Commit Graph

21 Commits

Author SHA1 Message Date
Kurt Zeilenga
29d9fa20a2 Y2k copyright update 2000-05-13 02:36:07 +00:00
Kurt Zeilenga
8c15a05b2e Make sure we don't overallocate callbacks 2000-05-12 19:41:18 +00:00
Kurt Zeilenga
643864c569 Change negotiated mechanism:
If application provide one, use it.  If application doesn't
	provide one, use best of server advertised.
Fix SASL/ANONYMOUS (not normally used, but should work)
PLAIN is not currently working... might be local to me as my
Cyrus installation is a bit hosted.
2000-05-11 20:16:26 +00:00
Kurt Zeilenga
0d6e1a4cbe Fix cred passing. 2000-05-11 01:40:02 +00:00
Kurt Zeilenga
d0555fffe6 Error handling changes including separation of client v. server
SASL to LDAP translation.  plus comments and other minor changes
2000-05-03 18:59:58 +00:00
Kurt Zeilenga
c02d7e2cb6 ITS#503: Extend ldap tools to support SASL/TLS
Submitted by Gabor Gombas <gombasg@inf.elte.hu>
2000-04-20 09:23:51 +00:00
Kurt Zeilenga
870dbca576 objectclass=* -> NULL 2000-04-12 01:00:48 +00:00
Kurt Zeilenga
117b6a91d0 More fixes and comments 2000-03-14 04:08:12 +00:00
Kurt Zeilenga
c43fec53f5 Cyrus SASL uses screwy terms. 2000-03-14 03:08:46 +00:00
Kurt Zeilenga
5701fec1b5 correct callback numbering 2000-03-14 02:59:53 +00:00
Kurt Zeilenga
17527368d1 work args of ldap_negotiated_sasl_bind_s() and provide examples
with authentication id and authorization ids.  Note: this routine
doesn't actually negotiate anything.  It likely should be renamed
ldap_sasl_auth_s() or ldap_sasl_bind_multistep() or something.
2000-03-14 02:54:08 +00:00
Luke Howard
30522f7437 Changed (!strcmp(...)==0) to (strcmp(...)==0); obviously
wrong. Fix from adamson@andrew.cmu.edu.
2000-02-01 23:34:16 +00:00
Luke Howard
6a06fb7fba In ldap_pvt_sasl_init() treat subsequent invocations as no-ops, not error. 2000-01-16 01:29:15 +00:00
Kurt Zeilenga
6437785a82 Initial implementation of Kerberos password verification for
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Luke Howard
5a0bbd7eed Imported <ldap.h> in <ldap_pvt.h> so ldap_pvt_sasl_bind() has necessary
types. Changed const sasl_callback_t * to LDAP_CONST sasl_callback_t *.
2000-01-05 12:56:17 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library;
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
2000-01-02 01:21:25 +00:00
Kurt Zeilenga
ab7c490960 Add BINDDN user-only directive to .ldaprc
Used only for simple bind when dn == NULL and password != NULL.
1999-12-17 03:27:16 +00:00
Kurt Zeilenga
18fad04e69 Fix == != typo 1999-12-12 05:02:03 +00:00
Kurt Zeilenga
c1a31ac9a2 Fix decoding of sasl bind and extended operation responses. 1999-12-12 03:16:46 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Kurt Zeilenga
80e5e3fead First cut at SASL routines. 1999-06-28 22:19:21 +00:00