Kurt Zeilenga
7592a9b9c7
make sure we don't test against stored values starting with "{"
2002-07-10 22:04:14 +00:00
Kurt Zeilenga
56bbe05490
Add {CLEARTEXT} password-hash support
2002-06-12 00:43:34 +00:00
Howard Chu
491d2ae5b9
ITS#1720 chk_sasl for Cyrus SASL 2
2002-04-16 04:05:51 +00:00
Howard Chu
bb17493d31
ITS#1732 signed/unsigned fixes
2002-04-11 08:47:37 +00:00
Kurt Zeilenga
0e2af54a3f
Update copyright statements
2002-01-04 21:17:25 +00:00
Howard Chu
e5eb270e6c
from jon@symas.com - misc Windows cleanup
2001-12-17 22:42:55 +00:00
Kurt Zeilenga
7ee53eb12e
Remove const from salt_format
2001-06-14 02:20:05 +00:00
Kurt Zeilenga
ff993c7ddb
Misc updates to password codes / docs
2001-06-13 05:40:24 +00:00
Kurt Zeilenga
8d4c20cd6d
Adding crypt(3) salt format (ITS#1202) from Jeff Costlow <j.costlow@f5.com>
...
with minor changes by committer
---
Copyright 2001, F5 Networks, Inc, All rights reserved.
This software is not subject to any license of F5 Networks.
This is free software; you can redistribute and use it
under the same terms as OpenLDAP itself.
2001-06-13 03:47:17 +00:00
Kurt Zeilenga
9ed2b33e2b
optional SHA1
2001-05-02 19:49:44 +00:00
Kurt Zeilenga
7f91ee936f
Clean up header inclusion
2001-03-15 03:09:52 +00:00
Gary Williams
36880023b6
fix NT build by moving unistd.h
2001-02-02 16:07:12 +00:00
Kurt Zeilenga
90c9d543a8
Provide extra salt for crypt(3)
2001-01-20 01:15:28 +00:00
Kurt Zeilenga
319a75ef39
Fix LMPASSWD code
...
Move <ac/unistd.h> and <ac/crypt.h> behind SLAPD_CRYPT
2001-01-18 00:35:09 +00:00
Kurt Zeilenga
df7804debc
ITS#899 LANMAN password contribution from Norbert Klasen
2000-11-22 20:18:50 +00:00
Kurt Zeilenga
7fad68f7b4
remove lint
2000-10-18 00:29:21 +00:00
Kurt Zeilenga
f319444df0
MIT Kerberos and krb5_free_creds_contents (ITS#715)
...
fix suggested by Norbert Klasen <klasen@zdv.uni-tuebingen.de>
2000-09-06 18:21:39 +00:00
Kurt Zeilenga
3b03b64b77
Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the
...
input. In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
2000-08-15 01:55:43 +00:00
Kurt Zeilenga
5b856458a2
s/SAFEMEMCPY/AC_MEMCPY/
...
Use AC_FMEMCPY where appropriate (-llber)
2000-07-28 01:07:07 +00:00
Kurt Zeilenga
5fc22599e2
Update SASL code to reuse context through life of session.
...
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
c5765e3827
Use provided macros and comment
2000-06-03 17:24:21 +00:00
Kurt Zeilenga
29d9fa20a2
Y2k copyright update
2000-05-13 02:36:07 +00:00
Howard Chu
3f618bfe03
Fix ambiguous return value in lutil_passwd
2000-05-13 00:10:24 +00:00
Howard Chu
7ca81c0a03
Fix one more chk_unix ifdef
2000-05-11 20:00:47 +00:00
Kurt Zeilenga
cdb709fd27
Fix unbalanced #endif
2000-05-11 16:06:41 +00:00
Howard Chu
605832eaa5
Added support for AIX security database:
...
configure.in: check for AIX security library, set in AUTH_LIBS macro
top.mk: add AUTH_LIBS macro to SECURITY_LIBS
portable.h.in: added HAVE_AIX_SECURITY macro (via autoheader)
passwd.c: use AIX getuserpw in chk_unix. Also fix logic in chk_unix:
getpwnam must always succeed for the given user. It is not a
fatal error if getspnam returns no result for the user: On
systems that support /etc/shadow, its usage is optional. The
same logic applies for AIX, SCO/HP SecureWare, etc.
2000-05-11 10:10:53 +00:00
Kurt Zeilenga
3553f9aab6
Fix #ifdefs when --disable-crypt
2000-05-10 23:26:42 +00:00
Kurt Zeilenga
f224e69558
Add experimental code to check simple bind passwords
...
against Cyrus SASLdb. Like other cleartext mechanisms,
should be protected from eavesdropping.
2000-05-10 04:29:51 +00:00
Kurt Zeilenga
802ee714e4
Framework for authpasswd. Needs work. Behind #ifdef
2000-04-25 13:28:03 +00:00
Kurt Zeilenga
4c0be829e1
Fix usage in comment
2000-03-17 02:07:59 +00:00
Kurt Zeilenga
5967cc5658
Even more checks around use of crypt(3).
2000-01-17 17:09:33 +00:00
Kurt Zeilenga
c17b89f431
Add additional crypt() sanity checks.
2000-01-17 16:53:15 +00:00
Kurt Zeilenga
34fe70cc71
Validate krb5_init_context
2000-01-10 21:37:04 +00:00
Kurt Zeilenga
38f0b890ab
Borrowed a bit to literally... s/pop/ldap/ s/popper/slapd/
2000-01-09 00:20:00 +00:00
Kurt Zeilenga
e988e175a6
Minor fixes.
2000-01-08 18:51:27 +00:00
Kurt Zeilenga
6437785a82
Initial implementation of Kerberos password verification for
...
simple bind via:
{KERBEROS}principal
Code is disabled by default (for security reasons). Use
--enable-kpasswd to enable. Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support. Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Kurt Zeilenga
30411f8402
Add slappasswd to generate rootpw.
1999-12-16 02:18:50 +00:00
Kurt Zeilenga
b1639dadd6
Remove lint
...
Add copyrights
1999-12-13 04:53:59 +00:00
Kurt Zeilenga
431dad371c
Fix slapd SASL/ExternalOps encoding
...
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
1999-12-10 04:52:32 +00:00
Kurt Zeilenga
b973e61dda
Fix {CRYPT} and {UNIX} passwords
1999-12-09 01:24:38 +00:00
Kurt Zeilenga
5e12c84a6f
Add simple password test program.
...
Rework lutil_passwd routines to use struct berval instead of strings.
1999-12-09 01:11:16 +00:00
Kurt Zeilenga
aeb2de33d7
Found and fixed stupid bug in seeded hash generation.
1999-12-08 19:23:32 +00:00
Kurt Zeilenga
96a126e36a
Need to adjust len by saltlen
1999-12-08 07:07:18 +00:00
Kurt Zeilenga
26c7d69e8c
Update for new password codes for MSVC5
1999-12-08 06:44:22 +00:00
Kurt Zeilenga
d5edb4bff6
Reengineered ldappasswd(1). Uses extended operation to set
...
user password. Likely to be modified to use bind control
instead. Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Kurt Zeilenga
f4a0699311
Add macros to compute base64 encode/decode lengths.
1999-10-25 01:44:47 +00:00
Kurt Zeilenga
a284b641b7
Move crypt(3) prototypes from <ac/unistd.h> to <ac/crypt.h> (new) to
...
avoid clashes with Kth Kerberos.
1999-10-01 04:48:30 +00:00
Kurt Zeilenga
3c00fd6d23
Rework passwd routines to allow callers to determine which
...
schemes are supported. This should facilate server rootDSE
advertisement of supported schemes, etc..
1999-09-25 22:13:25 +00:00
Kurt Zeilenga
403f4479bc
Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
...
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Kurt Zeilenga
e4f6d54877
New dn2id format with base/one/subtree indices (ldbm/bdb2)
...
New id2entry (id-less) format (ldbm/bdb2)
Removed id2children (ldbm/bdb2)
Added nextid database (ldbm)
Broke ldbmtest
Removed ldif2* tools (ldbm/bdb2)
Added slap tools (slapadd, slapcat, slapindex)
1999-08-17 19:00:59 +00:00