Commit Graph

16234 Commits

Author SHA1 Message Date
Hallvard Furuseth
101b6b9363 Fix --without-tls (ITS#4975). Enable certificate matching. 2007-05-20 22:48:21 +00:00
Hallvard Furuseth
8a7e6bca0c Previous message should have gone in ITS. It is ITS#4974. 2007-05-20 20:06:32 +00:00
Hallvard Furuseth
c47e444698 libldap/tls.c calls CRYPTO_set_id_callback(ldap_pvt_thread_self), which
causes ldap_pvt_thread_self to be called with the wrong prototype.

That can cause OpenSSL to use a garbage value, e.g. if the unsigned
long it expects takes two words but ldap_pvt_thread_t is an int.

I'm fixing it in HEAD now and also provoking an error if unsigned
long cannot hold a ldap_pvt_thread_t.  Otherwise it can silently
compile to broken code.  Maybe the latter should go in configure,
but since OpenSSL presumably breaks anyway if that fails I don't
see much point at this time.
2007-05-20 20:02:52 +00:00
Hallvard Furuseth
9fd99cd566 Only use terminal escapes (in $TB/$TN) when printing to a terminal.
Remove a bogus 'waiting' message; the script does not sleep there.
2007-05-19 21:26:54 +00:00
Pierangelo Masarati
b0b098258f test fix to ITS#4964 2007-05-19 14:17:34 +00:00
Pierangelo Masarati
74ca4680db more ITS#4973 initialization 2007-05-19 14:12:24 +00:00
Pierangelo Masarati
43367e162e re-parse ID from passmod request, if necessary (ultimately fixes ITS#4964, along with fix to ITS#4973) 2007-05-19 14:08:49 +00:00
Pierangelo Masarati
4f960dacb3 related to ITS#4973 2007-05-19 14:06:42 +00:00
Hallvard Furuseth
93fbb87545 Give OperationBuffer normal struct members instead of using
LBER_ALIGNED_BUFFER(OPERATION_BUFFER_SIZE), as discussed in ITS#4078.
Add a corresponding SyncOperationBuffer in overlays/syncprov.c.
2007-05-18 23:54:26 +00:00
Hallvard Furuseth
a376bb455e Regenerate 2007-05-18 18:53:10 +00:00
Hallvard Furuseth
2d5316b4c1 Only use terminal escapes (in $TB/$TN) when printing to a terminal. 2007-05-18 18:42:59 +00:00
Hallvard Furuseth
eb351d9e33 ITS#4972: $LDAP_THREAD_DEBUG, detached threads, debug_already_initialized().
Also plug a memory leak, set state vars even when unused for the sake of
debugging, and tweak some readability issues & data types.
2007-05-18 17:49:38 +00:00
Hallvard Furuseth
ca01abae04 clean-local: Delete configpw configpw.conf 2007-05-18 15:32:50 +00:00
Hallvard Furuseth
6f3cf907b8 Readability patch: ERRVAL() macro for pthreads < 7 vs. >= 7 return values. 2007-05-18 15:28:09 +00:00
Hallvard Furuseth
73aaead5bd Re-fixing ITS#2667: test -a and test -o unportable, use && and ||. 2007-05-18 15:23:28 +00:00
Hallvard Furuseth
f906a99eec Only define x509_cert_get_dn() when HAVE_GNUTLS. Remove unused variable. 2007-05-18 15:10:15 +00:00
Hallvard Furuseth
7372fea8b5 printf format paranoia: macros could be changed to contain format chars 2007-05-18 14:48:28 +00:00
Hallvard Furuseth
d84399e344 Unused varaibles 2007-05-18 14:46:52 +00:00
Hallvard Furuseth
4caf7faa74 Warning cleanup (avoid cast double return val -> integer, gcc gets suspicious) 2007-05-18 14:45:56 +00:00
Hallvard Furuseth
861babae6f include lber-int.h (for rev 1.396 certificate changes) 2007-05-18 14:41:28 +00:00
Pierangelo Masarati
7b7676a9fa ... 2007-05-17 13:57:20 +00:00
Hallvard Furuseth
870f869dfb Header nitpick 2007-05-16 23:28:58 +00:00
Hallvard Furuseth
a12a4029ae SEE ALSO slapcat(8), slapd-ldif(5) 2007-05-16 23:27:41 +00:00
Hallvard Furuseth
2f0e73f531 Clarify "bind on" 2007-05-16 23:23:48 +00:00
Hallvard Furuseth
ec9322c301 Explain rootDSE 2007-05-16 23:23:02 +00:00
Pierangelo Masarati
978c3609e0 allow array of more generic syntaxes 2007-05-16 09:13:14 +00:00
Pierangelo Masarati
eb5d285a1b allow attribute inheritance with syntax restriction (please review) 2007-05-16 01:40:34 +00:00
Pierangelo Masarati
dd3f101ff8 further cleanup round in back-relay database selection; cleanup 2007-05-16 01:39:41 +00:00
Pierangelo Masarati
c30ae47206 check for NULL dn in URL; set error code before seding extended response (partially addresses ITS#4968) 2007-05-15 22:29:06 +00:00
Howard Chu
d9a43aee44 Fix GNUtls acknowledgement, initial work by Matt Backes. Sponsored by
The Written Word and Stanford University.
2007-05-14 23:35:36 +00:00
Howard Chu
093f52e44d ITS#4961 disable schema checking on contextCSN update 2007-05-14 21:25:48 +00:00
Ralf Haferkamp
6ee5d7d3da make openssl builds working again 2007-05-14 12:19:32 +00:00
Pierangelo Masarati
bf144a4ec0 apply fixes in ITS#4951 (tested) 2007-05-13 23:14:55 +00:00
Hallvard Furuseth
7720844624 Reapply part of rev 1.2 warning cleanup, it was lost in next revision 2007-05-13 22:32:33 +00:00
Howard Chu
423f20c915 GNUtls - ignore free of NULL ctx 2007-05-13 09:43:41 +00:00
Howard Chu
5f36d32596 Don't NUL-terminate bervals during DN parsing 2007-05-13 09:37:37 +00:00
Howard Chu
97b0c98ab5 Don't use strdup on bervals 2007-05-13 09:36:52 +00:00
Howard Chu
6d01c81596 Test no longer depends on --with-tls 2007-05-13 09:35:57 +00:00
Howard Chu
9688a3ae7e Added GNUtls notes 2007-05-13 01:59:46 +00:00
Howard Chu
bdd8bf4133 Add CRLfile option for GNUtls 2007-05-13 01:34:12 +00:00
Howard Chu
f3c9d552dd Use liblber for certificate Validation, Normalization 2007-05-13 01:27:51 +00:00
Howard Chu
47a8f3213b Merged GNUtls support into main tls.c 2007-05-13 00:15:27 +00:00
Howard Chu
93e1da43e9 No more dependency on OpenSSL 2007-05-12 23:44:58 +00:00
Hallvard Furuseth
b6bb36eaf1 Add back-monitor (and its OID arc) to Backend/Database registry 2007-05-12 17:55:37 +00:00
Pierangelo Masarati
f2d213d73f if no database can be looked up, don't send result when not appropriate 2007-05-12 13:09:48 +00:00
Pierangelo Masarati
d12592ca3c don't try to lookup a database when there's no request DN 2007-05-12 13:07:17 +00:00
Pierangelo Masarati
7601a1f3fb fix read off by one (spotted by valgrind) 2007-05-12 12:38:09 +00:00
Hallvard Furuseth
dfc10014b1 Fix for !(LDAP_DEBUG && LDAP_SYSLOG) 2007-05-11 23:04:33 +00:00
Hallvard Furuseth
e509d3ed9a Comment fixes.
Corrected rev 1.67 cvs comment: ltu_key[] is NULL-terminated _when not full_.
2007-05-11 18:48:13 +00:00
Howard Chu
236e5f50b3 Added ciphersuite support 2007-05-10 21:49:43 +00:00