The getpass() function on HP-UX only allows 8 characters.
Since there is not (yet?) a better function, this fix
allows up to 256 character passwords using the raw
tty interfaces for no echo.
LDAP command line tools now accept 2 new options:
-ZZ (issue a startTLS request)
-ZZZ (like -ZZ but require a successful response).
API extensions:
ldap_ssl.h: LDAP_EXOP_START_TLS macro (OID of start TLS extended op.).
libssldap: Added ldap_start_tls_s() function.
libprldap: Added prldap_is_installed() and prldap_import_connection().
libldap: Added new LDAP_X_OPT_SOCKETARG option for ldap_get_option()
and ldap_set_option() (get/set the socketarg associated
with the main LDAP TCP connection).
liblber: Added new LBER_SOCKBUF_OPT_SOCK_ARG option for
ber_sockbuf_set_option() and ber_sockbuf_get_option()
(get/set the socketarg associated with a Sockbuf).
Also, some refactoring was done in libssldap to simplify the code.
Add support for generating PDB-format debug symbols with MSVC,
by setting MOZ_DEBUG_SYMBOLS=1 in the environment. This is to
be used in place of MOZ_PROFILE. r=wtc, dmose.
Add Makefile.client under mozilla/directory/c-sdk/config and call it
from mozilla/directory/Makefile (this "new" Makefile.client is
the same as the old mozilla/directory/c-sdk/Makefile that was
recently cvs removed).
Simplify the logic in mozilla/directory/build.mk and make sure the
command line tools are linked with the C++ compiler on all platforms
where necessary.
Recognize HP/UX 11.11 (treated the same as 11.00).
Replace an incorrect dependency on Makefile with a dependency on
Makefile.client inside the command line tools Makefile.client.
Updated NSPR and NSS component revision numbers.
Handle for part release numbers on Linux, e.g., 2.4.20-6
Use correct paths for NSPR headers and libraries.
Remove obsolete LDAP Makefiles (generated by configure these days).
Fix command line tools link error on Linux: link with -lstdc++
* We must use the full path to the source file when calling MSVC so that debugging information shows up in the object files.
* Because of cygwin's use of /cygdrive when using full paths, we must use a cygwin-wrapper script in some cases to allow native win32 programs to use a fully qualified cygwin path.
* We have to call configure using the full path so that $(srcdir) contains the
full path in the Makefiles. The rules have been changed for win32 so that it
always use $(srcdir)/$*.{c,cpp} as the sourcefile name even when the file is in
the cwd. This works around both the /cygdrive issue and the msvc's path info
optimization.
* We still use the wrapper when calling rc.exe & nsinstall. nsinstall
frequently takes multiple args and is called all over the tree so changing each
calling site is going to be expensive. (I'll have to check the logs again but
I think the rc wrapping can go.)
* nspr & ldap still use the wrappers for all native win32 progs. Neither nspr
nor ldap uses the acoutput-fast.pl script to speed up the substitution of
@srcdir@ into their Makefiles so, makefile substitution will break if we use
dos-paths.
* In the handful of directories where we copy srcfiles from another directory
in lieu of using VPATHs, we have to now copy those files to $(srcdir) so that
the default rules can find them.
Bug #141834 r=leaf,wtc,dmose,mcs
length or tag is split across buffers.
Improve backwards compatibility by setting *Bytes_Scanned to zero
when errors occur; use errno to report specific errors.
A queue of pending outbound requests is kept. UnBind requests are NOT
queued however.
Abandon requests are not sent if a request is not outstanding.
Cleaned up the code in result.c to avoid use of magic return values
such as -1 and -2. Also removed some dead code and dead files.
ltest (test.c) now supports SSL and async I/O options.
Fix most critical warnings in the core LDAP library code:
AIX has snprintf() so we now #define HAVE_SNPRINTF there.
Use snprintf() instead of sprintf() in ldap_perror().
Use snprintf() instead of sprintf() in ldap_init_getfilter_buf()
and improve error reporting for bad regular expressions.
Don't treat a request as complete if its LDAP result message
has not yet been received. Previously, nested referrals and
references could cause requests to be prematurely terminated.
The LDAP tools code no longer has any knowledge of the NSS
file names; the certpath2keypath() function has been deleted
and we now simply use the certdbpath as keydbpath when it is
provided (it makes no difference in the end). But note that
because we need to maintain backwards compatibility, the
libssldap code used by the ldapssl_.*_init() functions still
knows the default name of the NSS module file (secmod.db),
and the code also relies on the fact that the suffix for the
key and cert files is ".db" and that the first letter in the
main part of the name is either 'c' or 'k'.
Also fixed a bug that caused the module file name specified on
the LDAP tools command line (-m name) to be ignored.
The ldapsearch and ldapcmp tools now exit with LDAP_NO_MEMORY
if an LDIF fragment can't be constructed.
Also fixed some issues reported by lint:
Return values that were ignored.
Make more functions and global variables static.
Add /*ARGSUSED*/ and similar lint-friendly comments.
If HAVE_LIBNLS is not defined, OS functions (iconv and Win32
native APIs) are used for character set conversion of command
line arguments.
Fix bug # 177766 - LDAP tools should reject second -h argument.
A second -p argument is also rejected.
Fix bug # 159139 - HP/UX: LDAP command line tools do no charset conversion.
Removed special case makefile rules for convutf8.cpp on HP/UX.
If a NULL keypasswd value is passed to ldapssl_enable_clientauth()
then it is assumed that the application has already unlocked
the key DB or has installed its own GetPassword callback.
Also improved some error reporting.
The prldap_tsd_destroy() function (which is called when a
thread exits) was not freeing the information contained within
the PRLDAP_ErrorInfo structure. Added prldap_free_errorinfo()
and a way to determine if that thread-private data looks like
error information (the plei_magic field). At the moment, only
one kind of thread-private data is stored anyway (the error
information).
The prldap_allocate_map() function, which is called when a new
LDAP session is created, was blindly setting the thread-private
error information pointer to NULL. But if a different thread
created or used an LDAP session than called ldap_unbind(), old
error information may have been left in memory. Now the error
info. pointer is reset and reused, which was the original goal.