Commit Graph

1761 Commits

Author SHA1 Message Date
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Kurt Zeilenga
3dea614e99 cleanup 2002-12-31 05:55:06 +00:00
Pierangelo Masarati
d758296595 silence warnings 2002-12-23 12:02:29 +00:00
Howard Chu
8b3b044dac Fix ITS#2246, fix in rev 1.73 was in the wrong place 2002-12-20 00:33:10 +00:00
Howard Chu
0c2439f5ef Added subjectAltName:IPADDR tests to ldap_pvt_tls_check_hostname() 2002-12-18 21:43:17 +00:00
Howard Chu
c102809fab Use ber_flatten2 to avoid excess mallocs 2002-12-18 19:16:31 +00:00
Howard Chu
6a37f1ae80 Added ber_flatten2 - uses passed in struct berval, allocates copy or
directly re-uses existing ber buf.
2002-12-18 19:15:27 +00:00
Howard Chu
464292b50c Remove unneeded sasl_ssf param from ldap_int_sasl_open(),
it's set by ldap_int_sasl_external().
2002-12-18 03:09:52 +00:00
Howard Chu
95a512f849 Fix typo in UDP logmsg 2002-12-16 18:17:20 +00:00
Hallvard Furuseth
f77c8b567e Remove a useless function pointer cast. 2002-12-16 12:02:54 +00:00
Hallvard Furuseth
ae28aa57b2 Remove a bad function pointer cast. 2002-12-16 09:18:20 +00:00
Hallvard Furuseth
2bcb48361d Remove casts of AVL function pointers. 2002-12-14 22:25:52 +00:00
Howard Chu
e42209dd77 Fix previous commit, fstat arg was wrong. 2002-12-11 10:58:02 +00:00
Hallvard Furuseth
3b591dd4f6 Fix const errors. 2002-12-11 08:30:29 +00:00
Kurt Zeilenga
56ebd53e51 expand authid buffer 2002-12-08 07:56:49 +00:00
Kurt Zeilenga
840e7f2c5c Include <ac/unistd.h> not <sys/types.h> and <unistd.h>
Use sizeof( string ) to determine buffer size
Put authzDN in same for as used on server
(We could, just as well, set authid to "fubar" as it matters
not what it is set to)
2002-12-07 18:32:40 +00:00
Pierangelo Masarati
58c18226e0 on my system need headers to define geteuid() and so 2002-12-07 17:32:33 +00:00
Howard Chu
cf6a9d9d0f For LDAP_PROTO_IPC set the SASL EXTERNAL authid to allow the mech to be
used by the client side. Please review.
2002-12-07 13:06:20 +00:00
Howard Chu
1363d4bf1a Fix prev commit - require passed descriptor to be a pipe (FIFO) and
require it to only be accessible by its owner, otherwise ignore it.
2002-12-04 20:50:19 +00:00
Howard Chu
d7c0a19aab Added check for sendmsg(). Added hack to use BSD sendmsg()/recvmsg() to
propagate peer creds if no explicit PEERCRED facility exists. Works
on Solaris 8.
2002-12-04 16:03:02 +00:00
Kurt Zeilenga
eb41333e4c Use getpeereid(3) where available else use *_PEERCRED replacment function 2002-12-04 06:17:32 +00:00
Kurt Zeilenga
c0f8e30d22 cleanup 2002-12-04 05:13:14 +00:00
Kurt Zeilenga
73b4170a6c Rework libldap to not attempt to set LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE 2002-12-04 04:51:55 +00:00
Kurt Zeilenga
da76c1951e First-cut proxy authorization support. 2002-12-03 06:11:32 +00:00
Kurt Zeilenga
9ba95dd027 ITS#2221: getaddrinfo(3) not thread-safe on some platforms (namely
due to res_() routines).  Change all res_() dependent routines to
share same mutex.
2002-12-03 01:15:03 +00:00
Hallvard Furuseth
416aeb9347 Never let ldif_parse_line() return a NULL value with success. 2002-12-02 22:46:07 +00:00
Hallvard Furuseth
3121074ad7 Output from ldif_fetch_url() is expected to be \0-terminated. 2002-12-02 22:08:26 +00:00
Hallvard Furuseth
2dcf00b82f ldif_fetch_url() would return NULL value or pointless memory if file was empty 2002-12-02 21:46:58 +00:00
Kurt Zeilenga
1edcd14a79 Remove extraneous empty check 2002-12-02 18:46:53 +00:00
Hallvard Furuseth
cccc8702c6 Plug memory leak in ldif_parse_line() if ber_strdup( type ) failed && url. 2002-12-02 11:14:13 +00:00
Kurt Zeilenga
b215a1039b ITS#2218: fix empty values w/ spaces 2002-12-02 04:19:01 +00:00
Howard Chu
4056a8c8a7 Fix ITS#2200, must send non-NULL cred even if it's zero-length. 2002-11-28 16:15:27 +00:00
Kurt Zeilenga
661541fdfc Fix error handling 2002-11-28 04:36:22 +00:00
Kurt Zeilenga
5fe7d38e1c Add whoami.c and passwd.c and other minor tweaks to control cleanups 2002-11-28 02:44:38 +00:00
Kurt Zeilenga
235973571a proxy authz control (client only)
Misc control cleanups (client only)
2002-11-28 02:26:55 +00:00
Howard Chu
10a194feb5 ITS#2128, setvbuf is unreliable 2002-11-27 04:13:19 +00:00
Howard Chu
e721e6bec9 Fix ITS#2187, recursively free all requests 2002-11-27 03:57:36 +00:00
Howard Chu
1702d408bf ITS#2184 maxbuf tweaks from Larry Greenfield @ CMU 2002-11-27 03:51:46 +00:00
Kurt Zeilenga
6b42a33152 Reorder build order to ensure -llutil is available -llber and
-llber is available for -llunicode.  Add -llber to ucgendat
(to pick up snprintf).
2002-11-26 20:18:03 +00:00
Pierangelo Masarati
256f5bbe57 silence warnings 2002-11-10 19:57:16 +00:00
Howard Chu
5fe69447f8 Define DB_VERSION_X to make life easier when checking BDB versions. 2002-10-30 20:35:25 +00:00
Howard Chu
6b53b4c507 Plug memleak in previous commit 2002-10-24 23:51:34 +00:00
Howard Chu
ddfb4b775b Forced commit, undo previous accidental checkin. 2002-10-24 11:40:37 +00:00
Howard Chu
4396ad3316 ITS#2153, make sure sockbuf buffer is empty before returning (-2) from
try_read1msg. Blind fix, problem was not duplicated/tested.
2002-10-24 11:39:06 +00:00
Howard Chu
e2d245e698 Fix comment garbled in 2.1.6. (Very weird, how did this happen?) 2002-10-23 02:45:44 +00:00
Kurt Zeilenga
9cfcdc432b Fix ITS#2142 2002-10-17 16:55:42 +00:00
Kurt Zeilenga
75e1620ee4 Add copy of OPL 2.0.1 and note in files which specifically refer
to 2.0.1 as to the location to the copy.
2002-10-15 23:22:20 +00:00
Kurt Zeilenga
63e7c9e796 first cut at ditStructureRule and nameForm routines 2002-10-13 01:36:58 +00:00
Howard Chu
82eed24c3d Prefer thr_yield over sched_yield for Solaris 2002-10-12 01:21:21 +00:00
Howard Chu
a9fed89e3f In sb_tls_bio_read/write, check for EAGAIN in addition to EWOULDBLOCK.
According to read(2)/write(2) EAGAIN is the only one we're interested in.
Fixes HP-UX 11.
http://www.openldap.org/lists/openldap-software/200105/msg00564.html
2002-10-11 06:22:24 +00:00
Kurt Zeilenga
93046479ae better check of snprintf result 2002-10-11 02:51:09 +00:00
Luke Howard
a4ace0ba68 Fix crasher in ldap_domain2dn() 2002-10-10 08:59:19 +00:00
Kurt Zeilenga
cf318d2340 Add ditContentRule routines 2002-10-09 02:56:46 +00:00
Kurt Zeilenga
2a8d73e25a Bump EXBUFSIZ up a bit 2002-10-08 20:56:03 +00:00
Kurt Zeilenga
f833b02518 Fix realloc() bugs 2002-10-08 20:37:30 +00:00
Kurt Zeilenga
873a6802ab Plug memory leak (ITS#2126) 2002-10-08 19:45:01 +00:00
Howard Chu
e37ccca9aa Fix ldap_int_get_controls for optional values 2002-10-07 19:58:10 +00:00
Kurt Zeilenga
06aa7d8d43 Include <ac/bytes.h> after <ac/stdlib.h> to avoid problems
Linux on Alpha problems
2002-10-02 20:57:05 +00:00
Kurt Zeilenga
14ab87b54a MacOS 10.1 pthread_kill() workaround 2002-10-02 20:10:55 +00:00
Kurt Zeilenga
491e75548c ITS #2121 submitted by Dave Steck <dsteck@novell.com> with minor changes.
Patch to allow referrals to be read on synchronous non-search operations.
Treat referrals the same way as MatchDN or ErrorString values.
Store them in the ld structure and provide an option for ldap_get_option
to retrieve them
2002-10-02 19:14:02 +00:00
Kurt Zeilenga
ba6d2c5cc0 ITS#1502: fix NS-MTA-MD5 typo 2002-09-24 21:21:35 +00:00
Kurt Zeilenga
bbbf2f4ca7 Fix handling of non-critical controls for backends which
support no controls.
2002-09-24 18:20:59 +00:00
Howard Chu
9a8eadb9de Fix return values, set stack size. (Default is only 64K, far too small.)
Fixes the SEGVs from stack overrun, but slapd tends to get hung in select.
2002-09-21 01:41:45 +00:00
Howard Chu
2e6a83049e POSIX threads tweaks for Draft 4 vs Draft 5 2002-09-12 23:12:18 +00:00
Howard Chu
dfa8bdec60 Fine-tuning pthreads revision dependencies 2002-09-11 07:24:21 +00:00
Howard Chu
890d4b9449 Moved stdio replacements from liblutil lutil_* to liblber ber_pvt_*. 2002-09-10 00:47:32 +00:00
Kurt Zeilenga
007b618d99 Should resolve ITS#2071 2002-09-07 18:27:57 +00:00
Howard Chu
c9b7fc6407 New POSIX threads version support. Detects Draft 4,5,6,7,10 (final).
Should eliminate individual checks for pthread_yield, sched_yield,
and pthread_detach, but they're left in for now as a redundant check.
2002-09-07 14:09:09 +00:00
Kurt Zeilenga
11761fa6ca Add NT-MTA-MD5 Support.
Based, in part, from ITS#1502 submission from John Morrissey.

Copyright 2001, John Morrissey (jwm at horde dot net), All rights reserved.
This is free software; you can redistribute and use it under the same terms
as OpenLDAP itself.
2002-09-07 01:51:12 +00:00
Howard Chu
4d8a2e2815 Remove dependencies on HAVE_VSNPRINTF, use replacement in liblutil/stdio.c
if needed. Same check for snprintf.
2002-09-06 20:54:22 +00:00
Howard Chu
ee30206bc2 Merged ldap_get_values_ber into ldap_get_attribute_ber. 2002-09-06 04:57:21 +00:00
Howard Chu
6a903bc1e5 Added new ldap_get_{dn,attribute,values}_ber functions for linearly
processing a search entry. Avoids O(n^2) ldap_get_values() behavior.
2002-09-05 11:33:32 +00:00
Howard Chu
af05dd5511 Set SSL session cache context ID 2002-09-04 07:17:31 +00:00
Howard Chu
f83d30a727 Fix previous commit - still need X509_free for peer cert.
Just not for local/my cert.
2002-09-04 02:28:42 +00:00
Kurt Zeilenga
a83cc88edd Move ldap_control_dup() to ldap_pvt.h 2002-09-04 02:14:12 +00:00
Howard Chu
5d062ef54c Don't call X509_free after SSL_get_certificate, it's not a duplicate. 2002-09-04 01:56:09 +00:00
Howard Chu
3099d89d9e Don't use sasl_set_alloc on Cyrus 2, it manages all of its memory
internally and we don't want to get in the way.
2002-09-02 22:25:26 +00:00
Howard Chu
90b1e7bd45 Fix ldap_X509dn2bv, OpenSSL gives us DN attributeTypes in EBCDIC 2002-09-02 13:46:56 +00:00
Pierangelo Masarati
bcf7b47079 silence warnings 2002-08-31 10:54:58 +00:00
Pierangelo Masarati
aea52e5bc9 define macros for appropriate sizing of lutil buffers 2002-08-31 10:48:02 +00:00
Pierangelo Masarati
c76b36254c cleanup comments 2002-08-31 10:41:49 +00:00
Pierangelo Masarati
b8e6b2536a silence debug check 2002-08-31 10:41:11 +00:00
Howard Chu
17493164ea Fix previous commit 2002-08-31 06:23:46 +00:00
Howard Chu
e3304da727 OS/390 EBCDIC support 2002-08-31 05:14:43 +00:00
Howard Chu
d11b134709 Fix large SASL reads. Use EAGAIN instead of EWOULDBLOCK (was right the
first time after all. see read(2) and write(2)...)
2002-08-30 10:11:54 +00:00
Kurt Zeilenga
2de5c33ba7 Add manageDsaIt/NOOP control support to every tool.
Update NT build.
2002-08-29 21:52:45 +00:00
Pierangelo Masarati
3b799694ee reworking of threads in session handling 2002-08-29 19:44:02 +00:00
Pierangelo Masarati
864f05497e allow different solutions to debug sasl shutdown 2002-08-29 17:45:12 +00:00
Pierangelo Masarati
c2efb8788b when shutting down a server with open connections (back-{ldap,meta}),
the backend attempts a ldap_unbind() that results in calling
ldap_pvt_sasl_mutex_lock() with a NULL argument, causing a SIGSEGV.
I added a few assert() to catch this (I wonder if this might
be related to ITS#1982 "kill -INT corrupts database").
2002-08-29 16:03:38 +00:00
Howard Chu
1dd1c375bb Fix previous commit - use EWOULDBLOCK instead of EAGAIN 2002-08-29 13:38:36 +00:00
Howard Chu
456e6c73ab Fix ITS#1983, handle writing of large requests. Only one pending request is
allowed per LDAP* handle. It works, but needs review.
2002-08-29 12:12:36 +00:00
Pierangelo Masarati
519bf9e28a cleanup logging 2002-08-29 10:42:42 +00:00
Howard Chu
010dbff2cc Fix ITS#1983, in sb_sasl_write, set errno = EAGAIN to tell upper layers to
retry partial writes
2002-08-29 10:12:35 +00:00
Howard Chu
536019beb4 For ITS#1983, in ber_pvt_sb_do_write, partial writes are not failures 2002-08-29 09:46:19 +00:00
Howard Chu
5ec4ef6e59 Added no-op for SASL_VERSION_MAJOR < 2 2002-08-28 08:35:38 +00:00
Howard Chu
3cb7a09eb0 Added check for Cyrus SASL sasl_version() 2002-08-28 07:12:22 +00:00
Julius Enarusai
48593e1484 Fix compile error when --without-threads configure option is set. Function
headers differ from prototypes in ldap_pvt_threads.h
2002-08-26 19:26:09 +00:00
Kurt Zeilenga
7dc1e069e8 Increase res_query buffers to 64k 2002-08-24 17:03:24 +00:00
Kurt Zeilenga
8de258d2e2 Patch: 'ldapmodify -y file' reads password from file (ITS#2031)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
            ================
Adapted by Kurt Zeilenga for inclusion in OpenLDAP.  My comments are
marked with enclosed with square brackets (e.g. [Kurt's comment] below.
            ================

If I run ldapmodify & co from a script, I don't want to use '-W password'
because the password shows up in the output of 'ps' for everyone,
and I can't pipe the password to 'ldapmodify -w' because -w uses
getpassphrase() which reads from the tty instead of stdin.
So I added '-y file' which reads the password from file.  The programs
exit if the file cannot be read.

[Complete contents of file is used as password.  Use:
	echo -n "secret" > password
to create a file with "secret" as the password.  The -n avoids
adding a newline (which would invalidate the password).  Note
that echo is a builtin and hence its arguments are not visible
to 'ps'.]

I changed ldapmodify, ldapmodrdn, ldapdelete, ldapsearch, ldapcompare.
I did not bother to change ldappasswd and ldapwhoami, because they
prompt for many passwords.  [I fixed up ldapwhoami.]

Rerun autoconf after applying this patch. [Done.]

Note:  I do not know if Windows NT has fstat(), so I set HAVE_FSTAT to
undef in portable.nt.  (fstat() is used to warn if the file is publicly
readable or writeable.)  [I used fstat() to set the buffer size to
read.]

[Note: using the contents of a file extends the tools to support
passwords which could not normally be provided using getpassphrase()
or via the command line.]

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.
[Kurt D. Zeilenga <kurt@openldap.org>, Aug 2002.]
2002-08-24 05:47:17 +00:00
Howard Chu
8c30114d84 Added thread-pool getkey/setkey functions 2002-08-24 05:39:43 +00:00