Commit Graph

75 Commits

Author SHA1 Message Date
Kurt Zeilenga
863a076919 ITS#2662: NS_MTA-MD5 hash check fix 2003-08-09 18:47:16 +00:00
Kurt Zeilenga
15fa161b8f ITS#2562: add missing arg to hash_lanman 2003-06-01 23:32:47 +00:00
Hallvard Furuseth
5ee9264465 Fix assignment of <char/int>* to unsigned <char/int>* and vice versa. 2003-05-02 13:29:28 +00:00
Howard Chu
7e2273b30e Added errmsg arg to lutil_passwd_{check,hash} functions 2003-04-30 07:52:05 +00:00
Howard Chu
62f7394f8c Fix up lutil_passwd stuff to avoid struct berval definition 2003-03-12 23:07:09 +00:00
Howard Chu
bbad1de8e1 Added lutil_passwd_init, _destroy, _add for dynamically adding passwd
schemes. Declarations in lutil.h require lutil.h never be included before
lber.h, always after.
2003-03-11 05:58:53 +00:00
Kurt Zeilenga
03b35cc621 ITS#2159: don't crash on malformed userPassword 2003-01-20 23:46:35 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Kurt Zeilenga
ba6d2c5cc0 ITS#1502: fix NS-MTA-MD5 typo 2002-09-24 21:21:35 +00:00
Kurt Zeilenga
11761fa6ca Add NT-MTA-MD5 Support.
Based, in part, from ITS#1502 submission from John Morrissey.

Copyright 2001, John Morrissey (jwm at horde dot net), All rights reserved.
This is free software; you can redistribute and use it under the same terms
as OpenLDAP itself.
2002-09-07 01:51:12 +00:00
Howard Chu
4c69827b15 ITS#2016 possibly better macro test for this fix 2002-08-10 00:32:25 +00:00
Howard Chu
66d9bf404b ITS#2016 Don't include <openssl/des.h> if we're also including <krb.h>. 2002-08-10 00:22:52 +00:00
Howard Chu
6226684204 Eliminate an unnecessary malloc/free 2002-08-07 00:47:57 +00:00
Kurt Zeilenga
7592a9b9c7 make sure we don't test against stored values starting with "{" 2002-07-10 22:04:14 +00:00
Kurt Zeilenga
56bbe05490 Add {CLEARTEXT} password-hash support 2002-06-12 00:43:34 +00:00
Howard Chu
491d2ae5b9 ITS#1720 chk_sasl for Cyrus SASL 2 2002-04-16 04:05:51 +00:00
Howard Chu
bb17493d31 ITS#1732 signed/unsigned fixes 2002-04-11 08:47:37 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
e5eb270e6c from jon@symas.com - misc Windows cleanup 2001-12-17 22:42:55 +00:00
Kurt Zeilenga
7ee53eb12e Remove const from salt_format 2001-06-14 02:20:05 +00:00
Kurt Zeilenga
ff993c7ddb Misc updates to password codes / docs 2001-06-13 05:40:24 +00:00
Kurt Zeilenga
8d4c20cd6d Adding crypt(3) salt format (ITS#1202) from Jeff Costlow <j.costlow@f5.com>
with minor changes by committer
---
Copyright 2001, F5 Networks, Inc, All rights reserved.
This software is not subject to any license of F5 Networks.

This is free software; you can redistribute and use it
under the same terms as OpenLDAP itself.
2001-06-13 03:47:17 +00:00
Kurt Zeilenga
9ed2b33e2b optional SHA1 2001-05-02 19:49:44 +00:00
Kurt Zeilenga
7f91ee936f Clean up header inclusion 2001-03-15 03:09:52 +00:00
Gary Williams
36880023b6 fix NT build by moving unistd.h 2001-02-02 16:07:12 +00:00
Kurt Zeilenga
90c9d543a8 Provide extra salt for crypt(3) 2001-01-20 01:15:28 +00:00
Kurt Zeilenga
319a75ef39 Fix LMPASSWD code
Move <ac/unistd.h> and <ac/crypt.h> behind SLAPD_CRYPT
2001-01-18 00:35:09 +00:00
Kurt Zeilenga
df7804debc ITS#899 LANMAN password contribution from Norbert Klasen 2000-11-22 20:18:50 +00:00
Kurt Zeilenga
7fad68f7b4 remove lint 2000-10-18 00:29:21 +00:00
Kurt Zeilenga
f319444df0 MIT Kerberos and krb5_free_creds_contents (ITS#715)
fix suggested by Norbert Klasen <klasen@zdv.uni-tuebingen.de>
2000-09-06 18:21:39 +00:00
Kurt Zeilenga
3b03b64b77 Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the
input.  In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
2000-08-15 01:55:43 +00:00
Kurt Zeilenga
5b856458a2 s/SAFEMEMCPY/AC_MEMCPY/
Use AC_FMEMCPY where appropriate (-llber)
2000-07-28 01:07:07 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session.
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
c5765e3827 Use provided macros and comment 2000-06-03 17:24:21 +00:00
Kurt Zeilenga
29d9fa20a2 Y2k copyright update 2000-05-13 02:36:07 +00:00
Howard Chu
3f618bfe03 Fix ambiguous return value in lutil_passwd 2000-05-13 00:10:24 +00:00
Howard Chu
7ca81c0a03 Fix one more chk_unix ifdef 2000-05-11 20:00:47 +00:00
Kurt Zeilenga
cdb709fd27 Fix unbalanced #endif 2000-05-11 16:06:41 +00:00
Howard Chu
605832eaa5 Added support for AIX security database:
configure.in: check for AIX security library, set in AUTH_LIBS macro
  top.mk: add AUTH_LIBS macro to SECURITY_LIBS
  portable.h.in: added HAVE_AIX_SECURITY macro (via autoheader)
  passwd.c: use AIX getuserpw in chk_unix. Also fix logic in chk_unix:
  	getpwnam must always succeed for the given user. It is not a
	fatal error if getspnam returns no result for the user: On
	systems that support /etc/shadow, its usage is optional. The
	same logic applies for AIX, SCO/HP SecureWare, etc.
2000-05-11 10:10:53 +00:00
Kurt Zeilenga
3553f9aab6 Fix #ifdefs when --disable-crypt 2000-05-10 23:26:42 +00:00
Kurt Zeilenga
f224e69558 Add experimental code to check simple bind passwords
against Cyrus SASLdb.  Like other cleartext mechanisms,
should be protected from eavesdropping.
2000-05-10 04:29:51 +00:00
Kurt Zeilenga
802ee714e4 Framework for authpasswd. Needs work. Behind #ifdef 2000-04-25 13:28:03 +00:00
Kurt Zeilenga
4c0be829e1 Fix usage in comment 2000-03-17 02:07:59 +00:00
Kurt Zeilenga
5967cc5658 Even more checks around use of crypt(3). 2000-01-17 17:09:33 +00:00
Kurt Zeilenga
c17b89f431 Add additional crypt() sanity checks. 2000-01-17 16:53:15 +00:00
Kurt Zeilenga
34fe70cc71 Validate krb5_init_context 2000-01-10 21:37:04 +00:00
Kurt Zeilenga
38f0b890ab Borrowed a bit to literally... s/pop/ldap/ s/popper/slapd/ 2000-01-09 00:20:00 +00:00
Kurt Zeilenga
e988e175a6 Minor fixes. 2000-01-08 18:51:27 +00:00
Kurt Zeilenga
6437785a82 Initial implementation of Kerberos password verification for
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Kurt Zeilenga
30411f8402 Add slappasswd to generate rootpw. 1999-12-16 02:18:50 +00:00