Pierangelo Masarati
9abaf38d1f
silence warnings
2009-08-19 12:23:27 +00:00
Pierangelo Masarati
8776630509
address signedness issue
2009-08-19 12:06:04 +00:00
Hallvard Furuseth
f0d775609b
More ITS#6262: Also define ldap_pvt_gmtime_[un]lock if localtime_r is missing
2009-08-19 10:10:31 +00:00
Pierangelo Masarati
637182b8f4
fix previous commit
2009-08-19 00:12:39 +00:00
Pierangelo Masarati
f3cdcadf89
wrap gmtime for reentrancy (ITS#6262)
2009-08-18 23:48:15 +00:00
Pierangelo Masarati
5c916588b8
fix previous commit
2009-08-18 19:09:12 +00:00
Pierangelo Masarati
98a8b74d53
expose SASL_USERNAME when it makes sense (EXTERN needs work, much like SASL_SSL) (ITS#6257)
2009-08-18 18:47:56 +00:00
Howard Chu
b87553684a
More for prev commit
2009-08-14 20:02:08 +00:00
Howard Chu
9b764c3f9e
Fix prev commit again, IPPROTO_TCP is the documented correct approach
2009-08-13 21:35:38 +00:00
Howard Chu
f5bad5673b
Fix prev commit, it was not Linux-only as it claimed to be.
2009-08-13 20:55:04 +00:00
Hallvard Furuseth
791035d93f
Fix last commit: cast strcasecmp unsigned char* to char*
2009-08-07 21:46:25 +00:00
Howard Chu
e229b7c398
In session_chkhost get the last CN, not the first.
2009-08-07 11:59:42 +00:00
Howard Chu
d479db53e0
Minor cleanup
2009-07-31 03:26:03 +00:00
Howard Chu
403ee0b62e
Fix, reqcert == ALLOW should ignore cert verification failures
2009-07-31 01:51:34 +00:00
Howard Chu
3f2101198b
ITS#6239 use our own hostname checking for MozNSS
2009-07-31 01:32:51 +00:00
Howard Chu
d4f2a06887
Check for CN length match as well in chkhost
2009-07-30 21:52:09 +00:00
Howard Chu
91dc4501d4
Add VLV Error
2009-07-13 13:13:38 +00:00
Hallvard Furuseth
bbe015f65b
ITS#6197 - normalize & speed up ldap_err2string/ldap_perror():
...
Use same result code -> string mapping for both, removing ldap_int_error():
- Classify unknown error codes as API/extension/etc like _err2string did.
- Pass all strings through _(), i.e. the optional gettext, as _perror did.
Also use a switch instead of linear search for the code->string mapping.
Hopefully the compiler will optimize that. Though the extra gettext,
if anyone uses it, probably counters that speedup.
2009-07-07 20:05:09 +00:00
Howard Chu
8680c13c5f
Cleanup ciphernum
2009-07-03 02:06:24 +00:00
Howard Chu
d95bc8d2d8
Acknowledge richm
2009-07-02 23:19:44 +00:00
Howard Chu
4b8485c47a
ITS#5696 Additional MozNSS support from rmeggins@redhat.com
2009-07-02 23:10:23 +00:00
Howard Chu
de91bde800
ITS#6192 add all digests. Also stop using SSLeay-compatible function
...
names, we're only concerned with OpenSSL these days.
2009-07-01 23:46:36 +00:00
Hallvard Furuseth
13cbd433bd
Cast getpeername() arg from struct sockaddr_un* to struct sockaddr*
2009-06-11 16:21:52 +00:00
Ralf Haferkamp
5725d5d6e9
Introduce options to configure tcp-keepalive settings per connection. These
...
settings only work on Linux and are ignore when not supported (see
discussion on -devel)
2009-05-06 13:14:36 +00:00
Pierangelo Masarati
99fe30b326
(nearly blind) fix for NULL in TLS error message (ITS#6079)
2009-04-29 11:31:39 +00:00
Ralf Haferkamp
eec889f6d9
more warning fixes
2009-04-24 09:48:08 +00:00
Howard Chu
e223d0b124
ITS#6053 must use gnutls_x509_privkey_init()
2009-04-11 03:53:26 +00:00
Howard Chu
0ba084d8b0
More cleanup
2009-03-05 09:15:02 +00:00
Howard Chu
c3f8e67615
Tweak prev commit
2009-03-05 09:13:26 +00:00
Howard Chu
9bc829dbef
ITS#5991 build cert chain, GnuTLS doesn't do it for us
2009-03-05 08:04:49 +00:00
Howard Chu
54ed3779d6
ITS#5992 trust X509v1 CA certs
2009-03-05 04:35:49 +00:00
Howard Chu
bd312123d6
ITS#5980 clear res_matched after successfully chasing referral
2009-03-03 17:57:24 +00:00
Howard Chu
ee5b6762ae
ITS#5980 - find_connection should match URLs with empty hostname
2009-03-03 17:56:44 +00:00
Howard Chu
a1861fd162
ITS#5849 patch was wrong, don't X509_free session cert
2009-03-02 17:43:38 +00:00
Howard Chu
c3cff40c1c
ITS#5981 fix GnuTLS TLSVerifyClient try
2009-03-02 03:01:41 +00:00
Howard Chu
e5e9191aeb
ITS#5976 check for cert/DN
2009-02-25 21:48:10 +00:00
Howard Chu
64884e7c6c
Don't call NSS_Shutdown if someone else init'd the library
2009-02-25 10:14:00 +00:00
Pierangelo Masarati
0d6e859846
fix ldap namespace (part of ITS#5974)
2009-02-24 21:09:41 +00:00
Pierangelo Masarati
ed97e96944
re-fix ITS#5916
2009-02-20 01:07:00 +00:00
Quanah Gibson-Mount
3b743a3b79
Revert part of last commit
...
Remove erroneous comment
2009-02-17 21:47:09 +00:00
Quanah Gibson-Mount
83cb8883a6
More for ITS#5955
...
Also special case rand file bits that are OpenSSL only
2009-02-17 21:39:50 +00:00
Quanah Gibson-Mount
331a57fa37
ITS#5955
2009-02-17 21:32:09 +00:00
Pierangelo Masarati
040f945d36
fix misc warnings
2009-02-15 21:59:16 +00:00
Howard Chu
f38d2df19b
Add comments about ITS#3134, #5938 , RFC4513 for posterity. This
...
file will be moving to the Attic...
2009-02-11 01:35:56 +00:00
Howard Chu
b886c2ad8a
ITS#5937 fix ancient IPv6 typo
2009-02-10 13:27:22 +00:00
Howard Chu
80c6ea52ea
ITS#5853 restructure wait4msg / try_read1msg again. Consolidate
...
the two try_read1msg cases into one, bump refcnts to prevent
lconn's from being freed prematurely.
2009-02-10 09:51:31 +00:00
Howard Chu
fbf42baefa
ITS#5934 fix NULL pointer deref
2009-02-09 21:14:46 +00:00
Howard Chu
4bc8cb6336
ITS#5928 hide all ldap_pvt_tls APIs when !HAVE_TLS
2009-02-08 03:25:48 +00:00
Howard Chu
ff8838aa28
ITS#5920 restore old HAS_TLS test
2009-02-04 08:56:04 +00:00
Howard Chu
2b08e96b53
ITS#5916 - externally callable functions are ldap_pvt, not ldap_int.
2009-02-02 21:14:34 +00:00