upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-01-02 13:09:42 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
24493 commits 38 branches 309 tags 68 MiB
Commit graph

4974 commits

Author SHA1 Message Date
Quanah Gibson-Mount
eae9c380d0 Merge remote-tracking branch 'origin/mdb.RE/0.9' 2025-09-17 17:39:20 +00:00
Caolán McNamara
f584da2fe7 ITS#10375 libldap/tls2: const up oids 
to move it out of the .data section
 2025-07-28 15:19:04 +01:00
Howard Chu
7d2805f27c ITS#10370 libldap: don't assert on network input 2025-07-23 22:05:25 +01:00
Howard Chu
76e1492809 ITS#10356 libldap: implement LDAP_OPT_REFHOPLIMIT 2025-06-20 02:35:44 +00:00
Michael Kourlas
585e6aa9a5 ITS#10330 keep socket non-blocking during polling in ldap_int_tls_start 
During TLS negotiation, if a timeout is set, ldap_int_tls_start sets the
socket to non-blocking and calls ldap_int_poll in a loop if
ldap_int_tls_connect does not succeed the first time it is called.

However, ldap_int_poll sets the socket back to blocking and we currently
do not set it back to non-blocking. This means that a subsequent call to
ldap_int_tls_connect may hang and the configured timeout will not be
enforced. To fix this, we now set the socket back to non-blocking after
ldap_int_poll is called.
 2025-06-19 13:49:40 +00:00
Michael Kourlas
76b9c476dd ITS#10330 do not poll socket in ldap_int_tls_start if no timeout set 
This probably had no effect, but is unnecessary.
 2025-06-19 13:49:40 +00:00
Howard Chu
f7c1754e36 ITS#10355 2025-06-12 15:18:48 +01:00
Howard Chu
7c7988003b ITS#10355 lmdb mplay: don't assign to stdin/stdout 2025-06-12 15:16:50 +01:00
Howard Chu
c85bcff9c5 ITS#10346 2025-06-10 20:57:48 +01:00
Mike Moritz
7f8f52e0e2 ITS#10346 lmdb: fix compacting copy with large values 2025-06-10 20:56:50 +01:00
Howard Chu
529442b4cb ITS#10342 2025-06-10 20:43:44 +01:00
jinyaoguo
ce339e82bd ITS#10342 lmdb: fix potential memleak in child txn_begin 2025-06-10 20:39:52 +01:00
Ondřej Kuzník
6063498361 ITS#10297 Defer hostname resolution til first use 2025-05-09 09:31:26 +01:00
Howard Chu
e5a545d54c ITS#10328 librewrite: fix substitution cleanup 2025-04-24 16:47:31 +00:00
Howard Chu
10456f5850 ITS#10326 mbedtls: always call mbedtls_ssl_set_hostname() 
Even if hostname is NULL, the library requires this be called once.
If non-NULL, mbedtls may do a hostname check which is redundant
since libldap does its own check.
 2025-04-22 17:26:46 +01:00
Howard Chu
ac89f42433 ITS#10296 lmdb: fix typo in prev commit 2025-02-19 09:15:27 +00:00
Howard Chu
96bffc9202 ITS#10296 fix fdatasync on MacOS 2025-01-28 17:29:56 +00:00
kero
f6b3c3d407 ITS#10296 lmdb: fix fdatasync on MacOS 
Patch from kero, with corrections by hyc
 2025-01-28 17:28:15 +00:00
Ondřej Kuzník
2ba10ad59c ITS#10229 Adjust ldap_result behaviour with LDAP_MSG_RECEIVED 2024-12-16 16:18:53 +00:00
Ondřej Kuzník
d143f7a2dc ITS#8047 Fix TLS connection timeout handling 
The test for async in ldap_int_tls_start was inverted, we already
support calling ldap_int_tls_connect repeatedly. And so long as
LBER_SB_OPT_NEEDS_* are managed correctly, the application should be
able to do the right thing.

Might require a new result code rather than reporposing
LDAP_X_CONNECTING for this.
 2024-10-26 20:51:35 +00:00
Howard Chu
790ed0e911 ITS#10275 mdb_load: add -Q option to use NOSYNC for faster loading 2024-10-26 21:27:01 +01:00
Gary Wicker
c5f0ac271c ITS#10275 mdb_load: add -Q option to use NOSYNC for faster loading 2024-10-26 21:26:17 +01:00
Ondřej Kuzník
40b6592adf ITS#10263 Reject modifications with invalid whitespace 2024-10-26 16:49:39 +00:00
Ondřej Kuzník
3f6cec3b46 ITS#10264 Free NoD data we stored locally 2024-10-02 13:23:44 +01:00
Ondřej Kuzník
139944ac1e ITS#7982 Log TLS proto+cipher suite on client side 2024-09-27 14:21:20 +01:00
Ryan Tandy
aa7b1a3db9 ITS#10253 Fix incompatible pointer type 2024-08-21 17:48:45 -07:00
Howard Chu
c9ab732ec1 ITS#10247 libldap: add ldap_url_check_ext() to check URL extensions 
And check validity earlier, in ldap_initialize() and ldap_init_fd().
 2024-08-20 15:39:04 +00:00
Howard Chu
4fc6a3c064 ITS#10247 libldap: reject unrecognized critical URL extensions 2024-08-20 15:39:04 +00:00
Quanah Gibson-Mount
f6d015dd84 ITS#10222 2024-06-28 15:55:18 +00:00
Howard Chu
c6a49d7963 LMDB: tweak mdb_load.1 manpage 
Add missing -a option to Synopsis
 2024-06-28 14:55:06 +00:00
Zach Vonler
b84c35053b ITS#10222 LMDB: Updated mdb_dump man page 
The -a option to mdb_load makes the previous text obsolete.
 2024-06-28 14:55:01 +00:00
Quanah Gibson-Mount
54f00bd01f Return to engineering 2024-06-24 16:56:14 +00:00
Howard Chu
1fc09713b1 ITS#10224 libldap: check for OpenSSL EVP_Digest* failure 2024-06-07 15:34:23 +01:00
Howard Chu
4dfe057b58 ITS#10223 libldap: check for OpenSSL SSL_CTX_set_ciphersuites failure 2024-06-07 15:34:01 +01:00
Quanah Gibson-Mount
15edb3b30f Merge remote-tracking branch 'origin/mdb.RE/0.9' 2024-05-21 17:16:40 +00:00
Quanah Gibson-Mount
3a29a24777 Prep for release 2024-05-21 17:16:06 +00:00
Howard Chu
4d53ae28cf ITS#10216 libldap: fix OpenSSL channel binding digest 
The OBJ_find_ API is undocumented but this is what OpenSSL libcrypto does itself.
 2024-05-16 16:01:39 +01:00
Howard Chu
283b994104 ITS#10209 libldap: only use OPENSSL_INIT_NO_ATEXIT if it's defined 
Fake OpenSSL clones like LibreSSL don't support it.

In general we will make no effort to support fake OpenSSL clones.
 2024-05-09 17:19:15 +00:00
Quanah Gibson-Mount
2606b60c7a Merge remote-tracking branch 'origin/mdb.RE/0.9' 2024-05-07 17:29:31 +00:00
Quanah Gibson-Mount
f0fddaa6fe Merge remote-tracking branch 'origin/mdb.RE/0.9' 2024-05-07 17:29:20 +00:00
Quanah Gibson-Mount
7c99799729 ITS#10212 2024-05-07 16:49:34 +00:00
Quanah Gibson-Mount
ccbec37209 ITS#10198 2024-05-07 16:49:00 +00:00
Howard Chu
d83d6b4ebe ITS#10212 LMDB: better fix 2024-05-03 20:44:48 +01:00
Howard Chu
37829ce493 ITS#10212 LMDB: init txnid for read-only DBs 2024-05-02 16:33:14 +01:00
Howard Chu
d3ae7c36e5 ITS#10198 Win32 mdb_strerror - stop passing "ignored" parameter 
The M$ docs say the parameter is ignored, but it actually isn't,
and will cause a SEGV if the pointed memory isn't an init'd va_list.
 2024-04-04 07:17:35 +01:00
Quanah Gibson-Mount
073232bbc7 Happy New Year! 2024-03-26 19:45:07 +00:00
Quanah Gibson-Mount
7077d5e601 ITS#9037 2024-03-26 16:25:55 +00:00
Quanah Gibson-Mount
f186e4d934 ITS#10189 - Remove extraneous #endif 2024-03-26 16:23:20 +00:00
Howard Chu
83dc42c5ca ITS#9037 mdb_page_search: fix error code when DBI record is missing 
Use the more relevant MDB_BAD_DBI instead of MDB_NOTFOUND error code
 2024-03-26 14:52:42 +00:00
Howard Chu
a5953812f0 ITS#9952 TLS/OpenSSL: disable use of atexit() 
This will only have any effect if libldap is the first caller to
initialize OpenSSL, but that should be all that matters when libldap
is part of a dynmically loaded module. It prevents the crash in the
example cases given.
 2024-02-18 10:57:07 +00:00