Jan Synacek authored Jun 19, 2012 and Howard Chu committed Jun 25, 2012

Constraint overlay doesn't take into account multiple modifications when using
count.

Red Hat Bugzilla: #742163

This reverts commit 9e3af235.

Jan Vcelak authored Jun 06, 2012 and Howard Chu committed Jun 07, 2012

The buffer allocated for reading password file has to be initialized
with zeros, or we need to append zero at the end of the file. Otherwise
we might read unitialized memory and consider it to be a password.

SATOH Fumiyasu authored May 31, 2012 and Howard Chu committed May 31, 2012

Add "-o module-path=<pathspec>" and "-o module-load=<filename>"
options to load a dynamically loadable password hash module
(e.g., slapd-sha2).

Jan Vcelak authored May 18, 2012 and Howard Chu committed May 30, 2012

Prior to this patch, if TLS_CACERTDIR was set to Mozilla NSS certificate
database and TLS_CACERT was set to a PEM bundle file with CA
certificates, the PEM file content was not loaded.

With this patch and the same settings, OpenLDAP can verify certificates
which are signed by CAs stored both in certdb and PEM bundle file.

Frederik Deweerdt authored May 11, 2012 and Howard Chu committed May 30, 2012

Not protecting the accesses to ldap_int_hostname could lead to a double
free.

If slapadd'ing a config DB and tool-threads is set in the config LDIF,
the checks for slap_tool_thread_max will be invalid.

SATOH Fumiyasu authored May 24, 2012 and Howard Chu committed May 29, 2012

Support {SSHA256}, {SSHA384} and {SSHA512} hash schemes

SATOH Fumiyasu authored May 10, 2012 and Howard Chu committed May 29, 2012

Remove sha*_hex_hash() and replace chk_sha*() with
libraries/liblutil/passwd.c:chk_sha1() implementation to
avoid a race condition.