upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-23 08:09:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
23314 commits 38 branches 309 tags 68 MiB
Commit graph

517 commits

Author SHA1 Message Date
Pierangelo Masarati
70a71edffb trim unwanted commit 2009-11-16 09:55:27 +00:00
Pierangelo Masarati
07dc23f5ee treat bervals as bervals (related to ITS#6378,ITS#6379) 2009-11-15 18:26:53 +00:00
Pierangelo Masarati
9cfa465107 handle embedded '\0' (ITS#6379) 2009-11-14 16:45:13 +00:00
Pierangelo Masarati
3e2ac1f6c0 improve previous commit 2009-08-04 14:26:40 +00:00
Pierangelo Masarati
38fa7e0621 be liberal in accepting CL (ITS#6241) 2009-08-04 14:14:17 +00:00
Pierangelo Masarati
20371c3eae note about OpenSSL being more liberal than OpenLDAP when there is garbage past the end of a certificateList 2009-08-03 14:07:49 +00:00
Howard Chu
076c1d23cf Fix attributeCertificateValidate 2009-08-01 01:11:15 +00:00
Howard Chu
e8d95fa072 Fix certificateListValidate parsing of CRL extensions 2009-08-01 00:39:41 +00:00
Howard Chu
dbc0fdba58 csnOrderingMatch should have a normalizer 2009-07-13 09:39:39 +00:00
Howard Chu
167f2d22ed ITS#6098 issuerUID and subjectUID are primitive, not constructed 2009-05-08 01:52:12 +00:00
Howard Chu
9309eb4b34 ITS#6036 zero out freed val 2009-03-26 16:58:44 +00:00
Kurt Zeilenga
4af9eb9715 Update copyright notices 2009-01-22 00:40:04 +00:00
Hallvard Furuseth
db2172c5c9 Warning cleanup to ITS#5695/rev 1.453: signed meets unsigned. 2008-10-18 20:25:57 +00:00
Hallvard Furuseth
d68ba23ab8 ITS#5750: Fix nameUIDPretty() bitstring in Name and Optional UID syntax. 
Also update a comment about parsing this syntax.
 2008-10-18 11:09:55 +00:00
Pierangelo Masarati
5d90231d2a apply Luca Tamburo's patch for Attribute Certificate and X.509 PMI support (with modifications, ITS#5695) 2008-10-18 08:33:40 +00:00
Hallvard Furuseth
7b3bdf2185 Warning cleanup: signed meets unsigned. ber_flatten2() returns -1 on 
error, not LBER_ERROR.
 2008-10-13 10:18:15 +00:00
Pierangelo Masarati
88055e8d54 don't hide standard track matching rules (more for ITS#5700) 2008-09-15 09:16:13 +00:00
Pierangelo Masarati
ff5b4d6c21 add support for certificateListExactMatch (RFC4523; ITS#5700) 2008-09-15 00:34:56 +00:00
Pierangelo Masarati
14bd1744b7 certificate handling cleanup 2008-09-15 00:24:40 +00:00
Pierangelo Masarati
605fa77265 no need to unescape/re-escape each line (more on ITS#5608) 2008-08-30 15:00:05 +00:00
Pierangelo Masarati
03793fd9f4 implement caseIgnoreListMatch (ITS#5608) 2008-08-30 14:30:31 +00:00
Pierangelo Masarati
afbef0b035 fix check for single-field firstComponentMatch normalization (ITS#5634) 2008-08-04 21:06:37 +00:00
Pierangelo Masarati
be9d79d2a7 fix serialNumber and issuer parsing (ITS#5588) 2008-07-01 23:06:01 +00:00
Howard Chu
8921793615 ITS#5503 integerFilter keys were not terminated 2008-05-10 00:28:03 +00:00
Pierangelo Masarati
14c425b922 s/leave/func_leave/ (ITS#5411) 2008-03-15 18:16:21 +00:00
Pierangelo Masarati
137172f952 allow 2.1 CSN format (ITS#5348) 2008-02-02 10:23:35 +00:00
Pierangelo Masarati
44b20b98e0 s/assert/LDAP_INVALID_SYNTAX/ (ITS#5348) 2008-02-01 19:16:58 +00:00
Kurt Zeilenga
c890c96d13 Happy New Year (belated) 2008-01-08 00:19:56 +00:00
Hallvard Furuseth
8667a535dc Integer indexing - cleanup, signedness, redefine signmask => RIP overflow test 2007-12-03 09:54:01 +00:00
Howard Chu
ccfe26fca9 Cleanup overflow check 2007-12-02 21:46:50 +00:00
Hallvard Furuseth
3b6122cb73 Integer indexing - cleanup 2007-12-02 19:25:33 +00:00
Howard Chu
304520c113 Add memctx to lutil_str2bin() 2007-12-02 19:11:41 +00:00
Hallvard Furuseth
283313ba15 Fix last patch, and reduce allocations in lutil_str2bin(). 2007-12-02 17:32:08 +00:00
Hallvard Furuseth
bddba8ae17 Integer indexing - handle huge values 2007-12-02 16:10:23 +00:00
Howard Chu
60c0a68249 Trim unneeded tmp var 2007-12-01 11:44:18 +00:00
Howard Chu
95993844dd Omit leading zero pad byte 2007-12-01 11:41:52 +00:00
Howard Chu
d513108ea3 Fix sign bit 2007-12-01 11:00:40 +00:00
Howard Chu
b7f3bb05f5 Fix 1.426, must sign-extend small numbers, not zero-pad 2007-11-30 18:12:17 +00:00
Howard Chu
8a8a05d811 Change integer indexing to ordered only, no backward compatibility 2007-11-25 13:19:08 +00:00
Pierangelo Masarati
7aeac21440 silence warnings 2007-11-23 12:47:53 +00:00
Howard Chu
dd39c0a6fd integer indexing must be unsigned 2007-11-21 03:07:09 +00:00
Howard Chu
3ff3957dc7 Add index_intlen keyword for ordered indexing of integers 2007-11-21 02:54:57 +00:00
Howard Chu
c406042fd6 ITS#5072 fix issuer format, use uppercase hex per RFC3641 2007-10-05 11:27:20 +00:00
Pierangelo Masarati
c3c3c9c16b support de-normalization 2007-10-05 09:26:48 +00:00
Howard Chu
925e92dcc9 certificateExactNormalize - only check serial encoding if len > 1 2007-10-01 16:32:30 +00:00
Howard Chu
291c8d9bd8 ITS#5070 unify serialNumberAndIssuer validation 2007-10-01 08:43:56 +00:00
Howard Chu
4ad821910c ITS#5070 use lutil_str2bin() for certificate serialNumbers 
Still need to fix serialNumberAndIssuerPretty to accept hex
 2007-10-01 06:55:02 +00:00
Howard Chu
37e295f269 ITS#5070 again, use [-]0x123456789abcdef for big int serial numbers 2007-09-29 09:50:54 +00:00
Howard Chu
d322eb96c3 ITS#5151 fix CertificateListValidate 2007-09-24 07:55:56 +00:00
Howard Chu
f1065e1780 Remove special cases for BigNums in certificateExactNormalize, just 
use hex when serial is larger than int. Normalized values need to be
consistent regardless of compile-time environment...
 2007-09-24 06:26:36 +00:00
Pierangelo Masarati
12ea3e4304 check call consistency 2007-09-03 16:36:22 +00:00
Howard Chu
f8fcb44d13 Fix PrintableString/IA5String commentary 2007-09-03 00:40:37 +00:00
Pierangelo Masarati
f6dc2b1032 hide (experimental) schema 2007-09-01 15:45:12 +00:00
Pierangelo Masarati
56d9a93ad4 authzMatch IS octetStringMatch 2007-09-01 15:44:24 +00:00
Pierangelo Masarati
1b40253d4d release certificateListValidate() 2007-08-30 20:27:13 +00:00
Pierangelo Masarati
47f1f66361 keep pretty and normal form of CSN the same... 2007-08-27 10:39:48 +00:00
Pierangelo Masarati
6edcf92419 also the MOD part is hex; preserve compatibility with OpenLDAP's 2.3 entryCSN 2007-08-27 10:09:46 +00:00
Pierangelo Masarati
81a4676571 add csnValidate/csnNormalize, since the SID could be hexadecimal, and we want upper/lowercase a-f to match as appropriate 2007-08-27 09:13:45 +00:00
Pierangelo Masarati
2082935657 so SIDs are hex 2007-08-27 07:09:57 +00:00
Pierangelo Masarati
2132aa3b16 add support for CSNSIDMatch; use it to set contextCSN as appropriate when slapadd'ing -w 2007-08-26 15:39:45 +00:00
Pierangelo Masarati
72f009ac52 behave when a value of an ordered attr starts with '{' and either contains or not '}', but the prefix '{X}' does not contain a numericString 2007-08-24 23:05:10 +00:00
Pierangelo Masarati
3771d2ed49 fox to ITS#5070 fix: error out if serialNumber requires size > sizeof(long long) (detected by Coverity) 2007-08-16 11:57:34 +00:00
Pierangelo Masarati
f4e12e11d6 trim unused vars 2007-08-03 20:26:48 +00:00
Pierangelo Masarati
d0baca7a62 add certificateListValidate (#ifdef LDAP_DEVEL) 2007-08-03 13:12:36 +00:00
Pierangelo Masarati
34921e07ad allow parsing of long long serials when long long is defined (ITS#5070) 2007-08-03 10:50:18 +00:00
Pierangelo Masarati
6a4dd27158 allow validation/normalization of x509 v1 (default) certs 2007-07-25 00:56:51 +00:00
Hallvard Furuseth
101b6b9363 Fix --without-tls (ITS#4975). Enable certificate matching. 2007-05-20 22:48:21 +00:00
Hallvard Furuseth
861babae6f include lber-int.h (for rev 1.396 certificate changes) 2007-05-18 14:41:28 +00:00
Pierangelo Masarati
978c3609e0 allow array of more generic syntaxes 2007-05-16 09:13:14 +00:00
Pierangelo Masarati
eb5d285a1b allow attribute inheritance with syntax restriction (please review) 2007-05-16 01:40:34 +00:00
Howard Chu
97b0c98ab5 Don't use strdup on bervals 2007-05-13 09:36:52 +00:00
Howard Chu
f3c9d552dd Use liblber for certificate Validation, Normalization 2007-05-13 01:27:51 +00:00
Howard Chu
51e58c671e Fix q[-1] ref in prev commit 2007-01-29 23:56:59 +00:00
Howard Chu
67f16caec0 ITS#4823 allow zero-length IA5String 2007-01-29 04:39:54 +00:00
Kurt Zeilenga
da6d9eb046 happy new year 2007-01-02 20:00:42 +00:00
Pierangelo Masarati
78af5454d2 use case consistent with RFCs (ITS#4764) 2006-12-02 10:30:29 +00:00
Kurt Zeilenga
dbaf7c5c25 More ldapbis cleanup 2006-10-28 04:47:58 +00:00
Kurt Zeilenga
99b954e2c3 LDAPBIS cleanup 2006-10-28 03:53:02 +00:00
Howard Chu
dd74acbf74 Fix ITS#4672, clear errno before calling STRTOL 2006-09-13 05:34:38 +00:00
Hallvard Furuseth
6567412f54 schema_destroy(): Handle failed slap_schema_init() 2006-04-13 22:19:19 +00:00
Kurt Zeilenga
eb9a3c1876 unifdef -DSLAP_ACL_HONOR_DISCLOSE 
unifdef -DSLAP_ACL_HONOR_MANAGE
unifdef -DSLAP_OVERLAY_ACCESS
unifdef -DSLAP_ORDERED_PRETTYNORM
unifdef -DSLAP_AUTHZ_SYNTAX
Move LDAP_COLLECTIVE_ATTRIBUTES, LDAP_COMP_MATCH, and LDAP_SYNC_TIMESTAMP
back behind LDAP_DEVEL (as these either too experimental or not yet
implemented).
 2006-04-12 05:53:26 +00:00
Hallvard Furuseth
6c772f2057 assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL). 2006-04-01 23:52:42 +00:00
Kurt Zeilenga
ffee887d71 Update certificate schema to use IANA assigned OIDs 2006-03-08 20:07:25 +00:00
Kurt Zeilenga
4c64b8626d Add support for GSER-encoded certificateExactAsssertion values 2006-03-03 04:54:49 +00:00
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Kurt Zeilenga
e50fc1833d Add UUIDPretty 
Likely should add UUID-named-entry test case to test026...
 2005-12-20 23:25:44 +00:00
Kurt Zeilenga
439af9ec10 (Quick)fix UUID naming attributes 2005-12-20 22:36:51 +00:00
Pierangelo Masarati
474dfbc8fd don't trust strchr/strrchr with bervals 2005-11-13 22:26:53 +00:00
Howard Chu
8f5ea1f1d2 substring indexing optimization 2005-10-23 22:38:15 +00:00
Kurt Zeilenga
d10832b0c8 entryUUID schema to use IANA (newly) assigned OIDs 2005-09-26 18:37:50 +00:00
Howard Chu
86bd3651e1 ITS#4040 move initialization 2005-09-25 06:12:41 +00:00
Howard Chu
5697278574 ITS#4040 fix uniqueMemberMatch when value is zero-length 2005-09-25 06:11:35 +00:00
Pierangelo Masarati
4bc8197dcb further ACI factoring out & confinement 2005-08-22 16:03:35 +00:00
Pierangelo Masarati
de90dbbc52 mutex-protect "undefined" attribute descriptions/objectClasses addition (ITS#3958) 2005-08-22 09:46:17 +00:00
Pierangelo Masarati
ec49990d51 ACIs almost entirely factored out of slapd 
Added OpenLDAPaciSyntax based on ITS#3877 by Nikita Shulga
aci_mask() doesn't exploit the normalized value yet (next step)
The case #define SLAPD_ACI_ENABLED / #undef SLAP_DYNACL should
be removed
 2005-08-17 17:14:57 +00:00
Pierangelo Masarati
d10250d9f6 add authzSyntax for authzTo/authzFrom attributes; add X-ORDERED 'VALUES' if support for ordered_value_{validate,pretty,normalize} is present; exploit normalization in slap_parseURI (only #ifdef LDAP_DEVEL) 2005-08-11 23:52:17 +00:00
Hallvard Furuseth
9601e1e7ec serialNumberAndIssuerPretty() and serialNumberAndIssuerNormalize() 
were confused about realloced memory.
 2005-07-30 23:30:42 +00:00
Hallvard Furuseth
81ecb0b153 assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL). 2005-07-18 06:22:33 +00:00
Howard Chu
5d2ba11ad9 ITS#3847 silence warnings 2005-07-11 12:11:15 +00:00
Luke Howard
f90800667d Fix OpenLDAP ITS#3782 - broken logic in bitwise matching rules 2005-06-16 05:31:24 +00:00