Description: Windows: libldap and the LDAP tools should support SASL/Digest
Fix Description: The biggest change was to hack sasl.m4 to make AC_CHECK_LIB work on Windows. I
had to override LIBS to be able to pass in /link /LIBPATH:c:/path/to/sasl
libsasl.lib, libsasl2.lib, and sasl32.lib.
Another big change was to implement getlogin() on Windows, required by
ldaptool-sasl.c. The implementation is pretty simple.
There were several places in the Makefiles that assumed Windows meant no
support for SASL, so I just changed them, and added some support for SASL_LIBS
in some places where it was missing.
Description: Make libldif public - windows specific fixes
Fix Description: Windows needed a nsldif32.tdf file in order to generate
the nsldif32.def file using the libldif.ex file (committed in the previous
commit).
Also, it has been a while since the .def files were generated. The libX.ex
files have had quite a few changes, and we needed to regenerate all of the
.def files.
Finally, this will be version 6.0.2 of the mozilla ldap c sdk.
Description: Make libldif public - fix Solaris build
Fix Description: libldif
needs to specify the exports. I added a libldif.ex and fixed
libldif/Makefile.in to correctly generate and use the exports listed in the
file.
Description: Make libldif public
Fix Description: Copy/paste the makefile code to build the shared library in addition to the static library from libldap/Makefile.in. The build will now build both libldif60.so and libldif60.a, and package/distribute both of them. I changed include/Makefile.in to export ldif.h with the other public header files, and changed ldif.h to add a blurb explaining that these interfaces were formerly private and use with caution.
Since this is a non trivial change, I bumped the version number to 6.0.1.
Description: Change LDAP C SDK version to 6
Fix Description: Change the version to major 6, minor 0, and submin/patch 0. The change is in various places in the build makefiles and header files. The shared lib suffix is now 60 (from 50).
In a somewhat unrelated change, the configure script had to change to allow
building with the RPM spec %configure macro on rhel/fedora. That macro
defines --host, --build, and --target, and defines --host different than
--target. This caused configure to think it was doing a cross compilation.
Instead, the correct cross compilation trigger is if --host is specified and
it is different than --build. However, the mozilla builds expect to be able
to pass in --host different than --target, so all of these different
combinations had to be accomodated.
Description: ber_printf support for O format
Fix Description: When calling ber_printf with the 'O' format, the corresponding argument must be a struct berval *. If the bval argument is NULL, nothing is written (i.e. it is safe to use a NULL here). Otherwise, bval->bv_len bytes from bval->bv_val will be written to the output.
Description: Merge sun libprldap changes on to trunk
Fix Description: Pretty much the same as the fixes made for bugs 352519 352673 on the sun_merge_branch_20060523, this just merges those changes on to the trunk. One additional change is the removal of an unused variable.
Description: Merge sun_merge_branch_20060523 changes into trunk.
Fix Description: I had to change re_encode_request to use the new ber types. Other than that, these merges are basically the sasl, ipv6, and ber types code already committed to the sun merge branch.
Description: Memleak: ldap_start_tls_s should free oidptr and dataptr
Fix Description: Just omit oidptr and dataptr and pass NULL for those arguments to ldap_extended_operation_s().
Bug: 348927
Description: Memleak: ldaptls_complete should free hostlist
Fix Description: Instead of returning directly from early error conditions, just goto the error handling code, and let that code free hostlist and do the other cleanup. I had to make sure all relevant variables were initialized to NULL in order for cleanup to work properly.
Description: The client must call ldapssl_enable_clientauth before the first operation. This means before ldap_start_tls_s in the case of startTLS. However, the certname and keypassword (if any) are stored in the connection context. ldapssl_enable_clientauth will now allocate and store this connection context if it doesn't already exist, then set the certname and keypassword.
Fix Description: Make a copy of the value parameter passed into ldap_getfirstfilter() and store it in lfd_curval. Free it in the LDAPFiltDesc free function.
Fix Description: Using the -Z flag sets the secure option, but using -ZZ (use starttls) does not. The code in several places uses a test like if (secure || isZZ) to see if it has to perform some sort of ssl/tls related initialization. The one place that was missed was before the call to PinArgRegistration() which was just if (secure).
Fix Description: Replaced PK11_FindCertFromNickname() with CERT_FindUserCertByUsage(), using a cert usage of SSL Client. This should only find certs that are used for SSL Clients, which is the type of cert we want in this context (as opposed to e.g. an email signing cert). The LDAPSSLSessionInfo* ssip is passed now as the context argument. Moved calling PK11_SetPasswordFunc before CERT_FindUserCertByUsage() in case CERT_FindUserCertByUsage() needs it for some reason.
Fix Description: First look for a return of < 0 from ldap_count_entries, and return LDAP_PARAM_ERROR in that case (in both keysort and multisort). Then, if count < 2, there is nothing to sort, so just return 0.
Fix Description: The default now is to not use RPATH when building shared libraries and executables. The configure flag --with-rpath[=dir] has been added. The dir is optional, and a default will be used if not given.
Fix Description: If there is a scope given in the reference/referral URL, use it. Otherwise, if the URL is for a search reference (continuation reference) result, comply with RFC4511 section 4.5.3 concerning scope. Otherwise, parse the scope from the original request and just use it.
Note that this fix does not address support for filters in referrals/references. Support for filters will require a great deal more changes. The current version of openldap (2.3.x) does not support filters, so this fix at least brings us up to par with openldap with respect to this feature.