Hallvard Furuseth
f906a99eec
Only define x509_cert_get_dn() when HAVE_GNUTLS. Remove unused variable.
2007-05-18 15:10:15 +00:00
Hallvard Furuseth
7372fea8b5
printf format paranoia: macros could be changed to contain format chars
2007-05-18 14:48:28 +00:00
Hallvard Furuseth
d84399e344
Unused varaibles
2007-05-18 14:46:52 +00:00
Hallvard Furuseth
4caf7faa74
Warning cleanup (avoid cast double return val -> integer, gcc gets suspicious)
2007-05-18 14:45:56 +00:00
Hallvard Furuseth
861babae6f
include lber-int.h (for rev 1.396 certificate changes)
2007-05-18 14:41:28 +00:00
Pierangelo Masarati
7b7676a9fa
...
2007-05-17 13:57:20 +00:00
Hallvard Furuseth
870f869dfb
Header nitpick
2007-05-16 23:28:58 +00:00
Hallvard Furuseth
a12a4029ae
SEE ALSO slapcat(8), slapd-ldif(5)
2007-05-16 23:27:41 +00:00
Hallvard Furuseth
2f0e73f531
Clarify "bind on"
2007-05-16 23:23:48 +00:00
Hallvard Furuseth
ec9322c301
Explain rootDSE
2007-05-16 23:23:02 +00:00
Pierangelo Masarati
978c3609e0
allow array of more generic syntaxes
2007-05-16 09:13:14 +00:00
Pierangelo Masarati
eb5d285a1b
allow attribute inheritance with syntax restriction (please review)
2007-05-16 01:40:34 +00:00
Pierangelo Masarati
dd3f101ff8
further cleanup round in back-relay database selection; cleanup
2007-05-16 01:39:41 +00:00
Pierangelo Masarati
c30ae47206
check for NULL dn in URL; set error code before seding extended response (partially addresses ITS#4968)
2007-05-15 22:29:06 +00:00
Howard Chu
d9a43aee44
Fix GNUtls acknowledgement, initial work by Matt Backes. Sponsored by
...
The Written Word and Stanford University.
2007-05-14 23:35:36 +00:00
Howard Chu
093f52e44d
ITS#4961 disable schema checking on contextCSN update
2007-05-14 21:25:48 +00:00
Ralf Haferkamp
6ee5d7d3da
make openssl builds working again
2007-05-14 12:19:32 +00:00
Pierangelo Masarati
bf144a4ec0
apply fixes in ITS#4951 (tested)
2007-05-13 23:14:55 +00:00
Hallvard Furuseth
7720844624
Reapply part of rev 1.2 warning cleanup, it was lost in next revision
2007-05-13 22:32:33 +00:00
Howard Chu
423f20c915
GNUtls - ignore free of NULL ctx
2007-05-13 09:43:41 +00:00
Howard Chu
5f36d32596
Don't NUL-terminate bervals during DN parsing
2007-05-13 09:37:37 +00:00
Howard Chu
97b0c98ab5
Don't use strdup on bervals
2007-05-13 09:36:52 +00:00
Howard Chu
6d01c81596
Test no longer depends on --with-tls
2007-05-13 09:35:57 +00:00
Howard Chu
9688a3ae7e
Added GNUtls notes
2007-05-13 01:59:46 +00:00
Howard Chu
bdd8bf4133
Add CRLfile option for GNUtls
2007-05-13 01:34:12 +00:00
Howard Chu
f3c9d552dd
Use liblber for certificate Validation, Normalization
2007-05-13 01:27:51 +00:00
Howard Chu
47a8f3213b
Merged GNUtls support into main tls.c
2007-05-13 00:15:27 +00:00
Howard Chu
93e1da43e9
No more dependency on OpenSSL
2007-05-12 23:44:58 +00:00
Hallvard Furuseth
b6bb36eaf1
Add back-monitor (and its OID arc) to Backend/Database registry
2007-05-12 17:55:37 +00:00
Pierangelo Masarati
f2d213d73f
if no database can be looked up, don't send result when not appropriate
2007-05-12 13:09:48 +00:00
Pierangelo Masarati
d12592ca3c
don't try to lookup a database when there's no request DN
2007-05-12 13:07:17 +00:00
Pierangelo Masarati
7601a1f3fb
fix read off by one (spotted by valgrind)
2007-05-12 12:38:09 +00:00
Hallvard Furuseth
dfc10014b1
Fix for !(LDAP_DEBUG && LDAP_SYSLOG)
2007-05-11 23:04:33 +00:00
Hallvard Furuseth
e509d3ed9a
Comment fixes.
...
Corrected rev 1.67 cvs comment: ltu_key[] is NULL-terminated _when not full_.
2007-05-11 18:48:13 +00:00
Howard Chu
236e5f50b3
Added ciphersuite support
2007-05-10 21:49:43 +00:00
Howard Chu
64c9240003
Regenerate with GNUtls additions
2007-05-10 20:33:41 +00:00
Howard Chu
1147ee333a
Add GNUtls detection
2007-05-10 20:33:10 +00:00
Howard Chu
8726062e1d
Fix typo in prev commit
2007-05-10 20:15:40 +00:00
Howard Chu
c51fd6c96e
Add LDAP_OPT_X_TLS_CRLFILE, peer cert verification for GNUtls
2007-05-10 19:43:28 +00:00
Howard Chu
e86e4f98af
ITS#4954 clear c_sasl_dn after error
2007-05-10 19:34:27 +00:00
Howard Chu
2779af4730
ITS#4952 use memcmp to compare CSN values
2007-05-10 18:46:15 +00:00
Hallvard Furuseth
810b2389dc
Since we only have LDAP_MAXTHR thread_keys, allow max LDAP_MAXTHR
...
threads per pool, even when ltp_max_count <= 0 ("unlimited").
Keep ltp_max_count in range [0, LDAP_MAXTHR].
2007-05-09 23:25:03 +00:00
Hallvard Furuseth
f0a1511422
Make ldap_int_thread_userctx_t.ltu_key[] a proper NULL-terminated array.
...
(setkey/getkey expected that, but purgekey could set a NULL in the middle.)
Added some checks for input key!=NULL.
API changes, need review - I'm not sure what's indented here:
- setkey(data=NULL, kfree!=NULL) searched as if intended to reset
the key, but updated by setting the key. Now always updates.
- setkey(key=<not found>, data=NULL) could return either success or
failure. Now succeeds iff (data == NULL && kfree == NULL).
2007-05-09 22:59:04 +00:00
Hallvard Furuseth
f5da908c49
thread_keys is a (poor) open-addessed hash table, but it lacked a
...
"deleted item" mark. Add DELETED_THREAD_CTX.
Also improve the hash function a bit, and make the hash unsigned.
2007-05-09 22:22:44 +00:00
Hallvard Furuseth
8a92825225
Protect thread_keys[] with ldap_pvt_thread_pool_mutex, except in
...
ldap_pvt_thread_pool_purgekey() which may only be called during pauses.
Thus, also wait for pauses to finish before accessing thread_keys in
ldap_int_thread_pool_wrapper(). This may prevent pending tasks from
being started when a pause had been requested, which seems to have been
possible. If that was a feature, we can split ltp_pause==1 in 2 states:
in pause (causes wait), and pause requested.
Also move 'thread_keys[].id = <thread id>' from pool_submit to
pool_wrapper. Until pool_wrapper set the ctx as well, thread context
lookup would just return NULL anyway.
2007-05-09 21:38:28 +00:00
Hallvard Furuseth
92afeb8ef7
Replace state LDAP_INT_THREAD_POOL_PAUSING with member ltp_pause,
...
so a pause will work during states FINISHING and STOPPING.
Add missing waits and signals, and move waits in pool_wrapper().
Replace if(test) with while(test) when waiting for the multi-purpose
condition variable ltp_cond.
2007-05-09 19:53:25 +00:00
Hallvard Furuseth
9e9bf22a64
ITS#4943:
...
In ldap_pvt_thread_pool_submit(), when backing out of thread creation:
ltp_pending_count '++' -> '--'. Signal if there are no more threads.
In ldap_int_thread_pool_wrapper():
if() -> assert() where false would result in eternal loop.
2007-05-09 19:34:49 +00:00
Hallvard Furuseth
bb890724d4
Don't complain if detached threads exit after ldap_debug_thread_destroy().
2007-05-09 19:21:08 +00:00
Hallvard Furuseth
584ea90db2
Remove unused variables
2007-05-09 19:11:44 +00:00
Hallvard Furuseth
5a6362c453
assert(pointer) -> assert(pointer != NULL)
2007-05-09 19:10:36 +00:00