Commit Graph

6730 Commits

Author SHA1 Message Date
Kurt Zeilenga
1107e78c5f update SASL compat test to check for 1.5 compatibility 2002-05-13 20:16:44 +00:00
Kurt Zeilenga
53257cf037 Update SASL compat test to check for 1.5 compatibility 2002-05-13 20:16:10 +00:00
Kurt Zeilenga
82dc573752 Always check SASL compatibility
(Cyrus SASL 2 library may not be called -lsasl2).
2002-05-13 18:48:27 +00:00
Howard Chu
856e21296a Cleanup log msg 2002-05-12 19:21:12 +00:00
Howard Chu
2d94a2016c Check for NULL before comparing authcid 2002-05-12 18:42:43 +00:00
Howard Chu
d7060d19f3 Skip processing if canonicalization is invoked redundantly (SASL PLAIN).
Truncate large username instead of failing with SASL_BUFOVER; we only care
about the DN anyway. (SASL 2 only)
2002-05-12 18:40:37 +00:00
Howard Chu
aea521bec2 Fix, SASL authzIDs might not be NUL-terminated. prop names must only be
set once; setting erases all existing values.
2002-05-11 20:19:55 +00:00
Howard Chu
da7a5a8e79 Fix typo in 1.97 2002-05-11 19:24:04 +00:00
Howard Chu
b2e731a3e0 Win32 fix from Kervin Pierre 2002-05-11 18:15:07 +00:00
Howard Chu
dfae2441eb Cleaned up getdn normalization 2002-05-11 08:07:18 +00:00
Howard Chu
379f84ba47 Fix previous commit, free in wrong place 2002-05-11 06:58:13 +00:00
Howard Chu
b057507e23 Cleanup HAVE_TLS dependencies, cleanup username with embedded realm handling 2002-05-10 19:26:35 +00:00
Howard Chu
9979d200db Fleshed out debug2syslog 2002-05-10 17:48:54 +00:00
Kurt Zeilenga
445b7982d7 Patch: back-passwd needs pwent mutex (ITS#1794)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

back-passwd uses getpwent() and setpwfile(), which use static data.
It needs a mutex to make sure these operations can complete without
interference from another back-passwd call.  Here is a patch.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.
2002-05-09 02:26:05 +00:00
Kurt Zeilenga
15e6a98bba Patch: Non-unique msgid for abandon in back-<shell,tcl> (ITS#1793)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

Here is a patch which does what I described.  Of course, someone has
to decide if that is the right solution:-)
- Add an "opid:" line to the input to back-shell commands.
- Add an "abandonid: <opid> line to back-shell/abandon input.
- Replace message id with opid in back-tcl arguments.
- Add an abandonid = <opid> argument to back-tcl/abandon.
An opid (operation ID) is a "connection ID/message ID" string.  I
would have liked to use another name to avoid confusion with struct
slap_op->o_opid, but I could not think of another apt word.

This also fixes ITS#1784 and ITS#1792.  Since calling conventions
changed anyway, I fixed back-shell by adding abandonid: and making
opid: always be the ID of the current operation.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.
2002-05-09 02:11:39 +00:00
Kurt Zeilenga
2ab8810555 Documentation patch #4 (ITS#1749)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

Small changes:
- Fix typo slapd_meta -> slapd-meta in slapd-meta(5).
- Add slapd-dnssrv(5) to SEE ALSO in slapd.conf(5).
- Add descriptions of the files in FILES sections.
- Add $HOME/.udrc to FILES in ud(1) and ud.conf(5).
- Add ldaprc (without ".") and ENVIRONMENT VARIABLES in ldap.conf(5).
- Change manpage references to proper ".BR name (section)".

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.
2002-05-09 02:07:41 +00:00
Howard Chu
da36670ea3 Don't use slap_empty_bv in structures that are expected to be free'able. 2002-05-08 23:16:17 +00:00
Howard Chu
9ba9ac4d9e Fix dnParent: must always return a pointer relative to the input pointer. 2002-05-08 23:04:11 +00:00
Howard Chu
41c5a36376 Require 2.1.3 or higher for Cyrus SASL 2 2002-05-07 23:56:59 +00:00
Howard Chu
fbe4785c5a Delete unused CANON_BUF_SIZE #define 2002-05-07 23:29:19 +00:00
Howard Chu
6f47e13147 Cyrus 2 support now requires Cyrus 2.1.3. Adds support for in-directory
SASL secrets. (Only works with plaintext userpassword tho.)
2002-05-07 23:08:23 +00:00
Howard Chu
3831d98237 Turn these functions on again. Need backend_attribute for SASLauthz stuff.
Fix to work with NULL op.
2002-05-07 22:35:01 +00:00
Howard Chu
a067d64c3a Fixes for slap_sasl_regexp parsing and normalization 2002-05-07 18:46:32 +00:00
Howard Chu
56f1355968 Added comment for future reference re: in-directory secrets 2002-05-07 02:17:34 +00:00
Howard Chu
2ca4b0ebfc ITS#1806, Cyrus 1 doesn't give back our callbacks pointer, must stash it
ourselves.
2002-05-06 23:56:35 +00:00
Howard Chu
a039bd97ea ITS#1803, bogus free() of lber-private memory. 2002-05-06 16:51:00 +00:00
Howard Chu
ae3a80eb09 Fix in 1.50 applies to Cyrus 1 as well as Cyrus 2. 2002-05-05 19:15:29 +00:00
Kurt Zeilenga
f9687f6c2a Patch: incomplete 'make clean' in liblunicode (ITS#1791)
In liblunicode, 'make clean' and 'make distclean' do not remove
the symlinks ucdata.h and ure.h.

from Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>
2002-05-04 23:13:51 +00:00
Pierangelo Masarati
bffa43e743 fix formats 2002-05-04 11:07:28 +00:00
Pierangelo Masarati
b0d1a52975 remove unused variables 2002-05-04 11:07:04 +00:00
Howard Chu
e8e7847175 ITS#1797 silence uninit'd var warnings 2002-05-04 10:52:05 +00:00
Howard Chu
55cefef7ee ITS#1797 err used unit'd in Debug statement. (removed) 2002-05-04 10:50:24 +00:00
Kurt Zeilenga
46e33e4634 Fix typos 2002-05-04 04:35:41 +00:00
Kurt Zeilenga
7b1d619a58 Basic dnssrv man page 2002-05-04 04:34:58 +00:00
Howard Chu
3590877b77 Initialize authid in case ldap_pvt_tls_get_my_dn fails 2002-05-04 01:32:41 +00:00
Howard Chu
ef678b179c ITS#1795 authid is uninit'd if tls_get_cert fails 2002-05-04 01:28:56 +00:00
Howard Chu
846a5832bb Set tls_opt_require_cert to default to NEVER. libldap defaults to DEMAND
due to client needs, we change it back here.
2002-05-04 00:07:12 +00:00
Howard Chu
0390a171b9 Changed default tls_opt_require_cert value to LDAP_OPT_X_TLS_DEMAND; force
a fatal error when TLS server cert verification fails.

Changed ldap_pvt_tls_check_hostname to return LDAP_SUCCESS when no cert is
found: this can now only occur if tls_opt_require_cert was explicitly set
to NEVER or ALLOW.

In tls_verify_cb, added a text translation of the verification error code
to the debug message.
2002-05-04 00:05:48 +00:00
Kurt Zeilenga
9d39e1e672 fix uninitialized counter in matched values 2002-05-03 19:00:52 +00:00
Howard Chu
a352bcaa16 Fix DN freeing in BDB_HIER case. (BDB_HIER is still broken, seems to have
a bad interaction with the entry cache.)
2002-05-03 14:47:29 +00:00
Howard Chu
203c410243 Fix dependency typo from 1.99 2002-05-03 14:42:14 +00:00
Howard Chu
640bc864fa Use specific msg id instead of ANY to retrieve search results 2002-05-03 14:23:55 +00:00
Howard Chu
6c1a786d6c Fix previous commit, wrong if condition 2002-05-03 13:07:42 +00:00
Howard Chu
ed871b997c Break up large SASL writes into units of SASL maxoutbuf size. 2002-05-03 13:04:55 +00:00
Howard Chu
931c4eb35f For Cyrus 2, cannot free session_callbacks in ldap_int_sasl_open, must
wait until ldap_int_sasl_close because SASL doesn't copy our structure,
it uses it directly.
2002-05-03 12:10:47 +00:00
Pierangelo Masarati
033631f30a s/LDAP_UNWILLING_TO_PERFORM/LDAP_ADMINLIMIT_EXCEEDED/ when search candidates exceed unckecked limit 2002-05-03 10:27:37 +00:00
Kurt Zeilenga
8c152396b9 Matched Values implementation (ITS#1776) based upon submission
form Mikhail Sahalaev <M.Sahalayev@pgr.salford.ac.uk>.
Further work needed:
	add testxxx-matchedvalues
	rework ldapsearch(1) portion of patch to generalize use of options
---
Copyright 2001, Mikhail Sahalaev, All rights reserved.
This software is not subject to any license of University Of
Salford.

Redistribution and use in source and binary forms are permitted
without restriction or fee of any kind as long as this notice
is preserved.
2002-05-02 18:56:56 +00:00
Pierangelo Masarati
71aa1c5dc9 clarifications 2002-05-02 16:49:47 +00:00
Pierangelo Masarati
4f24ebbb8d 3rd step at updating docs by hallvard Furuseth (with minor changes in slapd-meta.5) 2002-05-02 16:35:16 +00:00
Howard Chu
b732d3ec55 Fix previous commit, only zero out v3 refer_cnt if we got a SEARCH_RESULT.
If we got a SEARCH_REFERENCE, we need to keep going...
2002-05-02 12:08:19 +00:00