Commit Graph

374 Commits

Author SHA1 Message Date
Kurt Zeilenga
0e920e9d29 Back out last change 2000-08-31 20:53:12 +00:00
Kurt Zeilenga
78f6d75586 Fix URI 2000-08-31 20:52:14 +00:00
Kurt Zeilenga
f6a1c05b68 Add missing fprintf param 2000-08-25 23:51:10 +00:00
Kurt Zeilenga
ef3fb24f39 Fix typo which escaped my obviously flawed midnight test
(I must have been dreamed that the 'make test' completed
successfully)
2000-08-25 23:46:09 +00:00
Kurt Zeilenga
e97cdfb7a9 Add support of "-H uri" 2000-08-25 05:31:29 +00:00
Randy Kunkee
45ef1d2c90 Clean up lint. 2000-08-23 22:49:44 +00:00
Kurt Zeilenga
d95e350832 Fix up examples, X.500 references, etc. 2000-08-21 03:08:58 +00:00
Kurt Zeilenga
25a9f7427d Remove CLDAP cruft 2000-08-18 04:25:00 +00:00
Kurt Zeilenga
c243a6fa92 ITS#657: Added command-line switch for searchbase to in.xfingerd
ITS#658: man page
 from Tom Jordan <tjordan@doit.wisc.edu>
2000-08-16 20:27:17 +00:00
Kurt Zeilenga
5b856458a2 s/SAFEMEMCPY/AC_MEMCPY/
Use AC_FMEMCPY where appropriate (-llber)
2000-07-28 01:07:07 +00:00
Kurt Zeilenga
fc6c7fefcc Fix empty AND/OR search list bug 2000-07-27 23:08:48 +00:00
Kurt Zeilenga
cd5aed0bbe Use sigaction to set SA_RESTART (if appropriate).
Portability of this code needs to tested.
2000-07-22 00:37:51 +00:00
Kurt Zeilenga
0f5c87a41c Clean up usage() 2000-07-17 21:54:20 +00:00
Kurt Zeilenga
6393523ffa Expose sasl flags to -lldap (so they can be quiet)
Fix interactive and automatic modes.  Quiet needs work.
2000-07-17 21:23:59 +00:00
Kurt Zeilenga
95eea5accc First cut SASL "interactive" and "quiet" modes (default is "automatic") 2000-07-17 00:56:29 +00:00
Kurt Zeilenga
6454508ec6 Update usage to note that user may not be represented by a DN 2000-07-16 00:28:57 +00:00
Kurt Zeilenga
908368a245 Fix authmethod defaulting 2000-07-16 00:23:41 +00:00
Kurt Zeilenga
2c323d2b2a Add -x (simple authentication) 2000-07-16 00:21:41 +00:00
Kurt Zeilenga
1e562b0d1f Make it all work. 2000-07-16 00:14:08 +00:00
Kurt Zeilenga
4d45c61600 Cleanup previous commit 2000-07-15 23:34:27 +00:00
Kurt Zeilenga
d2b05a3858 Rework SASL command line arguments. Default is now to authenticate
using best available mechanism.  (authzid prompting to be disabled)
To use simple bind, -x is required (implied if -P 2) with -D/-[Ww]
To use simple "anonymous" bind, just -x will do.
2000-07-15 23:25:46 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session.
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
9488612057 Use setproctitle correctly 2000-07-06 20:36:23 +00:00
Kurt Zeilenga
04bfb7efe4 Add missing EOL 2000-07-05 23:11:37 +00:00
Kurt Zeilenga
f6cda93bd1 Correct improper ldap_result() result checking... 2000-07-04 21:59:41 +00:00
Kurt Zeilenga
20e6dcec3b Improved but still broken client tools. 2000-07-04 21:49:00 +00:00
Kurt Zeilenga
8be1d467b8 Add reporting of LDAPv3 referrals. Should also report returned controls.
Also, as written, the code will behave better in the face of unsolicited
noticifications (such as notice of disconnect).  However, code needs to
be improved to better distinguished such from expected result response.
Delete improvements are limited to base object delete.  Should be applied
to -p[rune] option as well.
2000-07-03 19:03:22 +00:00
Kurt Zeilenga
3f6e23cb0c Add LDAPv3 rename support 2000-06-29 19:35:51 +00:00
Kurt Zeilenga
51bacc2c99 Do not include <lber.h> 2000-06-26 01:24:03 +00:00
Kurt Zeilenga
e2fa599482 Move old files to the Attic 2000-06-25 22:01:42 +00:00
Kurt Zeilenga
1a862732ee Fail if ldap_set_option fails 2000-06-25 18:17:47 +00:00
Kurt Zeilenga
bf9231ac40 Round 2 of tools work.
-R now ignored
-C added to chase.  No rebind proc yet, no checking of appropriate authentication.
complain if non-critical TLS was not started.
Fail if requested version is not supported.
ldapdelete:
  deletechildren modified to use ldap_search_ext_s()
  fixed deletechildren dn memory leak
ldapsearch:
  modified to use ldap_search_ext()
2000-06-25 18:07:15 +00:00
Kurt Zeilenga
5f20cf1ed5 Modify ldapsearch(1) significantly. Now handles LDAPv3 search
references, extended results, and extended partial results.  LDIF
extended to support these new features and reported version 2.
-L now limits output to LDIFv1 for compatibility reasons.  No
-L is now LDIFv2.  Old alternative form is no longer supported.

Use LDAP_TMPDIR (in ldap_config.h) instead of hardcoded /tmp
Use LDAP_FILE_URI_PREFIX (in ldap_config.h) instead of hardcoded
	file://tmp/
2000-06-25 00:35:17 +00:00
Kurt Zeilenga
49f4147385 Added -llber 'N' ber_printf format which inserts a NULL if
an internal flag set.  Used for SEQUENCE testing.  Flag must
be set using debugger.  Modified ber_printf to use new format
were needed for extensibility testing.

Added first cut -lldap support for extended responses.
Modified ldapsearch(1) to handle v3 search references when not
chasing.  Also added extended/unsolicited notification handling
and extended partial response handling.  Changes include a
number of LDIF enhancements.

Fixed getpassphrase() returns NULL bugs
2000-06-24 01:40:39 +00:00
Kurt Zeilenga
f48234f5bf No need to include <lber.h> 2000-06-20 17:02:19 +00:00
Kurt Zeilenga
e7791e2f93 Adjust -Z[Z] usage statements
Change ldapsearch to only produce LDIF.
2000-06-19 16:19:59 +00:00
Kurt Zeilenga
9ef1a740c2 Round one of LDAP_F() macro changes. In this round we rename
macros into our namespace and limit use to headers.  A subsequent
round will add macros to separately handle forward declarations
of variables from declaration of function prototypes.  The last
round will add additional macros for declaring actual variables and
functions.
2000-06-18 19:48:07 +00:00
Kurt Zeilenga
701cc91e8d Fix getpassword bug 2000-06-14 03:07:33 +00:00
Kurt Zeilenga
5417fdfea7 Rename ldap_start_tls() to ldap_start_tls_s() for consistency sake.
Misc other header changes.
2000-06-13 20:45:30 +00:00
Kurt Zeilenga
a56c161bdb Misc code cleanup. 2000-06-10 22:39:30 +00:00
Kurt Zeilenga
40b71cd8e8 undef DEFSEP before defining it 2000-06-10 07:19:07 +00:00
Julio Sánchez Fernández
05d1caad05 Added maildap. 2000-06-09 00:45:59 +00:00
Julio Sánchez Fernández
13e263d895 A few name changes. 2000-06-09 00:43:24 +00:00
Julio Sánchez Fernández
927d58171b The experimental mail500 has been renamed as maildap. This is an exact
copy of the code formerly in mail500, to properly track changes.  An
exception is mail500.m4 that has been committed as maildap.m4 directly
to avoid breaking history twice.
2000-06-09 00:03:39 +00:00
Julio Sánchez Fernández
8d6fffc9ba The old mail500 is back restored as of 1999/06/30, plus a few updates
to put it in line with current practices.  Most likely I got them wrong,
so maight not even compile right now.
2000-06-08 23:58:19 +00:00
Kurt Zeilenga
e5ebc553ac Rework URI parser to provide true scheme not proto/properties.
Plus more pthread rwlock code
2000-06-07 01:09:40 +00:00
Kurt Zeilenga
51e619d424 Add ManageDSAit support to back-dnssrv
Fix backend critical controls crash
Move 'associatedDomain' to core.schema
2000-06-05 03:10:46 +00:00
Kurt Zeilenga
ea069cb7c2 New indexer/filter codes (test suite works) with cheats
Updated NT Project files (with Cyrus SASL library depend)
2000-06-04 22:59:38 +00:00
Kurt Zeilenga
781a8e2afc Use ldap_parse_result instead of deprecated ldap_result2error 2000-06-03 16:28:47 +00:00
Kurt Zeilenga
34edec3107 Strip installed executables
better library clean
2000-05-30 18:23:56 +00:00
Kurt Zeilenga
dfc850ceb3 Force referrals on 2000-05-29 20:43:29 +00:00
Kurt Zeilenga
8045b54124 Use getpassphrase() instead of getpass() if available. 2000-05-19 18:41:26 +00:00
Kurt Zeilenga
c923fe5401 s/bindpw/passwd/ 2000-05-16 05:08:25 +00:00
Kurt Zeilenga
9267700fb9 Fix password handling for SASL 2000-05-16 02:16:54 +00:00
Kurt Zeilenga
ebfe58344c Fix sasl passwd handling (needs to be copied to other tools) 2000-05-16 01:45:15 +00:00
Kurt Zeilenga
0bb431d3b3 Y2k copyright update 2000-05-13 02:25:54 +00:00
Howard Chu
3ea2de7a86 Fix off-by-one in allocation of urlpre 2000-05-11 21:21:18 +00:00
Kurt Zeilenga
643864c569 Change negotiated mechanism:
If application provide one, use it.  If application doesn't
	provide one, use best of server advertised.
Fix SASL/ANONYMOUS (not normally used, but should work)
PLAIN is not currently working... might be local to me as my
Cyrus installation is a bit hosted.
2000-05-11 20:16:26 +00:00
Kurt Zeilenga
d25f52be38 s/cmds/rcpt_cmds/ to avoid conflict with Linux Redhat "prandom". 2000-05-09 17:25:59 +00:00
Kurt Zeilenga
0d1e76246a Don't depend error handling on exact resultCode. 2000-04-26 09:21:19 +00:00
Kurt Zeilenga
fe8be04237 Fix typos in version checking 2000-04-25 10:30:42 +00:00
Ben Collins
50a41f3ee2 when opening files in /tmp use O_CREAT|O_EXCL to overcome race conditions 2000-04-24 16:42:16 +00:00
Ben Collins
97493c3404 with the -t option (writing to /tmp) open files with O_CREAT|O_EXCL to overcome race conditions 2000-04-24 16:41:36 +00:00
Kurt Zeilenga
4ecf780e48 StartTLS requires LDAPv3
Set version to required protocol.
2000-04-20 14:15:39 +00:00
Kurt Zeilenga
c02d7e2cb6 ITS#503: Extend ldap tools to support SASL/TLS
Submitted by Gabor Gombas <gombasg@inf.elte.hu>
2000-04-20 09:23:51 +00:00
Kurt Zeilenga
72c0de5d95 #define LDAP_LDIF to default to LDIF input
Fix ldaphost == NULL bug
2000-04-12 01:03:51 +00:00
Kurt Zeilenga
6b4aac2678 #define LDAP_LDIF to default to LDIF output 2000-04-12 01:02:58 +00:00
Kurt Zeilenga
870dbca576 objectclass=* -> NULL 2000-04-12 01:00:48 +00:00
Julio Sánchez Fernández
0dbd442090 Checking uninitialized variables.
Add addresses optimization to rfc822-ext too.
2000-04-10 12:11:20 +00:00
Julio Sánchez Fernández
36a4ed4f59 Added a method to make delivery to the local mailbox conditional on
the presence of a certain value in some other attribute.  Used to
implement mailForwardingAddress both in addition to normal delivery
and excluding normal delivery, selectable entry by entry.  The model
is mailDeliveryOption in Netscape MS.  The implementation aims to
become more general, though.  Affects "search-with-filter", any
entry can potentially use a parameter, introduced with "param=".

Optimize the case where we have to copy the message to an address that
is served by the directory.  Formerly, we would have the MTA deal with
it and invoke mail500 again later.  This has necessitated loading the
list of domains that are solved by us with "domain".  A new definition,
"host", takes the role of the old "domain" that was the FQDN of our
host for routing loop avoidance.
2000-04-07 15:00:22 +00:00
Julio Sánchez Fernández
8d6808862f The old mail500 had a method to try to translate the local address
part into something to check against the cn of entries.  It is
supported again thorugh the selector %s in the search.
Explicitly initialize some pointers in automatic storage.
2000-04-06 16:16:46 +00:00
Julio Sánchez Fernández
4cf241aa69 Added support for doing routing at the MTA, that is the right thing
anyway.  A new syntax is defined, "present", that indicates that
values of an attribute type are not used, only presence is
significant.  To do routing at the MTA, define both mailHost and
mailRoutingAddress with syntax "present".  Otherwise, use "host" and
"rfc822" and mail500 will try to do routing by itself, if possible.
Read the comments in the code for the ugly details.
Added a new configuration line "own-address" that describes the FQDN of
our host to compare with mailHost.  The line can be repeated.
2000-04-05 19:15:33 +00:00
Julio Sánchez Fernández
88e1ffcde1 The approach used was not powerfull enough to deal with things like
nested groups or the laser mail routing draft.  Mostly, this is
because a flag saying the attribute type is 'final' is not flexible
enough.  The old 'final' flag is gone and replaced by a priority
level.

Change 'forward' to 'route' to be consistent with the laser wording.

Add new 'domain' spec in the configuration file to describe what are
the local domains so that we do not loop when doing the laser thing.

We were escaping asterisks in filters.  This seems incorrect.  Removed.
2000-03-23 16:19:01 +00:00
Kurt Zeilenga
3d4122962f Add print.c to handle GeneralizedTime.
Add creat* modify* attributes
2000-01-17 17:41:11 +00:00
Kurt Zeilenga
6437785a82 Initial implementation of Kerberos password verification for
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Julio Sánchez Fernández
7b2f498415 Fix the prior fix. 1999-12-15 19:10:08 +00:00
Julio Sánchez Fernández
d660a5cc93 The group list was being managed as an array of Group. This was
extremely broken and I can only wonder how I got some much mileage out
of it.  The problem is that we deal with pointers to the groups
themselves, either in current_group or current_to and current_nto.
These pointers would break on reallocs.  So now the the basic togroups
is an array to pointers to Group.  Since the array can be resized at
any time, what we actually pass around is pointer to an array of
pointers to Group or Group ***.
1999-12-15 18:55:19 +00:00
Kurt Zeilenga
b1639dadd6 Remove lint
Add copyrights
1999-12-13 04:53:59 +00:00
Kurt Zeilenga
cd5c29cdc4 Add checks to ensure arguments are consistent (v2 vs v3). 1999-12-12 05:05:20 +00:00
Kurt Zeilenga
fe5608c4d5 Wrap request/response bervals in a sequence. 1999-12-11 19:33:45 +00:00
Kurt Zeilenga
041c1545e8 Update usage and man page. 1999-12-10 04:59:28 +00:00
Kurt Zeilenga
431dad371c Fix slapd SASL/ExternalOps encoding
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
1999-12-10 04:52:32 +00:00
Kurt Zeilenga
354d0d5b50 Modify password code such that backend end routine calls into
frontend to complete parsing of extended op reqdata.
Modify password extended operation to allow optional id (DN)
entry to change (not tested).  Also, provide room to allow
server side password generation (not implemented).  Added optional old
password field to support proxying (not implemented).
Need to implement replog() support.
1999-12-09 21:30:32 +00:00
Kurt Zeilenga
26c7d69e8c Update for new password codes for MSVC5 1999-12-08 06:44:22 +00:00
Kurt Zeilenga
d5edb4bff6 Reengineered ldappasswd(1). Uses extended operation to set
user password.  Likely to be modified to use bind control
instead.  Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Kurt Zeilenga
5d5588836f Fix ldap_rename parameter order (ITS#387) 1999-12-04 17:19:11 +00:00
Gary Williams
6ec31e98ac No one complained, so here's the change to ldapdelete to add a -r switch to allow a branch of a directory tree to be removed. The DN provided is searched recursively until the leaf nodes are hit, then everything is deleted. 1999-12-03 18:29:03 +00:00
Howard Chu
59dc262dc4 Removed RCS keywords from header comment. 1999-11-24 07:25:31 +00:00
Kurt Zeilenga
3a0d0dd29b Less crypto error message... 1999-11-19 02:03:31 +00:00
Kurt Zeilenga
be51328c8b ITS#349: if user hits RETURN at "Change base to?", return to UD prompt. 1999-11-17 21:50:35 +00:00
Kurt Zeilenga
5f6f7d06a6 ITS#352: don't pring NULL group names. 1999-11-17 21:47:08 +00:00
Kurt Zeilenga
a5dad347c2 ITS#356: don't print entry if name is NULL. 1999-11-17 21:39:39 +00:00
Kurt Zeilenga
eb000d9e6a no UD_BASE to use for my_ldap_dn2ufn(). Comment out strstr(s,NULL). 1999-11-03 22:02:30 +00:00
Kurt Zeilenga
14f107e9ed Changes to support NT single debug 1999-11-01 22:17:06 +00:00
Kurt Zeilenga
b7af076fee Use centralized output directories.
Update single debug/release not to use service manager nor event manager.
Likely breaks MINGW32 port.
1999-11-01 21:25:22 +00:00
Kurt Zeilenga
bb1b81473b Add configure tests for ssize_t and caddr_t and remove NT preamble
(excepting WIN32_LEAN_AND_MEAN).  Rework openlog/closelog use to
eliminate need for defines.
1999-11-01 18:14:26 +00:00
Kurt Zeilenga
4cc712db53 Add <ac/param.h> to wrap <sys/param.h> 1999-11-01 17:21:24 +00:00
Howard Chu
17e1877a12 Fix broken MSVC builds. The previous round of Mingw32 patches changed some
ifdefs to depend on _WINNT, which is bogus. Added _WIN32 back on these ifs,
and fixed some other include problems.
1999-10-31 02:26:41 +00:00
Kurt Zeilenga
baa34f752b Do not attempt to obtain sizeof(sin_addr.s_addr) or &sin_addr.s_addr
as s_addr member of in_addr may be a bitfield.
1999-10-30 04:58:06 +00:00
Kurt Zeilenga
c508288fca Add comment to top of sendmail.cf to discourage directory mucking
with .cf files...
1999-10-28 22:19:36 +00:00