Commit Graph

6939 Commits

Author SHA1 Message Date
Howard Chu
3d491808a8 Fixes for MingW: (passes test007, with LDAP_DIRSEP tweaks in slapd.conf)
must include <ac/stdlib.h> to get MAX_PATH defined.
  use LDAP_DIRSEP instead of '/' in paths
  define truncate/ftruncate macros, etc.
2002-05-16 10:51:45 +00:00
Kurt Zeilenga
54d93cc003 From: h.b.furuseth@usit.uio.no
Subject: Patch: str2entry() dereferences NULL  (ITS#1822)

entry.c:str2entry() prints pdn->bv_val even though pdn is always
NULL.  pdn was pretty dn before version 1.80.
2002-05-15 20:55:43 +00:00
Kurt Zeilenga
4e51bba217 Patch: Implement surrogate parent for back-shell (ITS#1815)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

A surrogate parent is supposed to keep back-shell children from
deadlocking due to resources locked by a threading parent.

Implementation note: The surrogate parent closes all unused file
descriptors, so it logs errors to stderr instead of via Debug() and
uses relloc() instead of ch_realloc().

Also close a file descriptor leak if fork() fails in fork.c.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.
2002-05-15 06:18:14 +00:00
Kurt Zeilenga
d8388e461d remove cruft 2002-05-15 06:09:17 +00:00
Kurt Zeilenga
c3a59a6407 Remove sys/uio.h include 2002-05-15 05:53:10 +00:00
Kurt Zeilenga
36d9d9729c Fix typo in last commit. 2002-05-15 05:44:46 +00:00
Kurt Zeilenga
10a3a1b9c9 Patch: back-shell/searchexample.* nitpicks (ITS#1816)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

searchexample.conf needs core.schema, otherwise it fails on the suffix
DN.  searchexample.sh has a spurious 'sleep', probably from testing.
Also, I suggest 'chmod +x searchexample.sh'.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.
2002-05-15 05:17:08 +00:00
Howard Chu
d2ee3d52a3 Once more, fix idl_intersection. Don't walk past end of arrays. 2002-05-15 03:05:05 +00:00
Howard Chu
a2d310f92e Fix nameUIDvalidate memfree 2002-05-15 00:48:47 +00:00
Kurt Zeilenga
1107e78c5f update SASL compat test to check for 1.5 compatibility 2002-05-13 20:16:44 +00:00
Kurt Zeilenga
53257cf037 Update SASL compat test to check for 1.5 compatibility 2002-05-13 20:16:10 +00:00
Kurt Zeilenga
82dc573752 Always check SASL compatibility
(Cyrus SASL 2 library may not be called -lsasl2).
2002-05-13 18:48:27 +00:00
Howard Chu
856e21296a Cleanup log msg 2002-05-12 19:21:12 +00:00
Howard Chu
2d94a2016c Check for NULL before comparing authcid 2002-05-12 18:42:43 +00:00
Howard Chu
d7060d19f3 Skip processing if canonicalization is invoked redundantly (SASL PLAIN).
Truncate large username instead of failing with SASL_BUFOVER; we only care
about the DN anyway. (SASL 2 only)
2002-05-12 18:40:37 +00:00
Howard Chu
aea521bec2 Fix, SASL authzIDs might not be NUL-terminated. prop names must only be
set once; setting erases all existing values.
2002-05-11 20:19:55 +00:00
Howard Chu
da7a5a8e79 Fix typo in 1.97 2002-05-11 19:24:04 +00:00
Howard Chu
b2e731a3e0 Win32 fix from Kervin Pierre 2002-05-11 18:15:07 +00:00
Howard Chu
dfae2441eb Cleaned up getdn normalization 2002-05-11 08:07:18 +00:00
Howard Chu
379f84ba47 Fix previous commit, free in wrong place 2002-05-11 06:58:13 +00:00
Howard Chu
b057507e23 Cleanup HAVE_TLS dependencies, cleanup username with embedded realm handling 2002-05-10 19:26:35 +00:00
Howard Chu
9979d200db Fleshed out debug2syslog 2002-05-10 17:48:54 +00:00
Kurt Zeilenga
445b7982d7 Patch: back-passwd needs pwent mutex (ITS#1794)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

back-passwd uses getpwent() and setpwfile(), which use static data.
It needs a mutex to make sure these operations can complete without
interference from another back-passwd call.  Here is a patch.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.
2002-05-09 02:26:05 +00:00
Kurt Zeilenga
15e6a98bba Patch: Non-unique msgid for abandon in back-<shell,tcl> (ITS#1793)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

Here is a patch which does what I described.  Of course, someone has
to decide if that is the right solution:-)
- Add an "opid:" line to the input to back-shell commands.
- Add an "abandonid: <opid> line to back-shell/abandon input.
- Replace message id with opid in back-tcl arguments.
- Add an abandonid = <opid> argument to back-tcl/abandon.
An opid (operation ID) is a "connection ID/message ID" string.  I
would have liked to use another name to avoid confusion with struct
slap_op->o_opid, but I could not think of another apt word.

This also fixes ITS#1784 and ITS#1792.  Since calling conventions
changed anyway, I fixed back-shell by adding abandonid: and making
opid: always be the ID of the current operation.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.
2002-05-09 02:11:39 +00:00
Kurt Zeilenga
2ab8810555 Documentation patch #4 (ITS#1749)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

Small changes:
- Fix typo slapd_meta -> slapd-meta in slapd-meta(5).
- Add slapd-dnssrv(5) to SEE ALSO in slapd.conf(5).
- Add descriptions of the files in FILES sections.
- Add $HOME/.udrc to FILES in ud(1) and ud.conf(5).
- Add ldaprc (without ".") and ENVIRONMENT VARIABLES in ldap.conf(5).
- Change manpage references to proper ".BR name (section)".

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.
2002-05-09 02:07:41 +00:00
Howard Chu
da36670ea3 Don't use slap_empty_bv in structures that are expected to be free'able. 2002-05-08 23:16:17 +00:00
Howard Chu
9ba9ac4d9e Fix dnParent: must always return a pointer relative to the input pointer. 2002-05-08 23:04:11 +00:00
Howard Chu
41c5a36376 Require 2.1.3 or higher for Cyrus SASL 2 2002-05-07 23:56:59 +00:00
Howard Chu
fbe4785c5a Delete unused CANON_BUF_SIZE #define 2002-05-07 23:29:19 +00:00
Howard Chu
6f47e13147 Cyrus 2 support now requires Cyrus 2.1.3. Adds support for in-directory
SASL secrets. (Only works with plaintext userpassword tho.)
2002-05-07 23:08:23 +00:00
Howard Chu
3831d98237 Turn these functions on again. Need backend_attribute for SASLauthz stuff.
Fix to work with NULL op.
2002-05-07 22:35:01 +00:00
Howard Chu
a067d64c3a Fixes for slap_sasl_regexp parsing and normalization 2002-05-07 18:46:32 +00:00
Howard Chu
56f1355968 Added comment for future reference re: in-directory secrets 2002-05-07 02:17:34 +00:00
Howard Chu
2ca4b0ebfc ITS#1806, Cyrus 1 doesn't give back our callbacks pointer, must stash it
ourselves.
2002-05-06 23:56:35 +00:00
Howard Chu
a039bd97ea ITS#1803, bogus free() of lber-private memory. 2002-05-06 16:51:00 +00:00
Howard Chu
ae3a80eb09 Fix in 1.50 applies to Cyrus 1 as well as Cyrus 2. 2002-05-05 19:15:29 +00:00
Kurt Zeilenga
f9687f6c2a Patch: incomplete 'make clean' in liblunicode (ITS#1791)
In liblunicode, 'make clean' and 'make distclean' do not remove
the symlinks ucdata.h and ure.h.

from Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>
2002-05-04 23:13:51 +00:00
Pierangelo Masarati
bffa43e743 fix formats 2002-05-04 11:07:28 +00:00
Pierangelo Masarati
b0d1a52975 remove unused variables 2002-05-04 11:07:04 +00:00
Howard Chu
e8e7847175 ITS#1797 silence uninit'd var warnings 2002-05-04 10:52:05 +00:00
Howard Chu
55cefef7ee ITS#1797 err used unit'd in Debug statement. (removed) 2002-05-04 10:50:24 +00:00
Kurt Zeilenga
46e33e4634 Fix typos 2002-05-04 04:35:41 +00:00
Kurt Zeilenga
7b1d619a58 Basic dnssrv man page 2002-05-04 04:34:58 +00:00
Howard Chu
3590877b77 Initialize authid in case ldap_pvt_tls_get_my_dn fails 2002-05-04 01:32:41 +00:00
Howard Chu
ef678b179c ITS#1795 authid is uninit'd if tls_get_cert fails 2002-05-04 01:28:56 +00:00
Howard Chu
846a5832bb Set tls_opt_require_cert to default to NEVER. libldap defaults to DEMAND
due to client needs, we change it back here.
2002-05-04 00:07:12 +00:00
Howard Chu
0390a171b9 Changed default tls_opt_require_cert value to LDAP_OPT_X_TLS_DEMAND; force
a fatal error when TLS server cert verification fails.

Changed ldap_pvt_tls_check_hostname to return LDAP_SUCCESS when no cert is
found: this can now only occur if tls_opt_require_cert was explicitly set
to NEVER or ALLOW.

In tls_verify_cb, added a text translation of the verification error code
to the debug message.
2002-05-04 00:05:48 +00:00
Kurt Zeilenga
9d39e1e672 fix uninitialized counter in matched values 2002-05-03 19:00:52 +00:00
Howard Chu
a352bcaa16 Fix DN freeing in BDB_HIER case. (BDB_HIER is still broken, seems to have
a bad interaction with the entry cache.)
2002-05-03 14:47:29 +00:00
Howard Chu
203c410243 Fix dependency typo from 1.99 2002-05-03 14:42:14 +00:00