upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-02-18 18:18:06 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
24574 commits 38 branches 313 tags 89 MiB
Commit graph

2063 commits

Author SHA1 Message Date
Ondřej Kuzník
5645e37044 ITS#8047 Fix TLS connection timeout handling 
The test for async in ldap_int_tls_start was inverted, we already
support calling ldap_int_tls_connect repeatedly. And so long as
LBER_SB_OPT_NEEDS_* are managed correctly, the application should be
able to do the right thing.

Might require a new result code rather than reporposing
LDAP_X_CONNECTING for this.
 2024-11-12 17:55:56 +00:00
Ondřej Kuzník
637061c6ea ITS#10263 Reject modifications with invalid whitespace 2024-11-12 17:45:48 +00:00
Ondřej Kuzník
90fc22ab2d ITS#10264 Free NoD data we stored locally 2024-11-12 17:44:17 +00:00
Ryan Tandy
bfe0b37471 ITS#10253 Fix incompatible pointer type with GnuTLS 2024-10-04 21:59:24 +00:00
Howard Chu
1d556f230f ITS#10224 libldap: check for OpenSSL EVP_Digest* failure 2024-06-28 16:47:32 +00:00
Howard Chu
a45e1fc4eb ITS#10223 libldap: check for OpenSSL SSL_CTX_set_ciphersuites failure 2024-06-28 16:46:13 +00:00
Howard Chu
051b9f05a1 ITS#10216 libldap: fix OpenSSL channel binding digest 
The OBJ_find_ API is undocumented but this is what OpenSSL libcrypto does itself.
 2024-05-21 15:42:03 +00:00
Howard Chu
1d37f7b005 ITS#10209 libldap: only use OPENSSL_INIT_NO_ATEXIT if it's defined 
Fake OpenSSL clones like LibreSSL don't support it.

In general we will make no effort to support fake OpenSSL clones.
 2024-05-09 19:08:33 +00:00
Quanah Gibson-Mount
fa5cf1252f Happy New Year! 2024-03-26 19:45:35 +00:00
Howard Chu
e08b80e8b7 ITS#9952 TLS/OpenSSL: disable use of atexit() 
This will only have any effect if libldap is the first caller to
initialize OpenSSL, but that should be all that matters when libldap
is part of a dynmically loaded module. It prevents the crash in the
example cases given.
 2024-03-26 16:33:55 +00:00
Howard Chu
5e598b4371 Revert "ITS#9952 libldap: use atexit for TLS teardown" 
This reverts commit 337455eb3a.
The change was non-portable, caused ITS#10176. OpenSSL 3 is
broken and should be fixed.
 2024-03-26 16:33:50 +00:00
Howard Chu
0e40e44e3e ITS#10145 ldap_url_parse_ext: fail earlier on bad URL enclosure 2024-01-16 19:15:37 +00:00
Howard Chu
214c14e2aa ITS#10144 libldap: RDNs must contain at least 1 AVA 2024-01-16 19:14:16 +00:00
Howard Chu
4d97ae3330 ITS#10124 libldap: fix dhparam init with OpenSSL 3.x 2024-01-16 18:19:21 +00:00
hyc
a21a1e6316 ITS#10100 fix Windows timestamps 
Simplify, instead of trying to maintain offset between performance
counter and systemtime, just use performance counter.
 2024-01-11 21:59:51 +00:00
Howard Chu
70be1f177d ITS#10094 libldap/OpenSSL: fix setting ciphersuites 
Don't try old-style ciphersuite list if only v1.3 or newer ciphers were specified
 2024-01-11 21:55:59 +00:00
Florin Crișan
b04dfbff64 ITS#10101 libldap: fix double sb_close when first TLS connection fails 2024-01-11 17:54:23 +00:00
Howard Chu
375d21a9e0 ITS#9952 libldap: use atexit for TLS teardown 2023-09-26 17:22:07 +00:00
Ian Puleston
dcbfb3304b ITS#10023 libldap: fix asynch connects 
This is option #1
 2023-05-25 19:02:36 +00:00
Ian Puleston
67164c7b61 ITS#10035 Fix setting TLSv1.3 ciphersuite 2023-04-27 15:36:40 +00:00
Howard Chu
af3f6f143e ITS#10015 libldap: fix KEEPALIVE opts from ITS#9490 2023-04-27 15:04:45 +00:00
Howard Chu
6f2e068583 ITS#10003: ldap_open_internal_connection: fix mutex usage 
Note: this is a non-standard function with no use cases
 2023-04-26 17:32:32 +00:00
Ondřej Kuzník
66c2b5ad5f ITS#9045 rlock only if there may be other threads 
We can't rlock if we've registered ourselves as a writer. We can only
figure that out by checking if we're the thread that initiated the
pause: is the server paused already?
 2023-01-30 18:57:18 +00:00
Howard Chu
139943cc11 ITS#9937 libldap: fix put_simple_filter() with invalid filter 
Add check for trivial input string.
 2022-10-25 19:14:30 +00:00
Howard Chu
840944e26f ITS#9904 ldap_url_parsehosts: check for strdup failure 
Avoid unnecessary strdup in IPv6 addr parsing, check for strdup
failure when dup'ing scheme.

Code present since 2000, 8da110a9e7
 2022-08-29 16:38:51 +00:00
Howard Chu
c5c8c06a8b ITS#9904 ldif_open_url: check for ber_strdup failure 
Code present since 1999, df8f7cbb9b
 2022-08-24 18:22:42 +00:00
Michael Osipov
2479c22f7e ITS#9901 libldap: fix non-std printf %p arguments 2022-08-24 18:18:35 +00:00
Howard Chu
9a67eb49d1 ITS#9899 libldap: fix non-std syntax in cyrus.c 
Broken in 3cd50fa8b3 for ITS#9189
 2022-08-24 18:18:26 +00:00
Howard Chu
0020cdbdf8 ITS#9894 don't use gmake-specific features 2022-08-24 15:52:17 +00:00
Ondřej Kuzník
832bcdfedf ITS#9876 Some more leaks plugged 2022-07-11 16:40:42 +00:00
Howard Chu
b98cfc24a8 ITS#9876 Coverity fixes: plug memleaks 2022-07-07 15:48:31 +00:00
Howard Chu
6675535cd6 ITS#9157: check for NULL ld 2022-06-03 20:29:24 +00:00
Ondřej Kuzník
9633818ae8 ITS#9811 Allow newlines at end of included file 2022-03-21 21:52:27 +00:00
Ondřej Kuzník
214c1f2d3d ITS#9803 Drop connection when receiving non-LDAP data 2022-03-21 16:38:59 +00:00
Howard Chu
a629bf5cd5 ITS#9436 libldap: OpenSSL 3.0 compat 2022-02-04 20:30:49 +00:00
Orgad Shaneh
ddfc35ea91 ITS#9791 Fix compilation with openssl exclusions 2022-01-31 20:02:56 +00:00
Ondřej Kuzník
c810c0b531 ITS#9781 Relax refcount assertion for referrals 2022-01-19 16:07:46 +00:00
Quanah Gibson-Mount
582722e926 Happy New Year! 2022-01-07 18:41:20 +00:00
Howard Chu
8f7f210fe7 ITS#9743 init client socket port 
also silence meaningless warning
 2021-11-11 17:26:37 +00:00
Quanah Gibson-Mount
fa3b4d2f36 ITS#9673 - Start fully tracking symbols for versioning 2021-10-18 20:22:40 +00:00
Quanah Gibson-Mount
1b8482609c ITS#9673 - Fix library symbol versioning 2021-09-20 19:51:30 +00:00
Howard Chu
a01f5e4ed0 ITS#9696 plug peercert memleak 2021-09-15 15:39:14 +00:00
Howard Chu
791bc37cb4 ITS#9668 ldap_int_tls_connect: isdigit() requires unsigned char 2021-09-07 16:12:21 +00:00
Quanah Gibson-Mount
5542b90f5e ITS#9648 - Fix request.c for MAXPATHLEN not result.c Fixes 0412814c55 2021-08-31 17:35:45 +00:00
Quanah Gibson-Mount
3e954ef937 ITS#9648 - Include ac/param.h for MAXPATHLEN 2021-08-26 21:18:45 +00:00
Howard Chu
5ad6ab3568 ITS#8958 rename ldap_pvt_thread_pool_pausecheck() 
to ..._pausewait() since that's what it really does.
Add ..._pausequery() that only checks and doesn't wait.
 2021-08-12 18:59:06 +00:00
Howard Chu
ff0defdc13 ITS#6248 fix prev commit tlso_ca_list 
Don't quit on first dir failure, try them all before giving up.
 2021-07-22 23:54:25 +01:00
Howard Chu
dfcaa3f01e ITS#6248 support multiple CAcert dirs 2021-07-22 21:07:21 +01:00
Howard Chu
2c0707cf13 ITS#9157 save TLS errmsg in ld->ld_error 2021-07-22 15:27:31 +01:00
Bin Lan
457f5bd4a9 ITS#9602 Silence warnings in libldap/tls_o.c 2021-06-29 13:16:37 +01:00