![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / ldapd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.32 / (download) - annotate - [select for diffs], Thu Feb 10 13:06:46 2022 UTC (2 years, 3 months ago) by robert
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
HEAD
Changes since 1.31: +3 -1 lines
Diff to previous 1.31 (colored)
unveil _PATH_LOGIN_CONF_D
Revision 1.31 / (download) - annotate - [select for diffs], Wed Dec 15 11:36:40 2021 UTC (2 years, 5 months ago) by jmatthew
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
ldapd always uses O_CREAT when reopening database files, so the database directory must be unveiled with "rwc" rather than just "rw". ok deraadt@ mestre@
Revision 1.30 / (download) - annotate - [select for diffs], Wed Dec 15 04:00:15 2021 UTC (2 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.29: +3 -3 lines
Diff to previous 1.29 (colored)
PATH_MAX+1 rarely makes sense, and abort if this happens in the imsg. ok jmatthew millert
Revision 1.29 / (download) - annotate - [select for diffs], Wed Jul 14 13:33:57 2021 UTC (2 years, 10 months ago) by kn
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.28: +1 -2 lines
Diff to previous 1.28 (colored)
Remove unneeded calls to tls_init(3) As per the manual and lib/libtls/tls.c revision 1.79 from 2018 "Automatically handle library initialisation for libtls." initialisation is handled automatically by other tls_*(3) functions. Remove explicit tls_init() calls from base to not give the impression of it being needed. Feedback tb OK Tests mestre
Revision 1.28 / (download) - annotate - [select for diffs], Mon Jul 12 15:09:21 2021 UTC (2 years, 10 months ago) by beck
Branch: MAIN
Changes since 1.27: +6 -6 lines
Diff to previous 1.27 (colored)
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion. Work done and verified by Ashton Fagg <ashton@fagg.id.au> ok deraadt@ semarie@ claudio@
Revision 1.27 / (download) - annotate - [select for diffs], Wed Jan 27 22:12:28 2021 UTC (3 years, 4 months ago) by rob
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.26: +15 -22 lines
Diff to previous 1.26 (colored)
Unveil ldapd. Follow recent precedent and elect to forego the unlinking of some objects at shutdown thereby allowing for a tighter unveil. Feedbackup from deraadt@ and martijn@. OK deraadt@
Revision 1.26 / (download) - annotate - [select for diffs], Thu Mar 5 07:39:25 2020 UTC (4 years, 2 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.25: +8 -4 lines
Diff to previous 1.25 (colored)
Fix ldapd datadir location. Diff from roklein <at> roklein <dot> de OK claudio@
Revision 1.25 / (download) - annotate - [select for diffs], Sun Mar 31 03:36:18 2019 UTC (5 years, 2 months ago) by yasuoka
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.24: +5 -2 lines
Diff to previous 1.24 (colored)
Avoid calling dup2(oldd, newd) when oldd == newd. In that case the descriptor keeps CLOEXEC flag then it will be closed unexpectedly by exec(). ok tedu florian
Revision 1.24 / (download) - annotate - [select for diffs], Tue May 15 11:19:21 2018 UTC (6 years ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.23: +13 -6 lines
Diff to previous 1.23 (colored)
Fix format string errors in log messages and update ldapd to use relayd's log.c OK benno@ jmatthew@
Revision 1.23 / (download) - annotate - [select for diffs], Wed Mar 1 00:50:12 2017 UTC (7 years, 3 months ago) by gsoares
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.22: +10 -11 lines
Diff to previous 1.22 (colored)
move up getpid() and getpwnam(LDAP USER) checks to fail earlier and also make them consistent with other daemons. while here: - fix getpwnam(LDAPD_USER) errx() - no need to skip_chroot ok jmatthew@
Revision 1.22 / (download) - annotate - [select for diffs], Fri Feb 24 14:28:31 2017 UTC (7 years, 3 months ago) by gsoares
Branch: MAIN
Changes since 1.21: +70 -11 lines
Diff to previous 1.21 (colored)
Implement fork+exec model OK jmatthew@
Revision 1.21 / (download) - annotate - [select for diffs], Fri Jan 20 11:55:08 2017 UTC (7 years, 4 months ago) by benno
Branch: MAIN
Changes since 1.20: +2 -1 lines
Diff to previous 1.20 (colored)
work on making log.c similar in all daemons: move daemon-local functions into new logmsg.c, and reduce the (mostly whitespace) differences so that log.c's can be diffed easily. ok krw@ jmatthew@
Revision 1.20 / (download) - annotate - [select for diffs], Sun May 1 00:32:37 2016 UTC (8 years, 1 month ago) by jmatthew
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)
convert ldapd to use the libtls api, bringing in a copy of the evbuffer_tls code from syslogd. ok beck@ benno@
Revision 1.19 / (download) - annotate - [select for diffs], Thu Feb 4 12:48:06 2016 UTC (8 years, 3 months ago) by jca
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.18: +2 -3 lines
Diff to previous 1.18 (colored)
Minor ldapd -r tweaks - fix style - the string pointed to by datadir shouldn't be modified, use const - initialize datadir at compile time - in namespace.c, move the extern datadir decl above local decls
Revision 1.18 / (download) - annotate - [select for diffs], Tue Feb 2 14:59:20 2016 UTC (8 years, 4 months ago) by gsoares
Branch: MAIN
Changes since 1.17: +7 -3 lines
Diff to previous 1.17 (colored)
use stat(2) instead of chdir(2) to check if given the directory is valid. OK landry@ jca@
Revision 1.17 / (download) - annotate - [select for diffs], Mon Feb 1 20:00:18 2016 UTC (8 years, 4 months ago) by landry
Branch: MAIN
Changes since 1.16: +12 -4 lines
Diff to previous 1.16 (colored)
Add -r argument to ldapd, to specify an alternative directory to store/read the database, still defaulting to /var/db/ldap. This will allow running totally separate instances, to be used by an upcoming regress suite for example. With a tweak from gsoares@ to check that the directory exists. ok dlg@ semarie@ jca@
Revision 1.16 / (download) - annotate - [select for diffs], Sun Jan 17 08:13:34 2016 UTC (8 years, 4 months ago) by landry
Branch: MAIN
Changes since 1.15: +24 -1 lines
Diff to previous 1.15 (colored)
Properly remove unix sockets (control & listening) upon exit of the parent process. Child process was killed by pledge because it tried to remove the control socket and didnt have cpath - anyway it couldnt remove it since it had chrooted.. ok jmatthew@ deraadt@
Revision 1.15 / (download) - annotate - [select for diffs], Thu Dec 24 17:47:57 2015 UTC (8 years, 5 months ago) by mmcc
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
bzero -> memset. No binary change.
Revision 1.14 / (download) - annotate - [select for diffs], Mon Nov 2 06:32:51 2015 UTC (8 years, 7 months ago) by jmatthew
Branch: MAIN
Changes since 1.13: +3 -17 lines
Diff to previous 1.13 (colored)
use SOCK_NONBLOCK instead of fcntl ok dlg@
Revision 1.13 / (download) - annotate - [select for diffs], Mon Nov 2 04:48:43 2015 UTC (8 years, 7 months ago) by jmatthew
Branch: MAIN
Changes since 1.12: +5 -1 lines
Diff to previous 1.12 (colored)
Both ldapd processes need "stdio" to talk to clients and each other.
The parent process opens database files ("rpath wpath cpath"), sends fds to
the child ("sendfd"), and does bsd auth on behalf of the child ("getpw proc
exec").
The child process accepts client connections ("inet unix"), receives fds from
the parent ("recvfd") and locks database files ("flock").
ok deraadt@
Revision 1.12 / (download) - annotate - [select for diffs], Fri Jan 16 16:04:38 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)
change to <limits.h> universe. The only changes in the binary are due to the heavy use of assert. ok millert
Revision 1.11 / (download) - annotate - [select for diffs], Mon Aug 25 07:50:26 2014 UTC (9 years, 9 months ago) by doug
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
Delete secret or secret-derived data with explicit_bzero. concept ok deraadt@ diff looks ok tedu@
Revision 1.10 / (download) - annotate - [select for diffs], Sat Nov 2 13:31:51 2013 UTC (10 years, 7 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.9: +3 -3 lines
Diff to previous 1.9 (colored)
bunch of format string cleanups, removing %i, signed vs unsigned, and even a few long long's ok jmatthew
Revision 1.9 / (download) - annotate - [select for diffs], Sat Jun 16 00:08:32 2012 UTC (11 years, 11 months ago) by jmatthew
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.8: +10 -2 lines
Diff to previous 1.8 (colored)
Protect against fd exhaustion when reopening database files. Only accept client or control connections when there are at least 8 fds available, and close a connection before calling imsg_read if it would be unable to accept an fd from the parent process. ok gilles@
Revision 1.8 / (download) - annotate - [select for diffs], Wed Nov 10 08:00:54 2010 UTC (13 years, 6 months ago) by martinh
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)
Make -dvv flags produce debug traces of decoded BER messages on stderr. Also shows a hexdump of the input buffer if BER decoding fails. Useful when debugging protocol issues.
Revision 1.7 / (download) - annotate - [select for diffs], Tue Oct 26 01:58:22 2010 UTC (13 years, 7 months ago) by william
Branch: MAIN
Changes since 1.6: +42 -2 lines
Diff to previous 1.6 (colored)
Allow the userPassword attribute to specify a login class when using
simple binds with BSD Authentication, using '#' as the delimiter, such
as:
userPassword: {BSDAUTH}username#loginclass
Useful for auth modules that require parameters such as login_radius.
ok martinh
Revision 1.6 / (download) - annotate - [select for diffs], Wed Sep 1 17:34:15 2010 UTC (13 years, 9 months ago) by martinh
Branch: MAIN
Changes since 1.5: +27 -88 lines
Diff to previous 1.5 (colored)
Move generic imsg/libevent glue to a separate file. with eric@ at c2k10
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jul 1 02:19:11 2010 UTC (13 years, 11 months ago) by martinh
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.4: +1 -2 lines
Diff to previous 1.4 (colored)
Remove dead assignments. Found by clang static analyzer.
Revision 1.4 / (download) - annotate - [select for diffs], Tue Jun 15 15:12:54 2010 UTC (13 years, 11 months ago) by martinh
Branch: MAIN
Changes since 1.3: +79 -22 lines
Diff to previous 1.3 (colored)
Implement support in the parent to (re-)open database files on behalf of the unprivileged child over imsg. Part of a larger change that will fix database compaction.
Revision 1.3 / (download) - annotate - [select for diffs], Tue Jun 15 14:43:56 2010 UTC (13 years, 11 months ago) by martinh
Branch: MAIN
Changes since 1.2: +10 -10 lines
Diff to previous 1.2 (colored)
EV_READ and EV_WRITE are not mutually exclusive, so check if we get both in the same event.
Revision 1.2 / (download) - annotate - [select for diffs], Mon May 31 18:29:04 2010 UTC (14 years ago) by martinh
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
Remove trailing whitespace and spaces before tabs. ok gilles@
Revision 1.1 / (download) - annotate - [select for diffs], Mon May 31 17:36:31 2010 UTC (14 years ago) by martinh
Branch: MAIN
Initial import of ldapd, a small LDAP daemon. Work in progress. ok deraadt@ jacekm@ gilles@ back@ henning@ blambert@