mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
4,446 Commits 38 Branches 307 Tags 74 MiB
92625471e1
Commit Graph

601 Commits

Author SHA1 Message Date
Kurt Zeilenga
560fe7ade0 Fix == typo 2000-05-11 00:50:14 +00:00
Kurt Zeilenga
fbb58dec53 Fix minor bugs... 2000-05-10 22:21:57 +00:00
Kurt Zeilenga
e87e01b9c5 DNS SRV meat (a work in progress) 2000-05-10 21:48:18 +00:00
Howard Chu
7a586d4e49 Add ld parameter to ldap_pvt_tls_start invocations. See tls.c... 2000-05-10 21:02:46 +00:00
Howard Chu
f0c4f83ea2 libldap/tls.c: change tls_verify_cb to no longer ignore verification errors. 
This means a ldaps connection may drop before any LDAP protocol exchange
occurs (due to expired cert, unrecognized CAs, etc.).
  Change ldap_pvt_tls_connect to copy any TLS error string to ld_error upon
connection failure, otherwise client just sees "can't contact LDAP server."

slapd/connection.c: add flush/delay when SSL_accept fails, to allow any
TLS alerts we generated to propagate back to the client. (Which will then
be picked up by ldap_pvt_tls_connect on the client...)
 2000-05-10 17:07:09 +00:00
Kurt Zeilenga
d0555fffe6 Error handling changes including separation of client v. server 
SASL to LDAP translation.  plus comments and other minor changes
 2000-05-03 18:59:58 +00:00
Kurt Zeilenga
014afae269 setting UFN prefix to NULL should clear prefix not cause crash. 2000-05-03 10:45:36 +00:00
Kurt Zeilenga
95092681dd Clarify error string, add comment 2000-04-26 09:17:54 +00:00
Kurt Zeilenga
5043287a4c Fix NULL filter bug 2000-04-25 13:52:44 +00:00
Kurt Zeilenga
1973c664cc Fix NULL pointer deref bugs 2000-04-25 10:43:15 +00:00
Kurt Zeilenga
274bf59441 replace ldap_dnssrv_init() with lower level calls 
ldap_domain2dn()
    ldap_domain2hostlist()
and provide prototype to soon-to-be-implemented
    ldap_dn2domain().
ldap_dnssrv_init(), if needed, can easily be implemented
using ldap_create(), ldap_set_option() and the above
commands.
 2000-04-25 10:38:03 +00:00
Kurt Zeilenga
c02d7e2cb6 ITS#503: Extend ldap tools to support SASL/TLS 
Submitted by Gabor Gombas <gombasg@inf.elte.hu>
 2000-04-20 09:23:51 +00:00
Kurt Zeilenga
21431725fc fix = vs == bug 2000-04-12 01:06:58 +00:00
Kurt Zeilenga
870dbca576 objectclass=* -> NULL 2000-04-12 01:00:48 +00:00
Kurt Zeilenga
4035b05232 ITS#441: unhex escape referrals. Needs review before being 
applied to RE 1.2.
 2000-03-20 22:00:16 +00:00
Kurt Zeilenga
1a348f9fbe Return okay after setting LDAP_OPT_X_TLS_CERT (ITS#447) 2000-03-18 23:55:51 +00:00
Kurt Zeilenga
535cc1dbbc Add missing ; 2000-03-14 04:27:00 +00:00
Kurt Zeilenga
72c6446ef6 Mark statically allocated BerElement as valid. 2000-03-14 04:25:49 +00:00
Kurt Zeilenga
117b6a91d0 More fixes and comments 2000-03-14 04:08:12 +00:00
Kurt Zeilenga
c43fec53f5 Cyrus SASL uses screwy terms. 2000-03-14 03:08:46 +00:00
Kurt Zeilenga
5701fec1b5 correct callback numbering 2000-03-14 02:59:53 +00:00
Kurt Zeilenga
17527368d1 work args of ldap_negotiated_sasl_bind_s() and provide examples 
with authentication id and authorization ids.  Note: this routine
doesn't actually negotiate anything.  It likely should be renamed
ldap_sasl_auth_s() or ldap_sasl_bind_multistep() or something.
 2000-03-14 02:54:08 +00:00
Kurt Zeilenga
db662b516f Fix NT builds and remove lint 2000-03-13 19:30:14 +00:00
Julio Sánchez Fernández
50dafec453 Fixed an irritating problem with nss_ldap and pam_ldap. Since these 
modules are dynamically loaded, they summon libldap when needed.
However, depending on the security libraries available when the
shared libldap was built, the latter brings up other dependencies.
On some platforms, it seems that no solution is available: no
indirect dynamic dependencies.  But for some platforms where this
is supported (in particular, Linux), the shared libldap must
contain info on what other dynamic libraries it needs.  We were
failing to put this info into the shared library.  This patch
seems to fix it.
 2000-03-13 17:55:41 +00:00
Julio Sánchez Fernández
b9fb4c442c Useronly logic was inverted, we were ignoring the whole ldap.conf, 
except where we should.
 2000-03-13 12:31:35 +00:00
Kurt Zeilenga
6e5d2eea4e Add missing parens so that last commit behaves as desired. 2000-03-10 18:16:22 +00:00
Kurt Zeilenga
5b5b43a9e0 ITS#471: fix handling of delete referrals. 2000-03-08 18:56:22 +00:00
Kurt Zeilenga
655c0bda41 Ignore space in filter: ( !(foo=bar)) 2000-02-21 20:57:48 +00:00
Kurt Zeilenga
6cb60f381a Eliminate second session protocol version field. 2000-02-18 19:57:38 +00:00
Kurt Zeilenga
b8c8f6ef6f Fix ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, &v ) as 
suggested by Steve Sonntag.
 2000-02-16 22:59:15 +00:00
Kurt Zeilenga
0dbaf87730 Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT 
plus these changes unhidden changes:
	remove now meaning --enable-discreteaci configure option
	fix ITS#451, slapd filters
	Add ber_bvecadd() to support above
	constify ldap_pvt_find_wildcard() and misc slapd routines
	renamed some slap.h macros
	likely broken something
 2000-02-14 20:57:34 +00:00
Kurt Zeilenga
d0d80a633a Put *free(NULL) asserts behind LDAP_MEMORY_DEBUG 2000-02-11 21:11:44 +00:00
Kurt Zeilenga
2549654bb5 Add comment about leaked on exit values.... we likely should 
implement an at_exit() handler.
 2000-02-02 21:26:36 +00:00
Luke Howard
30522f7437 Changed (!strcmp(...)==0) to (strcmp(...)==0); obviously 
wrong. Fix from adamson@andrew.cmu.edu.
 2000-02-01 23:34:16 +00:00
Kurt Zeilenga
0919e503cd Use LDAP_CONST, not const, in public function declarations. 2000-02-01 01:11:26 +00:00
Kurt Zeilenga
4eb13130a9 typedef ber_int_t ldap_ucs4_t 2000-01-27 01:04:17 +00:00
Kurt Zeilenga
f3cb97e973 Add utf-8 to MSVC projects and remove lint. 2000-01-25 20:22:17 +00:00
Kurt Zeilenga
ed9969b1c4 Make ldap_utf8_bytes() act like strlen() not sizeof() 2000-01-23 23:33:01 +00:00
Kurt Zeilenga
42cc5e5333 Fix bugs in UTF-8 code. Apply to getdn and charray. 2000-01-23 23:07:24 +00:00
Kurt Zeilenga
61b509d881 Add some robustness to UTF-8 routines. 2000-01-23 18:43:30 +00:00
Kurt Zeilenga
16c903909c Add comments to UTF-8 declarations. 
Add US ASCII optimizations macros.
#ifdef out unused routines
Ready to hack getdn.c and others to support UTF-8
 2000-01-23 05:35:38 +00:00
Kurt Zeilenga
4e0964e8b4 Add comments. 2000-01-23 02:39:55 +00:00
Kurt Zeilenga
22ba55371e Move ldap_utf8_*() declarations from ldap-int.h to ldap_pvt.h. 
We may likely want to expose the routines at a later date (ldap_utf8.h?).
 2000-01-22 21:09:24 +00:00
Kurt Zeilenga
aa934d0666 We'll need ldap_utf8_strpbrk() as well. 2000-01-22 21:03:21 +00:00
Kurt Zeilenga
4e3c4d8c6d Add initial (untested) implementations of ldap_utf8_strtok, 
ldap_utf8_strcspn, ldap_utf8_strtok.
 2000-01-22 20:55:43 +00:00
Kurt Zeilenga
3eca68a5d2 Add additional UTF-8 routines 2000-01-22 18:48:37 +00:00
Kurt Zeilenga
14210f5e34 Fix charlen and add getc 2000-01-22 03:40:54 +00:00
Kurt Zeilenga
23afcd5c6e Initial UTF-8 routines. 2000-01-22 01:55:34 +00:00
Luke Howard
6a06fb7fba In ldap_pvt_sasl_init() treat subsequent invocations as no-ops, not error. 2000-01-16 01:29:15 +00:00
Howard Chu
80f85e972d In ldap_pvt_tls_init() treat subsequent invocations as no-ops, not error. 
In tls_verify_cb() use CRYPTO_free instead of free (necessary on NT due to
use of different heaps).
Changed update_flags to use SSL_get_error() to check success/status. This
fixes the problem of sb->sb_trans_needs_read getting set on dead sockets.
 2000-01-15 19:03:16 +00:00
Kurt Zeilenga
9ac0eab126 remove UNSPECIFIED_TLS... HOST implies ldap:// 2000-01-14 01:08:15 +00:00
Kurt Zeilenga
6437785a82 Initial implementation of Kerberos password verification for 
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
 2000-01-08 18:42:11 +00:00
Luke Howard
5a0bbd7eed Imported <ldap.h> in <ldap_pvt.h> so ldap_pvt_sasl_bind() has necessary 
types. Changed const sasl_callback_t * to LDAP_CONST sasl_callback_t *.
 2000-01-05 12:56:17 +00:00
Luke Howard
a466a64318 Added support for connecting to LDAP servers located using DNS 
SRV records. Added lock around resolver library which is shared
by the DNS SRV code and the getdxbyname() code.
 2000-01-03 02:33:22 +00:00
Luke Howard
57b62dc7d4 Added ldap_pvt_sasl_bind() prototype to ldap_pvt.h. This 
required importing sasl.h into ldap_pvt.h, thus that import
was removed from ldap-int.h.
 2000-01-03 00:15:30 +00:00
Luke Howard
736b8d0a24 Braced ldap_connect_to_path() in #ifdef LDAP_PF_LOCAL so as to compile 
without PF_LOCAL support.
 2000-01-02 01:56:01 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library; 
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
 2000-01-02 01:21:25 +00:00
Howard Chu
d92d403a76 NT requires $(SECURITY_LIBS) at link time. 1999-12-26 00:11:14 +00:00
Kurt Zeilenga
ab7c490960 Add BINDDN user-only directive to .ldaprc 
Used only for simple bind when dn == NULL and password != NULL.
 1999-12-17 03:27:16 +00:00
Kurt Zeilenga
30ffb54064 ITS#399: timelimit/timeout handling 
ITS#400: LDAP_TIMEOUT handling
 1999-12-16 00:41:18 +00:00
Kurt Zeilenga
096dcdc580 Add support for useronly configuration attributes. 1999-12-14 02:26:37 +00:00
Kurt Zeilenga
d331d4c1f3 Remove lint. 1999-12-12 05:07:17 +00:00
Kurt Zeilenga
18fad04e69 Fix == != typo 1999-12-12 05:02:03 +00:00
Kurt Zeilenga
c1a31ac9a2 Fix decoding of sasl bind and extended operation responses. 1999-12-12 03:16:46 +00:00
Mark Valence
7ee49bc676 Fix mem leak in ldap_start_tls(), treat empty host name as localhost when opening a connection. 1999-12-11 03:50:33 +00:00
Mark Valence
c0faf75a90 Unescape host:port when parsing a host list. 1999-12-11 03:46:07 +00:00
Mark Valence
a76c9f18a9 Start TLS extension: check that TLS was inited successfully, return default referral on failure as appropriate. 1999-12-10 19:18:33 +00:00
Mark Valence
e0e7e9842e client/server controls added to ldap_start_tls(). 1999-12-10 18:26:12 +00:00
Mark Valence
268dd9beaf Condition ldap_start_tls on HAVE_TLS. 1999-12-10 17:18:59 +00:00
Kurt Zeilenga
431dad371c Fix slapd SASL/ExternalOps encoding 
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
 1999-12-10 04:52:32 +00:00
Mark Valence
454284f1ea Adds for Start TLS functionality on slapd and LDAP C API. 1999-12-09 22:33:22 +00:00
Mark Valence
ccb9e1e9e3 Changed URL to URI for conf/env setting. 1999-12-09 22:17:08 +00:00
Howard Chu
6a26e68a02 Backout fix in r1.38 1999-12-08 23:50:59 +00:00
Howard Chu
3c5848a71e Fix ldap_chase_referrals to treat "ldap://host/" referrals the same as 
"ldap://host".
 1999-12-08 21:37:55 +00:00
Kurt Zeilenga
26c7d69e8c Update for new password codes for MSVC5 1999-12-08 06:44:22 +00:00
Mark Valence
601c1530a8 Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost. 1999-12-07 19:47:00 +00:00
Mark Valence
83e2f38543 Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost. 1999-12-07 18:52:05 +00:00
Mark Valence
5f86e47aa8 Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost. 1999-12-07 18:42:25 +00:00
Mark Valence
15c83bef9d Changed ldap_pvt_tls_init_def_ctx() to not fail if there is no cacertfile/dir specified. This lets LDAP_OPT_X_TLS_REQUIRE_CERT=0 work. If LDAP_OPT_X_TLS_REQUIRE_CERT=1, connection will fail as appropriate since there is no CA list. 1999-12-06 04:44:22 +00:00
Mark Valence
aa8c95a24a Bug fix. == NULL changed to != NULL before freeing mem. 1999-12-05 22:22:37 +00:00
Mark Valence
7d98b59dfa Removed unused local var. 1999-12-05 22:19:08 +00:00
Kurt Zeilenga
5d5588836f Fix ldap_rename parameter order (ITS#387) 1999-12-04 17:19:11 +00:00
Howard Chu
ed05ed8025 Fix memory losses, ITS#379 1999-12-03 00:21:32 +00:00
Howard Chu
568e25a7a9 ldap_result was losing messages when multiple msgids were queued, 
and results were being returned one-at-a-time. Ugh, this cost me two
days, loss of hair, sleep, etc.....!
 1999-11-30 13:32:06 +00:00
Howard Chu
eaaea51b53 Fixes for NT dynamic linking. 1999-11-27 23:40:08 +00:00
Kurt Zeilenga
53ee6b01b9 Fix typo in ldap_compare_ext. Found by dspeck@novell.com. 1999-11-19 02:01:50 +00:00
Mark Valence
84be63096b Minor bug fix in ldap_parse_extended_result. 1999-11-08 18:47:47 +00:00
Kurt Zeilenga
14f107e9ed Changes to support NT single debug 1999-11-01 22:17:06 +00:00
Kurt Zeilenga
b7af076fee Use centralized output directories. 
Update single debug/release not to use service manager nor event manager.
Likely breaks MINGW32 port.
 1999-11-01 21:25:22 +00:00
Kurt Zeilenga
4cc712db53 Add <ac/param.h> to wrap <sys/param.h> 1999-11-01 17:21:24 +00:00
Mark Valence
e20d6dfb8b bug fixes for ldap_msgtype and ldap_msgid 1999-10-30 18:33:37 +00:00
Kurt Zeilenga
baa34f752b Do not attempt to obtain sizeof(sin_addr.s_addr) or &sin_addr.s_addr 
as s_addr member of in_addr may be a bitfield.
 1999-10-30 04:58:06 +00:00
Howard Chu
e99eab787f Use new macros from configure.in to accomodate NT/Mingw32 environment. 
See README 1.27 log
 1999-10-28 07:31:59 +00:00
Howard Chu
5438e045af Fixed use of LDAP_F macro 
See README 1.27 log
 1999-10-28 07:29:25 +00:00
Howard Chu
74d93ac2f8 Fix Winsock-related warning and/or bugs. 
See README 1.27 log
 1999-10-28 07:17:08 +00:00
Mark Valence
a50cd075db Changes to make TLS work on Windows 1999-10-27 22:40:05 +00:00
Kurt Zeilenga
a5ac8f57f8 Complain if setsockopt TCP_NODELAY fails 1999-10-19 19:07:24 +00:00
Kurt Zeilenga
7ef67830af Minor adjustments based upon initial read of draft-ietf-ldapext-ldap-c-api-04.txt. 1999-10-19 18:57:38 +00:00
Kurt Zeilenga
60d00d4649 Force sd close. Suggested by rajk@home.com 1999-10-12 18:51:36 +00:00
Howard Chu
70f31490a8 Always return ld->ld_errno thru *errcodep if given to ldap_parse_result 1999-10-08 00:51:35 +00:00
Kurt Zeilenga
e7e4800d44 Remove lint. 1999-09-25 23:13:15 +00:00
Mark Valence
b221e4ad4b Fixed "typos" in TLS code. TLS is ATTR_TLS, not ATTR_BOOL. 
ldap_pvt_tls_config() was missing first param.
 1999-09-25 03:57:25 +00:00
Mark Valence
9e7243015c fixed LDAP_OPT_X_TLS case of ldap_pvt_tls_config(). 
ldap_pvt_tls_set_option() expects int* as third param.
 1999-09-25 03:53:17 +00:00
Randy Kunkee
24c81ea599 Back out my change to ldap_sort_strcasecmp. My mistake from not reading 
manpage carefully.  One should pass strcasecmp to ldap_sort_entries, not
ldap_sort_strcasecmp.  Ldap_sort_strcasecmp is for ldap_sort_values, NOT
ldap_sort_entries.
 1999-09-24 18:16:41 +00:00
Randy Kunkee
b133aa528b Change call to strcasecmp in ldap_sort_strcasecmp, which makes 
ldap_sort_entries work with ldap_sort_strcasecmp as the comparison
function.  Pointers were being dereferenced, and should only have been
casted.
 1999-09-24 08:02:54 +00:00
Kurt Zeilenga
a68825e6df Howard convinced me that this version is slightly better. 
back out previous commit.
 1999-09-24 00:16:16 +00:00
Kurt Zeilenga
a93ac070b5 I believe ldap_result2error should return the value returned 
by ldap_parse_result unless that value is SUCCESS.
 1999-09-23 22:57:05 +00:00
Howard Chu
91e24173d0 Update ld->ld_errno if LDAP_DECODING_ERROR... 1999-09-23 22:35:58 +00:00
Howard Chu
fa62e37667 Fix ldap_parse_result and ldap_result2error to return correct results. 1999-09-23 22:10:22 +00:00
Kurt Zeilenga
deafd4e274 experimental ITS#109 fix: make kbind open default connection if necessary. 
implemented ldap_open_defconn() to centralize default connection
opening in open.c.  Used by ldap_open, kbind, and send_initial_request().
 1999-09-23 04:08:33 +00:00
Ben Collins
53da7b6cda * build/top.mk: removed references to TMPROOT and added DESTDIR support 
* all others: Added DESTDIR support
 1999-09-22 21:51:30 +00:00
Kurt Zeilenga
86813f2b4b Fix typo in last commit. 1999-09-17 22:11:08 +00:00
Kurt Zeilenga
c35d53d6e0 Apply y2k fix based upon Howard Young's (ITS#294) suggestion 1999-09-17 22:05:51 +00:00
Kurt Zeilenga
7b0753afb2 Add OpenLDAP RCSid to conf files 1999-09-09 04:43:30 +00:00
Kurt Zeilenga
e642a1b9cd Add OpenLDAP RCSid 1999-09-08 22:52:19 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers. 
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
 1999-09-08 19:06:24 +00:00
Hallvard Furuseth
f3880e5633 Remove lint 1999-09-06 04:42:20 +00:00
Hallvard Furuseth
4a5e2febed Some constification & lint removal 1999-09-04 21:15:49 +00:00
Hallvard Furuseth
33cc7d4cf1 Introduce and use LDAP_GCCATTR() = __attributes__() in gcc 1999-09-03 21:06:33 +00:00
Hallvard Furuseth
c09a2c63e7 Cleanup: 
Fix printf formats, remove unused variables, add missing prototypes in slapd,
add static/const, add some return types or change to void return type.
 1999-09-02 08:05:17 +00:00
Kurt Zeilenga
f5c2ba7c3e Fix last commit. Should not have deleted assignment to p away. 1999-09-01 05:28:29 +00:00
Hallvard Furuseth
6632e41ee8 Export ldap_pvt_<find_wildcard,filter_value_unescape>() from libldap. 
Use them in slapd/str2filter.c.
 1999-08-31 00:44:49 +00:00
Kurt Zeilenga
878d489ea9 Do not overwrite charray argument if charray_add realloc fails. 
Caller is required to call ldap_charray_free as needed.
 1999-08-30 01:24:33 +00:00
Hallvard Furuseth
66704f67b9 Catch \ at end of filter 1999-08-28 22:15:16 +00:00
Hallvard Furuseth
4d94092995 Remove 'cast away const' 1999-08-28 22:14:21 +00:00
Hallvard Furuseth
635a666359 Fix typo in filter_value_unescape() 1999-08-28 22:06:52 +00:00
Kurt Zeilenga
cc3615314b Defer addition until we have some basic UTF-8 routines 1999-08-25 21:27:39 +00:00
Kurt Zeilenga
af17a9f7ad Add dn.c 1999-08-25 06:52:28 +00:00
Kurt Zeilenga
5c63fd55b5 Implement ldap_dn_normalize and friends. Should be used by clients 
to validate input dn's BEFORE sending dn's to server.
Also fixed getfilter to use REG_EXTENDED|REG_NOSUB.  (and fixed one
case where REG_BASIC was still used).
s/strdup/LDAP_STRDUP/
Added ldap_pvt_str2lower/upper
 1999-08-25 06:44:08 +00:00
Gary Williams
f8a3a664fc LDAP_P is only for prototypes, remove from function def 1999-08-24 18:42:11 +00:00
Kurt Zeilenga
2d2719123d Rename filter entry's strcpy_special() to strcpy_regex() to better 
reflect its purpose.  Modify switch to support REG_EXTENDED expressions.
Use REG_EXTENDED instead of REG_BASIC everywhere.
Modify <ac/regex.h> to support <gnuregex.h> for testing purposes.
Requires: env CPPFLAGS="-DHAVE_GNUREGEX_H=1" LIBS=-lgnuregex ./configure
 1999-08-24 01:13:30 +00:00
Kurt Zeilenga
b8a3a153bb Axe <varargs.h> support. Assume STDC C translator is available 
to build OpenLDAP.
 1999-08-24 00:27:53 +00:00
Hallvard Furuseth
2ae08eecad Fix printf formats: print msgtype as %lu, remove spurious sval arg in apitest 1999-08-17 21:14:03 +00:00
Hallvard Furuseth
fa4c4448c4 Add const, to fix "cast away from const" warnings 1999-08-17 21:09:26 +00:00
Hallvard Furuseth
6147119dc8 Add ldap_*2name() in <include,libldap>/schema, use them in slapd/schema 1999-08-16 02:59:11 +00:00
Hallvard Furuseth
e5e91d94aa Add missing newline and EOF 1999-08-16 02:40:00 +00:00
Kurt Zeilenga
83abd65d49 Add extensible filter support to -lldap. Need to implement server 
side (which most is dependent upon having matching rule support).
 1999-08-07 18:54:49 +00:00
Kurt Zeilenga
0fe5da0f9a Fix filter escapes. ITS#247 1999-08-07 04:48:16 +00:00
Kurt Zeilenga
e0691dfbc0 create SASL_LIBS to hold -lsasl 
create SECURITY_LIBS (top.mk) to order $SASL_LIBS $KRB_LIBS $TLS_LIBS
use $SECURITY_LIBS in Makefile.in's instead of $KRB_LIBS $TLS_LIBS
 1999-08-05 02:25:19 +00:00
Kurt Zeilenga
3820b35870 Use -llber set_nonblock implementation. 
Use ldap_int_tblsize instead of s+1 in select.
Need to eliminate all to read(2).
 1999-08-04 18:32:38 +00:00
Kurt Zeilenga
b3ce9d497c non-blocking connect needs special handling under Winsock. 1999-08-04 00:40:03 +00:00
Kurt Zeilenga
2b79ff2c48 Initial inet_aton() detection. 1999-08-03 20:02:44 +00:00
Kurt Zeilenga
1b41dfbce0 LDAP_OPT_NETWORK_TIMEOUT feature (ITS#239) from Lars Uffmann. 
Needs a bit more work.
	- global net/api timeouts are not inherited on session creation.
	- need configure check for inet_aton() (coming soon)
	- ioctl/fcntl portability issues (should share implementation
		with lber routines)
 1999-08-03 19:27:22 +00:00
Kurt Zeilenga
df8f7cbb9b s/exit(1)/exit(EXIT_FAILURE)/ 
s/exit(0)/exit(EXIT_SUCCESS)/
add <ac/stdlib.h> where needed and other minor header adjustments
 1999-08-03 18:14:24 +00:00
Kurt Zeilenga
97683ac5fd ldap_perror: don't print matched DN or error text if length is zero. 1999-08-02 20:03:50 +00:00
Kurt Zeilenga
c73f17fd6e Add -dn as a synonym for -dnt. 1999-08-02 17:19:05 +00:00
Kurt Zeilenga
236be7f5a7 Fix --enable-dns compilation problems. 1999-08-02 07:41:29 +00:00
Hallvard Furuseth
8a9b9292de Change unsigned long cast of offset to size_t in ldap_build_filter() 1999-08-02 05:51:04 +00:00
Hallvard Furuseth
576956ceb0 Finish s/lber_bprint/ber_bprint/ renaming 1999-08-02 01:20:48 +00:00
Hallvard Furuseth
67ff28bf52 Include <ac/stdlib.h> instead of <stdlib.h> 1999-08-01 22:42:34 +00:00
Hallvard Furuseth
894b74d730 Use ber_set_option() instead of setting lber_debug 1999-08-01 20:22:26 +00:00
Kurt Zeilenga
b217a4fc51 Remove lint, remove YEAR_PEDANTIC macro, update comment. 1999-07-27 00:36:33 +00:00
Kurt Zeilenga
de67e6d327 Fix leak of default filter. 1999-07-23 22:02:57 +00:00
Kurt Zeilenga
eb4c486b90 Update RFC comments 1999-07-23 21:56:21 +00:00
Kurt Zeilenga
5fea91c3ec Accept ldap://foo:port (ie: no trailing '/') 1999-07-23 21:54:18 +00:00
Julio Sánchez Fernández
9cdd2c2037 ldap_url_parse was fundamentally broken. It would quit before 
time, skipping the filter, for instance.  Also, we were parsing
twice the scope and the filter.  I think this change is right,
but could use more eyeballs...
 1999-07-23 20:36:11 +00:00
Randy Kunkee
6bef298437 Remove extra code (non-functional change, just produces warning on OSF4.0e). 1999-07-23 00:56:56 +00:00
Kurt Zeilenga
d147e609d2 Implement TCP_NODELAY on both client and server side. 1999-07-22 21:49:35 +00:00
Kurt Zeilenga
42304b7ada Fix control parsing and controls free routine. 1999-07-22 04:47:58 +00:00
Kurt Zeilenga
17eb202732 Unhex url extensions. 1999-07-21 20:44:40 +00:00
Julio Sánchez Fernández
5f53b747a5 Partial support for a new option to help debug TLS connections, 
not yet user-settable.  Defaults "on" for now.
Partial support for temporary RSA keys, skeleton for DH.
Add call to X509V3_add_standard_extensions() on init, mod_ssl
does this too, but I am unsure about what it does.
Move management of client CA certificates to a new routine, since
it is going to get more complex than the current code.
 1999-07-21 19:18:08 +00:00
Julio Sánchez Fernández
e892ebfc5e Some content for tls_verify_cb where parts of our policy should 
be implemented.

The rest of this change mostly contains random ideas taken from
mod_ssl.  The purpose is to get the repository in sync with the
code I am testing.  I still can't manage to make Netscape send
its certificate to slapd, though it works with Apache/mod_ssl
(with the same certificates).  Trying s_client against both
does not shed any light.  If anyone manages to make it work,
please let us know.
 1999-07-20 18:31:53 +00:00
Julio Sánchez Fernández
463a7ec91d We were freeing lud_dn when when lud_host was meant, leading to 
arena corruption.
 1999-07-20 11:11:57 +00:00
Kurt Zeilenga
543aafd991 Implement RFC2255 URL format. 1999-07-19 19:32:47 +00:00
Kurt Zeilenga
d2487f9219 s/time(0)/time(NULL)/ 1999-07-19 19:28:21 +00:00
Hallvard Furuseth
cde93a6e06 make ldap.ld_lberoptions unsigned, like berelement.ber_options 1999-07-18 01:20:45 +00:00
Hallvard Furuseth
5ab862aee7 Pass socklen_t* instead of int* to getsockopt, accept, getpeername, recvfrom 1999-07-16 18:43:10 +00:00
Julio Sánchez Fernández
85acec922f We were not remembering the allocated SSL thing in the Sockbuf. 
Set flags without relying on errno (this change may be gratuitous
or wrong).
 1999-07-16 15:46:15 +00:00
Julio Sánchez Fernández
7a64fcf7b3 Set ciphers from slapd.conf. 
More error checking and reporting.
Slowly getting there, SSL_accept succeeds now, but connection breaks
immediately after that (my glue logic with slapd is broken).
 1999-07-15 21:03:47 +00:00
Kurt Zeilenga
c7425738bb Add missing arg to Debug macro call 1999-07-15 20:00:05 +00:00
Julio Sánchez Fernández
41de66a0b2 New routine tls_report_error to analyze errors from OpenSSL 
Change temporarily the default protocol from TLSv1 to SSLv3 with
fallback to SSLv2.  This seems necessary for slapd to accept connections
from Netscape.
Try to set the cipher list in the default context.  Does not semm to
work yet.
 1999-07-15 14:59:09 +00:00
Kurt Zeilenga
cbb5553b03 Newer versions of OpenSSL install headers in $prefix/include/openssl... 1999-07-14 00:03:52 +00:00
Julio Sánchez Fernández
710f697fb7 Get and set TLS options 1999-07-13 19:34:07 +00:00
Julio Sánchez Fernández
70fe83b1d2 First version with TLS. Untested. 1999-07-13 19:32:51 +00:00
Julio Sánchez Fernández
43fba8fcb1 First version with TLS. Untested. 1999-07-13 19:30:41 +00:00
Julio Sánchez Fernández
97a681910e Options for TLS 1999-07-13 19:29:19 +00:00
Julio Sánchez Fernández
739466b85d Add tls.c 
Add use of TLS_LIBS so that test tools compile
 1999-07-13 19:27:33 +00:00
Julio Sánchez Fernández
8f4f94d415 First version of TLS glue for SSLeay/OpenSSL originally written by 
Bart Hartgers.  Untested.
 1999-07-13 19:11:53 +00:00
Hallvard Furuseth
2c27a6abcf Eliminate htonl(unsigned_long_arg), which is wrong on 64-bit OSF1/alpha 1999-07-13 09:41:25 +00:00
Hallvard Furuseth
5f880ae022 Fix LDAP_CONST->const in explode_name(), it failed when LDAP_CONST was empty. 1999-07-13 06:48:35 +00:00
Hallvard Furuseth
fb3b8e5ef1 Fix LDAP_CONNECTIONLESS code rot 1999-07-13 06:39:55 +00:00
Hallvard Furuseth
c4a13efbea Fix NULLxxx -> NULL 1999-07-13 06:37:19 +00:00
Hallvard Furuseth
6eef6bea01 ldap-int.h 1999-07-13 06:27:47 +00:00
Hallvard Furuseth
354702b94e ldap-int.h 1999-07-13 06:21:14 +00:00
Hallvard Furuseth
96e8fafb51 constify use of invalue in <ber/ldap>_set_option() 1999-07-13 05:17:50 +00:00
Hallvard Furuseth
2cc187ffbf constify ldap_int_put_controls, ldap_control_dup, ldap_controls_dup 1999-07-13 05:13:33 +00:00
Hallvard Furuseth
95b64907d3 Fix read_next_searchobj prototype: long*blenp -> ber_len_t*blenp 1999-07-13 05:04:06 +00:00
Hallvard Furuseth
55fa595f56 Add missing newline at EOF 1999-07-13 04:11:49 +00:00
Kurt Zeilenga
7574b70c6b Add charray (from slapd) to -lldap/-lldap_r (not yet used) 
Add digest md5 codes to -lldap/-lldap_r (work in progress)
 1999-07-07 17:58:21 +00:00
Kurt Zeilenga
4831bb0a75 request value should be optional. 1999-07-07 17:52:06 +00:00
Kurt Zeilenga
a67b08d515 Minor editorial change. 1999-07-07 17:51:39 +00:00
Kurt Zeilenga
522cd72f43 Fix CRITICIAL typo 1999-07-07 17:49:15 +00:00
Julio Sánchez Fernández
c8e37af0ca Removed numerous memory leaks detected by Mark Meredith. 
Make sure the token_val argument to get_token is always initialized
to something, either newly allocated memory or NULL.
 1999-07-02 11:57:07 +00:00
Kurt Zeilenga
ddd0559284 Fairly complete slapd SASL bind parsing... and centralized cleanup code. 
Update error strings and cldap misuse of server error.
 1999-07-01 04:42:01 +00:00
Kurt Zeilenga
f4ff5a9299 EXPERIMENTAL: Use sasl bind for simple bind. 
Add sasl.c to libldap_r.dsp.
 1999-06-28 23:24:16 +00:00
Kurt Zeilenga
64d5725662 Allow ctrls argument to be NULL. 1999-06-28 22:47:20 +00:00
Kurt Zeilenga
5045f15b23 EXPERIMENTAL ldap_parse_result() 1999-06-28 22:33:03 +00:00
Kurt Zeilenga
8482d2b488 Provide build support for sasl.c. 1999-06-28 22:30:56 +00:00
Kurt Zeilenga
1fd3c797a8 Validate outvalue after session param. 1999-06-28 22:22:27 +00:00
Kurt Zeilenga
37fceeb662 Minor cleanup of ldap_result(). 1999-06-28 22:20:04 +00:00