Commit Graph

709 Commits

Author SHA1 Message Date
Quanah Gibson-Mount
d28a933b70 ITS#9471 - Fix typos in previous commit 2021-03-18 21:06:58 +00:00
Ondřej Kuzník
d594ffe902 ITS#9471 Add RBAC overlay to contrib 2021-03-18 19:36:39 +00:00
Quanah Gibson-Mount
c7763538de ITS#9453 - Make pw argon2 official 2021-03-10 23:21:08 +00:00
Ryan Tandy
455dd54b0b ITS#9484 Include portable.h in contrib passwd modules 2021-03-02 20:51:09 +00:00
Howard Chu
b57d317fd9 ITS#9478 fix breakage from ITS#9348 2021-02-24 20:09:58 +00:00
Quanah Gibson-Mount
a48d8b4813 ITS#9161 - A few more typo fixes 2021-02-18 20:25:35 +00:00
Quanah Gibson-Mount
ce2c5173bd ITS#9161 - Fix various typos
Fix a number of different typos across the code base
2021-02-17 18:42:46 +00:00
Quanah Gibson-Mount
11e5ba23d5 ITS#7790 - Fix contrib modules for new header name 2021-02-09 17:39:37 +00:00
Quanah Gibson-Mount
efaf9a4a17 Happy New Year! 2021-01-11 19:25:53 +00:00
Ondřej Kuzník
67d005ee65 ITS#9348 Stop using plain strerror() 2020-09-25 12:47:46 +01:00
Quanah Gibson-Mount
f876eac3d2 ITS#9311 - Contrib modules to be singular 2020-08-21 19:34:27 +00:00
Quanah Gibson-Mount
1b3fcd4e75 ITS#9308 - ensure "i" is initialized 2020-08-05 23:06:49 +00:00
Quanah Gibson-Mount
21eef84a49 ITS#9275 -- Update wording to remove slave and master terms, consolidate on provider/consumer 2020-07-18 16:27:04 +00:00
Quanah Gibson-Mount
c06ac436e2 ITS#9235 Merge libldap_r into libldap 2020-07-03 17:23:14 -07:00
Quanah Gibson-Mount
58c978825c Issue#9020 - Use consistent namespaces for overlays 2020-06-22 20:44:12 +00:00
Quanah Gibson-Mount
2286e2edbc Issue#9248 - Fix default prefix value 2020-05-31 22:32:53 +00:00
Ryan Tandy
feb6f21d2e ITS#9203 Remove default values from slapd-pw-argon2.5
The defaults vary by crypto library and possibly even version, so it's
not worth trying to keep them accurate.
2020-04-14 09:26:19 -07:00
Ryan Tandy
0ec42b08b4 ITS#9206 Use argon2id default values explicitly 2020-04-14 09:26:19 -07:00
Ryan Tandy
307b06ff40 ITS#9206 Convert libsodium default memlimit to KiB 2020-04-14 09:26:19 -07:00
Ryan Tandy
6485667711 ITS#9206 Initialize libsodium before calling its functions 2020-04-14 09:26:19 -07:00
Peter Marschall
40ce9a46c9 ITS#9206 contrib/passwd/argon2: consolidate libsodium implementation
* use 'crypto_pwhash_str_alg(..., crypto_pwhash_ALG_ARGON2ID13)' to set
  the algorithm to Argon2.
  According to libsodium's documentation, the original 'crypto_pwhash_str()'
  only guarantees a "memory-hard, CPU-intensive hash function", but not
  necessarily Argon2.  Although in released versions of libsodium Argon2 is
  the only implemented backend, this may chane in the future.
* multiply the 'memory' parameter by 1024 to align it with the libargon2
  implementation. The objective is to have consistent configuration in
  OpenLDAP's pw-argon2 module no matter what backend implementation is used.

Signed-off-by: Peter Marschall <peter@adpm.de>
2020-04-14 09:26:19 -07:00
Ryan Tandy
2be4576a0c ITS#9203 slapd-argon2 -> pw-argon2
Based on initial patch by Peter Marschall.
2020-04-14 09:26:19 -07:00
Peter Marschall
5c20342baa ITS#9203 contrib/passwd/argon2: add manual page
Add manual page slapd-pw-argon2.5 and make sure it gets installed.

Signed-off-by: Peter Marschall <peter@adpm.de>
2020-04-14 09:26:19 -07:00
Quanah Gibson-Mount
1a55a5c61b ITS#9177 - Finish updating migration to latest autoconf and related build tools 2020-04-10 17:44:56 +00:00
Peter Marschall
52fad51dcc ITS#8628 - contrib/passwd/pbkdf2: new Makefile variables SSL_LIB & SSL_INC 2020-04-01 22:29:10 +00:00
Ryan Tandy
d86caacaa1 ITS#8837 Fix pw-pbkdf2 manpage name to get it installed 2020-03-29 10:00:45 -07:00
Ryan Tandy
d34d2c3945 ITS#8639 Delete LM hash support from smbk5pwd 2020-03-07 16:55:35 +00:00
Ondřej Kuzník
28828e1b40 ITS#9160 OOM handling in contrib 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
af5ed7c6e2 ITS#8575 Accept parameters for hashing new passwords 2020-02-07 09:46:23 +00:00
Ondřej Kuzník
8bb8905b64 ITS#8575 Add a libsodium based implementation 2020-02-07 09:46:23 +00:00
Simon Levermann
7e3822f3bb ITS#8575 Implement argon2 password hashing as a module
This change implements argon2, which won the Password Hashing
Competition (https://password-hashing.net/) as a contrib-module in order
to provide a modern password hashing alternative in openldap. The
currently available password hashing algorithms are relatively old, and
modern hardware, especially GPUs can compute quite a few (ranging from
tens of thousands to millions) of hashes per second. Argon2 was designed
to withstand such attacks.

This implementation uses the default work factors used in the argon2
command line client, but the resulting hashes are stored in a way that
would allow retroactive changes to these values, or even exposing them
as configuration in the module.
2020-02-07 09:46:23 +00:00
Quanah Gibson-Mount
d2c9ef8cc4 ITS#7855 - Update config.guess and config.sub for ldapc++ contrib module
Update config.guess and config.sub from official upstream project at https://savannah.gnu.org/projects/config/

    Specifically in this case, commit 5256817ace8493502ec88501a19e4051c2e220b0 for the date Wed Jan 1 19:36:58 2020 +1100
2020-02-03 19:12:36 +00:00
Quanah Gibson-Mount
f6ad222e41 Happy New Year! 2020-01-09 16:50:21 +00:00
Greg Veldman
3be82f40d5 ITS#9055 Introduce a combined password scheme 2019-10-03 08:41:31 +01:00
Greg Veldman
711a96064e ITS#9055 Accept previous token 2019-10-03 08:37:03 +01:00
Quanah Gibson-Mount
1d0a96e78a Revert "ITS#9008 Do the same for contrib Makefiles"
This reverts commit 3fa7d3c805.
2019-05-17 17:03:02 +00:00
Quanah Gibson-Mount
ec2cb12e68 ITS#9010 - Delete back-bdb/back-hdb
This commits deletes all references and code for back-bdb and back-hdb.
There is some follow up work still necessary to flush out the admin
guide for back-mdb.
2019-05-13 17:20:28 +00:00
Ondřej Kuzník
3fa7d3c805 ITS#9008 Do the same for contrib Makefiles 2019-04-24 14:59:51 +01:00
Ondřej Kuzník
251ce83d60 ITS#8731 NSSOV is not processable by coccinelle 2019-02-15 16:51:53 +00:00
Ondřej Kuzník
97a310b312 ITS#8731 Apply doc/devel/variadic_debug/04-variadic.cocci 2019-02-15 16:51:53 +00:00
Ondřej Kuzník
e1e643ea41 ITS#8731 Manual adjustments 2019-02-15 16:51:53 +00:00
Ondřej Kuzník
129dcfbd86 ITS#8731 General Debug() related fixes 2019-02-15 16:51:53 +00:00
Quanah Gibson-Mount
b45a6a7dc7 Happy New Year! 2019-01-14 18:46:16 +00:00
Quanah Gibson-Mount
3add82a3bb ITS#8286 -- Add matching rules for attributes
Add matching rules for all cases where it was missing.  Cleanup
incorrect types for a few attributes as well.  Fix network-timeout
handling in back-ldap/meta/asyncmeta.
2018-12-18 19:14:06 +00:00
Ondřej Kuzník
d40a832db0 ITS#8878 Include the first character in the transformation 2018-11-08 11:14:47 +00:00
Quanah Gibson-Mount
59e9ff6243 Happy New Year 2018-03-22 15:35:24 +00:00
Josh Soref
10566c8be3 ITS#8605 - spelling fixes
* javascript
* kernel
* ldap
* length
* macros
* maintained
* manager
* matching
* maximum
* mechanism
* memory
* method
* mimic
* minimum
* modifiable
* modifiers
* modifying
* multiple
* necessary
* normalized
* objectclass
* occurrence
* occurring
* offered
* operation
* original
* overridden
* parameter
* permanent
* preemptively
* printable
* protocol
* provider
* really
* redistribution
* referenced
* refresh
* regardless
* registered
* request
* reserved
* resource
* response
* sanity
* separated
* setconcurrency
* should
* specially
* specifies
* structure
* structures
* subordinates
* substitution
* succeed
* successful
* successfully
* sudoers
* sufficient
* superiors
* supported
* synchronization
* terminated
* they're
* through
* traffic
* transparent
* unsigned
* unsupported
* version
* absence
* achieves
* adamson
* additional
* address
* against
* appropriate
* architecture
* associated
* async
* attribute
* authentication
* authorized
* auxiliary
* available
* begin
* beginning
* buffered
* canonical
* certificate
* charray
* check
* class
* compatibility
* compilation
* component
* configurable
* configuration
* configure
* conjunction
* constraints
* constructor
* contained
* containing
* continued
* control
* convenience
* correspond
* credentials
* cyrillic
* database
* definitions
* deloldrdn
* dereferencing
* destroy
* distinguish
* documentation
* emmanuel
* enabled
* entry
* enumerated
* everything
* exhaustive
* existence
* existing
* explicitly
* extract
* fallthru
* fashion
* february
* finally
* function
* generically
* groupname
* happened
* implementation
* including
* initialization
* initializes
* insensitive
* instantiated
* instantiation
* integral
* internal
* iterate
2017-10-11 14:39:38 -07:00
ck@test-centos64.cksoft.de
44e9bda0e4 ITS#7721 - Allow authTimestamp updates to be forwarded via updateref 2017-10-11 14:31:38 -07:00
Quanah Gibson-Mount
a795d7cc0b ITS#8583 - Fix C++ LDAP Control structure 2017-10-06 10:45:21 -07:00
SATOH Fumiyasu
2c36a37f90 ITS#8709 contrib/slapd-modules/passwd/totp: OpenSSL 1.1.0 compatibility 2017-09-06 21:29:24 +01:00