Howard Chu
146b2c5389
ITS#4082 tls ctx requirements are only applicable to servers, or clients
...
with tls_opt_require_cert = TRY or DEMAND. Ignore requirements for clients.
2005-11-08 13:42:10 +00:00
Pierangelo Masarati
a6453f28f8
silence warnings
2005-11-06 23:27:09 +00:00
Pierangelo Masarati
fd0e059c2b
use unsigned long long for counters, if available
2005-05-28 14:29:45 +00:00
Howard Chu
89210b7100
Added ldap_pvt_sasl_secprops_unparse, slap_sasl_secprops_unparse
2005-03-01 11:42:31 +00:00
Kurt Zeilenga
dc0eacd40b
Happy New Year!
2005-01-01 20:49:32 +00:00
Howard Chu
ae592801aa
Add callbacks for client TLS connection establishment:
...
LDAP_OPT_X_TLS_CONNECT_CB and LDAP_OPT_X_TLS_CONNECT_ARG
with int (LDAP_TLS_CONNECT_CB) (LDAP *ld, SSL *ssl, SSL_CTX *ctx, void *arg)
To be called whenever the client library allocates a new SSL* handle.
2004-11-23 03:48:09 +00:00
Howard Chu
162f00f348
Don't BN_init allocated BIGNUMs, they're already initialized
2004-11-22 02:18:02 +00:00
Pierangelo Masarati
761f287943
multiple precision with BIGNUM/gmp/ulong
2004-09-26 22:58:47 +00:00
Kurt Zeilenga
8064bb6ef1
A better find_connection() port fix
2004-08-28 03:53:31 +00:00
Kurt Zeilenga
44485522e0
Allow LDAP_PVT_SASL_LOCAL_SSF to be set externally
2004-06-27 19:39:11 +00:00
Kurt Zeilenga
3c598e89fb
Happy new year
2004-01-01 19:15:16 +00:00
Kurt Zeilenga
159de0f135
Updated notices and acknowledgements
2003-11-26 07:16:36 +00:00
Hallvard Furuseth
a4f93a6908
Really rename ldap_int_get_controls() to ldap_pvt_get_controls().
2003-10-14 11:27:32 +00:00
Kurt Zeilenga
4f003dbdaf
mv ldap_int_get_controls to ldap_pvt_get_controls
2003-10-12 08:14:28 +00:00
Jong Hyuk Choi
c468defe24
cleanup
2003-04-30 22:41:37 +00:00
Howard Chu
4b73446ab5
ITS#2424 reset SASL on an existing connection
2003-04-30 15:38:32 +00:00
Hallvard Furuseth
6d59c23c55
Make string parameter to ldap_charray_add() and ldap_charray_inlist() const.
2003-04-29 16:34:37 +00:00
Kurt Zeilenga
a609f87eb6
remove lint
2003-04-24 23:15:59 +00:00
Jong Hyuk Choi
203c2aad41
move ldap_get_message_ber() from ldap.h to ldap_pvt.h
2003-04-22 23:02:11 +00:00
Howard Chu
d46ab4c065
Move ldap_dnfree_x etc. decls from ldap.h to ldap_pvt.h
2003-04-11 10:26:25 +00:00
Howard Chu
873e498829
Silence warning in prev commit
2003-03-05 01:37:56 +00:00
Howard Chu
e87f588f00
Added ldap_pvt_get_hname. Use instead of ldap_pvt_gethostbyaddr_a when
...
all you want is the hostname.
2003-03-05 01:34:31 +00:00
Kurt Zeilenga
6939c53170
Happy new year
2003-01-03 20:20:47 +00:00
Kurt Zeilenga
a83cc88edd
Move ldap_control_dup() to ldap_pvt.h
2002-09-04 02:14:12 +00:00
Pierangelo Masarati
4046c4226e
add upper/lower funcs that also compute the length of the string (not used yet)
2002-08-23 08:45:17 +00:00
Howard Chu
de3e81cebb
Changed ldap_pvt_tls_get_my_dn and ldap_pvt_tls_get_peer_dn to store result
...
in dn parameter and return a result code.
2002-04-30 13:50:56 +00:00
Howard Chu
17ae956518
Added ldap_X509dn2bv()
...
deleted ldap_pvt_tls_get_peer()
changed ldap_pvt_tls_get_peer_dn() to use ldap_X509dn2bv()
added ldap_pvt_tls_get_my_dn()
2002-04-18 12:29:30 +00:00
Howard Chu
5c70106657
ITS#1708 ldap_pvt_tls_sb_ctx() et al
2002-04-05 06:48:03 +00:00
Kurt Zeilenga
7250ffb1cc
move ldap_int_put_filter to ldap_pvt_put_filter
2002-03-30 00:41:26 +00:00
Howard Chu
996eb58011
Fix ASCII detection; can't use "< 0x80" on a signed char.
2002-01-05 10:33:38 +00:00
Kurt Zeilenga
c38027902a
Update copyright notices
2002-01-04 20:40:29 +00:00
Kurt Zeilenga
763c0de59b
Rework filter code
...
Misc cleanup / lint removal
2002-01-02 17:06:56 +00:00
Kurt Zeilenga
52a354f753
Mark more stuff as deprecated and remove some unused deprecated
...
routines.
2001-12-27 23:01:17 +00:00
Kurt Zeilenga
cddf7e0e00
More struct berval DN changes
...
decrease dependency on dn_validate/dn_normalize
2001-12-27 07:13:13 +00:00
Kurt Zeilenga
25b5aaf262
Delete ldap_build_filter(), it's broke.
...
Clean up headers.
2001-12-24 03:49:54 +00:00
Howard Chu
33ace5610c
Added ldap_pvt_tls_destroy() to cleanup TLS library on shutdown
2001-11-06 20:52:59 +00:00
Kurt Zeilenga
77f776dfd1
Another round of TLS updates to support secure referral chasing
2001-06-25 19:17:42 +00:00
Kurt Zeilenga
c4f5497ac6
move TLS ctx to lconn struct in prep for supporting TLS with referrals
...
need to rework cert check to use per lconn host name
2001-06-25 07:33:42 +00:00
Kurt Zeilenga
be9a50af25
Update copyright (including with or without modification clarification)
2001-05-29 03:29:53 +00:00
Kurt Zeilenga
c0a06f25c2
Add ldap_pvt_tls_get_peer_dn() routine. Returns peer as an LDAP DN.
2001-01-18 00:40:58 +00:00
Kurt Zeilenga
a13fb520ab
Fix compilation problem when ldap.h is not included
2000-11-28 20:31:14 +00:00
Kurt Zeilenga
1f7874b724
Add ldap_url_parse_ext() prototype. Routine should likely be renamed
...
into ldap_pvt_ name space.
2000-11-28 19:59:57 +00:00
Kurt Zeilenga
2b82d4f486
remove lint
...
update bdb codes
2000-09-22 01:40:57 +00:00
Kurt Zeilenga
bfff7ce1f5
Bandaid ucdata build problems
2000-09-07 23:31:59 +00:00
Kurt Zeilenga
cee040a321
Bring UCdata infrastructure.
2000-09-03 23:48:35 +00:00
Kurt Zeilenga
b3b4342f8f
Raise ldapi:// SSF to 71. ldapi:// is likely more secure than
...
DES or other low end encryption.
2000-08-28 19:53:49 +00:00
Kurt Zeilenga
25a9f7427d
Remove CLDAP cruft
2000-08-18 04:25:00 +00:00
Howard Chu
0f8047b95e
Implemented ldap_pvt_tls_get_peer() for use with SASL/EXTERNAL.
...
Added ldap_pvt_tls_get_strength() - return encryption strength, for
use as a SASL session security factor.
2000-08-16 23:27:41 +00:00
Kurt Zeilenga
3b03b64b77
Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the
...
input. In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
2000-08-15 01:55:43 +00:00
Kurt Zeilenga
5fc22599e2
Update SASL code to reuse context through life of session.
...
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00