]> git.sur5r.net Git - openldap/log
openldap
6 years agoITS#8573 allow all libldap options in tools -o option
Ondřej Kuzník [Thu, 14 Jun 2018 15:14:15 +0000 (16:14 +0100)]
ITS#8573 allow all libldap options in tools -o option

6 years agoFix quoting example
Ondřej Kuzník [Thu, 14 Jun 2018 15:08:36 +0000 (16:08 +0100)]
Fix quoting example

6 years agoFix ldif-wrap errmsg typo
Howard Chu [Wed, 13 Jun 2018 15:19:04 +0000 (16:19 +0100)]
Fix ldif-wrap errmsg typo

6 years agoITS#8616 don't check for existing value when deleting values
Howard Chu [Thu, 24 May 2018 16:51:50 +0000 (17:51 +0100)]
ITS#8616 don't check for existing value when deleting values

6 years agoFix copypasta in its8444 regression script
Ryan Tandy [Fri, 18 May 2018 03:58:55 +0000 (20:58 -0700)]
Fix copypasta in its8444 regression script

6 years agoMake syntax highlighting/folding happier
Ondřej Kuzník [Thu, 10 May 2018 10:58:21 +0000 (11:58 +0100)]
Make syntax highlighting/folding happier

6 years agoITS#8843 check for NULL modlist
Howard Chu [Wed, 2 May 2018 15:51:49 +0000 (16:51 +0100)]
ITS#8843 check for NULL modlist

6 years agoITS#8840 Fix domainScope control to ensure the control value is absent as per Microso...
Quanah Gibson-Mount [Mon, 30 Apr 2018 17:27:36 +0000 (17:27 +0000)]
ITS#8840 Fix domainScope control to ensure the control value is absent as per Microsoft specification (https://msdn.microsoft.com/en-us/library/aa366979%28v=vs.85%29.aspx).

6 years agoHappy New Year
Quanah Gibson-Mount [Thu, 22 Mar 2018 15:35:24 +0000 (15:35 +0000)]
Happy New Year

6 years agoMerge remote-tracking branch 'origin/mdb.RE/0.9'
Quanah Gibson-Mount [Thu, 22 Mar 2018 15:28:21 +0000 (15:28 +0000)]
Merge remote-tracking branch 'origin/mdb.RE/0.9'

6 years agoUpdate release date LMDB_0.9.22
Quanah Gibson-Mount [Thu, 22 Mar 2018 15:23:05 +0000 (15:23 +0000)]
Update release date

6 years agoHappy New Year
Quanah Gibson-Mount [Thu, 22 Mar 2018 15:20:57 +0000 (15:20 +0000)]
Happy New Year

6 years agoRelease 0.9.22
Howard Chu [Wed, 21 Mar 2018 22:50:02 +0000 (22:50 +0000)]
Release 0.9.22

6 years agoITS#8819 can't use fakepage mp_ptrs directly
Howard Chu [Tue, 20 Mar 2018 18:34:56 +0000 (18:34 +0000)]
ITS#8819 can't use fakepage mp_ptrs directly

6 years agoITS#8818 SASL_MECH/SASL_REALM are not user-only
Howard Chu [Tue, 13 Mar 2018 18:55:50 +0000 (18:55 +0000)]
ITS#8818 SASL_MECH/SASL_REALM are not user-only

Changed as of ITS#4327 commit 86d10729

6 years agoITS#8800 -- Ensure there are no differences due to different checkpoints
Quanah Gibson-Mount [Wed, 28 Feb 2018 23:54:20 +0000 (23:54 +0000)]
ITS#8800 -- Ensure there are no differences due to different checkpoints
being logged to the underlying DB's contextCSN.

6 years agoback-mdb Multival fixes
Howard Chu [Thu, 22 Feb 2018 03:12:32 +0000 (03:12 +0000)]
back-mdb Multival fixes

Fix multival logic on Replace
Fix return codes from modify_internal, id2entry_put

6 years agoITS#8789 revert previous patch
Howard Chu [Thu, 22 Feb 2018 14:59:41 +0000 (14:59 +0000)]
ITS#8789 revert previous patch

And try another approach. Always write contextCSN updates, but
don't set dont_replicate for updates we want propagated.

6 years agoITS#8789 avoid unnecessary writes of context entry
Howard Chu [Wed, 31 Jan 2018 15:19:58 +0000 (15:19 +0000)]
ITS#8789 avoid unnecessary writes of context entry

If syncprov is present, only write contextCSN attribute on
actual state changes, not on per-entry modifications.
Continue to update in-memory cookieState. Saves overhead,
syncprov will eventually checkpoint it into the DB anyway.

6 years agoAdd debug msg if adding entry to logDB fails
Howard Chu [Wed, 21 Feb 2018 19:50:45 +0000 (19:50 +0000)]
Add debug msg if adding entry to logDB fails

6 years agoITS#8752 accesslog: partially revert 3bb8b737ed8e444c6771c1465574eb6cf5b7f19a
Howard Chu [Wed, 21 Feb 2018 19:48:02 +0000 (19:48 +0000)]
ITS#8752 accesslog: partially revert 3bb8b737ed8e444c6771c1465574eb6cf5b7f19a

6 years agoITS#8800 -- Fix database name
Quanah Gibson-Mount [Tue, 13 Feb 2018 02:57:26 +0000 (02:57 +0000)]
ITS#8800 -- Fix database name

6 years agoITS#8800 -- Remove bash requirement
Quanah Gibson-Mount [Tue, 13 Feb 2018 01:42:35 +0000 (01:42 +0000)]
ITS#8800 -- Remove bash requirement

6 years agoWait for slapd to stop before proceeding. Otherwise this test may fail.
Quanah Gibson-Mount [Tue, 13 Feb 2018 00:34:09 +0000 (00:34 +0000)]
Wait for slapd to stop before proceeding.  Otherwise this test may fail.

Fix variable usage so it doesn't delete data/slapd.conf after running

6 years agoITS#4336 - Fix regression test to be valid
Quanah Gibson-Mount [Mon, 12 Feb 2018 23:50:17 +0000 (23:50 +0000)]
ITS#4336 - Fix regression test to be valid

6 years agoITS#4326 - Fix regression test so it operates correctly
Quanah Gibson-Mount [Mon, 12 Feb 2018 23:48:05 +0000 (23:48 +0000)]
ITS#4326 - Fix regression test so it operates correctly

6 years agoMerge remote-tracking branch 'origin/mdb.RE/0.9'
Quanah Gibson-Mount [Sun, 11 Feb 2018 21:02:26 +0000 (21:02 +0000)]
Merge remote-tracking branch 'origin/mdb.RE/0.9'

6 years agoITS#8722
Quanah Gibson-Mount [Sun, 11 Feb 2018 21:02:05 +0000 (21:02 +0000)]
ITS#8722

6 years agoTweak ITS#8722 fix: Use XCURSOR_REFRESH()
Hallvard Furuseth [Sun, 10 Sep 2017 22:00:14 +0000 (00:00 +0200)]
Tweak ITS#8722 fix: Use XCURSOR_REFRESH()

This checks XCURSOR_INITED() and fixes the mn_flags check.

6 years agoXCURSOR_REFRESH() fixups/cleanup
Hallvard Furuseth [Sun, 10 Sep 2017 21:59:35 +0000 (23:59 +0200)]
XCURSOR_REFRESH() fixups/cleanup

* Check NUMKEYS(), similar to f34b61f9471d1c03fe0517b9d817c50c920e378a
  "ITS#8722 fix FIRST_DUP/LAST_DUP cursor bounds check".
* Move XCURSOR_INITED() into XCURSOR_REFRESH().  This adds a check in
  mdb_cursor_put, below /* converted, write the original data first */.
* Factor mc_ki[] out to XCURSOR_REFRESH().
* Replace an mc_pg[] with mp which is equal (mdb_cursor_del0).

6 years agoITS#8722 fix FIRST_DUP/LAST_DUP cursor bounds check
Howard Chu [Wed, 6 Sep 2017 20:15:48 +0000 (21:15 +0100)]
ITS#8722 fix FIRST_DUP/LAST_DUP cursor bounds check

6 years agoITS#8622
Quanah Gibson-Mount [Sun, 11 Feb 2018 20:58:54 +0000 (20:58 +0000)]
ITS#8622

6 years agoITS#8699 more for cursor_del ITS#8622
Howard Chu [Wed, 26 Jul 2017 20:37:40 +0000 (21:37 +0100)]
ITS#8699 more for cursor_del ITS#8622

Set C_DEL flag on reinit'd subcursor

6 years agoITS#8486 Don't keep sl_mutex locked when playing the sessionlog
Howard Chu [Fri, 19 Jan 2018 17:11:49 +0000 (17:11 +0000)]
ITS#8486 Don't keep sl_mutex locked when playing the sessionlog

6 years agoFix ITS location
Quanah Gibson-Mount [Fri, 9 Feb 2018 19:00:38 +0000 (19:00 +0000)]
Fix ITS location

6 years agoMerge remote-tracking branch 'origin/mdb.RE/0.9'
Quanah Gibson-Mount [Fri, 9 Feb 2018 18:49:21 +0000 (18:49 +0000)]
Merge remote-tracking branch 'origin/mdb.RE/0.9'

6 years agoITS#8760
Quanah Gibson-Mount [Fri, 9 Feb 2018 18:47:21 +0000 (18:47 +0000)]
ITS#8760

6 years agoITS#8760 fix regression in 0.9.19
Howard Chu [Thu, 26 Oct 2017 18:04:37 +0000 (19:04 +0100)]
ITS#8760 fix regression in 0.9.19

6 years agoITS#8612
Quanah Gibson-Mount [Fri, 9 Feb 2018 18:46:06 +0000 (18:46 +0000)]
ITS#8612

6 years agoITS#8612 Fix Solaris builds with liblmdb
Quanah Gibson-Mount [Wed, 7 Jun 2017 20:42:51 +0000 (13:42 -0700)]
ITS#8612 Fix Solaris builds with liblmdb

This patch fixes liblmdb builds on Solaris and derivatives by defining
_POSIX_PTHREAD_SEMANTICS

6 years ago0.9.22 engineering
Quanah Gibson-Mount [Fri, 9 Feb 2018 18:45:20 +0000 (18:45 +0000)]
0.9.22 engineering

6 years agoRegression test for ITS8800
Quanah Gibson-Mount [Tue, 6 Feb 2018 03:41:17 +0000 (03:41 +0000)]
Regression test for ITS8800

6 years agoITS#8801 Fix CSN queue processing
Howard Chu [Thu, 1 Feb 2018 22:32:45 +0000 (22:32 +0000)]
ITS#8801 Fix CSN queue processing

6 years agoITS#8800 remove originator check in syncprov_search_response
Howard Chu [Fri, 2 Feb 2018 00:47:25 +0000 (00:47 +0000)]
ITS#8800 remove originator check in syncprov_search_response

Let the entryCSN check do all the work. Reloading a server from an old
backup needs this to go thru.

6 years agoITS#8607 Don't record checkpoints
Howard Chu [Wed, 31 Jan 2018 22:23:25 +0000 (22:23 +0000)]
ITS#8607 Don't record checkpoints

6 years agoIgnore lbase64.c symlink
Ryan Tandy [Sun, 4 Feb 2018 19:27:23 +0000 (19:27 +0000)]
Ignore lbase64.c symlink

6 years agoITS#8100 fixes for delta-syncrepl with empty accesslog
Howard Chu [Tue, 30 Jan 2018 12:12:32 +0000 (12:12 +0000)]
ITS#8100 fixes for delta-syncrepl with empty accesslog

Update syncprov contextCSNs when context entry is added.
Fix accesslog to properly tag Add op when adding context entry.

6 years agoAvoid unnecessary C99 initializers
Howard Chu [Thu, 25 Jan 2018 15:40:26 +0000 (15:40 +0000)]
Avoid unnecessary C99 initializers

6 years agoCleanup warnings
Howard Chu [Thu, 25 Jan 2018 15:36:00 +0000 (15:36 +0000)]
Cleanup warnings

6 years agoITS#8791 fix OpenSSL 1.1.1 BIO_method compat
Bradley Baetz [Fri, 8 Dec 2017 00:46:40 +0000 (11:46 +1100)]
ITS#8791 fix OpenSSL 1.1.1 BIO_method compat

Use the new methods unconditionally, define helper functions for older versions.

6 years agoITS#8798 Fix swapped arguments
Ondřej Kuzník [Fri, 19 Jan 2018 18:21:17 +0000 (18:21 +0000)]
ITS#8798 Fix swapped arguments

6 years agoITS#8798 Do not insert delays on a successful bind
Ondřej Kuzník [Fri, 19 Jan 2018 17:33:33 +0000 (17:33 +0000)]
ITS#8798 Do not insert delays on a successful bind

6 years agoITS#8798 Add SASL support to slapd-* tester tools
Ondřej Kuzník [Tue, 16 Jan 2018 15:30:01 +0000 (15:30 +0000)]
ITS#8798 Add SASL support to slapd-* tester tools

6 years agoITS#8798 Enable retry/delay in slapd-bind
Ondřej Kuzník [Tue, 16 Jan 2018 15:29:16 +0000 (15:29 +0000)]
ITS#8798 Enable retry/delay in slapd-bind

6 years agoITS#8798 Unify slapd-* tools setup
Ondřej Kuzník [Tue, 16 Jan 2018 15:28:50 +0000 (15:28 +0000)]
ITS#8798 Unify slapd-* tools setup

6 years agoITS#8796 Fix SSF reset
Ondřej Kuzník [Mon, 15 Jan 2018 16:07:59 +0000 (16:07 +0000)]
ITS#8796 Fix SSF reset

Maintain the SSF across SASL binds.

6 years agoITS#8484 - Fix MozNSS initialization
Soohoon Lee [Wed, 24 Aug 2016 02:07:42 +0000 (19:07 -0700)]
ITS#8484 - Fix MozNSS initialization

6 years agoITS#8782 plug memleaks in cancel
Howard Chu [Mon, 4 Dec 2017 15:59:33 +0000 (15:59 +0000)]
ITS#8782 plug memleaks in cancel

6 years agoITS#8778 Fix telephoneNumberNormalize("-" or " ")
Hallvard Furuseth [Sun, 26 Nov 2017 20:22:23 +0000 (21:22 +0100)]
ITS#8778 Fix telephoneNumberNormalize("-" or " ")

7 years agoITS#8753, ITS#8774 - Fix compilation with older versions of OpenSSL
Quanah Gibson-Mount [Fri, 17 Nov 2017 22:30:45 +0000 (14:30 -0800)]
ITS#8753, ITS#8774 - Fix compilation with older versions of OpenSSL

7 years agoITS#8753 Remove extraneous file
Ondřej Kuzník [Tue, 14 Nov 2017 09:28:18 +0000 (09:28 +0000)]
ITS#8753 Remove extraneous file

7 years agoITS#8753 Public key pinning support in libldap
Ondřej Kuzník [Tue, 7 Nov 2017 18:35:33 +0000 (18:35 +0000)]
ITS#8753 Public key pinning support in libldap

7 years agoITS#8753 Move base64 decoding to separate file
Ondřej Kuzník [Tue, 7 Nov 2017 18:35:05 +0000 (18:35 +0000)]
ITS#8753 Move base64 decoding to separate file

7 years agoBuild internal avl testing tools correctly
Ondřej Kuzník [Thu, 26 Oct 2017 10:49:16 +0000 (11:49 +0100)]
Build internal avl testing tools correctly

7 years agoITS#6656 Docs for reqEntryUUID
Ondřej Kuzník [Thu, 26 Oct 2017 09:08:27 +0000 (10:08 +0100)]
ITS#6656 Docs for reqEntryUUID

7 years agoITS#6300 - Remove kqueue from project list
Quanah Gibson-Mount [Thu, 19 Oct 2017 23:07:13 +0000 (16:07 -0700)]
ITS#6300 - Remove kqueue from project list

7 years agoITS#8719, ITS#8605, ITS#6300 -- Regenerate configure
Quanah Gibson-Mount [Thu, 19 Oct 2017 21:59:24 +0000 (14:59 -0700)]
ITS#8719, ITS#8605, ITS#6300 -- Regenerate configure

7 years agoITS#6300 -- Update for multi-listener support
Quanah Gibson-Mount [Tue, 19 Sep 2017 21:48:24 +0000 (21:48 +0000)]
ITS#6300 -- Update for multi-listener support

7 years agoITS #6300: Added support for using kqueue in slapd (for systems that support kqueue(2).
Bryan Duncan [Mon, 14 Nov 2011 19:34:12 +0000 (11:34 -0800)]
ITS #6300: Added support for using kqueue in slapd (for systems that support kqueue(2).

Patch obtained from:
        http://public.me.com/bryan.duncan/bryan-duncan.kqueue.090922.patch

 # This patch file is derived from OpenLDAP Software. All of the
 # modifications to OpenLDAP Software represented in the following
 # patch(es) were developed by Apple.  I, Bryan Duncan, am authorized by
 # Apple, my employer, to release this work under the following terms.
 #
 # Copyright 2009 Apple Inc. All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted only as authorized by the OpenLDAP
 # Public License.
 #
 # A copy of this license is available in file LICENSE in the
 # top-level directory of the distribution or, alternatively, at
 # http://www.OpenLDAP.org/license.html.
 #

7 years agoITS#8752 - Add echo statements about the purpose of the test and a
Quanah Gibson-Mount [Tue, 17 Oct 2017 16:47:02 +0000 (09:47 -0700)]
ITS#8752 - Add echo statements about the purpose of the test and a
warning that it may take manual intervention to exit if a deadlock
occurs

7 years agoITS#8752 accesslog: cleanup should only be called on failures
Howard Chu [Sat, 14 Oct 2017 10:22:53 +0000 (11:22 +0100)]
ITS#8752 accesslog: cleanup should only be called on failures

7 years agoRevert "ITS#8752 ppolicy: don't call same cleanup twice"
Howard Chu [Fri, 13 Oct 2017 17:46:18 +0000 (18:46 +0100)]
Revert "ITS#8752 ppolicy: don't call same cleanup twice"

This reverts commit 1c963f473945e9902c1682d917baa58002a9ab95.

Revert "ITS#8752 make sure all cleanups are called in overlay_op_walk"

This reverts commit b0ad788b8aaad7d5e75827dacd4bbba203ae69ff.

7 years agoITS#8752 ppolicy: don't call same cleanup twice
Howard Chu [Fri, 13 Oct 2017 16:39:37 +0000 (17:39 +0100)]
ITS#8752 ppolicy: don't call same cleanup twice

fallout from b0ad788b8aaad7d5e75827dacd4bbba203ae69ff

7 years agoITS#8752 fix syncrepl deadlock from updateCookie
Howard Chu [Fri, 13 Oct 2017 16:25:29 +0000 (17:25 +0100)]
ITS#8752 fix syncrepl deadlock from updateCookie

Must release cookieState->cs_mutex before invoking backend.
Add a condvar to serialize calls of updateCookie, so we can
release the mutex and still update sequentially.

Also added tid logging, useful in conjunction with
7ab0e1aff0cc48cdfb299ca7dbd27900a9e3d1a8

7 years agoITS#8752 additional debug info, thread ID of rmutex lockers
Howard Chu [Fri, 13 Oct 2017 16:24:19 +0000 (17:24 +0100)]
ITS#8752 additional debug info, thread ID of rmutex lockers

7 years agoITS#8752 make sure all cleanups are called in overlay_op_walk
Howard Chu [Fri, 13 Oct 2017 16:22:34 +0000 (17:22 +0100)]
ITS#8752 make sure all cleanups are called in overlay_op_walk

7 years agofix syncprov_qtask race, test062 crashes
Howard Chu [Fri, 13 Oct 2017 16:16:25 +0000 (17:16 +0100)]
fix syncprov_qtask race, test062 crashes

Keep s_mutex locked until we know we're removed from queue.
Remember qtask cookie so we can retract if ineeded when deleting
the overlay from running slapd.

config_delete is still unsafe, overlay_remove is running with active
threadpool instead of paused pool.

7 years agoUpdate script that does random modifications on random masters. Better
Quanah Gibson-Mount [Thu, 12 Oct 2017 20:42:37 +0000 (13:42 -0700)]
Update script that does random modifications on random masters.  Better
reproduces the problem.

7 years agoITS#8605 - spelling fixes
Josh Soref [Sun, 26 Feb 2017 07:49:31 +0000 (07:49 +0000)]
ITS#8605 - spelling fixes

* javascript
* kernel
* ldap
* length
* macros
* maintained
* manager
* matching
* maximum
* mechanism
* memory
* method
* mimic
* minimum
* modifiable
* modifiers
* modifying
* multiple
* necessary
* normalized
* objectclass
* occurrence
* occurring
* offered
* operation
* original
* overridden
* parameter
* permanent
* preemptively
* printable
* protocol
* provider
* really
* redistribution
* referenced
* refresh
* regardless
* registered
* request
* reserved
* resource
* response
* sanity
* separated
* setconcurrency
* should
* specially
* specifies
* structure
* structures
* subordinates
* substitution
* succeed
* successful
* successfully
* sudoers
* sufficient
* superiors
* supported
* synchronization
* terminated
* they're
* through
* traffic
* transparent
* unsigned
* unsupported
* version
* absence
* achieves
* adamson
* additional
* address
* against
* appropriate
* architecture
* associated
* async
* attribute
* authentication
* authorized
* auxiliary
* available
* begin
* beginning
* buffered
* canonical
* certificate
* charray
* check
* class
* compatibility
* compilation
* component
* configurable
* configuration
* configure
* conjunction
* constraints
* constructor
* contained
* containing
* continued
* control
* convenience
* correspond
* credentials
* cyrillic
* database
* definitions
* deloldrdn
* dereferencing
* destroy
* distinguish
* documentation
* emmanuel
* enabled
* entry
* enumerated
* everything
* exhaustive
* existence
* existing
* explicitly
* extract
* fallthru
* fashion
* february
* finally
* function
* generically
* groupname
* happened
* implementation
* including
* initialization
* initializes
* insensitive
* instantiated
* instantiation
* integral
* internal
* iterate

7 years agoITS#8527 - Add additional debug logging on consumer/provider state when the consumer...
Quanah Gibson-Mount [Tue, 12 Sep 2017 17:09:44 +0000 (10:09 -0700)]
ITS#8527 - Add additional debug logging on consumer/provider state when the consumer has a newer cookie than the provider

7 years agoITS#8508 - Allow ucgendat.c to recognize title-case characters even if they do not...
Zebediah Figura [Sat, 1 Oct 2016 02:26:59 +0000 (21:26 -0500)]
ITS#8508 - Allow ucgendat.c to recognize title-case characters even if they do not have lower-case equivalents

I, Zebediah Figura, hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice.

7 years agoITS#8291 Reopen cursor after delete
Ondřej Kuzník [Wed, 16 Dec 2015 12:47:17 +0000 (13:47 +0100)]
ITS#8291 Reopen cursor after delete

7 years agoITS#8291 Enable slapmodify logging in tests
Ondřej Kuzník [Sun, 22 Nov 2015 18:41:28 +0000 (18:41 +0000)]
ITS#8291 Enable slapmodify logging in tests

7 years agoITS#8153 - olcTimeLimit should be Single Value
Emmanuel Lécharny [Sat, 1 Oct 2016 02:26:59 +0000 (21:26 -0500)]
ITS#8153 - olcTimeLimit should be Single Value

7 years agoITS#8037 - Add support for relax control to delta-syncrepl
Ivan Nejgebauer [Tue, 28 Aug 2012 14:57:54 +0000 (16:57 +0200)]
ITS#8037 - Add support for relax control to delta-syncrepl

7 years agoITS#7721 - Allow authTimestamp updates to be forwarded via updateref
ck@test-centos64.cksoft.de [Tue, 8 Oct 2013 21:14:45 +0000 (23:14 +0200)]
ITS#7721 - Allow authTimestamp updates to be forwarded via updateref

7 years agoITS#7532 - Add new function ldap_connect().
Nathaniel McCallum [Wed, 27 Feb 2013 18:44:57 +0000 (13:44 -0500)]
ITS#7532 - Add new function ldap_connect().

This function is used to manually establish a connection after
a call to ldap_initialize(). This is primarily so that a file
descriptor can be obtained before any requests are sent for the
purposes of polling for writability.

7 years agoITS#6475 - Man page updates to slapd.conf/slapd-config for the new olcSaslAuxpropsDon...
Quanah Gibson-Mount [Wed, 11 Oct 2017 21:31:01 +0000 (14:31 -0700)]
ITS#6475 - Man page updates to slapd.conf/slapd-config for the new olcSaslAuxpropsDontUseCopy and olcSaslAuxpropsDontUseCopyIgnore parameters for use with SASL/OTP

7 years agoITS#8692 let back-sock generate increment: line in case of LDAP_MOD_INCREMENT (see...
Michael Ströder [Wed, 12 Jul 2017 18:18:22 +0000 (20:18 +0200)]
ITS#8692 let back-sock generate increment: line in case of LDAP_MOD_INCREMENT (see RFC 4525, section 3)

7 years agoITS#7389 - MozNSS: load certificates from certdb, fallback to PEM
Jan Vcelak [Fri, 14 Sep 2012 12:24:29 +0000 (14:24 +0200)]
ITS#7389 - MozNSS: load certificates from certdb, fallback to PEM

If TLS_CACERT pointed to a PEM file and TLS_CACERTDIR was set to NSS
certificate database, the backend assumed that the certificate is always
located in the certificate database. This assumption might be wrong.

This patch makes the library to try to load the certificate from NSS
database and fallback to PEM file if unsuccessfull.

7 years agoITS#8167 Fix non-blocking TLS with referrals
Ian Puleston [Fri, 19 Sep 2014 01:48:50 +0000 (18:48 -0700)]
ITS#8167 Fix non-blocking TLS with referrals

7 years agoITS#8687 - EGD is disabled by default in OpenSSL 1.1. We need to comment out this...
Quanah Gibson-Mount [Fri, 22 Sep 2017 21:25:20 +0000 (14:25 -0700)]
ITS#8687 - EGD is disabled by default in OpenSSL 1.1. We need to comment out this block if it is not detected. Particularly affects cross compilation.

7 years agoITS#8583 - Fix C++ LDAP Control structure
Quanah Gibson-Mount [Wed, 5 Jul 2017 20:14:54 +0000 (13:14 -0700)]
ITS#8583 - Fix C++ LDAP Control structure

7 years agoITS#8578 - remove unused-variables in RE24 testing call (2.4.45)
sca+openldap@andreasschulze.de [Fri, 1 Sep 2017 23:31:52 +0000 (16:31 -0700)]
ITS#8578 - remove unused-variables in RE24 testing call (2.4.45)

7 years agoITS#8404 Fix an assertion failure during modify of olcDbRewrite in back-meta
Nadezhda Ivanova [Tue, 12 Sep 2017 14:14:30 +0000 (17:14 +0300)]
ITS#8404 Fix an assertion failure during modify of olcDbRewrite in back-meta

7 years agoITS#8121 - Note ldap_sasl_bind and ldap_sasl_bind_s can be used to make simple binds...
Quanah Gibson-Mount [Sun, 23 Apr 2017 22:30:07 +0000 (15:30 -0700)]
ITS#8121 - Note ldap_sasl_bind and ldap_sasl_bind_s can be used to make simple binds via the LDAP_SASL_SIMPLE mechanism

7 years agoITS#7520 - back-ldap omit-unknown-schema changes
Ted C. Cheng [Fri, 6 Feb 2015 01:19:39 +0000 (17:19 -0800)]
ITS#7520 - back-ldap omit-unknown-schema changes

7 years agoITS#7374 - MozNSS: better file name matching for hashed CA certificate directory
Jan Vcelak [Wed, 29 Aug 2012 14:23:52 +0000 (16:23 +0200)]
ITS#7374 - MozNSS: better file name matching for hashed CA certificate directory

CA certificate files in OpenSSL compatible CACERTDIR were loaded if the
file extension was '.0'. However the file name should be 8 letters long
certificate hash of the certificate subject name, followed by a numeric
suffix which is used to differentiate between two certificates with the
same subject name.

Wit this patch, certificate file names are matched correctly (using
regular expressions).

7 years agoITS#7373 - TLS: do not reuse tls_session if hostname check fails
Jan Vcelak [Tue, 28 Aug 2012 14:57:54 +0000 (16:57 +0200)]
ITS#7373 - TLS: do not reuse tls_session if hostname check fails

If multiple servers are specified, the connection to the first one
succeeds, and the hostname verification fails, *tls_session is not
dropped, but reused when connecting to the second server.

This is a problem with Mozilla NSS backend because another handshake
cannot be performed on the same file descriptor. From this reason,
hostname checking was moved into ldap_int_tls_connect() before
connection error handling.

7 years agoITS#7100 Update entryTtl behaviour to match RFC 2589
Ondřej Kuzník [Sun, 22 Nov 2015 18:32:43 +0000 (18:32 +0000)]
ITS#7100 Update entryTtl behaviour to match RFC 2589