manpage carefully. One should pass strcasecmp to ldap_sort_entries, not
ldap_sort_strcasecmp. Ldap_sort_strcasecmp is for ldap_sort_values, NOT
ldap_sort_entries.
provide prototype in lutil.h
use LBER_SOCKET_T instead of int in prototype. (didn't use
ber_socket_t so all of lber.h wouldn't have be dragged in)
rename signal handlers, use RETSIGTYPE, and make SIGHUP wake
rename fd to sd to reflect descriptor must be usable as a socket.
renamed sel_exit_fds to wake_sds to reflect current use
improve readability of sockpeer.c including removing obtuse goto.
result was leaking ber's in some error cases. ber_flush now called
with no freeing so that caller of send_ldap_ber() can free its own ber.
c->c_currentber was also being leaked if connection was destory
current when a PDU input was outstanding.
Fixed ber_flush to free ber upon write only to file.
to validate input dn's BEFORE sending dn's to server.
Also fixed getfilter to use REG_EXTENDED|REG_NOSUB. (and fixed one
case where REG_BASIC was still used).
s/strdup/LDAP_STRDUP/
Added ldap_pvt_str2lower/upper
reflect its purpose. Modify switch to support REG_EXTENDED expressions.
Use REG_EXTENDED instead of REG_BASIC everywhere.
Modify <ac/regex.h> to support <gnuregex.h> for testing purposes.
Requires: env CPPFLAGS="-DHAVE_GNUREGEX_H=1" LIBS=-lgnuregex ./configure
Needs a bit more work.
- global net/api timeouts are not inherited on session creation.
- need configure check for inet_aton() (coming soon)
- ioctl/fcntl portability issues (should share implementation
with lber routines)
ldapsearch:
use draft guidelines for determining when to use
-t only writes binary attributes to files
-tt writes all attributes to files
output now lists URL instead of path to such files
-T dir can be used to specify directory to create temp files in
-V urlprefix can be used to change the URL prefix
LDIF is now commented (can be disabled using -LL)
LDIF now contains version attribute (can be disabled with -LLL)
LDIF:
put interface changed to allow caller to specify how to encode
put interface uses draft guidelines for determine when to base64 encode
wrapping kludged to match old off by one bug
Tests:
removed trailing space from some attributes (to avoid base64 encoding)
enabled -LLL in defines.sh (should sed output to remove
wrapping/comments/redundant separators)
Misc:
updated codes outputting LDIF to use new put interface
TODO:
handling of version attribute on input
handling of URLs on input (ie: fetch URL)
time, skipping the filter, for instance. Also, we were parsing
twice the scope and the filter. I think this change is right,
but could use more eyeballs...
by <who> <access> changed to by <who>+ <access> (joined with AND)
added peername=<regex> sockname=<regex> url=<regex>
removed addr=<regex> (use peername instead).
replace dn_upcase with str2upper and str2lower. Use where needed.
not yet user-settable. Defaults "on" for now.
Partial support for temporary RSA keys, skeleton for DH.
Add call to X509V3_add_standard_extensions() on init, mod_ssl
does this too, but I am unsure about what it does.
Move management of client CA certificates to a new routine, since
it is going to get more complex than the current code.
be implemented.
The rest of this change mostly contains random ideas taken from
mod_ssl. The purpose is to get the repository in sync with the
code I am testing. I still can't manage to make Netscape send
its certificate to slapd, though it works with Apache/mod_ssl
(with the same certificates). Trying s_client against both
does not shed any light. If anyone manages to make it work,
please let us know.
Includes support for update referral for each replicated backend.
Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world. Still testing in LDAPv3 world.
Added default referral (test009) test.
More error checking and reporting.
Slowly getting there, SSL_accept succeeds now, but connection breaks
immediately after that (my glue logic with slapd is broken).
Change temporarily the default protocol from TLSv1 to SSLv3 with
fallback to SSLv2. This seems necessary for slapd to accept connections
from Netscape.
Try to set the cipher list in the default context. Does not semm to
work yet.
specific which methods may be used. This will facilate development
of a slapd config directive "passwordMethod ..." to specify which
methods should be allowed.
used to fetch the pw_passwd which is than passwd to crypt().
getspnam() is used instead of getpwnam() when available.
Added configration detection of pw_passwd, shadow.h, getpwnam()
and getspnam().
added lber_types.h.nt, lber_types.h.in
removal of NULLxxx internal macros (in favor of NULL).
ch_free added to slapd,slurpd/ch_malloc.c
#define free ch_free (should be removed after s/free/ch_free/g) in proto-slap.h
ch_malloc and friends use ber_memalloc and friends
ldap_defaults.h incorporates non-generated ldapconfig.h values.
ldap_config.h.in is new template for autoconf generated defaults
(namely directories and paths)
ldap_config.h.nt, NT template (must be manually copied)
s/<ldapconfig.h>/<ldap_defaults.h>/
s/DIRSEP/LDAP_DIRSEP/ & s/DEFAULT_/LDAP_/
setting to parse_noidlen so that it can grok that.
Propagate be_liberal parse_oids so that it only accepts a qdstring when
necessary (i.e. in SUP) to cater for another Netscapism.
Added place holder for LDAP_FILTER_EXTENDED code.
Added assert() here and there and removed lint.
Removed version promotion code (version must be manually set).
Added messages.c to MSVC project.
Make _MOD_SOFTADD 0x1000 to minimize chance of conflict with legit changes
to API spec.
Fix memory leak in ldap_mods_free() and minor memory allocator issues.
includes single to multiple hooks changes.
ber_mem* reimplementation.
namespace glue (finally naming has not be decided upon nor implemented).
Added ldap_int_strdup to handle "internal" strdup'ing, this version uses hooks.
ldap_pvt_strdup still available for when strdup() is missing, this version
directly uses system allocators.
Updated -lldif to use ber allocators. Items returned by ldif routines
should be ber_memfree()d as needed.
library use:
LBER_ macros expand to system routines.
LDAP_ macros expand to new ber_ allocators.
Add ber_ and ldap_ memory allocators/deallocator:
ber_ routines are wrappers of LBER_ macros.
ldap_ routines are wrappers of ber_ routines.
Removed safe_realloc() macro from various files. This issue
(if an issue) should be resolved across whole package.
ldapmodify.c now uses ber_ allocators to resolve ber_bvfree()
vs. WIN32 multiple heaps issue.
These changes should facilate implementation of
ber_set_option( NULL, LBER_OPT_MEMORY_FN, ...)
and
ldap_set_option( NULL, LDAP_OPT_MEMORY_FN, ...).
Added validation to exposed opaque data structures (BerElement, Sockbuf,
and LDAP). Added macros BER_VALID, SOCKBUF_VALID, LDAP_VALID.
Added ber_pvt_ber_bytes() and ber_pvt_ber_remaining() macros to hide
some ber internals. These really should be handled by ber_get_option().
added comments
removed LDAP_MAX_ATTR_LEN
removed LDAP_COMPAT* from <ldap.h> but not code.
move LDAP_DEFAULT_REFHOPCOUNT to ldap-int.h
added experimental options macros
added LDAP_CONTROL_REFERRALS macros
libldap:
Replace ld_attrbuffer with per use allocated attributed.
ldap_first/next_attribute attributes now must be freed (as per draft).
unifdef -DLDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS
This commit includes many changes. All changes compile under NT but
have not been tested under UNIX.
A Summary of changes (likely incomplete):
NT changes:
Removed lint.
Clean up configuration support for "Debug", "Release", "SDebug",
and "SRelease" configurations.
Share output directories for clients, libraries,
and slapd. (maybe they should be combined further
and moved to build/{,S}{Debug,Release}).
Enable threading when _MT is defined.
Enable debuging when _DEBUG is defined.
Disable setting of NDEBUG under Release/SRelease. Asserts
are disabled in <ac/assert.h> when LDAP_DEBUG is not
defined.
Added 'build/main.dsp' Master project.
Removed non-slapd projects from slapd.dsp (see main.dsp).
Removed replaced many uses of _WIN32 macro with feature based
macros.
ldap_cdefs.h changes
#define LDAP_CONST const
(see below)
#define LDAP_F(type) LDAP_F_PRE type LDAP_F_POST
To allow specifiers to be added before and after
the type declaration. (For DLL handling)
LBER/LDAP changes
Namespace changes:
s/lber_/ber_/ for here and there.
s/NAME_ERROR/LDAP_NAME_ERROR/g
Deleted NULLMSG and other NULL* macros for namespace reasons.
"const" libraries. Installed headers (ie: lber.h, ldap.h)
use LDAP_CONST macro. Normally set to 'const' when
__STDC__. Can be set externally to enable/disable
'constification' of external interface. Internal
interface always uses 'const'. Did not fix warnings
in -lldif (in lieu of new LDIF parser).
Added _ext API implementations (excepting search and bind).
Need to implement ldap_int_get_controls() for reponses
with controls.
Added numberous assert() checks.
LDAP_R
_MT defines HAVE_NT_THREADS
Added numberous assert() checks.
Changed ldap_pthread_t back to unsigned long. Used cast
to HANDLE in _join().
LDBM
Replaced _WIN32 with HAVE_SYSLOG
ud
Added version string if MKVERSION is not defined. (MKVERSION
needs to be set under UNIX).
slapd
Made connection sockbuf field a pointer to a sockbuf. This
removed slap.h dependency on lber-int.h. lber-int.h now only
included by those files needing to mess with the sockbuf.
Used ber_* functions/macros to access sockbuf internals whenever
possible.
Added version string if MKVERSION is not defined. (MKVERSION
needs to be set under UNIX).
Removed FD_SET unsigned lint
slapd/tools
Used EXEEXT to added ".exe" to routines. Need to define EXEEXT
under UNIX.
ldappasswd
Added ldappasswd.dsp. Ported to NT. Used getpid() to seed rand().
nt_debug
Minor cleanup. Added "portable.h" include and used <ac/*.h> where
appropriate. Added const to char* format argument.
Move all SunOS routines (ie: _sleep() and its helpers) to thr_lwp.c
so that it's internals can be 'static'. Add 'static' to thr_lwp.c.
Add comment to LWP: NEEDS WORK, may not compile! Need some
SunOS user to sort out the details. Volunteers?
Removed external include/library paths from projects. External paths should
be set via Tools | Options | Directories. This allows each developer the
freedom to install external libraries where they desire.
Used libdb.lib instead of libdbs.lib to avoid thread conflicts.
Added hs_regex.lib to library input. We require some form of regex, this
library works (and is relatively easy for the user to install).
Removed a little lint which MCVC5 detected.
Need to sort out single-threaded vs multithreaded library generation.
tcp_close -> closesocket
ioctl -> ioctlsocket
Modify codes to use tcp_close() instead of close() for sockets.
Modify ioctl codes to be compatible with WINSOCK.
library, not header. Eliminate need for <ac/unistd.h> to sometimes
include <fcntl.h> and/or <sys/file.h>. Change lock API to expect
fd not FILE*. Allows wider use and eliminates requirement that
lutil_lockf.h depencency on stdio.h.
Implemented lockf, fcntl, and flock locking in lutil/lockf.c.
Additional implementations (including no-op) may be needed.
Update slapd/lock.c and slurpd/lock.c to use new API.
by portable.h with NDEBUG undefined. This makes assert() is always
available and automatically disables itself when LDAP_DEBUG is undefined.
I've included a basic assert() for pre-STDC compilers. It relies on
abort() which may not actually be available. (well replace abort()
with whatever is appropriate if and when we're faced with a pre-STDC
compiler that doesn't have assert()).
lber: ifdef'ed out lber_..set_nonblock() function because it used ioctl's.
If it remains, it needs to be written to support various methods for
setting non-blocking. ioctls should probably be last choice. configure
could detect existance of fcntl(), ioctl(), etc.
bdb2:
added .dsp/.dsw files and did some basic cleanup (still needs work).
which only part of a LDAPMessage is available on a socket.
The server-code seemed to handle this correctly already, so I didn't touch
it.
My apologies for the hack in ber_get_next :-).
Implementation no longer uses strtok_r(), it may be broken
or have an odd prototype.
Update configure not to check for strtok/strtok_r nor require
strtok_r to LDAP_API_FEATURE_X_OPENLDAP_REENTRANT.
Integration into ./configure ( --enable-bdb2 ).
Adaptation of the test-suite ( 'make' -> ldbm; 'make bdb2-local' -> bdb2 ).
Minor fixes in slapd/libldbm.
Separates per backend type from per backend database initialization
and startup. Also supports per type / per backend shutdown.
New frontend startup/shutdown routines are also provided:
slap_init() slap_startup() slap_shutdown() slap_destroy()
New frontend->backend startup/shutdown is managed by:
backend_init() backend_startup() backend_shutdown backend_destroy
backend_init() now calls bi_init() to initial all function pointers
for the backend (excepting bi_init() which is now the only hardcoded
entry point). New entry points are detailed in slap.h struct
backend_info. backend_info is a per database type structure.
Besides the new startup/shutdown entry points, the new interface
also supports per backend type configuration options. One could have:
backend bdb2 (new Berkeley DB 2 backend)
bdb2_home /directory
database bdb2
...
*** This code is fairly experimental ***
*** Much cleanup and testing is still needed ***
see slap.h for details on struct backend_db and backend_info.
okay to read and write LDBM specific fields (state, refcnt,
LRU. The id field, though is read-only once set.
cache_find_entry_dn2id(), hence, does not require any entry locks.
cache_find_entry_id() must do a entry_rdwr_trylock() and back
off if busy.
Add new rdwr lock code with trylock() functionality.
Implement entry_rdwr_trylock().
Likely broke things for non-posix threadings....
Update -lldap_r implementation to:
remove attribute support
hide thread detachment
provide concurrency accessors
provide initialization function
fix gethostby{addr,name}_r codes (not coverred by HAVE_REENTRANT_FUNCTIONS)
Update servers/libraries to use ldap_pvt_thread_ calls.
Cleanup server codes (no #ifdef HAVE_PTHREAD_THIS or _THATs)!
Removed -llthread
back-ldbm was using a cache specific lock to protect non-reentrant
database routines from being reenterred. This is inadequate.
Also, reentrant database systems calls were serialized unnecessarily.
Non-reentrant database calls must have a big_mutex. Implemented
this within -lldbm itself. library requires ldbm_initialize()
be called before any other ldbm call to initialize the big_mutex
and to do any other db specific initialization (ie: such as
required for DB2).
The dbc_mutex, dbc_cv, & dbc_readers fileds of dbcache are history.
The "reentrant_database" (REENTRANT_DATABASE) define is also axed.
Redefine Debug macro to call ldap_log_printf(NULL, lvl, fmt, ...)
Should replace each Debug statement with direct call to ldap_log_printf
passing LDAP session if available.
libldap/string.c will hold various string.h replacements.
Removed liblutil/strdup.c
Moved ldap_pvt_strtok to string.c.
Moved prototype of ldap_pvt_strtok to <ac/string.h>.
Added #define strtok_r ldap_pvt_strtok (if strtok_r doesn't exist).
BerElement argument per latest IETF ldapext draft c api spec.
That is, caller is solely responsible for freeing the BerElement
allocated and returned by ldap_first_attribute.
Update man pages accordingly.
Update applications accordingly.
simulated with strspn and strpbrk. If strspn or strpbrk aren't there, they
will be supplied.
In addition, the memory-handling of the ldap_int_gethostby's is better now.
end of link. Basic order is:
$LDFLAGS internal-libs external-libs $LIBS $LTHREAD_LIBS
LTHREAD_LIBS is last as -lpthread (or equiv) must be last on many systems.
LIBS is next to last as some user might have put -lpthread (or equiv)
in $LIBS.
of a busy wait and allow the pthread_yield within the loop to be
removed. This was the only pthread_yield which was necessary
when usng non-preemptive threads. As such, the configure.in
sched_yield/pthread_yield missing error can be removed from
configure.in. If explicit yield function is missing, just provide
a no-op replacement.
Moved declaration of various slapd globals from main.c to init.c
so they can be shared with ldbm tools.
make depend, make tests, and make install all work when build directory
is not the $srcdir.
Also modified library handling such that -lpthread more likely to be last.
WARNING: new orderring requires use of LDFLAGS to set global loader options
such as -L/usr/local/lib. If you put this in LIBS, some libraries
may not be found a link time.
Likely broke Kerberos/LDAPD support. Don't have those in my testbed.
- slapd's pid/args file names are based on the servers binary file names,
providing for multiple servers beeing run on one host.
- slapd supports the -l command line parameter for selection of a
syslog LOCAL user (-lLOCAL0 .. -lLOCAL7)
- db_appinit() is called during first ldbm_open() in DB 2.x to initialize
DB debugging features (good to find bugs in the DB code :-)
- a patch for a non-initialized variable in DB's 2.x db_open is provided.
one preprocessor macro instead of two. Ran aclocal, autoconf,
autoheader to update derived files. Modify util-int.c to use
CTIME_R_NARGS define and fallback to ctime() if not set.
Made LDAP_API_FEATURE_X_OPENLDAP_REENTRANT dependent upon result.
Add check for to configure.in vsprintf, since HAVE_VSPRINTF is presumably
what was intended there. Finally, also protected a bunch of if test
expressions with double quotes, as they were producing illegal test
commands.
struct friendly (Friendly) changed to ldap_friendly (LDAPFriendly)
ldap_friendly friend prefix changed to 'lf_' from 'f_'
removed mod_next field from LDAPMod (struct ldapmod)
modified slapd to use new LDAPModList (struct ldapmodlist) struct.
Added LDAPv3 result codes to ldap.h
including use of ctime_r, gethostby*_r, etc.. Also reworked ldap_sort_entries
to be reentrant.
Need to add code to properly set LDAP_API_FEATURE_THREAD_SAFE.
Remove MD5 and SHA1 options (both are now always on). Rename
functions to be lutil_ instead of ldap_.
Create --enable-cleartext option. Default is currently 'on'.
default sysconfdir subdirectory is openldap instead of ldap.
This removes conflicts with other ldap subsystems. Should
be configure option.
*.conf files are now preserved. A *.conf.default are always
created with the latest conf.
*.help and ldapfriendly are now placed in $(datadir)/$(ldap_subdir)
updated man pages to reflect changes.
give "/foo", then it will check $HOME/foo, $HOME/./foo, then /foo.
This might not be what the installer hand it mind... but then again
may be it is.
w_userconf and w_conf both now use NULL arguments to disable conf loading.
Updated to use libtool 1.2 (with FreeBSD3.0 a.out v. elf detection).
Updated autoconf to 1.12 with sed patch (don't use stock 1.12).
aclocal.m4 is built using automake's aclocal, v1.3.
Updated mkdep to support libtool .lo files.
Updated automake provided macros for TERMIOS, STRTOD, MKTIME, PTRDIFF_T
Autoconf now checks to ensure C compiler supports ANSI C prototypes.
Updated make files templates.
This could cause problems on odd systems. The generic
headers should be extended as needed to include necessary
system headers or, if necessary, make explicit declarations.
Extended ac/string.h header to look for string.h/strings.h if
STDC_HEADERS is not defined. Also provide basic declarations for
str*() functions. This could cause problems on odd systems.
Extended ac/unistd.h header to define basic declaration for misc
functions that might be missing from headers. This includes
externs for getenv(), getopt(), mktemp(), tempname().
Protect fax500.h from multiple inclusion. Moved includes of
system/generic headers back to source files.
Made mail500 helper functions static.
Fixed includes of ctype.h, signal.h, etc. to use generics.
lutil/tempname.c: was including stdlib.h twice, one should stdio.h.
Wrapped <sys/resource.h> with HAVE_SYS_RESOURCE_H.
lber/io.c/ber_get_next(): Changed noctets back to signed.
Used with BerRead which expects signed int as second arg and
returns signed int.
Most function and variable definitions are now preceded by its extern
definition, for error checking. Retyped a number of functions, usually
to return void. Fixed a number of printf format errors.
API changes (in ldap/include):
Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.
A number of `extern' declarations are left (some added by protoize), to
be cleaned away later. Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
#include <stdlib.h> to get malloc & co various places,
#include <ac/string.h> to get strlen & co in (liblutil/setproctitle.c),
declare ch_malloc & co (slurp.h), avl_find_lin (avl.h), Malloc (ud/edit.c).
Also changed ch_malloc & co from char* to void* functions.
Modified clients to reduce use of ldapconfig.h.edit.
ldap_{get,set}_option support is relatively complete. Needs
to be extended to support other "features" of OpenLDAP.
