Howard Chu
890d4c6216
ITS#7003 fix typo
2011-07-28 13:48:08 -07:00
Jan Vcelak
e8ac17e17c
ITS#6998 MozNSS: when cert not required, ignore issuer expiration
...
When server certificate is not required in a TLS session (e.g.
TLS_REQCERT is set to 'never'), ignore expired issuer certificate error
and do not terminate the connection.
2011-07-21 11:59:06 -07:00
Howard Chu
8eecc9a017
Only return requested attrs in sssvlv response
2011-07-18 12:53:23 -07:00
Howard Chu
db106f89e6
ITS#6985 fix sssvlv target offset, ordering match
2011-07-18 12:41:51 -07:00
Pierangelo Masarati
c86677ef41
blind fix build on solaris native compilers (ITS#6992)
2011-07-08 08:48:59 +02:00
Pierangelo Masarati
c0b669e14f
fix config emit (ITS#6986)
2011-07-07 08:16:23 +02:00
Howard Chu
c02e681121
ITS#6982 fix md5 memset invocation
2011-07-01 22:55:06 -07:00
Pierangelo Masarati
8df4c357be
authTimestamp should be manageable (ITS#6873)
2011-06-30 21:55:28 +02:00
Pierangelo Masarati
92f4a3b2a7
response tag is [1] according to RFC 2589 (ITS#6886)
2011-06-30 21:24:12 +02:00
Rich Megginson
d944920fd3
ITS#6980 free the result of SSL_PeerCertificate
...
In tlsm_auth_cert_handler, we get the peer's cert from the socket using
SSL_PeerCertificate. This value is allocated and/or cached. We must
destroy it using CERT_DestroyCertificate.
2011-06-29 16:56:26 -07:00
Howard Chu
7ee3dee647
ITS#6828 set ld_errno on connect failures
2011-06-27 18:43:31 -07:00
Rein Tollevik
ffa8eca405
Merge branch 'master' of ssh://git-master.openldap.org/~git/git/openldap
2011-06-27 14:21:35 +02:00
Rein Tollevik
62861cae0e
ITS#6716 Extend test where consumer/provider holds CSNs with differing SIDs.
2011-06-27 14:17:39 +02:00
Howard Chu
230f433ec7
ITS#6872 re-enable test058
2011-06-27 04:48:25 -07:00
Howard Chu
ebf07016ef
ITS#6872 fix test058 breakage from prev patch
2011-06-27 04:46:43 -07:00
Howard Chu
052ac2f64a
ITS#6828 silence warning in prev commit
2011-06-24 18:03:11 -07:00
Howard Chu
d76be4828c
ITS#6977 fix verbose check in client tools
2011-06-23 17:10:37 -07:00
Howard Chu
d0973003f7
ITS#6978 bail out on invalid input
2011-06-23 13:17:08 -07:00
Howard Chu
b1f26a8b17
Fix NO_THREADS typo
2011-06-22 20:03:24 -07:00
Quanah Gibson-Mount
15ae0134ee
Disable test058 until it someone can track down what's wrong with it
2011-06-22 15:16:08 -07:00
Howard Chu
b0fcec8d65
ITS#6716 Use sorted CSNs in syncrepl too
2011-06-22 00:32:00 -07:00
Howard Chu
6da3e3473c
ITS#6716 use sorted CSNs, fix sessionlog
...
track a CSN per SID in the log->sl_mincsn
2011-06-22 00:30:13 -07:00
Howard Chu
249422aa28
ITS#6716 Keep CSN lists sorted by SID
2011-06-21 22:35:14 -07:00
Howard Chu
ceefe132a8
ITS#6817 fix RE24 build breakage
...
Should SLAP_AUTH_DN be #defined in release now?
2011-06-21 17:05:53 -07:00
Rich Megginson
5e467e4899
ITS#6862 MozNSS - workaround PR_SetEnv bug
2011-06-21 15:58:49 -07:00
Rich Megginson
d78cf81648
ITS#6975 MozNSS - allow cacertdir in most cases
...
OpenLDAP built with OpenSSL allows most any value of cacertdir - directory
is a file, directory does not contain any CA certs, directory does not
exist - users expect if they specify TLS_REQCERT=never, no matter what
the TLS_CACERTDIR setting is, TLS/SSL will just work.
TLS_CACERT, on the other hand, is a hard error. Even if TLS_REQCERT=never,
if TLS_CACERT is specified and is not a valid CA cert file, TLS/SSL will
fail. This patch makes CACERT errors hard errors, and makes CACERTDIR
errors "soft" errors. The code checks CACERT first and, even though
the function will return an error, checks CACERTDIR anyway so that if the
user sets TRACE mode they will get CACERTDIR processing messages.
2011-06-21 15:56:55 -07:00
Howard Chu
ae24a1a6ac
ITS#6973 need limits_check if overlay is global
2011-06-21 02:40:38 -07:00
Jan Vcelak
65e163d268
ITS#6947 Handle missing '\n' termination in LDIF input
2011-06-20 18:18:34 -07:00
Ondrej Kuznik
6f43600731
ITS#6974 (Re)moving stray cleanup code.
2011-06-20 18:13:36 -07:00
Hallvard Furuseth
e25bce9124
Tweak back-ldif messages about CRC checksums.
2011-06-20 21:53:05 +02:00
Hallvard Furuseth
06fe436053
Cleanup back-ldif CRC code.
...
Handle interrupted write() again. Fix warnings/types. #ifdef LDAP_DEBUG.
2011-06-20 21:45:03 +02:00
Howard Chu
05ca8c3710
More fixes, add test script
2011-06-20 11:05:08 -07:00
Howard Chu
48cdd54d9a
Fix missing si_syncCookie numcsns
2011-06-20 06:51:33 -07:00
Howard Chu
480f0c16ff
More tweaks for delta-mmr
2011-06-20 04:27:11 -07:00
Howard Chu
67bbad6e70
delta-mmr conflict resolution
2011-06-19 20:14:03 -07:00
Howard Chu
237a686107
More for conflict detection
2011-06-19 20:13:59 -07:00
Howard Chu
95d7adcd6d
Setup delta-mmr using an overlay
2011-06-19 20:13:51 -07:00
Ralf Haferkamp
1e4faaf1bd
Additional getter methods for LDAPModification
2011-06-15 15:28:55 +02:00
Howard Chu
0a9f51f58d
ITS#6657/6691 use proper SQL length data type
2011-06-13 13:54:56 -07:00
Quanah Gibson-Mount
9578bf0145
ITS#6971 correct option is --enable-wrappers
2011-06-13 13:46:01 -07:00
Howard Chu
de395ddad3
ITS#6944 limit op cache to 10 ops per thread
2011-06-10 03:27:40 -07:00
Howard Chu
9f7d119ce3
Add LDAP_OPT_X_TLS_PACKAGE
...
to return the name of the underlying TLS implementation
2011-06-10 02:11:26 -07:00
Howard Chu
329e7937e6
ITS#6892 shortcut for non-replicated ops
2011-06-10 01:44:30 -07:00
Howard Chu
d1b38bd12b
ITS#6967 normalize schema RDN
2011-06-10 01:35:19 -07:00
Howard Chu
6f715114ff
Add CRC32 checksum to back-ldif files
...
Currently just logs a complaint on checksum mismatch. Could get
more obnoxious later.
2011-06-09 21:09:41 -07:00
Howard Chu
214d7e3750
Fix prev commit
2011-06-09 18:07:13 -07:00
Howard Chu
a4a7ffdf5c
Try to discourage editing back-ldif files
2011-06-09 17:59:08 -07:00
Howard Chu
68c7d375da
Revert "ITS#6688 enforce search ACL in back-perl"
...
This reverts commit 53bb95a2e3
2011-06-09 15:37:11 -07:00
Howard Chu
53bb95a2e3
ITS#6688 enforce search ACL in back-perl
2011-06-09 15:25:32 -07:00
Quanah Gibson-Mount
6b95e5941c
ITS#6889 regenerate configure
2011-06-09 11:05:09 -07:00
