summaryrefslogtreecommitdiffstats
path: root/src/plugins/kdb/ldap/ldap_util
Commit message (Collapse)AuthorAgeFilesLines
* Include autoconf.h before system headersGreg Hudson2014-07-084-7/+1
| | | | | | | | | Include autoconf.h (either directly or via proxy) before system headers, so that feature test macros defined there can affect the system namespace. Where include order was changed, eliminate some redundant or unnecessary includes. ticket: 7961
* Fix various warningsGreg Hudson2013-06-071-3/+0
|
* Reduce boilerplate in makefilesGreg Hudson2013-05-161-3/+0
| | | | | | | | | Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH, SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be specified in the common case. Rename KRB5_RUN_ENV and KRB5_RUN_VARS to RUN_SETUP (already the most commonly used name) and RUN_VARS. Make sure to use DEFINES for local defines (not DEFS). Remove some other unnecessary makefile content.
* Fix kdb_ldap_create_principal cleanupGreg Hudson2013-03-281-2/+2
| | | | entry must be initialized before all code which can jump to cleanup.
* make dependGreg Hudson2013-03-241-22/+20
|
* make dependGreg Hudson2013-01-101-6/+6
| | | | | Mostly this gets rid of the trailing space on line 2 after bb76891f5386526bdf91bc790c614fc9296cb5fa.
* Generate dependencies for kdb5_ldap_utilGreg Hudson2012-12-202-1/+105
|
* Simplify LDAP KDB module container DN handlingGreg Hudson2012-12-202-75/+37
| | | | | | | | | | | | | | | | | Outside of krb5_ldap_read_krbcontainer_params and krb5_ldap_create_krbcontainer, no fields of krb5_ldap_krbcontainer_params were used except for the DN. There was code to create a krbTicketPolicyReference attribute (which would fail because the schema doesn't allow that attribute, and was never exercised because kdb5_ldap_util would never set the parameter) and to read fields like max ticket life from the referenced ticket policy, but those fields were never used. Eliminate the structure and just store the container DN in krb5_ldap_context. Continue creating the container object when creating a realm (by calling krb5_ldap_create_krbcontainer unconditionally; it now exits successfully if the container already exists), but don't ever read it.
* Remove install-oldmanBen Kaduk2012-10-171-3/+0
| | | | | | The old man pages are gone, so we can't install them anymore. Also clean up install and install-unix targets that were installing the old man pages by hand.
* Remove nroff man pagesBen Kaduk2012-10-161-938/+0
| | | | | | | We generate man pages from RST sources now; they are checked into the tree in src/man/. The gen-manpages directory is no longer needed.
* Remove eDirectory support code in LDAP KDB moduleGreg Hudson2012-07-295-2963/+1
|
* Allow using locales when gettext is absentBen Kaduk2012-07-061-0/+1
| | | | | | | | | | | Previously, if configure did not detect dgettext(), we disabled anything that smelled like localization, inadvertently including setlocale(). Now that we use setlocale(LC_ALL, ""), we have localized dates available as well as messages, so we should not disable calls to setlocale() any more. Since the routines from locale.h are only used in a relatively small number of places, just include the header directly in those files and remove it from k5-platform.h.
* Enable all localizations in main functionsBen Kaduk2012-07-061-1/+1
| | | | | | | | | | | | | | | Bite the bullet and pass LC_ALL to setlocale() instead of just LC_MESSAGES. Calls to setlocale() itself were introduced in fabbf9e443459e8c0161c84563690ed70c7f6a61 for ticket 6918, but only for LC_MESSAGES since only localized strings were needed and that was the most conservative option. However, klist, kadmin, and kinit (and perhaps others) would benefit from localized formats for times (i.e., LC_TIME). If potentially localized data is being sent on the wire, that is a bug that should be fixed. No such bugs are found with the current test suite, so we are comfortable enabling LC_ALL at this time. ticket: 7192
* install sphinx-generated manpagesTom Yu2012-01-091-0/+2
| | | | | | | | | | | | | | | | | Install sphinx-generated manpages. Original nroff manpages remain for reference until proofreading is complete. Modify doc/rst_source/conf.py to better deal with shadow manpages -- sphinx will now build k5login.5 instead of .k5login.5, and kadmin.1 instead of both kadmin.1 and kadmin.local.8. Proofreaders should ensure that the original nroff manpages (and associated Makefile rules) are deleted once their reST format equivalents have been proofread. ticket: 7064 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25625 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up more stuff in make cleanGreg Hudson2011-11-041-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25437 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up some ldap #define'sZhanna Tsitkov2011-08-101-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25092 dc483132-0cff-0310-8789-dd5450dbe970
* Define KRB5_TL_DB_ARGS unconditionally in kdb.hGreg Hudson2011-07-261-3/+0
| | | | | | | | | Due to an apparent merge bug, KRB5_TL_DB_ARGS was defined in a SECURID conditional block, and several source files worked around the problem by defining the constant themselves or defining SECURID. Move the definition and remove the workarounds. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25055 dc483132-0cff-0310-8789-dd5450dbe970
* Add setlocale() calls to main functionsGreg Hudson2011-06-101-0/+1
| | | | | | ticket: 6918 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24963 dc483132-0cff-0310-8789-dd5450dbe970
* Mark up strings for translationGreg Hudson2011-06-104-257/+284
| | | | | | ticket: 6918 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24961 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust most C source files to match the new standards for copyrightGreg Hudson2011-03-0910-41/+10
| | | | | | and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
* Use for loops for recursion in the Windows build, cutting down on theGreg Hudson2010-11-281-1/+1
| | | | | | | | | verbiage in Makefile.in files. For correctness of output, every Makefile.in mydir= definition is changed to use $(S) instead of /. ticket: 6826 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize kdb5_ldap_util's context with kadm5_init_krb5_context, likeGreg Hudson2010-09-221-1/+1
| | | | | | | kdb5_util does, in order to get the KDC profile settings as well as the regular krb5 profile settings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24337 dc483132-0cff-0310-8789-dd5450dbe970
* Addendum to r24200: fix kdb5_ldap_util call site ofGreg Hudson2010-07-211-1/+1
| | | | | | | | krb5_ldap_lib_init. ticket: 6749 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24201 dc483132-0cff-0310-8789-dd5450dbe970
* In kdb5_util's kdb5_ldap_create(), add back the assignment ofGreg Hudson2010-07-191-0/+1
| | | | | | | | rblock.key which was erroneously removed in r24162. ticket: 6749 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24192 dc483132-0cff-0310-8789-dd5450dbe970
* Remove count parameters from get_principal, put_principal,Greg Hudson2010-07-061-2/+1
| | | | | | | | | | | free_principal, delete_principal, and get_policy. Make get_principal allocate the DB entry container. Fold krb5_db_get_principal_ext into krb5_db_get_principal. ticket: 6749 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24175 dc483132-0cff-0310-8789-dd5450dbe970
* Follow-on to r24168: in kdb5_ldap_util, indirect throughGreg Hudson2010-07-041-5/+5
| | | | | | | | | | krb5_db_store_master_key instead of using the (now removed) default implementation directly. ticket: 6749 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24174 dc483132-0cff-0310-8789-dd5450dbe970
* Rename krb5_dbekd_encrypt_key_data and krb5_dbekd_decrypt_key_data toGreg Hudson2010-07-021-12/+8
| | | | | | | | | just use the krb5_dbe prefix. ticket: 6749 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24164 dc483132-0cff-0310-8789-dd5450dbe970
* Remove the set_master_key and get_master_key DAL interfaces and theirGreg Hudson2010-07-021-33/+22
| | | | | | | | | | | | corresponding libkdb5 APIs, as they were not productively used. In kdb5_ldap_util, stop using the realm data's mkey field as a container to communicate the master key to static helper functions, since the field no longer exists. ticket: 6749 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24162 dc483132-0cff-0310-8789-dd5450dbe970
* Follow-on to r24157: pass KRB5_KDB_DAL_VERSION to krb5_ldap_lib_init()Greg Hudson2010-07-021-1/+1
| | | | | | | | in kdb5_ldap_util.c. ticket: 6749 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24160 dc483132-0cff-0310-8789-dd5450dbe970
* Mark and reindent plugins, except for pkinit, which needs a littleGreg Hudson2009-11-2410-3824/+3792
| | | | | | cleanup first. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23353 dc483132-0cff-0310-8789-dd5450dbe970
* Consolidate Makefile variables now that we have only a single globalGreg Hudson2009-11-221-3/+1
| | | | | | | | | | | | | configure script: $(SRCTOP) --> $(top_srcdir) $(srcdir)/$(thisconfigdir) --> $(top_srcdir) $(thisconfigdir) --> $(BUILDTOP) $(myfulldir) --> $(mydir) ticket: 6583 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23308 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-317-30/+27
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* Fix the LDAP build, which was broken by the build reordering inGreg Hudson2009-08-071-3/+8
| | | | | | | | r22406. Build kdb5_util's getdate from the kadmin/cli getdate source, instead of borrowing the object file from the kadmin/cli build directory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22501 dc483132-0cff-0310-8789-dd5450dbe970
* Fix minor bug in r21269 - wrong field nameKen Raeburn2009-05-301-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22395 dc483132-0cff-0310-8789-dd5450dbe970
* Rename kdb_setup_lib_handle to krb5_db_setup_lib_handle and export it.Greg Hudson2009-03-101-8/+6
| | | | | | | | | | | | | Make kdb5_ldap_util work again by calling this function to set up dal_handle instead of using one with an uninitialized lib_handle. It is likely that kdb5_ldap_util will only function given a krb5.conf which specifies a realm with an LDAP database module as the default realm. Not sure if that was the case before. ticket: 6403 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22071 dc483132-0cff-0310-8789-dd5450dbe970
* Master Key Migration ProjectWill Fiveash2009-01-301-8/+19
| | | | | | | | | | | | | | | Commit for the Master Key Migration Project. http://k5wiki.kerberos.org/wiki/Projects/Master_Key_Migration This commit provides the ability to add a new master key (with an enctype differing from the current master key) to the master key principal and stash file and then migrate the encryption of existing principals long term keys to use the new master key. In addition deletion of master keys is provided. ticket: 6354 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21844 dc483132-0cff-0310-8789-dd5450dbe970
* move generated dependencies out of Makefile.inKen Raeburn2009-01-051-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Move automatically-generated dependencies into separate files in the source tree, and take the data out of Makefile.in. Keep the "make depend" rules for stripping out the dependencies from Makefile.in, in case some optional directories were missed, but everything that builds on my UNIX build has been converted. (Converting a directory just requires creating an empty "deps" file so that config.status can build the makefile, and then later running "make depend" in that directory to get the correct content for it.) Change configure scripts to incorporate the "deps" file when building each Makefile. This change requires the existence of a file "deps" in each source directory where we build a makefile, even if there are no sources for which to compute dependencies; a switch to GNU make would let us conditionalize that, but we can assess that later. Update dependencies for the generate Makefile itself to list the deps file. This will also require some minor tweaking of the Windows build, to make it incorporate the new deps file. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21701 dc483132-0cff-0310-8789-dd5450dbe970
* Add prototype for usage. Change invocation of usage to db_usage when using ↵Ezra Peisach2008-12-293-5/+5
| | | | | | an argument. Include adm_proto.h for prototype for krb5_keysalt_iterate git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21625 dc483132-0cff-0310-8789-dd5450dbe970
* krb4 removal missed ldap kdb plugin directoryEzra Peisach2008-12-291-3/+3
| | | | | | | | The krb4 removal failed to change the makefile in ldap kdb plugin directory. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21622 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of sprintf to snprintf or asprintfGreg Hudson2008-12-013-39/+29
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970
* Merge three patches from Novell, with some updates related to work inKen Raeburn2008-09-223-280/+420
| | | | | | | | | | | | | | | | | | | | | | | | our tree since they were submitted, and reindenting for one source file that got particularly ugly in the process. From Savitha R on 2008-02-18 (yes, it was sitting in my queue a while): Attached patches have fixes for some issues in LDAP backend. 1. patch-mem-pwd.txt This patch clears the password in memory, fixes some memory leaks (in common code) and a segfault in eDirectory specific code. 2. patch-princ-attrs.txt This patch removes some eDirectory specific attributes from the common code 3. patch-edir-rights.txt This patch is specific to eDirectory code and fixes some rights issue. It adds and deletes rights to service objects as required on the kerberos attributes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20744 dc483132-0cff-0310-8789-dd5450dbe970
* Missed some changes for db_context->dal_handle renamingKen Raeburn2008-09-221-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20742 dc483132-0cff-0310-8789-dd5450dbe970
* a stash file is not a keytabWill Fiveash2008-08-153-5/+30
| | | | | | | | | Note, this is the commit for the associated Krb Consortium project: Projects/Masterkey Keytab Stash ticket: 194 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20661 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Mark Phalan to correctly use progname instead ofTom Yu2008-07-175-85/+87
| | | | | | | | | | argv[0]. ticket: 6030 tags: pullup target_version: 1.6.4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20532 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Mark Phalan to initialize progname before useTom Yu2008-07-161-2/+5
| | | | | | | | ticket: 6028 target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20531 dc483132-0cff-0310-8789-dd5450dbe970
* Change krb5_context.db_context to point to the real structure type,Ken Raeburn2008-06-023-10/+10
| | | | | | | | and change uses to not cast all the time. Also rename it from db_context to dal_handle, since one of the fields in the pointed-to structure is also called db_context. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20348 dc483132-0cff-0310-8789-dd5450dbe970
* Properly escape - in kdb5_ldap_util man pageRuss Allbery2008-04-281-55/+55
| | | | | | | | | | | | | | | | The LDAP plugin introduced a new man page which has unescaped hyphens. Unicode-aware groffs may convert those to real hyphens rather than the intended ASCII hyphen. This patch adds backslashes in front of all the bare hyphens that I plus Debian's lintian program could find to force interpretation as ASCII hyphens. Ticket: new Component: krb5-doc Version_Reported: 1.6.3 Target_Version: 1.6.4 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20311 dc483132-0cff-0310-8789-dd5450dbe970
* Set close-on-exec flag in most places where file descriptors areKen Raeburn2007-10-221-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | opened in our libraries (in case another application thread spawns a new process) and in the KDC programs (in case a plugin library spawns a new process). Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup dup2 pipe. In: util lib plugins kdc kadmin/server krb524. The various programs are less critical than the libraries, as any well-written plugin that spawns a new process should close all file descriptors it doesn't need to communicate with the new process. This approach also isn't bulletproof, as the call to set the close-on-exec flag is necessarily a separate call from creating the file descriptor, and the fork call could happen in between them. So plugins should be careful regardless of this patch; it will only reduce the window of potential lossage should a plugin be poorly written. (AFAIK there are currently no plugins that spawn processes where this would be a problem.) Update dependencies. ticket: 5561 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143 dc483132-0cff-0310-8789-dd5450dbe970
* we're not using changelog files any moreKen Raeburn2007-09-241-12/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19971 dc483132-0cff-0310-8789-dd5450dbe970
* Fix up declarations of some static functions.Ken Raeburn2007-05-232-3/+7
| | | | | | | Now the eDirectory support compiles on Mac OS X 10.4.9 (but doesn't link because "ldap_explode_dn" is not found). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19555 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-27 11:33:16 +0000