upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-30 03:29:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
20452 commits 38 branches 309 tags 68 MiB
Commit graph

3433 commits

Author SHA1 Message Date
Jan Vcelak
2db5195650 ITS#7316 MozNSS: do not retry when reading the pin from file 
Avoid infinite loop if the pin in the password file is wrong.
 2012-06-26 06:47:48 -07:00
Jan Vcelak
a171237999 ITS#7315 MozNSS: do not authenticate to a slot manually 
We cannot rely on tc_certificate->slot value, the library will choose
the correct slot itself when needed. Just provide correct pin argument.
 2012-06-26 06:46:29 -07:00
Jan Vcelak
3531c344e1 ITS#7314 MozNSS: lock whole init and clenaup process 2012-06-26 06:44:46 -07:00
Jan Vcelak
d07779e97b ITS#7313 MozNSS: store certificate object instead of nickname in in ctx 
PEM certificates should not be referenced by nicknames, because the
nicknames are derived from basename of the cerificate file and in
general are not easy-predictable.

The code of Mozilla NSS backend depends on some aspects of PEM module
and tries to guess the nicknames correctly. In some cases the guessing
is wrong.
 2012-06-26 06:43:11 -07:00
Jan Vcelak
87132b820d ITS#7312 MozNSS: context specific token description for certdb 2012-06-26 06:41:05 -07:00
Jan Vcelak
221531b31a ITS#7241 unbind: free socket prior to destroying TLS context 2012-06-25 12:53:29 -07:00
Howard Chu
450d224291 ITS#7293 make ldapava_free static 2012-06-23 05:41:39 -07:00
Howard Chu
e2b5aaf5dd ITS#7290 fix ldap_int_initialize() to set debug level 2012-06-07 05:15:04 -07:00
Jan Vcelak
00d0e16272 ITS#7291 MozNSS: read pin from file file can cause infinite loop 
The buffer allocated for reading password file has to be initialized
with zeros, or we need to append zero at the end of the file. Otherwise
we might read unitialized memory and consider it to be a password.
 2012-06-07 05:05:08 -07:00
Tim Strobell (Contractor)
4b6bd2c600 ITS#7289 MozNSS: cipher suite selection by name may be ignored 2012-06-07 05:03:15 -07:00
Jan Vcelak
dc3842fca3 ITS#7287 MozNSS: do not overwrite error in tlsm_verify_cert 2012-06-05 03:43:24 -07:00
Tim Strobell (Contractor)
2c2bb2e7ae ITS#7285 Mozilla NSS: default cipher suite always selected 2012-06-05 03:43:15 -07:00
Quanah Gibson-Mount
3f46f2e0bc Merge remote branch 'origin/mdb.master' 2012-06-04 19:41:58 -07:00
Howard Chu
a334257800 Tweak prev commit, use first unused slot 2012-06-02 05:26:31 -07:00
Howard Chu
4cabb24b83 Fix mdb_open, re-use closed dbi slots 2012-06-02 05:24:47 -07:00
Jan Vcelak
df1d118de8 ITS#7276 MozNSS: allow CA certdb together with PEM CA bundle file 
Prior to this patch, if TLS_CACERTDIR was set to Mozilla NSS certificate
database and TLS_CACERT was set to a PEM bundle file with CA
certificates, the PEM file content was not loaded.

With this patch and the same settings, OpenLDAP can verify certificates
which are signed by CAs stored both in certdb and PEM bundle file.
 2012-05-30 06:18:50 -07:00
Frederik Deweerdt
8bb9e88d5f ITS#7270 Protect accesses to ldap_int_hostname with a mutex. 
Not protecting the accesses to ldap_int_hostname could lead to a double
free.
 2012-05-30 05:49:53 -07:00
Howard Chu
22bf5188a9 Merge remote-tracking branch 'origin/mdb.master' 2012-05-09 12:13:05 -07:00
Howard Chu
eeec509150 ITS#7266 fix rebalance for LEAF2 pages 2012-05-09 11:24:25 -07:00
Howard Chu
ff1839ebe6 Merge remote-tracking branch 'origin/mdb.master' 2012-05-08 22:19:05 -07:00
Howard Chu
a540597dd6 More freelist tweaks, avoid referencing freed page 2012-05-08 22:17:17 -07:00
Howard Chu
326d07d8c6 Merge remote-tracking branch 'origin/mdb.master' 2012-05-05 19:42:30 -07:00
Howard Chu
fadf75a9cb Further clarification of mdb_open() 2012-05-05 19:41:45 -07:00
Howard Chu
4d0d12db27 Merge remote-tracking branch 'origin/mdb.master' 2012-04-18 16:05:16 -07:00
Howard Chu
fbf9c23304 ITS#7251 fix Apple/Windows shared mutex naming 2012-04-18 15:59:54 -07:00
Hallvard Furuseth
20baad4a20 libmdb: midl.h namespace cleanup. 
Prefix ID, NOID, ID2, IDL, ID2L with 'MDB_'.
Also drop bdb from file description.
 2012-04-12 08:24:36 +02:00
Hallvard Furuseth
0a4aa88927 libmdb: Simplify pick_meta() from read_meta(). 
Put one call in #if MDB_DEBUG. Move DPRINTF(Using meta page #) there.
 2012-04-12 08:15:33 +02:00
Hallvard Furuseth
dce5bb2fee libmdb: Simplify mdb_default_cmp. No real change. 2012-04-12 08:15:33 +02:00
Hallvard Furuseth
729a8a2819 libmdb: signed meets unsigned warning cleanup 2012-04-12 08:15:33 +02:00
Hallvard Furuseth
99fa22c164 libmdb: MDB_FDATASYNC code cleanup. 
Define MDB_FDATASYNC() instead of redefining fdatasync().
 2012-04-12 08:15:33 +02:00
Hallvard Furuseth
592b3f8727 libmdb: Add C++ 'extern "C" {}' to *.h 2012-04-12 08:15:33 +02:00
Hallvard Furuseth
8e1ebbb4a8 libmdb: Don't open datafile twice when not needed. 
If the database is opened with MDB_RDONLY or MDB_NOSYNC,
instead use the same file descriptor for me_mfd and me_fd.

Also factor out Windows/Unix error handling after open.
 2012-04-12 08:15:33 +02:00
Hallvard Furuseth
6d0b424dbe libmdb: Set close-on-exec flag on lockfile 2012-04-12 08:15:33 +02:00
Hallvard Furuseth
4a0b30499c libmdb: Do not use the MDB_txbody.mtb_txnid field. 
Get txn->mt_txnid from the meta page instead.  Otherwise it
and txn->mt_toggle could become inconsistent, since read-only
txns fetched both from MDB_txbody without mutex proteciton.
 2012-04-12 08:15:33 +02:00
Hallvard Furuseth
d1738c3e6b Fix MDB_DEBUG in last ITS#7299 commit. 
Make DPRINTF usable in if-else.  Silence signed vs unsigned warning.
 2012-04-12 07:34:13 +02:00
Howard Chu
d806b970b1 Merge remote branch 'origin/mdb.master' 2012-04-10 15:42:43 -07:00
Howard Chu
d793594173 ITS#7229 more mdb_page_split tweaks 
Also add mdb_debug/mdb_debug_start to toggle debug output at runtime
 2012-04-10 14:05:05 -07:00
Howard Chu
a66f9e9292 ITS#7210 fix check for freelist changes 
Was being fooled before because the newly malloc'd block had
the same address as the previously freed block.
 2012-04-09 19:24:47 -07:00
Howard Chu
321b0fa93e Merge remote branch 'origin/mdb.master' 2012-04-09 05:19:41 -07:00
Howard Chu
191d78948b ITS#7238 doc clarification 2012-04-09 05:01:37 -07:00
Howard Chu
ae027b5214 ITS#7229 additional tweaks 
Should probably compare nsize to pg_size/4 instead...
 2012-04-09 04:45:32 -07:00
Howard Chu
de0cb27d70 ITS#7230 check and strip 0 length IDLs from freelist 2012-04-09 04:44:08 -07:00
Howard Chu
d2da9c1a7d Merge remote branch 'origin/mdb.master' 2012-04-07 04:59:30 -07:00
Howard Chu
7ba25c488a ITS#7229 more mdb_page_split fixes 2012-04-07 01:27:38 -07:00
Howard Chu
04c44f016c Merge remote branch 'origin/mdb.master' 2012-04-04 05:52:45 -07:00
Howard Chu
84acc0e803 ITS#7219 fixup keysize in previous commit 2012-04-04 05:44:53 -07:00
Howard Chu
fc1396fa2e Merge remote branch 'origin/mdb.master' 2012-04-04 01:39:27 -07:00
Howard Chu
0f10814494 ITS#7219 fix for odd-aligned keys in mdb_update_key() 2012-04-03 12:24:27 -07:00
Howard Chu
487d3966ee Merge remote branch 'origin/mdb.master' 2012-03-30 06:37:12 -07:00
Howard Chu
91bab157f6 ITS#7210 fix leak of overflow pages in freelist 2012-03-30 06:36:02 -07:00
Howard Chu
7ff8baf1d3 Merge remote branch 'origin/mdb.master' 2012-03-28 10:45:06 -07:00
Howard Chu
f53beeabee Partial revert of prev commit 
Sub-DBs were correct before
 2012-03-28 10:44:18 -07:00
Howard Chu
55060f6b1f Merge remote branch 'origin/mdb.master' 2012-03-28 10:35:56 -07:00
Howard Chu
ac0b18911b Fix entry counts in cursor_put 
when replacing an existing item
 2012-03-28 10:34:35 -07:00
Howard Chu
b8bbe985b8 Merge remote branch 'origin/mdb.master' 2012-03-28 09:34:13 -07:00
Howard Chu
0952cfdf84 Fix uninit'd xcursor index 2012-03-28 09:33:06 -07:00
Howard Chu
5c16c8842b Add mfree utility to show the freelist 2012-03-28 09:20:18 -07:00
Howard Chu
04f488e7a0 ITS#7210 additional freelist fixes 
Also allow read access to freelist in mdb_cursor_open
 2012-03-28 09:18:00 -07:00
Howard Chu
b92af0760b ITS#7210 partial fix 
Allow pages from free list to be used when growing the free list.
(Yes, this is self-referential...)
 2012-03-27 06:44:28 -07:00
Howard Chu
5fcc9285fb Merge remote branch 'origin/mdb.master' 2012-03-26 06:59:41 -07:00
Howard Chu
8a4981d8aa ITS#7213 fix page_split with MDB_APPEND 
don't skip the cursor adjust checks
 2012-03-26 06:58:16 -07:00
Howard Chu
dcf94e25f5 ITS#7207 check for ld->ld_defconn 2012-03-26 03:35:31 -07:00
Howard Chu
25e8e82c5f Update overflow page count when freeing overflow page 2012-03-20 17:14:59 -07:00
Howard Chu
9b21d585dc Merge remote branch 'origin/mdb.master' 2012-03-09 12:48:57 -08:00
Hallvard Furuseth
c7da506dd2 Fix MDB_txninfo.mt2 padding on Windows/Apple 2012-03-09 19:30:34 +01:00
Hallvard Furuseth
c7fe1f466e Tweak mdb comment with conflicting spec of 'ID' 2012-03-09 19:25:44 +01:00
Hallvard Furuseth
5c182fbedf Fix valgrind call after malloc failure in mdb. 
Also line up the code logic a bit.
 2012-03-09 19:22:31 +01:00
Hallvard Furuseth
d3b9939e71 Clean up MAP_FAILED handling in mdb. 
Delay (MDB_txninfo*) cast to after comparing mmap() with MAP_FAILED.
Otherwise, if MAP_FAILED = (void*)-1 but MDB_txninfo requires stricter
alignment, the compiler could assume the result is never MAP_FAILED.

Also store NULL in env->(me_map, me_txns) after mmap failure.
 2012-03-09 19:06:04 +01:00
Hallvard Furuseth
2baadabdff ITS#7191 Align dirty MDB pages on the stack 2012-03-09 18:45:39 +01:00
Howard Chu
cfa8dd6884 Merge remote branch 'origin/mdb.master' 2012-03-08 21:39:01 -08:00
Howard Chu
15f3e650da ITS#7191 more alignment tweaks 
Revealed when gcc optimization is enabled
 2012-03-08 21:28:24 -08:00
Howard Chu
bb921063e0 ITS#7194 fix IPv6 URL detection 2012-03-08 19:35:44 -08:00
Howard Chu
3743a5a68e Merge remote branch 'origin/mdb.master' 2012-03-06 22:56:29 -08:00
Howard Chu
2ccf0d58b2 Fix typo in 7bc62c5128 2012-03-06 22:55:53 -08:00
Howard Chu
5ce2a2aee6 Merge remote branch 'origin/mdb.master' 2012-03-06 22:17:19 -08:00
Howard Chu
7bc62c5128 ITS#7190 fix merging of branch pages in deletes 2012-03-06 22:12:21 -08:00
Hallvard Furuseth
d50d57ed63 Fix libmdb comments 2012-03-03 09:58:05 +01:00
Hallvard Furuseth
e1b88d93ac Remove development file libmdb/make.sh 2012-03-03 09:52:33 +01:00
Hallvard Furuseth
d8b4598085 ITS#7191 Fix mdb_xcursor_init1() unaligned access 2012-03-03 09:49:20 +01:00
Howard Chu
9547dd7a0d Merge remote branch 'origin/mdb.master' 2012-03-02 17:28:51 -08:00
Howard Chu
1b07b48c1a ITS#7196 use IOV_MAX if it's defined and small 2012-03-02 17:26:49 -08:00
Howard Chu
de7f6d38fa ITS#7115 add missing pool_idle/unidle stubs 2012-02-27 20:42:29 -08:00
Howard Chu
aa33f4b220 Merge remote branch 'origin/mdb.master' 2012-02-21 11:52:44 -08:00
Howard Chu
b23bb7a0b1 ITS#7160 get BYTE_ORDER def for HPUX (and Solaris) 2012-02-21 11:52:01 -08:00
Howard Chu
33f6bc4fe6 ITS#7167 only poll sockets for write as needed 2012-02-20 14:51:30 -08:00
Howard Chu
92ed65d298 ITS#7174 lutil_str2bin: can't modify input strings 2012-02-19 18:10:16 -08:00
Hallvard Furuseth
ffbad797c8 Fix typo in ldap_int_client_controls() comment 2012-02-07 16:11:43 +01:00
Jan Vcelak
4e9926ca97 ITS#7136 MozNSS: store TLS params until the deferred initialization is finished 
Deferred TLS initialization is used with Mozilla NSS. The real
initialization takes place when the TLS context is needed for the first
time. If the initialization parameters were freed immediately after
tlsm_ctx_init was called, they were not available at the time of
deferred initialization which caused segmentation fault.

With this patch, initialization parameters are copied and stored until
the deferred initialization is finished. The parameters are freed
afterwards.

Red Hat Bugzilla: #783431
 2012-01-25 21:24:28 -08:00
Jan Vcelak
1107103dd7 ITS#7135 MozNSS, PEM: fix segfault when TLS certificate key is not set 
Red Hat Bugzilla: #772890
 2012-01-25 21:22:47 -08:00
Howard Chu
ce2c041671 Cleanup gssapi_flags -> ldo_gssapi_flags 2012-01-24 15:43:39 -08:00
Howard Chu
7ff18967d7 More for prev commit (270ef33acf) 2012-01-24 15:43:14 -08:00
Howard Chu
270ef33acf ITS#7118, #7133 tentative fix 
Move mutexes to end of structs, so libldap can ignore them
 2012-01-24 13:32:52 -08:00
Hallvard Furuseth
1a931a86ee Silence 'assign away const' warning 2012-01-24 01:45:51 +01:00
Hallvard Furuseth
999ff398d6 thr_debug: tweak debug_already_initialized(). 
With gcc, declare debug_already_initialized() as 'noinline' so
its deliberate uninitialized access stays inside the function and
valgrind can ignore it there.
 2012-01-24 01:45:51 +01:00
Hallvard Furuseth
23f3657807 ITS#7115: Tighten ldap_pvt_thread_pool_unidle(). 
Only wait out already-started pauses, not pause reqests.
ltp_pause now says whether a pause is requested or has started.

This reduces the chance that slapd:send_ldap_ber() will start
a pause in the middle of an operation.
 2012-01-24 00:47:48 +01:00
Howard Chu
a8f6deee03 Merge remote branch 'origin/mdb.master' 2012-01-21 17:32:18 -08:00
Howard Chu
953796759e Fix typo in e8e57be421 2012-01-21 17:31:23 -08:00
Howard Chu
7d13ef7e42 Merge remote branch 'origin/mdb.master' 2012-01-21 08:29:03 -08:00
Howard Chu
e8e57be421 Add valgrind support with -DUSE_VALGRIND 
Track allocations and invalid accesses to freed tmp pages.
 2012-01-21 08:22:59 -08:00
Howard Chu
3d6b924c25 txn_commit must abort txn before returning errors 
Fix for failure when committing a txn that is a child of
some parent txn.
 2012-01-21 08:20:43 -08:00