Commit Graph

996 Commits

Author SHA1 Message Date
Howard Chu
e37ccca9aa Fix ldap_int_get_controls for optional values 2002-10-07 19:58:10 +00:00
Kurt Zeilenga
491e75548c ITS #2121 submitted by Dave Steck <dsteck@novell.com> with minor changes.
Patch to allow referrals to be read on synchronous non-search operations.
Treat referrals the same way as MatchDN or ErrorString values.
Store them in the ld structure and provide an option for ldap_get_option
to retrieve them
2002-10-02 19:14:02 +00:00
Kurt Zeilenga
bbbf2f4ca7 Fix handling of non-critical controls for backends which
support no controls.
2002-09-24 18:20:59 +00:00
Howard Chu
4d8a2e2815 Remove dependencies on HAVE_VSNPRINTF, use replacement in liblutil/stdio.c
if needed. Same check for snprintf.
2002-09-06 20:54:22 +00:00
Howard Chu
ee30206bc2 Merged ldap_get_values_ber into ldap_get_attribute_ber. 2002-09-06 04:57:21 +00:00
Howard Chu
6a903bc1e5 Added new ldap_get_{dn,attribute,values}_ber functions for linearly
processing a search entry. Avoids O(n^2) ldap_get_values() behavior.
2002-09-05 11:33:32 +00:00
Howard Chu
af05dd5511 Set SSL session cache context ID 2002-09-04 07:17:31 +00:00
Howard Chu
f83d30a727 Fix previous commit - still need X509_free for peer cert.
Just not for local/my cert.
2002-09-04 02:28:42 +00:00
Kurt Zeilenga
a83cc88edd Move ldap_control_dup() to ldap_pvt.h 2002-09-04 02:14:12 +00:00
Howard Chu
5d062ef54c Don't call X509_free after SSL_get_certificate, it's not a duplicate. 2002-09-04 01:56:09 +00:00
Howard Chu
3099d89d9e Don't use sasl_set_alloc on Cyrus 2, it manages all of its memory
internally and we don't want to get in the way.
2002-09-02 22:25:26 +00:00
Howard Chu
90b1e7bd45 Fix ldap_X509dn2bv, OpenSSL gives us DN attributeTypes in EBCDIC 2002-09-02 13:46:56 +00:00
Pierangelo Masarati
c76b36254c cleanup comments 2002-08-31 10:41:49 +00:00
Howard Chu
17493164ea Fix previous commit 2002-08-31 06:23:46 +00:00
Howard Chu
e3304da727 OS/390 EBCDIC support 2002-08-31 05:14:43 +00:00
Howard Chu
d11b134709 Fix large SASL reads. Use EAGAIN instead of EWOULDBLOCK (was right the
first time after all. see read(2) and write(2)...)
2002-08-30 10:11:54 +00:00
Pierangelo Masarati
864f05497e allow different solutions to debug sasl shutdown 2002-08-29 17:45:12 +00:00
Pierangelo Masarati
c2efb8788b when shutting down a server with open connections (back-{ldap,meta}),
the backend attempts a ldap_unbind() that results in calling
ldap_pvt_sasl_mutex_lock() with a NULL argument, causing a SIGSEGV.
I added a few assert() to catch this (I wonder if this might
be related to ITS#1982 "kill -INT corrupts database").
2002-08-29 16:03:38 +00:00
Howard Chu
1dd1c375bb Fix previous commit - use EWOULDBLOCK instead of EAGAIN 2002-08-29 13:38:36 +00:00
Howard Chu
456e6c73ab Fix ITS#1983, handle writing of large requests. Only one pending request is
allowed per LDAP* handle. It works, but needs review.
2002-08-29 12:12:36 +00:00
Pierangelo Masarati
519bf9e28a cleanup logging 2002-08-29 10:42:42 +00:00
Howard Chu
010dbff2cc Fix ITS#1983, in sb_sasl_write, set errno = EAGAIN to tell upper layers to
retry partial writes
2002-08-29 10:12:35 +00:00
Howard Chu
5ec4ef6e59 Added no-op for SASL_VERSION_MAJOR < 2 2002-08-28 08:35:38 +00:00
Howard Chu
3cb7a09eb0 Added check for Cyrus SASL sasl_version() 2002-08-28 07:12:22 +00:00
Kurt Zeilenga
7dc1e069e8 Increase res_query buffers to 64k 2002-08-24 17:03:24 +00:00
Pierangelo Masarati
4046c4226e add upper/lower funcs that also compute the length of the string (not used yet) 2002-08-23 08:45:17 +00:00
Kurt Zeilenga
678d686017 make dc const 2002-08-17 19:59:35 +00:00
Kurt Zeilenga
472484725f Update dn2domain() to use str2dn() instead of explode_dn() 2002-08-17 19:42:59 +00:00
Howard Chu
771974f99d ITS#2019 Initialize utils properly 2002-08-10 23:34:55 +00:00
Kurt Zeilenga
ca5aa3b615 Some more sockaddr_in v sockaddr_storage cleanup 2002-08-10 03:48:09 +00:00
Kurt Zeilenga
b3bbe586b6 ITS#2018: use sockaddr_storage
based upon patch provided by <thorild@Update.UU.SE>
2002-08-09 22:14:43 +00:00
Kurt Zeilenga
9c28c9b361 Zap LDAPv2-only stuff 2002-08-08 03:01:14 +00:00
Kurt Zeilenga
9c9bd4d5ab Set O_EXCL 2002-08-05 19:49:27 +00:00
Howard Chu
d9eac72099 ITS#1995 return error text when ldap_pvt_tls_check_hostname fails 2002-08-01 03:23:29 +00:00
Kurt Zeilenga
dc4413349e Fix up restart code for EINTR 2002-07-28 05:30:39 +00:00
Kurt Zeilenga
89b3550f95 Clarify error messages 2002-07-26 17:35:57 +00:00
Howard Chu
1a0ca2195e Moved <stdio.h> before <ac/stdlib.h> 2002-07-26 03:16:21 +00:00
Howard Chu
5dc098dab0 Wrap get_ca_list opendir code with #if HAVE_DIRENT_H || dirent to avoid
compile errors on incompatible build platforms.
2002-07-24 19:36:03 +00:00
Kurt Zeilenga
e6460769ab Misc sprintf/snprintf cleanup 2002-07-23 18:26:33 +00:00
Stig Venaas
26b33bf614 Fixes ITS#1935 2002-07-16 02:38:14 +00:00
Stig Venaas
bf5e3a15ca Use AF_INET instead of AF_UNSPEC when IPv6 disabled 2002-07-12 15:36:33 +00:00
Julius Enarusai
6107ba67d2 Coverted LDAP_LOG macro to use subsystem ID int values instead of string values 2002-07-11 20:33:24 +00:00
Kurt Zeilenga
d13285fdd8 Fix possible under allocation of buffer 2002-07-08 18:45:53 +00:00
Howard Chu
07ffaeaac8 ITS#1924 use GENERAL_NAMES_free instead of ext_free. 2002-07-05 21:59:02 +00:00
Kurt Zeilenga
2de291ed6e Cut back on the logging... 2002-06-21 19:49:25 +00:00
Kurt Zeilenga
cdce8064e5 ITS#1898: ldap_controls_dup() writes beyond allocated memory
patch suggested by Dave Steck <dsteck@novell.com>
2002-06-21 19:14:37 +00:00
Kurt Zeilenga
0371c61073 Add monitorContext rootDSE attribute 2002-06-19 06:44:16 +00:00
Howard Chu
6f8b100f6b Finish implementation of get_ca_list() 2002-06-14 06:09:24 +00:00
Howard Chu
56cba7f97c In ldap_extended_operation_s, check for NULL retoidp and retdatap
before storing NULL.
2002-06-13 16:26:47 +00:00
Kurt Zeilenga
fe86a81e25 VLV clean 2002-06-09 06:12:24 +00:00
Howard Chu
70092b38fb Fix ITS#1843, don't deref NULL string in ldap_pvt_str2upper 2002-06-07 13:27:25 +00:00
Howard Chu
8101798791 Better SASL_MAXBUF fix 2002-06-07 03:40:16 +00:00
Howard Chu
353f627aa4 Eliminate SASL client session_callbacks. Since proc was always NULL they
never did anything anyway.
2002-06-06 01:44:38 +00:00
Kurt Zeilenga
2c7dae116b More argument handling updates
(don't check what we expect applications to check).
2002-06-06 00:26:50 +00:00
Kurt Zeilenga
1064f52dae Fix typo in last commit 2002-06-05 16:39:15 +00:00
Kurt Zeilenga
40ef77a8f8 Add error handling cleanup 2002-06-05 15:51:42 +00:00
Kurt Zeilenga
99f5983fb6 Consistently don't check for NULL session handle and other pointers.
Application is responsible for providing valid session pointers.
2002-06-05 15:46:26 +00:00
Howard Chu
7de25993f5 Fix NT_LINK_LIBS, UNIX_LINK_LIBS 2002-05-17 23:41:26 +00:00
Howard Chu
2ca4b0ebfc ITS#1806, Cyrus 1 doesn't give back our callbacks pointer, must stash it
ourselves.
2002-05-06 23:56:35 +00:00
Howard Chu
ae3a80eb09 Fix in 1.50 applies to Cyrus 1 as well as Cyrus 2. 2002-05-05 19:15:29 +00:00
Howard Chu
e8e7847175 ITS#1797 silence uninit'd var warnings 2002-05-04 10:52:05 +00:00
Howard Chu
3590877b77 Initialize authid in case ldap_pvt_tls_get_my_dn fails 2002-05-04 01:32:41 +00:00
Howard Chu
0390a171b9 Changed default tls_opt_require_cert value to LDAP_OPT_X_TLS_DEMAND; force
a fatal error when TLS server cert verification fails.

Changed ldap_pvt_tls_check_hostname to return LDAP_SUCCESS when no cert is
found: this can now only occur if tls_opt_require_cert was explicitly set
to NEVER or ALLOW.

In tls_verify_cb, added a text translation of the verification error code
to the debug message.
2002-05-04 00:05:48 +00:00
Howard Chu
6c1a786d6c Fix previous commit, wrong if condition 2002-05-03 13:07:42 +00:00
Howard Chu
ed871b997c Break up large SASL writes into units of SASL maxoutbuf size. 2002-05-03 13:04:55 +00:00
Howard Chu
931c4eb35f For Cyrus 2, cannot free session_callbacks in ldap_int_sasl_open, must
wait until ldap_int_sasl_close because SASL doesn't copy our structure,
it uses it directly.
2002-05-03 12:10:47 +00:00
Kurt Zeilenga
8c152396b9 Matched Values implementation (ITS#1776) based upon submission
form Mikhail Sahalaev <M.Sahalayev@pgr.salford.ac.uk>.
Further work needed:
	add testxxx-matchedvalues
	rework ldapsearch(1) portion of patch to generalize use of options
---
Copyright 2001, Mikhail Sahalaev, All rights reserved.
This software is not subject to any license of University Of
Salford.

Redistribution and use in source and binary forms are permitted
without restriction or fee of any kind as long as this notice
is preserved.
2002-05-02 18:56:56 +00:00
Howard Chu
b732d3ec55 Fix previous commit, only zero out v3 refer_cnt if we got a SEARCH_RESULT.
If we got a SEARCH_REFERENCE, we need to keep going...
2002-05-02 12:08:19 +00:00
Kurt Zeilenga
d82d018f20 add an RFC 2849 check... but behind #if 0 as I'm now thinking this
is not appropriate.
2002-05-01 04:40:26 +00:00
Kurt Zeilenga
96483c8dcd cleanup before working on changes 2002-05-01 04:23:59 +00:00
Howard Chu
c9699c1072 Fix previous commit - must fully init newAVA 2002-04-30 14:43:05 +00:00
Howard Chu
b005540094 Added ldap_ucs_to_utf8s to convert ASN.1 T61STRING, BMPSTRING, and
UNIVERSALSTRING to UTF-8 format.

Rewrote ldap_X509dn2bv to check ASN.1 types and use above function.
2002-04-30 13:57:01 +00:00
Howard Chu
de3e81cebb Changed ldap_pvt_tls_get_my_dn and ldap_pvt_tls_get_peer_dn to store result
in dn parameter and return a result code.
2002-04-30 13:50:56 +00:00
Howard Chu
5528772f23 In ldap_int_tls_start, authid is very temporary, not const. 2002-04-19 04:35:16 +00:00
Howard Chu
202aa8c793 Fix memory leak in previous commit 2002-04-18 16:02:02 +00:00
Howard Chu
17ae956518 Added ldap_X509dn2bv()
deleted ldap_pvt_tls_get_peer()
  changed ldap_pvt_tls_get_peer_dn() to use ldap_X509dn2bv()
  added ldap_pvt_tls_get_my_dn()
2002-04-18 12:29:30 +00:00
Howard Chu
315ac06912 Fix warnings from sasl_errdetail 2002-04-18 12:20:55 +00:00
Howard Chu
98a416b584 Additional error reporting for Cyrus SASL 2. Attempt to get SASL-EXTERNAL
working ifor Cyrus 2. (Both GSSAPI and EXTERNAL are broken at the moment.)
2002-04-18 00:48:36 +00:00
Howard Chu
dc3e5fb99d ITS#818, ITS#980, ITS#1234 ldapsearch/referral hang - set refer_cnt to 0
after v3refs have been chased. They are fully processed by the time we get
back, so we should just return the current result message to the caller.
2002-04-16 12:53:13 +00:00
Kurt Zeilenga
709ce4fa6c Re: Patch: ctype functions require 'unsigned char' args (ITS#1678)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

Here are fixes for more places where the argument to ctype.h functions
should be in the range of `unsigned char'.

Explanation of the last patch (to schema_init.c:bvcasechr()):
TOLOWER() and TOUPPER() return values in the range of `unsigned char',
but bvcasechr() then compares those values with a plain `char'.  So I
convert the return values from TOLOWER()/TOUPPER() to `char' first.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-15 20:42:42 +00:00
Howard Chu
bb17493d31 ITS#1732 signed/unsigned fixes 2002-04-11 08:47:37 +00:00
Pierangelo Masarati
4a2b9b2195 ITS#1730 2002-04-08 18:39:23 +00:00
Pierangelo Masarati
8de44663f7 ITS#1730 and completion of ITS#1701 2002-04-08 10:34:04 +00:00
Pierangelo Masarati
4a8ab5dbf2 Mostly based on patches provided by Hallvard B. Furuseth
ITS#1677 - cast away const warnings
ITS#1678 - unsigned char args to ctype funcs
ITS#1682 - don't redefine ldap_debug
ITS#1683 - uninitialized vars
ITS#1703 - ldo_debug initialization
ITS#1705 - unsigned testing
ITS#1706 - socklen_t args
ITS#1719 - back-tcl update (other cleanups/fixes/improvements; yet untested)
ITS#1724 - integerNormalize/integerFilter/integerIndexer bugs
ITS#1725 - libdes not required

Implement back-null (/dev/null style backend)
Cleanup some misc warnings ("%lu" format, unused/uninitialized vars,
        ambiguous operator precedence)

Kurt, please regenerate configure
2002-04-08 09:43:22 +00:00
Howard Chu
5c70106657 ITS#1708 ldap_pvt_tls_sb_ctx() et al 2002-04-05 06:48:03 +00:00
Kurt Zeilenga
b0b8546f05 Patch: More format bugs (ITS#1702)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
2002-04-02 18:56:26 +00:00
Kurt Zeilenga
26b99bc35d ITS#1701. Fix ber_scanf() return tag handling.
Based upon patch submitted by Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>.
2002-04-02 18:40:04 +00:00
Julius Enarusai
b082ed9355 Added LDAP_LOG Messages 2002-04-02 00:22:57 +00:00
Julius Enarusai
e86782aab9 Added LDAP_LOG messages 2002-04-01 23:39:36 +00:00
Julius Enarusai
fff5d3de60 Added LDAP_LOG messages 2002-04-01 22:31:44 +00:00
Julius Enarusai
e30c52dfb7 Added LDAP_LOG Messages 2002-04-01 22:28:02 +00:00
Julius Enarusai
70c73da22c Added LDAP_LOG messages 2002-04-01 22:08:32 +00:00
Kurt Zeilenga
111b464642 move ldap_int_put_filter to ldap_pvt_put_filter
and other cleanup
2002-03-30 00:42:40 +00:00
Julius Enarusai
b7bd4368d9 Added LDAP_LOG messages 2002-03-29 17:46:28 +00:00
Julius Enarusai
ae31411a0d Added LDAP_LOG messages 2002-03-27 22:35:35 +00:00
Julius Enarusai
688f45dd06 Added LDAP_LOG messages 2002-03-27 22:23:24 +00:00
Julius Enarusai
171281f3ec Added LDAP_LOG messages 2002-03-27 22:03:35 +00:00
Julius Enarusai
3921e1b0c2 Added LDAP_LOG messages 2002-03-27 21:38:32 +00:00
Julius Enarusai
c0325aed88 Added LDAP_LOG messages 2002-03-27 21:16:36 +00:00
Julius Enarusai
3654b0d4c0 Added LDAP_LOG messages 2002-03-27 19:51:13 +00:00