mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-12 10:54:48 +08:00
Code Issues Packages Projects Releases Wiki Activity
18,542 Commits 38 Branches 307 Tags 75 MiB
ba2bddafbd
Commit Graph

1625 Commits

Author SHA1 Message Date
Howard Chu
ff8838aa28 ITS#5920 restore old HAS_TLS test 2009-02-04 08:56:04 +00:00
Howard Chu
2b08e96b53 ITS#5916 - externally callable functions are ldap_pvt, not ldap_int. 2009-02-02 21:14:34 +00:00
Pierangelo Masarati
0ded1f16d5 Allow alias dereferencing in search C API; use new API in proxy backends (ITS#5916) 2009-01-31 10:27:07 +00:00
Howard Chu
08905d6792 ITS#5789 again 2009-01-26 21:08:55 +00:00
Howard Chu
f59ce2b9a1 ITS#5462 add randfile support for gcrypt 1.4 2009-01-26 03:41:27 +00:00
Howard Chu
2558951251 ITS#5887 add native support for cipher suites for GnuTLS >= 2.2.0 2009-01-26 03:21:16 +00:00
Howard Chu
f9fd0f0cc4 ITS#5655 for new structure 2009-01-26 02:16:46 +00:00
Howard Chu
4dff3e6807 Switch to using modular TLS code, single-implementation version 2009-01-26 02:06:45 +00:00
Howard Chu
988fb232d2 ITS#5896 don't return immediately on Intermediate responses 2009-01-24 07:18:35 +00:00
Howard Chu
cf1558659b ITS#5655 TLS_PROTOCOL_MIN from Philip Guenther 2009-01-24 03:34:49 +00:00
Kurt Zeilenga
4af9eb9715 Update copyright notices 2009-01-22 00:40:04 +00:00
Ralf Haferkamp
af79710c4d Fixed typo 2008-12-12 10:08:07 +00:00
Howard Chu
187efdad6c ITS#5849 free peer cert after retrieving DN 2008-12-05 09:00:24 +00:00
Howard Chu
a6933cae27 Fix prev commit 2008-11-21 05:15:20 +00:00
Howard Chu
86b5de38be ITS#5812 add SASL_NOCANON / -N option 2008-11-21 03:30:15 +00:00
Howard Chu
0bd6ce1062 ITS#4750 only read LDAP_CONF_FILE if geteuid() != getuid() 2008-11-21 02:15:47 +00:00
Pierangelo Masarati
2eeefd4985 check for bogus params to an LDAP routine (ITS#5817) 2008-11-18 16:27:50 +00:00
Hallvard Furuseth
c7002ffed5 ITS#5815: Fix typo "#elif defined( MAXHOSTNAMELEN". 2008-11-16 22:52:56 +00:00
Howard Chu
36124c715a ITS#5789 GNUtls - allow CN matches against IP addresses 2008-11-04 11:21:52 +00:00
Howard Chu
24078323e2 ITS#5739 fix for ITS#4879 was too eager about IPv6 detection 2008-11-03 15:44:49 +00:00
Hallvard Furuseth
8690650121 ITS#4467: Fix ptr += snprintf buffer overflow tests (made out-of-range ptr). 
Also avoid a buf[BUFSIZ] initialization.
 2008-10-24 13:11:10 +00:00
Pierangelo Masarati
6bedf74c41 tag optional stuff 2008-10-22 23:38:09 +00:00
Pierangelo Masarati
91e14ca638 add support for (experimental) dereference control (ITS#5768); need to re-run autoconf (and autoheader?) 2008-10-22 22:19:49 +00:00
Pierangelo Masarati
2b95616768 missing $OpenLDAP$ header 2008-10-22 21:57:28 +00:00
Ralf Haferkamp
e8c1147b77 reset ld->ld_errno to avoid returning error codes of previously API calls (ITS#5762) 2008-10-21 16:17:41 +00:00
Hallvard Furuseth
08852acb80 Warning cleanup: signed meets unsigned, remove assert(unsigned >= 0). 2008-10-17 23:24:48 +00:00
Hallvard Furuseth
b464a790b8 Fix Debug(%d, scred->bv_len or -1) -> Debug(%ld, (long) scred->bv_len or -1L). 
Cast sasl_encode() arg from unsigned char* to char*.
Warning cleanup: signed meets unsigned.
 2008-10-17 20:46:44 +00:00
Hallvard Furuseth
1c85cf3c88 Warning cleanup: signed meets unsigned. ber_flatten2() returns -1 on 
error, not LBER_ERROR.
 2008-10-13 08:44:54 +00:00
Howard Chu
9078381252 Cleanup unused defs 2008-10-09 11:33:49 +00:00
Howard Chu
4294664aad ITS#5369 SASL/GSSAPi refactoring from Stefan Metzmacher <metze@samba.org> 
and Rafal Szczeniak <mimir@samba.org>, with minor cleanups
 2008-10-09 11:10:28 +00:00
Howard Chu
f7484f78e6 ITS#5369 SASL/GSSAPi refactoring from Stefan Metzmacher <metze@samba.org> 
and Rafal Szczeniak <mimir@samba.org>, with minor cleanups
 2008-10-09 10:51:28 +00:00
Howard Chu
b2432fdbf2 Add SASL_MECHLIST option to retrieve list of known SASL mechs 2008-10-09 09:28:39 +00:00
Howard Chu
c51252633b Accept X-starttls for prev commit 2008-10-07 03:13:00 +00:00
Howard Chu
809548c88b Handle StartTLS in URL extensions 2008-10-07 03:06:44 +00:00
Howard Chu
99186a90e0 Fix prev commit 2008-09-30 22:22:31 +00:00
Howard Chu
721264db13 ITS#5720 fix ldap_utf8_strchr arguments 2008-09-30 05:05:53 +00:00
Ralf Haferkamp
0f4f9c9c13 Avoid "label at end of compound statement" error of newer gcc 2008-09-19 12:58:00 +00:00
Pierangelo Masarati
43ae03fc10 silence warnings 2008-09-16 14:10:02 +00:00
Howard Chu
cc94023c98 ITS#5677 s/TLS_CRL/TLS_CRLFILE/ 2008-09-02 22:10:44 +00:00
Howard Chu
0dbeb1d87b Pass LDAPURLDescs to connect functions instead of host/port 2008-08-15 22:53:47 +00:00
Howard Chu
46049f1d13 Fix prev commit 2008-08-15 10:53:11 +00:00
Howard Chu
baad2b249d Connect callbacks need error recovery checks 2008-08-15 10:23:29 +00:00
Howard Chu
80d1dba901 Add LDAP_OPT_CONNECT_CB connection callbacks 2008-08-14 04:54:32 +00:00
Howard Chu
a225b02f17 Modular TLS support, proof of concept. tls2.c would replace tls.c, 
but I'm leaving tls.c intact for now.
 2008-08-13 16:18:51 +00:00
Howard Chu
27fc008761 Protect errno values from Debug 2008-07-02 16:43:51 +00:00
Howard Chu
7e4ba700f1 ITS#5585 GnuTLS key strength is in bytes, we expected bits 2008-06-30 23:32:35 +00:00
Howard Chu
9ef6cc3cd4 ITS#5577 GnuTLS CRL result >0 is success 2008-06-24 20:14:30 +00:00
Pierangelo Masarati
7e3c9a07e9 add client API for assertion control (ITS#5560) 2008-06-14 17:49:47 +00:00
Howard Chu
99160d7c20 ITS#5542 fix loop iterator 2008-05-30 17:29:47 +00:00
Howard Chu
19d7e565f0 ITS#5318 drop invalid msgids, cleanup msgid logging 2008-05-28 01:19:43 +00:00
Howard Chu
96550c885d ITS#5518,#5525 cleanup ld_defconn if it was freed 2008-05-23 09:53:42 +00:00
Hallvard Furuseth
1fc3f1c130 ITS#5507: Set FD_CLOEXEC (close on exec) flag on LDAP file descriptors 2008-05-15 20:56:41 +00:00
Howard Chu
8810ef26b6 ITS#5458 fix error message for missing closing paren 2008-04-10 18:36:15 +00:00
Hallvard Furuseth
c55a06254f ITS#5436: make htons() port number unsigned 2008-03-18 21:12:00 +00:00
Howard Chu
68316527c4 ITS#5341 GnuTLS ciphersuite parsing 2008-02-10 11:58:16 +00:00
Pierangelo Masarati
b0b387e9ed ITS#5338 2008-01-25 00:00:30 +00:00
Howard Chu
5cf0b5175b ITS#5324 don't use %n 2008-01-11 06:39:50 +00:00
Hallvard Furuseth
2660518c5d ldap_int_bisect_find(): Silence harmless "may be used uninitialized" warning 2008-01-10 18:34:40 +00:00
Ralf Haferkamp
5a143df3ce Corrected memory allocation for cookie (ITS#5315) 2008-01-09 13:28:09 +00:00
Kurt Zeilenga
c890c96d13 Happy New Year (belated) 2008-01-08 00:19:56 +00:00
Howard Chu
f41322d8ef Fix prev commit 2008-01-03 08:25:58 +00:00
Pierangelo Masarati
859c6d03c0 fix to ITS#5304 2008-01-02 17:30:40 +00:00
Howard Chu
cd673c2ff2 ITS#5300, reject substring filters with empty values 2007-12-29 02:32:22 +00:00
Howard Chu
4c9af232d2 Cleanup spaces 2007-12-20 02:46:59 +00:00
Howard Chu
8ddc2dd773 ITS#5291, more for rev 1.79 search timeouts 2007-12-20 02:46:13 +00:00
Howard Chu
33c0301b25 Better fix to prev commit 2007-12-17 07:11:24 +00:00
Hallvard Furuseth
e4ffd33f1a Declare enough buffer space for out-of-range URL port numbers 2007-12-15 23:36:22 +00:00
Pierangelo Masarati
20f2548c82 fix declarations of buffers for numeric strings; other related cleanup 2007-12-15 15:23:23 +00:00
Howard Chu
da53cd0c40 uid/gid are unsigned 2007-12-15 02:28:45 +00:00
Howard Chu
f02d481426 ITS#5263 fix return code from parse_sasl_bind_result() 2007-12-15 02:06:12 +00:00
Howard Chu
5418b51643 Quiet request logging 2007-10-10 05:17:49 +00:00
Howard Chu
cbb6f3bd50 ITS#5100 ldap_control_dup - OID must be non-NULL 2007-10-09 01:38:50 +00:00
Howard Chu
65db0bf8eb ITS#3864 use sasl_ssf_t where expected 2007-10-06 14:55:53 +00:00
Pierangelo Masarati
d50645fc0a dispose of connection when server down (related to ITS#5127) 2007-09-29 11:24:39 +00:00
Pierangelo Masarati
27e747ad48 fix format 2007-09-29 11:22:31 +00:00
Pierangelo Masarati
b9e2fd0dd6 ldap_control*_dup() is no longer private; add ldap_pvt_put_control 2007-08-24 12:29:33 +00:00
Pierangelo Masarati
25d46e7578 rework controls API 2007-08-22 22:35:14 +00:00
Pierangelo Masarati
95dd8de586 fix and cleanup 2007-08-22 20:55:54 +00:00
Kurt Zeilenga
0025d7fa1f Fix last commit. 2007-08-22 19:33:28 +00:00
Kurt Zeilenga
e6699ce023 Password policy request control should have no control value. 
Extend ldap_create_control() to supporting creating such.
 2007-08-22 19:26:55 +00:00
Pierangelo Masarati
b0d2063d92 client side of draft-wahl-ldap-session 2007-08-21 23:52:03 +00:00
Pierangelo Masarati
145e6fc1f8 fix or comment Calysto findings 2007-08-21 10:52:16 +00:00
Pierangelo Masarati
403704b7bc move uuid normalized to string to liblutil 2007-08-17 12:42:52 +00:00
Pierangelo Masarati
6df2df130b don't leak in case of error 2007-08-17 09:47:14 +00:00
Pierangelo Masarati
4bc19cbbb9 cleanup tools 2007-08-16 09:22:07 +00:00
Hallvard Furuseth
973a2b41b7 Make LDAP_MEMORY_DEBUG a bitmask. #define LDAP_MEMORY_DEBUG_ASSERT. ITS#4990. 2007-07-24 20:53:23 +00:00
Howard Chu
2b67f4face ITS#5056 fix chain_tail processing 2007-07-20 21:28:04 +00:00
Ralf Haferkamp
6ab46208bc Allow utf-8 in AD-Canonical Names 2007-07-13 10:12:27 +00:00
Pierangelo Masarati
848ea293a3 cleanup 2007-06-19 22:59:53 +00:00
Pierangelo Masarati
7e12342b3b add sub-second result timeout accuracy (for which is which; ITS#4963 with changes) 2007-06-14 22:35:41 +00:00
Hallvard Furuseth
90fe4bd927 ITS#4983: Partly revert tls_thread_self() paranoia from rev 1.154: Only 
require that ldap_pvt_thread_t can be cast to u.long and is not wider.
ITS#5010: In ldap_X509dn2bv(), catch error return from ber_decode_oid().
 2007-06-12 23:57:08 +00:00
Hallvard Furuseth
5d083f3859 int -> ber_socklen_t for getsockopt() 2007-06-10 20:34:05 +00:00
Hallvard Furuseth
3750520f6f Fix HP-UX crash: Replace socklen_t with ber_socklen_t from configure. ITS#4629. 2007-06-09 23:35:20 +00:00
Howard Chu
469a45a62f ITS#4992 fix cldap 2007-06-08 09:40:17 +00:00
Howard Chu
431f6fd810 ITS#4955 fix typo in referral chasing 2007-06-08 09:17:00 +00:00
Hallvard Furuseth
9a9d216526 Shut up gcc -Wformat 2007-05-31 17:07:57 +00:00
Hallvard Furuseth
101b6b9363 Fix --without-tls (ITS#4975). Enable certificate matching. 2007-05-20 22:48:21 +00:00
Hallvard Furuseth
c47e444698 libldap/tls.c calls CRYPTO_set_id_callback(ldap_pvt_thread_self), which 
causes ldap_pvt_thread_self to be called with the wrong prototype.

That can cause OpenSSL to use a garbage value, e.g. if the unsigned
long it expects takes two words but ldap_pvt_thread_t is an int.

I'm fixing it in HEAD now and also provoking an error if unsigned
long cannot hold a ldap_pvt_thread_t.  Otherwise it can silently
compile to broken code.  Maybe the latter should go in configure,
but since OpenSSL presumably breaks anyway if that fails I don't
see much point at this time.
 2007-05-20 20:02:52 +00:00
Hallvard Furuseth
f906a99eec Only define x509_cert_get_dn() when HAVE_GNUTLS. Remove unused variable. 2007-05-18 15:10:15 +00:00
Howard Chu
d9a43aee44 Fix GNUtls acknowledgement, initial work by Matt Backes. Sponsored by 
The Written Word and Stanford University.
 2007-05-14 23:35:36 +00:00