Quanah Gibson-Mount pushed to branch OPENLDAP_REL_ENG_2_5 at openldap / OpenLDAP

Commits: c6493c45 by Quanah Gibson-Mount at 2020-04-10T18:19:33+00:00 ITS#6567 - Remove non-cyrus-sasl GSSAPI bits

- - - - - 735e1ab1 by Howard Chu at 2020-04-12T23:51:09+01:00 ITS#8650 loop on incomplete TLS handshake

Always retry ldap_int_tls_connect() if it didn't complete, regardless of blocking or non-blocking socket. Code from ITS#7428 was wrong to only retry for async.

- - - - - e50741e4 by Quanah Gibson-Mount at 2020-04-13T17:19:35+00:00 ITS#6567 - More cleanup

- - - - - e1876446 by Ryan Tandy at 2020-04-13T18:57:50+00:00 ITS#9212 Restore snprintf to caller-provided buffer

76df74dbeab47195e42946a474c3a5f8557c168d removed some snprintfs to buffers that are actually returned to the client. Restore these.

- - - - - bbe20cbf by Ryan Tandy at 2020-04-13T18:57:50+00:00 ITS#8731 cleanup unused logbuf

- - - - - f6d9fdc4 by Ondřej Kuzník at 2020-04-14T09:58:03+01:00 ITS#9043 Improve replication loggging

- - - - - 5c20342b by Peter Marschall at 2020-04-14T09:26:19-07:00 ITS#9203 contrib/passwd/argon2: add manual page

Add manual page slapd-pw-argon2.5 and make sure it gets installed.

Signed-off-by: Peter Marschall <peter@adpm.de>

- - - - - 2be4576a by Ryan Tandy at 2020-04-14T09:26:19-07:00 ITS#9203 slapd-argon2 -> pw-argon2

Based on initial patch by Peter Marschall.

- - - - - 40ce9a46 by Peter Marschall at 2020-04-14T09:26:19-07:00 ITS#9206 contrib/passwd/argon2: consolidate libsodium implementation

* use 'crypto_pwhash_str_alg(..., crypto_pwhash_ALG_ARGON2ID13)' to set the algorithm to Argon2. According to libsodium's documentation, the original 'crypto_pwhash_str()' only guarantees a "memory-hard, CPU-intensive hash function", but not necessarily Argon2. Although in released versions of libsodium Argon2 is the only implemented backend, this may chane in the future. * multiply the 'memory' parameter by 1024 to align it with the libargon2 implementation. The objective is to have consistent configuration in OpenLDAP's pw-argon2 module no matter what backend implementation is used.

Signed-off-by: Peter Marschall <peter@adpm.de>

- - - - - 64856677 by Ryan Tandy at 2020-04-14T09:26:19-07:00 ITS#9206 Initialize libsodium before calling its functions

- - - - - 307b06ff by Ryan Tandy at 2020-04-14T09:26:19-07:00 ITS#9206 Convert libsodium default memlimit to KiB

- - - - - 0ec42b08 by Ryan Tandy at 2020-04-14T09:26:19-07:00 ITS#9206 Use argon2id default values explicitly

- - - - - feb6f21d by Ryan Tandy at 2020-04-14T09:26:19-07:00 ITS#9203 Remove default values from slapd-pw-argon2.5

The defaults vary by crypto library and possibly even version, so it's not worth trying to keep them accurate.

- - - - - 38f9dd2f by Ryan Tandy at 2020-04-14T10:04:33-07:00 ITS#7878 Replace uint32_t with unsigned in back-mdb

init.c: align mi_dbenv_flags and flags with mdb_dbi_open, which declares flags as unsigned int.

search.c: align mi_rtxn_size with ARG_UINT; adjust ww_ctx.nentries to silence a warning about signed/unsigned comparison.

config.c: parse checkpoint config more carefully. Reject negative or unreasonably large values for kbytes and minutes. Ensure both values are parsed successfully before making any changes.

Fixes a compilation failure under MinGW, where stdint.h types are not implicitly pulled in by other headers.

- - - - - 5368e22b by Ryan Tandy at 2020-04-14T12:10:06-07:00 ITS#9213 Make --enable-modules imply --enable-dynamic

The default for --enable-dynamic is now "auto", meaning "yes" if --enable-modules and "no" otherwise.

- - - - - f747d619 by Quanah Gibson-Mount at 2020-04-14T22:20:38+00:00 ITS#9213 -- Regenerate configure

- - - - - a5e17673 by grapvar at 2020-04-15T00:14:37+01:00 ITS#9214 slapd-mdb: plug cursor leak in dnSuperiorMatch filter

- - - - - a97eed06 by Quanah Gibson-Mount at 2020-04-15T19:32:28+00:00 ITS#6937 - Remove unused proctitle bits

- - - - - 8a677f65 by Quanah Gibson-Mount at 2020-04-16T15:14:59+00:00 ITS#6937 -- regenerate configure/portable.hin

- - - - - 65d09368 by Ondřej Kuzník at 2020-04-16T16:41:35+00:00 ITS#8245 Silence warning

- - - - - 8f01fdec by Ondřej Kuzník at 2020-04-16T16:41:35+00:00 ITS#8731 Remove unused arguments

- - - - - 550476b5 by Ondřej Kuzník at 2020-04-16T16:41:35+00:00 ITS#9112 Silence warnings

- - - - - 7ce47405 by Ryan Tandy at 2020-04-16T09:51:28-07:00 ITS#6035 Fix test076 to specify SASL mech

- - - - - d5e133f4 by Ryan Tandy at 2020-04-16T19:15:31+00:00 ITS#9181 fix ldap_pvt_thread_mutex_t used before its definition

- - - - - 3ca7f20b by Quanah Gibson-Mount at 2020-04-16T23:35:43+00:00 Merge remote-tracking branch 'origin/master' into OPENLDAP_REL_ENG_2_5

- - - - -

30 changed files:

- .gitignore - clients/tools/common.c - clients/tools/ldapcompare.c - clients/tools/ldapdelete.c - clients/tools/ldapmodify.c - clients/tools/ldapmodrdn.c - clients/tools/ldappasswd.c - clients/tools/ldapsearch.c - clients/tools/ldapvc.c - clients/tools/ldapwhoami.c - configure - configure.in - contrib/slapd-modules/passwd/argon2/Makefile - contrib/slapd-modules/passwd/argon2/README - contrib/slapd-modules/passwd/argon2/pw-argon2.c - + contrib/slapd-modules/passwd/argon2/slapd-pw-argon2.5 - − include/ac/setproctitle.h - include/ldap.h - include/ldap_int_thread.h - include/portable.hin - libraries/libldap/Makefile.in - libraries/libldap/bind.c - − libraries/libldap/gssapi.c - libraries/libldap/init.c - libraries/libldap/ldap-int.h - libraries/libldap/options.c - libraries/libldap/request.c - libraries/libldap/test.c - libraries/libldap/tls2.c - libraries/libldap/util-int.c

View it on GitLab: https://git.openldap.org/openldap/openldap/-/compare/7e5f52aec42d21d21f01fbd...