mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
13,289 Commits 38 Branches 307 Tags 74 MiB
5f20374de1
Commit Graph

232 Commits

Author SHA1 Message Date
Kurt Zeilenga
2f7858044e ITS#1636 fix 2002-03-11 03:05:43 +00:00
Kurt Zeilenga
ec34550487 Note that we likely need to make some of this conditional. 2002-02-11 20:33:27 +00:00
Kurt Zeilenga
d23c559646 Don't use 'shtool mkln' as ln(1) replacement. 
Allow both <sasl/sasl.h> and <sasl.h>
 2002-02-11 08:28:51 +00:00
Kurt Zeilenga
f3548d371f notes needs for future additions 2002-02-11 01:58:36 +00:00
Kurt Zeilenga
5e31e90c74 Fix compile error properly 2002-02-10 18:05:04 +00:00
Kurt Zeilenga
b315d8af34 Update Cyrus SASL detection to always look for <sasl.h> regardless 
of version and then try -lsasl2 and -lsasl.  Make SASL code
conditional on SASL_VERSION_MAJOR, not HAVE_CYRUS_SASL.
 2002-02-10 17:51:19 +00:00
Howard Chu
8a4e92b259 Support for Cyrus SASLv2. Untested. 2002-02-10 14:27:23 +00:00
Kurt Zeilenga
14662be692 Add whoami extended operation. 
Add no-op control (needs backend implementation)
Updated modify password extended option API
Kludged control infrastructure to support frontend only controls
 2002-01-28 20:25:30 +00:00
Howard Chu
4191f39037 Changed slap_authz_info.sai_mech to struct berval. 
Changed sasl_* to use struct bervals.
 2002-01-26 13:57:41 +00:00
Kurt Zeilenga
20af643fc4 more cleanup 2002-01-16 04:40:41 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Kurt Zeilenga
c603bc3946 use sizeof instead of strlen/hardcoded-consts 2002-01-02 17:04:09 +00:00
Kurt Zeilenga
cddf7e0e00 More struct berval DN changes 
decrease dependency on dn_validate/dn_normalize
 2001-12-27 07:13:13 +00:00
Kurt Zeilenga
ef7a99ff99 Additional struct berval DN changes... 2001-12-26 23:26:55 +00:00
Howard Chu
826056e75b More thorough backend_destroy. Added config_destroy. Destroy slap_listeners. 
Plugged other small leaks.
 2001-12-15 12:05:58 +00:00
Howard Chu
d0b1ca692a Minor strlen cleanup 2001-12-09 13:57:55 +00:00
Pierangelo Masarati
aee3600276 minor cleanup 2001-11-17 16:18:07 +00:00
Mark Adamson
e0ff8d6782 fix various memory leaks 2001-11-05 23:14:42 +00:00
Kurt Zeilenga
61de99937f ldif.h include cleanup 2001-09-25 00:03:24 +00:00
Kurt Zeilenga
22688a7ad6 Minor cleanup of last commit 2001-09-18 18:24:47 +00:00
Kurt Zeilenga
7a18352c06 Patch for SASL EXTERNAL. Needs to be tested with other mechanisms. 2001-09-18 07:44:18 +00:00
Howard Chu
bb06fd8d6b Fix crashes for SASL/EXTERNAL binds: 
in slap_sasl_getdn, test id, not dn. dn is still NULL
  also, don't check for trailing slash
  in slap_sasl_bind, initialize reslen to 0
 2001-09-18 03:10:05 +00:00
Mark Adamson
fac77083cc Skip over the "dn:" prefix when passing a DN to dn_normalize(). 2001-08-29 23:01:24 +00:00
Gary Williams
e565505f21 fix logging macros (thanks Mei) 2001-02-02 13:49:26 +00:00
Mark Adamson
68ab73a0f5 Make sure the variable used for SASL REALM is initialized, in case of no REALM. 2001-01-23 19:18:03 +00:00
Kurt Zeilenga
65cdfa68f0 Fix more typos 2001-01-22 22:03:44 +00:00
Kurt Zeilenga
a4f37d6303 Fix typo 2001-01-22 21:10:54 +00:00
Kurt Zeilenga
28d1dbd8ac Add "sasl-external-x509dn-convert" configuration option aimed 
at providing authid TLS/X.509 to LDAP DN mapping.  Experimental.
 2001-01-19 00:47:32 +00:00
Kurt Zeilenga
1302713f09 Fix SASL_REALM bug 
Minor cleanup of logging code, variable scope
 2001-01-19 00:01:25 +00:00
Mark Adamson
6b4ec38178 Change the SASL DN's from cn=authzid to cn=auth 2001-01-18 20:05:15 +00:00
Gary Williams
f49fd8a98e fix format 2001-01-17 16:35:53 +00:00
Gary Williams
ffcdc6d11d More new logging (Behind NEW_LOGGING) 2001-01-15 19:17:29 +00:00
Mark Adamson
2231d5e64e Make SASL authorization work for NULL, "u:", and "dn:" authz strings. 2000-11-30 22:00:15 +00:00
Kurt Zeilenga
b285814f8e Fix layer installation 2000-10-12 19:02:31 +00:00
Kurt Zeilenga
27b30275a6 We need to set sasl_layers prior to returning result... 2000-10-07 02:00:54 +00:00
Kurt Zeilenga
a912e6eea0 Make sure authzid form produces a valid subject DN. Support 
both u: and dn: forms.
Rework sasl-regex DN be of the form
	uid=user,cn=realm,cn=mech,cn=authz
Fix up slapd.conf(5)
 2000-10-06 23:50:38 +00:00
Kurt Zeilenga
6b80b349fa remove cruft 2000-09-28 22:25:34 +00:00
Kurt Zeilenga
2b82d4f486 remove lint 
update bdb codes
 2000-09-22 01:40:57 +00:00
Mark Adamson
bf1ee530ea Implementation of SASL authorization. 2000-09-21 17:32:54 +00:00
Kurt Zeilenga
c9de004a86 Fix logging bug 2000-09-21 16:53:45 +00:00
Kurt Zeilenga
50714d2d48 merge changes from authPassword work which should fix SPASSWD code... 2000-09-20 00:28:57 +00:00
Kurt Zeilenga
a60438c1ce Add sasl-host option and treat sasl-realm as global only 
(ie: not backend specific).
 2000-08-30 01:44:39 +00:00
Kurt Zeilenga
1c328aa9c7 Minor typedef and other clean ups 2000-08-26 01:14:05 +00:00
Kurt Zeilenga
7b548b4a91 Make settings match manual page. 2000-08-24 01:12:54 +00:00
Kurt Zeilenga
df8c837c80 Fix typos 2000-08-15 23:42:44 +00:00
Kurt Zeilenga
3b03b64b77 Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the 
input.  In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
 2000-08-15 01:55:43 +00:00
Kurt Zeilenga
a50f391bb3 Working SASL security layers! 2000-07-28 00:04:07 +00:00
Kurt Zeilenga
9e37451421 Fix typo 2000-07-27 01:10:51 +00:00
Kurt Zeilenga
a71a7cdd98 Rework authorization handling such that authzid u:user gets mapped to 
authzdn uid=user.  Disallow authzid in DN form until we have a
validator.
 2000-07-24 23:05:45 +00:00
Kurt Zeilenga
804100b431 Fix sasl end game processing. 2000-07-20 18:39:40 +00:00
Kurt Zeilenga
a8521d3034 Fix mech==NULL bug 2000-07-20 01:04:34 +00:00
Kurt Zeilenga
d2b05a3858 Rework SASL command line arguments. Default is now to authenticate 
using best available mechanism.  (authzid prompting to be disabled)
To use simple bind, -x is required (implied if -P 2) with -D/-[Ww]
To use simple "anonymous" bind, just -x will do.
 2000-07-15 23:25:46 +00:00
Kurt Zeilenga
a6154d03f2 Misc cleanup 2000-07-15 00:45:31 +00:00
Kurt Zeilenga
5bca08d716 Store sasl callbacks in session handle so that they can properly freed. 2000-07-15 00:01:09 +00:00
Kurt Zeilenga
c8ca70f3ae Fix callbacks. 2000-07-14 22:00:16 +00:00
Kurt Zeilenga
1e3aa01b7b Fix SSF reporting. 2000-07-14 20:57:52 +00:00
Kurt Zeilenga
36fb2d9d78 rework SASL callbacks 2000-07-14 20:56:30 +00:00
Kurt Zeilenga
14859793d0 Add logging support 2000-07-14 04:35:36 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session. 
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
 2000-07-13 22:54:38 +00:00
Kurt Zeilenga
489fd210df Change reporting of SASL username 2000-07-06 01:22:42 +00:00
Kurt Zeilenga
51cef9dbed Return last step output in final response. 
And some code cleanup.
 2000-07-05 21:43:11 +00:00
Kurt Zeilenga
064d6aae65 Reverse SASL mechanism restriction #ifdef 2000-06-26 05:29:37 +00:00
Kurt Zeilenga
a56c161bdb Misc code cleanup. 2000-06-10 22:39:30 +00:00
Kurt Zeilenga
60802201e3 Const'ification 
SASL mech removed from backend bind callback (as SASL is managed by frontend)
Changes to some backends are untested (as I don't have all dependent
  software install)
 2000-05-22 03:46:57 +00:00
Kurt Zeilenga
a1430fdfdb Rework root dse and other info entry codes to produce entry 
to caller (do_search) such that info can be used by other
operations (ie: do_compare).
SLAPD_SCHEMA_NOT_COMPAT: Add additional code to support filters (needs work)
 2000-05-16 16:22:52 +00:00
Kurt Zeilenga
4e5992c190 Fix unsigned * vs unsigned long * bugs 2000-05-16 04:52:37 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Kurt Zeilenga
4fad202b44 hostname needs to be static 2000-05-11 02:41:34 +00:00
Kurt Zeilenga
f224e69558 Add experimental code to check simple bind passwords 
against Cyrus SASLdb.  Like other cleartext mechanisms,
should be protected from eavesdropping.
 2000-05-10 04:29:51 +00:00
Kurt Zeilenga
d0555fffe6 Error handling changes including separation of client v. server 
SASL to LDAP translation.  plus comments and other minor changes
 2000-05-03 18:59:58 +00:00
Kurt Zeilenga
b872bf3a91 fix -UHAVE_CYRUS_SASL 2000-04-25 19:28:00 +00:00
Kurt Zeilenga
20351a05cc SASL: me thinks I got the states okay... now to test. 2000-04-25 18:02:50 +00:00
Kurt Zeilenga
42a20681cc SASL closer to working from frontend only, need to work through 
states.
 2000-04-25 17:23:54 +00:00
Kurt Zeilenga
55ae3cffd8 SASL code without backend support. Should work with 
external store, but not yet tested.  [Intent is to support
both in same server... may not be doable]
 2000-04-25 16:03:17 +00:00
Kurt Zeilenga
6f2a817d9d bind/sasl cleanup PRIOR TO moving call from backend to frontend 2000-04-25 13:21:42 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library; 
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
 2000-01-02 01:21:25 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers. 
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
 1999-09-08 19:06:24 +00:00
Kurt Zeilenga
9c3ed0310b Add copyright notices. 1999-08-06 23:07:46 +00:00
Kurt Zeilenga
b67eb8e2be Don't have time to finish SASL right now... this is a work in progress 
but is safely tucked away behind --with-cyrus-sasl.
 1999-08-04 00:11:22 +00:00
Kurt Zeilenga
354d49fb9a List supportedSASLmechanisms based upon what sasl_listmech() returns. 1999-08-03 23:23:05 +00:00
Kurt Zeilenga
df8f7cbb9b s/exit(1)/exit(EXIT_FAILURE)/ 
s/exit(0)/exit(EXIT_SUCCESS)/
add <ac/stdlib.h> where needed and other minor header adjustments
 1999-08-03 18:14:24 +00:00
Kurt Zeilenga
f90ed5aef8 Add a little SASL framework and remove old X-DIGEST-MD5 hardcode. 
This code is not called (yet).
 1999-08-03 02:37:42 +00:00