![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / ypldap
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.50 / (download) - annotate - [select for diffs], Tue May 21 05:00:48 2024 UTC (2 weeks, 6 days ago) by jsg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.49: +1 -2 lines
Diff to previous 1.49 (colored)
remove prototypes with no matching function and externs with no var partly checked by millert@
Revision 1.49 / (download) - annotate - [select for diffs], Tue Jul 18 13:06:33 2023 UTC (10 months, 3 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.48: +7 -1 lines
Diff to previous 1.48 (colored)
Do not duplicate prototypes of log.h in ypldap.h (without the extra __format__ attribute on top). Also properly ignore SIGHUP in the child processes. OK jmatthew@
Revision 1.48 / (download) - annotate - [select for diffs], Mon May 22 05:59:05 2023 UTC (12 months, 2 weeks ago) by jmatthew
Branch: MAIN
Changes since 1.47: +35 -51 lines
Diff to previous 1.47 (colored)
Keep trying LDAP servers until we get full results from one, rather than just until one accepts the TCP connection. In multi server environments, this makes ypldap more resilient when some servers are misbehaving. While here, add the server address to log messages relating to connection errors to make it easier to identify which server is failing. ok tb@
Revision 1.47 / (download) - annotate - [select for diffs], Fri Mar 31 03:38:26 2023 UTC (14 months, 1 week ago) by jmatthew
Branch: MAIN
Changes since 1.46: +3 -2 lines
Diff to previous 1.46 (colored)
Only send the used portion of struct idm_req in imsgs from the ldapclient process to the main process. This significantly reduces memory usage when updating larger directories. ok aisha@
Revision 1.46 / (download) - annotate - [select for diffs], Thu Oct 13 04:55:33 2022 UTC (19 months, 4 weeks ago) by jmatthew
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.45: +6 -2 lines
Diff to previous 1.45 (colored)
Add client certificate authentication and optional SASL EXTERNAL bind, which allows the client to bind as the subject of the certificate in cases where the directory doesn't implicitly do that. The client certificate is configured with 'certfile' and 'keyfile' directives, and SASL EXTERNAL bind is configured with the 'bindext' directive. ok tb@
Revision 1.45 / (download) - annotate - [select for diffs], Mon Aug 22 10:10:59 2022 UTC (21 months, 2 weeks ago) by jmatthew
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.44: +14 -3 lines
Diff to previous 1.44 (colored)
log connect, TLS and bind errors more prominently
Revision 1.44 / (download) - annotate - [select for diffs], Sat Feb 5 22:59:58 2022 UTC (2 years, 4 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.43: +3 -3 lines
Diff to previous 1.43 (colored)
ypldap: fix -Wunused-but-set-variable warnings * wrlen has been write-only since the code was imported * removing "dns_pid" mirrors ntpd/ntp.c 1.122 * ifdef out unfinished code in yp_check() ok millert@ deraadt@
Revision 1.43 / (download) - annotate - [select for diffs], Fri Jun 28 13:32:52 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
Revision 1.42 / (download) - annotate - [select for diffs], Tue Nov 27 12:06:39 2018 UTC (5 years, 6 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.41: +13 -11 lines
Diff to previous 1.41 (colored)
Sync aldap and ber with ldap(1). OK claudio@
Revision 1.41 / (download) - annotate - [select for diffs], Thu Dec 7 05:09:27 2017 UTC (6 years, 6 months ago) by zhuk
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.40: +3 -5 lines
Diff to previous 1.40 (colored)
client_addr_init() never fails and its return value is never checked, so just make it void. okay jmatthew@
Revision 1.40 / (download) - annotate - [select for diffs], Thu Dec 7 05:06:08 2017 UTC (6 years, 6 months ago) by zhuk
Branch: MAIN
Changes since 1.39: +7 -3 lines
Diff to previous 1.39 (colored)
Fix a potential fd leak in client_aldap_open(). okay jmatthew@
Revision 1.39 / (download) - annotate - [select for diffs], Tue May 30 09:33:31 2017 UTC (7 years ago) by jmatthew
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.38: +46 -4 lines
Diff to previous 1.38 (colored)
Teach ypldap to use tls when connecting to ldap servers. libtls help from jsing@, linker help from deraadt@
Revision 1.38 / (download) - annotate - [select for diffs], Fri Jan 20 12:39:36 2017 UTC (7 years, 4 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.37: +3 -1 lines
Diff to previous 1.37 (colored)
work on making log.c similar in all daemons: reduce the (mostly whitespace) differences so that log.c's can be diffed easily. disclaimer change ok henning@. ok krw@ jmatthew@
Revision 1.37 / (download) - annotate - [select for diffs], Tue Nov 29 17:15:27 2016 UTC (7 years, 6 months ago) by mestre
Branch: MAIN
Changes since 1.36: +5 -5 lines
Diff to previous 1.36 (colored)
Use memset(3) instead of bzero(3) OK deraadt@
Revision 1.36 / (download) - annotate - [select for diffs], Sun Apr 10 09:59:21 2016 UTC (8 years, 2 months ago) by jmatthew
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.35: +14 -25 lines
Diff to previous 1.35 (colored)
convert ypldap_addr list to a tailq ok dlg@
Revision 1.35 / (download) - annotate - [select for diffs], Sat Dec 5 13:15:06 2015 UTC (8 years, 6 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.34: +3 -3 lines
Diff to previous 1.34 (colored)
EAGAIN handling for imsg_read. OK henning@ benno@
Revision 1.34 / (download) - annotate - [select for diffs], Tue Nov 17 02:16:52 2015 UTC (8 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)
clean headers
Revision 1.33 / (download) - annotate - [select for diffs], Sun Nov 15 01:31:57 2015 UTC (8 years, 6 months ago) by jmatthew
Branch: MAIN
Changes since 1.32: +4 -1 lines
Diff to previous 1.32 (colored)
pledge for ypldap is easy because it's purely a network program. One process talks to yp clients, one talks to ldap servers, one does dns. ok deraadt@
Revision 1.32 / (download) - annotate - [select for diffs], Fri Jan 16 06:40:22 2015 UTC (9 years, 4 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.31: +3 -2 lines
Diff to previous 1.31 (colored)
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
Revision 1.31 / (download) - annotate - [select for diffs], Sun Nov 16 23:24:44 2014 UTC (9 years, 6 months ago) by tedu
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
use sa_family instead of hard coded inet. from Yury Konovalov
Revision 1.30 / (download) - annotate - [select for diffs], Sun Jul 13 15:38:09 2014 UTC (9 years, 11 months ago) by krw
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.29: +14 -15 lines
Diff to previous 1.29 (colored)
Since the event(s) passed to a callback can be a mask of all events of interest and EV_WRITE is or'ed into the interesting events, it is more correct to check both events each time. Pointed out by Claudio. ok henning@ claudio@
Revision 1.29 / (download) - annotate - [select for diffs], Sun Jul 13 12:07:59 2014 UTC (9 years, 11 months ago) by krw
Branch: MAIN
Changes since 1.28: +12 -7 lines
Diff to previous 1.28 (colored)
Close connection/remove event handler when msgbuf_write() hits an EOF. ok jmatthew@ claudio@
Revision 1.28 / (download) - annotate - [select for diffs], Tue Nov 26 12:02:59 2013 UTC (10 years, 6 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
msgbuf_write EAGAIN, ok gilles benno all of these from a long train ride
Revision 1.27 / (download) - annotate - [select for diffs], Tue Apr 30 05:14:59 2013 UTC (11 years, 1 month ago) by jmatthew
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.26: +2 -1 lines
Diff to previous 1.26 (colored)
ignore SIGPIPE so we don't fall over if an ldap connection breaks ok dlg@
Revision 1.26 / (download) - annotate - [select for diffs], Mon Apr 30 21:40:03 2012 UTC (12 years, 1 month ago) by jmatthew
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.25: +44 -24 lines
Diff to previous 1.25 (colored)
Use paged searches so we can handle larger directories. Servers that don't understand paging, such as ldapd(8), ignore it and return a single set of results as before. from Jim Smith, some tweaks and fixes by me, ok dlg@
Revision 1.25 / (download) - annotate - [select for diffs], Mon Apr 30 11:28:25 2012 UTC (12 years, 1 month ago) by jmatthew
Branch: MAIN
Changes since 1.24: +7 -2 lines
Diff to previous 1.24 (colored)
add 'groupdn' option for specifying a separate base DN for group searches. from Jim Smith, ok dlg@
Revision 1.24 / (download) - annotate - [select for diffs], Thu Mar 15 03:44:46 2012 UTC (12 years, 2 months ago) by jmatthew
Branch: MAIN
Changes since 1.23: +4 -7 lines
Diff to previous 1.23 (colored)
Accept empty/nonexistant ldap attributes when we want a list. This allows empty groups to show up, which is helpful if they're used as primary groups. ok dlg@
Revision 1.23 / (download) - annotate - [select for diffs], Sun Aug 28 16:37:28 2011 UTC (12 years, 9 months ago) by aschrijver
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.22: +8 -8 lines
Diff to previous 1.22 (colored)
Use the correct terminology, replace the term "entry" with the term "attribute" where applicable. OK martinh@ pyr@
Revision 1.22 / (download) - annotate - [select for diffs], Sun Aug 28 11:53:16 2011 UTC (12 years, 9 months ago) by aschrijver
Branch: MAIN
Changes since 1.21: +2 -1 lines
Diff to previous 1.21 (colored)
Add support for the netid.byname YP map. This map is used by getgrouplist(3), which is used by (amongst other things) initgroups(3) to set the supplemantary groups on login. OK pyr@
Revision 1.21 / (download) - annotate - [select for diffs], Mon Jan 17 14:34:15 2011 UTC (13 years, 4 months ago) by martinh
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.20: +56 -67 lines
Diff to previous 1.20 (colored)
Refactor ldap searches for passwd and group queries into a common client_search_idm function. ok pyr@
Revision 1.20 / (download) - annotate - [select for diffs], Mon Jan 17 14:24:01 2011 UTC (13 years, 4 months ago) by martinh
Branch: MAIN
Changes since 1.19: +86 -117 lines
Diff to previous 1.19 (colored)
extract common code for building the idm_req struct for passwords and groups in a new function client_build_req ok pyr@ CV: ----------------------------------------------------------------------
Revision 1.19 / (download) - annotate - [select for diffs], Thu Jan 13 06:12:29 2011 UTC (13 years, 5 months ago) by martinh
Branch: MAIN
Changes since 1.18: +1 -3 lines
Diff to previous 1.18 (colored)
Remove forward declarations of non-existant functions. ok pyr@
Revision 1.18 / (download) - annotate - [select for diffs], Fri Jul 9 12:17:34 2010 UTC (13 years, 11 months ago) by zinovik
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
use macro defines for magical numbers, instead hardcoded values ok krw@
Revision 1.17 / (download) - annotate - [select for diffs], Mon Jul 5 18:54:33 2010 UTC (13 years, 11 months ago) by zinovik
Branch: MAIN
Changes since 1.16: +5 -3 lines
Diff to previous 1.16 (colored)
original `for' loop has bug `use after free'. At first iteration we are checking h != NULL, then we free(h) and then we do `h = h->next', but `h' is not valid anymore. ok @krw
Revision 1.16 / (download) - annotate - [select for diffs], Sat Jun 12 09:08:56 2010 UTC (14 years ago) by zinovik
Branch: MAIN
Changes since 1.15: +2 -1 lines
Diff to previous 1.15 (colored)
at line 445 `al' is allocated via `aldap_init' in `client_aldap_open' function, but when further in code we might do `goto bad', `al' is not freed with `aldap_close', so plug memory leak on error path tested by jasper@ ok pyr@, jasper@
Revision 1.15 / (download) - annotate - [select for diffs], Thu Apr 1 18:24:04 2010 UTC (14 years, 2 months ago) by zinovik
Branch: MAIN
Changes since 1.14: +3 -3 lines
Diff to previous 1.14 (colored)
fix fatal calls, that they will report function names from which they are called, in case of failure developer will be digging for a bug in wrong place ok krw@, pyr@
Revision 1.14 / (download) - annotate - [select for diffs], Sat Jun 6 05:02:58 2009 UTC (15 years ago) by eric
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7,
OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.13: +37 -31 lines
Diff to previous 1.13 (colored)
Sync with relayd: Stop pushing event handling in the imsg framework. Instead, provide a small glue layer on top of both imsg and libevent. This finally clearly separates event handling and imsg construction. ok pyr@
Revision 1.13 / (download) - annotate - [select for diffs], Tue Jan 27 23:29:42 2009 UTC (15 years, 4 months ago) by pyr
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.12: +7 -4 lines
Diff to previous 1.12 (colored)
keep namespace clean. discussed w/ aschrijver@
Revision 1.12 / (download) - annotate - [select for diffs], Tue Jan 27 16:17:49 2009 UTC (15 years, 4 months ago) by aschrijver
Branch: MAIN
Changes since 1.11: +27 -27 lines
Diff to previous 1.11 (colored)
Add space after keywords.
Revision 1.11 / (download) - annotate - [select for diffs], Tue Jan 27 11:33:22 2009 UTC (15 years, 4 months ago) by aschrijver
Branch: MAIN
Changes since 1.10: +11 -4 lines
Diff to previous 1.10 (colored)
Add correct error handling to the aldap API. Use the error handling in the ldapclient. with help from pyr@
Revision 1.10 / (download) - annotate - [select for diffs], Mon Jan 26 21:56:15 2009 UTC (15 years, 4 months ago) by pyr
Branch: MAIN
Changes since 1.9: +1 -13 lines
Diff to previous 1.9 (colored)
move aldap_close in aldap.c, where it belongs. discussed with aschrijver@
Revision 1.9 / (download) - annotate - [select for diffs], Tue Oct 28 13:47:22 2008 UTC (15 years, 7 months ago) by aschrijver
Branch: MAIN
Changes since 1.8: +286 -290 lines
Diff to previous 1.8 (colored)
Do the DNS resolution in a seperate process. A lot of code is copied from ntpd. This is necessary because DNS resolution is not possible from a chroot. Cleanup the aldap interface a bit.
Revision 1.8 / (download) - annotate - [select for diffs], Tue Oct 21 11:33:36 2008 UTC (15 years, 7 months ago) by aschrijver
Branch: MAIN
Changes since 1.7: +1 -4 lines
Diff to previous 1.7 (colored)
Oops, freed to much memory.
Revision 1.7 / (download) - annotate - [select for diffs], Mon Oct 20 18:19:25 2008 UTC (15 years, 7 months ago) by aschrijver
Branch: MAIN
Changes since 1.6: +11 -9 lines
Diff to previous 1.6 (colored)
Do not stop connecting after the first connect fails. OK mikeb@
Revision 1.6 / (download) - annotate - [select for diffs], Sun Oct 19 12:00:54 2008 UTC (15 years, 7 months ago) by aschrijver
Branch: MAIN
Changes since 1.5: +79 -31 lines
Diff to previous 1.5 (colored)
Do the DNS resolution before the chroot and disable LDAP referrals for now.
Revision 1.5 / (download) - annotate - [select for diffs], Tue Oct 14 21:41:03 2008 UTC (15 years, 7 months ago) by aschrijver
Branch: MAIN
Changes since 1.4: +316 -93 lines
Diff to previous 1.4 (colored)
Add support for referrals and lists of attributes.
Revision 1.4 / (download) - annotate - [select for diffs], Mon Oct 6 11:20:20 2008 UTC (15 years, 8 months ago) by aschrijver
Branch: MAIN
Changes since 1.3: +1 -2 lines
Diff to previous 1.3 (colored)
Oops, also commit the header file. Remove silly debug message.
Revision 1.3 / (download) - annotate - [select for diffs], Tue Sep 30 16:24:16 2008 UTC (15 years, 8 months ago) by aschrijver
Branch: MAIN
Changes since 1.2: +101 -88 lines
Diff to previous 1.2 (colored)
aldap library -- Replacement for openldap used in ypldap. aldap is an semi-asynchronous client interface to connect to LDAP servers.
Revision 1.2 / (download) - annotate - [select for diffs], Wed Jul 2 17:36:15 2008 UTC (15 years, 11 months ago) by pyr
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)
kill a bunch of dead code.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Jun 26 15:10:01 2008 UTC (15 years, 11 months ago) by pyr
Branch: MAIN
ypldap -- Intended to be a drop-in replacement for ypserv, gluing in a
LDAP directory and thus providing support for users and groups stored in
LDAP for the get{pw,gr}ent family of functions.
As of now it relies on external LDAP libraries, choose the one of your
liking though openldap would do fine. Not linked to the builds until
some things are sorted out, having our own LDAP client code for
instance, better support for group membership lookup as well.
Remember to sync with the latest master.passwd and group files as well
to have the _ypldap user available, which is needed.
``just get it in'' deraadt@