ds.git, branch openldap Unnamed repository; edit this file to name it for gitweb. implement slapi_ldap_explode_dn and slapi_ldap_explode_rdn 2010-08-31T16:51:34+00:00 Rich Megginson rmeggins@redhat.com 2010-08-27T17:55:29+00:00 bb75d74d5ea1695e64cc63b1e328cc5ebeb5cdd5 The DS has some problems with the openldap versions of these functions: 1) They are deprecated - should use the str2[r]dn and [r]dn2str and the bv versions of those functions instead 2) They escape utf-8 and other values in the strings - the mozldap functions do not do this 3) They handle double quoted strings, but they remove the quotes - our code expects the quotes to be left in place Until we fix our DN handling, and get rid of the double quoted DNs, we just use the mozldap versions of these functions. 
The DS has some problems with the openldap versions of these functions:
1) They are deprecated - should use the str2[r]dn and [r]dn2str and the
bv versions of those functions instead
2) They escape utf-8 and other values in the strings - the mozldap functions
do not do this
3) They handle double quoted strings, but they remove the quotes - our
code expects the quotes to be left in place
Until we fix our DN handling, and get rid of the double quoted DNs, we just
use the mozldap versions of these functions.
do not un-null-terminate normalized DN until new url is constructed 2010-08-31T16:51:34+00:00 Rich Megginson rmeggins@redhat.com 2010-08-25T21:31:43+00:00 4f54c63d50d8552b59fbeb1f6f0e59422282f897 rawdn may be normalized in place - if we add back the '?' to the URL before we construct the new URL with the normalized DN, we will create a bogus URL string - so delay that until we construct the new URL 
rawdn may be normalized in place - if we add back the '?' to the URL
before we construct the new URL with the normalized DN, we will create
a bogus URL string - so delay that until we construct the new URL
use slapi_ldap_url_parse in the acl code 2010-08-31T16:43:52+00:00 Rich Megginson rmeggins@redhat.com 2010-08-25T18:45:11+00:00 c14fb2675e17c7af4348559c417f734567ecae6d I missed a couple of places in the acl code that should use slapi_ldap_url_parse - I also added some more debugging 
I missed a couple of places in the acl code that should use
slapi_ldap_url_parse - I also added some more debugging
check src < *out only; only check for \nspace if src < *out - 2 2010-08-31T16:36:02+00:00 Rich Megginson rmeggins@redhat.com 2010-08-24T19:35:33+00:00 2f9745ed4bc3d39486c61f997ecf62d7d67252e3 *out will never be NULL here, so we only need to check that src < *out as the loop condition when looking for a continuation line, make sure there are two characters in *out to check 
*out will never be NULL here, so we only need to check that src < *out as
the loop condition
when looking for a continuation line, make sure there are two characters
in *out to check
move the out pointer back if continuation lines were removed 2010-08-31T16:36:02+00:00 Rich Megginson rmeggins@redhat.com 2010-08-24T16:16:36+00:00 a4b1bfeccd6d3221d7a7d0d4f8b812127522b09b when putting ldif data with the no wrap option, if we removed some continuation lines, we have to move the output data pointer back since the continuation line markers are removed in place 
when putting ldif data with the no wrap option, if we removed some
continuation lines, we have to move the output data pointer back since
the continuation line markers are removed in place
convert mozldap host list to openldap uri list 2010-08-31T16:36:02+00:00 Rich Megginson rmeggins@redhat.com 2010-08-23T21:07:51+00:00 1e933d0eaf6591a96a034f3da85d9c6d54c94a88 mozldap accepts hostnames in the form host1[:port1] ... hostN[:portN] in the ldap_init argument and in ldap urls/uris. DS code uses ldap_initialize() which takes a list of uris in the form ldap[s]://host1[:port1]/ ldap[s]://host2[:port2]/ ... We have to convert the host:port list into a list of LDAP uris 
mozldap accepts hostnames in the form host1[:port1] ... hostN[:portN]
in the ldap_init argument and in ldap urls/uris.  DS code uses
ldap_initialize() which takes a list of uris in the form
ldap[s]://host1[:port1]/ ldap[s]://host2[:port2]/ ...
We have to convert the host:port list into a list of LDAP uris
slapi_ldap_url_parse must handle multiple host:port in url 2010-08-31T16:36:02+00:00 Rich Megginson rmeggins@redhat.com 2010-08-20T21:36:12+00:00 d0b39138e041e0053421a0002341c1f300be3e1c mozldap supports a non-standard URL extension which allows multiple host:port combinations - openldap does not support this - fake out openldap by converting spaces to %20 and all but the last colon to %3A before calling ldap_url_parse, then unescape ludp->lud_host before returning 
mozldap supports a non-standard URL extension which allows multiple host:port
combinations - openldap does not support this - fake out openldap by
converting spaces to %20 and all but the last colon to %3A before calling
ldap_url_parse, then unescape ludp->lud_host before returning
do not terminate unwrapped LDIF line with another newline 2010-08-31T16:36:02+00:00 Rich Megginson rmeggins@redhat.com 2010-08-20T18:33:01+00:00 c40f6877c1c528e77751dea94d86bd9aaaaf26cb The function ldif_sput already terminates the line with a newline character - we do not need to add another one when unwrapping a wrapped line. 
The function ldif_sput already terminates the line with a newline character -
we do not need to add another one when unwrapping a wrapped line.
openldap_read_function needs to set EWOULDBLOCK if the buffer is empty 2010-08-31T16:36:01+00:00 Rich Megginson rmeggins@redhat.com 2010-08-19T22:27:28+00:00 d48a2c94731a25fc63a294e854b76bedfd0ced22 If the openldap_read_function has returned all of the buffered data, it needs to set errno to EWOULDBLOCK to let the code know that it needs to read more data into the buffer. 
If the openldap_read_function has returned all of the buffered data,
it needs to set errno to EWOULDBLOCK to let the code know that it needs
to read more data into the buffer.
have to use LDAP_OPT_X_TLS_NEVER to defeat cert hostname checking 2010-08-31T16:36:01+00:00 Rich Megginson rmeggins@redhat.com 2010-08-18T20:14:17+00:00 74b655b434144e2aa30c86df1e9ec801839ffe28 Even though the ldap.conf man page is not really clear about this, looking at the code in libraries/libldap/tls2.c:ldap_int_tls_start() if you don't specify LDAP_OPT_X_TLS_REQUIRE_CERT as LDAP_OPT_X_TLS_NEVER it will check the hostname 
Even though the ldap.conf man page is not really clear about this,
looking at the code in libraries/libldap/tls2.c:ldap_int_tls_start()
if you don't specify LDAP_OPT_X_TLS_REQUIRE_CERT as
LDAP_OPT_X_TLS_NEVER it will check the hostname