:40:34 +01:00
Howard Chu
bcc6601091 Revert "ITS#8690 refix"
This reverts commit a5f3a2885c.
2017-08-04 13:34:03 +01:00
Howard Chu
a5f3a2885c ITS#8690 refix
Don't double-queue delete ops
2017-08-02 00:52:13 +01:00
Howard Chu
221dd43399 ITS#8226 optimization
Don't release read txn unless there has actually been a new write txn
2017-08-01 22:08:50 +01:00
Howard Chu
9827569ff0 ITS#8690 fix prev commit 2017-08-01 21:57:02 +01:00
Howard Chu
5bd89a1f1f Cleanup uninit'd vars 2017-08-01 21:47:15 +01:00
Howard Chu
1fbc0dff88 ITS#8690 plug memleak on Delete ops 2017-07-21 19:04:08 +01:00
Quanah Gibson-Mount
50d1588b2e ITS#8697 - For Windows builds with newer MINGW, remove refptr symbols
mappings from slapd.def
2017-07-20 17:11:01 -07:00
Howard Chu
375db33d13 ITS#8678 temporary hack 2017-06-22 18:09:48 +01:00
Ryan Tandy
0cee1ffb60 ITS#8655 fix double free on paged search with pagesize 0
Fixes a double free when a search includes the Paged Results control
with a page size of 0 and the search base matches the filter.
2017-05-20 18:28:54 +00:00
Kevin Lam
11bf6bc10a ITS#8592 Fix double free in sssvlv overlay 2017-04-26 11:05:00 -07:00
Howard Chu
2975a1d6f1 Tweaks for OpenSSL 1.1 API deprecations 2017-04-19 20:19:09 +01:00
Howard Chu
c0ff8e8a21 Delete extraneous #define
Was only for convenience during testing
2017-04-19 19:27:02 +01:00
Quanah Gibson-Mount
87f3477626 Fix autoca build with OpenSSL 1.1.0 2017-04-18 13:40:05 -07:00
Ondřej Kuzník
1b14198ad9 ITS#8631 Initialize sal 2017-04-10 14:24:56 +01:00
Howard Chu
29833786ad Cleanup unused vars 2017-04-10 00:54:21 +01:00
Howard Chu
d089b3c0d1 Tweak privateKeyValidate
Only accept PKCS#8 private keys
2017-04-10 00:51:09 +01:00
Howard Chu
25dc9e99ea Cleanup warnings, unused vars, etc. 2017-04-09 23:42:22 +01:00
Howard Chu
cff264c6e1 Fix autoca schema init
Wait for core.schema to get loaded
2017-04-09 22:45:36 +01:00
Howard Chu
268f71cb27 autoca fixups
Move install of CA cert to a pool thread, otherwise cn=config deadlocks
on dynamically loaded overlay.

Dup/release entry before attempting to modify it, to avoid deadlocks
in back-bdb/hdb.

Always use PKCS#8 format when storing private keys.
2017-04-09 20:31:11 +01:00
Howard Chu
f33c7d1ee6 Fixup for ;binary config attrs
Use the plain attributeDescription when searching config tables
2017-04-09 20:29:47 +01:00
Howard Chu
0f9ec8322f Add localDN config
If a cert is generated for this DN, configure it as the local
TLS cert/key
2017-04-09 16:44:14 +01:00
Howard Chu
b939bb519e Set the CA cert in cn=config if none was already set 2017-04-09 15:42:17 +01:00