mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-03-07 14:18:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,121 Commits 38 Branches 307 Tags 77 MiB
5456f4ed18
Commit Graph

300 Commits

Author SHA1 Message Date
Kurt Zeilenga
b217a4fc51 Remove lint, remove YEAR_PEDANTIC macro, update comment. 1999-07-27 00:36:33 +00:00
Kurt Zeilenga
de67e6d327 Fix leak of default filter. 1999-07-23 22:02:57 +00:00
Kurt Zeilenga
eb4c486b90 Update RFC comments 1999-07-23 21:56:21 +00:00
Kurt Zeilenga
5fea91c3ec Accept ldap://foo:port (ie: no trailing '/') 1999-07-23 21:54:18 +00:00
Julio Sánchez Fernández
9cdd2c2037 ldap_url_parse was fundamentally broken. It would quit before 
time, skipping the filter, for instance.  Also, we were parsing
twice the scope and the filter.  I think this change is right,
but could use more eyeballs...
 1999-07-23 20:36:11 +00:00
Randy Kunkee
6bef298437 Remove extra code (non-functional change, just produces warning on OSF4.0e). 1999-07-23 00:56:56 +00:00
Kurt Zeilenga
d147e609d2 Implement TCP_NODELAY on both client and server side. 1999-07-22 21:49:35 +00:00
Kurt Zeilenga
42304b7ada Fix control parsing and controls free routine. 1999-07-22 04:47:58 +00:00
Kurt Zeilenga
17eb202732 Unhex url extensions. 1999-07-21 20:44:40 +00:00
Julio Sánchez Fernández
5f53b747a5 Partial support for a new option to help debug TLS connections, 
not yet user-settable.  Defaults "on" for now.
Partial support for temporary RSA keys, skeleton for DH.
Add call to X509V3_add_standard_extensions() on init, mod_ssl
does this too, but I am unsure about what it does.
Move management of client CA certificates to a new routine, since
it is going to get more complex than the current code.
 1999-07-21 19:18:08 +00:00
Julio Sánchez Fernández
e892ebfc5e Some content for tls_verify_cb where parts of our policy should 
be implemented.

The rest of this change mostly contains random ideas taken from
mod_ssl.  The purpose is to get the repository in sync with the
code I am testing.  I still can't manage to make Netscape send
its certificate to slapd, though it works with Apache/mod_ssl
(with the same certificates).  Trying s_client against both
does not shed any light.  If anyone manages to make it work,
please let us know.
 1999-07-20 18:31:53 +00:00
Julio Sánchez Fernández
463a7ec91d We were freeing lud_dn when when lud_host was meant, leading to 
arena corruption.
 1999-07-20 11:11:57 +00:00
Kurt Zeilenga
543aafd991 Implement RFC2255 URL format. 1999-07-19 19:32:47 +00:00
Kurt Zeilenga
d2487f9219 s/time(0)/time(NULL)/ 1999-07-19 19:28:21 +00:00
Hallvard Furuseth
cde93a6e06 make ldap.ld_lberoptions unsigned, like berelement.ber_options 1999-07-18 01:20:45 +00:00
Hallvard Furuseth
5ab862aee7 Pass socklen_t* instead of int* to getsockopt, accept, getpeername, recvfrom 1999-07-16 18:43:10 +00:00
Julio Sánchez Fernández
85acec922f We were not remembering the allocated SSL thing in the Sockbuf. 
Set flags without relying on errno (this change may be gratuitous
or wrong).
 1999-07-16 15:46:15 +00:00
Julio Sánchez Fernández
7a64fcf7b3 Set ciphers from slapd.conf. 
More error checking and reporting.
Slowly getting there, SSL_accept succeeds now, but connection breaks
immediately after that (my glue logic with slapd is broken).
 1999-07-15 21:03:47 +00:00
Kurt Zeilenga
c7425738bb Add missing arg to Debug macro call 1999-07-15 20:00:05 +00:00
Julio Sánchez Fernández
41de66a0b2 New routine tls_report_error to analyze errors from OpenSSL 
Change temporarily the default protocol from TLSv1 to SSLv3 with
fallback to SSLv2.  This seems necessary for slapd to accept connections
from Netscape.
Try to set the cipher list in the default context.  Does not semm to
work yet.
 1999-07-15 14:59:09 +00:00
Kurt Zeilenga
cbb5553b03 Newer versions of OpenSSL install headers in $prefix/include/openssl... 1999-07-14 00:03:52 +00:00
Julio Sánchez Fernández
710f697fb7 Get and set TLS options 1999-07-13 19:34:07 +00:00
Julio Sánchez Fernández
70fe83b1d2 First version with TLS. Untested. 1999-07-13 19:32:51 +00:00
Julio Sánchez Fernández
43fba8fcb1 First version with TLS. Untested. 1999-07-13 19:30:41 +00:00
Julio Sánchez Fernández
97a681910e Options for TLS 1999-07-13 19:29:19 +00:00
Julio Sánchez Fernández
739466b85d Add tls.c 
Add use of TLS_LIBS so that test tools compile
 1999-07-13 19:27:33 +00:00
Julio Sánchez Fernández
8f4f94d415 First version of TLS glue for SSLeay/OpenSSL originally written by 
Bart Hartgers.  Untested.
 1999-07-13 19:11:53 +00:00
Hallvard Furuseth
2c27a6abcf Eliminate htonl(unsigned_long_arg), which is wrong on 64-bit OSF1/alpha 1999-07-13 09:41:25 +00:00
Hallvard Furuseth
5f880ae022 Fix LDAP_CONST->const in explode_name(), it failed when LDAP_CONST was empty. 1999-07-13 06:48:35 +00:00
Hallvard Furuseth
fb3b8e5ef1 Fix LDAP_CONNECTIONLESS code rot 1999-07-13 06:39:55 +00:00
Hallvard Furuseth
c4a13efbea Fix NULLxxx -> NULL 1999-07-13 06:37:19 +00:00
Hallvard Furuseth
6eef6bea01 ldap-int.h 1999-07-13 06:27:47 +00:00
Hallvard Furuseth
354702b94e ldap-int.h 1999-07-13 06:21:14 +00:00
Hallvard Furuseth
96e8fafb51 constify use of invalue in <ber/ldap>_set_option() 1999-07-13 05:17:50 +00:00
Hallvard Furuseth
2cc187ffbf constify ldap_int_put_controls, ldap_control_dup, ldap_controls_dup 1999-07-13 05:13:33 +00:00
Hallvard Furuseth
95b64907d3 Fix read_next_searchobj prototype: long*blenp -> ber_len_t*blenp 1999-07-13 05:04:06 +00:00
Hallvard Furuseth
55fa595f56 Add missing newline at EOF 1999-07-13 04:11:49 +00:00
Kurt Zeilenga
7574b70c6b Add charray (from slapd) to -lldap/-lldap_r (not yet used) 
Add digest md5 codes to -lldap/-lldap_r (work in progress)
 1999-07-07 17:58:21 +00:00
Kurt Zeilenga
4831bb0a75 request value should be optional. 1999-07-07 17:52:06 +00:00
Kurt Zeilenga
a67b08d515 Minor editorial change. 1999-07-07 17:51:39 +00:00
Kurt Zeilenga
522cd72f43 Fix CRITICIAL typo 1999-07-07 17:49:15 +00:00
Julio Sánchez Fernández
c8e37af0ca Removed numerous memory leaks detected by Mark Meredith. 
Make sure the token_val argument to get_token is always initialized
to something, either newly allocated memory or NULL.
 1999-07-02 11:57:07 +00:00
Kurt Zeilenga
ddd0559284 Fairly complete slapd SASL bind parsing... and centralized cleanup code. 
Update error strings and cldap misuse of server error.
 1999-07-01 04:42:01 +00:00
Kurt Zeilenga
f4ff5a9299 EXPERIMENTAL: Use sasl bind for simple bind. 
Add sasl.c to libldap_r.dsp.
 1999-06-28 23:24:16 +00:00
Kurt Zeilenga
64d5725662 Allow ctrls argument to be NULL. 1999-06-28 22:47:20 +00:00
Kurt Zeilenga
5045f15b23 EXPERIMENTAL ldap_parse_result() 1999-06-28 22:33:03 +00:00
Kurt Zeilenga
8482d2b488 Provide build support for sasl.c. 1999-06-28 22:30:56 +00:00
Kurt Zeilenga
1fd3c797a8 Validate outvalue after session param. 1999-06-28 22:22:27 +00:00
Kurt Zeilenga
37fceeb662 Minor cleanup of ldap_result(). 1999-06-28 22:20:04 +00:00
Kurt Zeilenga
80e5e3fead First cut at SASL routines. 1999-06-28 22:19:21 +00:00