upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-24 00:29:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
24355 commits 38 branches 309 tags 68 MiB
Commit graph

24355 commits

This branch
This branch
All branches
Author SHA1 Message Date
Howard Chu
aa31963e44 ITS#10231 slapadd: check for NULL suffix in error message 2024-06-18 17:14:12 +01:00
Howard Chu
f1b921783b ITS#10230 slapo-memberof: fix addcheck search to omit dynamic values 2024-06-17 21:40:48 +01:00
Nadezhda Ivanova
0f521e636b ITS#10227 Asyncmeta will not reset a connection if a bind operation fails with LDAP_OTHER, leaving the connection in invalid state 2024-06-13 21:23:27 +00:00
Nadezhda Ivanova
6b4b68b13a ITS#10219 Modify of olcDisabled by removing and adding a value invokes db_open twice 
Do not invoke db_open if the database is not actually disabled
 2024-06-13 18:41:25 +00:00
Nadezhda Ivanova
5740d1747d ITS#10218 Disabling and re-enabling an asyncmeta database via cn=config leaks memory 
Make sure asyncmeta frees the pending operations structures, resets all connections, frees connection structures and stops the timeout-loop.
 2024-06-13 17:38:06 +00:00
Quanah Gibson-Mount
f0ab743db4 ITS#9827 - Use 7MB memory/5 iterations as default 
This has the same protections as 19MB/2 iterations, but requires less system memory
 2024-06-11 17:06:33 +00:00
Howard Chu
1fc09713b1 ITS#10224 libldap: check for OpenSSL EVP_Digest* failure 2024-06-07 15:34:23 +01:00
Howard Chu
4dfe057b58 ITS#10223 libldap: check for OpenSSL SSL_CTX_set_ciphersuites failure 2024-06-07 15:34:01 +01:00
Quanah Gibson-Mount
15edb3b30f Merge remote-tracking branch 'origin/mdb.RE/0.9' 2024-05-21 17:16:40 +00:00
Quanah Gibson-Mount
3a29a24777 Prep for release 2024-05-21 17:16:06 +00:00
Howard Chu
4d53ae28cf ITS#10216 libldap: fix OpenSSL channel binding digest 
The OBJ_find_ API is undocumented but this is what OpenSSL libcrypto does itself.
 2024-05-16 16:01:39 +01:00
Howard Chu
283b994104 ITS#10209 libldap: only use OPENSSL_INIT_NO_ATEXIT if it's defined 
Fake OpenSSL clones like LibreSSL don't support it.

In general we will make no effort to support fake OpenSSL clones.
 2024-05-09 17:19:15 +00:00
Quanah Gibson-Mount
2d4f87d972 ITS#10214 - Regenerate configure 2024-05-09 17:08:12 +00:00
HAMANO Tsukasa
995a2d45bc refactoring 
- remove __attribute__ destructor
- use sendto instead of connect/write
 2024-05-09 08:26:41 +09:00
HAMANO Tsukasa
c14e3329c0 ITS#10214 Reduce library dependencies 
Currently, slapd links libsystemd to notify service state to systemd.
However, libsystemd link several unnecessary libraries, which increases security risks.
The systemd documentation provides a method to send state notifications to systemd using a simple protocol without the need to link against libsystemd.

https://www.freedesktop.org/software/systemd/man/devel/sd_notify.html
 2024-05-08 09:50:10 +09:00
Quanah Gibson-Mount
2606b60c7a Merge remote-tracking branch 'origin/mdb.RE/0.9' 2024-05-07 17:29:31 +00:00
Quanah Gibson-Mount
f0fddaa6fe Merge remote-tracking branch 'origin/mdb.RE/0.9' 2024-05-07 17:29:20 +00:00
Quanah Gibson-Mount
7c99799729 ITS#10212 2024-05-07 16:49:34 +00:00
Quanah Gibson-Mount
ccbec37209 ITS#10198 2024-05-07 16:49:00 +00:00
Howard Chu
d83d6b4ebe ITS#10212 LMDB: better fix 2024-05-03 20:44:48 +01:00
Nick Porter
bf01750381 ITS#10211 slapd: Fix peercred uid and gid format 
uid and gid are unsigned int and so should be formatted as such when
creating the authid string.
 2024-05-03 20:28:36 +01:00
Ryan Tandy
e3ceced146 ITS#10206 Include <kadm5/private.h> for kadm5_s_init_with_password_ctx 2024-05-03 18:36:23 +00:00
Howard Chu
37829ce493 ITS#10212 LMDB: init txnid for read-only DBs 2024-05-02 16:33:14 +01:00
Quanah Gibson-Mount
a950b03f1d ITS#10207 - regenerate configure 2024-05-01 16:23:20 +00:00
Howard Chu
a5900cb79f ITS#10207 configure.ac: fix typo from ITS#10177 2024-05-01 15:11:43 +01:00
Howard Chu
6d5400a2c7 ITS#10204 slapo-constraint: fix double-free on invalid attr 2024-04-30 15:55:01 +01:00
Nadezhda Ivanova
bd6dc46ad0 ITS#10197 Back-meta and back-asyncmeta add a new target structure and increase the number of targets even if uri parsing fails 
Reproducible when adding a new target via cn=config
 2024-04-29 19:23:35 +00:00
Howard Chu
01a1c1293b ITS#10183 ldapmodify: add jump to lineno option 2024-04-22 15:08:48 +00:00
Quanah Gibson-Mount
a979b396d1 ITS#10202 - Regenerate configure 2024-04-12 21:29:11 +00:00
Nadezhda Ivanova
0402dd1fcc ITS#10202 slapd fails to start if compiled with --enable-overlays=yes 2024-04-12 15:53:04 +03:00
Nadezhda Ivanova
729a604192 ITS#10193 Asyncmeta starts more than one timeout loop per database and slaptest crashes 2024-04-11 15:26:15 +03:00
Quanah Gibson-Mount
3b6e772c66 ITS#10163, ITS#10201 - Regenerate configure 2024-04-06 23:37:14 +00:00
Howard Chu
a7007b7f64 ITS#10163 More configure munging 
Streamline configuration of slapd modules. Just use the
appropriate OL_ARG_ENABLE_xx, then almost no other edits
will be needed in configure.ac when adding new modules.

Backends will still have to add their Makefile to the
AC_CONFIG_FILES() list.
 2024-04-05 15:42:04 +00:00
Howard Chu
d3ae7c36e5 ITS#10198 Win32 mdb_strerror - stop passing "ignored" parameter 
The M$ docs say the parameter is ignored, but it actually isn't,
and will cause a SEGV if the pointed memory isn't an init'd va_list.
 2024-04-04 07:17:35 +01:00
Quanah Gibson-Mount
073232bbc7 Happy New Year! 2024-03-26 19:45:07 +00:00
Quanah Gibson-Mount
7077d5e601 ITS#9037 2024-03-26 16:25:55 +00:00
Quanah Gibson-Mount
f186e4d934 ITS#10189 - Remove extraneous #endif 2024-03-26 16:23:20 +00:00
Howard Chu
83dc42c5ca ITS#9037 mdb_page_search: fix error code when DBI record is missing 
Use the more relevant MDB_BAD_DBI instead of MDB_NOTFOUND error code
 2024-03-26 14:52:42 +00:00
Howard Chu
ddd42a2af3 ITS#10161 Add nestgroup overlay 2024-03-21 17:12:53 +00:00
Howard Chu
e62c5d80b1 ITS#10188 autogroup: allow groups to be members of other groups 
But doesn't support recursion - modifications on one autogroup
will not trigger further updates on other autogroups that reference it.
 2024-03-20 14:23:52 +00:00
Howard Chu
cb399d6379 ITS#10188 autogroup: cleanup autogroup_response 
Minor restructuring
 2024-03-19 17:36:56 +00:00
Howard Chu
c932ad19f0 ITS#10185 autogroup: fix missing mutex_unlock 
Broken in 95e7a7be16
 2024-03-19 17:17:26 +00:00
Howard Chu
854f64202e ITS#10185 autogroup: check for invalid memberURL filter 2024-03-15 01:44:56 +00:00
Howard Chu
bf24be37fe ITS#10185 autogroup: plug memleak when deleting a group 2024-03-13 15:55:57 +00:00
Howard Chu
2e238855e8 ITS#10185 autogroup: use dnIsSuffixScope to check DN membership 
Also break out of some loops after getting a matching result
 2024-03-13 15:55:57 +00:00
Howard Chu
95e7a7be16 ITS#10185 autogroup: don't process deletes until after op succeeds 2024-03-13 15:55:57 +00:00
Howard Chu
d54aab2d33 ITS#10185 autogroup: must populate dyngroup members on Add 
The dynamic members should be populated up front, before passing the Add op
to the backend. The original code did both group and member processing up
front; the ITS#6970 patch moved both to the response callback. Only the
member processing should have been moved.
 2024-03-13 15:55:57 +00:00
Howard Chu
7015ad6568 ITS#10186 overlay response callbacks should ignore op->o_abandon 2024-03-06 14:57:15 +00:00
Howard Chu
c8caa9f659 ITS#10182 slapo-alias: check for static operational attrs too 2024-02-23 16:02:54 +00:00
Howard Chu
ce524021f6 ITS#10044 dynlist: check for abandon in search2resp 2024-02-22 19:54:30 +00:00