| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-02-12 | ber_printf_elements should return NULL if any of its parts fail. | Martin Pelikan | |
| Leave the error handling up to its callers. ok reyk | |||
| 2015-02-11 | initialize a variable in case "goto done" makes us compare it | Martin Pelikan | |
| found by clang, ok henning | |||
| 2015-01-28 | Remove ssl_by_mem_ctrl() and x509_mem_lookup to unbreak the build. It | Reyk Floeter | |
| caused a conflict with a new function in LibreSSL but wasn't even used by ldapd. No functional change. OK deraadt@ | |||
| 2015-01-16 | change to <limits.h> universe. The only changes in the binary are due | Theo de Raadt | |
| to the heavy use of assert. ok millert | |||
| 2014-11-20 | Don't allow embedded nul characters in strings. | Jonathan Gray | |
| Fixes a pfctl crash with an anchor name containing an embedded nul found with the afl fuzzer. pfctl parse.y patch from and ok deraadt@ | |||
| 2014-11-16 | Convert the logic in the error function of the ldap schema parser. | Alexander Bluhm | |
| Instead of creating a temporary format string, create a temporary message. OK doug@ | |||
| 2014-11-14 | Add gcc printf format attributes to yyerror() in parse.y files. | Doug Hogan | |
| No yyerror() calls needed to be changed. ok bluhm@ | |||
| 2014-11-03 | Convert the logic in yyerror(). Instead of creating a temporary | Alexander Bluhm | |
| format string, create a temporary message. OK claudio@ | |||
| 2014-09-21 | eliminate the use of a gcc C extension (conditionals with omitted | Daniel Dickman | |
| operands). ok deraadt@ | |||
| 2014-09-13 | Replace all queue *_END macro calls except CIRCLEQ_END with NULL. | Doug Hogan | |
| CIRCLEQ_* is deprecated and not called in the tree. The other queue types have *_END macros which were added for symmetry with CIRCLEQ_END. They are defined as NULL. There's no reason to keep the other *_END macro calls. ok millert@ | |||
| 2014-08-25 | Delete secret or secret-derived data with explicit_bzero. | Doug Hogan | |
| concept ok deraadt@ diff looks ok tedu@ | |||
| 2014-08-11 | add a caveat about databases; | Jason McIntyre | |
| From: Matthew Weigel ok gilles | |||
| 2014-07-16 | zap trailing newlines; "go for it" deraadt | Okan Demirmen | |
| 2014-07-13 | When the three possible return values are -1, 0, and 1, != 1 is the same | Kenneth R Westerback | |
| as <= 0. And the latter is the normal idiom so use that. ok claudio@ henning@ | |||
| 2014-07-11 | add additional includes required to build with -DOPENSSL_NO_DEPRECATED | Jonathan Gray | |
| 2014-06-11 | rfc 4512, not 4712; | Jason McIntyre | |
| From: route dylanharris org | |||
| 2014-04-15 | Remove workarounds for ld reaching MAXDSIZ on vax, now that MAXDSIZ is | Miod Vallat | |
| more comfortable. Reminded by brad@ | |||
| 2014-01-22 | relax the cfg file secrecy check slightly to allow group readability | Henning Brauer | |
| default permissions and mtree NOT changed. prodded by benno, ok phessler benno jmatthew theo pelikan florian | |||
| 2013-11-26 | deal with msgbuf_write EAGAIN, ok gilles benno | Henning Brauer | |
| 2013-11-25 | use u_char for buffers in yylex, for ctype calls | Sebastian Benoit | |
| found by millert@, ok deraadt@ | |||
| 2013-11-23 | unsigned char casts for ctype | Theo de Raadt | |
| ok jca | |||
| 2013-11-02 | bunch of format string cleanups, removing %i, signed vs unsigned, and even | Theo de Raadt | |
| a few long long's ok jmatthew | |||
| 2013-09-07 | Change default ciphers to HIGH:!aNULL. | Federico G. Schwindt | |
| reyk@ ok | |||
| 2013-08-20 | replace a predefined string with a mdoc macro; ok jmc, schwarze, sobrado | Mike Belopuhov | |
| 2013-08-14 | some Bx/Ox conversion; | Jason McIntyre | |
| From: Jan Stary | |||
| 2013-08-06 | Switch vax to gcc 3.3.6. | Miod Vallat | |
| 2013-07-16 | use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@ | Ingo Schwarze | |
| 2013-06-29 | do not use Sx for sections outwith the page; | Jason McIntyre | |
| man4 still to go... | |||
| 2013-01-28 | ssl.c is a very old copy of smtpd's and didn't catch up the bump of the | Gilles Chehade | |
| DH prime parameter. bring the update from smtpd... openldap client now accepts to connect to a ssl-enabled ldapd server, issue reported by Joel Carnat and Vadim Agarkov diff ok mikeb@ and martinh@ | |||
| 2012-11-12 | fix a potential memory leak; OK martinh@ sthen@ | Gleydson Soares | |
| 2012-09-26 | last stage of rfc changes, using consistent Rs/Re blocks, and moving the | Jason McIntyre | |
| references into a STANDARDS section; | |||
| 2012-06-16 | Protect against fd exhaustion when reopening database files. Only accept | Jonathan Matthew | |
| client or control connections when there are at least 8 fds available, and close a connection before calling imsg_read if it would be unable to accept an fd from the parent process. ok gilles@ | |||
| 2012-04-24 | take a stab at documenting when arguments need quoted, and valid macro | Jason McIntyre | |
| characters; prompted by a diff from robert peichaer org thanks gilles and henning for feedback ok deraadt zinke | |||
| 2012-04-11 | rate limiting of accept() in various cases. Testing by jmatthew. there | Theo de Raadt | |
| maybe still be a corner case where it needs one more file descriptor beyond the limit.. | |||
| 2012-04-01 | use our umask() before AF_UNIX bind() semantics; ok pyr | Theo de Raadt | |
| 2011-06-23 | Use a common text explaining how the various configuration parsers using | Stuart Henderson | |
| the standard OpenBSD-style parse.y handle continuing lines with backslashes, paying particular attention to how comments are handled (which can cause nasty side-effects if you're not expecting it). Most wording from jmc@, with suggestions from fgsch@, marc@, Richard Toohey, patrick keshishian and Florian Obser, ok jmc@. | |||
| 2011-01-28 | document available authentication types and formats. | Martin Hedenfal | |
| with tweaks from jmc@ | |||
| 2011-01-08 | Change detection of indefinite BER lenghts (which is not allowed). Only a | Martin Hedenfal | |
| length byte of 0x80 is now treated as meaning indefinite. This fixes empty sets sent by the winldap api. Makes authentication through pGina work. with william@ | |||
| 2010-12-17 | Unbreak simple passwords with SHA and salted SHA hashes. Revision 1.7 | Martin Hedenfal | |
| introduced a bug that reversed the check. Found by MERIGHI Marcus. | |||
| 2010-11-26 | Unbreak re-indexing by checking if an index entry already exists. | Martin Hedenfal | |
| 2010-11-10 | Make -dvv flags produce debug traces of decoded BER messages on stderr. | Martin Hedenfal | |
| Also shows a hexdump of the input buffer if BER decoding fails. Useful when debugging protocol issues. | |||
| 2010-11-10 | Prefix debug logging on stderr with time and pid, like syslog. | Martin Hedenfal | |
| 2010-11-05 | If the base DN in a search request doesn't exist, return early. | Martin Hedenfal | |
| 2010-11-05 | When draining the input buffer of more than two complete requests, an | Martin Hedenfal | |
| additional incomplete request would be truncated. This fixes the number of bytes consumed from the input buffer. | |||
| 2010-11-05 | Change to read better after suggestion from jmc. | Martin Hedenfal | |
| 2010-11-04 | Only LDAP version 3 is implemented. | Martin Hedenfal | |
| 2010-11-04 | Document the syntax of schema files. Only a brief synopsis of the attribute | Martin Hedenfal | |
| type and object class syntax is given, the rest is referred to the RFC. | |||
| 2010-11-04 | Publish matching rules in the cn=schema subentry as the matchingRules | Martin Hedenfal | |
| attribute. This is an operational attribute and only returned if explicitly asked for. Required by RFC 4517. | |||
| 2010-11-03 | Update the internal btree documentation to reflect the current api. | Martin Hedenfal | |
| 2010-11-03 | Validate matching rules against attribute syntaxes. All matching rules from | Martin Hedenfal | |
| RFC 4517 are recognized, except the optional wordMatch and keywordMatch. Requires a current core.schema file. | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |