Commit Graph

1555 Commits

Author SHA1 Message Date
Howard Chu
6f8b100f6b Finish implementation of get_ca_list() 2002-06-14 06:09:24 +00:00
Howard Chu
56cba7f97c In ldap_extended_operation_s, check for NULL retoidp and retdatap
before storing NULL.
2002-06-13 16:26:47 +00:00
Kurt Zeilenga
56bbe05490 Add {CLEARTEXT} password-hash support 2002-06-12 00:43:34 +00:00
Kurt Zeilenga
fe86a81e25 VLV clean 2002-06-09 06:12:24 +00:00
Howard Chu
a1e63db574 Fix ITS#1865, (ITS#1764?) cond_broadcast behavior was broken 2002-06-07 22:45:22 +00:00
Howard Chu
70092b38fb Fix ITS#1843, don't deref NULL string in ldap_pvt_str2upper 2002-06-07 13:27:25 +00:00
Howard Chu
8101798791 Better SASL_MAXBUF fix 2002-06-07 03:40:16 +00:00
Howard Chu
353f627aa4 Eliminate SASL client session_callbacks. Since proc was always NULL they
never did anything anyway.
2002-06-06 01:44:38 +00:00
Kurt Zeilenga
2c7dae116b More argument handling updates
(don't check what we expect applications to check).
2002-06-06 00:26:50 +00:00
Kurt Zeilenga
1064f52dae Fix typo in last commit 2002-06-05 16:39:15 +00:00
Kurt Zeilenga
40ef77a8f8 Add error handling cleanup 2002-06-05 15:51:42 +00:00
Kurt Zeilenga
99f5983fb6 Consistently don't check for NULL session handle and other pointers.
Application is responsible for providing valid session pointers.
2002-06-05 15:46:26 +00:00
Kurt Zeilenga
131470685f /dev/urandom re-read(2) loop 2002-06-03 16:43:57 +00:00
Kurt Zeilenga
771a131b0d Fix unprotected list modification 2002-05-31 20:22:44 +00:00
Howard Chu
a348f46e56 Use LDAP_REWRITE_V, not LDAP_V 2002-05-18 01:29:18 +00:00
Howard Chu
7de25993f5 Fix NT_LINK_LIBS, UNIX_LINK_LIBS 2002-05-17 23:41:26 +00:00
Kurt Zeilenga
c3a59a6407 Remove sys/uio.h include 2002-05-15 05:53:10 +00:00
Howard Chu
b2e731a3e0 Win32 fix from Kervin Pierre 2002-05-11 18:15:07 +00:00
Howard Chu
9979d200db Fleshed out debug2syslog 2002-05-10 17:48:54 +00:00
Howard Chu
2ca4b0ebfc ITS#1806, Cyrus 1 doesn't give back our callbacks pointer, must stash it
ourselves.
2002-05-06 23:56:35 +00:00
Howard Chu
ae3a80eb09 Fix in 1.50 applies to Cyrus 1 as well as Cyrus 2. 2002-05-05 19:15:29 +00:00
Kurt Zeilenga
f9687f6c2a Patch: incomplete 'make clean' in liblunicode (ITS#1791)
In liblunicode, 'make clean' and 'make distclean' do not remove
the symlinks ucdata.h and ure.h.

from Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>
2002-05-04 23:13:51 +00:00
Howard Chu
e8e7847175 ITS#1797 silence uninit'd var warnings 2002-05-04 10:52:05 +00:00
Howard Chu
3590877b77 Initialize authid in case ldap_pvt_tls_get_my_dn fails 2002-05-04 01:32:41 +00:00
Howard Chu
0390a171b9 Changed default tls_opt_require_cert value to LDAP_OPT_X_TLS_DEMAND; force
a fatal error when TLS server cert verification fails.

Changed ldap_pvt_tls_check_hostname to return LDAP_SUCCESS when no cert is
found: this can now only occur if tls_opt_require_cert was explicitly set
to NEVER or ALLOW.

In tls_verify_cb, added a text translation of the verification error code
to the debug message.
2002-05-04 00:05:48 +00:00
Howard Chu
6c1a786d6c Fix previous commit, wrong if condition 2002-05-03 13:07:42 +00:00
Howard Chu
ed871b997c Break up large SASL writes into units of SASL maxoutbuf size. 2002-05-03 13:04:55 +00:00
Howard Chu
931c4eb35f For Cyrus 2, cannot free session_callbacks in ldap_int_sasl_open, must
wait until ldap_int_sasl_close because SASL doesn't copy our structure,
it uses it directly.
2002-05-03 12:10:47 +00:00
Kurt Zeilenga
8c152396b9 Matched Values implementation (ITS#1776) based upon submission
form Mikhail Sahalaev <M.Sahalayev@pgr.salford.ac.uk>.
Further work needed:
	add testxxx-matchedvalues
	rework ldapsearch(1) portion of patch to generalize use of options
---
Copyright 2001, Mikhail Sahalaev, All rights reserved.
This software is not subject to any license of University Of
Salford.

Redistribution and use in source and binary forms are permitted
without restriction or fee of any kind as long as this notice
is preserved.
2002-05-02 18:56:56 +00:00
Howard Chu
b732d3ec55 Fix previous commit, only zero out v3 refer_cnt if we got a SEARCH_RESULT.
If we got a SEARCH_REFERENCE, we need to keep going...
2002-05-02 12:08:19 +00:00
Kurt Zeilenga
d82d018f20 add an RFC 2849 check... but behind #if 0 as I'm now thinking this
is not appropriate.
2002-05-01 04:40:26 +00:00
Kurt Zeilenga
96483c8dcd cleanup before working on changes 2002-05-01 04:23:59 +00:00
Howard Chu
c9699c1072 Fix previous commit - must fully init newAVA 2002-04-30 14:43:05 +00:00
Howard Chu
b005540094 Added ldap_ucs_to_utf8s to convert ASN.1 T61STRING, BMPSTRING, and
UNIVERSALSTRING to UTF-8 format.

Rewrote ldap_X509dn2bv to check ASN.1 types and use above function.
2002-04-30 13:57:01 +00:00
Howard Chu
de3e81cebb Changed ldap_pvt_tls_get_my_dn and ldap_pvt_tls_get_peer_dn to store result
in dn parameter and return a result code.
2002-04-30 13:50:56 +00:00
Pierangelo Masarati
d019bff7b8 First commit of Hallvard's backend documentation effort
Backend documentation patch, version 1

================
Most of this text is taken from OpenLDAP.  The work of rewriting it
to manual pages is done by by Hallvard B. Furuseth and placed into
the public domain.  This software is not subject to any license of
the University of Oslo.
================

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-29 20:24:29 +00:00
Stig Venaas
e08bc054c7 Adding support for compatibility decomposition to ucdata lib, and switch
from NFC to NFKC in UTF8bvnormalize() and UTF8bvnormcmp()
2002-04-19 12:59:57 +00:00
Howard Chu
5528772f23 In ldap_int_tls_start, authid is very temporary, not const. 2002-04-19 04:35:16 +00:00
Howard Chu
202aa8c793 Fix memory leak in previous commit 2002-04-18 16:02:02 +00:00
Howard Chu
17ae956518 Added ldap_X509dn2bv()
deleted ldap_pvt_tls_get_peer()
  changed ldap_pvt_tls_get_peer_dn() to use ldap_X509dn2bv()
  added ldap_pvt_tls_get_my_dn()
2002-04-18 12:29:30 +00:00
Howard Chu
315ac06912 Fix warnings from sasl_errdetail 2002-04-18 12:20:55 +00:00
Howard Chu
98a416b584 Additional error reporting for Cyrus SASL 2. Attempt to get SASL-EXTERNAL
working ifor Cyrus 2. (Both GSSAPI and EXTERNAL are broken at the moment.)
2002-04-18 00:48:36 +00:00
Howard Chu
dc3e5fb99d ITS#818, ITS#980, ITS#1234 ldapsearch/referral hang - set refer_cnt to 0
after v3refs have been chased. They are fully processed by the time we get
back, so we should just return the current result message to the caller.
2002-04-16 12:53:13 +00:00
Howard Chu
491d2ae5b9 ITS#1720 chk_sasl for Cyrus SASL 2 2002-04-16 04:05:51 +00:00
Kurt Zeilenga
709ce4fa6c Re: Patch: ctype functions require 'unsigned char' args (ITS#1678)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

Here are fixes for more places where the argument to ctype.h functions
should be in the range of `unsigned char'.

Explanation of the last patch (to schema_init.c:bvcasechr()):
TOLOWER() and TOUPPER() return values in the range of `unsigned char',
but bvcasechr() then compares those values with a plain `char'.  So I
convert the return values from TOLOWER()/TOUPPER() to `char' first.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-15 20:42:42 +00:00
Kurt Zeilenga
319440033f Patch: ucdata 2.4 bugs (ITS#1751)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

ucgendat.c accessed unallocated memory when i == ncodes_size.

The changes others are trivial, I just include them since I'm patching
ucdata anyway:

ucdata.c   had some pointless '0 <= unsigned' comparisons.

ucstr.c    assigned a long* to an unsigned long*.  Since malloc()
           returns void*, the result need not be cast at all.

I'll send the ucgendat.c and ucdata.c patches to Mark Leisher
<mleisher@crl.nmsu.edu>.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-15 20:39:22 +00:00
Kurt Zeilenga
02e8527248 Patch: Escape character troubles (ITS#1753)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

maildap could address buf[-1] if len was < 2.

REWRITE_SUBMATCH_ESCAPE is '%', not '\'.

librewrite and saslautz could walk past the end of a string which
ended with an escape character.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-15 18:29:39 +00:00
Howard Chu
bb17493d31 ITS#1732 signed/unsigned fixes 2002-04-11 08:47:37 +00:00
Pierangelo Masarati
4a2b9b2195 ITS#1730 2002-04-08 18:39:23 +00:00
Pierangelo Masarati
8de44663f7 ITS#1730 and completion of ITS#1701 2002-04-08 10:34:04 +00:00