using best available mechanism. (authzid prompting to be disabled)
To use simple bind, -x is required (implied if -P 2) with -D/-[Ww]
To use simple "anonymous" bind, just -x will do.
Also, as written, the code will behave better in the face of unsolicited
noticifications (such as notice of disconnect). However, code needs to
be improved to better distinguished such from expected result response.
Delete improvements are limited to base object delete. Should be applied
to -p[rune] option as well.
-R now ignored
-C added to chase. No rebind proc yet, no checking of appropriate authentication.
complain if non-critical TLS was not started.
Fail if requested version is not supported.
ldapdelete:
deletechildren modified to use ldap_search_ext_s()
fixed deletechildren dn memory leak
ldapsearch:
modified to use ldap_search_ext()
references, extended results, and extended partial results. LDIF
extended to support these new features and reported version 2.
-L now limits output to LDIFv1 for compatibility reasons. No
-L is now LDIFv2. Old alternative form is no longer supported.
Use LDAP_TMPDIR (in ldap_config.h) instead of hardcoded /tmp
Use LDAP_FILE_URI_PREFIX (in ldap_config.h) instead of hardcoded
file://tmp/
an internal flag set. Used for SEQUENCE testing. Flag must
be set using debugger. Modified ber_printf to use new format
were needed for extensibility testing.
Added first cut -lldap support for extended responses.
Modified ldapsearch(1) to handle v3 search references when not
chasing. Also added extended/unsolicited notification handling
and extended partial response handling. Changes include a
number of LDIF enhancements.
Fixed getpassphrase() returns NULL bugs
simple bind via:
{KERBEROS}principal
Code is disabled by default (for security reasons). Use
--enable-kpasswd to enable. Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support. Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
Includes support for update referral for each replicated backend.
Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world. Still testing in LDAPv3 world.
Added default referral (test009) test.
Check for ldap_set_option() error using LDAP_OPT_ERROR, not -1.
(probably should check != LDAP_OPT_SUCCESS instead).
Added additional usage errors.
Used return(EXIT_FAILURE) instead of exit(1).
Used DIRSEP instead of '/' && '\\'
Moved verbose output to stderr.
library use:
LBER_ macros expand to system routines.
LDAP_ macros expand to new ber_ allocators.
Add ber_ and ldap_ memory allocators/deallocator:
ber_ routines are wrappers of LBER_ macros.
ldap_ routines are wrappers of ber_ routines.
Removed safe_realloc() macro from various files. This issue
(if an issue) should be resolved across whole package.
ldapmodify.c now uses ber_ allocators to resolve ber_bvfree()
vs. WIN32 multiple heaps issue.
These changes should facilate implementation of
ber_set_option( NULL, LBER_OPT_MEMORY_FN, ...)
and
ldap_set_option( NULL, LDAP_OPT_MEMORY_FN, ...).
This commit includes many changes. All changes compile under NT but
have not been tested under UNIX.
A Summary of changes (likely incomplete):
NT changes:
Removed lint.
Clean up configuration support for "Debug", "Release", "SDebug",
and "SRelease" configurations.
Share output directories for clients, libraries,
and slapd. (maybe they should be combined further
and moved to build/{,S}{Debug,Release}).
Enable threading when _MT is defined.
Enable debuging when _DEBUG is defined.
Disable setting of NDEBUG under Release/SRelease. Asserts
are disabled in <ac/assert.h> when LDAP_DEBUG is not
defined.
Added 'build/main.dsp' Master project.
Removed non-slapd projects from slapd.dsp (see main.dsp).
Removed replaced many uses of _WIN32 macro with feature based
macros.
ldap_cdefs.h changes
#define LDAP_CONST const
(see below)
#define LDAP_F(type) LDAP_F_PRE type LDAP_F_POST
To allow specifiers to be added before and after
the type declaration. (For DLL handling)
LBER/LDAP changes
Namespace changes:
s/lber_/ber_/ for here and there.
s/NAME_ERROR/LDAP_NAME_ERROR/g
Deleted NULLMSG and other NULL* macros for namespace reasons.
"const" libraries. Installed headers (ie: lber.h, ldap.h)
use LDAP_CONST macro. Normally set to 'const' when
__STDC__. Can be set externally to enable/disable
'constification' of external interface. Internal
interface always uses 'const'. Did not fix warnings
in -lldif (in lieu of new LDIF parser).
Added _ext API implementations (excepting search and bind).
Need to implement ldap_int_get_controls() for reponses
with controls.
Added numberous assert() checks.
LDAP_R
_MT defines HAVE_NT_THREADS
Added numberous assert() checks.
Changed ldap_pthread_t back to unsigned long. Used cast
to HANDLE in _join().
LDBM
Replaced _WIN32 with HAVE_SYSLOG
ud
Added version string if MKVERSION is not defined. (MKVERSION
needs to be set under UNIX).
slapd
Made connection sockbuf field a pointer to a sockbuf. This
removed slap.h dependency on lber-int.h. lber-int.h now only
included by those files needing to mess with the sockbuf.
Used ber_* functions/macros to access sockbuf internals whenever
possible.
Added version string if MKVERSION is not defined. (MKVERSION
needs to be set under UNIX).
Removed FD_SET unsigned lint
slapd/tools
Used EXEEXT to added ".exe" to routines. Need to define EXEEXT
under UNIX.
ldappasswd
Added ldappasswd.dsp. Ported to NT. Used getpid() to seed rand().
nt_debug
Minor cleanup. Added "portable.h" include and used <ac/*.h> where
appropriate. Added const to char* format argument.
Update slap_op to maintain dn and ndn (derived from conn->c_dn).
Update ldbm_back_bind to return actual bound dn (including rootdn)
for use in slapd_conn. Other backends use client dn.
Modify other codes to use ndn (normalized uppercase dn) most everywhere.
Aliasing, Suffixing and modrdn could use more work.
Applied suffixing to compare and modrdn.
reindentation, and use of spaces instead of tab. Diffs will be reviewed
to identify and commit only functional changes as time permits.
Note: this is more my fault than Dave's. I should have provided
clearer guidance. Live and learn.
This could cause problems on odd systems. The generic
headers should be extended as needed to include necessary
system headers or, if necessary, make explicit declarations.
Extended ac/string.h header to look for string.h/strings.h if
STDC_HEADERS is not defined. Also provide basic declarations for
str*() functions. This could cause problems on odd systems.
Extended ac/unistd.h header to define basic declaration for misc
functions that might be missing from headers. This includes
externs for getenv(), getopt(), mktemp(), tempname().
Protect fax500.h from multiple inclusion. Moved includes of
system/generic headers back to source files.
Made mail500 helper functions static.
Fixed includes of ctype.h, signal.h, etc. to use generics.
lutil/tempname.c: was including stdlib.h twice, one should stdio.h.
Wrapped <sys/resource.h> with HAVE_SYS_RESOURCE_H.
lber/io.c/ber_get_next(): Changed noctets back to signed.
Used with BerRead which expects signed int as second arg and
returns signed int.