mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-02-05 13:40:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
22,301 Commits 38 Branches 307 Tags 75 MiB
a795d7cc0b
Commit Graph

22301 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quanah Gibson-Mount
a795d7cc0b ITS#8583 - Fix C++ LDAP Control structure 2017-10-06 10:45:21 -07:00
sca+openldap@andreasschulze.de
90835da72f ITS#8578 - remove unused-variables in RE24 testing call (2.4.45) 2017-10-06 10:45:08 -07:00
Nadezhda Ivanova
da170cbe3b ITS#8404 Fix an assertion failure during modify of olcDbRewrite in back-meta 2017-10-06 10:44:54 -07:00
Quanah Gibson-Mount
fba60ab2ed ITS#8121 - Note ldap_sasl_bind and ldap_sasl_bind_s can be used to make simple binds via the LDAP_SASL_SIMPLE mechanism 2017-10-06 10:44:38 -07:00
Ted C. Cheng
e20ac6b539 ITS#7520 - back-ldap omit-unknown-schema changes 2017-10-06 10:44:31 -07:00
Jan Vcelak
19fd969d21 ITS#7374 - MozNSS: better file name matching for hashed CA certificate directory 
CA certificate files in OpenSSL compatible CACERTDIR were loaded if the
file extension was '.0'. However the file name should be 8 letters long
certificate hash of the certificate subject name, followed by a numeric
suffix which is used to differentiate between two certificates with the
same subject name.

Wit this patch, certificate file names are matched correctly (using
regular expressions).
 2017-10-06 10:44:13 -07:00
Jan Vcelak
acc5b88661 ITS#7373 - TLS: do not reuse tls_session if hostname check fails 
If multiple servers are specified, the connection to the first one
succeeds, and the hostname verification fails, *tls_session is not
dropped, but reused when connecting to the second server.

This is a problem with Mozilla NSS backend because another handshake
cannot be performed on the same file descriptor. From this reason,
hostname checking was moved into ldap_int_tls_connect() before
connection error handling.
 2017-10-06 10:44:07 -07:00
Ondřej Kuzník
08492987a0 ITS#7100 Update entryTtl behaviour to match RFC 2589 2017-10-06 10:43:48 -07:00
Ondřej Kuzník
61cfb80f8d ITS#7100 Test for entryTtl reflecting time to live 2017-10-06 10:40:20 -07:00
Quanah Gibson-Mount
44b9fd1c81 ITS#5048 - index on entryCSN is mandatory 2017-10-06 10:39:43 -07:00
Howard Chu
70e54d2527 ITS#8752 fix syncrepl null_callback 
Make sure it's last in callback stack
 2017-10-05 22:13:39 +01:00
Quanah Gibson-Mount
78626aeb4a Fix script so it exits 2017-10-05 09:23:02 -07:00
Quanah Gibson-Mount
ae2a2a794b ITS#8444 - Fix description to match the actual issue that was fixed 2017-10-04 20:42:54 -07:00
Quanah Gibson-Mount
53a41a22da ITS#8752 - Add regression test 2017-10-04 20:36:25 -07:00
Hallvard Furuseth
ff2d7cc798 ITS#8733 Allow a raw integer to be decoded from a berval 2017-09-28 14:15:06 +01:00
Hallvard Furuseth
62811e8f65 ITS#8733 Allow extraction of the complete ber element 2017-09-28 14:14:55 +01:00
Ondřej Kuzník
6aa6daf2f0 ITS#8732 Extend CIRCLEQ macros 2017-09-28 08:53:58 +01:00
Quanah Gibson-Mount
0d4cd89786 LDAP_FEATURE_SUBORDINATE_SCOPE is from expired draft-sermersheim-ldap-subordinate-scope, leave behind LDAP_DEVEL 2017-09-26 11:51:27 -07:00
Quanah Gibson-Mount
30e2a904dc Move a bunch of featuers back behind LDAP_DEVEL for 2.5 
SLAP_AUXPROP_DONTUSECOPY is ok for release
 2017-09-26 11:35:50 -07:00
Quanah Gibson-Mount
86105092bd CHECK_CSN is a debug only flag for testing. It should always remain 
behind LDAP_DEVEL
 2017-09-26 11:30:50 -07:00
Quanah Gibson-Mount
a9ff0e97fc ITS#6817 - back-meta work for SLAP_AUTH_DN was never finished according 
to the ITS notes.  In addition, this would need man page updates for the
feature
 2017-09-26 11:27:15 -07:00
Quanah Gibson-Mount
41a9010773 The support for unindexed attributes being tracked in back-monitor needs 
to remain behind LDAP_DEVEL for now.  Right now, the mutex in
back-monitor cannot properly handle the load if the server had a lot
of unindexed attributes that were being accessed in search filters.
 2017-09-26 11:04:45 -07:00
Quanah Gibson-Mount
43a039eba4 ITS#7428 - Non-blocking TLS is not compatible with MOZNSS 2017-09-26 10:59:08 -07:00
Quanah Gibson-Mount
7246da8a66 Whitespace cleanup 2017-09-26 10:33:01 -07:00
Ondřej Kuzník
a8f01cc885 ITS#8638 Add a recursive mutex to libldap_r for libevent 
Most thread implementations suppport a native recursive mutex, use that
where possible (especially when a regular mutex is recursive already).

Also provide a macro for applications to test whether they can use the
lock functions interchangeably.
 2017-09-26 16:26:33 +01:00
Ondřej Kuzník
5adcdb7642 Fix warnings issued by autoconf 2.68+ 2017-09-26 14:41:11 +01:00
Quanah Gibson-Mount
04cfd144d9 Fix additional compile for /dev/poll support. /dev/poll is neither tested nor supported. 2017-09-22 12:05:18 -07:00
Quanah Gibson-Mount
2085def079 Merge branch 'master' of ssh://git-master.openldap.org/~git/git/openldap 2017-09-19 15:21:56 -07:00
Quanah Gibson-Mount
09bec057e5 Fix calls to SLAP_DEVPOLL_SOCK_LX for multi-listener support. Support 
for /dev/poll is neither enabled nor tested, so other issues may exist.
 2017-09-19 15:20:56 -07:00
Howard Chu
20e46d8494 ITS#8725 fix 75999a18c3 
Not needed since callback uses tmpalloc
 2017-09-08 21:36:05 +01:00
Quanah Gibson-Mount
c1512eea58 Fix typo "errror" -> "error" 2017-09-08 12:03:02 -07:00
Nadezhda Ivanova
82737719c8 ITS#8725 Always remove listener descriptors from daemon on shutdown 2017-09-08 19:43:59 +01:00
Howard Chu
db3909d27d ITS#8725 add slap_sl_mark / slap_sl_release 
For fast cleanup after constructing disposable entries
 2017-09-08 17:39:22 +01:00
Howard Chu
68e064ca84 ITS#8725 Avoid listener thread startup race 
Typically only shows up under valgrind, not in regular runs
 2017-09-08 17:39:22 +01:00
Howard Chu
8b1fb962fc ITS#8725 connection fixes 
Fix op_finish, must resched connection to pick up pending ops.
Fix op completion counter.
 2017-09-08 17:39:14 +01:00
Howard Chu
63308ef6bb ITS#8725 backover fixes for async 
Fix some valgrind race conditions - wait for frontend to finish up
Don't set callbacks for abandon or unbind - since they have no response
Use tmpalloc for backover callback
 2017-09-08 17:25:55 +01:00
Nadezhda Ivanova
c6e00c7b0f ITS#8725 Fix an invalid data access during add operations if backend is asynchronous 2017-09-08 16:51:27 +01:00
Howard Chu
01a5eeac1d ITS#8727 plug ber leaks 2017-09-08 16:35:32 +01:00
Howard Chu
75999a18c3 ITS#8725 Add SLAPD_ASYNCOP return code 
Tell frontend the op will finish asynchronously, leave it alone
 2017-09-07 18:07:39 +01:00
Howard Chu
738723866e ITS#8717 call connection delete callbacks 
When TLS fails to start
 2017-09-06 21:46:09 +01:00
SATOH Fumiyasu
2c36a37f90 ITS#8709 contrib/slapd-modules/passwd/totp: OpenSSL 1.1.0 compatibility 2017-09-06 21:29:24 +01:00
Howard Chu
afa861bf22 ITS#8719 add crypt_r() support 2017-09-06 21:25:16 +01:00
Michael Ströder
b65e0b5731 ITS#8714 Send out EXTENDED operation message from back-sock 2017-09-06 15:32:28 +01:00
Howard Chu
bb62d9cb73 ITS#8270 use the configured exop timeout for StartTLS 
Also, there's no need for a retry loop here. Just wait for
the specified timeout or give up.
 2017-08-31 16:53:45 +01:00
Ondřej Kuzník
9e156bf914 ITS#8444 Do not clear the pending operation when checkpointing 
When a checkpoint happens, if we remove the CSN from the pending list,
accesslog won't pass it onto the accesslog DB. But in a delta-mmr
scenario, an accesslog entry without a CSN faces a race where it might
be applied twice - that usually fails and causes a full refresh, other
times it can cause a silent desync - both are undesirable.
 2017-08-25 16:52:13 +01:00
Quanah Gibson-Mount
0f80e05eeb ITS#8715 Fix typo with olcTLSCiphersuite 2017-08-21 09:19:12 -07:00
Quanah Gibson-Mount
17cc93d570 ITS#8713 Delete stub man page for LDBM 2017-08-16 08:50:39 -07:00
Howard Chu
a9f462d615 ITS#8690 one more time 2017-08-04 20:58:07 +01:00
Howard Chu
c9e56b80f3 ITS#8690 fix again 2017-08-04 13:40:34 +01:00
Howard Chu
bcc6601091 Revert "ITS#8690 refix" 
This reverts commit a5f3a2885c.
 2017-08-04 13:34:03 +01:00