| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Resolves: #237356 | Noriko Hosoi | 2007-04-27 | 1 | -1782/+0 |
| | | | | | | | | Summary: Move DS Admin Code into Admin Server (Comment #4,#6) Description: .DSGW is already a separated module "dsgw"; Removing from ldapserver. .Removing the independency from lib/libsi18n/gsslapd.h | ||||
| * | Resolves: #214533 | Noriko Hosoi | 2006-11-10 | 1 | -0/+5 |
| | | | | | | | | | | | Summary: configure needs to support --with-fhs (Comment #6) Changes: Added the following include next to the end of the copyright block. + +#ifdef HAVE_CONFIG_H +# include <config.h> +#endif + | ||||
| * | Bug(s) fixed: 186280 | Rich Megginson | 2006-05-22 | 1 | -328/+11 |
| | | | | | | | | | | | | | | Bug Description: Close potential security vulnerabilities in CGI code - dsgw get/post arguments Reviewed by: Noriko and Nathan (Thanks!) Fix Description: Fortunately, the code was pretty clean already. There were just a few places I needed to add some file or path name checking. I also got rid of some code. Platforms tested: Fedora Core 5 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none | ||||
| * | Bug(s) fixed: 186280 | Rich Megginson | 2006-04-11 | 1 | -22/+6 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug Description: ldapserver: Close potential security vulnerabilities in CGI code Reviewed by: Nathan, Noriko, and Pete (Thanks!) Fix Description: Clean up usage of sprintf, strcpy, fgets instead of gets, fixed buffer usage, etc., mostly in the CGI code and other user facing code (i.e. setup). Also, Steve Grubb told me about a GCC trick to force it to check printf style varargs functions, to check the format string against the argument string, for type mismatches, missing arguments, and too many arguments. In the CGI form argument parsing code, we needed to be more careful about checking for bad input - good input is supposed to look like this: name=value&name=value&..... &name=value. I don't think the original code was checking properly for something like name&name=value. There was another place where we were not checking to see if a buffer had enough room before appending a string to it. I had to change a couple of functions to allow passing in the size of the buffer. Fixed some issues raised by Noriko and Nathan. Platforms tested: RHEL4 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none | ||||
| * | Fixed licensing typo | Nathan Kinder | 2005-04-19 | 1 | -1/+3 |
| | | |||||
| * | 155068 - Added license to source files | Nathan Kinder | 2005-04-15 | 1 | -0/+30 |
| | | |||||
| * | Updated copyright info | Nathan Kinder | 2005-03-22 | 1 | -8/+4 |
| | | |||||
| * | 149510 | Rob Crittenden | 2005-02-23 | 1 | -0/+2 |
| | | | | | Strip down ACL code and support libraries to the bare minimum. | ||||
| * | Moving NSCP Directory Server from DirectoryBranch to TRUNK, initial drop. ↵ldapserver7x | cvsadm | 2005-01-21 | 1 | -0/+2080 |
| (foxworth) | |||||
 |
index : ds.git | |
| Unnamed repository; edit this file to name it for gitweb. | Richard Allen Megginson |
| summaryrefslogtreecommitdiffstats |