Commit Graph

1936 Commits

Author SHA1 Message Date
Howard Chu
1d2951bb5a For ITS#2424, move all SASL session management to ldap_int_sasl_bind. 2003-04-30 14:13:58 +00:00
Howard Chu
20c8128d27 ITS#2475 delete bogus SASL2 call 2003-04-30 08:08:08 +00:00
Howard Chu
7e2273b30e Added errmsg arg to lutil_passwd_{check,hash} functions 2003-04-30 07:52:05 +00:00
Howard Chu
23b63aac39 Free ber mem arrays in reverse order. (better for sl_free) 2003-04-29 21:09:02 +00:00
Hallvard Furuseth
778a38f49c Reduce warnings: Add missing 0 or NULL initializers for struct members. 2003-04-29 16:36:19 +00:00
Hallvard Furuseth
6d59c23c55 Make string parameter to ldap_charray_add() and ldap_charray_inlist() const. 2003-04-29 16:34:37 +00:00
Hallvard Furuseth
b0b82abb3a #include "ldap_pvt.h", to get ldap_charray_free() and ldap_charray_add(). 2003-04-29 14:46:54 +00:00
Hallvard Furuseth
5b591b2a22 #include <lber.h>, to get ber_memalloc_x() and ber_memrealloc_x(). 2003-04-29 14:45:33 +00:00
Hallvard Furuseth
c898a56263 Cast away const. 2003-04-29 14:43:54 +00:00
Howard Chu
deea8db4cd EBCDIC fix - ber_pvt_strcopy is now lutil_strcopy 2003-04-25 12:32:15 +00:00
Luke Howard
375224128e More careful checking of AVA flags 2003-04-24 11:10:31 +00:00
Luke Howard
ad40330a86 Fix Active Directory canonical name breakage 2003-04-24 11:09:22 +00:00
Howard Chu
a413bab19a Clean up prev commit 2003-04-24 04:20:17 +00:00
Howard Chu
b6111d793e Fix multi-byte tag parsing 2003-04-24 03:59:45 +00:00
Howard Chu
bcf7ab26e4 ITS#2465 fix? ber_get_next must read at least sizeof(tag)+sizeof(len)
which should be at most 8 bytes. However if we read more than the minimum
message length, we have a problem because we steal bytes from any following
message, and there is no buffer mechanism to push back excess data.
The shortest legitimate message is Unbind at 7 bytes, but there shouldn't
be anything following it. Abandon at 8 bytes is next, so always requesting
at least 8 bytes should be safe. Always requesting 9 was a problem.

Please double-check these assumptions...
2003-04-24 02:10:18 +00:00
Howard Chu
d14ff18d7f ITS#2458 fix array decoding 2003-04-24 01:37:01 +00:00
Jong Hyuk Choi
fd3cf2b5ed get_ldapmsg_ber() -> ldap_get_message_ber() 2003-04-22 22:09:25 +00:00
Jong Hyuk Choi
759110255f get_ldapmsg_ber() added. 2003-04-22 21:38:59 +00:00
Kurt Zeilenga
d7a326be26 Don't do (unsafe) DNS reverse lookups.
HEADS UP: May break some Kerberos deployments.
2003-04-22 01:17:23 +00:00
Kurt Zeilenga
3f6a9a7e57 More ldap_connect_to_host() tweaks. 2003-04-21 18:45:46 +00:00
Kurt Zeilenga
ca52123a60 Fix builds when getaddrinfo is not detected but getnameinfo is.
This does not happen normally.
2003-04-21 18:28:08 +00:00
Kurt Zeilenga
978c94a223 ITS#2459 (partial) fix. Eliminate address parameter all together.
Need to look closely at the memcpy.  (It likely can be eliminated
as well.)
2003-04-21 17:06:37 +00:00
Howard Chu
b4dfd0c08c Add ldap_pvt_thread_pool_context() stub for NO_THREADS builds 2003-04-16 00:18:56 +00:00
Howard Chu
30b3d741d5 Fix prev commit - hash bytes of ldap_pvt_thread_t to find proper slot 2003-04-13 05:48:48 +00:00
Howard Chu
a6a6946a67 New ldap_pvt_thread_pool_context() 2003-04-12 04:01:40 +00:00
Howard Chu
808cb504ce More memory context tweaks 2003-04-11 03:57:10 +00:00
Howard Chu
1874658ae3 More memory context tweaks 2003-04-11 01:02:08 +00:00
Howard Chu
42e7845d81 More malloc context tweaks 2003-04-10 06:14:16 +00:00
Howard Chu
ca12bb75c7 Extended API for ber_mem functions, add context argument.
Must always use ber_mem funcs, even if CSRIMALLOC is present.
2003-04-09 13:25:11 +00:00
Howard Chu
e240135305 ITS#2434 ber accessors 2003-04-09 09:41:02 +00:00
Kurt Zeilenga
02c992a132 mark more translatable strings 2003-04-06 06:47:31 +00:00
Kurt Zeilenga
e41ca42de1 mark a few translatable strings 2003-04-06 06:19:13 +00:00
Kurt Zeilenga
cfd9449374 Mark a few error strings 2003-04-06 06:10:56 +00:00
Kurt Zeilenga
5820854fae Don't cache strings, locale could change 2003-04-06 05:48:05 +00:00
Kurt Zeilenga
e62850324d mark the rest of translatable strings 2003-04-06 03:50:05 +00:00
Kurt Zeilenga
1632dd926f Mark error strings 2003-04-06 03:45:32 +00:00
Howard Chu
2ee7488d0b ITS#2423 - make the lib that allocates SASL prompt results responsible
for freeing them.
2003-04-06 00:47:55 +00:00
Pierangelo Masarati
4022ee7b43 avoid 0-sized, unused allocations 2003-04-05 11:30:43 +00:00
Kurt Zeilenga
e446a0c5cd cancel.c missing (blind update) 2003-03-30 05:38:39 +00:00
Howard Chu
4a1eb51d3e ITS#2404 keep the per-thread context in the individual threads... 2003-03-27 01:39:42 +00:00
Kurt Zeilenga
1b37568b00 Use ifdef not comment to comment out code 2003-03-22 22:28:57 +00:00
Howard Chu
062f54d1cc ITS#2388 fix if() conditions. 2003-03-20 11:07:53 +00:00
Kurt Zeilenga
c34c42dec3 just in case <netdb.h> does something like
#define h_errno (* __h_errno())
2003-03-14 04:56:08 +00:00
Howard Chu
97c2c9c955 ITS#2373 add declaration of h_errno 2003-03-14 04:25:39 +00:00
Howard Chu
62f7394f8c Fix up lutil_passwd stuff to avoid struct berval definition 2003-03-12 23:07:09 +00:00
Howard Chu
8a8ae8bf85 Add comment to previous 2003-03-12 03:23:09 +00:00
Howard Chu
066e3310a9 ITS#2365 - preserve internal ber_tag as well as ber_ptr for rewinding. 2003-03-12 02:33:53 +00:00
Howard Chu
bbad1de8e1 Added lutil_passwd_init, _destroy, _add for dynamically adding passwd
schemes. Declarations in lutil.h require lutil.h never be included before
lber.h, always after.
2003-03-11 05:58:53 +00:00
Howard Chu
c20d1840ba Blind fix, delete obsolete files cache.c, authpasswd.c 2003-03-07 21:10:02 +00:00
Howard Chu
0b96b6b6ad Chasing a referral needs both the request and response mutexes.
Unlock and relock... (yuck)
2003-03-06 14:53:01 +00:00
Howard Chu
ec63a1f87f Pass correct msgid to ldap_result 2003-03-06 14:50:39 +00:00
Howard Chu
8fc4f55d3a Silence warnings in prev commit 2003-03-05 01:53:03 +00:00
Howard Chu
7e7db2578d Added ldap_pvt_get_hname. Use instead of ldap_pvt_gethostbyaddr_a when
all you want is the hostname. Supports IPv6 addresses.
2003-03-05 01:35:39 +00:00
Howard Chu
cff5621814 Minor cleanup for sendmsg 2003-03-04 22:14:57 +00:00
Kurt Zeilenga
e20f94c9f9 fix initializer 2003-03-04 21:49:21 +00:00
Kurt Zeilenga
ef4e745c58 Fix initializer 2003-03-04 21:45:59 +00:00
Pierangelo Masarati
e24f55b29a silence warning 2003-03-04 09:16:57 +00:00
Howard Chu
50ecec94eb Fix ITS#2344, prev commit changed too much. 2003-03-03 23:44:22 +00:00
Howard Chu
3cc07977fa Replace recursive get_stringbvr with iterative get_stringbvl to avoid
stack overrun when parsing large groups
2003-03-03 15:54:49 +00:00
Howard Chu
3b01c9a99e Cleanup slapd-specific NT service support 2003-03-03 11:46:05 +00:00
Howard Chu
6e8adce9d9 Fix previous commit, eventlog path was wrong 2003-03-03 07:30:12 +00:00
Howard Chu
a0d397d056 Default is_NT_Service to no 2003-03-03 06:43:12 +00:00
Kurt Zeilenga
fe4f355328 Add acc_rights detection (needs testing) 2003-03-02 21:46:40 +00:00
Kurt Zeilenga
206b071e7f Add check of <sys/uio.h> and include as needed for struct iovec. 2003-03-02 21:21:36 +00:00
Howard Chu
e820f2f5d3 Cleanup previous commit 2003-03-02 08:05:19 +00:00
Howard Chu
50280bcfed Interoperability fix for sendmsg/recvmsg with access rights 2003-03-02 07:46:33 +00:00
Howard Chu
ec497cf529 Use fixed sizes for ber_get_next to avoid 64-bit hangs. 2003-03-02 04:02:39 +00:00
Kurt Zeilenga
81d2b2bb65 Don't send extra messages, will cause interoperability problems
with versions not built to receive these extra messages.
Likewise in reverse.
2003-03-01 19:47:04 +00:00
Howard Chu
215be5f443 Fix previous commit 2003-02-28 13:41:53 +00:00
Howard Chu
387a76934b Fix ITS#2335, properly parse multiple CLDAP responses in a single datagram
for both RFC1798 and MS CLDAP.
2003-02-28 12:57:28 +00:00
Howard Chu
747265419d Change "goto leave" to "goto exit" to avoid DEC namespace pollution 2003-02-22 01:49:55 +00:00
Kurt Zeilenga
4daeff0ef4 Add a few comments to the ITS#2325 fix 2003-02-21 19:39:09 +00:00
Kurt Zeilenga
c3a43e2c4f Round 2 2003-02-21 19:27:54 +00:00
Kurt Zeilenga
182f6e20c3 Add a safety value 2003-02-21 18:51:27 +00:00
Kurt Zeilenga
eb161745a4 A little cleanup of last 2 commits 2003-02-21 18:42:15 +00:00
Kurt Zeilenga
ed91ab4cbe Forgot to remove one prompts free 2003-02-21 18:41:05 +00:00
Kurt Zeilenga
9e984beded ITS#2325 fix: properly freeing prompts->results 2003-02-21 18:39:26 +00:00
Kurt Zeilenga
bc0cc3272c Whoops. (I'm reconsidering whether or not to accept the ITS#2325.) 2003-02-21 17:48:03 +00:00
Kurt Zeilenga
3fb4ae2abd Revert last commit 2003-02-21 17:46:11 +00:00
Kurt Zeilenga
2c939f7196 Back out interact free() fixes. Will fix properly in next commit. 2003-02-21 17:11:46 +00:00
Howard Chu
fabbbafde9 Don't spawn threads based on ltp_pending_count, it doesn't get decremented
right away due to ltp_mutex still being held. Just see if all open threads
are active... Use cond_broadcast to signal all waiting threads. Make sure
to remove correct ctx from active list after the thread returns.
2003-02-17 12:10:41 +00:00
Howard Chu
7e1a566391 Use struct berval * instead of ** for newpasswd 2003-02-16 09:42:04 +00:00
Howard Chu
7fffc027b3 Fix ber_scanf args 2003-02-16 09:30:45 +00:00
Howard Chu
b4db079ac7 Fix ber_printf arguments 2003-02-16 08:37:19 +00:00
Howard Chu
bbdc869d7a Set stack size for created threads 2003-02-14 23:52:38 +00:00
Kurt Zeilenga
8ca394496b Only install readahead layer when connectionless as
streams as streams may block.
2003-02-14 23:32:30 +00:00
Howard Chu
8dac33b6c3 Fix previous commit 2003-02-14 10:27:39 +00:00
Howard Chu
1128bc63b7 Fix typo in peercred DN. Make it agree with actual name used by slapd
just to avoid confusion.
2003-02-13 23:11:30 +00:00
Howard Chu
844cc97928 More for re-entrant LDAP* handles. Works much better. 2003-02-13 23:02:31 +00:00
Howard Chu
a6b3a92cc5 Added ld_req_mutex and ld_res_mutex to protect ld_requests and ld_responses
queues for multithreaded access to LDAP*'s. Also used to protect writes and
reads of ld_sb, respectively. Appears to work...
2003-02-13 10:43:16 +00:00
Pierangelo Masarati
262d021ecf minor cleanup 2003-02-11 09:23:28 +00:00
Kurt Zeilenga
22215a396c Remove lint 2003-02-10 19:59:32 +00:00
Kurt Zeilenga
aa291a3492 We should be calling libtool --finish when install libraries 2003-02-09 23:10:29 +00:00
Kurt Zeilenga
99dbcc5d4c Not yet implemented. 2003-02-09 08:21:10 +00:00
Kurt Zeilenga
4b3396f5fd unifdef -DLDAP_NOCACHE 2003-02-09 07:42:18 +00:00
Kurt Zeilenga
c34e59be35 Consistently add cancel.c to makefiles 2003-02-09 01:54:41 +00:00
Kurt Zeilenga
48d47954a6 Rework #ifdef'ing of expermental controls to ease release engineering
using LDAP_DEVEL (to indicate experimental) to enable experimental features
(true for HEAD unless LDAP_REL_ENG is defined)
2003-02-08 21:53:05 +00:00
Pierangelo Masarati
1b13edfa54 I suggest the coder(s) of the cyrus stuff to check out the prompt stuff 2003-02-07 09:58:21 +00:00
Pierangelo Masarati
6c32533d02 according to sasl documentation, prompts is filled only if SASL_INTERACT is returned 2003-02-07 09:55:00 +00:00
Jong Hyuk Choi
85b1783d5c LDAP Sync Operation (draft-zeilenga-ldup-sync) as a groundwork for an LDAP replication design 2003-02-05 07:37:02 +00:00
Pierangelo Masarati
e5a1418756 improve last commit 2003-02-04 19:27:56 +00:00
Pierangelo Masarati
c432154ad1 allow multiple URIs (need to backport to back-ldap) 2003-02-04 18:49:58 +00:00
Jong Hyuk Choi
e1bf8cc437 Intermediate Response 2003-02-03 17:28:19 +00:00
Howard Chu
5354dbf269 ber_flush shouldn't be logging with _ANY, changed to _TRACE 2003-01-31 22:45:19 +00:00
Hallvard Furuseth
65d76d7db4 Change lutil_detach() to not close the descriptors before dup2(), try to
open /dev/null and then / in read-only mode if opening /dev/null failed,
and skip the dup2()s as well if open() failed.
2003-01-30 22:44:53 +00:00
Howard Chu
18df386b43 Fix ITS#2161, the check is meaningless anyway. 2003-01-30 00:28:36 +00:00
Jong Hyuk Choi
4f64bd9402 LDAP cancel misc patch 2003-01-27 17:08:51 +00:00
Jong Hyuk Choi
0c43007e55 LDAP cancel operation 2003-01-25 00:36:50 +00:00
Luke Howard
4a6c16b669 Don't free active thread list 2003-01-24 08:20:55 +00:00
Luke Howard
9490776d7b Added ldap_pvt_thread_self() and ldap_pvt_thread_pool_context() API. 2003-01-24 06:49:13 +00:00
Howard Chu
60d621fc04 Fix typo 2003-01-23 03:35:31 +00:00
Howard Chu
caeb6fc1f0 Fix ITS#2280, reject sequences with invalid lengths 2003-01-23 02:19:59 +00:00
Kurt Zeilenga
bd9bf709aa ITS#2275: PROTOS ber_get_next() fix
Needs review!!!!
2003-01-22 22:29:11 +00:00
Kurt Zeilenga
35f673aaa5 ITS#2267: SASL empty cred fix 2003-01-21 17:31:55 +00:00
Kurt Zeilenga
03b35cc621 ITS#2159: don't crash on malformed userPassword 2003-01-20 23:46:35 +00:00
Kurt Zeilenga
fc75445270 #ifdef LDAP_PF_LOCAL needed. 2003-01-20 20:10:03 +00:00
Hallvard Furuseth
6a51371fc5 Silence gcc warnings (signed vs. unsigned, implicit declarations, unused vars). 2003-01-19 15:03:25 +00:00
Hallvard Furuseth
3bd76701d1 Fix printf format errors. 2003-01-19 14:07:02 +00:00
Hallvard Furuseth
120e39b533 Cast ctype.h arguments to unsigned char. 2003-01-19 14:05:23 +00:00
Hallvard Furuseth
f963a16150 Remove an implicit int, to silence gcc warnings. 2003-01-19 14:03:11 +00:00
Hallvard Furuseth
9d11c5ea46 Remove pointless `unsigned < 0' test. 2003-01-19 14:02:06 +00:00
Hallvard Furuseth
265b7e22c6 Insert missing initializers, to silence gcc warnings. 2003-01-19 13:38:44 +00:00
Hallvard Furuseth
933121a7d9 'static' must come before 'const'. 2003-01-19 13:35:53 +00:00
Hallvard Furuseth
1fbbc11811 Fix LBER_ERROR vs. -1 confusion. 2003-01-19 13:10:17 +00:00
Howard Chu
38e7047130 Set thread stack size, default (1MB) is always too small for back-bdb. 2003-01-13 14:28:50 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Kurt Zeilenga
3dea614e99 cleanup 2002-12-31 05:55:06 +00:00
Pierangelo Masarati
d758296595 silence warnings 2002-12-23 12:02:29 +00:00
Howard Chu
8b3b044dac Fix ITS#2246, fix in rev 1.73 was in the wrong place 2002-12-20 00:33:10 +00:00
Howard Chu
0c2439f5ef Added subjectAltName:IPADDR tests to ldap_pvt_tls_check_hostname() 2002-12-18 21:43:17 +00:00
Howard Chu
c102809fab Use ber_flatten2 to avoid excess mallocs 2002-12-18 19:16:31 +00:00
Howard Chu
6a37f1ae80 Added ber_flatten2 - uses passed in struct berval, allocates copy or
directly re-uses existing ber buf.
2002-12-18 19:15:27 +00:00
Howard Chu
464292b50c Remove unneeded sasl_ssf param from ldap_int_sasl_open(),
it's set by ldap_int_sasl_external().
2002-12-18 03:09:52 +00:00
Howard Chu
95a512f849 Fix typo in UDP logmsg 2002-12-16 18:17:20 +00:00
Hallvard Furuseth
f77c8b567e Remove a useless function pointer cast. 2002-12-16 12:02:54 +00:00
Hallvard Furuseth
ae28aa57b2 Remove a bad function pointer cast. 2002-12-16 09:18:20 +00:00
Hallvard Furuseth
2bcb48361d Remove casts of AVL function pointers. 2002-12-14 22:25:52 +00:00
Howard Chu
e42209dd77 Fix previous commit, fstat arg was wrong. 2002-12-11 10:58:02 +00:00
Hallvard Furuseth
3b591dd4f6 Fix const errors. 2002-12-11 08:30:29 +00:00
Kurt Zeilenga
56ebd53e51 expand authid buffer 2002-12-08 07:56:49 +00:00
Kurt Zeilenga
840e7f2c5c Include <ac/unistd.h> not <sys/types.h> and <unistd.h>
Use sizeof( string ) to determine buffer size
Put authzDN in same for as used on server
(We could, just as well, set authid to "fubar" as it matters
not what it is set to)
2002-12-07 18:32:40 +00:00
Pierangelo Masarati
58c18226e0 on my system need headers to define geteuid() and so 2002-12-07 17:32:33 +00:00
Howard Chu
cf6a9d9d0f For LDAP_PROTO_IPC set the SASL EXTERNAL authid to allow the mech to be
used by the client side. Please review.
2002-12-07 13:06:20 +00:00
Howard Chu
1363d4bf1a Fix prev commit - require passed descriptor to be a pipe (FIFO) and
require it to only be accessible by its owner, otherwise ignore it.
2002-12-04 20:50:19 +00:00
Howard Chu
d7c0a19aab Added check for sendmsg(). Added hack to use BSD sendmsg()/recvmsg() to
propagate peer creds if no explicit PEERCRED facility exists. Works
on Solaris 8.
2002-12-04 16:03:02 +00:00
Kurt Zeilenga
eb41333e4c Use getpeereid(3) where available else use *_PEERCRED replacment function 2002-12-04 06:17:32 +00:00
Kurt Zeilenga
c0f8e30d22 cleanup 2002-12-04 05:13:14 +00:00
Kurt Zeilenga
73b4170a6c Rework libldap to not attempt to set LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE 2002-12-04 04:51:55 +00:00
Kurt Zeilenga
da76c1951e First-cut proxy authorization support. 2002-12-03 06:11:32 +00:00
Kurt Zeilenga
9ba95dd027 ITS#2221: getaddrinfo(3) not thread-safe on some platforms (namely
due to res_() routines).  Change all res_() dependent routines to
share same mutex.
2002-12-03 01:15:03 +00:00