Commit Graph

238 Commits

Author SHA1 Message Date
leitner 977e656d55 drop privileges if $USER or $UID/$GID are set 2018-09-09 11:08:31 +00:00
leitner f45346d608 remove debug printf from acl
add return value comment to ldap.h
actually double-check index "maybe" hits in lookupdn
2018-09-09 10:42:43 +00:00
leitner 706ae2e927 add u flag to addindex (for hash index, only index records with
userPassword for authentication)
2018-09-02 12:11:21 +00:00
leitner c52d6b8ad6 add clang static analyzer target in makefile
free hash table in addindex (not strictly necessary but shuts up memory leak false positives)
add openat to seccomp jail so glibc compiled tinyldap works, too
2018-09-02 10:49:05 +00:00
leitner d6f4b0f66c add fmt_ldapaddrequest 2018-09-01 18:30:37 +00:00
leitner d177cd15aa we used addreponse instead of modifyresponse opcode in response to
modify requests
2018-08-28 16:11:17 +00:00
leitner a3dfae5e7c use -1 instead of 0 as hash table empty marker 2018-08-27 14:11:05 +00:00
leitner f67e5361c7 more comments :) 2018-08-27 12:24:57 +00:00
leitner 09e54d86e0 add make pic 2018-08-24 12:01:02 +00:00
leitner 47d88ede64 use buffer_GETC and stralloc_APPEND for minimal optimization 2018-04-11 14:13:16 +00:00
leitner 340ce0543c be stricter about records with no / two dn 2018-04-08 18:56:18 +00:00
leitner 22b0942762 also allow munmap *facepalm* 2018-04-08 09:27:19 +00:00
leitner e14f13ad94 more unit tests 2018-02-01 02:22:24 +00:00
leitner f2bbd7c53a allow more crypted password types 2018-01-05 10:26:27 +00:00
leitner e122a756a1 Search Filter bugs fixed (thx Simon Rettberg) 2017-06-02 08:51:22 +00:00
leitner 11536f5b2b remove more gcc 7 warnings 2017-05-06 22:40:42 +00:00
leitner a6a5daf303 finish size_t conversion from unsigned long 2017-05-02 14:10:50 +00:00
leitner 36d16fd21b fix a memory leak 2017-04-21 16:37:31 +00:00
leitner 521d67fd26 fix inexplicable memory leak 2017-04-21 16:25:20 +00:00
leitner 1d95650489 change #include to move foo.h to libowfat/foo.h (needs current libowfat now) 2017-04-21 16:23:38 +00:00
leitner 5664e1796a better ldif parsing error messages (in a format that vim quickfix mode can use) 2017-04-19 16:22:34 +00:00
leitner decd4273e4 if useindex returns error, don't fail 2017-03-29 14:42:49 +00:00
leitner 2677773b06 skip comment lines 2017-03-29 13:03:18 +00:00
leitner 7a2ea8bd51 faking an index for present queries actually made things slower
fail parsing for decoding errors
2017-03-29 12:52:24 +00:00
leitner 0570db01d5 update seccomp for i386 socketcall syscall horror 2017-03-13 10:49:26 +00:00
leitner 483069ce51 allow ftruncate
allow mremap for glibc, too
2017-03-03 16:18:21 +00:00
leitner 6ef84457cc fix two bugs in the indexing code found by Georg Lehner
silence if statement indentation warnings (gcc has become more picky)
2017-02-25 08:40:23 +00:00
leitner eb8bf7c2ac fix for infinite loop in case of query return limit 2016-01-22 15:40:05 +00:00
leitner 4a12975f61 off by one 2015-06-13 12:05:16 +00:00
leitner 0f622add7f start working on test suite 2015-05-08 04:33:04 +00:00
leitner e4a6b9268f add some more tls wip code 2015-05-08 01:21:32 +00:00
leitner ed9c3d238e use seccomp-filter to reduce privileges 2015-05-08 00:26:37 +00:00
leitner 2479167b37 check in some experimental X.509 parsing code 2015-05-07 23:53:05 +00:00
leitner ad390ee7ea robustness fixes 2015-05-07 23:51:01 +00:00
leitner 6ddce21c52 cleanup in error handling corner cases 2015-05-07 23:50:12 +00:00
leitner 0303876114 silence cppcheck 2015-05-07 23:49:14 +00:00
leitner 34c4ff4912 double free probably only an issue if you are not using dietlibc 2015-05-07 22:53:13 +00:00
leitner d51d7571c0 mention security fixes 2015-05-07 22:48:32 +00:00
leitner 4631d35709 fix read av 2015-05-07 22:46:50 +00:00
leitner c82d7f6cd8 prevent double free 2015-05-07 22:25:28 +00:00
leitner 7233b84786 add missing check to length parser
add code to iterate through x509v3 extensions
2014-04-23 14:10:48 +00:00
leitner bfc0f242ee fix off by one in int parsing 2014-04-21 14:42:24 +00:00
leitner 1d3fbf91d8 oops, brain fart 2014-04-21 09:50:12 +00:00
leitner babfbabaf9 reject non-minimally encoded integers 2014-04-19 10:46:59 +00:00
leitner da36873b76 mmap_read now returns const char*, remove warnings
reject non-minimal encodings for lengths and tags
catch too-large-value overflows in tags
2014-04-15 20:40:01 +00:00
leitner b8771d5957 add more constness 2013-10-20 15:32:31 +00:00
leitner 218df43e66 reload ACLs when reloading the data file 2013-09-16 18:43:59 +00:00
leitner 46899d6ad1 fix make clean
fix acl matching in tinyldap
give ldapclient a way to do basic authentication
2013-09-16 18:35:04 +00:00
leitner 06871c8925 one of the off-by-one fixes was bad 2011-11-08 01:40:01 +00:00
leitner d184c99cf9 add asn1dump and support more OIDs
expand fmt_asn1generic
2011-09-27 20:07:13 +00:00