mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,271 Commits 38 Branches 307 Tags 74 MiB
7666bb7482
Commit Graph

126 Commits

Author SHA1 Message Date
Howard Chu
73207c7110 Replace HACK in slap_sasl_canonicalize with safer test. 2002-09-05 11:01:12 +00:00
Howard Chu
3099d89d9e Don't use sasl_set_alloc on Cyrus 2, it manages all of its memory 
internally and we don't want to get in the way.
 2002-09-02 22:25:26 +00:00
Kurt Zeilenga
bfa89d6e15 Include lber_pvt.h 2002-08-28 16:47:04 +00:00
Howard Chu
9c4f89c6f7 Added no-op sasl_client_auth if SASL_VERSION_MAJOR < 2. 2002-08-28 08:33:24 +00:00
Kurt Zeilenga
aa36f5d049 cleanup 2002-08-28 07:30:57 +00:00
Howard Chu
3cb7a09eb0 Added check for Cyrus SASL sasl_version() 2002-08-28 07:12:22 +00:00
Howard Chu
925714ceef Experimental cruft to propagate valid Operation to SASL callbacks. 
If you have a better way, jupm on in...
 2002-08-24 07:34:50 +00:00
Kurt Zeilenga
23efa07a99 use ldap_charray_*() instead of charray_*() 2002-08-24 00:55:24 +00:00
Howard Chu
505a141c75 Use search callbacks in slap_sasl_checkpass and slap_auxprop_lookup, 
use ACL_AUTH for acl checks.
 2002-08-20 05:32:54 +00:00
Pierangelo Masarati
3a26ef5bbb silence warnings 2002-08-16 16:33:22 +00:00
Howard Chu
e14f471a27 Add #include "lutil.h" for lutil_str* functions 2002-08-06 02:36:34 +00:00
Kurt Zeilenga
d38d19edc1 Fix lutil_str*() warnings 2002-08-05 17:56:13 +00:00
Kurt Zeilenga
eb581e43e7 Fix for: 
SASL regex segmentation faults with group based acls (ITS#1978)
based, in part, by patch submitted by Simon Wilkinson <simon@sxw.org.uk>.
 2002-07-28 07:27:55 +00:00
Howard Chu
5a01db28e3 Moved slap_strcopy, slap_strncopy to lutil_strcopy, lutil_strncopy 2002-07-27 00:24:02 +00:00
Julius Enarusai
2168be2b4a Converted LDAP_LOG messages to use new Macro 2002-07-23 00:01:53 +00:00
Howard Chu
7fdb38bca9 Fix previous commit - the stub was never needed. 2002-07-12 23:43:46 +00:00
Howard Chu
f9cbbc6770 Fix order of params to sasl_setpass. Added initial stub for setpass to 
change in-directory password.
 2002-07-12 20:55:12 +00:00
Julius Enarusai
6107ba67d2 Coverted LDAP_LOG macro to use subsystem ID int values instead of string values 2002-07-11 20:33:24 +00:00
Howard Chu
07a34489c6 Added saslAuthzTo and saslAuthzFrom to system schema. 
Added sasl-authz-policy config keyword to control proxy authorization.
Moved sasl-related config processing to sasl.c:slap_sasl_config().
Moved other global defs used only in saslauthz.c into saslauthz.c.
 2002-06-14 08:10:14 +00:00
Howard Chu
a5cd5535e8 Fix typo in previous commit 2002-06-12 04:12:51 +00:00
Howard Chu
6d1a322f73 Finished slap_sasl_setpass for Cyrus 1.5; Cyrus 2.1 is incomplete. 
Added conn->c_sasl_dn, streamlined slap_sasl_bind.
 2002-06-12 04:05:48 +00:00
Kurt Zeilenga
1410b3e7d9 An almost complete slap_sasl_setpass() 2002-06-12 00:13:29 +00:00
Howard Chu
856e21296a Cleanup log msg 2002-05-12 19:21:12 +00:00
Howard Chu
2d94a2016c Check for NULL before comparing authcid 2002-05-12 18:42:43 +00:00
Howard Chu
d7060d19f3 Skip processing if canonicalization is invoked redundantly (SASL PLAIN). 
Truncate large username instead of failing with SASL_BUFOVER; we only care
about the DN anyway. (SASL 2 only)
 2002-05-12 18:40:37 +00:00
Howard Chu
aea521bec2 Fix, SASL authzIDs might not be NUL-terminated. prop names must only be 
set once; setting erases all existing values.
 2002-05-11 20:19:55 +00:00
Howard Chu
da7a5a8e79 Fix typo in 1.97 2002-05-11 19:24:04 +00:00
Howard Chu
dfae2441eb Cleaned up getdn normalization 2002-05-11 08:07:18 +00:00
Howard Chu
379f84ba47 Fix previous commit, free in wrong place 2002-05-11 06:58:13 +00:00
Howard Chu
b057507e23 Cleanup HAVE_TLS dependencies, cleanup username with embedded realm handling 2002-05-10 19:26:35 +00:00
Howard Chu
da36670ea3 Don't use slap_empty_bv in structures that are expected to be free'able. 2002-05-08 23:16:17 +00:00
Howard Chu
fbe4785c5a Delete unused CANON_BUF_SIZE #define 2002-05-07 23:29:19 +00:00
Howard Chu
6f47e13147 Cyrus 2 support now requires Cyrus 2.1.3. Adds support for in-directory 
SASL secrets. (Only works with plaintext userpassword tho.)
 2002-05-07 23:08:23 +00:00
Howard Chu
cef9fcf78b Fix check for "anonymous" in sasl_getdn 2002-04-27 03:44:23 +00:00
Howard Chu
8a5423ea8d deleted sasl_external_x509dn_convert; X509 DNs are always converted to 
normalized LDAP DNs now.

Changed dnDCEnormalize to dnX509normalize, added dnX509peerNormalize,
based on new ldap_X509dn2bv() etc.
 2002-04-18 12:26:36 +00:00
Howard Chu
b3c7c9e3ce Delete more unused code, no need to fetch REALM in slap_sasl_bind 2002-04-17 19:47:34 +00:00
Kurt Zeilenga
7ee5d2612b Fix ssf declaration 2002-04-17 17:56:30 +00:00
Howard Chu
1dea5905c6 More SASL DN simplification. No more "dn:" prefix used anywhere internally. 2002-04-17 07:56:46 +00:00
Howard Chu
1bbd51da77 ITS#1712, rewritten dn_openssl2ldap(). Added dnDCEnormalize(), used by 
dn_openssl2ldap() and sasl_external_x509dn_convert. Fixed realm handling
for foreign Kerberos realms embedded in usernames.
 2002-04-16 08:46:25 +00:00
Howard Chu
66602e8faa Fix name canonicalization and authorization for Cyrus SASL 2.x 2002-04-14 04:27:46 +00:00
Howard Chu
a73ffbe3cd Previous commit included undesired changes. 2002-04-14 04:15:17 +00:00
Howard Chu
9b958147f8 Fix previous commit, == instead of != 2002-04-13 17:27:02 +00:00
Howard Chu
17433a8412 Fix ITS#1722 - IPv4 addresses also need to be massaged for sasl_server_new. 2002-04-11 10:04:29 +00:00
Howard Chu
70d4ef9a85 ITS#1714 dn->bv_val malloc len+1 2002-04-05 06:34:15 +00:00
Kurt Zeilenga
2f7858044e ITS#1636 fix 2002-03-11 03:05:43 +00:00
Kurt Zeilenga
ec34550487 Note that we likely need to make some of this conditional. 2002-02-11 20:33:27 +00:00
Kurt Zeilenga
d23c559646 Don't use 'shtool mkln' as ln(1) replacement. 
Allow both <sasl/sasl.h> and <sasl.h>
 2002-02-11 08:28:51 +00:00
Kurt Zeilenga
f3548d371f notes needs for future additions 2002-02-11 01:58:36 +00:00
Kurt Zeilenga
5e31e90c74 Fix compile error properly 2002-02-10 18:05:04 +00:00
Kurt Zeilenga
b315d8af34 Update Cyrus SASL detection to always look for <sasl.h> regardless 
of version and then try -lsasl2 and -lsasl.  Make SASL code
conditional on SASL_VERSION_MAJOR, not HAVE_CYRUS_SASL.
 2002-02-10 17:51:19 +00:00