Commit Graph

22820 Commits

Author SHA1 Message Date
Ryan Tandy
e9543da971 ITS#9215 Define _XOPEN_SOURCE for glibc only 2020-04-23 13:19:33 -07:00
Isaac Boukris
7b0017ad49 ITS#9189 add channel-bindings tests 2020-04-23 21:00:39 +02:00
Isaac Boukris
3cd50fa8b3 ITS#9189 rework sasl-cbinding support
Add LDAP_OPT_X_SASL_CBINDING option to define the binding type to use,
defaults to "none".

Add "tls-endpoint" binding type implementing "tls-server-end-point" from
RCF 5929, which is compatible with Windows.

Fix "tls-unique" to include the prefix in the bindings as per RFC 5056.
2020-04-23 21:00:39 +02:00
Quanah Gibson-Mount
96fedda628 ITS#5573 - Expose contextCSN, entryCSN in subschema entry 2020-04-22 18:59:38 +00:00
Ryan Tandy
0c4ee60aa8 ITS#8224 Regenerate configure 2020-04-22 11:31:01 -07:00
Ryan Tandy
2678a32a98 ITS#8224 Consolidate configure options validation 2020-04-22 16:18:50 +00:00
Ryan Tandy
5144fba8d1 ITS#8224 Simplify slapd minimal built-in backend check
--enable-slapd=auto is now implicitly handled the same as =yes.
2020-04-22 16:18:50 +00:00
Ryan Tandy
a2882e5eae ITS#8224 Simplify --disable-slapd logic 2020-04-22 16:18:50 +00:00
Ryan Tandy
eadba4d0fe ITS#8224 Use AS_HELP_STRING to indent configure options consistently 2020-04-22 16:18:50 +00:00
Ryan Tandy
82c8d3eb5d ITS#8772 Remove --with-threads=mach option 2020-04-22 16:18:50 +00:00
Quanah Gibson-Mount
21e48fad18 ITS#6740 - regenerate configure 2020-04-22 16:11:33 +00:00
Quanah Gibson-Mount
bc9a92866a ITS#6740 - Always enable rewrite 2020-04-22 14:49:10 +00:00
Quanah Gibson-Mount
1f4d4c9536 ITS#9230 - Update truncate man page information for 2.5 and later 2020-04-22 00:37:23 +00:00
Quanah Gibson-Mount
58b89e0920 ITS#9207 - regenerate 2020-04-20 21:42:11 +00:00
Quanah Gibson-Mount
8505f774a5 Update to drop NON_BLOCKING ifdefs that were only really for moznss 2020-04-20 21:38:01 +00:00
Quanah Gibson-Mount
a019e7fe1a ITS#9207 - Remove MozNSS code and documentation 2020-04-20 21:38:01 +00:00
Isaac Boukris
3dd0d77d1a gitlab: add krb5 packages for gssapi tests and a second build 2020-04-19 11:10:50 +03:00
Isaac Boukris
8e3e85e329 auth: add SASL/GSSAPI tests 2020-04-19 11:10:50 +03:00
Howard Chu
94ef2c9b43 ITS#9209 quote test argument 2020-04-18 01:30:08 +01:00
Ryan Tandy
bfb20d3ef9 ITS#9087 Regenerate configure 2020-04-17 16:08:54 -07:00
Ryan Tandy
84ab23f37f ITS#9087 Let configure detect cross windres tool 2020-04-17 21:39:52 +00:00
Chris Zagar
7985626fae ITS#9087 - Change hard-coded windres to $(RC) to support mingw cross-compiling 2020-04-17 21:01:05 +00:00
Howard Chu
c5acb1d377 ITS#9209 fix test 2020-04-17 21:00:07 +01:00
Ryan Tandy
db404baf15 ITS#9226 Fix link order for rewrite program on MinGW 2020-04-16 19:35:53 -07:00
Howard Chu
bcb0af6262 ITS#6745 slapd daemon: use separate emfile mutex 2020-04-17 02:46:10 +01:00
Ryan Tandy
d5e133f459 ITS#9181 fix ldap_pvt_thread_mutex_t used before its definition 2020-04-16 19:15:31 +00:00
Ryan Tandy
7ce474050e ITS#6035 Fix test076 to specify SASL mech 2020-04-16 09:51:28 -07:00
Ondřej Kuzník
550476b5ad ITS#9112 Silence warnings 2020-04-16 16:41:35 +00:00
Ondřej Kuzník
8f01fdec36 ITS#8731 Remove unused arguments 2020-04-16 16:41:35 +00:00
Ondřej Kuzník
65d0936811 ITS#8245 Silence warning 2020-04-16 16:41:35 +00:00
Quanah Gibson-Mount
8a677f65f0 ITS#6937 -- regenerate configure/portable.hin 2020-04-16 15:14:59 +00:00
Quanah Gibson-Mount
a97eed06f0 ITS#6937 - Remove unused proctitle bits 2020-04-15 19:32:28 +00:00
grapvar
a5e17673a6 ITS#9214 slapd-mdb: plug cursor leak in dnSuperiorMatch filter 2020-04-15 00:14:37 +01:00
Quanah Gibson-Mount
f747d61922 ITS#9213 -- Regenerate configure 2020-04-14 22:20:38 +00:00
Ryan Tandy
5368e22bf2 ITS#9213 Make --enable-modules imply --enable-dynamic
The default for --enable-dynamic is now "auto", meaning "yes" if
--enable-modules and "no" otherwise.
2020-04-14 12:10:06 -07:00
Ryan Tandy
38f9dd2fb8 ITS#7878 Replace uint32_t with unsigned in back-mdb
init.c: align mi_dbenv_flags and flags with mdb_dbi_open, which declares
flags as unsigned int.

search.c: align mi_rtxn_size with ARG_UINT; adjust ww_ctx.nentries to
silence a warning about signed/unsigned comparison.

config.c: parse checkpoint config more carefully. Reject negative or
unreasonably large values for kbytes and minutes. Ensure both values are
parsed successfully before making any changes.

Fixes a compilation failure under MinGW, where stdint.h types are not
implicitly pulled in by other headers.
2020-04-14 10:04:33 -07:00
Ryan Tandy
feb6f21d2e ITS#9203 Remove default values from slapd-pw-argon2.5
The defaults vary by crypto library and possibly even version, so it's
not worth trying to keep them accurate.
2020-04-14 09:26:19 -07:00
Ryan Tandy
0ec42b08b4 ITS#9206 Use argon2id default values explicitly 2020-04-14 09:26:19 -07:00
Ryan Tandy
307b06ff40 ITS#9206 Convert libsodium default memlimit to KiB 2020-04-14 09:26:19 -07:00
Ryan Tandy
6485667711 ITS#9206 Initialize libsodium before calling its functions 2020-04-14 09:26:19 -07:00
Peter Marschall
40ce9a46c9 ITS#9206 contrib/passwd/argon2: consolidate libsodium implementation
* use 'crypto_pwhash_str_alg(..., crypto_pwhash_ALG_ARGON2ID13)' to set
  the algorithm to Argon2.
  According to libsodium's documentation, the original 'crypto_pwhash_str()'
  only guarantees a "memory-hard, CPU-intensive hash function", but not
  necessarily Argon2.  Although in released versions of libsodium Argon2 is
  the only implemented backend, this may chane in the future.
* multiply the 'memory' parameter by 1024 to align it with the libargon2
  implementation. The objective is to have consistent configuration in
  OpenLDAP's pw-argon2 module no matter what backend implementation is used.

Signed-off-by: Peter Marschall <peter@adpm.de>
2020-04-14 09:26:19 -07:00
Ryan Tandy
2be4576a0c ITS#9203 slapd-argon2 -> pw-argon2
Based on initial patch by Peter Marschall.
2020-04-14 09:26:19 -07:00
Peter Marschall
5c20342baa ITS#9203 contrib/passwd/argon2: add manual page
Add manual page slapd-pw-argon2.5 and make sure it gets installed.

Signed-off-by: Peter Marschall <peter@adpm.de>
2020-04-14 09:26:19 -07:00
Ondřej Kuzník
f6d9fdc4f1 ITS#9043 Improve replication loggging 2020-04-14 09:58:03 +01:00
Ryan Tandy
bbe20cbf4c ITS#8731 cleanup unused logbuf 2020-04-13 18:57:50 +00:00
Ryan Tandy
e18764465f ITS#9212 Restore snprintf to caller-provided buffer
76df74dbea removed some snprintfs to
buffers that are actually returned to the client. Restore these.
2020-04-13 18:57:50 +00:00
Quanah Gibson-Mount
e50741e459 ITS#6567 - More cleanup 2020-04-13 17:19:35 +00:00
Howard Chu
735e1ab14b ITS#8650 loop on incomplete TLS handshake
Always retry ldap_int_tls_connect() if it didn't complete,
regardless of blocking or non-blocking socket. Code from
ITS#7428 was wrong to only retry for async.
2020-04-12 23:51:09 +01:00
Quanah Gibson-Mount
c6493c45b5 ITS#6567 - Remove non-cyrus-sasl GSSAPI bits 2020-04-10 18:19:33 +00:00
Quanah Gibson-Mount
5ba456b23d ITS#9177 -- regenerate 2020-04-10 18:14:45 +00:00