Commit Graph

87 Commits

Author SHA1 Message Date
Howard Chu
146b2c5389 ITS#4082 tls ctx requirements are only applicable to servers, or clients
with tls_opt_require_cert = TRY or DEMAND. Ignore requirements for clients.
2005-11-08 13:42:10 +00:00
Pierangelo Masarati
a6453f28f8 silence warnings 2005-11-06 23:27:09 +00:00
Pierangelo Masarati
fd0e059c2b use unsigned long long for counters, if available 2005-05-28 14:29:45 +00:00
Howard Chu
89210b7100 Added ldap_pvt_sasl_secprops_unparse, slap_sasl_secprops_unparse 2005-03-01 11:42:31 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Howard Chu
ae592801aa Add callbacks for client TLS connection establishment:
LDAP_OPT_X_TLS_CONNECT_CB and LDAP_OPT_X_TLS_CONNECT_ARG
with int (LDAP_TLS_CONNECT_CB) (LDAP *ld, SSL *ssl, SSL_CTX *ctx, void *arg)
To be called whenever the client library allocates a new SSL* handle.
2004-11-23 03:48:09 +00:00
Howard Chu
162f00f348 Don't BN_init allocated BIGNUMs, they're already initialized 2004-11-22 02:18:02 +00:00
Pierangelo Masarati
761f287943 multiple precision with BIGNUM/gmp/ulong 2004-09-26 22:58:47 +00:00
Kurt Zeilenga
8064bb6ef1 A better find_connection() port fix 2004-08-28 03:53:31 +00:00
Kurt Zeilenga
44485522e0 Allow LDAP_PVT_SASL_LOCAL_SSF to be set externally 2004-06-27 19:39:11 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Kurt Zeilenga
159de0f135 Updated notices and acknowledgements 2003-11-26 07:16:36 +00:00
Hallvard Furuseth
a4f93a6908 Really rename ldap_int_get_controls() to ldap_pvt_get_controls(). 2003-10-14 11:27:32 +00:00
Kurt Zeilenga
4f003dbdaf mv ldap_int_get_controls to ldap_pvt_get_controls 2003-10-12 08:14:28 +00:00
Jong Hyuk Choi
c468defe24 cleanup 2003-04-30 22:41:37 +00:00
Howard Chu
4b73446ab5 ITS#2424 reset SASL on an existing connection 2003-04-30 15:38:32 +00:00
Hallvard Furuseth
6d59c23c55 Make string parameter to ldap_charray_add() and ldap_charray_inlist() const. 2003-04-29 16:34:37 +00:00
Kurt Zeilenga
a609f87eb6 remove lint 2003-04-24 23:15:59 +00:00
Jong Hyuk Choi
203c2aad41 move ldap_get_message_ber() from ldap.h to ldap_pvt.h 2003-04-22 23:02:11 +00:00
Howard Chu
d46ab4c065 Move ldap_dnfree_x etc. decls from ldap.h to ldap_pvt.h 2003-04-11 10:26:25 +00:00
Howard Chu
873e498829 Silence warning in prev commit 2003-03-05 01:37:56 +00:00
Howard Chu
e87f588f00 Added ldap_pvt_get_hname. Use instead of ldap_pvt_gethostbyaddr_a when
all you want is the hostname.
2003-03-05 01:34:31 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Kurt Zeilenga
a83cc88edd Move ldap_control_dup() to ldap_pvt.h 2002-09-04 02:14:12 +00:00
Pierangelo Masarati
4046c4226e add upper/lower funcs that also compute the length of the string (not used yet) 2002-08-23 08:45:17 +00:00
Howard Chu
de3e81cebb Changed ldap_pvt_tls_get_my_dn and ldap_pvt_tls_get_peer_dn to store result
in dn parameter and return a result code.
2002-04-30 13:50:56 +00:00
Howard Chu
17ae956518 Added ldap_X509dn2bv()
deleted ldap_pvt_tls_get_peer()
  changed ldap_pvt_tls_get_peer_dn() to use ldap_X509dn2bv()
  added ldap_pvt_tls_get_my_dn()
2002-04-18 12:29:30 +00:00
Howard Chu
5c70106657 ITS#1708 ldap_pvt_tls_sb_ctx() et al 2002-04-05 06:48:03 +00:00
Kurt Zeilenga
7250ffb1cc move ldap_int_put_filter to ldap_pvt_put_filter 2002-03-30 00:41:26 +00:00
Howard Chu
996eb58011 Fix ASCII detection; can't use "< 0x80" on a signed char. 2002-01-05 10:33:38 +00:00
Kurt Zeilenga
c38027902a Update copyright notices 2002-01-04 20:40:29 +00:00
Kurt Zeilenga
763c0de59b Rework filter code
Misc cleanup / lint removal
2002-01-02 17:06:56 +00:00
Kurt Zeilenga
52a354f753 Mark more stuff as deprecated and remove some unused deprecated
routines.
2001-12-27 23:01:17 +00:00
Kurt Zeilenga
cddf7e0e00 More struct berval DN changes
decrease dependency on dn_validate/dn_normalize
2001-12-27 07:13:13 +00:00
Kurt Zeilenga
25b5aaf262 Delete ldap_build_filter(), it's broke.
Clean up headers.
2001-12-24 03:49:54 +00:00
Howard Chu
33ace5610c Added ldap_pvt_tls_destroy() to cleanup TLS library on shutdown 2001-11-06 20:52:59 +00:00
Kurt Zeilenga
77f776dfd1 Another round of TLS updates to support secure referral chasing 2001-06-25 19:17:42 +00:00
Kurt Zeilenga
c4f5497ac6 move TLS ctx to lconn struct in prep for supporting TLS with referrals
need to rework cert check to use per lconn host name
2001-06-25 07:33:42 +00:00
Kurt Zeilenga
be9a50af25 Update copyright (including with or without modification clarification) 2001-05-29 03:29:53 +00:00
Kurt Zeilenga
c0a06f25c2 Add ldap_pvt_tls_get_peer_dn() routine. Returns peer as an LDAP DN. 2001-01-18 00:40:58 +00:00
Kurt Zeilenga
a13fb520ab Fix compilation problem when ldap.h is not included 2000-11-28 20:31:14 +00:00
Kurt Zeilenga
1f7874b724 Add ldap_url_parse_ext() prototype. Routine should likely be renamed
into ldap_pvt_ name space.
2000-11-28 19:59:57 +00:00
Kurt Zeilenga
2b82d4f486 remove lint
update bdb codes
2000-09-22 01:40:57 +00:00
Kurt Zeilenga
bfff7ce1f5 Bandaid ucdata build problems 2000-09-07 23:31:59 +00:00
Kurt Zeilenga
cee040a321 Bring UCdata infrastructure. 2000-09-03 23:48:35 +00:00
Kurt Zeilenga
b3b4342f8f Raise ldapi:// SSF to 71. ldapi:// is likely more secure than
DES or other low end encryption.
2000-08-28 19:53:49 +00:00
Kurt Zeilenga
25a9f7427d Remove CLDAP cruft 2000-08-18 04:25:00 +00:00
Howard Chu
0f8047b95e Implemented ldap_pvt_tls_get_peer() for use with SASL/EXTERNAL.
Added ldap_pvt_tls_get_strength() - return encryption strength, for
use as a SASL session security factor.
2000-08-16 23:27:41 +00:00
Kurt Zeilenga
3b03b64b77 Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the
input.  In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
2000-08-15 01:55:43 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session.
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00