using best available mechanism. (authzid prompting to be disabled)
To use simple bind, -x is required (implied if -P 2) with -D/-[Ww]
To use simple "anonymous" bind, just -x will do.
an internal flag set. Used for SEQUENCE testing. Flag must
be set using debugger. Modified ber_printf to use new format
were needed for extensibility testing.
Added first cut -lldap support for extended responses.
Modified ldapsearch(1) to handle v3 search references when not
chasing. Also added extended/unsolicited notification handling
and extended partial response handling. Changes include a
number of LDIF enhancements.
Fixed getpassphrase() returns NULL bugs
macros into our namespace and limit use to headers. A subsequent
round will add macros to separately handle forward declarations
of variables from declaration of function prototypes. The last
round will add additional macros for declaring actual variables and
functions.
was only of limited use with LDAPv2 (worked okay if no non-T.61
values existed) but downright dangerous in the face of LDAPv3.
Any translation must be schema aware and the BER isn't.
simple bind via:
{KERBEROS}principal
Code is disabled by default (for security reasons). Use
--enable-kpasswd to enable. Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support. Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
Needs a bit more work.
- global net/api timeouts are not inherited on session creation.
- need configure check for inet_aton() (coming soon)
- ioctl/fcntl portability issues (should share implementation
with lber routines)
added lber_types.h.nt, lber_types.h.in
removal of NULLxxx internal macros (in favor of NULL).
ch_free added to slapd,slurpd/ch_malloc.c
#define free ch_free (should be removed after s/free/ch_free/g) in proto-slap.h
ch_malloc and friends use ber_memalloc and friends
includes single to multiple hooks changes.
ber_mem* reimplementation.
namespace glue (finally naming has not be decided upon nor implemented).
Added ldap_int_strdup to handle "internal" strdup'ing, this version uses hooks.
ldap_pvt_strdup still available for when strdup() is missing, this version
directly uses system allocators.
Updated -lldif to use ber allocators. Items returned by ldif routines
should be ber_memfree()d as needed.
library use:
LBER_ macros expand to system routines.
LDAP_ macros expand to new ber_ allocators.
Add ber_ and ldap_ memory allocators/deallocator:
ber_ routines are wrappers of LBER_ macros.
ldap_ routines are wrappers of ber_ routines.
Removed safe_realloc() macro from various files. This issue
(if an issue) should be resolved across whole package.
ldapmodify.c now uses ber_ allocators to resolve ber_bvfree()
vs. WIN32 multiple heaps issue.
These changes should facilate implementation of
ber_set_option( NULL, LBER_OPT_MEMORY_FN, ...)
and
ldap_set_option( NULL, LDAP_OPT_MEMORY_FN, ...).
Added validation to exposed opaque data structures (BerElement, Sockbuf,
and LDAP). Added macros BER_VALID, SOCKBUF_VALID, LDAP_VALID.
Added ber_pvt_ber_bytes() and ber_pvt_ber_remaining() macros to hide
some ber internals. These really should be handled by ber_get_option().
