Howard Chu
e8e7847175
ITS#1797 silence uninit'd var warnings
2002-05-04 10:52:05 +00:00
Howard Chu
3590877b77
Initialize authid in case ldap_pvt_tls_get_my_dn fails
2002-05-04 01:32:41 +00:00
Howard Chu
0390a171b9
Changed default tls_opt_require_cert value to LDAP_OPT_X_TLS_DEMAND; force
...
a fatal error when TLS server cert verification fails.
Changed ldap_pvt_tls_check_hostname to return LDAP_SUCCESS when no cert is
found: this can now only occur if tls_opt_require_cert was explicitly set
to NEVER or ALLOW.
In tls_verify_cb, added a text translation of the verification error code
to the debug message.
2002-05-04 00:05:48 +00:00
Howard Chu
6c1a786d6c
Fix previous commit, wrong if condition
2002-05-03 13:07:42 +00:00
Howard Chu
ed871b997c
Break up large SASL writes into units of SASL maxoutbuf size.
2002-05-03 13:04:55 +00:00
Howard Chu
931c4eb35f
For Cyrus 2, cannot free session_callbacks in ldap_int_sasl_open, must
...
wait until ldap_int_sasl_close because SASL doesn't copy our structure,
it uses it directly.
2002-05-03 12:10:47 +00:00
Kurt Zeilenga
8c152396b9
Matched Values implementation (ITS#1776) based upon submission
...
form Mikhail Sahalaev <M.Sahalayev@pgr.salford.ac.uk>.
Further work needed:
add testxxx-matchedvalues
rework ldapsearch(1) portion of patch to generalize use of options
---
Copyright 2001, Mikhail Sahalaev, All rights reserved.
This software is not subject to any license of University Of
Salford.
Redistribution and use in source and binary forms are permitted
without restriction or fee of any kind as long as this notice
is preserved.
2002-05-02 18:56:56 +00:00
Howard Chu
b732d3ec55
Fix previous commit, only zero out v3 refer_cnt if we got a SEARCH_RESULT.
...
If we got a SEARCH_REFERENCE, we need to keep going...
2002-05-02 12:08:19 +00:00
Kurt Zeilenga
d82d018f20
add an RFC 2849 check... but behind #if 0 as I'm now thinking this
...
is not appropriate.
2002-05-01 04:40:26 +00:00
Kurt Zeilenga
96483c8dcd
cleanup before working on changes
2002-05-01 04:23:59 +00:00
Howard Chu
c9699c1072
Fix previous commit - must fully init newAVA
2002-04-30 14:43:05 +00:00
Howard Chu
b005540094
Added ldap_ucs_to_utf8s to convert ASN.1 T61STRING, BMPSTRING, and
...
UNIVERSALSTRING to UTF-8 format.
Rewrote ldap_X509dn2bv to check ASN.1 types and use above function.
2002-04-30 13:57:01 +00:00
Howard Chu
de3e81cebb
Changed ldap_pvt_tls_get_my_dn and ldap_pvt_tls_get_peer_dn to store result
...
in dn parameter and return a result code.
2002-04-30 13:50:56 +00:00
Pierangelo Masarati
d019bff7b8
First commit of Hallvard's backend documentation effort
...
Backend documentation patch, version 1
================
Most of this text is taken from OpenLDAP. The work of rewriting it
to manual pages is done by by Hallvard B. Furuseth and placed into
the public domain. This software is not subject to any license of
the University of Oslo.
================
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-29 20:24:29 +00:00
Stig Venaas
e08bc054c7
Adding support for compatibility decomposition to ucdata lib, and switch
...
from NFC to NFKC in UTF8bvnormalize() and UTF8bvnormcmp()
2002-04-19 12:59:57 +00:00
Howard Chu
5528772f23
In ldap_int_tls_start, authid is very temporary, not const.
2002-04-19 04:35:16 +00:00
Howard Chu
202aa8c793
Fix memory leak in previous commit
2002-04-18 16:02:02 +00:00
Howard Chu
17ae956518
Added ldap_X509dn2bv()
...
deleted ldap_pvt_tls_get_peer()
changed ldap_pvt_tls_get_peer_dn() to use ldap_X509dn2bv()
added ldap_pvt_tls_get_my_dn()
2002-04-18 12:29:30 +00:00
Howard Chu
315ac06912
Fix warnings from sasl_errdetail
2002-04-18 12:20:55 +00:00
Howard Chu
98a416b584
Additional error reporting for Cyrus SASL 2. Attempt to get SASL-EXTERNAL
...
working ifor Cyrus 2. (Both GSSAPI and EXTERNAL are broken at the moment.)
2002-04-18 00:48:36 +00:00
Howard Chu
dc3e5fb99d
ITS#818, ITS#980, ITS#1234 ldapsearch/referral hang - set refer_cnt to 0
...
after v3refs have been chased. They are fully processed by the time we get
back, so we should just return the current result message to the caller.
2002-04-16 12:53:13 +00:00
Howard Chu
491d2ae5b9
ITS#1720 chk_sasl for Cyrus SASL 2
2002-04-16 04:05:51 +00:00
Kurt Zeilenga
709ce4fa6c
Re: Patch: ctype functions require 'unsigned char' args (ITS#1678)
...
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
Here are fixes for more places where the argument to ctype.h functions
should be in the range of `unsigned char'.
Explanation of the last patch (to schema_init.c:bvcasechr()):
TOLOWER() and TOUPPER() return values in the range of `unsigned char',
but bvcasechr() then compares those values with a plain `char'. So I
convert the return values from TOLOWER()/TOUPPER() to `char' first.
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-15 20:42:42 +00:00
Kurt Zeilenga
319440033f
Patch: ucdata 2.4 bugs (ITS#1751)
...
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
ucgendat.c accessed unallocated memory when i == ncodes_size.
The changes others are trivial, I just include them since I'm patching
ucdata anyway:
ucdata.c had some pointless '0 <= unsigned' comparisons.
ucstr.c assigned a long* to an unsigned long*. Since malloc()
returns void*, the result need not be cast at all.
I'll send the ucgendat.c and ucdata.c patches to Mark Leisher
<mleisher@crl.nmsu.edu>.
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-15 20:39:22 +00:00
Kurt Zeilenga
02e8527248
Patch: Escape character troubles (ITS#1753)
...
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
maildap could address buf[-1] if len was < 2.
REWRITE_SUBMATCH_ESCAPE is '%', not '\'.
librewrite and saslautz could walk past the end of a string which
ended with an escape character.
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-15 18:29:39 +00:00
Howard Chu
bb17493d31
ITS#1732 signed/unsigned fixes
2002-04-11 08:47:37 +00:00
Pierangelo Masarati
4a2b9b2195
ITS#1730
2002-04-08 18:39:23 +00:00
Pierangelo Masarati
8de44663f7
ITS#1730 and completion of ITS#1701
2002-04-08 10:34:04 +00:00
Pierangelo Masarati
4a8ab5dbf2
Mostly based on patches provided by Hallvard B. Furuseth
...
ITS#1677 - cast away const warnings
ITS#1678 - unsigned char args to ctype funcs
ITS#1682 - don't redefine ldap_debug
ITS#1683 - uninitialized vars
ITS#1703 - ldo_debug initialization
ITS#1705 - unsigned testing
ITS#1706 - socklen_t args
ITS#1719 - back-tcl update (other cleanups/fixes/improvements; yet untested)
ITS#1724 - integerNormalize/integerFilter/integerIndexer bugs
ITS#1725 - libdes not required
Implement back-null (/dev/null style backend)
Cleanup some misc warnings ("%lu" format, unused/uninitialized vars,
ambiguous operator precedence)
Kurt, please regenerate configure
2002-04-08 09:43:22 +00:00
Pierangelo Masarati
6b8e16efec
fix ambiguous use of && and || (please check :)
2002-04-06 09:30:24 +00:00
Howard Chu
5c70106657
ITS#1708 ldap_pvt_tls_sb_ctx() et al
2002-04-05 06:48:03 +00:00
Stig Venaas
891f987928
Changed to use lower case for case folding
2002-04-04 12:50:46 +00:00
Kurt Zeilenga
b0b8546f05
Patch: More format bugs (ITS#1702)
...
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
2002-04-02 18:56:26 +00:00
Kurt Zeilenga
26b99bc35d
ITS#1701. Fix ber_scanf() return tag handling.
...
Based upon patch submitted by Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>.
2002-04-02 18:40:04 +00:00
Julius Enarusai
b082ed9355
Added LDAP_LOG Messages
2002-04-02 00:22:57 +00:00
Julius Enarusai
e86782aab9
Added LDAP_LOG messages
2002-04-01 23:39:36 +00:00
Julius Enarusai
fff5d3de60
Added LDAP_LOG messages
2002-04-01 22:31:44 +00:00
Julius Enarusai
e30c52dfb7
Added LDAP_LOG Messages
2002-04-01 22:28:02 +00:00
Julius Enarusai
70c73da22c
Added LDAP_LOG messages
2002-04-01 22:08:32 +00:00
Kurt Zeilenga
111b464642
move ldap_int_put_filter to ldap_pvt_put_filter
...
and other cleanup
2002-03-30 00:42:40 +00:00
Julius Enarusai
b7bd4368d9
Added LDAP_LOG messages
2002-03-29 17:46:28 +00:00
Julius Enarusai
ae31411a0d
Added LDAP_LOG messages
2002-03-27 22:35:35 +00:00
Julius Enarusai
688f45dd06
Added LDAP_LOG messages
2002-03-27 22:23:24 +00:00
Julius Enarusai
171281f3ec
Added LDAP_LOG messages
2002-03-27 22:03:35 +00:00
Julius Enarusai
3921e1b0c2
Added LDAP_LOG messages
2002-03-27 21:38:32 +00:00
Julius Enarusai
c0325aed88
Added LDAP_LOG messages
2002-03-27 21:16:36 +00:00
Julius Enarusai
3654b0d4c0
Added LDAP_LOG messages
2002-03-27 19:51:13 +00:00
Julius Enarusai
9c90811315
Added LDAP_LOG messages
2002-03-27 19:43:07 +00:00
Julius Enarusai
a299e74d21
Added LDAP_LOG messages
2002-03-27 19:37:50 +00:00
Julius Enarusai
b4243bc119
Added LDAP_LOG messages
2002-03-27 19:28:43 +00:00
Julius Enarusai
150aa3fc7b
Added LDAP_LOG messages
2002-03-27 19:18:11 +00:00
Julius Enarusai
3ab1ea7300
Added LDAP_LOG messages
2002-03-27 19:12:18 +00:00
Julius Enarusai
e4f2c9425a
Added LDAP_LOG messages
2002-03-27 18:50:45 +00:00
Julius Enarusai
d88bc7a8b5
Added LDAP_LOG messages
2002-03-27 18:20:08 +00:00
Kurt Zeilenga
e0f33c6674
s/getdat/gendat/
2002-03-24 01:55:37 +00:00
Kurt Zeilenga
a64cae0f8c
Need a bigger buffer
2002-03-23 21:14:50 +00:00
Pierangelo Masarati
e8c5f59d84
ldap_int_thread_pool_wrapper was called with wrong prototype (ITS#1673)
...
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
ldap_int_thread_pool_wrapper() was defined with an parameter
struct ldap_int_thread_pool_s* but called with a void* argument.
Since these may have different representations, it can crash.
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, March 2002.
2002-03-23 17:24:38 +00:00
Kurt Zeilenga
fcf9f451a5
Copyright 2001, Adrian Thurston, All rights reserved.
...
This software is not subject to any license of
Xandros Corporation.
This is free software; you can redistribute and use it under the same
terms as OpenLDAP itself.
-------------------------------------------------------------------
This patch adds an option to ldap_get_option which can be called after
ldap_start_tls in order to obtain the pointer to the SSL object used
2002-03-11 03:39:08 +00:00
Stig Venaas
c476878fde
Using new UTF8bv* all over, getting rid of UTF8normalize() and
...
UTF8normcmp().
2002-02-27 16:11:24 +00:00
Stig Venaas
94983da942
Added code for approximate matching in UTF8bvnormalize() and changed to use
...
this in approxMatch etc in schema_init.c
2002-02-26 18:38:40 +00:00
Stig Venaas
d6c3ccadc4
Optimizing UTF8bvnormcmp() by adding flags that tells which arguments are
...
in NFC. By default no arguments are assumed to be NFC.
2002-02-25 13:20:09 +00:00
Kurt Zeilenga
d50eb2e959
C translator portability changes (ITS#1609)
2002-02-23 23:47:37 +00:00
Kurt Zeilenga
6d9307b534
Silence a warning
2002-02-23 23:26:48 +00:00
Kurt Zeilenga
3d9cf98dad
If port is zero, use default.
2002-02-21 15:39:35 +00:00
Stig Venaas
9e8f3053cb
Added UTF8bvnormcmp(), should replace UTF8normcmp()
2002-02-20 15:51:10 +00:00
Pierangelo Masarati
2aec424646
use memchr in ber_bvchr
2002-02-14 21:10:13 +00:00
Pierangelo Masarati
215448ac83
substrings match works with NULs in UTF8 strings
2002-02-14 18:55:38 +00:00
Pierangelo Masarati
c31596eb78
not-so-easy-to-spot bug in filter writing
2002-02-14 18:01:15 +00:00
Stig Venaas
217103b138
Added UTF8bvnormalize which is like UTF8normalize but returns berval. It
...
can be passed a pointer to the berval to be used for the return value. If
this is NULL, it will allocate a new one.
2002-02-14 14:03:27 +00:00
Howard Chu
933f6a5fdd
For ITS#1601, add ber_init2() using given buffer in-place instead of
...
allocating a copy.
2002-02-14 13:32:40 +00:00
Pierangelo Masarati
32e48d9e4d
disallow unescaped NULs in UTF-8 string values
2002-02-13 22:49:03 +00:00
Kurt Zeilenga
63bdcda971
Fix for Linux on zSeries.
2002-02-13 21:26:24 +00:00
Pierangelo Masarati
39891e4e5b
make UTF8STringNormalize handle NUL
2002-02-13 21:25:57 +00:00
Kurt Zeilenga
427478a753
Use memchr, not strlen, to look for embedded NULs.
2002-02-13 17:48:39 +00:00
Kurt Zeilenga
dd12660a14
Add embedded NUL check. This is one case where we don't want to
...
be liberal in what we accept.
2002-02-13 17:23:33 +00:00
Kurt Zeilenga
ee6d1a4d40
Check for NULs in DNs.
2002-02-13 16:41:41 +00:00
Pierangelo Masarati
6913aadcdf
minor cleanup
2002-02-13 14:44:08 +00:00
Pierangelo Masarati
33d5f0f8f8
honor the ber_len field to allow to exploit ldap_bv2[r]dn to handle DNs embedded in longer strings ...
2002-02-13 12:09:36 +00:00
Pierangelo Masarati
a117c5eee7
use ldap_bv2[r]dn and turn ldap_str2[r]dn into wrappers
2002-02-13 11:46:33 +00:00
Howard Chu
b1c39eff65
Fix previous commit, need to detect very short packets.
2002-02-13 11:29:05 +00:00
Pierangelo Masarati
959edd88c0
prepare for ldap_bv2dn()
2002-02-13 10:05:22 +00:00
Howard Chu
ab099caed5
ber_get_next: return error if decoded ber_len is smaller than actual count
2002-02-13 09:59:10 +00:00
Kurt Zeilenga
f1cc2b7ab2
#if 0 RDN debugging
2002-02-13 08:00:31 +00:00
Kurt Zeilenga
275f3be363
Misc. DN fixes and cleanups, namely don't muck with AVA_BINARY values
...
Also, pass empty_bv when bv_val is NULL.
2002-02-13 06:35:27 +00:00
Kurt Zeilenga
a9cf0f5c08
Add uuid_to_str() detection.
2002-02-11 20:17:08 +00:00
Kurt Zeilenga
defed68e82
Fix typo
2002-02-11 18:18:34 +00:00
Howard Chu
a916535a27
Fix #include of sasl.h
2002-02-11 09:39:15 +00:00
Kurt Zeilenga
d23c559646
Don't use 'shtool mkln' as ln(1) replacement.
...
Allow both <sasl/sasl.h> and <sasl.h>
2002-02-11 08:28:51 +00:00
Kurt Zeilenga
ce07fb958e
Update libtool usage
...
s/-L.../libraries -lldap/.../libraries/libldap/libldap.la/
2002-02-10 22:42:51 +00:00
Kurt Zeilenga
b315d8af34
Update Cyrus SASL detection to always look for <sasl.h> regardless
...
of version and then try -lsasl2 and -lsasl. Make SASL code
conditional on SASL_VERSION_MAJOR, not HAVE_CYRUS_SASL.
2002-02-10 17:51:19 +00:00
Howard Chu
8a4e92b259
Support for Cyrus SASLv2. Untested.
2002-02-10 14:27:23 +00:00
Howard Chu
ffa4b26343
Slightly better fix for library cleanup. Requires GCC.
2002-02-09 01:09:23 +00:00
Howard Chu
1fba3a5c13
Fix flag initialization
2002-02-08 21:53:04 +00:00
Howard Chu
7d41a446cb
Added conversion from UTF-8 to T.61.
2002-02-01 03:13:04 +00:00
Howard Chu
cb88cae005
First pass at T.61 <-> UTF-8 translation. Only does T.61 to UTF-8.
...
Feel free to inspect, not yet ready for use.
2002-01-31 13:42:06 +00:00
Howard Chu
63a4a19732
Send a warning to the client if we try to use a bad cert.
2002-01-27 03:48:08 +00:00
Howard Chu
c3c85b4062
Extended TLS_REQCERT/TLSVerifyClient syntax to 4 states: never,allow,try,
...
and hard/demand.
2002-01-27 02:56:18 +00:00
Howard Chu
c81d2bb855
Fix, errno was incorrect after SSL_read returned 0 bytes, caused slapd to
...
close the connection prematurely.
2002-01-26 13:43:22 +00:00
Howard Chu
25cd89b443
Use ber_scanf 'm' format for ignored UDP string
2002-01-17 23:30:05 +00:00
Kurt Zeilenga
7f0289a390
Move most of the new ber_*cmp routines to lber_pvt.h to keep them private,
...
rework them slightly to avoid computations which might result in underflow.
Rename them for consistency with other berval routines.
Remove some utf8 lint.
2002-01-16 18:16:15 +00:00