liblutil/ntservice.c change registry key path used for non-default
service names.
slapd/Makefile.in change to generate slapd.syms dynamically
slapd/daemon.c fix to make NT service ignore SIGBREAK
slapd/main.c fix to allow NT to retrieve listening url from registry
slapd/nt_svc.c fix for exported symbols
slapd/result.c change use of strerror to sock_errstr
slapd/slapd.syms no longer needed
If application provide one, use it. If application doesn't
provide one, use best of server advertised.
Fix SASL/ANONYMOUS (not normally used, but should work)
PLAIN is not currently working... might be local to me as my
Cyrus installation is a bit hosted.
configure.in: check for AIX security library, set in AUTH_LIBS macro
top.mk: add AUTH_LIBS macro to SECURITY_LIBS
portable.h.in: added HAVE_AIX_SECURITY macro (via autoheader)
passwd.c: use AIX getuserpw in chk_unix. Also fix logic in chk_unix:
getpwnam must always succeed for the given user. It is not a
fatal error if getspnam returns no result for the user: On
systems that support /etc/shadow, its usage is optional. The
same logic applies for AIX, SCO/HP SecureWare, etc.
This means a ldaps connection may drop before any LDAP protocol exchange
occurs (due to expired cert, unrecognized CAs, etc.).
Change ldap_pvt_tls_connect to copy any TLS error string to ld_error upon
connection failure, otherwise client just sees "can't contact LDAP server."
slapd/connection.c: add flush/delay when SSL_accept fails, to allow any
TLS alerts we generated to propagate back to the client. (Which will then
be picked up by ldap_pvt_tls_connect on the client...)
ldap_domain2dn()
ldap_domain2hostlist()
and provide prototype to soon-to-be-implemented
ldap_dn2domain().
ldap_dnssrv_init(), if needed, can easily be implemented
using ldap_create(), ldap_set_option() and the above
commands.
with authentication id and authorization ids. Note: this routine
doesn't actually negotiate anything. It likely should be renamed
ldap_sasl_auth_s() or ldap_sasl_bind_multistep() or something.
modules are dynamically loaded, they summon libldap when needed.
However, depending on the security libraries available when the
shared libldap was built, the latter brings up other dependencies.
On some platforms, it seems that no solution is available: no
indirect dynamic dependencies. But for some platforms where this
is supported (in particular, Linux), the shared libldap must
contain info on what other dynamic libraries it needs. We were
failing to put this info into the shared library. This patch
seems to fix it.
