Commit Graph

22852 Commits

Author SHA1 Message Date
Ondřej Kuzník
720057f4f3 ITS#8753 Fix pinning test script with no openssl 2020-04-03 09:47:46 +01:00
Quanah Gibson-Mount
05e0780558 ITS#6035 - regenerate configure 2020-04-02 16:28:58 +00:00
Ryan Tandy
2b01b8dd56 ITS#6035 Create test script 2020-04-02 09:10:51 -07:00
Ryan Tandy
1d562a7a52 ITS#6035 olcAuthIDRewrite insert/delete support 2020-04-02 09:10:51 -07:00
Ryan Tandy
c4db906107 ITS#6035 olcAuthzRegexp insert/delete support 2020-04-02 09:10:51 -07:00
Ryan Tandy
822ed8c11d ITS#6035 saslauthz cleanups (no functional change)
- give authid-rewrite's argument a name
- tidy saslauthz.c whitespace (mixed spaces/tabs)
- always declare slap_sasl_regexp_destroy: fixes an implicit declaration
  warning when configured without librewrite
- delete dead code: ENABLE_REWRITE implies SLAP_AUTH_REWRITE, so this
  code is never compiled
- make slap_sasl_regexp_rewrite_config static
- omit sasl_regexp unused fields when built with librewrite
2020-04-02 09:10:51 -07:00
Ryan Tandy
7732cb2794 ITS#9086 Add debug logging for more GnuTLS errors 2020-04-02 15:52:31 +00:00
Peter Marschall
52fad51dcc ITS#8628 - contrib/passwd/pbkdf2: new Makefile variables SSL_LIB & SSL_INC 2020-04-01 22:29:10 +00:00
Quanah Gibson-Mount
a5b8a41c13 ITS#9003
Note that with slapd-ldap, the special character "*" actually allows anonymous rather than denies, as is the case with authz-policy
2020-04-01 19:40:27 +00:00
Ryan Tandy
d86caacaa1 ITS#8837 Fix pw-pbkdf2 manpage name to get it installed 2020-03-29 10:00:45 -07:00
Sergei Trofimovich
57b7003a64 thr_posix.c: fix implicit function declaration for 'pthread_setconcurrency'
thr_posix.c: In function 'ldap_pvt_thread_set_concurrency':
thr_posix.c:96:9: error: implicit declaration of function 'pthread_setconcurrency'
  return pthread_setconcurrency( n );
         ^~~~~~~~~~~~~~~~~~~~~~
         pthread_setcanceltype

Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
2020-03-26 22:06:41 +00:00
Kurt Zeilenga
23af2c36e2 ITS#8675 - Fix tools to not continue on TLS error
The spec says that upon StartTLS 'success', both TLS communications is
established on the octet following the Start TLS response (and the
request)... and that once one starts TLS communications, one can never
go back to LDAP without TLS. So if there's a TLS failure (whether as
part of TLS nego or later), LDAP communications cannot be continued
(without TLS).

Only ignoring LDAP errors (rc > 0) ensures that if TLS negotiation
fails, we don't attempt to send LDAP operations without TLS.
2020-03-26 18:45:00 +00:00
Emily Backes
f4bfb5e0a5 ITS#7074 - change olcDatabaseDummy initialization for windows 2020-03-20 19:08:22 +00:00
Howard Chu
4f7ea78c95 ITS#9181 Fix race on Windows mutex init 2020-03-16 17:07:43 +00:00
Howard Chu
2d87a1c7b5 ITS#9182 pcache: fix private DB init 2020-03-11 19:17:10 +00:00
Ryan Tandy
d34d2c3945 ITS#8639 Delete LM hash support from smbk5pwd 2020-03-07 16:55:35 +00:00
Ryan Tandy
0de74408f2 ITS#8639 Regenerate configure and portable.hin 2020-03-07 16:55:35 +00:00
Andrew Lawrence
6f5cc45f93 ITS#8639 remove LANMAN hashed passwords 2020-03-07 16:55:35 +00:00
Howard Chu
1c05dce379 ITS#9121 fix filter error message
Filters use parentheses, not brackets.
2020-03-06 17:29:44 +00:00
Ryan Tandy
1dbb82ec8c Fix SLAPD_OVER_RETCODE description 2020-02-28 12:00:14 -08:00
Ryan Tandy
c2f75cd108 Regenerate portable.hin with autoheader 2.69 2020-02-28 12:00:10 -08:00
Howard Chu
2c6fccb49b ITS#9121 plug entry leak 2020-02-25 18:06:15 +00:00
Quanah Gibson-Mount
6bd2a3721d ITS#9175 - Fix argument cast
Fixes potential segfault in ldapsearch
2020-02-21 21:10:49 +00:00
Ondřej Kuzník
a2a859fd0b Correct cyrus-sasl version verison check 2020-02-21 10:44:59 +00:00
Ondřej Kuzník
140b676bc1 ITS#9171 Insert callback in the right place 2020-02-21 10:44:59 +00:00
Howard Chu
299fb490a2 ITS#9121 fix prev commit
Only flush entry if dynlist_prepare_entry altered it
2020-02-14 22:32:03 +00:00
Ryan Tandy
5d8c491fa1 ITS#9166 Fix slapdconfig.sdf mismatched braces 2020-02-12 10:55:08 -08:00
Ondřej Kuzník
b1170bc035 Revert "ITS#9160 OOM handling in mdb tools", wrong branch.
This reverts commit be61a967e6.
2020-02-07 11:34:20 +00:00
Ondřej Kuzník
47e0e3fdb5 ITS#9160 OOM handling in back-asyncmeta 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
7336827769 ITS#9160 OOM handling in back-meta 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
4bb239bd76 ITS#9160 OOM handling in libldap 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
816d94b221 ITS#9160 OOM handling in slapd 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
be61a967e6 ITS#9160 OOM handling in mdb tools 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
9835662927 ITS#9160 OOM handling in test programs 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
28828e1b40 ITS#9160 OOM handling in contrib 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
af5ed7c6e2 ITS#8575 Accept parameters for hashing new passwords 2020-02-07 09:46:23 +00:00
Ondřej Kuzník
8bb8905b64 ITS#8575 Add a libsodium based implementation 2020-02-07 09:46:23 +00:00
Simon Levermann
7e3822f3bb ITS#8575 Implement argon2 password hashing as a module
This change implements argon2, which won the Password Hashing
Competition (https://password-hashing.net/) as a contrib-module in order
to provide a modern password hashing alternative in openldap. The
currently available password hashing algorithms are relatively old, and
modern hardware, especially GPUs can compute quite a few (ranging from
tens of thousands to millions) of hashes per second. Argon2 was designed
to withstand such attacks.

This implementation uses the default work factors used in the argon2
command line client, but the resulting hashes are stored in a way that
would allow retroactive changes to these values, or even exposing them
as configuration in the module.
2020-02-07 09:46:23 +00:00
Howard Chu
02eb0b6fe8 ITS#9121 fix filtering of dyngroups with memberof 2020-02-04 16:36:42 +00:00
Quanah Gibson-Mount
d2c9ef8cc4 ITS#7855 - Update config.guess and config.sub for ldapc++ contrib module
Update config.guess and config.sub from official upstream project at https://savannah.gnu.org/projects/config/

    Specifically in this case, commit 5256817ace8493502ec88501a19e4051c2e220b0 for the date Wed Jan 1 19:36:58 2020 +1100
2020-02-03 19:12:36 +00:00
Quanah Gibson-Mount
165c632249 Move CONFIG_DELETE out from behind LDAP_DEVEL 2020-02-03 16:55:34 +00:00
Quanah Gibson-Mount
7244a7b6d8 ITS#8040 - Move LAZY_COMMIT to be active outside of LDAP_DEVEL 2020-02-02 19:02:18 +00:00
Quanah Gibson-Mount
0dbbe8c012 ITS#8040 - Fix missing ifdefs for LAZY_COMMIT 2020-02-02 19:00:34 +00:00
Quanah Gibson-Mount
707d2a9211 ITS#8966 - Remove DO_DSEE ifdef Remove ifdef for DO_DSEE as it's required to be defined for syncrepl.c to compile 2020-02-02 19:00:31 +00:00
Quanah Gibson-Mount
6b81910fcd Update configure to use autoconf 2.69 2020-01-31 18:40:14 +00:00
Quanah Gibson-Mount
4d2fa65969 Remove LDAP_FEATURE_X_CANCHAINOPS from behind LDAP_DEVEL 2020-01-30 18:54:36 +00:00
Quanah Gibson-Mount
bc30f083d6 Merge remote-tracking branch 'origin/mdb.RE/0.9' 2020-01-30 18:13:03 +00:00
Quanah Gibson-Mount
6a1af27ff2 Release 0.9.25 2020-01-30 17:57:13 +00:00
Quanah Gibson-Mount
e67edd9895 This test no longer valid after the fix for ITS#9015, skip it 2020-01-30 16:08:50 +00:00
Quanah Gibson-Mount
7182cbc7e3 ITS#7855 - Update config.guess and config.sub
Update config.guess and config.sub from official upstream project at https://savannah.gnu.org/projects/config/

Specifically in this case, commit 5256817ace8493502ec88501a19e4051c2e220b0 for the date Wed Jan 1 19:36:58 2020 +1100
2020-01-28 16:08:50 +00:00