]>
git.sur5r.net Git - openldap/log
Kurt Zeilenga [Sun, 18 Jul 1999 04:56:17 +0000 (04:56 +0000)]
Updates from libtool 1.3.3
Kurt Zeilenga [Sun, 18 Jul 1999 04:22:56 +0000 (04:22 +0000)]
Replace install-sh with Autoconf 2.13 distributed version (from MIT).
Kurt Zeilenga [Sun, 18 Jul 1999 04:14:23 +0000 (04:14 +0000)]
Versions from Autoconf CVS repository (stable branch).
Kurt Zeilenga [Sun, 18 Jul 1999 03:41:06 +0000 (03:41 +0000)]
Replace config.guess/.sub with versions from Autoconf 2.13.
Hallvard Furuseth [Sun, 18 Jul 1999 01:20:45 +0000 (01:20 +0000)]
make ldap.ld_lberoptions unsigned, like berelement.ber_options
Hallvard Furuseth [Sun, 18 Jul 1999 01:04:49 +0000 (01:04 +0000)]
Introduce got_<gid,uid> (the r1.4 change misbehaved with -user <root>).
Also free <user> in !HAVE_GETPWUID case.
Kurt Zeilenga [Sun, 18 Jul 1999 00:33:30 +0000 (00:33 +0000)]
Import patches mistakenly applied to OPENLDAP_DEVEL_REFERRALS.
ldap_modify: delete of last attribute value should delete attribute (ITS#229)
thr_nt: use sleep to yield
Kurt Zeilenga [Fri, 16 Jul 1999 22:26:57 +0000 (22:26 +0000)]
fix substring_comp_candidates logic if intersection of candidates
is ever empty. See ITS#228.
Kurt Zeilenga [Fri, 16 Jul 1999 22:24:32 +0000 (22:24 +0000)]
(re)introduce o_connid such that STATS doesn't need c_mutex (which it
didn't bother to acquire)...
Julio Sánchez Fernández [Fri, 16 Jul 1999 20:03:53 +0000 (20:03 +0000)]
Document -T and -P
Julio Sánchez Fernández [Fri, 16 Jul 1999 19:56:32 +0000 (19:56 +0000)]
Document a few TLS options that do something.
Hallvard Furuseth [Fri, 16 Jul 1999 18:59:37 +0000 (18:59 +0000)]
Add comment that socklen_t should be used
Hallvard Furuseth [Fri, 16 Jul 1999 18:57:11 +0000 (18:57 +0000)]
Add comment thatPass socklen_t* instead of int* to getsockopt, accept, getpeername, recvfrom
Julio Sánchez Fernández [Fri, 16 Jul 1999 18:53:30 +0000 (18:53 +0000)]
Look on connection_read() if it returns positive so it has a chance
to exhaust all protocol units received from the transport layer.
I think this is the necessary fix for the TLS-data-ready/
socket-not-ready issue, but I have not experimented that problem
yet, so I am unsure about its effectiveness.
Now, do we need something like that for connection_write? How would
we go about implementing it?
Julio Sánchez Fernández [Fri, 16 Jul 1999 18:48:13 +0000 (18:48 +0000)]
Clear c_needs_tls_acccept on ldap_pvt_tls_accept errors
Hallvard Furuseth [Fri, 16 Jul 1999 18:43:10 +0000 (18:43 +0000)]
Pass socklen_t* instead of int* to getsockopt, accept, getpeername, recvfrom
Kurt Zeilenga [Fri, 16 Jul 1999 17:07:53 +0000 (17:07 +0000)]
Fix typo in last commit.
Kurt Zeilenga [Fri, 16 Jul 1999 17:04:10 +0000 (17:04 +0000)]
Don't use non-portable "ln -s -f".
Julio Sánchez Fernández [Fri, 16 Jul 1999 15:52:17 +0000 (15:52 +0000)]
Move calls to ldap_pvt_tls_accept to connection_read instead of
connection_init so that we get into the select() logic.
Make use of new flags in the connection.
BTW, and before I forget, it sort of works. I have connected with
a Netscape client using a secure connection and did a failed
search (my test database is empty), but the trace looked correct.
Make sure you have your CA certificate in your Netscape preinstalled.
Otherwise, the connection fails with error 0xFFFFFFFF that is rather
uninformative.
Julio Sánchez Fernández [Fri, 16 Jul 1999 15:46:15 +0000 (15:46 +0000)]
We were not remembering the allocated SSL thing in the Sockbuf.
Set flags without relying on errno (this change may be gratuitous
or wrong).
Julio Sánchez Fernández [Fri, 16 Jul 1999 15:43:47 +0000 (15:43 +0000)]
Two new flags in Connection. One to indicate that it is a raw TLS
section (that is, not SASL). The second to indicate that we need to
do SSL_accept on this connection.
Julio Sánchez Fernández [Fri, 16 Jul 1999 10:51:31 +0000 (10:51 +0000)]
Fix syntax oid for type 2.16.840.1.113730.3.1.34 (ref)
Julio Sánchez Fernández [Fri, 16 Jul 1999 10:39:40 +0000 (10:39 +0000)]
Definitely, 'dn' and 'distinguishedName' are different things. The
former is a pseudo attribute type used internally by slapd to represent
the distinguished name of an entry and its existance should not be
visible. The latter is an "abstract" attribute type that is not meant
to exist in practice except as supertype of other dn-valued types.
So, the definition of attribute type 2.5.4.49 has been changed to be
just distinguishedName. Work on the OPENLDAP_DEVEL_SCHEMA branch will
treat pseudo attributes especially and will not be visible to the
clients.
Julio Sánchez Fernández [Fri, 16 Jul 1999 10:28:51 +0000 (10:28 +0000)]
We should stop using SSL to refer to TLS. This is a first step.
Kurt Zeilenga [Fri, 16 Jul 1999 03:03:34 +0000 (03:03 +0000)]
Add use ldap_*_ext() routines in clients project.
Remove server side controls.
Add Digest-MD5 project.
Kurt Zeilenga [Fri, 16 Jul 1999 02:45:46 +0000 (02:45 +0000)]
Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS.
Includes support for update referral for each replicated backend.
Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world. Still testing in LDAPv3 world.
Added default referral (test009) test.
Kurt Zeilenga [Fri, 16 Jul 1999 00:16:54 +0000 (00:16 +0000)]
Backend lock wasn't being released properly.
Julio Sánchez Fernández [Thu, 15 Jul 1999 21:07:01 +0000 (21:07 +0000)]
Initialize the TLS environment *after* reading the config files.
Julio Sánchez Fernández [Thu, 15 Jul 1999 21:05:08 +0000 (21:05 +0000)]
Parse more TLS options in slapd.conf
Julio Sánchez Fernández [Thu, 15 Jul 1999 21:03:47 +0000 (21:03 +0000)]
Set ciphers from slapd.conf.
More error checking and reporting.
Slowly getting there, SSL_accept succeeds now, but connection breaks
immediately after that (my glue logic with slapd is broken).
Julio Sánchez Fernández [Thu, 15 Jul 1999 20:58:47 +0000 (20:58 +0000)]
More options for TLS
Kurt Zeilenga [Thu, 15 Jul 1999 20:00:05 +0000 (20:00 +0000)]
Add missing arg to Debug macro call
Julio Sánchez Fernández [Thu, 15 Jul 1999 15:04:02 +0000 (15:04 +0000)]
A couple of options for TLS configuration. Still a conflict here,
the default context is initialized before the config file is read,
so the locations are not know at context initialization.
Julio Sánchez Fernández [Thu, 15 Jul 1999 14:59:09 +0000 (14:59 +0000)]
New routine tls_report_error to analyze errors from OpenSSL
Change temporarily the default protocol from TLSv1 to SSLv3 with
fallback to SSLv2. This seems necessary for slapd to accept connections
from Netscape.
Try to set the cipher list in the default context. Does not semm to
work yet.
Hallvard Furuseth [Wed, 14 Jul 1999 23:28:56 +0000 (23:28 +0000)]
Remove duplicate 'static'
Hallvard Furuseth [Wed, 14 Jul 1999 23:13:34 +0000 (23:13 +0000)]
fix typo in rm command
Julio Sánchez Fernández [Wed, 14 Jul 1999 19:51:35 +0000 (19:51 +0000)]
Get rid of two compilation warnings. One is thought to be properly
taken care of. The second, however, on remove_old_locks is unclear.
Julio Sánchez Fernández [Wed, 14 Jul 1999 19:49:39 +0000 (19:49 +0000)]
Parsing of flag -T was falling through to the default case.
Init the TLS environment if necessary. Lots of things needed here,
in particular, preparing properly the default context.
Julio Sánchez Fernández [Wed, 14 Jul 1999 19:44:18 +0000 (19:44 +0000)]
connection_init now takes one more argument that indicates whether to
use TLS right away or not on that connection.
Kurt Zeilenga [Wed, 14 Jul 1999 17:50:40 +0000 (17:50 +0000)]
Update configure due to Hallvard's openldap.m4 change
Kurt Zeilenga [Wed, 14 Jul 1999 17:07:39 +0000 (17:07 +0000)]
Match xrpcomp change in devel
Julio Sánchez Fernández [Wed, 14 Jul 1999 13:39:30 +0000 (13:39 +0000)]
Only bind on TLS port if explicitly requested with -T, otherwise all
kind of conflicts happen when running tests.
Julio Sánchez Fernández [Wed, 14 Jul 1999 13:16:13 +0000 (13:16 +0000)]
Bind and listen on TLS port too
Julio Sánchez Fernández [Wed, 14 Jul 1999 13:14:54 +0000 (13:14 +0000)]
Extend slapd_args with TLS info
Julio Sánchez Fernández [Wed, 14 Jul 1999 13:12:51 +0000 (13:12 +0000)]
Define LDAP_TLS_PORT as 636, the default port for LDAP over raw TLS
Hallvard Furuseth [Wed, 14 Jul 1999 12:08:58 +0000 (12:08 +0000)]
Fix typo in socklen_t comment (signal.h -> sys/types.h and sys/socket.h)
Julio Sánchez Fernández [Wed, 14 Jul 1999 11:13:32 +0000 (11:13 +0000)]
Fix detection of socklen_t
Rebuild configure to reflect that
Kurt Zeilenga [Wed, 14 Jul 1999 00:03:52 +0000 (00:03 +0000)]
Newer versions of OpenSSL install headers in $prefix/include/openssl...
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:40:10 +0000 (19:40 +0000)]
Deal with sb_trans_needs_read and sb_trans_needs_write
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:38:01 +0000 (19:38 +0000)]
Add a couple of control flags to sockbufs and macros to test them.
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:34:07 +0000 (19:34 +0000)]
Get and set TLS options
Kurt Zeilenga [Tue, 13 Jul 1999 19:32:58 +0000 (19:32 +0000)]
Rebuild configure with TLS changes
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:32:51 +0000 (19:32 +0000)]
First version with TLS. Untested.
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:30:41 +0000 (19:30 +0000)]
First version with TLS. Untested.
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:29:19 +0000 (19:29 +0000)]
Options for TLS
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:27:33 +0000 (19:27 +0000)]
Add tls.c
Add use of TLS_LIBS so that test tools compile
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:25:10 +0000 (19:25 +0000)]
Add tls.c
Add use of TLS_LIBS so that test tools compile
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:23:41 +0000 (19:23 +0000)]
Add option definitions for TLS
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:22:14 +0000 (19:22 +0000)]
Use $(TLS_LIBS)
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:21:27 +0000 (19:21 +0000)]
Pass TLS_LIBS to the Makefile's.
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:20:16 +0000 (19:20 +0000)]
Our check for SSLeay_add_ssl_algorithms fails with modern versions of
OpenSSL since it has been made a preprocessor macro. Please review
this change to do the right thing w.r.t. rsaref.
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:15:14 +0000 (19:15 +0000)]
Include $(TLS_LIBS)
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:13:32 +0000 (19:13 +0000)]
Include TLS_LIBS
Julio Sánchez Fernández [Tue, 13 Jul 1999 19:11:53 +0000 (19:11 +0000)]
First version of TLS glue for SSLeay/OpenSSL originally written by
Bart Hartgers. Untested.
Kurt Zeilenga [Tue, 13 Jul 1999 18:46:22 +0000 (18:46 +0000)]
Add configure support for 'socklen_t' as provided by Hallvard.
Kurt Zeilenga [Tue, 13 Jul 1999 18:41:00 +0000 (18:41 +0000)]
Support old c_plusplus...
Kurt Zeilenga [Tue, 13 Jul 1999 18:39:20 +0000 (18:39 +0000)]
Use assert instead of private Assert macro
Hallvard Furuseth [Tue, 13 Jul 1999 09:41:25 +0000 (09:41 +0000)]
Eliminate htonl(unsigned_long_arg), which is wrong on 64-bit OSF1/alpha
Kurt Zeilenga [Tue, 13 Jul 1999 08:24:26 +0000 (08:24 +0000)]
Fix debug message.
Hallvard Furuseth [Tue, 13 Jul 1999 06:48:35 +0000 (06:48 +0000)]
Fix LDAP_CONST->const in explode_name(), it failed when LDAP_CONST was empty.
Hallvard Furuseth [Tue, 13 Jul 1999 06:39:55 +0000 (06:39 +0000)]
Fix LDAP_CONNECTIONLESS code rot
Hallvard Furuseth [Tue, 13 Jul 1999 06:37:19 +0000 (06:37 +0000)]
Fix NULLxxx -> NULL
Hallvard Furuseth [Tue, 13 Jul 1999 06:31:56 +0000 (06:31 +0000)]
Forced commit to correct previous log, files were not changed:
Create ldap_int_tblsize and ldap_int_ip_init().
Initialize from ldap_int_initialize().
Hallvard Furuseth [Tue, 13 Jul 1999 06:27:47 +0000 (06:27 +0000)]
ldap-int.h
Hallvard Furuseth [Tue, 13 Jul 1999 06:21:14 +0000 (06:21 +0000)]
ldap-int.h
Hallvard Furuseth [Tue, 13 Jul 1999 05:17:50 +0000 (05:17 +0000)]
constify use of invalue in <ber/ldap>_set_option()
Hallvard Furuseth [Tue, 13 Jul 1999 05:13:33 +0000 (05:13 +0000)]
constify ldap_int_put_controls, ldap_control_dup, ldap_controls_dup
Hallvard Furuseth [Tue, 13 Jul 1999 05:05:59 +0000 (05:05 +0000)]
Add opattrs=0 arg to send_search_entry() call
Hallvard Furuseth [Tue, 13 Jul 1999 05:04:06 +0000 (05:04 +0000)]
Fix read_next_searchobj prototype: long*blenp -> ber_len_t*blenp
Hallvard Furuseth [Tue, 13 Jul 1999 04:13:21 +0000 (04:13 +0000)]
Erase bad space from blank Makefile line
Hallvard Furuseth [Tue, 13 Jul 1999 04:11:49 +0000 (04:11 +0000)]
Add missing newline at EOF
Hallvard Furuseth [Tue, 13 Jul 1999 04:01:25 +0000 (04:01 +0000)]
Erase bad space from blank Makefile line
Hallvard Furuseth [Tue, 13 Jul 1999 03:54:42 +0000 (03:54 +0000)]
Add bmu_funcp to bmu_align_u
Hallvard Furuseth [Tue, 13 Jul 1999 03:50:39 +0000 (03:50 +0000)]
Fix use and decl of ber_pvt_assert. Fix ac/stdio.h -> stdio.h.
Hallvard Furuseth [Tue, 13 Jul 1999 03:19:55 +0000 (03:19 +0000)]
Fix typo "CC" -> "$CC" in AIX cc_r detection
Kurt Zeilenga [Fri, 9 Jul 1999 21:10:19 +0000 (21:10 +0000)]
Mirror <ac/time.h> inclusion made in re12
Kurt Zeilenga [Wed, 7 Jul 1999 19:58:59 +0000 (19:58 +0000)]
Remove a few completed projects
Kurt Zeilenga [Wed, 7 Jul 1999 18:53:51 +0000 (18:53 +0000)]
Forgot the most important part of unsolicited notifications... exop!
Kurt Zeilenga [Wed, 7 Jul 1999 18:51:39 +0000 (18:51 +0000)]
Add support for unsolicited notifications.
Kurt Zeilenga [Wed, 7 Jul 1999 18:47:51 +0000 (18:47 +0000)]
Copy LDBM bind "ACL_AUTH" and SASL framework to bdb2.
Kurt Zeilenga [Wed, 7 Jul 1999 18:32:41 +0000 (18:32 +0000)]
Fix CRITICIAL typo.
Kurt Zeilenga [Wed, 7 Jul 1999 18:02:32 +0000 (18:02 +0000)]
Add matching rule assertion structure to filter union.
Kurt Zeilenga [Wed, 7 Jul 1999 17:58:21 +0000 (17:58 +0000)]
Add charray (from slapd) to -lldap/-lldap_r (not yet used)
Add digest md5 codes to -lldap/-lldap_r (work in progress)
Kurt Zeilenga [Wed, 7 Jul 1999 17:52:06 +0000 (17:52 +0000)]
request value should be optional.
Kurt Zeilenga [Wed, 7 Jul 1999 17:51:39 +0000 (17:51 +0000)]
Minor editorial change.
Kurt Zeilenga [Wed, 7 Jul 1999 17:49:15 +0000 (17:49 +0000)]
Fix CRITICIAL typo
Kurt Zeilenga [Mon, 5 Jul 1999 23:08:43 +0000 (23:08 +0000)]
Add controls.c to pick up get_ctrls().
Kurt Zeilenga [Mon, 5 Jul 1999 23:04:35 +0000 (23:04 +0000)]
Add controls.c: initial version of get_ctrls()
Kurt Zeilenga [Mon, 5 Jul 1999 23:01:17 +0000 (23:01 +0000)]
Add get_ctrls()...
Kurt Zeilenga [Mon, 5 Jul 1999 06:26:26 +0000 (06:26 +0000)]
unifdef -DSLAPD_ACLGROUPS -DSLAPD_ACLAUTH