upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-22 07:39:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
12372 commits 38 branches 309 tags 68 MiB
Commit graph

1227 commits

Author SHA1 Message Date
Kurt Zeilenga
f1cc2b7ab2 #if 0 RDN debugging 2002-02-13 08:00:31 +00:00
Kurt Zeilenga
275f3be363 Misc. DN fixes and cleanups, namely don't muck with AVA_BINARY values 
Also, pass empty_bv when bv_val is NULL.
 2002-02-13 06:35:27 +00:00
Kurt Zeilenga
defed68e82 Fix typo 2002-02-11 18:18:34 +00:00
Howard Chu
a916535a27 Fix #include of sasl.h 2002-02-11 09:39:15 +00:00
Kurt Zeilenga
d23c559646 Don't use 'shtool mkln' as ln(1) replacement. 
Allow both <sasl/sasl.h> and <sasl.h>
 2002-02-11 08:28:51 +00:00
Kurt Zeilenga
ce07fb958e Update libtool usage 
s/-L.../libraries -lldap/.../libraries/libldap/libldap.la/
 2002-02-10 22:42:51 +00:00
Kurt Zeilenga
b315d8af34 Update Cyrus SASL detection to always look for <sasl.h> regardless 
of version and then try -lsasl2 and -lsasl.  Make SASL code
conditional on SASL_VERSION_MAJOR, not HAVE_CYRUS_SASL.
 2002-02-10 17:51:19 +00:00
Howard Chu
8a4e92b259 Support for Cyrus SASLv2. Untested. 2002-02-10 14:27:23 +00:00
Howard Chu
ffa4b26343 Slightly better fix for library cleanup. Requires GCC. 2002-02-09 01:09:23 +00:00
Howard Chu
1fba3a5c13 Fix flag initialization 2002-02-08 21:53:04 +00:00
Howard Chu
7d41a446cb Added conversion from UTF-8 to T.61. 2002-02-01 03:13:04 +00:00
Howard Chu
cb88cae005 First pass at T.61 <-> UTF-8 translation. Only does T.61 to UTF-8. 
Feel free to inspect, not yet ready for use.
 2002-01-31 13:42:06 +00:00
Howard Chu
63a4a19732 Send a warning to the client if we try to use a bad cert. 2002-01-27 03:48:08 +00:00
Howard Chu
c3c85b4062 Extended TLS_REQCERT/TLSVerifyClient syntax to 4 states: never,allow,try, 
and hard/demand.
 2002-01-27 02:56:18 +00:00
Howard Chu
c81d2bb855 Fix, errno was incorrect after SSL_read returned 0 bytes, caused slapd to 
close the connection prematurely.
 2002-01-26 13:43:22 +00:00
Howard Chu
25cd89b443 Use ber_scanf 'm' format for ignored UDP string 2002-01-17 23:30:05 +00:00
Kurt Zeilenga
7f0289a390 Move most of the new ber_*cmp routines to lber_pvt.h to keep them private, 
rework them slightly to avoid computations which might result in underflow.
Rename them for consistency with other berval routines.
Remove some utf8 lint.
 2002-01-16 18:16:15 +00:00
Pierangelo Masarati
5c1d9b4fce fix assertion 2002-01-16 10:58:04 +00:00
Pierangelo Masarati
6c5be3006d don't auto-detect DCE form; assert the UTF-8 charlen is legal 2002-01-16 09:57:20 +00:00
Howard Chu
40542984cd Added some reference comments for ldap_utf8_charlen2 2002-01-15 09:01:44 +00:00
Howard Chu
2d51ad52b3 Added LDAP_UTF8_CHARLEN2() to validate shortest possible encoding 
of UTF8 string. (Returns charlen if valid, 0 if not.)
 2002-01-15 08:07:46 +00:00
Howard Chu
19f3ba216f Fix ldap_utf8_lentab to detect illegal two-byte sequences. 2002-01-15 03:31:37 +00:00
Pierangelo Masarati
bde71e45f9 fix format 2002-01-14 19:48:09 +00:00
Pierangelo Masarati
36f6a1169a make temporary RDN and AVA arrays rescalable if needed 2002-01-14 19:44:04 +00:00
Pierangelo Masarati
9d6ebd822e fix typo 2002-01-14 19:42:59 +00:00
Pierangelo Masarati
2ee2e7a145 quick fix that in pretty mode escapes with hexpair the specials ',', '+' and '\' 2002-01-14 19:33:13 +00:00
Pierangelo Masarati
7887ef7e92 revert previous commit: do accept '\00' 2002-01-14 11:09:14 +00:00
Pierangelo Masarati
3a6676a082 accept '\<special>' anywhere in the string 2002-01-14 10:50:02 +00:00
Pierangelo Masarati
c4164193ad fix behavior on improperly escaped illegal hexpair; do not accept '\00' 2002-01-14 09:56:54 +00:00
Howard Chu
923e64156d More cleanup in ldap_pvt_tls_destroy() 2002-01-12 02:31:41 +00:00
Howard Chu
07119f7342 Fix ldap_start_tls_s, don't check for TLS present on a non-existent sockbuf 2002-01-12 02:25:22 +00:00
Kurt Zeilenga
dffb050d81 Remove lint 2002-01-10 05:30:23 +00:00
Howard Chu
627d354b98 For Windows, use getsockopt() to retrieve error if connect() fails. 
Don't use ldap_pvt_is_socket_ready() at all on Windows, it is
totally unneeded and getpeername() misbehaves on W2K.
 2002-01-10 05:12:11 +00:00
Kurt Zeilenga
f80b4ad53e Minor const'ification cleanup 2002-01-08 20:24:56 +00:00
Kurt Zeilenga
962e351271 Minor cleanup 2002-01-07 21:22:38 +00:00
Kurt Zeilenga
c4902e88d5 Don't unlock if we've never locked. 2002-01-07 20:18:38 +00:00
Pierangelo Masarati
e5f503c24a Passes last test (empty value); also passes many of the invalid DN tests if liberal parsing is allowed 2002-01-07 15:23:23 +00:00
Pierangelo Masarati
e15aa7b682 fix non-printable flag detection; improve dn test (passes all but last in http://www.openldap.org/ietf/ldapbis/dn.txt) 2002-01-07 15:10:50 +00:00
Pierangelo Masarati
23cd7e837a fix domain generation for UFN 2002-01-07 13:16:53 +00:00
Kurt Zeilenga
0c36372134 Some memory allocation cleanup. 2002-01-06 02:18:37 +00:00
Kurt Zeilenga
c36352c173 Misc allocator cleanup 2002-01-05 19:38:54 +00:00
Howard Chu
bbee3551b8 Fix for Windows, don't call gethostbyname until WSAStartup has occurred. 2002-01-04 23:10:48 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Kurt Zeilenga
72eb26180f Another minor filter fix (unescaped *) 2002-01-04 20:36:41 +00:00
Kurt Zeilenga
96138a8424 Fix ) in value handling 2002-01-04 05:37:19 +00:00
Kurt Zeilenga
6c80cfb2e8 Use LDAP_FREE not free 2002-01-04 03:53:13 +00:00
Kurt Zeilenga
11175ed95e Some misc cleanup 2002-01-04 03:50:54 +00:00
Kurt Zeilenga
6fc8c3ff4e Fix attribute description checks 2002-01-04 00:45:05 +00:00
Howard Chu
da00e5dac1 Use LDAP_FREE instead of free 2002-01-03 23:30:45 +00:00
Kurt Zeilenga
1d4e2342d2 Add LBER DN format flag (no code yet). 
Return API result codes, not protocol result codes.
 2002-01-03 20:06:29 +00:00
Kurt Zeilenga
789b81aa75 Misc cleanup 2002-01-03 20:05:29 +00:00
Kurt Zeilenga
fdb62b5650 Even larger TMP_SLOTS 2002-01-03 19:45:34 +00:00
Kurt Zeilenga
dedc7588c9 We'll need queue macros in -llber... 2002-01-03 00:49:52 +00:00
Kurt Zeilenga
73b2d62bcd Fix queue.h include 2002-01-03 00:39:09 +00:00
Kurt Zeilenga
81d2a0f289 fix empty substrings any bug 2002-01-02 23:03:37 +00:00
Howard Chu
fca5613e98 Hide (make static) sb_bio_method and tls_sbio structures. They're 
already completely hidden by accessor functions.
 2002-01-02 22:29:11 +00:00
Howard Chu
cc60686c0d Renamed parse_numericoid to ldap_int_parse_numericoid since it is 
no longer static. Moved declaration to ldap-int.h and removed extern
from getdn.c
 2002-01-02 21:59:26 +00:00
Kurt Zeilenga
ccc4d0d5ae Fix extensible filters 2002-01-02 20:31:21 +00:00
Kurt Zeilenga
490ac259f4 Fix escape bug 2002-01-02 20:05:48 +00:00
Kurt Zeilenga
2931cec6c0 Fix stupid bug in last commit 2002-01-02 18:16:09 +00:00
Pierangelo Masarati
1f49164725 fix missing trailing ')' 2002-01-02 17:38:46 +00:00
Kurt Zeilenga
772b7760b8 New filter code 2002-01-02 17:10:21 +00:00
Kurt Zeilenga
3ecc6b8b2c Add filter.c 2002-01-02 17:08:42 +00:00
Kurt Zeilenga
763c0de59b Rework filter code 
Misc cleanup / lint removal
 2002-01-02 17:06:56 +00:00
Howard Chu
81e9e86861 Fix ldap_str2rdn, make sure to update progress pointer; don't 
free attrType since we never allocate it
 2002-01-02 09:59:37 +00:00
Howard Chu
b92710e3a5 Minor cleanup 2001-12-31 06:44:36 +00:00
Howard Chu
b7be022824 Minor fix for LDAP_DN_IS_RDN_DC macro 2001-12-30 23:10:31 +00:00
Howard Chu
776ce133e9 More str2rdn tweaks 2001-12-30 09:42:58 +00:00
Howard Chu
5d28b4555e Reorganize LDAPAVA allocation layout 2001-12-30 06:56:57 +00:00
Pierangelo Masarati
754470162d remove useless function 2001-12-29 12:13:11 +00:00
Howard Chu
a191392e2e Changed LDAP_AVA struct berval * to struct berval. 2001-12-29 10:35:24 +00:00
Howard Chu
60510c5e39 Fix memory leak in ldap_explode_dn 2001-12-29 06:37:20 +00:00
Howard Chu
729fe56698 Made LDAP_UTF8_CHARLEN/ldap_utf8_charlen table-driven. 2001-12-29 02:57:32 +00:00
Pierangelo Masarati
2f3f7c6765 ldap_str2rdn() can parse without allocating a LDAPRDN* (not very clean, though); used by dn_rdnlen 2001-12-28 12:50:48 +00:00
Howard Chu
4d7e904404 Added ldap_dn2bv and ldap_rdn2bv 2001-12-28 10:03:39 +00:00
Howard Chu
06b350c04c Moved WSAStartup/WSACleanup to libldap/init.c. Cleanup occurs in the 
internal atexit handler.
 2001-12-28 06:12:17 +00:00
Kurt Zeilenga
c214a13a59 Works... now to test our filter parser! 2001-12-28 04:33:57 +00:00
Kurt Zeilenga
bf5fc54473 Add ftest (filter test) to the mix, needs work. 
Misc cleanup of other tests.
Add *.dsp files for tests
 2001-12-28 03:39:05 +00:00
Kurt Zeilenga
52a354f753 Mark more stuff as deprecated and remove some unused deprecated 
routines.
 2001-12-27 23:01:17 +00:00
Pierangelo Masarati
1f8e4d3884 cleanup 2001-12-27 13:54:22 +00:00
Kurt Zeilenga
cddf7e0e00 More struct berval DN changes 
decrease dependency on dn_validate/dn_normalize
 2001-12-27 07:13:13 +00:00
Kurt Zeilenga
a553a03586 More struct berval DNs changes 2001-12-26 23:43:28 +00:00
Howard Chu
a1460e74ce Added ldap_xxx2bv schema functions 2001-12-26 12:31:44 +00:00
Pierangelo Masarati
5f28673792 hex escape everything requires escape (uncomment #define PRETTY_ESCAPE to revert to previous behavior) 2001-12-24 19:17:10 +00:00
Pierangelo Masarati
4d981f7cc5 better rdn exploding 2001-12-24 15:47:06 +00:00
Pierangelo Masarati
65fad45129 bug in explode dn (caused most test failures when requesting client-side sorted results) 2001-12-24 10:31:11 +00:00
Kurt Zeilenga
450e0d6803 Some minor bugs for dntest "" 2001-12-24 07:22:25 +00:00
Kurt Zeilenga
a2c6a98427 cannot assert la_private == NULL on free 2001-12-24 07:03:14 +00:00
Kurt Zeilenga
883196d348 Clean up some symbol scoping 2001-12-24 06:36:44 +00:00
Kurt Zeilenga
04ea760a91 Delete USE_LDAP_DN_PARSING 2001-12-24 06:02:59 +00:00
Kurt Zeilenga
d0abe6f59f Misc DN cleanup, no functional changes 2001-12-24 06:00:02 +00:00
Kurt Zeilenga
25b5aaf262 Delete ldap_build_filter(), it's broke. 
Clean up headers.
 2001-12-24 03:49:54 +00:00
Kurt Zeilenga
9d56c59d1b Minor cleanup, rename ldapava_free_*() routines and 
don't expose symbols of ava helper routines
 2001-12-23 22:46:37 +00:00
Pierangelo Masarati
dcc062dce5 least escaping in dnPretty (hope my wife doesn't catch me in front of the laptop :) 2001-12-23 09:26:44 +00:00
Pierangelo Masarati
6620bbff16 small bug exploited by malformed DCE format 2001-12-23 09:04:44 +00:00
Kurt Zeilenga
80649933bd Zap tmplout 2001-12-21 03:28:48 +00:00
Kurt Zeilenga
6ca3ed1b1e Fix cache debugging (ITS#1501) based upon patch provided by 
Will Day <willday@rom.oit.gatech.edu>.
 2001-12-20 20:11:03 +00:00
Kurt Zeilenga
ae6b840350 Remove ttest 2001-12-20 07:29:33 +00:00
Kurt Zeilenga
c9afb5e8a3 misc cleanup 2001-12-20 01:43:03 +00:00
Kurt Zeilenga
c90b4fc878 Back out last change 2001-12-19 21:55:52 +00:00
Kurt Zeilenga
1f8cba688d dsparse still needed by filter templates (which are used by ud(1)). 2001-12-19 21:53:30 +00:00
Kurt Zeilenga
b3b17ca4e7 Remove srchpref and disptmpl stuff. 2001-12-19 21:46:34 +00:00
Kurt Zeilenga
9ce6d07b61 More cleanup 2001-12-19 21:37:41 +00:00
Kurt Zeilenga
266d8f5fc0 misc cleanup 2001-12-19 21:23:11 +00:00
Howard Chu
dfba82c441 minor cleanup from jon@symas.com 2001-12-18 05:17:06 +00:00
Kurt Zeilenga
c1a257a83f stdlib.h should be included as <ac/stdlib.h> 2001-12-18 01:24:31 +00:00
Howard Chu
b917625a85 Revert previous commit. 2001-12-18 00:20:58 +00:00
Howard Chu
6456e5f559 from jon@symas.com - misc cleanup 2001-12-18 00:16:15 +00:00
Kurt Zeilenga
943800a534 We "understand" localhost to be same as the local hostname as 
returned by gethostname().
 2001-12-17 23:56:16 +00:00
Howard Chu
e5eb270e6c from jon@symas.com - misc Windows cleanup 2001-12-17 22:42:55 +00:00
Howard Chu
320d6742b7 Added atexit handler to free global_opts->ldo_defludp. 2001-12-15 13:43:49 +00:00
Howard Chu
2b0819c4a9 Don't copy and leak user; it's an env var so just use it directly. 2001-12-15 12:07:40 +00:00
Kurt Zeilenga
4e79e82972 Treat (!) and (!(x=a)(y=b)) as filter errors... 2001-12-12 06:23:02 +00:00
Pierangelo Masarati
f4b21cc7b5 reworked internal stuff 2001-12-10 09:43:31 +00:00
Kurt Zeilenga
abd9be4def Remove lint and misc MSVC updates 2001-12-09 02:34:45 +00:00
Howard Chu
0552b1c53f NT updates from jon@symas.com. 2001-12-07 04:03:25 +00:00
Howard Chu
e6d6faf3c9 From jon@symas.com - patches for consistent use of directory separators 
in pathnames.
 2001-12-07 01:46:26 +00:00
Pierangelo Masarati
67ed3982fb now dnValidate loops thru each value; added private member to LDAPAVA to hold the attribute description 2001-12-06 11:50:17 +00:00
Pierangelo Masarati
9260b22dec liberally accept many LDAPv2/LDAPv3 stuff in DN (quoted parts, ';' as rdn separator and so); enforce exact case match of normalized dn in dnMatch (let's see what happens ...); fix a ldapava_free_rdn bug 2001-12-06 10:01:25 +00:00
Pierangelo Masarati
9004262d95 reimplement dn_validate/normalize/(match) using the ldap_str2dn/dn2str stuff; need to #define USE_LDAP_DN_PARSING 2001-12-04 20:22:26 +00:00
Kurt Zeilenga
8b4bae1fe3 Friendly name removal 2001-12-03 20:04:31 +00:00
Kurt Zeilenga
95b3e2a97d Minor cleanup 2001-12-03 20:04:08 +00:00
Pierangelo Masarati
598d6e7859 small improvements and fixes; now honors ';' as rdn separator in LDAPv2 mode 2001-12-03 07:55:25 +00:00
Howard Chu
88e3454654 Add #include <openssl/safestack.h> to fix ITS#1412 2001-11-30 02:37:39 +00:00
Kurt Zeilenga
bfe4dc289a ITS#1429 url search fix 2001-11-28 16:49:46 +00:00
Pierangelo Masarati
ea54a1a8e8 fix bug in previous commit 2001-11-12 08:47:09 +00:00
Pierangelo Masarati
6400698d17 struct berval * instead of char * in ldap_ava struct; minor cleanup 2001-11-12 08:10:12 +00:00
Steve Sonntag
367c5e81ba Compile error if Cyrus Sasl is not present. Put ifdefs in 
unbind call around free of sasl data.
 2001-11-08 20:08:36 +00:00
Howard Chu
33ace5610c Added ldap_pvt_tls_destroy() to cleanup TLS library on shutdown 2001-11-06 20:52:59 +00:00
Kurt Zeilenga
ac3e6c8dc5 Plug leaks (ITS#1116) 
Patch provided by John Morrissey <jwm@horde.net>
 2001-11-06 17:05:51 +00:00
Pierangelo Masarati
a2eec74fc1 moved rdn parsing in a dedicated routine, ldap_str2rdn(), that can be used directly; now ldap_rdn2str() handles all the formats 2001-10-30 10:04:24 +00:00
Pierangelo Masarati
64c7e39aa8 More compliant version of str2dn/dn2str; 
may need optimization;
uncomment #define USE_LDAP_DN_PARSING in libraries/libldap/getdn.c
to enable its use.
The ava/rdn/dn handling routines (append, insert, free and so) must
be made available thru declaration in some header.
 2001-10-29 08:05:23 +00:00
Pierangelo Masarati
0ba03b18e7 enhanced dn parsing; see libraries/libldap/dntest for a 'demo'. Need to define USE_LDAP_DN_PARSING to override usual ldap_dn2ufn and so, and PARSE_UTF8 to parse attribute values as utf-8 2001-10-26 18:10:05 +00:00
Kurt Zeilenga
f3f72c5d2a Add nul termination 2001-10-26 02:01:42 +00:00
Pierangelo Masarati
192f83540c missing leading quote 2001-10-25 18:56:06 +00:00
Kurt Zeilenga
187f190fb6 Don't pass NULL string pointers to Debug 2001-10-25 18:32:59 +00:00
Pierangelo Masarati
5b4b535617 handle lead/trail escape chars in LDAPv2/LDAPv3; change misleading name of AVA type modifier 2001-10-22 19:23:37 +00:00
Pierangelo Masarati
fefc29786c skeleton of ldap_str2nd/dn2str; works with most of the simple cases, but there's much to do with unicode, I think 2001-10-18 19:00:07 +00:00
Kurt Zeilenga
e2cca72bdc Fix ntohs/htons issues 2001-10-07 02:40:16 +00:00
Kurt Zeilenga
75c7331743 Added the easy part of NLS support, behind an #ifdef. 2001-10-04 18:06:08 +00:00
Howard Chu
693a81e1db More CLDAP tweaks, to differentiate between real LDAPv2 CLDAP and "other" 
LDAP/UDP messages. Slapd marks received CLDAP messages as LDAP_VERSION2.
The client library can generate CLDAP queries if -Protocol 2 is chosen,
otherwise not. LDAPv2 CLDAP cannot query the slapd rootDSE, gets no reply.
 2001-10-02 01:02:23 +00:00
Kurt Zeilenga
44146a1cb7 Rework DB_THREAD support. CDB support needs reimplementation. 2001-10-01 06:08:46 +00:00
Kurt Zeilenga
712295ef4b Rework getaddrinfo/inet_ntop not to segfault with ai_addr is (bogusly) NULL 2001-09-29 06:32:58 +00:00
Howard Chu
e80b5d4040 Clean up CLDAP stuff 2001-09-28 22:19:51 +00:00
Kurt Zeilenga
d397f6aa2f Fix #undef LDAP_CONNECTIONLESS builds 2001-09-28 20:09:49 +00:00
Howard Chu
647b5f84ee Resurrection/rewrite of CLDAP (RFC1798 Connectionless LDAP). 
Compile with -DLDAP_CONNECTIONLESS to use this code.
For slapd, use "-h cldap://" to listen on UDP.
For ldapsearch, use "-H cldap://" to query on UDP.
Client-side support is very minimal:
  no automatic timeout/retries
  no basedn wildcard expansion on results
  no support for specifying multiple servers at once.
 2001-09-28 00:18:40 +00:00
Kurt Zeilenga
790a18cb86 chasing multi-level referrals core dumps (ITS#1346) bug fix 
from Zachary Amsden <zach@mirapoint.com>.
 2001-09-24 18:50:44 +00:00
Kurt Zeilenga
afd665034a Add ldap_url_desc2str(). 2001-09-24 18:30:57 +00:00
Kurt Zeilenga
7a4b9e3c32 Minor cleanup 2001-09-18 17:35:47 +00:00
Howard Chu
384cbde4f5 Fix for ITS#1258 - even if we're accepting various malformed definitions, 
don't allow OIDs that are a mix of numeric and non-numeric fields.
 2001-09-18 12:21:33 +00:00
Howard Chu
84e4b860e1 Fix previous patch, didn't take handle syntax/noidlen properly 2001-09-18 12:03:20 +00:00
Howard Chu
6b9b0660c9 Fix ITS#1213, OID macro parsing in attributetypes 2001-09-18 11:30:00 +00:00
Howard Chu
e4d8a87ddc Silence some typecast warnings 2001-09-18 05:22:53 +00:00
Howard Chu
966616b274 Don't pass NULL hostname to ldap_pvt_tls_check_hostname, use "localhost" 2001-09-18 05:19:55 +00:00
Howard Chu
6a59465686 Fix declaration mismatch when CYRUS is not present 2001-09-18 00:37:56 +00:00
Kurt Zeilenga
241d6a558e Remove dead code 2001-09-09 04:47:03 +00:00
Kurt Zeilenga
553d80cedd Blindly fix TLS/SASL external interaction. 2001-09-09 03:42:26 +00:00
Kurt Zeilenga
3c844f0225 Minor cleanup of ldap_perror() 2001-09-09 03:02:54 +00:00
Kurt Zeilenga
05c9d4bfda Fix TLS ldap.conf issues 2001-09-05 21:22:41 +00:00
Howard Chu
f3501cbf50 Fix ldap_int_tls_start to set its error codes in ld->ld_errno. 2001-09-02 12:06:41 +00:00
Howard Chu
b10e0029a5 Full implementation of server identity checking per RFC2830 section 3.6 2001-09-02 11:23:28 +00:00
Kurt Zeilenga
d3cb8a357f Move Cyrus SASL initializing forward 2001-08-31 00:14:04 +00:00
Howard Chu
44a3160fec Remove redundant call of SSL_set_info_callback, to allow users 
to override it in the SSL_CTX.
 2001-08-29 20:28:08 +00:00
Kurt Zeilenga
05960887bb Fix -H ldaps:// crashes due to rework of TLS code 2001-08-27 20:22:28 +00:00
Kurt Zeilenga
16fa8c4a21 Fix bug introduced during TLS rework 2001-08-02 04:20:11 +00:00
Kurt Zeilenga
2ad03e6041 To be consistent, should assert that ld is valid. 2001-07-24 16:38:42 +00:00
Kurt Zeilenga
2b7727882d misc updates, constification, deprecation... 2001-07-23 05:00:39 +00:00
Kurt Zeilenga
978e417699 Make some additional UTF8 public 
Remove lint
 2001-07-21 23:13:04 +00:00
Pierangelo Masarati
93923d4345 honors multiple type/value in rdn when generating ufn 2001-07-11 20:16:25 +00:00
Kurt Zeilenga
f61152ccbd Check for critical client controls. 2001-07-06 03:13:42 +00:00
Kurt Zeilenga
803e84fcdd TLS doesn't need ldap_host_connected_to() 2001-06-25 21:44:41 +00:00
Kurt Zeilenga
c731288dc6 Replace ATTR_URIS with ATTR_OPTION (more general solution) 2001-06-25 21:39:14 +00:00
Kurt Zeilenga
77f776dfd1 Another round of TLS updates to support secure referral chasing 2001-06-25 19:17:42 +00:00
Kurt Zeilenga
350ffe6d15 Rework tls check 
Needs to be connection specific
 2001-06-25 18:20:14 +00:00
Kurt Zeilenga
c4f5497ac6 move TLS ctx to lconn struct in prep for supporting TLS with referrals 
need to rework cert check to use per lconn host name
 2001-06-25 07:33:42 +00:00
Kurt Zeilenga
903940014c Sync with 2.x 2001-06-23 01:25:21 +00:00
Kurt Zeilenga
4a23c08678 Fix up error handling 2001-06-22 21:01:04 +00:00
Kurt Zeilenga
55755fea2a Rebind cleanup 2001-06-15 04:49:38 +00:00
Kurt Zeilenga
11b6d1f284 Misc updates for NT4 2001-06-15 04:16:55 +00:00
Kurt Zeilenga
5f25c10980 new rebind proc 
new SASL locking
 2001-06-15 00:14:56 +00:00
Kurt Zeilenga
86acd7eb20 unifdef -ULDAP_UFN 2001-06-11 21:08:49 +00:00
Kurt Zeilenga
4edc93c807 EOL 2001-06-09 02:35:44 +00:00
Kurt Zeilenga
52067f461e Fix wrapping separators (no functional change) 2001-05-28 19:42:22 +00:00
Kurt Zeilenga
deb9644a8a Should not be using reverse lookup names to check certificates. 2001-05-19 23:07:46 +00:00
Kurt Zeilenga
7522d3fcab Add HAVE_INET_NTOP 2001-05-09 23:41:38 +00:00
Kurt Zeilenga
8684be0278 Fix logic error in param check 2001-04-12 23:05:19 +00:00
Kurt Zeilenga
66fdd720f4 Fix off by one bug 2001-04-12 23:05:02 +00:00
Kurt Zeilenga
0a8b2f1381 Trim last of CLDAP cruft 2001-03-15 03:15:15 +00:00
Kurt Zeilenga
5fe2190603 libldap/cyrus.c's ldap_pvt_sasl_install fix 
from Mei-Hui Su <mei@ISI.EDU>
 2001-03-15 03:14:34 +00:00
Kurt Zeilenga
bd4c6b84ea Bug in chkResponseList loop (ITS#1047) from David @ Novell 2001-03-15 03:11:52 +00:00
Kurt Zeilenga
12e9ed8e12 Fix memory leak 2001-02-03 01:49:12 +00:00
Kurt Zeilenga
9e8743215c Fix another typo 2001-01-22 21:25:06 +00:00
Kurt Zeilenga
1ae1061858 Fix typo 2001-01-22 20:50:07 +00:00
Kurt Zeilenga
ec87e9e30f Default objectClass kind should be STRUCTURAL 2001-01-22 08:06:48 +00:00
Kurt Zeilenga
b08f7e8bce Fix typo 2001-01-22 07:42:13 +00:00
Kurt Zeilenga
1cabc6931d Add a little whitespace for readability 2001-01-20 01:17:15 +00:00
Kurt Zeilenga
a4f4d8be59 Don't use ntohl(). 
Add min/max bufsize check
 2001-01-19 04:53:21 +00:00
Kurt Zeilenga
599a610164 Update SASL bufsize checks 2001-01-18 22:18:41 +00:00
Kurt Zeilenga
c0a06f25c2 Add ldap_pvt_tls_get_peer_dn() routine. Returns peer as an LDAP DN. 2001-01-18 00:40:58 +00:00
Kurt Zeilenga
a0828d6135 Rework scope defaulting to only default scope for references. 
Might break LDAPv2 partial results
 2001-01-10 23:48:24 +00:00
Kurt Zeilenga
1d1c1edf44 update rand file after use 2001-01-10 21:14:13 +00:00
Ben Collins
4391e6654a s/UTF8_CHARLEN/LDAP_UTF8_CHARLEN/ 2001-01-03 21:38:32 +00:00
Kurt Zeilenga
5082731e24 Add UTF-8 wc/mb conversion routines contributed by Novell. 
/******************************************************************************
 * Copyright (C) 1999, 2000 Novell, Inc. All Rights Reserved.
 *
 * THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND
 * TREATIES. USE, MODIFICATION, AND REDISTRIBUTION OF THIS WORK IS SUBJECT
 * TO VERSION 2.0.1 OF THE OPENLDAP PUBLIC LICENSE, A COPY OF WHICH IS
 * AVAILABLE AT HTTP://WWW.OPENLDAP.ORG/LICENSE.HTML OR IN THE FILE "LICENSE"
 * IN THE TOP-LEVEL DIRECTORY OF THE DISTRIBUTION. ANY USE OR EXPLOITATION
 * OF THIS WORK OTHER THAN AS AUTHORIZED IN VERSION 2.0.1 OF THE OPENLDAP
 * PUBLIC LICENSE, OR OTHER PRIOR WRITTEN CONSENT FROM NOVELL, COULD SUBJECT
 * THE PERPETRATOR TO CRIMINAL AND CIVIL LIABILITY.
 ******************************************************************************/
 2000-12-28 02:20:37 +00:00
Kurt Zeilenga
b7607bf237 ITS#884: GSSAPI interoperabity with ActiveDirectory 
Improve interoperability when of scred is present but empty.
 2000-12-27 19:42:09 +00:00
Kurt Zeilenga
d8292a62da Fix referral scope logic 2000-12-08 19:45:04 +00:00
Kurt Zeilenga
a09139465a Update URL parsing and LDAP referral/reference chasing to handle 
search scope defaulting.
 2000-11-28 19:56:55 +00:00
Kurt Zeilenga
c0f9ec5458 ITS#889 fix 2000-11-22 20:27:30 +00:00
Kurt Zeilenga
6053ed1058 ITS#903: validate hostname in server cert from Norbert Klasen 
adapted as needed.
 2000-11-22 20:23:38 +00:00
Kurt Zeilenga
5941625eb7 ITS#889: quick fix 2000-11-20 18:59:42 +00:00
Kurt Zeilenga
511a84bc31 First cut of SASL/EXTERNAL 2000-10-31 23:00:35 +00:00
Kurt Zeilenga
907cd90607 Fix UTF-8 5-octet sequences 2000-10-27 21:32:46 +00:00
Kurt Zeilenga
7b9886e909 Add LDAP URL critical extension counter support. lud_crit_exts 
is the number of critical extensions contained in lud_exts.
As we currently do not support any extension, this flag is
useful for determining whether or not we should attempt to
use the URL.  Added check of this counter to ldap_url_search
and LDAPv3 chase referrals.
 2000-10-26 06:17:14 +00:00
Kurt Zeilenga
2504f29a0c Fix IS ASCII checks. Should be < 0x80 (0100), not < 0x100. 2000-10-23 18:04:45 +00:00
Julio Sánchez Fernández
47fd4fbad3 A little bit of Matching Rule Use. 2000-10-23 12:25:43 +00:00
Kurt Zeilenga
9e7accb034 This patch replaces gai_strerror with AC_GAI_STRERROR in daemon.c and also 
uses AC_GAI_STRERROR to report getaddrinfo failures in os-ip.c
-- Stig Venass
 2000-10-19 18:05:11 +00:00
Kurt Zeilenga
9f0d190739 Add ldap_pvt_gai_strerror(). 
Calls to gai_strerror() should be replaced with calls AC_GAI_STRERROR().
 2000-10-18 17:25:30 +00:00
Kurt Zeilenga
3498151f99 Validate session handle 2000-10-18 16:32:57 +00:00
Kurt Zeilenga
ffe1320bf5 fix SOCKET_ERROR typos 2000-10-18 03:24:50 +00:00
Kurt Zeilenga
ce373d3800 Use SOCKET_ERROR instead of -1 2000-10-18 00:27:31 +00:00
Kurt Zeilenga
d491ac55de Update handling of partial responses 
Update comments
Update log messages
rename symbols per conventions
 2000-10-18 00:26:53 +00:00
Kurt Zeilenga
6442964059 Handle *lud_host == '\0' 
(likely should modify parsers and other codes to disallow such)
 2000-10-17 20:30:14 +00:00
Kurt Zeilenga
174c6abfe2 ldap_url_search should use hostport of URL. 2000-10-17 19:26:04 +00:00
Kurt Zeilenga
66818be637 Don't attempt to send abandon unless connection exists. 
If connection doesn't exist, return LDAP_SERVER_DOWN.
 2000-10-16 23:11:41 +00:00
Kurt Zeilenga
edef4b2970 ITS#821: TLS data ready fix from <mattc@chartist.com> 2000-10-16 20:26:56 +00:00
Julio Sánchez Fernández
5d899f0c00 Better processing of extensible filters. Needs testing, but the prior 
version was not encoding properly the filter.
 2000-10-15 19:17:06 +00:00
Kurt Zeilenga
3d57f2ae67 Rework control create/dup routines to distinguish not 
present value from empty value.
 2000-10-14 02:13:53 +00:00
Kurt Zeilenga
93d9fde132 Label sb debugging as "ldap_"... 2000-10-13 01:00:55 +00:00
Kurt Zeilenga
2a6f092422 Add sasl i/o debugging 2000-10-12 23:50:58 +00:00
Gary Williams
3e0cc38404 remove LDAP_Debug macro 2000-10-12 21:16:18 +00:00
Kurt Zeilenga
5a32ff0603 Add missing 'static'... (ITS#823,825,828) 
as reported by Jeff Earickson <jaearick@colby.edu>
other suggestions to be separately reviewed
 2000-10-11 23:42:53 +00:00
Kurt Zeilenga
f8e5ed25e9 Revised ITS#799 fix from Steve Sonntag <vtag@novell.com> 
The problem is that the current code checks the queue inside
 the test for correct connecction state, so sometimes the queue
 doesn't get checked. This change moves the test outside
 the connection check.
 2000-10-11 21:11:34 +00:00
Kurt Zeilenga
8e6062eb82 References with empty dn (ITS#817) 2000-10-11 04:23:23 +00:00
Kurt Zeilenga
b7b9148c7f Return more appropriate result codes than LDAP_UNAVAILABLE 
upon failures.
 2000-10-09 22:11:34 +00:00
Kurt Zeilenga
2cdbfd069b Add missing newlines 2000-10-05 18:30:06 +00:00
Kurt Zeilenga
6712936ef8 ITS#799: chasing multiple referrals bug 
Patch provided by Steve Sonntag <vtag@novell.com>
 2000-10-05 01:40:36 +00:00
Kurt Zeilenga
005a2f7aec Don't assert on null 2000-10-03 18:51:30 +00:00
Kurt Zeilenga
778b665242 Fix up some free'ing. 2000-10-02 17:43:39 +00:00
Kurt Zeilenga
003a293e2b Don't specify LDFLAGS when using LTLINK to avoid duplicate 
specfication of flags.
 2000-10-01 08:10:37 +00:00
Kurt Zeilenga
74b048a5a4 Fix ldap_first/next_attribute to return NULL without error when 
nothing is left.
 2000-09-30 06:57:23 +00:00
Kurt Zeilenga
1890b720b4 cleanup getattr bailout code 2000-09-30 05:35:44 +00:00
Kurt Zeilenga
f8d9bffb98 Don't touch (unescape) URL handed to rebind proc. 2000-09-30 02:37:05 +00:00
Kurt Zeilenga
dd733e163a ITS#791: fix SASL ctx close 2000-09-29 18:27:06 +00:00
Kurt Zeilenga
2b82d4f486 remove lint 
update bdb codes
 2000-09-22 01:40:57 +00:00
Kurt Zeilenga
90d557402b Should modify code to bail on initialization errors... 
For now, just (void) the return
 2000-09-21 19:56:04 +00:00
Mark Adamson
bf1ee530ea Implementation of SASL authorization. 2000-09-21 17:32:54 +00:00
Kurt Zeilenga
e1b73eda93 cleanup 2000-09-16 22:46:04 +00:00
Kurt Zeilenga
f42966f9e1 Fix #undef LDAP_UFN 2000-09-16 06:24:17 +00:00
Kurt Zeilenga
efe39c999f modify ldap_dn2ufn() to return completely typeless UFNs 
hide rest of UFN code behind #ifdef LDAP_UFN in preparation
for eventual removal.
 2000-09-16 04:33:52 +00:00
Kurt Zeilenga
f4f093054a overrun protection doesn't work... hmmm.... 2000-09-16 01:05:14 +00:00
Kurt Zeilenga
b611ec4b87 consistently use ber_pvt_ber_*() routines 2000-09-15 05:56:37 +00:00
Ben Collins
aaf59e2a2b don't define NEED_COPY_HOSTENT in the decleration 2000-09-15 03:33:05 +00:00
Ben Collins
621babf51d fix compiler warnings by including ac/unistd.h and only declaring copy_hostent() when we actually need to use it 2000-09-15 03:06:18 +00:00
Ben Collins
718a6bfca4 initialize Sockbuf * to NULL 2000-09-15 03:05:27 +00:00
Ben Collins
3635cbdbe1 remove unused vars 2000-09-15 03:04:46 +00:00
Ben Collins
9946e999c8 move some vars to where they are actually used to avoid compiler warnings 2000-09-15 03:04:04 +00:00
Ben Collins
81d26d3ac0 fix call to ldap_connect_to_path() 2000-09-15 03:02:57 +00:00
Ben Collins
b2866ff162 s/LDAP_PF_UNIX/LDAP_PF_LOCAL/ so that we actually declare ldap_connect_to_path(). Also fix the decleration to match the function 2000-09-15 02:55:54 +00:00
Ben Collins
5df2c83b38 remove unused var, 'dn' 2000-09-15 02:54:28 +00:00
Ben Collins
960041de8a include ac/ctype.h and initialize some variables to avoid compiler warnings 2000-09-15 02:53:55 +00:00
Kurt Zeilenga
b641615c53 Keep ldap_first/next_attribute from running past end of attributes. 
Likely other sequences need this attention.
 2000-09-15 01:16:09 +00:00
Kurt Zeilenga
b4c9287f45 Don't send optional cred if empty 2000-09-15 00:09:24 +00:00
Kurt Zeilenga
fbfe0f0ac7 Fix typo in Kbind code 2000-09-14 19:58:55 +00:00
Kurt Zeilenga
ed68c977d9 Zap LDAP_LIBUI 2000-09-14 07:22:01 +00:00
Ben Collins
5a33b7509b Fix error in if() statement (==, not =) 2000-09-13 21:47:12 +00:00
Ben Collins
07ce0a9935 s/got_max_ssf/got_min_ssf/ thinko fix when checking for minssf. In this case, minssf was never set, and would cause maxssh to be set in error 2000-09-13 21:46:11 +00:00
Randy Kunkee
ab3be5d76d Include <ac/param.h> to pick up MAXPATHLEN. 2000-09-13 07:26:55 +00:00
Kurt Zeilenga
92c55c4454 Clean up 2000-09-13 01:12:47 +00:00
Kurt Zeilenga
d554a31b58 Move ldap_pvt_tls_init call to ldap_pvt_tls_start 
Relax user-only options on TLS_RANDFILE and TLS_REQCERT
 2000-09-13 00:54:45 +00:00
Kurt Zeilenga
2c30c90876 Rework TLS code (only supports default connection) 2000-09-12 00:30:05 +00:00
Kurt Zeilenga
102a88659b ITS#717 kbind fixes 2000-09-06 21:32:45 +00:00
Kurt Zeilenga
d59a62e236 Clarify perms 2000-09-04 21:57:01 +00:00
Kurt Zeilenga
cee040a321 Bring UCdata infrastructure. 2000-09-03 23:48:35 +00:00
Kurt Zeilenga
b99299219f Fix typo 2000-09-03 19:33:26 +00:00
Kurt Zeilenga
5518aefda0 Change default to SSL_PEER_NONE (don't require peer certificate). 2000-09-01 23:24:17 +00:00
Kurt Zeilenga
57ed8f6458 Fix port defaulting 2000-09-01 23:03:17 +00:00
Kurt Zeilenga
8983f7cb8b Fix ldap_pvt_tls_start() return value check. 2000-09-01 01:04:18 +00:00
Kurt Zeilenga
3844db4404 Use example.com, not openldap.org, in examples 2000-08-25 02:17:40 +00:00
Kurt Zeilenga
a2afb207be Move ldap_start_tls_s() to tls.c 2000-08-25 02:16:15 +00:00
Kurt Zeilenga
57936dc93c Zap CLDAP 2000-08-19 00:07:30 +00:00
Kurt Zeilenga
25a9f7427d Remove CLDAP cruft 2000-08-18 04:25:00 +00:00
Howard Chu
0f8047b95e Implemented ldap_pvt_tls_get_peer() for use with SASL/EXTERNAL. 
Added ldap_pvt_tls_get_strength() - return encryption strength, for
use as a SASL session security factor.
 2000-08-16 23:27:41 +00:00
Kurt Zeilenga
2ae410bd1b Treat INADDR_LOOPBACK (as well as INADDR_ANY) as local host. 2000-08-15 02:13:00 +00:00
Kurt Zeilenga
3b03b64b77 Add char* ldap_pvt_get_fqdn(char*) which returns the FQDN of the 
input.  In input==NULL, returns FQDN of local host.
Fixed copy_hostent() uninitialized pointer bug.
Replaced gethostname calls with ldap_pvt_get_fqdn( NULL ) calls.
 2000-08-15 01:55:43 +00:00
Kurt Zeilenga
0f5a264dc3 hostbuf should be static 2000-08-15 00:58:56 +00:00
Kurt Zeilenga
f22250baaa Fix a minor leak. 2000-08-14 18:39:43 +00:00
Kurt Zeilenga
b33f8b75d3 ITS#647 from Paul R. Turgyan <pturgyan@umich.edu> 
When calling ldap_search looking for "supportedSASLMechanisms",
a NULL string should be passed to ldap_search and not a NULL pointer.
 2000-08-06 05:25:10 +00:00
Kurt Zeilenga
5b856458a2 s/SAFEMEMCPY/AC_MEMCPY/ 
Use AC_FMEMCPY where appropriate (-llber)
 2000-07-28 01:07:07 +00:00
Kurt Zeilenga
a50f391bb3 Working SASL security layers! 2000-07-28 00:04:07 +00:00
Kurt Zeilenga
33fb0e055b From: vtag@novell.com 
Subject: Bug in ldap_parse_result function (ITS#643)

If a user is using ldap result to obtain search results one message
at a time and calls ldap_parse_result on one of those messages, i.e.
the message chain does not have an LDAP_RES_SEARCH_RESULT message
in the chain, ldap_parse_result returns a LDAP_DECODING_ERROR
instead of LDAP_NO_RESULTS_RETURNED.
 2000-07-27 23:44:44 +00:00
Kurt Zeilenga
ecbb4e55b1 Expose ldap_create_control 
Conform schema routines to ldap naming conventions
 2000-07-22 17:29:54 +00:00
Kurt Zeilenga
b800a28c1e Plug leak of syn_names 2000-07-21 02:23:27 +00:00
Kurt Zeilenga
804100b431 Fix sasl end game processing. 2000-07-20 18:39:40 +00:00
Kurt Zeilenga
5c10406b9e Fix up SASL interact error checking 2000-07-19 22:53:22 +00:00
Randy Kunkee
f42e510e03 Fix prototype for dummy ldap_int_sasl_bind. 2000-07-19 07:44:06 +00:00
Kurt Zeilenga
9fb680d527 Fix SASL automatic/quiet modes... 2000-07-17 21:36:30 +00:00
Kurt Zeilenga
6393523ffa Expose sasl flags to -lldap (so they can be quiet) 
Fix interactive and automatic modes.  Quiet needs work.
 2000-07-17 21:23:59 +00:00
Kurt Zeilenga
95eea5accc First cut SASL "interactive" and "quiet" modes (default is "automatic") 2000-07-17 00:56:29 +00:00
Kurt Zeilenga
d2b05a3858 Rework SASL command line arguments. Default is now to authenticate 
using best available mechanism.  (authzid prompting to be disabled)
To use simple bind, -x is required (implied if -P 2) with -D/-[Ww]
To use simple "anonymous" bind, just -x will do.
 2000-07-15 23:25:46 +00:00
Kurt Zeilenga
bab26b3142 Move some noise about 2000-07-15 01:28:16 +00:00
Kurt Zeilenga
c8ca70f3ae Fix callbacks. 2000-07-14 22:00:16 +00:00
Kurt Zeilenga
36fb2d9d78 rework SASL callbacks 2000-07-14 20:56:30 +00:00
Kurt Zeilenga
95df143c33 *ssf > 1 should be *ssf > 0 2000-07-14 04:35:13 +00:00
Kurt Zeilenga
a42351c40f Fix an interaction error on multiple step binds. 
Add additional notices.  Likely need to add a quiet mode.
 2000-07-14 00:54:08 +00:00
Kurt Zeilenga
85c2a7a2a8 Update NT build to include recently added SASL sources. 2000-07-13 23:43:24 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session. 
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
 2000-07-13 22:54:38 +00:00
Kurt Zeilenga
1f1993989a s/enable-unix/enable-local/ 
s/LDAP_PF_UNIX/LDAP_PF_LOCAL/
s/AF_UNIX/AF_LOCAL/
s/PF_UNIX/PF_LOCAL/
 2000-07-09 21:49:36 +00:00
Kurt Zeilenga
fe23628faa ITS#619: TLS PRNG initialization code 
based upon patch provided by Ted C. Cheng <cheng@ix.netcom.com>
 2000-07-08 22:17:50 +00:00
Kurt Zeilenga
4f4f59f333 Rework <ac/errno.h> to provide a STRERROR. Prefers errlist over 
strerror() as strerror() may not be thread safe.  Likely should
be used by SLAPD.
 2000-07-06 01:24:52 +00:00
Kurt Zeilenga
20e6dcec3b Improved but still broken client tools. 2000-07-04 21:49:00 +00:00
Kurt Zeilenga
9d1e2ef7e2 Rename local variable 'sun' to 'sa' to avoid clash on Sun computers... 2000-07-04 17:57:21 +00:00
Kurt Zeilenga
8917a2d772 Remove ldap_*_dn() prototypes of #if 0 routines 2000-06-30 22:31:21 +00:00
Kurt Zeilenga
49d73e12a7 Avoid locale specific ctype routines. 2000-06-29 19:38:03 +00:00
Kurt Zeilenga
5d552f6051 Minor cleanup 2000-06-26 01:26:53 +00:00
Kurt Zeilenga
5d281b968d Disallow kbind over LDAPv3 2000-06-26 01:25:36 +00:00
Kurt Zeilenga
e2fa599482 Move old files to the Attic 2000-06-25 22:01:42 +00:00
Kurt Zeilenga
5f20cf1ed5 Modify ldapsearch(1) significantly. Now handles LDAPv3 search 
references, extended results, and extended partial results.  LDIF
extended to support these new features and reported version 2.
-L now limits output to LDIFv1 for compatibility reasons.  No
-L is now LDIFv2.  Old alternative form is no longer supported.

Use LDAP_TMPDIR (in ldap_config.h) instead of hardcoded /tmp
Use LDAP_FILE_URI_PREFIX (in ldap_config.h) instead of hardcoded
	file://tmp/
 2000-06-25 00:35:17 +00:00
Kurt Zeilenga
49f4147385 Added -llber 'N' ber_printf format which inserts a NULL if 
an internal flag set.  Used for SEQUENCE testing.  Flag must
be set using debugger.  Modified ber_printf to use new format
were needed for extensibility testing.

Added first cut -lldap support for extended responses.
Modified ldapsearch(1) to handle v3 search references when not
chasing.  Also added extended/unsolicited notification handling
and extended partial response handling.  Changes include a
number of LDIF enhancements.

Fixed getpassphrase() returns NULL bugs
 2000-06-24 01:40:39 +00:00
Kurt Zeilenga
9ef1a740c2 Round one of LDAP_F() macro changes. In this round we rename 
macros into our namespace and limit use to headers.  A subsequent
round will add macros to separately handle forward declarations
of variables from declaration of function prototypes.  The last
round will add additional macros for declaring actual variables and
functions.
 2000-06-18 19:48:07 +00:00
Kurt Zeilenga
ccbd048fb2 Use URI, not HOST 2000-06-18 19:35:52 +00:00
Kurt Zeilenga
8da110a9e7 Extern URI code to support literal IPv6 addresses 
Copyright 2000 Stig Venaas, UNINETT
All rights reserved.

Redistribution and use in source and binary forms are permitted
without restriction or fee of any kind as long as this notice is
preserved. The name of UNINETT may not be used to endorse or promote
products derived from this software without specific prior written
permission. This software is provided ``as is'' without express or
implied warranty.
 2000-06-18 15:54:21 +00:00
Kurt Zeilenga
ddcb56546d Fix mod_values v mod_bvalues typo 2000-06-16 20:39:13 +00:00
Kurt Zeilenga
ae61f3dcaf Memory leak in referral code (ITS#596) 
Apply patch from Steve Sonntag <vtag@novell.com>
 2000-06-16 20:00:21 +00:00
Kurt Zeilenga
0c484042a0 Fix typo in last commit 2000-06-16 19:40:49 +00:00
Kurt Zeilenga
ac659e20d3 Add 1st libldap IPv6 patch (ITS#594) from Stig Venass. 
Copyright 2000 Stig Venaas, UNINETT
All rights reserved.

Redistribution and use in source and binary forms are permitted
without restriction or fee of any kind as long as this notice is
preserved. The name of UNINETT may not be used to endorse or promote
products derived from this software without specific prior written
permission. This software is provided ``as is'' without express or
implied warranty.
 2000-06-16 19:15:08 +00:00
Kurt Zeilenga
5417fdfea7 Rename ldap_start_tls() to ldap_start_tls_s() for consistency sake. 
Misc other header changes.
 2000-06-13 20:45:30 +00:00
Kurt Zeilenga
8665618210 Fix Novell URL kludge 2000-06-13 05:50:23 +00:00
Kurt Zeilenga
a56c161bdb Misc code cleanup. 2000-06-10 22:39:30 +00:00
Kurt Zeilenga
77df7c6098 Add ldap_unbind_ext_s 2000-06-10 17:29:10 +00:00
Kurt Zeilenga
89d7b86178 Add sort/vlv controls 2000-06-10 17:28:09 +00:00
Kurt Zeilenga
55dba4395f Update PF_INET6 and PF_UNIX detection, both default to auto 2000-06-09 23:09:51 +00:00
Mark Valence
f5101f8274 Fix operator precedence bug. 2000-06-09 06:48:43 +00:00
Mark Valence
0715e29ae5 Fix uninitialized var bug. 2000-06-09 06:45:14 +00:00
Kurt Zeilenga
77b235fba5 Apply Novell's IN_KERNEL support (ITS#576) 2000-06-08 17:11:57 +00:00
Kurt Zeilenga
0eb19657fa Add missing -DNO_THREADS trylock and make minor change to TLS 
in attempt to get it work with GNU PTH.
 2000-06-07 23:58:16 +00:00
Kurt Zeilenga
c6e4ad6c12 Add VLV/Sort controls (from Novell) 2000-06-07 23:43:56 +00:00
Kurt Zeilenga
22b8b60e49 Add VLV and SortList Control API and related (and other) I-Ds 2000-06-07 19:39:49 +00:00
Kurt Zeilenga
6ad1c45bd3 Use LDAP_VFREE and friends. Other misc code cleanup. 2000-06-07 05:17:29 +00:00
Kurt Zeilenga
e5ebc553ac Rework URI parser to provide true scheme not proto/properties. 
Plus more pthread rwlock code
 2000-06-07 01:09:40 +00:00
Kurt Zeilenga
c1002301d5 Don't include files moved to attic 2000-06-06 02:12:58 +00:00
Kurt Zeilenga
252ccfddbc (very) incomplete Digest-MD5 impl to Attic (until someone steps up 
to the plate)
 2000-06-06 00:27:49 +00:00
Kurt Zeilenga
7573a81efe getbyname/getbyaddr should share mutex per ITS#563. 
Patch provided by Steve @ Novell, thanks!
 2000-06-06 00:23:50 +00:00
Kurt Zeilenga
1af849c720 DNSSRV use res_query, not res_search 
Update configure and depend --enable-dnssrv upon finding res_query
Update back-dnssrv to better handle ManageDSAit control
 2000-06-05 23:56:26 +00:00
Kurt Zeilenga
1aa4b07c98 Remove support for DNS DNs (not to be confused with X.500 DN using 
domainComponents (DC)).
 2000-06-05 20:07:02 +00:00
Kurt Zeilenga
c1117666b1 remove old STR_TRANSLATION feature. The use of this feature 
was only of limited use with LDAPv2 (worked okay if no non-T.61
values existed) but downright dangerous in the face of LDAPv3.
Any translation must be schema aware and the BER isn't.
 2000-06-05 19:22:19 +00:00
Kurt Zeilenga
921d24cf3a Fix up makefiles after removal of getdxname.c 2000-06-05 07:48:57 +00:00
Kurt Zeilenga
7dc76e7139 move --enable-dns (LDAP_API_FEATURE_X_OPENLDAP_V2_DNS) to Attic 2000-06-05 07:19:09 +00:00
Kurt Zeilenga
ea069cb7c2 New indexer/filter codes (test suite works) with cheats 
Updated NT Project files (with Cyrus SASL library depend)
 2000-06-04 22:59:38 +00:00
Kurt Zeilenga
743598b3d0 This is a one-liner Steve missed in the referral patch. Make sure the 
ldo_rebindproc value has a sane value.
 2000-06-02 23:51:31 +00:00
Kurt Zeilenga
c23536faa9 remove lint 2000-06-01 22:01:00 +00:00
Kurt Zeilenga
2e0912622b ITS#537: lber io rewrite from Gambor Gombas. 
Copyright 2000 Gábor Gombás. All rights reserved.
This is free software. You may redistribute and use it under the same
terms as OpenLDAP itself.
 2000-06-01 20:59:21 +00:00
Kurt Zeilenga
81d2747247 A couple of minor fixes to LDAPv3 referral chasing 2000-05-31 17:47:33 +00:00
Kurt Zeilenga
a26cef7fc8 LDAPv3 referrals changes by Steve Sonntag @ Novell 2000-05-31 17:34:43 +00:00
Kurt Zeilenga
b66567f1f8 Minor fix to last commit 2000-05-30 19:07:07 +00:00
Kurt Zeilenga
875610cfcc Referral hack 2000-05-30 18:32:10 +00:00
Kurt Zeilenga
a43ef5bac4 Preset error just in case 2000-05-29 19:47:48 +00:00
Julio Sánchez Fernández
3e3acf87c8 Let the caller decide how liberal the schema parsing routines will be. 
Most flags do nothing yet.
 2000-05-28 22:45:56 +00:00
Kurt Zeilenga
1bc5314d62 Fix DNSSRV initialization bug 2000-05-26 18:05:27 +00:00
Kurt Zeilenga
63de8a6ea5 s/0/LDAP_MSG_ONE/ per Steve's patch (ITS#542) 2000-05-26 01:11:18 +00:00
Kurt Zeilenga
51fb094701 ITS#541: fix log check bug 2000-05-23 00:32:50 +00:00
Julio Sánchez Fernández
001061daf9 Added extensions to syntaxes, matching rules and object classes. 2000-05-22 10:43:01 +00:00
Kurt Zeilenga
bcf8f7eeb7 Remove lint 2000-05-22 06:19:49 +00:00
Julio Sánchez Fernández
f84c43a43b Parsing and printing of extensions in schema definitions. 2000-05-21 23:32:39 +00:00
Kurt Zeilenga
6c49fe7d1b Fix typo in last commit 2000-05-16 18:32:45 +00:00
Kurt Zeilenga
88411f5c27 Modify dn2domain code such that domains produced are rooted. 
That is, they end with '.'.
 2000-05-16 18:31:35 +00:00
Kurt Zeilenga
4e5992c190 Fix unsigned * vs unsigned long * bugs 2000-05-16 04:52:37 +00:00
Kurt Zeilenga
29d9fa20a2 Y2k copyright update 2000-05-13 02:36:07 +00:00
Kurt Zeilenga
8c15a05b2e Make sure we don't overallocate callbacks 2000-05-12 19:41:18 +00:00
Howard Chu
878466d375 Fix previous patch, zero out lud_next on new urldesc 2000-05-12 10:48:27 +00:00
Howard Chu
7d402a5562 Fix ldaps / TLS processing... 
open.c: open_ldap_connection was not honoring the TLS config option.
  url.c: ldap_url_dup was not copying the properties.
 2000-05-12 10:43:20 +00:00
Howard Chu
36eddf715a Exit loop after matching command is found in openldap_ldap_init_w_conf 2000-05-12 10:40:29 +00:00
Kurt Zeilenga
643864c569 Change negotiated mechanism: 
If application provide one, use it.  If application doesn't
	provide one, use best of server advertised.
Fix SASL/ANONYMOUS (not normally used, but should work)
PLAIN is not currently working... might be local to me as my
Cyrus installation is a bit hosted.
 2000-05-11 20:16:26 +00:00
Howard Chu
b0faccce56 Added debuglevel parameter to ldap_int_initialize(). 2000-05-11 09:48:40 +00:00
Howard Chu
d706765e56 Fix error detection for NT 2000-05-11 09:47:55 +00:00
Howard Chu
dddf399090 Fix dynamic link dependencies for NT and Unix 2000-05-11 09:47:15 +00:00
Kurt Zeilenga
0d6e1a4cbe Fix cred passing. 2000-05-11 01:40:02 +00:00
Kurt Zeilenga
f9411ca154 Fix another bug... seems to be working... ldap://root.openldap.org/ 2000-05-11 01:12:48 +00:00
Kurt Zeilenga
560fe7ade0 Fix == typo 2000-05-11 00:50:14 +00:00
Kurt Zeilenga
fbb58dec53 Fix minor bugs... 2000-05-10 22:21:57 +00:00
Kurt Zeilenga
e87e01b9c5 DNS SRV meat (a work in progress) 2000-05-10 21:48:18 +00:00
Howard Chu
7a586d4e49 Add ld parameter to ldap_pvt_tls_start invocations. See tls.c... 2000-05-10 21:02:46 +00:00
Howard Chu
f0c4f83ea2 libldap/tls.c: change tls_verify_cb to no longer ignore verification errors. 
This means a ldaps connection may drop before any LDAP protocol exchange
occurs (due to expired cert, unrecognized CAs, etc.).
  Change ldap_pvt_tls_connect to copy any TLS error string to ld_error upon
connection failure, otherwise client just sees "can't contact LDAP server."

slapd/connection.c: add flush/delay when SSL_accept fails, to allow any
TLS alerts we generated to propagate back to the client. (Which will then
be picked up by ldap_pvt_tls_connect on the client...)
 2000-05-10 17:07:09 +00:00
Kurt Zeilenga
d0555fffe6 Error handling changes including separation of client v. server 
SASL to LDAP translation.  plus comments and other minor changes
 2000-05-03 18:59:58 +00:00
Kurt Zeilenga
014afae269 setting UFN prefix to NULL should clear prefix not cause crash. 2000-05-03 10:45:36 +00:00
Kurt Zeilenga
95092681dd Clarify error string, add comment 2000-04-26 09:17:54 +00:00
Kurt Zeilenga
5043287a4c Fix NULL filter bug 2000-04-25 13:52:44 +00:00
Kurt Zeilenga
1973c664cc Fix NULL pointer deref bugs 2000-04-25 10:43:15 +00:00
Kurt Zeilenga
274bf59441 replace ldap_dnssrv_init() with lower level calls 
ldap_domain2dn()
    ldap_domain2hostlist()
and provide prototype to soon-to-be-implemented
    ldap_dn2domain().
ldap_dnssrv_init(), if needed, can easily be implemented
using ldap_create(), ldap_set_option() and the above
commands.
 2000-04-25 10:38:03 +00:00
Kurt Zeilenga
c02d7e2cb6 ITS#503: Extend ldap tools to support SASL/TLS 
Submitted by Gabor Gombas <gombasg@inf.elte.hu>
 2000-04-20 09:23:51 +00:00
Kurt Zeilenga
21431725fc fix = vs == bug 2000-04-12 01:06:58 +00:00
Kurt Zeilenga
870dbca576 objectclass=* -> NULL 2000-04-12 01:00:48 +00:00
Kurt Zeilenga
4035b05232 ITS#441: unhex escape referrals. Needs review before being 
applied to RE 1.2.
 2000-03-20 22:00:16 +00:00
Kurt Zeilenga
1a348f9fbe Return okay after setting LDAP_OPT_X_TLS_CERT (ITS#447) 2000-03-18 23:55:51 +00:00
Kurt Zeilenga
535cc1dbbc Add missing ; 2000-03-14 04:27:00 +00:00
Kurt Zeilenga
72c6446ef6 Mark statically allocated BerElement as valid. 2000-03-14 04:25:49 +00:00
Kurt Zeilenga
117b6a91d0 More fixes and comments 2000-03-14 04:08:12 +00:00
Kurt Zeilenga
c43fec53f5 Cyrus SASL uses screwy terms. 2000-03-14 03:08:46 +00:00
Kurt Zeilenga
5701fec1b5 correct callback numbering 2000-03-14 02:59:53 +00:00
Kurt Zeilenga
17527368d1 work args of ldap_negotiated_sasl_bind_s() and provide examples 
with authentication id and authorization ids.  Note: this routine
doesn't actually negotiate anything.  It likely should be renamed
ldap_sasl_auth_s() or ldap_sasl_bind_multistep() or something.
 2000-03-14 02:54:08 +00:00
Kurt Zeilenga
db662b516f Fix NT builds and remove lint 2000-03-13 19:30:14 +00:00
Julio Sánchez Fernández
50dafec453 Fixed an irritating problem with nss_ldap and pam_ldap. Since these 
modules are dynamically loaded, they summon libldap when needed.
However, depending on the security libraries available when the
shared libldap was built, the latter brings up other dependencies.
On some platforms, it seems that no solution is available: no
indirect dynamic dependencies.  But for some platforms where this
is supported (in particular, Linux), the shared libldap must
contain info on what other dynamic libraries it needs.  We were
failing to put this info into the shared library.  This patch
seems to fix it.
 2000-03-13 17:55:41 +00:00
Julio Sánchez Fernández
b9fb4c442c Useronly logic was inverted, we were ignoring the whole ldap.conf, 
except where we should.
 2000-03-13 12:31:35 +00:00
Kurt Zeilenga
6e5d2eea4e Add missing parens so that last commit behaves as desired. 2000-03-10 18:16:22 +00:00
Kurt Zeilenga
5b5b43a9e0 ITS#471: fix handling of delete referrals. 2000-03-08 18:56:22 +00:00
Kurt Zeilenga
655c0bda41 Ignore space in filter: ( !(foo=bar)) 2000-02-21 20:57:48 +00:00
Kurt Zeilenga
6cb60f381a Eliminate second session protocol version field. 2000-02-18 19:57:38 +00:00
Kurt Zeilenga
b8c8f6ef6f Fix ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, &v ) as 
suggested by Steve Sonntag.
 2000-02-16 22:59:15 +00:00
Kurt Zeilenga
0dbaf87730 Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT 
plus these changes unhidden changes:
	remove now meaning --enable-discreteaci configure option
	fix ITS#451, slapd filters
	Add ber_bvecadd() to support above
	constify ldap_pvt_find_wildcard() and misc slapd routines
	renamed some slap.h macros
	likely broken something
 2000-02-14 20:57:34 +00:00
Kurt Zeilenga
d0d80a633a Put *free(NULL) asserts behind LDAP_MEMORY_DEBUG 2000-02-11 21:11:44 +00:00
Kurt Zeilenga
2549654bb5 Add comment about leaked on exit values.... we likely should 
implement an at_exit() handler.
 2000-02-02 21:26:36 +00:00
Luke Howard
30522f7437 Changed (!strcmp(...)==0) to (strcmp(...)==0); obviously 
wrong. Fix from adamson@andrew.cmu.edu.
 2000-02-01 23:34:16 +00:00
Kurt Zeilenga
0919e503cd Use LDAP_CONST, not const, in public function declarations. 2000-02-01 01:11:26 +00:00
Kurt Zeilenga
4eb13130a9 typedef ber_int_t ldap_ucs4_t 2000-01-27 01:04:17 +00:00
Kurt Zeilenga
f3cb97e973 Add utf-8 to MSVC projects and remove lint. 2000-01-25 20:22:17 +00:00
Kurt Zeilenga
ed9969b1c4 Make ldap_utf8_bytes() act like strlen() not sizeof() 2000-01-23 23:33:01 +00:00
Kurt Zeilenga
42cc5e5333 Fix bugs in UTF-8 code. Apply to getdn and charray. 2000-01-23 23:07:24 +00:00
Kurt Zeilenga
61b509d881 Add some robustness to UTF-8 routines. 2000-01-23 18:43:30 +00:00
Kurt Zeilenga
16c903909c Add comments to UTF-8 declarations. 
Add US ASCII optimizations macros.
#ifdef out unused routines
Ready to hack getdn.c and others to support UTF-8
 2000-01-23 05:35:38 +00:00
Kurt Zeilenga
4e0964e8b4 Add comments. 2000-01-23 02:39:55 +00:00
Kurt Zeilenga
22ba55371e Move ldap_utf8_*() declarations from ldap-int.h to ldap_pvt.h. 
We may likely want to expose the routines at a later date (ldap_utf8.h?).
 2000-01-22 21:09:24 +00:00
Kurt Zeilenga
aa934d0666 We'll need ldap_utf8_strpbrk() as well. 2000-01-22 21:03:21 +00:00
Kurt Zeilenga
4e3c4d8c6d Add initial (untested) implementations of ldap_utf8_strtok, 
ldap_utf8_strcspn, ldap_utf8_strtok.
 2000-01-22 20:55:43 +00:00
Kurt Zeilenga
3eca68a5d2 Add additional UTF-8 routines 2000-01-22 18:48:37 +00:00
Kurt Zeilenga
14210f5e34 Fix charlen and add getc 2000-01-22 03:40:54 +00:00
Kurt Zeilenga
23afcd5c6e Initial UTF-8 routines. 2000-01-22 01:55:34 +00:00
Luke Howard
6a06fb7fba In ldap_pvt_sasl_init() treat subsequent invocations as no-ops, not error. 2000-01-16 01:29:15 +00:00
Howard Chu
80f85e972d In ldap_pvt_tls_init() treat subsequent invocations as no-ops, not error. 
In tls_verify_cb() use CRYPTO_free instead of free (necessary on NT due to
use of different heaps).
Changed update_flags to use SSL_get_error() to check success/status. This
fixes the problem of sb->sb_trans_needs_read getting set on dead sockets.
 2000-01-15 19:03:16 +00:00
Kurt Zeilenga
9ac0eab126 remove UNSPECIFIED_TLS... HOST implies ldap:// 2000-01-14 01:08:15 +00:00
Kurt Zeilenga
6437785a82 Initial implementation of Kerberos password verification for 
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
 2000-01-08 18:42:11 +00:00
Luke Howard
5a0bbd7eed Imported <ldap.h> in <ldap_pvt.h> so ldap_pvt_sasl_bind() has necessary 
types. Changed const sasl_callback_t * to LDAP_CONST sasl_callback_t *.
 2000-01-05 12:56:17 +00:00
Luke Howard
a466a64318 Added support for connecting to LDAP servers located using DNS 
SRV records. Added lock around resolver library which is shared
by the DNS SRV code and the getdxbyname() code.
 2000-01-03 02:33:22 +00:00
Luke Howard
57b62dc7d4 Added ldap_pvt_sasl_bind() prototype to ldap_pvt.h. This 
required importing sasl.h into ldap_pvt.h, thus that import
was removed from ldap-int.h.
 2000-01-03 00:15:30 +00:00
Luke Howard
736b8d0a24 Braced ldap_connect_to_path() in #ifdef LDAP_PF_LOCAL so as to compile 
without PF_LOCAL support.
 2000-01-02 01:56:01 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library; 
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
 2000-01-02 01:21:25 +00:00
Howard Chu
d92d403a76 NT requires $(SECURITY_LIBS) at link time. 1999-12-26 00:11:14 +00:00
Kurt Zeilenga
ab7c490960 Add BINDDN user-only directive to .ldaprc 
Used only for simple bind when dn == NULL and password != NULL.
 1999-12-17 03:27:16 +00:00
Kurt Zeilenga
30ffb54064 ITS#399: timelimit/timeout handling 
ITS#400: LDAP_TIMEOUT handling
 1999-12-16 00:41:18 +00:00
Kurt Zeilenga
096dcdc580 Add support for useronly configuration attributes. 1999-12-14 02:26:37 +00:00
Kurt Zeilenga
d331d4c1f3 Remove lint. 1999-12-12 05:07:17 +00:00
Kurt Zeilenga
18fad04e69 Fix == != typo 1999-12-12 05:02:03 +00:00
Kurt Zeilenga
c1a31ac9a2 Fix decoding of sasl bind and extended operation responses. 1999-12-12 03:16:46 +00:00
Mark Valence
7ee49bc676 Fix mem leak in ldap_start_tls(), treat empty host name as localhost when opening a connection. 1999-12-11 03:50:33 +00:00
Mark Valence
c0faf75a90 Unescape host:port when parsing a host list. 1999-12-11 03:46:07 +00:00
Mark Valence
a76c9f18a9 Start TLS extension: check that TLS was inited successfully, return default referral on failure as appropriate. 1999-12-10 19:18:33 +00:00
Mark Valence
e0e7e9842e client/server controls added to ldap_start_tls(). 1999-12-10 18:26:12 +00:00
Mark Valence
268dd9beaf Condition ldap_start_tls on HAVE_TLS. 1999-12-10 17:18:59 +00:00
Kurt Zeilenga
431dad371c Fix slapd SASL/ExternalOps encoding 
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
 1999-12-10 04:52:32 +00:00
Mark Valence
454284f1ea Adds for Start TLS functionality on slapd and LDAP C API. 1999-12-09 22:33:22 +00:00
Mark Valence
ccb9e1e9e3 Changed URL to URI for conf/env setting. 1999-12-09 22:17:08 +00:00
Howard Chu
6a26e68a02 Backout fix in r1.38 1999-12-08 23:50:59 +00:00
Howard Chu
3c5848a71e Fix ldap_chase_referrals to treat "ldap://host/" referrals the same as 
"ldap://host".
 1999-12-08 21:37:55 +00:00