]> git.sur5r.net Git - openldap/log
openldap
7 years agoITS#8583 - Fix C++ LDAP Control structure
Quanah Gibson-Mount [Wed, 5 Jul 2017 20:14:54 +0000 (13:14 -0700)]
ITS#8583 - Fix C++ LDAP Control structure

7 years agoITS#8578 - remove unused-variables in RE24 testing call (2.4.45)
sca+openldap@andreasschulze.de [Fri, 1 Sep 2017 23:31:52 +0000 (16:31 -0700)]
ITS#8578 - remove unused-variables in RE24 testing call (2.4.45)

7 years agoITS#8404 Fix an assertion failure during modify of olcDbRewrite in back-meta
Nadezhda Ivanova [Tue, 12 Sep 2017 14:14:30 +0000 (17:14 +0300)]
ITS#8404 Fix an assertion failure during modify of olcDbRewrite in back-meta

7 years agoITS#8121 - Note ldap_sasl_bind and ldap_sasl_bind_s can be used to make simple binds...
Quanah Gibson-Mount [Sun, 23 Apr 2017 22:30:07 +0000 (15:30 -0700)]
ITS#8121 - Note ldap_sasl_bind and ldap_sasl_bind_s can be used to make simple binds via the LDAP_SASL_SIMPLE mechanism

7 years agoITS#7520 - back-ldap omit-unknown-schema changes
Ted C. Cheng [Fri, 6 Feb 2015 01:19:39 +0000 (17:19 -0800)]
ITS#7520 - back-ldap omit-unknown-schema changes

7 years agoITS#7374 - MozNSS: better file name matching for hashed CA certificate directory
Jan Vcelak [Wed, 29 Aug 2012 14:23:52 +0000 (16:23 +0200)]
ITS#7374 - MozNSS: better file name matching for hashed CA certificate directory

CA certificate files in OpenSSL compatible CACERTDIR were loaded if the
file extension was '.0'. However the file name should be 8 letters long
certificate hash of the certificate subject name, followed by a numeric
suffix which is used to differentiate between two certificates with the
same subject name.

Wit this patch, certificate file names are matched correctly (using
regular expressions).

7 years agoITS#7373 - TLS: do not reuse tls_session if hostname check fails
Jan Vcelak [Tue, 28 Aug 2012 14:57:54 +0000 (16:57 +0200)]
ITS#7373 - TLS: do not reuse tls_session if hostname check fails

If multiple servers are specified, the connection to the first one
succeeds, and the hostname verification fails, *tls_session is not
dropped, but reused when connecting to the second server.

This is a problem with Mozilla NSS backend because another handshake
cannot be performed on the same file descriptor. From this reason,
hostname checking was moved into ldap_int_tls_connect() before
connection error handling.

7 years agoITS#7100 Update entryTtl behaviour to match RFC 2589
Ondřej Kuzník [Sun, 22 Nov 2015 18:32:43 +0000 (18:32 +0000)]
ITS#7100 Update entryTtl behaviour to match RFC 2589

7 years agoITS#7100 Test for entryTtl reflecting time to live
Ondřej Kuzník [Sun, 22 Nov 2015 18:31:30 +0000 (18:31 +0000)]
ITS#7100 Test for entryTtl reflecting time to live

7 years agoITS#5048 - index on entryCSN is mandatory
Quanah Gibson-Mount [Thu, 7 Sep 2017 15:44:28 +0000 (08:44 -0700)]
ITS#5048 - index on entryCSN is mandatory

7 years agoITS#8752 fix syncrepl null_callback
Howard Chu [Thu, 5 Oct 2017 21:13:39 +0000 (22:13 +0100)]
ITS#8752 fix syncrepl null_callback

Make sure it's last in callback stack

7 years agoFix script so it exits
Quanah Gibson-Mount [Thu, 5 Oct 2017 16:23:02 +0000 (09:23 -0700)]
Fix script so it exits

7 years agoITS#8444 - Fix description to match the actual issue that was fixed
Quanah Gibson-Mount [Thu, 5 Oct 2017 03:42:54 +0000 (20:42 -0700)]
ITS#8444 - Fix description to match the actual issue that was fixed

7 years agoITS#8752 - Add regression test
Quanah Gibson-Mount [Thu, 5 Oct 2017 03:36:25 +0000 (20:36 -0700)]
ITS#8752 - Add regression test

7 years agoITS#8733 Allow a raw integer to be decoded from a berval
Hallvard Furuseth [Fri, 23 Jun 2017 09:56:49 +0000 (10:56 +0100)]
ITS#8733 Allow a raw integer to be decoded from a berval

7 years agoITS#8733 Allow extraction of the complete ber element
Hallvard Furuseth [Fri, 23 Jun 2017 09:55:36 +0000 (10:55 +0100)]
ITS#8733 Allow extraction of the complete ber element

7 years agoITS#8732 Extend CIRCLEQ macros
Ondřej Kuzník [Wed, 10 May 2017 14:57:27 +0000 (15:57 +0100)]
ITS#8732 Extend CIRCLEQ macros

7 years agoLDAP_FEATURE_SUBORDINATE_SCOPE is from expired draft-sermersheim-ldap-subordinate...
Quanah Gibson-Mount [Tue, 26 Sep 2017 18:51:27 +0000 (11:51 -0700)]
LDAP_FEATURE_SUBORDINATE_SCOPE is from expired draft-sermersheim-ldap-subordinate-scope, leave behind LDAP_DEVEL

7 years agoMove a bunch of featuers back behind LDAP_DEVEL for 2.5
Quanah Gibson-Mount [Tue, 26 Sep 2017 18:35:50 +0000 (11:35 -0700)]
Move a bunch of featuers back behind LDAP_DEVEL for 2.5
SLAP_AUXPROP_DONTUSECOPY is ok for release

7 years agoCHECK_CSN is a debug only flag for testing. It should always remain
Quanah Gibson-Mount [Tue, 26 Sep 2017 18:30:50 +0000 (11:30 -0700)]
CHECK_CSN is a debug only flag for testing.  It should always remain
behind LDAP_DEVEL

7 years agoITS#6817 - back-meta work for SLAP_AUTH_DN was never finished according
Quanah Gibson-Mount [Tue, 26 Sep 2017 18:27:15 +0000 (11:27 -0700)]
ITS#6817 - back-meta work for SLAP_AUTH_DN was never finished according
to the ITS notes.  In addition, this would need man page updates for the
feature

7 years agoThe support for unindexed attributes being tracked in back-monitor needs
Quanah Gibson-Mount [Tue, 26 Sep 2017 18:04:45 +0000 (11:04 -0700)]
The support for unindexed attributes being tracked in back-monitor needs
to remain behind LDAP_DEVEL for now.  Right now, the mutex in
back-monitor cannot properly handle the load if the server had a lot
of unindexed attributes that were being accessed in search filters.

7 years agoITS#7428 - Non-blocking TLS is not compatible with MOZNSS
Quanah Gibson-Mount [Tue, 26 Sep 2017 17:59:08 +0000 (10:59 -0700)]
ITS#7428 - Non-blocking TLS is not compatible with MOZNSS

7 years agoWhitespace cleanup
Quanah Gibson-Mount [Tue, 26 Sep 2017 17:33:01 +0000 (10:33 -0700)]
Whitespace cleanup

7 years agoITS#8638 Add a recursive mutex to libldap_r for libevent
Ondřej Kuzník [Wed, 8 Mar 2017 17:03:18 +0000 (17:03 +0000)]
ITS#8638 Add a recursive mutex to libldap_r for libevent

Most thread implementations suppport a native recursive mutex, use that
where possible (especially when a regular mutex is recursive already).

Also provide a macro for applications to test whether they can use the
lock functions interchangeably.

7 years agoFix warnings issued by autoconf 2.68+
Ondřej Kuzník [Wed, 24 May 2017 15:12:48 +0000 (16:12 +0100)]
Fix warnings issued by autoconf 2.68+

7 years agoFix additional compile for /dev/poll support. /dev/poll is neither tested nor supported.
Quanah Gibson-Mount [Fri, 22 Sep 2017 19:05:18 +0000 (12:05 -0700)]
Fix additional compile for /dev/poll support. /dev/poll is neither tested nor supported.

7 years agoMerge branch 'master' of ssh://git-master.openldap.org/~git/git/openldap
Quanah Gibson-Mount [Tue, 19 Sep 2017 22:21:56 +0000 (15:21 -0700)]
Merge branch 'master' of ssh://git-master.openldap.org/~git/git/openldap

7 years agoFix calls to SLAP_DEVPOLL_SOCK_LX for multi-listener support. Support
Quanah Gibson-Mount [Tue, 19 Sep 2017 22:20:56 +0000 (15:20 -0700)]
Fix calls to SLAP_DEVPOLL_SOCK_LX for multi-listener support.  Support
for /dev/poll is neither enabled nor tested, so other issues may exist.

7 years agoITS#8725 fix 75999a18c3c302bc2a71e9a01dfe63a62be8077c
Howard Chu [Fri, 8 Sep 2017 20:36:05 +0000 (21:36 +0100)]
ITS#8725 fix 75999a18c3c302bc2a71e9a01dfe63a62be8077c

Not needed since callback uses tmpalloc

7 years agoFix typo "errror" -> "error"
Quanah Gibson-Mount [Fri, 8 Sep 2017 19:03:02 +0000 (12:03 -0700)]
Fix typo "errror" -> "error"

7 years agoITS#8725 Always remove listener descriptors from daemon on shutdown
Nadezhda Ivanova [Fri, 24 Mar 2017 11:19:00 +0000 (13:19 +0200)]
ITS#8725 Always remove listener descriptors from daemon on shutdown

7 years agoITS#8725 add slap_sl_mark / slap_sl_release
Howard Chu [Tue, 14 Mar 2017 08:50:17 +0000 (08:50 +0000)]
ITS#8725 add slap_sl_mark / slap_sl_release

For fast cleanup after constructing disposable entries

7 years agoITS#8725 Avoid listener thread startup race
Howard Chu [Thu, 9 Feb 2017 17:20:28 +0000 (17:20 +0000)]
ITS#8725 Avoid listener thread startup race

Typically only shows up under valgrind, not in regular runs

7 years agoITS#8725 connection fixes
Howard Chu [Thu, 19 Jan 2017 20:10:38 +0000 (20:10 +0000)]
ITS#8725 connection fixes

Fix op_finish, must resched connection to pick up pending ops.
Fix op completion counter.

7 years agoITS#8725 backover fixes for async
Howard Chu [Tue, 17 Jan 2017 09:44:03 +0000 (09:44 +0000)]
ITS#8725 backover fixes for async

Fix some valgrind race conditions - wait for frontend to finish up
Don't set callbacks for abandon or unbind - since they have no response
Use tmpalloc for backover callback

7 years agoITS#8725 Fix an invalid data access during add operations if backend is asynchronous
Nadezhda Ivanova [Fri, 27 Jan 2017 09:49:24 +0000 (10:49 +0100)]
ITS#8725 Fix an invalid data access during add operations if backend is asynchronous

7 years agoITS#8727 plug ber leaks
Howard Chu [Tue, 17 Jan 2017 11:35:54 +0000 (11:35 +0000)]
ITS#8727 plug ber leaks

7 years agoITS#8725 Add SLAPD_ASYNCOP return code
Howard Chu [Mon, 16 Jan 2017 21:21:33 +0000 (21:21 +0000)]
ITS#8725 Add SLAPD_ASYNCOP return code

Tell frontend the op will finish asynchronously, leave it alone

7 years agoITS#8717 call connection delete callbacks
Howard Chu [Wed, 6 Sep 2017 20:46:09 +0000 (21:46 +0100)]
ITS#8717 call connection delete callbacks

When TLS fails to start

7 years agoITS#8709 contrib/slapd-modules/passwd/totp: OpenSSL 1.1.0 compatibility
SATOH Fumiyasu [Thu, 3 Aug 2017 07:59:02 +0000 (16:59 +0900)]
ITS#8709 contrib/slapd-modules/passwd/totp: OpenSSL 1.1.0 compatibility

7 years agoITS#8719 add crypt_r() support
Howard Chu [Wed, 6 Sep 2017 20:25:16 +0000 (21:25 +0100)]
ITS#8719 add crypt_r() support

7 years agoITS#8714 Send out EXTENDED operation message from back-sock
Michael Ströder [Tue, 5 Sep 2017 13:52:34 +0000 (15:52 +0200)]
ITS#8714 Send out EXTENDED operation message from back-sock

7 years agoITS#8270 use the configured exop timeout for StartTLS
Howard Chu [Thu, 31 Aug 2017 15:53:45 +0000 (16:53 +0100)]
ITS#8270 use the configured exop timeout for StartTLS

Also, there's no need for a retry loop here. Just wait for
the specified timeout or give up.

7 years agoITS#8444 Do not clear the pending operation when checkpointing
Ondřej Kuzník [Fri, 25 Aug 2017 15:25:23 +0000 (16:25 +0100)]
ITS#8444 Do not clear the pending operation when checkpointing

When a checkpoint happens, if we remove the CSN from the pending list,
accesslog won't pass it onto the accesslog DB. But in a delta-mmr
scenario, an accesslog entry without a CSN faces a race where it might
be applied twice - that usually fails and causes a full refresh, other
times it can cause a silent desync - both are undesirable.

7 years agoITS#8715 Fix typo with olcTLSCiphersuite
Quanah Gibson-Mount [Mon, 21 Aug 2017 16:19:12 +0000 (09:19 -0700)]
ITS#8715 Fix typo with olcTLSCiphersuite

7 years agoITS#8713 Delete stub man page for LDBM
Quanah Gibson-Mount [Wed, 16 Aug 2017 15:50:22 +0000 (08:50 -0700)]
ITS#8713 Delete stub man page for LDBM

7 years agoITS#8690 one more time
Howard Chu [Fri, 4 Aug 2017 19:58:07 +0000 (20:58 +0100)]
ITS#8690 one more time

7 years agoITS#8690 fix again
Howard Chu [Fri, 4 Aug 2017 12:40:34 +0000 (13:40 +0100)]
ITS#8690 fix again

7 years agoRevert "ITS#8690 refix"
Howard Chu [Fri, 4 Aug 2017 12:34:03 +0000 (13:34 +0100)]
Revert "ITS#8690 refix"

This reverts commit a5f3a2885c9d1a72ecebf159522a558a1f33d767.

7 years agoITS#8705 fix service pathname
Howard Chu [Thu, 3 Aug 2017 11:42:21 +0000 (12:42 +0100)]
ITS#8705 fix service pathname

Strip trailing space of last pathname component, if any. Not first.

7 years agoITS#8690 refix
Howard Chu [Tue, 1 Aug 2017 23:52:13 +0000 (00:52 +0100)]
ITS#8690 refix

Don't double-queue delete ops

7 years agoITS#8226 optimization
Howard Chu [Tue, 1 Aug 2017 21:08:50 +0000 (22:08 +0100)]
ITS#8226 optimization

Don't release read txn unless there has actually been a new write txn

7 years agoITS#8690 fix prev commit
Howard Chu [Tue, 1 Aug 2017 20:57:02 +0000 (21:57 +0100)]
ITS#8690 fix prev commit

7 years agoCleanup uninit'd vars
Howard Chu [Tue, 1 Aug 2017 20:47:15 +0000 (21:47 +0100)]
Cleanup uninit'd vars

7 years agoITS#8690 plug memleak on Delete ops
Howard Chu [Fri, 21 Jul 2017 18:04:08 +0000 (19:04 +0100)]
ITS#8690 plug memleak on Delete ops

7 years agoITS#8697 - For Windows builds with newer MINGW, remove refptr symbols
Quanah Gibson-Mount [Fri, 21 Jul 2017 00:11:01 +0000 (17:11 -0700)]
ITS#8697 - For Windows builds with newer MINGW, remove refptr symbols
mappings from slapd.def

7 years agoFix missing index on reqResult
Quanah Gibson-Mount [Fri, 23 Jun 2017 16:44:46 +0000 (09:44 -0700)]
Fix missing index on reqResult

7 years agoITS#8678 temporary hack
Howard Chu [Thu, 22 Jun 2017 17:08:40 +0000 (18:08 +0100)]
ITS#8678 temporary hack

7 years agoITS#8667 - Add regression test
Quanah Gibson-Mount [Wed, 7 Jun 2017 00:04:11 +0000 (17:04 -0700)]
ITS#8667 - Add regression test

7 years agoMerge remote-tracking branch 'origin/mdb.RE/0.9'
Howard Chu [Thu, 1 Jun 2017 16:52:15 +0000 (17:52 +0100)]
Merge remote-tracking branch 'origin/mdb.RE/0.9'

7 years agoRelease 0.9.21 LMDB_0.9.21
Howard Chu [Thu, 1 Jun 2017 16:51:10 +0000 (17:51 +0100)]
Release 0.9.21

7 years agoITS#8655 fix double free on paged search with pagesize 0
Ryan Tandy [Thu, 18 May 2017 03:07:39 +0000 (20:07 -0700)]
ITS#8655 fix double free on paged search with pagesize 0

Fixes a double free when a search includes the Paged Results control
with a page size of 0 and the search base matches the filter.

7 years agoITS#8648 init SASL library in global init
Ryan Tandy [Fri, 5 May 2017 03:08:07 +0000 (03:08 +0000)]
ITS#8648 init SASL library in global init

7 years agoITS#8648 check result of ldap_int_initialize in ldap_{get,set}_option
Ryan Tandy [Sun, 7 May 2017 20:16:00 +0000 (20:16 +0000)]
ITS#8648 check result of ldap_int_initialize in ldap_{get,set}_option

7 years agoITS#8650 retry gnutls_handshake after GNUTLS_E_AGAIN
Ryan Tandy [Sat, 6 May 2017 22:50:13 +0000 (22:50 +0000)]
ITS#8650 retry gnutls_handshake after GNUTLS_E_AGAIN

7 years agoITS#8123 - Fix wording to match examples
Quanah Gibson-Mount [Sun, 23 Apr 2017 22:13:23 +0000 (15:13 -0700)]
ITS#8123 - Fix wording to match examples

7 years agoITS#8592 Fix double free in sssvlv overlay
Kevin Lam [Tue, 21 Feb 2017 04:20:38 +0000 (12:20 +0800)]
ITS#8592 Fix double free in sssvlv overlay

7 years agoFix slapo-pcache to use mdb as the example backend
Quanah Gibson-Mount [Tue, 25 Apr 2017 23:09:22 +0000 (16:09 -0700)]
Fix slapo-pcache to use mdb as the example backend

7 years agoITS#8205 - Pick up changes that were ignored in the last commit
Quanah Gibson-Mount [Tue, 25 Apr 2017 18:47:49 +0000 (11:47 -0700)]
ITS#8205 - Pick up changes that were ignored in the last commit

7 years agoITS#8205 - Fix typos, use man page from Howard for TOTP
Quanah Gibson-Mount [Tue, 25 Apr 2017 18:37:48 +0000 (11:37 -0700)]
ITS#8205 - Fix typos, use man page from Howard for TOTP

7 years agoITS#8205 - contrib/smbk5pwd: add man page, install it too
Peter Marschall [Sun, 26 Jul 2015 13:04:26 +0000 (15:04 +0200)]
ITS#8205 - contrib/smbk5pwd: add man page, install it too

Add a manual page slapo-smbk5pwd.5 and update smbk5pwd's Makefile to
install the new manual page.

ITS#8205 - contrib/lastbind: install man page

Update lastbind's Makefile to install the manual page too.

ITS#8205 - contrib/passwd/sha2: add man page, install it too

Add a manual page slapd-pw-sha2.5 and update passwd/sha2's Makefile to
install the new manual page.

ITS#8205 - contrib/adremap: install man page

Update adremap's Makefile to install the manual page too.

ITS#8205 - contrib/allop: install man page

Update allop's Makefile to install the manual page too.

ITS#8205 - contrib/cloak: install man page

Update cloak's Makefile to install the manual page too.

ITS#8205 - contrib/lastmod: install man page

Update lastmod's Makefile to install the manual page too.

ITS#8205 - contrib/nops: install man page

Update nops's Makefile to install the manual page too.

ITS#8205 - contrib/nssov: install man page

Update nssov's Makefile to install the manual page too.

ITS#8205 - contrib/passwd: add man page slapd-pw-sha2.5, install it too

Add a manual page slapd-pw-radius.5 and update passwd's Makefile to
install the new manual page.

ITS#8205 - contrib/passwd/totp: add man page, install it too

Add a manual page slapo-totp.5 and update passwd/totp's Makefile to
install the new manual page.

ITS#8205 - contrib/passwd/pbkdf2: add man page, install it too

Add a manual page slapd-pw-pbkdf2.5 and update passwd/pbkdf2's Makefile to
install the new manual page.

7 years agoITS#8644 fix previous commit: initialize KILLPIDS
Ryan Tandy [Tue, 25 Apr 2017 01:53:56 +0000 (01:53 +0000)]
ITS#8644 fix previous commit: initialize KILLPIDS

7 years agoITS#8644 wait for slapd to start in test064
Ryan Tandy [Tue, 25 Apr 2017 01:28:25 +0000 (01:28 +0000)]
ITS#8644 wait for slapd to start in test064

7 years agoITS#8635 - Note that non-zero serverID's are required for MMR, and that serverID...
Quanah Gibson-Mount [Mon, 24 Apr 2017 20:15:56 +0000 (13:15 -0700)]
ITS#8635 - Note that non-zero serverID's are required for MMR, and that serverID 0 is specific to single master replication only

7 years agoITS#8613 - Note that slapo-memberOf should not be used in a replicated environment
Quanah Gibson-Mount [Sun, 23 Apr 2017 19:23:56 +0000 (12:23 -0700)]
ITS#8613 - Note that slapo-memberOf should not be used in a replicated environment

7 years agoITS#8344 - accesslog database should not be replicated
Jephte CLAIN [Thu, 31 Dec 2015 08:03:56 +0000 (12:03 +0400)]
ITS#8344 - accesslog database should not be replicated

7 years agoFix pool_retract signature
Howard Chu [Fri, 21 Apr 2017 13:39:17 +0000 (14:39 +0100)]
Fix pool_retract signature

Omitted from e12ca8b6fed6b8a2526c5c8ee820bf5aa942b59d

7 years agoRegenerate for autoca, asyncmeta, and wiredtiger
Quanah Gibson-Mount [Wed, 19 Apr 2017 19:49:24 +0000 (12:49 -0700)]
Regenerate for autoca, asyncmeta, and wiredtiger

7 years agoTweaks for OpenSSL 1.1 API deprecations
Howard Chu [Wed, 19 Apr 2017 19:19:09 +0000 (20:19 +0100)]
Tweaks for OpenSSL 1.1 API deprecations

7 years agoDelete extraneous #define
Howard Chu [Wed, 19 Apr 2017 18:27:02 +0000 (19:27 +0100)]
Delete extraneous #define

Was only for convenience during testing

7 years agoFix autoca build with OpenSSL 1.1.0
Quanah Gibson-Mount [Tue, 18 Apr 2017 20:40:05 +0000 (13:40 -0700)]
Fix autoca build with OpenSSL 1.1.0

7 years agoRegenerate configure
Quanah Gibson-Mount [Tue, 18 Apr 2017 15:23:18 +0000 (08:23 -0700)]
Regenerate configure

7 years agoFix 9bafb16e1bfabf7fc2c4f5ee3a75d35c91354c02 - autoca support
Quanah Gibson-Mount [Tue, 18 Apr 2017 15:22:56 +0000 (08:22 -0700)]
Fix 9bafb16e1bfabf7fc2c4f5ee3a75d35c91354c02 - autoca support

7 years agoITS#8643 - Fix typo
Quanah Gibson-Mount [Tue, 18 Apr 2017 15:01:26 +0000 (08:01 -0700)]
ITS#8643 - Fix typo

7 years agoITS#8634 - Fix DES API function calls to current DES API
Quanah Gibson-Mount [Fri, 14 Apr 2017 17:50:46 +0000 (10:50 -0700)]
ITS#8634 - Fix DES API function calls to current DES API

7 years agoITS#8632 request the correct type
Ondřej Kuzník [Mon, 10 Apr 2017 10:26:28 +0000 (11:26 +0100)]
ITS#8632 request the correct type

7 years agoITS#8631 Initialize sal
Ondřej Kuzník [Mon, 10 Apr 2017 09:42:46 +0000 (10:42 +0100)]
ITS#8631 Initialize sal

7 years agoCleanup unused vars
Howard Chu [Sun, 9 Apr 2017 23:54:21 +0000 (00:54 +0100)]
Cleanup unused vars

7 years agoTweak privateKeyValidate
Howard Chu [Sun, 9 Apr 2017 23:51:09 +0000 (00:51 +0100)]
Tweak privateKeyValidate

Only accept PKCS#8 private keys

7 years agoAdd GnuTLS support for direct DER config of cacert/cert/key
Howard Chu [Sun, 9 Apr 2017 23:21:08 +0000 (00:21 +0100)]
Add GnuTLS support for direct DER config of cacert/cert/key

Followon to b402a2805f8b96d2751a7315ea5e70e5082965ed

7 years agoCleanup warnings, unused vars, etc.
Howard Chu [Sun, 9 Apr 2017 22:42:22 +0000 (23:42 +0100)]
Cleanup warnings, unused vars, etc.

7 years agoFix autoca schema init
Howard Chu [Sun, 9 Apr 2017 21:45:36 +0000 (22:45 +0100)]
Fix autoca schema init

Wait for core.schema to get loaded

7 years agoCleanup test066 comments
Howard Chu [Sun, 9 Apr 2017 20:37:55 +0000 (21:37 +0100)]
Cleanup test066 comments

7 years agoautoca manpage updates
Howard Chu [Sun, 9 Apr 2017 19:48:37 +0000 (20:48 +0100)]
autoca manpage updates

7 years agoAdd autoca test script
Howard Chu [Sun, 9 Apr 2017 19:33:50 +0000 (20:33 +0100)]
Add autoca test script

7 years agoautoca fixups
Howard Chu [Sun, 9 Apr 2017 19:31:11 +0000 (20:31 +0100)]
autoca fixups

Move install of CA cert to a pool thread, otherwise cn=config deadlocks
on dynamically loaded overlay.

Dup/release entry before attempting to modify it, to avoid deadlocks
in back-bdb/hdb.

Always use PKCS#8 format when storing private keys.

7 years agoFixup for ;binary config attrs
Howard Chu [Sun, 9 Apr 2017 19:29:47 +0000 (20:29 +0100)]
Fixup for ;binary config attrs

Use the plain attributeDescription when searching config tables

7 years agoAdd localDN config
Howard Chu [Sun, 9 Apr 2017 15:40:25 +0000 (16:40 +0100)]
Add localDN config

If a cert is generated for this DN, configure it as the local
TLS cert/key

7 years agoSet the CA cert in cn=config if none was already set
Howard Chu [Sun, 9 Apr 2017 14:42:17 +0000 (15:42 +0100)]
Set the CA cert in cn=config if none was already set