Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Joe Martin
OpenLDAP
Commits
d6081091
Commit
d6081091
authored
Jan 21, 2009
by
Quanah Gibson-Mount
Browse files
ITS
#5812
parent
8eb9b298
Changes
15
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
d6081091
OpenLDAP 2.4 Change Log
OpenLDAP 2.4.14 Engineering
Added libldap option to disable SASL host canonicalization (ITS#5812)
Fixed libldap deref handling (ITS#5768)
Fixed libldap peer cert memory leak (ITS#5849)
Fixed libldap_r deref building (ITS#5768)
...
...
clients/tools/common.c
View file @
d6081091
...
...
@@ -62,6 +62,7 @@ int contoper = 0;
int
debug
=
0
;
char
*
infile
=
NULL
;
int
dont
=
0
;
int
nocanon
=
0
;
int
referrals
=
0
;
int
verbose
=
0
;
int
ldif
=
0
;
...
...
@@ -300,6 +301,7 @@ N_(" -H URI LDAP Uniform Resource Identifier(s)\n"),
N_
(
" -I use SASL Interactive mode
\n
"
),
N_
(
" -M enable Manage DSA IT control (-MM to make critical)
\n
"
),
N_
(
" -n show what would be done but don't actually do it
\n
"
),
N_
(
" -N do not use reverse DNS to canonicalize SASL host name
\n
"
),
N_
(
" -O props SASL security properties
\n
"
),
N_
(
" -o <opt>[=<optparam] general options
\n
"
),
N_
(
" nettimeout=<timeout> (in seconds, or
\"
none
\"
or
\"
max
\"
)
\n
"
),
...
...
@@ -708,6 +710,9 @@ tool_args( int argc, char **argv )
case
'n'
:
/* print operations, don't actually do them */
dont
++
;
break
;
case
'N'
:
nocanon
++
;
break
;
case
'o'
:
control
=
ber_strdup
(
optarg
);
if
(
(
cvalue
=
strchr
(
control
,
'='
))
!=
NULL
)
{
...
...
@@ -1258,6 +1263,14 @@ dnssrv_free:;
exit
(
EXIT_FAILURE
);
}
/* canon */
if
(
ldap_set_option
(
ld
,
LDAP_OPT_X_SASL_NOCANON
,
nocanon
?
LDAP_OPT_ON
:
LDAP_OPT_OFF
)
!=
LDAP_OPT_SUCCESS
)
{
fprintf
(
stderr
,
"Could not set LDAP_OPT_X_SASL_NOCANON %s
\n
"
,
nocanon
?
"on"
:
"off"
);
exit
(
EXIT_FAILURE
);
}
if
(
ldap_set_option
(
ld
,
LDAP_OPT_PROTOCOL_VERSION
,
&
protocol
)
!=
LDAP_OPT_SUCCESS
)
{
...
...
clients/tools/ldapcompare.c
View file @
d6081091
...
...
@@ -102,7 +102,7 @@ static int docompare LDAP_P((
const
char
options
[]
=
"z"
"Cd:D:e:h:H:IMnO:o:p:P:QR:U:vVw:WxX:y:Y:Z"
;
"Cd:D:e:h:H:IMn
N
O:o:p:P:QR:U:vVw:WxX:y:Y:Z"
;
#ifdef LDAP_CONTROL_DONTUSECOPY
int
dontUseCopy
=
0
;
...
...
clients/tools/ldapdelete.c
View file @
d6081091
...
...
@@ -78,7 +78,7 @@ usage( void )
const
char
options
[]
=
"r"
"cd:D:e:f:h:H:IMnO:o:p:P:QR:U:vVw:WxX:y:Y:z:Z"
;
"cd:D:e:f:h:H:IMn
N
O:o:p:P:QR:U:vVw:WxX:y:Y:z:Z"
;
int
handle_private_option
(
int
i
)
...
...
clients/tools/ldapexop.c
View file @
d6081091
...
...
@@ -49,7 +49,7 @@ usage( void )
const
char
options
[]
=
""
"d:D:e:h:H:InO:o:p:QR:U:vVw:WxX:y:Y:Z"
;
"d:D:e:h:H:In
N
O:o:p:QR:U:vVw:WxX:y:Y:Z"
;
int
handle_private_option
(
int
i
)
...
...
clients/tools/ldapmodify.c
View file @
d6081091
...
...
@@ -151,7 +151,7 @@ usage( void )
const
char
options
[]
=
"aE:rS:"
"cd:D:e:f:h:H:IMnO:o:p:P:QR:U:vVw:WxX:y:Y:Z"
;
"cd:D:e:f:h:H:IMn
N
O:o:p:P:QR:U:vVw:WxX:y:Y:Z"
;
int
handle_private_option
(
int
i
)
...
...
clients/tools/ldapmodrdn.c
View file @
d6081091
...
...
@@ -91,7 +91,7 @@ usage( void )
const
char
options
[]
=
"rs:"
"cd:D:e:f:h:H:IMnO:o:p:P:QR:U:vVw:WxX:y:Y:Z"
;
"cd:D:e:f:h:H:IMn
N
O:o:p:P:QR:U:vVw:WxX:y:Y:Z"
;
int
handle_private_option
(
int
i
)
...
...
clients/tools/ldappasswd.c
View file @
d6081091
...
...
@@ -81,7 +81,7 @@ usage( void )
const
char
options
[]
=
"a:As:St:T:"
"d:D:e:h:H:InO:o:p:QR:U:vVw:WxX:y:Y:Z"
;
"d:D:e:h:H:In
N
O:o:p:QR:U:vVw:WxX:y:Y:Z"
;
int
handle_private_option
(
int
i
)
...
...
clients/tools/ldapsearch.c
View file @
d6081091
...
...
@@ -265,7 +265,7 @@ urlize(char *url)
const
char
options
[]
=
"a:Ab:cE:F:l:Ls:S:tT:uz:"
"Cd:D:e:f:h:H:IMnO:o:p:P:QR:U:vVw:WxX:y:Y:Z"
;
"Cd:D:e:f:h:H:IMn
N
O:o:p:P:QR:U:vVw:WxX:y:Y:Z"
;
int
handle_private_option
(
int
i
)
...
...
clients/tools/ldapwhoami.c
View file @
d6081091
...
...
@@ -62,7 +62,7 @@ usage( void )
const
char
options
[]
=
""
"d:D:e:h:H:InO:o:p:QR:U:vVw:WxX:y:Y:Z"
;
"d:D:e:h:H:In
N
O:o:p:QR:U:vVw:WxX:y:Y:Z"
;
int
handle_private_option
(
int
i
)
...
...
doc/devel/args
View file @
d6081091
Tools ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
ldapcompare * DE**HI*K M*OPQR UVWXYZ de *h**k *nop* vwxyz
ldapdelete *CDE**HI*K M*OPQR UVWXYZ cdef*h**k *nop* vwxyz
ldapmodify *CDE**HI*K M*OPQRS UVWXYZabcde *h**k *nop*r t vwxy
ldapmodrdn *CDE**HI*K M*OPQR UVWXYZ cdef*h**k *nop*rs vwxy
ldappasswd A*CDE**HI* *O QRS UVWXYZa def*h** * o * s vwxy
ldapsearch A*CDE**HI*KLM*OPQRSTUVWXYZab def*h**kl*nop* stuvwxyz
ldapurl * E**H * * S ab f*h** * p* s
ldapwhoami * DE**HI* *O QR UVWXYZ def*h** *nop* vwxy
ldapcompare * DE**HI** MNOPQR UVWXYZ de *h*** *nop* vwxyz
ldapdelete *CDE**HI** MNOPQR UVWXYZ cdef*h*** *nop* vwxyz
ldapexop * D **HI** NO QR UVWXYZ de *h*** *nop vwxy
ldapmodify *CDE**HI** MNOPQRS UVWXYZabcde *h*** *nop*r t vwxy
ldapmodrdn *CDE**HI** MNOPQR UVWXYZ cdef*h*** *nop*rs vwxy
ldappasswd A*CDE**HI** NO QRS UVWXYZa def*h*** * o * s vwxy
ldapsearch A*CDE**HI**LMNOPQRSTUVWXYZab def*h***l*nop* stuvwxyz
ldapurl * E**H ** S ab f*h*** * p* s
ldapwhoami * DE**HI** NO QR UVWXYZ def*h*** *nop* vwxy
* reserved
...
...
@@ -33,6 +34,8 @@ ldapwhoami * DE**HI* *O QR UVWXYZ def*h** *nop* vwxy
-x simple bind
-y Bind password-file
-w Bind password
Not used
-4 IPv4 only
-6 IPv6 only
...
...
@@ -51,7 +54,7 @@ ldapwhoami * DE**HI* *O QR UVWXYZ def*h** *nop* vwxy
-Q SASL quiet mode (default: automatic)
* LDAPv2+ Only (
DEPRECAT
ED)
* LDAPv2+ Only (
REMOV
ED)
-K LDAPv2 Kerberos Bind (Step 1 only)
-k LDAPv2 Kerberos Bind
...
...
include/ldap.h
View file @
d6081091
...
...
@@ -177,6 +177,7 @@ LDAP_BEGIN_DECL
#define LDAP_OPT_X_SASL_SSF_MAX 0x6108
#define LDAP_OPT_X_SASL_MAXBUFSIZE 0x6109
#define LDAP_OPT_X_SASL_MECHLIST 0x610a
/* read-only */
#define LDAP_OPT_X_SASL_NOCANON 0x610b
/* OpenLDAP GSSAPI options */
#define LDAP_OPT_X_GSSAPI_DO_NOT_FREE_CONTEXT 0x6200
...
...
libraries/libldap/cyrus.c
View file @
d6081091
...
...
@@ -446,10 +446,21 @@ ldap_int_sasl_bind(
}
{
char
*
saslhost
=
ldap_host_connected_to
(
ld
->
ld_defconn
->
lconn_sb
,
char
*
saslhost
;
int
nocanon
=
(
int
)
LDAP_BOOL_GET
(
&
ld
->
ld_options
,
LDAP_BOOL_SASL_NOCANON
);
/* If we don't need to canonicalize just use the host
* from the LDAP URI.
*/
if
(
nocanon
)
saslhost
=
ld
->
ld_defconn
->
lconn_server
->
lud_host
;
else
saslhost
=
ldap_host_connected_to
(
ld
->
ld_defconn
->
lconn_sb
,
"localhost"
);
rc
=
ldap_int_sasl_open
(
ld
,
ld
->
ld_defconn
,
saslhost
);
LDAP_FREE
(
saslhost
);
if
(
!
nocanon
)
LDAP_FREE
(
saslhost
);
}
if
(
rc
!=
LDAP_SUCCESS
)
return
rc
;
...
...
@@ -996,6 +1007,9 @@ ldap_int_sasl_get_option( LDAP *ld, int option, void *arg )
case
LDAP_OPT_X_SASL_MAXBUFSIZE
:
*
(
ber_len_t
*
)
arg
=
ld
->
ld_options
.
ldo_sasl_secprops
.
maxbufsize
;
break
;
case
LDAP_OPT_X_SASL_NOCANON
:
*
(
int
*
)
arg
=
(
int
)
LDAP_BOOL_GET
(
&
ld
->
ld_options
,
LDAP_BOOL_SASL_NOCANON
);
break
;
case
LDAP_OPT_X_SASL_SECPROPS
:
/* this option is write only */
...
...
@@ -1010,7 +1024,10 @@ ldap_int_sasl_get_option( LDAP *ld, int option, void *arg )
int
ldap_int_sasl_set_option
(
LDAP
*
ld
,
int
option
,
void
*
arg
)
{
if
(
ld
==
NULL
||
arg
==
NULL
)
if
(
ld
==
NULL
)
return
-
1
;
if
(
arg
==
NULL
&&
option
!=
LDAP_OPT_X_SASL_NOCANON
)
return
-
1
;
switch
(
option
)
{
...
...
@@ -1063,6 +1080,13 @@ ldap_int_sasl_set_option( LDAP *ld, int option, void *arg )
case
LDAP_OPT_X_SASL_MAXBUFSIZE
:
ld
->
ld_options
.
ldo_sasl_secprops
.
maxbufsize
=
*
(
ber_len_t
*
)
arg
;
break
;
case
LDAP_OPT_X_SASL_NOCANON
:
if
(
arg
==
LDAP_OPT_OFF
)
{
LDAP_BOOL_CLR
(
&
ld
->
ld_options
,
LDAP_BOOL_SASL_NOCANON
);
}
else
{
LDAP_BOOL_SET
(
&
ld
->
ld_options
,
LDAP_BOOL_SASL_NOCANON
);
}
break
;
case
LDAP_OPT_X_SASL_SECPROPS
:
{
int
sc
;
...
...
libraries/libldap/init.c
View file @
d6081091
...
...
@@ -106,6 +106,7 @@ static const struct ol_attribute {
{
1
,
ATTR_STRING
,
"SASL_AUTHZID"
,
NULL
,
offsetof
(
struct
ldapoptions
,
ldo_def_sasl_authzid
)},
{
0
,
ATTR_SASL
,
"SASL_SECPROPS"
,
NULL
,
LDAP_OPT_X_SASL_SECPROPS
},
{
0
,
ATTR_BOOL
,
"SASL_NOCANON"
,
NULL
,
LDAP_BOOL_SASL_NOCANON
},
#endif
#ifdef HAVE_GSSAPI
...
...
libraries/libldap/ldap-int.h
View file @
d6081091
...
...
@@ -121,6 +121,7 @@ LDAP_BEGIN_DECL
#define LDAP_BOOL_RESTART 1
#define LDAP_BOOL_TLS 3
#define LDAP_BOOL_CONNECT_ASYNC 4
#define LDAP_BOOL_SASL_NOCANON 5
#define LDAP_BOOLEANS unsigned long
#define LDAP_BOOL(n) ((LDAP_BOOLEANS)1 << (n))
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment