Kurt Zeilenga
863a076919
ITS#2662: NS_MTA-MD5 hash check fix
2003-08-09 18:47:16 +00:00
Kurt Zeilenga
15fa161b8f
ITS#2562: add missing arg to hash_lanman
2003-06-01 23:32:47 +00:00
Hallvard Furuseth
5ee9264465
Fix assignment of <char/int>* to unsigned <char/int>* and vice versa.
2003-05-02 13:29:28 +00:00
Howard Chu
7e2273b30e
Added errmsg arg to lutil_passwd_{check,hash} functions
2003-04-30 07:52:05 +00:00
Howard Chu
62f7394f8c
Fix up lutil_passwd stuff to avoid struct berval definition
2003-03-12 23:07:09 +00:00
Howard Chu
bbad1de8e1
Added lutil_passwd_init, _destroy, _add for dynamically adding passwd
...
schemes. Declarations in lutil.h require lutil.h never be included before
lber.h, always after.
2003-03-11 05:58:53 +00:00
Kurt Zeilenga
03b35cc621
ITS#2159: don't crash on malformed userPassword
2003-01-20 23:46:35 +00:00
Kurt Zeilenga
6939c53170
Happy new year
2003-01-03 20:20:47 +00:00
Kurt Zeilenga
ba6d2c5cc0
ITS#1502: fix NS-MTA-MD5 typo
2002-09-24 21:21:35 +00:00
Kurt Zeilenga
11761fa6ca
Add NT-MTA-MD5 Support.
...
Based, in part, from ITS#1502 submission from John Morrissey.
Copyright 2001, John Morrissey (jwm at horde dot net), All rights reserved.
This is free software; you can redistribute and use it under the same terms
as OpenLDAP itself.
2002-09-07 01:51:12 +00:00
Howard Chu
4c69827b15
ITS#2016 possibly better macro test for this fix
2002-08-10 00:32:25 +00:00
Howard Chu
66d9bf404b
ITS#2016 Don't include <openssl/des.h> if we're also including <krb.h>.
2002-08-10 00:22:52 +00:00
Howard Chu
6226684204
Eliminate an unnecessary malloc/free
2002-08-07 00:47:57 +00:00
Kurt Zeilenga
7592a9b9c7
make sure we don't test against stored values starting with "{"
2002-07-10 22:04:14 +00:00
Kurt Zeilenga
56bbe05490
Add {CLEARTEXT} password-hash support
2002-06-12 00:43:34 +00:00
Howard Chu
491d2ae5b9
ITS#1720 chk_sasl for Cyrus SASL 2
2002-04-16 04:05:51 +00:00
Howard Chu
bb17493d31
ITS#1732 signed/unsigned fixes
2002-04-11 08:47:37 +00:00
Kurt Zeilenga
0e2af54a3f
Update copyright statements
2002-01-04 21:17:25 +00:00
Howard Chu
e5eb270e6c
from jon@symas.com - misc Windows cleanup
2001-12-17 22:42:55 +00:00
Kurt Zeilenga
7ee53eb12e
Remove const from salt_format
2001-06-14 02:20:05 +00:00
Kurt Zeilenga
ff993c7ddb
Misc updates to password codes / docs
2001-06-13 05:40:24 +00:00
Kurt Zeilenga
8d4c20cd6d
Adding crypt(3) salt format (ITS#1202) from Jeff Costlow <j.costlow@f5.com>
...
with minor changes by committer
---
Copyright 2001, F5 Networks, Inc, All rights reserved.
This software is not subject to any license of F5 Networks.
This is free software; you can redistribute and use it
under the same terms as OpenLDAP itself.
2001-06-13 03:47:17 +00:00
Kurt Zeilenga
9ed2b33e2b
optional SHA1
2001-05-02 19:49:44 +00:00
Kurt Zeilenga
7f91ee936f
Clean up header inclusion
2001-03-15 03:09:52 +00:00
Gary Williams
36880023b6
fix NT build by moving unistd.h
2001-02-02 16:07:12 +00:00
Kurt Zeilenga
90c9d543a8
Provide extra salt for crypt(3)
2001-01-20 01:15:28 +00:00
Kurt Zeilenga
319a75ef39
Fix LMPASSWD code
...
Move <ac/unistd.h> and <ac/crypt.h> behind SLAPD_CRYPT
2001-01-18 00:35:09 +00:00
Kurt Zeilenga
df7804debc
ITS#899 LANMAN password contribution from Norbert Klasen
2000-11-22 20:18:50 +00:00
Kurt Zeilenga
7fad68f7b4
remove lint
2000-10-18 00:29:21 +00:00
Kurt Zeilenga
f319444df0
MIT Kerberos and krb5_free_creds_contents (ITS#715)
...
fix suggested by Norbert Klasen <klasen@zdv.uni-tuebingen.de>
2000-09-06 18:21:39 +00:00
Kurt Zeilenga
3b03b64b77
Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the
...
input. In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
2000-08-15 01:55:43 +00:00
Kurt Zeilenga
5b856458a2
s/SAFEMEMCPY/AC_MEMCPY/
...
Use AC_FMEMCPY where appropriate (-llber)
2000-07-28 01:07:07 +00:00
Kurt Zeilenga
5fc22599e2
Update SASL code to reuse context through life of session.
...
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
c5765e3827
Use provided macros and comment
2000-06-03 17:24:21 +00:00
Kurt Zeilenga
29d9fa20a2
Y2k copyright update
2000-05-13 02:36:07 +00:00
Howard Chu
3f618bfe03
Fix ambiguous return value in lutil_passwd
2000-05-13 00:10:24 +00:00
Howard Chu
7ca81c0a03
Fix one more chk_unix ifdef
2000-05-11 20:00:47 +00:00
Kurt Zeilenga
cdb709fd27
Fix unbalanced #endif
2000-05-11 16:06:41 +00:00
Howard Chu
605832eaa5
Added support for AIX security database:
...
configure.in: check for AIX security library, set in AUTH_LIBS macro
top.mk: add AUTH_LIBS macro to SECURITY_LIBS
portable.h.in: added HAVE_AIX_SECURITY macro (via autoheader)
passwd.c: use AIX getuserpw in chk_unix. Also fix logic in chk_unix:
getpwnam must always succeed for the given user. It is not a
fatal error if getspnam returns no result for the user: On
systems that support /etc/shadow, its usage is optional. The
same logic applies for AIX, SCO/HP SecureWare, etc.
2000-05-11 10:10:53 +00:00
Kurt Zeilenga
3553f9aab6
Fix #ifdefs when --disable-crypt
2000-05-10 23:26:42 +00:00
Kurt Zeilenga
f224e69558
Add experimental code to check simple bind passwords
...
against Cyrus SASLdb. Like other cleartext mechanisms,
should be protected from eavesdropping.
2000-05-10 04:29:51 +00:00
Kurt Zeilenga
802ee714e4
Framework for authpasswd. Needs work. Behind #ifdef
2000-04-25 13:28:03 +00:00
Kurt Zeilenga
4c0be829e1
Fix usage in comment
2000-03-17 02:07:59 +00:00
Kurt Zeilenga
5967cc5658
Even more checks around use of crypt(3).
2000-01-17 17:09:33 +00:00
Kurt Zeilenga
c17b89f431
Add additional crypt() sanity checks.
2000-01-17 16:53:15 +00:00
Kurt Zeilenga
34fe70cc71
Validate krb5_init_context
2000-01-10 21:37:04 +00:00
Kurt Zeilenga
38f0b890ab
Borrowed a bit to literally... s/pop/ldap/ s/popper/slapd/
2000-01-09 00:20:00 +00:00
Kurt Zeilenga
e988e175a6
Minor fixes.
2000-01-08 18:51:27 +00:00
Kurt Zeilenga
6437785a82
Initial implementation of Kerberos password verification for
...
simple bind via:
{KERBEROS}principal
Code is disabled by default (for security reasons). Use
--enable-kpasswd to enable. Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support. Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Kurt Zeilenga
30411f8402
Add slappasswd to generate rootpw.
1999-12-16 02:18:50 +00:00