Commit Graph

60 Commits

Author SHA1 Message Date
Kurt Zeilenga
1e562b0d1f Make it all work. 2000-07-16 00:14:08 +00:00
Kurt Zeilenga
4d45c61600 Cleanup previous commit 2000-07-15 23:34:27 +00:00
Kurt Zeilenga
d2b05a3858 Rework SASL command line arguments. Default is now to authenticate
using best available mechanism.  (authzid prompting to be disabled)
To use simple bind, -x is required (implied if -P 2) with -D/-[Ww]
To use simple "anonymous" bind, just -x will do.
2000-07-15 23:25:46 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session.
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
f6cda93bd1 Correct improper ldap_result() result checking... 2000-07-04 21:59:41 +00:00
Kurt Zeilenga
20e6dcec3b Improved but still broken client tools. 2000-07-04 21:49:00 +00:00
Kurt Zeilenga
8be1d467b8 Add reporting of LDAPv3 referrals. Should also report returned controls.
Also, as written, the code will behave better in the face of unsolicited
noticifications (such as notice of disconnect).  However, code needs to
be improved to better distinguished such from expected result response.
Delete improvements are limited to base object delete.  Should be applied
to -p[rune] option as well.
2000-07-03 19:03:22 +00:00
Kurt Zeilenga
bf9231ac40 Round 2 of tools work.
-R now ignored
-C added to chase.  No rebind proc yet, no checking of appropriate authentication.
complain if non-critical TLS was not started.
Fail if requested version is not supported.
ldapdelete:
  deletechildren modified to use ldap_search_ext_s()
  fixed deletechildren dn memory leak
ldapsearch:
  modified to use ldap_search_ext()
2000-06-25 18:07:15 +00:00
Kurt Zeilenga
5f20cf1ed5 Modify ldapsearch(1) significantly. Now handles LDAPv3 search
references, extended results, and extended partial results.  LDIF
extended to support these new features and reported version 2.
-L now limits output to LDIFv1 for compatibility reasons.  No
-L is now LDIFv2.  Old alternative form is no longer supported.

Use LDAP_TMPDIR (in ldap_config.h) instead of hardcoded /tmp
Use LDAP_FILE_URI_PREFIX (in ldap_config.h) instead of hardcoded
	file://tmp/
2000-06-25 00:35:17 +00:00
Kurt Zeilenga
49f4147385 Added -llber 'N' ber_printf format which inserts a NULL if
an internal flag set.  Used for SEQUENCE testing.  Flag must
be set using debugger.  Modified ber_printf to use new format
were needed for extensibility testing.

Added first cut -lldap support for extended responses.
Modified ldapsearch(1) to handle v3 search references when not
chasing.  Also added extended/unsolicited notification handling
and extended partial response handling.  Changes include a
number of LDIF enhancements.

Fixed getpassphrase() returns NULL bugs
2000-06-24 01:40:39 +00:00
Kurt Zeilenga
f48234f5bf No need to include <lber.h> 2000-06-20 17:02:19 +00:00
Kurt Zeilenga
e7791e2f93 Adjust -Z[Z] usage statements
Change ldapsearch to only produce LDIF.
2000-06-19 16:19:59 +00:00
Kurt Zeilenga
701cc91e8d Fix getpassword bug 2000-06-14 03:07:33 +00:00
Kurt Zeilenga
5417fdfea7 Rename ldap_start_tls() to ldap_start_tls_s() for consistency sake.
Misc other header changes.
2000-06-13 20:45:30 +00:00
Kurt Zeilenga
8045b54124 Use getpassphrase() instead of getpass() if available. 2000-05-19 18:41:26 +00:00
Kurt Zeilenga
9267700fb9 Fix password handling for SASL 2000-05-16 02:16:54 +00:00
Kurt Zeilenga
0bb431d3b3 Y2k copyright update 2000-05-13 02:25:54 +00:00
Kurt Zeilenga
fe8be04237 Fix typos in version checking 2000-04-25 10:30:42 +00:00
Kurt Zeilenga
4ecf780e48 StartTLS requires LDAPv3
Set version to required protocol.
2000-04-20 14:15:39 +00:00
Kurt Zeilenga
c02d7e2cb6 ITS#503: Extend ldap tools to support SASL/TLS
Submitted by Gabor Gombas <gombasg@inf.elte.hu>
2000-04-20 09:23:51 +00:00
Kurt Zeilenga
870dbca576 objectclass=* -> NULL 2000-04-12 01:00:48 +00:00
Kurt Zeilenga
6437785a82 Initial implementation of Kerberos password verification for
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Kurt Zeilenga
cd5c29cdc4 Add checks to ensure arguments are consistent (v2 vs v3). 1999-12-12 05:05:20 +00:00
Gary Williams
6ec31e98ac No one complained, so here's the change to ldapdelete to add a -r switch to allow a branch of a directory tree to be removed. The DN provided is searched recursively until the leaf nodes are hit, then everything is deleted. 1999-12-03 18:29:03 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Kurt Zeilenga
ed0e5393b4 Disable REFERRALS. Should add -C/-CC/-R options (chase w/ prompting,
chase w/o prompting, disable referrals).
1999-09-05 19:20:01 +00:00
Hallvard Furuseth
c09a2c63e7 Cleanup:
Fix printf formats, remove unused variables, add missing prototypes in slapd,
add static/const, add some return types or change to void return type.
1999-09-02 08:05:17 +00:00
Hallvard Furuseth
553b40e6f8 Initialize rc 1999-09-01 05:14:42 +00:00
Kurt Zeilenga
f846eee613 Add copyright notices. 1999-08-04 23:55:45 +00:00
Kurt Zeilenga
df8f7cbb9b s/exit(1)/exit(EXIT_FAILURE)/
s/exit(0)/exit(EXIT_SUCCESS)/
add <ac/stdlib.h> where needed and other minor header adjustments
1999-08-03 18:14:24 +00:00
Kurt Zeilenga
73276e84ae Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS.
Includes support for update referral for each replicated backend.
	Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world.  Still testing in LDAPv3 world.
Added default referral (test009) test.
1999-07-16 02:45:46 +00:00
Kurt Zeilenga
341e3681d6 s/NULL/'\0'/ where appropriate 1999-07-01 04:39:42 +00:00
Kurt Zeilenga
757631d205 Attempt to whip user password from command line. 1999-06-29 18:59:11 +00:00
Kurt Zeilenga
4dfba74846 Check for not LDAP_OPT_SUCCESS instead of LDAP_OPT_ERROR. 1999-06-22 05:47:14 +00:00
Kurt Zeilenga
21c70857f1 s/<stdlib.h>/<ac/stdlib.h>/ 1999-06-03 00:37:44 +00:00
Kurt Zeilenga
16366cff99 Add warnings if ldap_set_option() fails.
Check for ldap_set_option() error using LDAP_OPT_ERROR, not -1.
(probably should check != LDAP_OPT_SUCCESS instead).
Added additional usage errors.
Used return(EXIT_FAILURE) instead of exit(1).
Used DIRSEP instead of '/' && '\\'
Moved verbose output to stderr.
1999-05-29 18:53:40 +00:00
Kurt Zeilenga
1bcec8bf6a Add LBER_ and LDAP_ memory allocators/deallocators for internal
library use:
  LBER_ macros expand to system routines.
  LDAP_ macros expand to new ber_ allocators.

Add ber_ and ldap_ memory allocators/deallocator:
  ber_ routines are wrappers of LBER_ macros.
  ldap_ routines are wrappers of ber_ routines.

Removed safe_realloc() macro from various files.  This issue
(if an issue) should be resolved across whole package.

ldapmodify.c now uses ber_ allocators to resolve ber_bvfree()
vs. WIN32 multiple heaps issue.

These changes should facilate implementation of
  ber_set_option( NULL, LBER_OPT_MEMORY_FN, ...)
and
  ldap_set_option( NULL, LDAP_OPT_MEMORY_FN, ...).
1999-05-29 01:19:14 +00:00
Kurt Zeilenga
dc07e765f2 Vienna Bulk Commit
This commit includes many changes.  All changes compile under NT but
have not been tested under UNIX.

A Summary of changes (likely incomplete):

NT changes:
	Removed lint.
	Clean up configuration support for "Debug", "Release", "SDebug",
		and "SRelease" configurations.
	Share output directories for clients, libraries,
		and slapd.  (maybe they should be combined further
		and moved to build/{,S}{Debug,Release}).
	Enable threading when _MT is defined.
	Enable debuging when _DEBUG is defined.
	Disable setting of NDEBUG under Release/SRelease.  Asserts
		are disabled in <ac/assert.h> when LDAP_DEBUG is not
		defined.
	Added 'build/main.dsp' Master project.
	Removed non-slapd projects from slapd.dsp (see main.dsp).
	Removed replaced many uses of _WIN32 macro with feature based
		macros.

ldap_cdefs.h changes
	#define LDAP_CONST const
		(see below)
	#define LDAP_F(type) LDAP_F_PRE type LDAP_F_POST
		To allow specifiers to be added before and after
		the type declaration.  (For DLL handling)

LBER/LDAP changes
	Namespace changes:
		s/lber_/ber_/ for here and there.
		s/NAME_ERROR/LDAP_NAME_ERROR/g
	Deleted NULLMSG and other NULL* macros for namespace reasons.
	"const" libraries.  Installed headers (ie: lber.h, ldap.h)
		use LDAP_CONST macro.  Normally set to 'const' when
		__STDC__.  Can be set externally to enable/disable
		'constification' of external interface.  Internal
		interface always uses 'const'.  Did not fix warnings
		in -lldif (in lieu of new LDIF parser).

	Added _ext API implementations (excepting search and bind).
		Need to implement ldap_int_get_controls() for reponses
		with controls.

	Added numberous assert() checks.

LDAP_R
	_MT defines HAVE_NT_THREADS
	Added numberous assert() checks.
	Changed ldap_pthread_t back to unsigned long.  Used cast
	to HANDLE in _join().

LDBM
	Replaced _WIN32 with HAVE_SYSLOG

ud
	Added version string if MKVERSION is not defined.  (MKVERSION
		needs to be set under UNIX).

slapd
	Made connection sockbuf field a pointer to a sockbuf.  This
		removed slap.h dependency on lber-int.h.  lber-int.h now only
		included by those files needing to mess with the sockbuf.
	Used ber_* functions/macros to access sockbuf internals whenever
		possible.
	Added version string if MKVERSION is not defined.  (MKVERSION
		needs to be set under UNIX).
	Removed FD_SET unsigned lint

slapd/tools
	Used EXEEXT to added ".exe" to routines.  Need to define EXEEXT
		under UNIX.

ldappasswd
	Added ldappasswd.dsp.  Ported to NT.  Used getpid() to seed rand().

nt_debug
	Minor cleanup.  Added "portable.h" include and used <ac/*.h> where
	appropriate.  Added const to char* format argument.
1999-05-19 01:12:33 +00:00
Hallvard Furuseth
786bbe4fc1 enclose macro arguments in () 1999-04-30 00:35:27 +00:00
Kurt Zeilenga
ba0c0e022c Fix ldap_send_initial_request() to open connection if not already
openned (by ldap_open()).  This allows ldap_init() to function
properly!
1999-01-31 01:09:00 +00:00
Kurt Zeilenga
52ca931b70 ignore SIGPIPE 1999-01-20 22:01:14 +00:00
Kurt Zeilenga
e2a15115b0 Update slap_conn to maintain client provided dn and bound dn.
Update slap_op to maintain dn and ndn (derived from conn->c_dn).
Update ldbm_back_bind to return actual bound dn (including rootdn)
	for use in slapd_conn.  Other backends use client dn.
Modify other codes to use ndn (normalized uppercase dn) most everywhere.
Aliasing, Suffixing and modrdn could use more work.
Applied suffixing to compare and modrdn.
1999-01-19 05:10:50 +00:00
Kurt Zeilenga
8d1523c503 Make ldap_set_option options optional. 1998-12-29 05:33:34 +00:00
Dave Storey
61b430be33 Add support for -P protocol_version. 1998-12-27 14:08:46 +00:00
Kurt Zeilenga
a3ac3be6a7 Added lber_get/set_option. Removed lber_debug/ldap_debug.
Updated other codes as needed.
1998-12-22 01:34:01 +00:00
Dave Storey
9697ad210a Added support for password prompting. (-W switch) 1998-12-15 02:00:09 +00:00
Dave Storey
d8090dea55 Streamlined Kerberos Code. 1998-12-14 20:39:02 +00:00
Kurt Zeilenga
65e4923d75 Backout previous changes made by Dave as they excessive reformatting,
reindentation, and use of spaces instead of tab.  Diffs will be reviewed
to identify and commit only functional changes as time permits.
Note: this is more my fault than Dave's.   I should have provided
clearer guidance.   Live and learn.
1998-12-14 10:10:41 +00:00
Dave Storey
84c774854f Updated Kerberos code, password prompting, detailed usage(). <dave@tamos.net> 1998-12-12 06:05:44 +00:00
Kurt Zeilenga
b5494457d8 Remove extern declarations of library functions from source.c.
This could cause problems on odd systems.  The generic
  headers should be extended as needed to include necessary
  system headers or, if necessary, make explicit declarations.
Extended ac/string.h header to look for string.h/strings.h if
  STDC_HEADERS is not defined.  Also provide basic declarations for
  str*() functions.  This could cause problems on odd systems.
Extended ac/unistd.h header to define basic declaration for misc
  functions that might be missing from headers.   This includes
  externs for getenv(), getopt(), mktemp(), tempname().
Protect fax500.h from multiple inclusion.  Moved includes of
  system/generic headers back to source files.
Made mail500 helper functions static.
Fixed includes of ctype.h, signal.h, etc. to use generics.
lutil/tempname.c: was including stdlib.h twice, one should stdio.h.
Wrapped <sys/resource.h> with HAVE_SYS_RESOURCE_H.
lber/io.c/ber_get_next(): Changed noctets back to signed.
  Used with BerRead which expects signed int as second arg and
  returns signed int.
1998-11-16 05:07:27 +00:00