Commit Graph

21786 Commits

Author SHA1 Message Date
Ryan Tandy
9d2dc5dd24 ITS#8198 use #elif instead of #else for gnutls cases
Reserve #else for actual fallback cases.
2015-08-22 18:59:13 -07:00
Luca Bruno
709a0f4a97 ITS#8198 Optionally use libnettle instead of OpenSSL for crypto
OpenLDAP can be configured to be either built with OpenSSL or
GnuTLS. This commit adds support for building pw-pbkbdf2 module
without OpenSSL, by using PBKDF2 crypto primitives provided by
libnettle.
Closes hamano/openldap-pbkdf2#2

Signed-off-by: Luca Bruno <luca.bruno@rocket-internet.de>
2015-08-22 19:35:38 +00:00
Luca Bruno
ba20d70d2b ITS#8198 Fix an always-true check
Fixed asprintf return value check, in order to properly catch
error conditions. This has been caught by clang -Wtautological-compare:

pw-pbkdf2.c:132:17: warning: comparison of unsigned expression < 0 is always false
        if(msg->bv_len < 0){
           ~~~~~~~~~~~ ^ ~

Signed-off-by: Luca Bruno <luca.bruno@rocket-internet.de>
2015-08-22 19:35:34 +00:00
Howard Chu
0dba4d2c9a Threadqueues - remove obsolete comment 2015-08-22 17:54:20 +01:00
Howard Chu
ed2a625de6 More for threadqueues
Revert previous patch, just delete all the associated juggling.
No longer serves any purpose.
2015-08-22 13:50:40 +01:00
Howard Chu
c034282b14 More for threadqueues
Catch threads that are finishing while pool was pausing
2015-08-21 21:37:37 +01:00
Howard Chu
79157d314f ITS#8220 fix prev commit
Dynamic startup was failing
2015-08-21 11:40:02 +01:00
HAMANO Tsukasa
61c95e7669 ITS#8114 OpenLDAP WiredTiger Backend 2015-08-19 18:13:27 +01:00
Howard Chu
f385fd5ad1 ITS#8082 plug benign memleak 2015-08-19 17:44:08 +01:00
Howard Chu
a96fc51ebb ITS#8218 zero filter after freeing
This appears to be cruft leftover from rev e8c58b4e7f
2015-08-19 15:35:45 +01:00
Howard Chu
7fb9bb93bf ITS#8220 restore refint performance 2015-08-19 14:04:15 +01:00
Howard Chu
150cf51c34 ITS#8185 fix OID collision 2015-08-15 01:42:12 +01:00
Howard Chu
e5b9bdd8c5 ITS#8185 missing schema reference 2015-08-15 00:56:50 +01:00
Howard Chu
cb28f28354 Strip down even more
syslogd always overrides the timestamp, so just omit it
Don't use *printf if we don't need to.
2015-08-14 17:48:59 +01:00
Howard Chu
afa9a9c3e0 Use batched write txns in refresh
Experimental - write 500 updates per txn instead of 1:1
2015-08-14 17:43:03 +01:00
Ryan Tandy
1c49424134 ITS#8133 avoid mods during dds_db_open
If dds is present early in the overlay stack, the modify ops from
dds_expire can trigger other overlays before they have initialized.
Avoid that by delaying the first expiry until startup has finished.
2015-08-14 08:46:56 -07:00
Howard Chu
b0950f4d44 Fix copy/paste error in prev commit 2015-08-14 15:33:32 +01:00
Howard Chu
af27b7032e ITS#8185 add pwdMaxRecordedFailure
Limit the number of pwdFailureTime stamps to record, regardless
of lockout settings.
2015-08-14 15:19:46 +01:00
Howard Chu
7308f0675a Merge remote-tracking branch 'origin/mdb.RE/0.9' 2015-08-14 01:03:42 +01:00
Howard Chu
5d67c6aed1 Release 0.9.16 2015-08-14 01:00:38 +01:00
Howard Chu
768967f176 More filter tweaks 2015-08-10 19:36:06 +01:00
Howard Chu
571a7c72fc Shortcut name mapping
If the naming attribute is in the RDN we don't need to look it up.
2015-08-09 20:57:49 +01:00
Ryan Tandy
7380354270 ITS#8213 fix deleting rewrite rules
From ITS#5940. Add path has the same code.
2015-08-08 07:49:15 +00:00
Howard Chu
523f989d8f More filter mapping
Was only handling (objectclass=<group>)(<memberUid>=bar).
Now handles (objectclass=<group>)(<groupname>=bar) too.
2015-08-07 04:04:22 +01:00
Howard Chu
ccffcece15 Avoid timing issues in pcache 2015-08-04 13:27:01 +01:00
Howard Chu
94ddee1bca Avoid hex timestamp in middle of lines
Tweaks commit 8d74f717ff
Don't worry about threading/race conditions here, it's not important
2015-08-04 13:26:16 +01:00
Howard Chu
706bbd42d9 Fix interaction with rwm 2015-08-01 00:35:44 +01:00
Howard Chu
20c0464fed Also remap explicitly requested attr names 2015-08-01 00:20:49 +01:00
Howard Chu
2000f771f6 Merge remote-tracking branch 'origin/mdb.RE/0.9' 2015-07-30 00:55:37 +01:00
Howard Chu
d139771b43 ITS#8192 fix reference to EINTR on WIN32 from ITS#8106 2015-07-30 00:51:04 +01:00
Howard Chu
c4ae054bce Updated for ITS#8181, #8190, #8200 2015-07-28 15:20:43 +01:00
Howard Chu
99ea907e74 Merge remote-tracking branch 'origin/mdb.RE/0.9' 2015-07-28 15:14:10 +01:00
Hallvard Furuseth
4b58502c77 ITS#8200 Fix mdb_midl_shrink() usage, return void 2015-07-28 15:13:22 +01:00
Hallvard Furuseth
1fd0341f76 ITS#8181 Verify that records are/aren't DBs.
Except we don't catch the user passing F_SUBDATA to
mdb_cursor_<put/del>, like an internal LMDB call.
2015-07-28 15:13:10 +01:00
Howard Chu
7513bd4618 ITS#8190 fix cursor EOF bug 2015-07-28 15:12:58 +01:00
Howard Chu
024d4cbee2 Fix filter init
compound filters f_next is not ignored
2015-07-28 12:10:54 +01:00
Howard Chu
fb7470d82f More tweaks
Check for error on internal search, init AttributeAssertions in
constructed filter
2015-07-25 23:23:41 +01:00
Howard Chu
3770a2c1e3 tweak filter mapping in prev commit
Don't bypass downcasing
2015-07-25 22:31:43 +01:00
Howard Chu
4cbd3b63c0 Add filter remapping 2015-07-25 22:23:46 +01:00
Howard Chu
fa705a1814 ITS#8203 plug leak in prev commit 2015-07-24 19:32:19 +01:00
Howard Chu
3033f89eef ITS#8203 more fixes for #8036/#7904. 2015-07-24 18:35:28 +01:00
Ryan Tandy
b48d0169d0 ITS#8199 fix NULL ptr dereference in at_next
Deleting all values of olcAttributeTypes and then adding a value with
index > 0 triggers a NULL dereference when config_generic tries to
append to a list that doesn't exist yet.

Already fixed for olcObjectClasses in ITS#5388.
2015-07-17 16:09:46 -07:00
Howard Chu
e75fbc953f ITS#8201 LDAPSTACKGUARD feature 2015-07-16 18:58:23 +01:00
Howard Chu
e5c778fa43 ITS#8173 fix SEGV after failed retry 2015-07-16 03:29:06 +01:00
Howard Chu
a8491a63e6 Fix setting authTimestamp on non-TOTP binds 2015-07-16 03:28:37 +01:00
Howard Chu
34e7cbb6fe Plug memleak on mismatched length 2015-07-13 17:17:42 +01:00
Howard Chu
4796f01209 ITS#8195 fix ITS#7027 regression, port number sign bit overflow
Another bug from 5de85b922a
2015-07-12 11:14:33 +01:00
Howard Chu
624c1fac8b ITS#8184 avoid redundant mod ops
If multiple ppolicy overlays are present on a glued tree, they all
attempt to update the policy operational attributes in response to
password-related activities. The redundant mod ops will cause the
entire op to fail. Check for these ops before inserting new ones.
2015-07-10 14:04:29 +01:00
Howard Chu
eb25ece469 Revert unintended commit 2015-07-08 14:25:52 +01:00
Howard Chu
b7a291a488 Experimental syslog() replacement
2-3x faster than libc. Add it to the Makefile yourself if you want to test it.
2015-07-08 14:22:29 +01:00