]>
git.sur5r.net Git - openldap/log
SATOH Fumiyasu [Thu, 3 Aug 2017 07:59:02 +0000 (16:59 +0900)]
ITS#8709 contrib/slapd-modules/passwd/totp: OpenSSL 1.1.0 compatibility
Howard Chu [Wed, 6 Sep 2017 20:25:16 +0000 (21:25 +0100)]
ITS#8719 add crypt_r() support
Michael Ströder [Tue, 5 Sep 2017 13:52:34 +0000 (15:52 +0200)]
ITS#8714 Send out EXTENDED operation message from back-sock
Howard Chu [Thu, 31 Aug 2017 15:53:45 +0000 (16:53 +0100)]
ITS#8270 use the configured exop timeout for StartTLS
Also, there's no need for a retry loop here. Just wait for
the specified timeout or give up.
Ondřej Kuzník [Fri, 25 Aug 2017 15:25:23 +0000 (16:25 +0100)]
ITS#8444 Do not clear the pending operation when checkpointing
When a checkpoint happens, if we remove the CSN from the pending list,
accesslog won't pass it onto the accesslog DB. But in a delta-mmr
scenario, an accesslog entry without a CSN faces a race where it might
be applied twice - that usually fails and causes a full refresh, other
times it can cause a silent desync - both are undesirable.
Quanah Gibson-Mount [Mon, 21 Aug 2017 16:19:12 +0000 (09:19 -0700)]
ITS#8715 Fix typo with olcTLSCiphersuite
Quanah Gibson-Mount [Wed, 16 Aug 2017 15:50:22 +0000 (08:50 -0700)]
ITS#8713 Delete stub man page for LDBM
Howard Chu [Fri, 4 Aug 2017 19:58:07 +0000 (20:58 +0100)]
ITS#8690 one more time
Howard Chu [Fri, 4 Aug 2017 12:40:34 +0000 (13:40 +0100)]
ITS#8690 fix again
Howard Chu [Fri, 4 Aug 2017 12:34:03 +0000 (13:34 +0100)]
Revert "ITS#8690 refix"
This reverts commit
a5f3a2885c9d1a72ecebf159522a558a1f33d767 .
Howard Chu [Thu, 3 Aug 2017 11:42:21 +0000 (12:42 +0100)]
ITS#8705 fix service pathname
Strip trailing space of last pathname component, if any. Not first.
Howard Chu [Tue, 1 Aug 2017 23:52:13 +0000 (00:52 +0100)]
ITS#8690 refix
Don't double-queue delete ops
Howard Chu [Tue, 1 Aug 2017 21:08:50 +0000 (22:08 +0100)]
ITS#8226 optimization
Don't release read txn unless there has actually been a new write txn
Howard Chu [Tue, 1 Aug 2017 20:57:02 +0000 (21:57 +0100)]
ITS#8690 fix prev commit
Howard Chu [Tue, 1 Aug 2017 20:47:15 +0000 (21:47 +0100)]
Cleanup uninit'd vars
Howard Chu [Fri, 21 Jul 2017 18:04:08 +0000 (19:04 +0100)]
ITS#8690 plug memleak on Delete ops
Quanah Gibson-Mount [Fri, 21 Jul 2017 00:11:01 +0000 (17:11 -0700)]
ITS#8697 - For Windows builds with newer MINGW, remove refptr symbols
mappings from slapd.def
Quanah Gibson-Mount [Fri, 23 Jun 2017 16:44:46 +0000 (09:44 -0700)]
Fix missing index on reqResult
Howard Chu [Thu, 22 Jun 2017 17:08:40 +0000 (18:08 +0100)]
ITS#8678 temporary hack
Quanah Gibson-Mount [Wed, 7 Jun 2017 00:04:11 +0000 (17:04 -0700)]
ITS#8667 - Add regression test
Howard Chu [Thu, 1 Jun 2017 16:52:15 +0000 (17:52 +0100)]
Merge remote-tracking branch 'origin/mdb.RE/0.9'
Howard Chu [Thu, 1 Jun 2017 16:51:10 +0000 (17:51 +0100)]
Release 0.9.21
Ryan Tandy [Thu, 18 May 2017 03:07:39 +0000 (20:07 -0700)]
ITS#8655 fix double free on paged search with pagesize 0
Fixes a double free when a search includes the Paged Results control
with a page size of 0 and the search base matches the filter.
Ryan Tandy [Fri, 5 May 2017 03:08:07 +0000 (03:08 +0000)]
ITS#8648 init SASL library in global init
Ryan Tandy [Sun, 7 May 2017 20:16:00 +0000 (20:16 +0000)]
ITS#8648 check result of ldap_int_initialize in ldap_{get,set}_option
Ryan Tandy [Sat, 6 May 2017 22:50:13 +0000 (22:50 +0000)]
ITS#8650 retry gnutls_handshake after GNUTLS_E_AGAIN
Quanah Gibson-Mount [Sun, 23 Apr 2017 22:13:23 +0000 (15:13 -0700)]
ITS#8123 - Fix wording to match examples
Kevin Lam [Tue, 21 Feb 2017 04:20:38 +0000 (12:20 +0800)]
ITS#8592 Fix double free in sssvlv overlay
Quanah Gibson-Mount [Tue, 25 Apr 2017 23:09:22 +0000 (16:09 -0700)]
Fix slapo-pcache to use mdb as the example backend
Quanah Gibson-Mount [Tue, 25 Apr 2017 18:47:49 +0000 (11:47 -0700)]
ITS#8205 - Pick up changes that were ignored in the last commit
Quanah Gibson-Mount [Tue, 25 Apr 2017 18:37:48 +0000 (11:37 -0700)]
ITS#8205 - Fix typos, use man page from Howard for TOTP
Peter Marschall [Sun, 26 Jul 2015 13:04:26 +0000 (15:04 +0200)]
ITS#8205 - contrib/smbk5pwd: add man page, install it too
Add a manual page slapo-smbk5pwd.5 and update smbk5pwd's Makefile to
install the new manual page.
ITS#8205 - contrib/lastbind: install man page
Update lastbind's Makefile to install the manual page too.
ITS#8205 - contrib/passwd/sha2: add man page, install it too
Add a manual page slapd-pw-sha2.5 and update passwd/sha2's Makefile to
install the new manual page.
ITS#8205 - contrib/adremap: install man page
Update adremap's Makefile to install the manual page too.
ITS#8205 - contrib/allop: install man page
Update allop's Makefile to install the manual page too.
ITS#8205 - contrib/cloak: install man page
Update cloak's Makefile to install the manual page too.
ITS#8205 - contrib/lastmod: install man page
Update lastmod's Makefile to install the manual page too.
ITS#8205 - contrib/nops: install man page
Update nops's Makefile to install the manual page too.
ITS#8205 - contrib/nssov: install man page
Update nssov's Makefile to install the manual page too.
ITS#8205 - contrib/passwd: add man page slapd-pw-sha2.5, install it too
Add a manual page slapd-pw-radius.5 and update passwd's Makefile to
install the new manual page.
ITS#8205 - contrib/passwd/totp: add man page, install it too
Add a manual page slapo-totp.5 and update passwd/totp's Makefile to
install the new manual page.
ITS#8205 - contrib/passwd/pbkdf2: add man page, install it too
Add a manual page slapd-pw-pbkdf2.5 and update passwd/pbkdf2's Makefile to
install the new manual page.
Ryan Tandy [Tue, 25 Apr 2017 01:53:56 +0000 (01:53 +0000)]
ITS#8644 fix previous commit: initialize KILLPIDS
Ryan Tandy [Tue, 25 Apr 2017 01:28:25 +0000 (01:28 +0000)]
ITS#8644 wait for slapd to start in test064
Quanah Gibson-Mount [Mon, 24 Apr 2017 20:15:56 +0000 (13:15 -0700)]
ITS#8635 - Note that non-zero serverID's are required for MMR, and that serverID 0 is specific to single master replication only
Quanah Gibson-Mount [Sun, 23 Apr 2017 19:23:56 +0000 (12:23 -0700)]
ITS#8613 - Note that slapo-memberOf should not be used in a replicated environment
Jephte CLAIN [Thu, 31 Dec 2015 08:03:56 +0000 (12:03 +0400)]
ITS#8344 - accesslog database should not be replicated
Howard Chu [Fri, 21 Apr 2017 13:39:17 +0000 (14:39 +0100)]
Fix pool_retract signature
Omitted from
e12ca8b6fed6b8a2526c5c8ee820bf5aa942b59d
Quanah Gibson-Mount [Wed, 19 Apr 2017 19:49:24 +0000 (12:49 -0700)]
Regenerate for autoca, asyncmeta, and wiredtiger
Howard Chu [Wed, 19 Apr 2017 19:19:09 +0000 (20:19 +0100)]
Tweaks for OpenSSL 1.1 API deprecations
Howard Chu [Wed, 19 Apr 2017 18:27:02 +0000 (19:27 +0100)]
Delete extraneous #define
Was only for convenience during testing
Quanah Gibson-Mount [Tue, 18 Apr 2017 20:40:05 +0000 (13:40 -0700)]
Fix autoca build with OpenSSL 1.1.0
Quanah Gibson-Mount [Tue, 18 Apr 2017 15:23:18 +0000 (08:23 -0700)]
Regenerate configure
Quanah Gibson-Mount [Tue, 18 Apr 2017 15:22:56 +0000 (08:22 -0700)]
Quanah Gibson-Mount [Tue, 18 Apr 2017 15:01:26 +0000 (08:01 -0700)]
ITS#8643 - Fix typo
Quanah Gibson-Mount [Fri, 14 Apr 2017 17:50:46 +0000 (10:50 -0700)]
ITS#8634 - Fix DES API function calls to current DES API
Ondřej Kuzník [Mon, 10 Apr 2017 10:26:28 +0000 (11:26 +0100)]
ITS#8632 request the correct type
Ondřej Kuzník [Mon, 10 Apr 2017 09:42:46 +0000 (10:42 +0100)]
ITS#8631 Initialize sal
Howard Chu [Sun, 9 Apr 2017 23:54:21 +0000 (00:54 +0100)]
Cleanup unused vars
Howard Chu [Sun, 9 Apr 2017 23:51:09 +0000 (00:51 +0100)]
Tweak privateKeyValidate
Only accept PKCS#8 private keys
Howard Chu [Sun, 9 Apr 2017 23:21:08 +0000 (00:21 +0100)]
Add GnuTLS support for direct DER config of cacert/cert/key
Followon to
b402a2805f8b96d2751a7315ea5e70e5082965ed
Howard Chu [Sun, 9 Apr 2017 22:42:22 +0000 (23:42 +0100)]
Cleanup warnings, unused vars, etc.
Howard Chu [Sun, 9 Apr 2017 21:45:36 +0000 (22:45 +0100)]
Fix autoca schema init
Wait for core.schema to get loaded
Howard Chu [Sun, 9 Apr 2017 20:37:55 +0000 (21:37 +0100)]
Cleanup test066 comments
Howard Chu [Sun, 9 Apr 2017 19:48:37 +0000 (20:48 +0100)]
autoca manpage updates
Howard Chu [Sun, 9 Apr 2017 19:33:50 +0000 (20:33 +0100)]
Add autoca test script
Howard Chu [Sun, 9 Apr 2017 19:31:11 +0000 (20:31 +0100)]
autoca fixups
Move install of CA cert to a pool thread, otherwise cn=config deadlocks
on dynamically loaded overlay.
Dup/release entry before attempting to modify it, to avoid deadlocks
in back-bdb/hdb.
Always use PKCS#8 format when storing private keys.
Howard Chu [Sun, 9 Apr 2017 19:29:47 +0000 (20:29 +0100)]
Fixup for ;binary config attrs
Use the plain attributeDescription when searching config tables
Howard Chu [Sun, 9 Apr 2017 15:40:25 +0000 (16:40 +0100)]
Add localDN config
If a cert is generated for this DN, configure it as the local
TLS cert/key
Howard Chu [Sun, 9 Apr 2017 14:42:17 +0000 (15:42 +0100)]
Set the CA cert in cn=config if none was already set
Howard Chu [Sun, 9 Apr 2017 14:41:16 +0000 (15:41 +0100)]
Fixup pause handling, silence warnings
Don't try to resume the pool if pausing failed.
Howard Chu [Sun, 9 Apr 2017 14:39:44 +0000 (15:39 +0100)]
Fixup handle_pause()
Return -1 if running on the main thread - which means there
are no worker threads to pause.
Howard Chu [Sun, 9 Apr 2017 14:39:13 +0000 (15:39 +0100)]
Fixup cacert option
Howard Chu [Sun, 9 Apr 2017 14:35:05 +0000 (15:35 +0100)]
Add ldap_pvt_thread_pool_queues decl
Was missing from
0ef9e6107baf45d29e194442991132df6c190adb
Howard Chu [Sun, 9 Apr 2017 13:51:25 +0000 (14:51 +0100)]
Support setting cacert/cert/key directly in cn=config entry
Howard Chu [Sun, 9 Apr 2017 13:49:48 +0000 (14:49 +0100)]
Fixup cacert/cert/key options
Add get_option support, allow delete by setting a NULL arg.
Howard Chu [Sun, 9 Apr 2017 13:15:28 +0000 (14:15 +0100)]
Move privateKey schema into slapd
Howard Chu [Sun, 9 Apr 2017 10:30:39 +0000 (11:30 +0100)]
Flesh out experimental OIDs
Howard Chu [Sun, 9 Apr 2017 02:55:01 +0000 (03:55 +0100)]
Catalog of assigned OID arcs
With some specific elements as well, but not exhaustively listed.
Patches welcome.
Howard Chu [Sun, 9 Apr 2017 01:21:06 +0000 (02:21 +0100)]
Add config support for binary values
Use base64 for .conf files, straight binary for back-config
Howard Chu [Sat, 8 Apr 2017 23:13:42 +0000 (00:13 +0100)]
Add options to use DER format cert+keys directly
Instead of loading from files.
Howard Chu [Fri, 7 Apr 2017 14:25:37 +0000 (15:25 +0100)]
Add autoca overlay
Automated certificate authority
Ondřej Kuzník [Tue, 4 Apr 2017 17:24:57 +0000 (18:24 +0100)]
ITS#6545 Update accesslog format and syncrepl consumer
Make two successive modifications of the same attribute separate. This
lets the consumer interpret the log entry the same way as the server
that produced it.
Still depends on the log entry attributes being read in the same order
as they were written.
Quanah Gibson-Mount [Fri, 7 Apr 2017 20:39:11 +0000 (13:39 -0700)]
ITS#8353, ITS#8533 - Cleanup for libldap_r
Quanah Gibson-Mount [Thu, 6 Apr 2017 22:12:02 +0000 (15:12 -0700)]
ITS#8353, ITS#8533 - Fix libldap_r compilation
Quanah Gibson-Mount [Thu, 6 Apr 2017 18:47:06 +0000 (11:47 -0700)]
ITS#8353, ITS#8533 - Ensure that the deprecated API is not used when using OpenSSL 1.1 or later
Ondřej Kuzník [Sun, 22 Nov 2015 18:36:45 +0000 (18:36 +0000)]
ITS#8266 Allow empty mods
Quanah Gibson-Mount [Wed, 29 Mar 2017 21:29:25 +0000 (14:29 -0700)]
ITS#7700 - Update documentation about the "limits" configuration option
Quanah Gibson-Mount [Wed, 29 Mar 2017 20:47:13 +0000 (13:47 -0700)]
ITS#7700 - Update syncrepl configuration bits with missing parameters
Quanah Gibson-Mount [Wed, 29 Mar 2017 19:36:42 +0000 (12:36 -0700)]
ITS#7177, ITS#6339 - Fix VV option information
Jan Vcelak [Wed, 22 Feb 2012 12:04:49 +0000 (13:04 +0100)]
ITS#7177 add SASL_NOCANON option to ldap.conf(5)
Quanah Gibson-Mount [Wed, 29 Mar 2017 19:00:26 +0000 (12:00 -0700)]
ITS#7341 Fix typo in access control so that it is attrs= not attr=
Gerardo Santana [Sun, 11 Sep 2016 15:43:16 +0000 (10:43 -0500)]
ITS#8499 Fix typo in admin guide
Ondřej Kuzník [Sun, 9 Oct 2016 10:07:36 +0000 (11:07 +0100)]
ITS#8513 Update TOTP README
Quanah Gibson-Mount [Wed, 29 Mar 2017 17:44:55 +0000 (10:44 -0700)]
ITS#8587 - Fix typos
Ondřej Kuzník [Tue, 28 Mar 2017 14:32:27 +0000 (15:32 +0100)]
ITS#8625 Separate Avlnode and TAvlnode types
Switch AVL_CHILD/AVL_THREAD values and set Avlnode bits to AVL_CHILD for
better compatibility between avl and tavl as suggested by Howard.
Howard Chu [Thu, 23 Mar 2017 20:37:24 +0000 (20:37 +0000)]
ITS#8622 fix xcursor after cursor_del
Re-fix
6b1df0e4c7fadd21d1233d7157229b2d89ccaa04 from ITS#8406
Howard Chu [Thu, 16 Mar 2017 14:21:31 +0000 (14:21 +0000)]
ITS#8054 add queue time to log
Show time spent in conn+threadpool queues before an op actually executes.
Also clean up timestamp handling
Howard Chu [Wed, 15 Mar 2017 11:13:09 +0000 (11:13 +0000)]
Fixes for multiple threadpool queues
Remove poolq_hash, it wasn't distributing work evenly to the queues.
Just walk through all queues and use the one with smallest
active+pending count. Since pool_retract also relied on the hash,
a different means of locating the thread to retract was needed.
Add pool_submit2 which returns the threadpool task structure,
and record which poolq this task lives on.
Ondřej Kuzník [Wed, 22 Feb 2017 18:24:48 +0000 (18:24 +0000)]
ITS#8574 - Deal with rDN correctly
This fixes issues with values that need escaping in the rDN when an
incorrect value would be passed to the handler and back-ldif.
Howard Guo [Thu, 10 Nov 2016 14:39:03 +0000 (15:39 +0100)]
ITS#8529 Avoid hiding the error if user specified CA does not load
The TLS configuration deliberately hid the error in case that
user specified CA locations cannot be read, by loading CAs from default
locations; and when user does not specify CA locations, the CAs from default
locations are not read at all.
This patch corrects the behaviour so that CAs from default location are used
if user does not specify a CA location, and user is informed of the error if
CAs cannot be loaded from the user specified location.
Quanah Gibson-Mount [Wed, 22 Feb 2017 00:02:17 +0000 (16:02 -0800)]
ITS8589 - This modifies the test so that it will not trigger the issue described in the ITS.
Quanah Gibson-Mount [Tue, 21 Feb 2017 23:27:13 +0000 (15:27 -0800)]
ITS#8253 - Further clarification around replication information
Howard Chu [Tue, 7 Feb 2017 12:56:35 +0000 (12:56 +0000)]
ITS#8585 Fail ldap_result if handle is already bad
Quanah Gibson-Mount [Mon, 6 Feb 2017 23:27:25 +0000 (15:27 -0800)]
ITS#8253 - better document options for the syncprov module
Howard Chu [Mon, 6 Feb 2017 09:30:51 +0000 (09:30 +0000)]
Document threadqueues option
Implemented in
34f832faee9f215dfdb61de52506f2905258b147
Quanah Gibson-Mount [Fri, 3 Feb 2017 22:30:30 +0000 (14:30 -0800)]
Correctly exit if the backend is back-ldap
Quanah Gibson-Mount [Thu, 2 Feb 2017 18:43:01 +0000 (10:43 -0800)]
Tweak examples to use back-mdb
Howard Chu [Wed, 1 Feb 2017 11:10:31 +0000 (11:10 +0000)]
ITS#8576 Revert "LDAP_TAILQ fix"
This reverts commit
8ee824832844c16d4199f3aacd8b1d613933a7d5 .
Quanah Gibson-Mount [Wed, 1 Feb 2017 00:17:02 +0000 (16:17 -0800)]
Fix comparison error