upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-21 23:29:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
24178 commits 38 branches 309 tags 68 MiB
Commit graph

159 commits

Author SHA1 Message Date
Howard Chu
c51fd6c96e Add LDAP_OPT_X_TLS_CRLFILE, peer cert verification for GNUtls 2007-05-10 19:43:28 +00:00
Howard Chu
f2a02b90ed Fix TLS default for clients 2007-03-23 12:47:35 +00:00
Howard Chu
0c542682b1 Timeouts should not be malloc'd 2007-02-05 20:32:44 +00:00
Howard Chu
bec25494fe ITS#4799 remove kerberos / kbind references 2007-01-10 00:20:42 +00:00
Kurt Zeilenga
da6d9eb046 happy new year 2007-01-02 20:00:42 +00:00
Pierangelo Masarati
72e586ba36 revert previous commit; disable RESTART from ldap.conf 2006-11-13 23:51:52 +00:00
Pierangelo Masarati
799f2b1449 I hate code duplication, but don't require functions from liblutil in libldap.so 2006-10-08 17:14:04 +00:00
Pierangelo Masarati
2f964def8a add support for VERSION, TIMEOUT and NETWORK_TIMEOUT in ldap.conf 2006-09-26 02:34:36 +00:00
Pierangelo Masarati
a9a4a14d80 use AC_LINE_MAX 2006-09-26 00:33:44 +00:00
Pierangelo Masarati
4481502313 use a more reasonable max line length (ITS#4669) 2006-09-12 20:41:37 +00:00
Howard Chu
d18277eac9 ITS#4422, #4475 
Move TLS options into struct ldapoptions.
  Added ldap_int_tls_destroy()
  Added LDAP_OPT_X_TLS_NEWCTX to generate new SSL_CTX
 2006-04-07 00:52:38 +00:00
Pierangelo Masarati
8c9f071238 duplicate string from environment, as it may be overridden by the user (ITS#4436) 2006-03-20 11:57:16 +00:00
Luke Howard
86d1072917 ITS#4327 - make SASL_MECH/SASL_REALM no longer user-only options 2006-01-11 17:28:30 +00:00
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Pierangelo Masarati
f571f4b2b4 fix previous commit 2005-11-03 20:11:22 +00:00
Pierangelo Masarati
561cd3d845 don't leak hostname 2005-11-03 15:17:48 +00:00
Howard Chu
9095af5928 ITS#4017 support Diffie-Hellman parameters for multiple key lengths 2005-10-05 20:01:52 +00:00
Hallvard Furuseth
2e19c67235 Handle LDAP_INT_GLOBAL_OPT() failure in ldap_int_destroy_global_options() 2005-08-31 18:59:27 +00:00
Kurt Zeilenga
3e800f20bd <limits.h> cleanup && ITS#3643 2005-04-10 19:32:14 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Howard Chu
2590e26bc7 Initialize TLS connection callback 2004-11-23 05:09:10 +00:00
Ralf Haferkamp
93cec8b694 - Added autoconf test for CRL capable OpenSSL Version 
- #ifdef'd CRL checking code.
 2004-11-03 12:02:38 +00:00
Ralf Haferkamp
5704a2ef6e CRL checking options for ldap.conf and slapd.conf 2004-10-28 18:50:38 +00:00
Kurt Zeilenga
5f5d50aeb0 Add TLS cipher suite directive to ldap.conf(5) 2004-09-05 07:21:20 +00:00
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Kurt Zeilenga
f0bd9b3a5b Mark areas needed poll(2) support with HAVE_POLL. 2004-07-09 17:50:22 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Howard Chu
dc19332bb9 Don't init SASL library until we actually want a SASL session 2003-12-03 01:59:33 +00:00
Kurt Zeilenga
159de0f135 Updated notices and acknowledgements 2003-11-26 07:16:36 +00:00
Howard Chu
11453007c2 ITS#2770 - delete bogus maxbuf checks on sasl_read 2003-10-16 18:56:02 +00:00
Kurt Zeilenga
65bfb44e8e Error when user tries to mix command line and default URI components. 
Remove TLS hard as an ldap.conf option as being not a over-writable
default.  The appropriate way to request ldaps:// is use an ldaps://
URI.  A rewrite to only sent hard for the default URIs but ignored
if the application provides it own URI would be acceptable.
 2003-05-22 00:13:00 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Howard Chu
771974f99d ITS#2019 Initialize utils properly 2002-08-10 23:34:55 +00:00
Kurt Zeilenga
e6460769ab Misc sprintf/snprintf cleanup 2002-07-23 18:26:33 +00:00
Julius Enarusai
6107ba67d2 Coverted LDAP_LOG macro to use subsystem ID int values instead of string values 2002-07-11 20:33:24 +00:00
Julius Enarusai
171281f3ec Added LDAP_LOG messages 2002-03-27 22:03:35 +00:00
Howard Chu
ffa4b26343 Slightly better fix for library cleanup. Requires GCC. 2002-02-09 01:09:23 +00:00
Howard Chu
bbee3551b8 Fix for Windows, don't call gethostbyname until WSAStartup has occurred. 2002-01-04 23:10:48 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
06b350c04c Moved WSAStartup/WSACleanup to libldap/init.c. Cleanup occurs in the 
internal atexit handler.
 2001-12-28 06:12:17 +00:00
Howard Chu
dfba82c441 minor cleanup from jon@symas.com 2001-12-18 05:17:06 +00:00
Howard Chu
320d6742b7 Added atexit handler to free global_opts->ldo_defludp. 2001-12-15 13:43:49 +00:00
Howard Chu
2b0819c4a9 Don't copy and leak user; it's an env var so just use it directly. 2001-12-15 12:07:40 +00:00
Howard Chu
e6d6faf3c9 From jon@symas.com - patches for consistent use of directory separators 
in pathnames.
 2001-12-07 01:46:26 +00:00
Kurt Zeilenga
75c7331743 Added the easy part of NLS support, behind an #ifdef. 2001-10-04 18:06:08 +00:00
Howard Chu
e80b5d4040 Clean up CLDAP stuff 2001-09-28 22:19:51 +00:00
Howard Chu
647b5f84ee Resurrection/rewrite of CLDAP (RFC1798 Connectionless LDAP). 
Compile with -DLDAP_CONNECTIONLESS to use this code.
For slapd, use "-h cldap://" to listen on UDP.
For ldapsearch, use "-H cldap://" to query on UDP.
Client-side support is very minimal:
  no automatic timeout/retries
  no basedn wildcard expansion on results
  no support for specifying multiple servers at once.
 2001-09-28 00:18:40 +00:00
Kurt Zeilenga
05c9d4bfda Fix TLS ldap.conf issues 2001-09-05 21:22:41 +00:00
Kurt Zeilenga
c731288dc6 Replace ATTR_URIS with ATTR_OPTION (more general solution) 2001-06-25 21:39:14 +00:00
Kurt Zeilenga
c4f5497ac6 move TLS ctx to lconn struct in prep for supporting TLS with referrals 
need to rework cert check to use per lconn host name
 2001-06-25 07:33:42 +00:00
Kurt Zeilenga
5f25c10980 new rebind proc 
new SASL locking
 2001-06-15 00:14:56 +00:00
Kurt Zeilenga
599a610164 Update SASL bufsize checks 2001-01-18 22:18:41 +00:00
Kurt Zeilenga
d554a31b58 Move ldap_pvt_tls_init call to ldap_pvt_tls_start 
Relax user-only options on TLS_RANDFILE and TLS_REQCERT
 2000-09-13 00:54:45 +00:00
Kurt Zeilenga
3b03b64b77 Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the 
input.  In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
 2000-08-15 01:55:43 +00:00
Kurt Zeilenga
0f5a264dc3 hostbuf should be static 2000-08-15 00:58:56 +00:00
Kurt Zeilenga
95eea5accc First cut SASL "interactive" and "quiet" modes (default is "automatic") 2000-07-17 00:56:29 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session. 
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
 2000-07-13 22:54:38 +00:00
Kurt Zeilenga
fe23628faa ITS#619: TLS PRNG initialization code 
based upon patch provided by Ted C. Cheng <cheng@ix.netcom.com>
 2000-07-08 22:17:50 +00:00
Kurt Zeilenga
77b235fba5 Apply Novell's IN_KERNEL support (ITS#576) 2000-06-08 17:11:57 +00:00
Kurt Zeilenga
1aa4b07c98 Remove support for DNS DNs (not to be confused with X.500 DN using 
domainComponents (DC)).
 2000-06-05 20:07:02 +00:00
Kurt Zeilenga
743598b3d0 This is a one-liner Steve missed in the referral patch. Make sure the 
ldo_rebindproc value has a sane value.
 2000-06-02 23:51:31 +00:00
Kurt Zeilenga
4e5992c190 Fix unsigned * vs unsigned long * bugs 2000-05-16 04:52:37 +00:00
Kurt Zeilenga
29d9fa20a2 Y2k copyright update 2000-05-13 02:36:07 +00:00
Howard Chu
36eddf715a Exit loop after matching command is found in openldap_ldap_init_w_conf 2000-05-12 10:40:29 +00:00
Howard Chu
b0faccce56 Added debuglevel parameter to ldap_int_initialize(). 2000-05-11 09:48:40 +00:00
Kurt Zeilenga
c02d7e2cb6 ITS#503: Extend ldap tools to support SASL/TLS 
Submitted by Gabor Gombas <gombasg@inf.elte.hu>
 2000-04-20 09:23:51 +00:00
Julio Sánchez Fernández
b9fb4c442c Useronly logic was inverted, we were ignoring the whole ldap.conf, 
except where we should.
 2000-03-13 12:31:35 +00:00
Kurt Zeilenga
2549654bb5 Add comment about leaked on exit values.... we likely should 
implement an at_exit() handler.
 2000-02-02 21:26:36 +00:00
Kurt Zeilenga
ed9969b1c4 Make ldap_utf8_bytes() act like strlen() not sizeof() 2000-01-23 23:33:01 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library; 
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
 2000-01-02 01:21:25 +00:00
Kurt Zeilenga
ab7c490960 Add BINDDN user-only directive to .ldaprc 
Used only for simple bind when dn == NULL and password != NULL.
 1999-12-17 03:27:16 +00:00
Kurt Zeilenga
096dcdc580 Add support for useronly configuration attributes. 1999-12-14 02:26:37 +00:00
Mark Valence
ccb9e1e9e3 Changed URL to URI for conf/env setting. 1999-12-09 22:17:08 +00:00
Mark Valence
5f86e47aa8 Changes for URI spport: New routines ldap_initialize and ldap_create; LDAPURLDesc replaces LDAPServer, LDAPURLDesc list used instead of ldo_defhost. 1999-12-07 18:42:25 +00:00
Mark Valence
b221e4ad4b Fixed "typos" in TLS code. TLS is ATTR_TLS, not ATTR_BOOL. 
ldap_pvt_tls_config() was missing first param.
 1999-09-25 03:57:25 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers. 
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
 1999-09-08 19:06:24 +00:00
Kurt Zeilenga
3820b35870 Use -llber set_nonblock implementation. 
Use ldap_int_tblsize instead of s+1 in select.
Need to eliminate all to read(2).
 1999-08-04 18:32:38 +00:00
Kurt Zeilenga
1b41dfbce0 LDAP_OPT_NETWORK_TIMEOUT feature (ITS#239) from Lars Uffmann. 
Needs a bit more work.
	- global net/api timeouts are not inherited on session creation.
	- need configure check for inet_aton() (coming soon)
	- ioctl/fcntl portability issues (should share implementation
		with lber routines)
 1999-08-03 19:27:22 +00:00
Julio Sánchez Fernández
43fba8fcb1 First version with TLS. Untested. 1999-07-13 19:30:41 +00:00
Hallvard Furuseth
354702b94e ldap-int.h 1999-07-13 06:21:14 +00:00
Kurt Zeilenga
21e081dc5b Separate autoconf generated values from "defaults". 
ldap_defaults.h incorporates non-generated ldapconfig.h values.
	ldap_config.h.in is new template for autoconf generated defaults
		(namely directories and paths)
	ldap_config.h.nt, NT template (must be manually copied)
	s/<ldapconfig.h>/<ldap_defaults.h>/
	s/DIRSEP/LDAP_DIRSEP/ & s/DEFAULT_/LDAP_/
 1999-06-17 03:54:25 +00:00
Kurt Zeilenga
21c70857f1 s/<stdlib.h>/<ac/stdlib.h>/ 1999-06-03 00:37:44 +00:00
Kurt Zeilenga
1f52f6e43e Add ber_strdup(), remove ldap_int_strdup(), add LDAP_STRDUP macro 
and ripple change through -lldap.
 1999-06-02 22:28:22 +00:00
Kurt Zeilenga
1bcec8bf6a Add LBER_ and LDAP_ memory allocators/deallocators for internal 
library use:
  LBER_ macros expand to system routines.
  LDAP_ macros expand to new ber_ allocators.

Add ber_ and ldap_ memory allocators/deallocator:
  ber_ routines are wrappers of LBER_ macros.
  ldap_ routines are wrappers of ber_ routines.

Removed safe_realloc() macro from various files.  This issue
(if an issue) should be resolved across whole package.

ldapmodify.c now uses ber_ allocators to resolve ber_bvfree()
vs. WIN32 multiple heaps issue.

These changes should facilate implementation of
  ber_set_option( NULL, LBER_OPT_MEMORY_FN, ...)
and
  ldap_set_option( NULL, LDAP_OPT_MEMORY_FN, ...).
 1999-05-29 01:19:14 +00:00
Kurt Zeilenga
4e5ed2dffc Changed lc_conn to be a pointer to a BerElement to aid in state management. 
Added validation to exposed opaque data structures (BerElement, Sockbuf,
and LDAP).  Added macros BER_VALID, SOCKBUF_VALID, LDAP_VALID.
Added ber_pvt_ber_bytes() and ber_pvt_ber_remaining() macros to hide
some ber internals.  These really should be handled by ber_get_option().
 1999-05-28 19:33:05 +00:00
Kurt Zeilenga
8c793fa1c9 rename ldap_pvt_init_utils() to ldap_int_utils_init() and provide 
prototype in ldap-int.h.
 1999-05-27 22:25:55 +00:00
Kurt Zeilenga
22d98c85c3 ldap.h: 
added comments
 removed LDAP_MAX_ATTR_LEN
 removed LDAP_COMPAT* from <ldap.h> but not code.
 move LDAP_DEFAULT_REFHOPCOUNT to ldap-int.h
 added experimental options macros
 added LDAP_CONTROL_REFERRALS macros
libldap:
 Replace ld_attrbuffer with per use allocated attributed.
 ldap_first/next_attribute attributes now must be freed (as per draft).
 unifdef -DLDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS
 1999-05-22 06:11:48 +00:00
Kurt Zeilenga
af2183c35e close ldap.conf after reading it. 1999-03-25 22:19:42 +00:00
Hallvard Furuseth
b6d85256e7 "const"ify some static arrays, and related parameters/variables 1999-03-09 08:40:36 +00:00
Hallvard Furuseth
3f65f687e5 Put the ATTR_BOOL option numbers in attrs.offset instead of attrs.data, 
to avoid unportable casts of integers to pointers and back.
 1999-03-06 18:31:19 +00:00
Hallvard Furuseth
73db912500 Cast char' arguments to ctype.h functions to unsigned char'. 
These functions require their arguments to be in the range of `unsigned char'.
 1999-02-22 17:57:22 +00:00
Kurt Zeilenga
7eec267436 Add lber_log_print support to libldap. 
Redefine Debug macro to call ldap_log_printf(NULL, lvl, fmt, ...)
Should replace each Debug statement with direct call to ldap_log_printf
passing LDAP session if available.
 1999-01-26 00:27:51 +00:00
Bart Hartgers
027d2fadc6 Updates regarding threads and names. 1999-01-15 14:49:03 +00:00
Kurt Zeilenga
d66a450344 Update init and ldap.conf(5) to handle LDAPNOINIT, LDAPCONF, LDAPRC 
environment settings.
 1999-01-14 23:04:08 +00:00
Kurt Zeilenga
4de6a10ce2 Insert missing ')'... 1999-01-14 06:28:50 +00:00
Kurt Zeilenga
4d2761a6a6 Add simple copyright notice. 1998-12-28 20:53:15 +00:00
Kurt Zeilenga
a3ac3be6a7 Added lber_get/set_option. Removed lber_debug/ldap_debug. 
Updated other codes as needed.
 1998-12-22 01:34:01 +00:00
Kurt Zeilenga
21b249ca6e Change init_w_userconf to not interpet the filename. If it's 
give "/foo", then it will check $HOME/foo, $HOME/./foo, then /foo.
This might not be what the installer hand it mind... but then again
may be it is.
w_userconf and w_conf both now use NULL arguments to disable conf loading.
 1998-11-23 03:03:06 +00:00
Hallvard Furuseth
185586f5c2 Plug memory leak 1998-11-23 01:44:24 +00:00
Hallvard Furuseth
c24d932b02 add ldap_strdup and eliminate strdup in libldap 1998-11-19 06:18:23 +00:00