Up to [cvs.NetBSD.org] / pkgsrc / databases / openldap
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
openldap: updated to 2.6.9 OpenLDAP 2.6.9 Release (2024/11/26) Fixed libldap TLS connection timeout handling Fixed libldap GnuTLS incompatible pointer type Fixed libldap OpenSSL set_ciphersuite error handling Fixed libldap to check for OpenSSL EVP_Digest* failure Fixed slapd cn=config disallowed modification of cn=schema Fixed slapd syncrepl assert during refresh at shutdown Fixed slapd syncrepl retry state during refreshDone Fixed slapd-ldap use of multi-precision add for op counters Fixed slapd-mdb idl intersection Fixed slapd-wt idl intersection Fixed slapo-memberof to omit dynamic values Fixed slapo-nestgroup leak in nestgroup_memberFilter Fixed slapo-translucent regression with subordinate databases Fixed slapo-translucent regression when requesting attributes Fixed slappw-argon2 defaults to be more secure
openldap: updated to 2.6.8 OpenLDAP 2.6.8 Release (2024/05/21) Fixed libldap exit handling with OpenSSL3 again Fixed libldap OpenSSL channel binding digest Fixed slapd handling of large uid/gids peercred auth Fixed slapd-asyncmeta/meta target structure allocations Fixed slapd-meta with dynlist Fixed slapd-meta binds when proxying internal op Added slapo-nestgroup overlay Added slapo-memberof 'addcheck' option Fixed slapo-accesslog startup initialization Fixed slapo-constraint double free on invalid attr Fixed slapo-dynlist with abandoned operations Build Fixed build with gcc14.x Fixed back-perl with clang15 Fixed to reduce systemd dependencies Contrib Added slapo-alias contrib module Fixed slapo-autogroup to work with slapo-dynlist Fixed smbk5pwd implicit function declaration Documentation Fixed slapo-memberof exattr requirements Fixed slapo-memberof is no longer deprecated Minor Cleanup
openldap* lmdb: updated to 2.6.7 OpenLDAP 2.6.7 Release (2024/01/29) Added slapo-dynlist option to disable filter support Fixed liblber missing newline on long msg Fixed libldap exit handling with OpenSSL3 Fixed libldap with TLS and multiple ldap URIs Fixed libldap OpenSSL cipher suite handling Fixed libldap OpenSSL 3.0 and Diffie-Hellman param files Fixed libldap timestamps on Windows Fixed lloadd to work when resolv.conf is missing Fixed lloadd handling of closing connection Fixed lloadd tiers to be correctly linked on startup Fixed slapd to honour disclose in matchedDN handling Fixed slapd handling of regex testing in ACLs Fixed slapd sync replication with glued database Fixed slapd local logging on Windows Fixed slapd-asyncmeta when remote suffix is empty Fixed slapo-dynlist so it can't be global Build Fixed lloadd type mismatches Fixed builds for Windows Fixed build with clang16 Documentation Fixed slapo-homedir(5) attribute name for olcHomedirArchivePath Minor Cleanup
update master sites
openldap: updated to 2.6.6 OpenLDAP 2.6.6 Release (2023/07/31) Fixed slapd cn=config incorrect handling of paused Fixed slapd-meta to account for MOD ops being optional Fixed slapd-asyncmeta to account for MOD ops being optional
openldap: updated to 2.6.5 OpenLDAP 2.6.5 Release (2023/07/10) Fixed libldap handling of TCP KEEPALIVE options Fixed libldap with async connections Fixed libldap openssl TLSv1.3 cipher suite handling Fixed slapd callback handling with overlays that do extended operations Fixed slapd conversion of pcache configurations Fixed slapd cn=config modification handling with abandon Fixed slapd-mdb online indexer termination and cleanup Fixed slapd-mdb online indexer when interrupted Fixed slapd-monitor connection cleanup Fixed slapo-constraint handling of push replication Fixed slapo-dynlist filter evaluation efficiency Fixed slapo-pcache handling of invalid schema Fixed slapo-ppolicy handling of push replication Fixed slapo-ppolicy handling of pwdMinDelay Fixed slapo-syncprov abandon handling Fixed slapo-translucent handling of invalid schema Fixed slapo-unique handling of push replication Fixed slapo-variant to improve regex handling Build Environment Fixed compatibility with stricter C99 compilers Keep .pc files during make clean Contrib Fixed slapo-variant handling of push replication Minor Cleanup
openldap: updated to 2.6.4 OpenLDAP 2.6.4 Release (2023/02/08) Fixed client tools to remove 'h' and 'p' options Fixed ldapsearch memory leak with paged results Fixed libldap ldif_open_urlto check for failure Fixed libldap ldap_url_parsehosts check for failure Fixed liblunicode UTF8bvnormalize buffer size Fixed lloadd memory leaks Fixed lloadd shutdown code to protect memory correctly Fixed lloadd race in epoch.c Fixed lloadd potential deadlock with cn=monitor Fixed lloadd to keep listener base around when not active Fixed lloadd object reclamation sequencing Fixed slapd memory leak with olcAuthIDRewrite Fixed slapd free of redundant cmdline option Fixed slapd transactions extended operations cleanup after write Fixed slapd deadlock with replicated cn=config Fixed slapd connection close logic Fixed slapd bconfig locking of cn=config entries Fixed slapd-mdb max number of index databases to 256 Fixed slapd-mdb to always release entries from ADD operations Fixed slapd-mdb to fully init empty DN in tool_entry_get Fixed slapd-monitor memory leaks with lloadd Fixed slapd-monitor to free remembered cookies Fixed slapo-accesslog reqStart ordering matching rule Fixed slapo-deref memory leak Fixed slapo-dynlist to ignore irrelevant objectClasses Fixed slapo-dynlist to avoid unnecessary searches Fixed slapo-dynlist to mark internal searches as such Fixed slapo-pcache crash in consistency_check Fixed slapo-remoteauth memory leaks Fixed slapo-rwm memory leaks Build Environment Fixed ancient DOS related ifdef checks Fixed build process to not use gmake specific features Fixed source tree to remove symlinks Fixed slapo-otp testdir creation Fixed slapd-tester memory leak Fixed usage of non-standard C syntax Fixed usage of bashism Fixed test suite portability Documentation Fixed ldap_bind(3) to document ber_bvfree in ldap_sasl_bind Fixed slapo-asyncmeta(5) to clarify scheduling for target connections Fixed slapo-dynlist(5) to clarify configuration settings Fixed slapo-unique(5) to clarify when quoting should be used Minor cleanup
openldap: fix typo in comment
openldap: updated to 2.6.3 OpenLDAP 2.6.3 Release (2022/07/14) Fixed librewrite declaration of calloc Fixed libldap to check for NULL ld Fixed libldap memory leaks Fixed lloadd to correctly tag Notice of Disconnection Fixed slapd kqueue support Fixed slapd delta-sync DN leak on ADD ops Fixed slapd replication with back-glue Fixed slapd lastbind replication with chaining Fixed slapd-ldap to correctly set authzid Fixed slapd-mdb to check for stale readers on MDB_READERS_FULL Fixed slapd-mdb indexer task with replicated config Fixed slapo-accesslog onetime memory leak Fixed slapo-ppolicy interaction with slapo-rwm Fixed slapo-rwm to handle escaping special characters Fixed slapo-syncprov memory leaks Fixed slapo-syncprov fallback in delta-sync mode Fixed slapo-unique to not release NULL entry Build Environment Added slapd-watcher -c contextDN option Fixed parallel builds Fixed test020 to skip back-wt Fixed slapd-watcher SID handling with single URI Fixed test043 with workaround Contrib Added slapo-emptyds contrib module Added slapo-ciboolean contrib module Fixed slapo-autogroup backwards compat Update ppm module to the 2.2 release Documentation Fixed ldap_get_option(3) to clarify ldap_get/set_option restrictions Fixed slapd-ldap(5),slapd-meta(5) missing bold tag on authz parameter
openldap: updated to 2.6.2 OpenLDAP 2.6.2 Added libldap support for OpenSSL 3.0 Added slapd support for OpenSSL 3.0 Fixed ldapdelete to prune LDAP subentries Fixed libldap to drop connection when non-LDAP data is received Fixed libldap to allow newlines at end of included file Fixed slapd slaptest conversion of olcLastBind Fixed slapd to correctly init global_host earlier Fixed slapd bconfig locking for cn=config replication Fixed slapd usage of thread local counters Fixed slapd to clear runqueue task correctly Fixed slapd idletimeout handling Fixed slapd syncrepl handling of new sessions Fixed slapd to clear connections on bind Fixed slapd to correctly advance connections index Fixed slapd syncrepl ODSEE replication of unknown attr Fixed slapd-asyncmeta memory leak in keepalive setting Fixed slapd-ldap memory leak in keepalive setting Fixed slapd-meta SEGV on config rewrite Fixed slapd-meta ordering on config rewrite Fixed slapd-meta memory leak in keepalive setting Fixed slapd-monitor SEGV on shutdown Fixed slapd-monitor crash when hitting sizelimit Fixed slapd-sql to properly escape filter value Added slapo-autoca support for OpenSSL 3.0 Added slapo-otp support for OpenSSL 3.0 Fixed slapo-dynlist dynamic group regression Fixed slapo-pcache SEGV on shutdown Fixed slapo-ppolicy operation handling to be consistent Fixed slapo-translucent to correctly duplicate substring filters Build Environment Add ability to override default compile time paths Fix compiliation with certain versions of gcc Fix compilation with openssl exclusions Fix warnings from make jobserver Contrib Update ppm module to the 2.1 release Documentation admin26 Document new lloadd features Fixed slapd.conf(5)/slapd-config(5) syncrepl sizelimit/timelimit documentation Fixed slapd-sock(5) to clarify "sockresps result" behavior
openldap: updated to 2.6.1 OpenLDAP 2.6.1 Release (2022/01/20) Fixed libldap to init client socket port Fixed libldap with referrals Added slapd config keyword for logfile format Fixed slapd to allow objectClass edits with no net change Fixed slapd configtable population Fixed slapd to only set loglevel in server mode Fixed slapd logfile-rotate use of uninitialized variable Fixed slapd passwd scheme handling with slapd.conf Fixed slapd postread support for modrdn Fixed slapd syncrepl recreation of deleted entries Fixed slapd syncrepl replication with ODSEE Fixed slapd syncrepl to properly replicate glue entries Fixed slapd syncrepl to reject REFRESH for precise resync Fixed slapd syncrepl to avoid busy loop during refresh Fixed slapd syncrepl when X-ORDERED is specified Fixed slapd syncrepl to better handle out of order delete ops Fixed slapd syncrepl to correctly close connections when config is deleted Fixed slapd-mdb to update indices correctly on replace ops Fixed slapd-wt to set correct flags Fixed slapo-accesslog to fix assertion due to deprecated code Fixed slapo-accesslog to fix inconsistently normalized minCSN Fixed slapo-accesslog delete handling of multi-valued config attrs Fixed slapo-autogroup to maintain values in insertion order Fixed slapo-constraint to maintain values in insertion order Fixed slapo-dyngroup to maintain values in insertion order Fixed slapo-dynlist compare operation for static groups Fixed slapo-dynlist static group filter with multiple members Fixed slapo-ppolicy when not built modularly Fixed slapo-refint to maintain values in insertion order Fixed slapo-retcode to honor requested insert position Fixed slapo-sock cn=config support Fixed slapo-syncprov memory leak Fixed slapo-syncprov to generate a more accurate accesslog query Fixed slapo-syncprov to allow empty DB to host persistent syncrepl connections Fixed slapo-syncprov to consider all deletes for sycnInfo messages Fixed slapo-translucent to warn on invalid config Fixed slapo-unique to warn on invalid config Fixed slapo-valsort to maintain values in insertion order Build Environment Fix test022 to preserve DELAY search output Fix slapd-watcher to allow startup when servers are down Contrib Fixed slapo-lastbind to work with 2.6 lastbind-precision configuration Documentation Fixed slapd.conf(5)/slapd-config(5) documentation on lastbind-precision Fixed slapo-accesslog(5) to clarify logoldattr usage
openldap: updated to 2.6.0 OpenLDAP 2.6.0 Initial release for "general use"
openldap: updated to 2.5.8 OpenLDAP 2.5.8 Release (2021/10/11) Fixed libldap ldap_int_tls_connect: isdigit() requires unsigned char Fixed libldap memory leak in ldap_get_option LDAP_OPT_X_TLS_PEERCERT Fixed slapd to allow normalized values for namingContexts in cn=monitor Fixed slapd to normalize the suffix in rootDSE Fixed slapd slapadd to avoid destroying configDB prematurely Fixed slapd to not spam logs with lastbind information Fixed slapd slaptest migration to correctly set olcTSLVerifyClient Fixed slapd-mdb multival delete handling Fixed slapd-sql ldap_entry_objectclass table for mariadb/mysql Fixed slapd-wt multiple issues Fixed slapd-wt to close cache db correctly Fixed slapo-ppolicy to restore OpenLDAP 2.4 compatibilty Fixed slapo-syncprov to free uuid list when finished replaying sessionlog Build Fixed libldap result.c compilation on musl systems Fixed slapd duplicate definition of peerbv Fixed test suite with memberof modular builds Contrib Added man page for ppm contrib module Fix crash when pwdCheckModuleArg is not defined for ppm Documentation Fixed guide download link for heimdal Fixed guide documentation for TLSECName Fixed guide documentation missing tags Fixed guide loadbalancer typo Fixed guide synprov-nopresent redundant text Fixed guide various typos and fix config alignment Removed ppolicy.schema from servers/slapd/schema/README Fixed slapd.conf(5)/slapd-config(5) to document default for database monitoring Fixed slapd-meta(5)/slapd-asyncmeta(5) verbiage for try-propagate Fixed slapo-syncprov(5) to note entryCSN indexing is highly recommended
openldap: updated to 2.5.7 OpenLDAP 2.5.7 Release (2021/08/18) Fixed lloadd client state tracking Fixed slapd bconfig to canonicalize structuralObjectclass Fixed slapd-ldif duplicate controls response Fixed slapd-mdb multival crash when attribute is missing an equality matchingrule Fixed slapd-mdb compatibility with OpenLDAP 2.4 MDB databases Fixed slapd-mdb idlexp maximum size handling Fixed slapd-monitor number of ops executing with asynchronous backends Fixed slapd-sql to add support for ppolicy attributes Fixed slapd-sql to close transactions after bind and search Fixed slapo-accesslog to make reqMod optional Fixed slapo-ppolicy logging when pwdChangedTime attribute is not present Documentation slapd-mdb(5) note max idlexp size is 30, not 31 slapo-accesslog(5) note that reqMod is optional Add ldapvc(1) man page Add guide section on load balancer Updated guide to document multiprovider as replacement for mirrormode Updated guide to clarify slapd-mdb upgrade requirements Updated guide to document removal of deprecated options from client tools OpenLDAP 2.5.6 Release (2021/07/27) Fixed libldap buffer overflow Fixed libldap missing mutex unlock on connection alloc failure Fixed lloadd cn=config olcBkLloadClientMaxPending setting Fixed slapd multiple config defaults Fixed slapd ipv6 addresses to work with tcp wrappers Fixed slapo-syncprov delete of nonexistent sessionlog Build Fixed library symbol versioning on Solaris Fixed compile warning in libldap/tpool.c Fixed compile warning in libldap/tls_o.c Contrib Fixed ppm module for sysconfdir Documentation Updated guide to document multival, idlexp, and maxentrysize OpenLDAP 2.5.5 Release (2021/06/03) Added libldap LDAP_OPT_TCP_USER_TIMEOUT support Added lloadd tcp-user-timeout support Added slapd-asyncmeta tcp-user-timeout support Added slapd-ldap tcp-user-timeout support Added slapd-meta tcp-user-timeout support Fixed incorrect control OIDs for AuthZ Identity Fixed libldap typo in util-int.c Fixed libldap double free of LDAP_OPT_DEFBASE Fixed libldap better TLS1.3 cipher suite handling Fixed lloadd multiple issues Fixed slapd slap_op_time to avoid duplicates across restarts Fixed slapd typo in daemon.c Fixed slapd slapi compilation Fixed slapd to handle empty DN in extended filters Fixed slapd syncrepl searches with empty base Fixed slapd syncrepl refresh on startup Fixed slapd abort due to typo Fixed slapd-asyncmeta quarantine handling Fixed slapd-asyncmeta to have a default operations timeout Fixed slapd-ldap quarantine handling Fixed slapd-mdb deletion of context entry Fixed slapd-mdb off-by-one affecting search scope Fixed slapd-meta quarantine handling Fixed slapo-accesslog to record reqNewDN for modRDN ops Fixed slapo-pcache locking during expiration Build Fixed slappw-argon2 module installation Contrib Update ldapc++/ldaptcl to use configure.ac Documentation ldap_first_attribute(3) - Document ldap_get_attribute_ber ldap_modify(3) - Delete non-existent mod_next parameter OpenLDAP 2.5.4 Release (2021/04/29) Initial release for "general use".
openldap: updated to 2.4.59 OpenLDAP 2.4.59 Release (2021/06/03) Fixed libldap TLSv1.3 cipher suites with OpenSSL 1.1.1 Fixed libldap double free of LDAP_OPT_DEFBASE Fixed slapd syncrepl handling of add+delete on single value attr Fixed slapd-mdb cursor init check Fixed slapd-mdb deletion of context entry Fixed slapd-mdb off-by-one affecting search scope Fixed slapo-pcache locking during expiration Contrib Fixed slapo-autogroup to not thrash thread context Documentation ldap_modify(3) - Delete non-existent mod_next parameter
openldap: remove dead master site
openldap: updated to 2.4.58 OpenLDAP 2.4.58 Fixed slapd validity checks for issuerAndThisUpdateCheck Fixed slapd to alloc new conn struct after freeing old one Fixed slapd syncrepl to check all contextCSNs Fixed slapd-bdb lockdetect config
openldap: updated to 2.4.57 OpenLDAP 2.4.57 Release (2021/01/18) Fixed ldapexop to use correct return code Fixed slapd to remove asserts in UUIDNormalize Fixed slapd to remove assert in csnValidate Fixed slapd validity checks for issuerAndThisUpdateCheck Fixed slapd validity checks for serialNumberAndIssuerCheck Fixed slapd AVA sort with invalid RDN Fixed slapd ldap_X509dn2bv to check for invalid BER after RDN count Fixed slapd saslauthz to remove asserts in validation Fixed slapd saslauthz to use slap_sl_free on normalized DN Fixed slapd saslauthz SEGV in slap_parse_user Fixed slapd modrdn memory leak Fixed slapd double-free in vrfilter Fixed slapd cancel operation to correctly terminate Fixed slapd-ldap fix binds on retry with closed connection Fixed slapo-syncprov to ignore duplicate sessionlog entries
openldap: updated to 2.4.56 OpenLDAP 2.4.56 Fixed slapd to remove assert in certificateListValidate Fixed slapd to remove assert in csnNormalize23 Fixed slapd to better parse ldapi listener URIs
openldap: updated to 2.4.55 OpenLDAP 2.4.55 Release Fixed slapd normalization handling with modrdn Fixed slapd-meta to check ldap_install_tls return code Contrib Fixed nssov misplaced semicolon
openldap: updated to 2.4.54 OpenLDAP 2.4.54 Fixed slapd delta-syncrepl to ignore delete ops on deleted entry Fixed slapd delta-syncrepl to be fully serialized Fixed slapd delta-syncrepl MOD on zero-length context entry Fixed slapd sessionlog to use a TAVL tree Fixed slapd syncrepl to be fully serialized Fixed slapd syncrepl to call check_syncprov on fresh consumer Fixed slapd syncrepl to propagate errors from overlay_entry_get_ov Fixed slapd syncrepl to not create empty ADD ops Fixed slapd syncrepl replace usage on single valued attrs Fixed slapd-monitor fix monitor_back_register_database for empty suffix DB Fixed slapo-accesslog normalizer for reqStart Fixed slapo-accesslog to not generate new contextCSN on purge Fixed slapo-syncprov contextCSN generation with empty suffix
openldap: updated to 2.4.53 OpenLDAP 2.4.53 Added slapd syncrepl additional SYNC logging Fixed slapd syncrepl segfault on NULL cookie on REFRESH Fixed slapd syncrepl to use fresh connection on REFRESH fallback Fixed slapo-ppolicy race condition for pwdFailureTime Build Require OpenSSL 1.0.2 or later Fixed libldap compilation issue with broken C compilers
openldap: updated to 2.4.52 OpenLDAP 2.4.52 (2020/08/28) Added libldap LDAP_OPT_X_TLS_REQUIRE_SAN option Added libldap OpenSSL support for multiple EECDH curves Added slapd OpenSSL support for multiple EECDH curves Fixed librewrite malloc/free corruption Fixed libldap hang when using UDP and server down Fixed slapd syncrepl rare deadlock due to network issues Fixed slapd syncrepl regression that could trigger an assert Fixed slapd-mdb index error with collapsed range
openldap: updated to 2.4.51 OpenLDAP 2.4.51 Engineering Fixed libldap retry loop in ldap_int_tls_connect
Pullup ticket #6186 - requested by adam databases/openldap: security fix databases/lmdb: dependent update Revisions pulled up: - databases/lmdb/Makefile 1.10 - databases/lmdb/distinfo 1.10 - databases/openldap-doc/Makefile 1.30 - databases/openldap-doc/distinfo 1.22 - databases/openldap-server/Makefile 1.58 - databases/openldap/Makefile.version 1.20 - databases/openldap/distinfo 1.115 --- Module Name: pkgsrc Committed By: adam Date: Wed Apr 29 07:31:53 UTC 2020 Modified Files: pkgsrc/databases/lmdb: Makefile distinfo pkgsrc/databases/openldap: Makefile.version distinfo pkgsrc/databases/openldap-doc: Makefile distinfo pkgsrc/databases/openldap-server: Makefile Log Message: openldap: updated to 2.4.50 OpenLDAP 2.4.50 Engineering Fixed client benign typos Fixed libldap type cast Fixed libldap retry loop in ldap_int_tls_connect Fixed libldap_r race on Windows mutex initialization Fixed liblunicode memory leak Fixed slapd benign typos Fixed slapd-mdb memory leak in dnSuperiorMatch Fixed slapo-pcache database initialization Fixed slapo-ppolicy callback Build Fix olcDatabaseDummy initialization for windows Fix detection for ws2tcpip.h for windows Fix back-mdb types for windows Contrib Update ldapc++ config.guess and config.sub to support newer architectures Added pw-argon2 module Documentation slapd-ldap(5) - Clarify idassert-authzfrom behavior slapd-meta(5) - Remove client-pr option slapdinex(8) - Fix truncate option information for back-mdb
openldap: updated to 2.4.50 OpenLDAP 2.4.50 Engineering Fixed client benign typos Fixed libldap type cast Fixed libldap retry loop in ldap_int_tls_connect Fixed libldap_r race on Windows mutex initialization Fixed liblunicode memory leak Fixed slapd benign typos Fixed slapd-mdb memory leak in dnSuperiorMatch Fixed slapo-pcache database initialization Fixed slapo-ppolicy callback Build Fix olcDatabaseDummy initialization for windows Fix detection for ws2tcpip.h for windows Fix back-mdb types for windows Contrib Update ldapc++ config.guess and config.sub to support newer architectures Added pw-argon2 module Documentation slapd-ldap(5) - Clarify idassert-authzfrom behavior slapd-meta(5) - Remove client-pr option slapdinex(8) - Fix truncate option information for back-mdb
openldap: updated to 2.4.49 OpenLDAP 2.4.49: Added slapd-monitor database entry count for slapd-mdb Fixed client tools to not add controls on cancel/abandon Fixed client tools SyncInfo message to be LDIF compliant Fixed libldap to correctly free sb Fixed libldap descriptor leak if ldaps fails Fixed libldap remove unnecessary global mutex for GnuTLS Fixed slapd syntax evaluation of preferredDeliveryMethod Fixed slapd to relax domainScope control check Fixed slapd to have cleaner error handling during connection setup Fixed slapd data check when processing cancel exop Fixed slapd attribute description processing Fixed slapd-ldap to set oldctrls correctly Fixed slapd-mdb to honor unchecked limit with alias deref Fixed slapd-mdb missing final commit with slapindex Fixed slapd-mdb drop attr mappings added in an aborted txn Fixed slapd-mdb nosync FLAG configuration handling Fixed slapd-monitor global operation counter reporting Fixed slapo-ppolicy when used with slapauth Fixed slapo-ppolicy to add a missed normalised copy of pwdChangedTime Fixed slapo-syncprov fix sessionlog init Fixed slapo-unique loop termination Build Environment Fix mkdep to honor TMPDIR if set Remove ICU library detection Update config.guess and config.sub to support newer architectures Disable ITS8521 regression test as it is no longer valid Documentation admin24 - Fix inconsistent whitespace in replication section slapd-config(5)/slapd.conf(5) - Fix missing bold tag for keyword slapd-ldap(5) - Document "tls none" option slapo-ppolicy(5) - Correctly document pwdGraceAuthnLimit
all: migrate homepages from http to https pkglint -r --network --only "migrate" As a side-effect of migrating the homepages, pkglint also fixed a few indentations in unrelated lines. These and the new homepages have been checked manually.
openldap: updated to 2.4.48 OpenLDAP 2.4.48 Added libldap OpenSSL Elliptic Curve support Added libldap Expose OpenLDAP specific interfaces via openldap.h Added slapd-monitor support for slapd-mdb Fixed liblber leaks Fixed liblber with partial flush Fixed libldap ASYNC TLS so it works Fixed libldap ASYNC connections with Solaris 10 Fixed libldap with SASL_NOCANON=on and ldapi connections Fixed libldap to be able to unset syncrepl TLS options Fixed libldap race condition in ldap_int_initialize Fixed libldap return code in ldap_create_assertion_control_value Fixed libldap to correctly disable IPv6 when configured to do so Fixed libldap to correctly close TLS connection Fixed libldap_r handling of deprecated OpenSSL function Fixed liblunicode case correspondance Fixed slapd with an idletimeout of less than four seconds Fixed slapd config parser variable for Windows64 Fixed slapd syncrepl fallback handling with delta-syncrepl Fixed slapd telephoneNumberNormalize, cert DN validation Fixed slapd syncrepl for relax with delta-syncrepl Fixed slapd to restrict rootDN proxyauthz to its own databases Fixed slapd to initialize SASL SSF per connection Fixed slapo-accesslog with SLAP_MOD_SOFT modifications Fixed slapd-ldap starttls connections timeout behavior Fixed slapd-ldap segfault when entry result doesn't match filter Fixed slapd-meta conversion from slapd.conf to cn=config Fixed slapd-meta assertion when network interface goes down Fixed slapd-mdb fix bitshift integer overflow Fixed slapd-mdb index cleanup with cn=config Fixed slapd-mdb to improve performance with alias deref Fixed slapo-accesslog possible assert with exops Fixed slapo-chain to correctly reject multiple chaining URIs Fixed slapo-chain conversion from slapd.conf to cn=config Fixed slapo-memberof conversion from slapd.conf to cn=config Fixed slapo-memberof for group name change to itself Fixed slapo-ppolicy behavior when pwdInHistory is changed Fixed slapo-rwm to not free original filter Fixed slapo-syncprov contextCSN generation Build Environment Fixed slapd to only link to BDB libraries with static build Fixed libldap implicit declaration with LDAP_CONNECTIONLESS Fixed libldap double inclusion of limits.h in cyrus.c Documentation General - Fixed minor typos admin24 - Miscellaneous updates promoting mdb and fixing examples slapd.access(5) - Note MDB is the primary backend slapd.backends(5) - Note MDB is the recommended backend slapd-ldap(5) - Document starttls parameter Contrib Added slapo-lastbind capability to forward authTimestamp updates
openldap: updated to 2.4.47 OpenLDAP 2.4.47: Added slapd-sock DN qualifier for subtrees to be processed Added slapd-sock ability to send extended operations to external listeners Fixed liblber to avoid incremental access to user-supplied bv in dupbv Fixed libldap dn to domain parsing with bad input Fixed slapd slapcat to correctly honor -g option Fixed slapd to correctly handle NO_SUCH_OBJECT with dynamic groups Fixed slapd to check status of rdnNormalize Fixed slapd cn=config when modifying slapo-syncprov config Fixed slapd sasl authz-policy "all" behavior Fixed slapd sasl minor typo Fixed slapd to correctly hide hidden DBs in the rootDSE Fixed slapd domainScope control to match Microsoft specification Fixed slapd-bdb/hdb/mdb to not convert certain IDLs to ranges Fixed slapo-accesslog deadlock during cleanup Fixed slapo-memberof cn=config modifications Fixed slapo-ppolicy with multimaster replication Fixed slapo-syncprov with NULL modlist Build Environment Added slapd reproducible build support Fixed missing includes with OpenSSL 1.0.2 Contrib Fixed slapo-pbkdf2 hash generation Documentation admin24 fixed minor typo
openldap: updated to 2.4.46 OpenLDAP 2.4.46 Release (2018/03/22) Fixed libldap connection delete callbacks when TLS fails to start Fixed libldap to not reuse tls_session if TLS hostname check fails Fixed libldap cross-compiling with OpenSSL 1.1 Fixed libldap OpenSSL 1.1.1 compatibility with BIO_method Fixed libldap MozNSS CA certificate hash matching Fixed libldap MozNSS with PEM certs when also using an NSS cert db Fixed libldap MozNSS initialization Fixed libldap GnuTLS with GNUTLS_E_AGAIN Fixed libldap memory leak with cancel operations Fixed slapd Eventlog registry key creation on 64-bit Windows Fixed slapd to maintain SSF across SASL binds Fixed slapd syncrepl deadlock when updating cookie Fixed slapd syncrepl callback to always be last in the stack Fixed slapd telephoneNumberNormalize when the value is spaces and hyphens Fixed slapd CSN queue processing Fixed slapd-ldap TLS connection timeout with high latency connections Fixed slapd-ldap to ignore unknown schema when omit-unknown-schema is set Fixed slapd-mdb with an optimization for long lived read transactions Fixed slapd-meta assert when olcDbRewrite is modified Fixed slapd-sock with LDAP_MOD_INCREMENT operations Fixed slapo-accesslog cleanup to only occur on failed operations Fixed slapo-dds entryTTL to actually decrease as per RFC 2589 Fixed slapo-syncprov memory leak with delete operations Fixed slapo-syncprov to not clear pending operation when checkpointing Fixed slapo-syncprov to correctly record contextCSN values in the accesslog Fixed slapo-syncprov not to log checkpoints to accesslog db Fixed slapo-syncprov to process changes from this SID on REFRESH Fixed slapo-syncprov session log parsing to not block other operations Build Environment Fixed Windows build with newer MINGW version Fixed compiler warnings and removed unused variables Contrib Fixed ldapc++ Control structure Documentation Delete stub manpage for back-ldbm Fixed ldap_bind(3) to mention the LDAP_SASL_SIMPLE mechanism Fixed ldap.conf(5) to note SASL_MECH/SASL_REALM are no longer user-only Fixed slapd-config(5) typo for olcTLSCipherSuite Fixed slapo-syncprov(5) indexing requirements
OpenLDAP 2.4.45 Release (2017/06/01) Added slapd support for OpenSSL 1.1.0 series (ITS-8353, ITS-8533, ITS-8634) Fixed libldap to fail ldap_result if the handle is already bad (ITS-8585) Fixed libldap to expose error if user specified CA doesn't exist (ITS-8529) Fixed libldap handling of Diffie-Hellman parameters (ITS-7506) Fixed libldap GnuTLS use after free (ITS-8385) Fixed libldap SASL initialization (ITS-8648) Fixed slapd bconfig rDN escape handling (ITS-8574) Fixed slapd segfault with invalid hostname (ITS-8631) Fixed slapd sasl SEGV rebind in same session (ITS-8568) Fixed slapd syncrepl filter handling (ITS-8413) Fixed slapd syncrepl infinite looping mods with delta-sync MMR (ITS-8432) Fixed slapd callback struct so older modules without writewait should function. Custom modules may need to be updated for sc_writewait callback (ITS-8435) Fixed slapd-ldap/meta broken LDAP_TAILQ macro (ITS-8576) Fixed slapd-mdb so it passes ITS6794 regression test (ITS-6794) Fixed slapd-mdb double free with size zero paged result (ITS-8655) Fixed slapd-meta uninitialized diagnostic message (ITS-8442) Fixed slapo-accesslog to honor pauses during purge for cn=config update (ITS-8423) Fixed slapo-accesslog with multiple modifications to the same attribute (ITS-6545) Fixed slapo-relay to correctly initialize sc_writewait (ITS-8428) Fixed slapo-sssvlv double free (ITS-8592) Fixed slapo-unique with empty modifications (ITS-8266) Build Environment Added test065 for proxyauthz (ITS-8571) Fix test008 to be portable (ITS-8414) Fix test064 to wait for slapd to start (ITS-8644) Fix its4336 regression test (ITS-8534) Fix its4337 regression test (ITS-8535) Fix regression tests to execute on all backends (ITS-8539) Contrib Added slapo-autogroup(5) man page (ITS-8569) Added passwd missing conversion scripts for apr1 (ITS-6826) Fixed contrib modules where the writewait callback was not correctly initialized (ITS-8435) Fixed smbk5pwd to build with newer OpenSSL releases (ITS-8525) Documentation admin24 fixed tls_cipher_suite bindconf option (ITS-8099) admin24 fixed typo cn=config to be slapd.d (ITS-8449) admin24 fixed slapo-syncprov information to be curent (ITS-8253) admin24 fixed typo in access control docs (ITS-7341, ITS-8391) admin24 fixed minor typo in tuning guide (ITS-8499) admin24 fixed information about the limits option (ITS-7700) admin24 fixed missing options for syncrepl configuration (ITS-7700) admin24 fixed accesslog documentation to note it should not be replicated (ITS-8344) Fixed ldap.conf(5) missing information on SASL_NOCANON option (ITS-7177) Fixed ldapsearch(1) information on the V[V] flag behavior (ITS-7177, ITS-6339) Fixed slapd-config(5), slapd.conf(5) clarification on interval keyword for refreshAndPersist (ITS-8538) Fixed slapd-config(5), slapd.conf(5) clarify serverID requirements (ITS-8635) Fixed slapd-config(5), slapd.conf(5) clarification on loglevel settings (ITS-8123) Fixed slapo-ppolicy(5) to clearly note rootdn requirement (ITS-8565) Fixed slapo-memberof(5) to note it is not safe to use with replication (ITS-8613) Fixed slapo-syncprov(5) documentation to be current (ITS-8253) Fixed slapadd(8) manpage to note slapd-mdb (ITS-8215) Fixed various minor grammar issues in the man pages (ITS-8544) Fixed various typos (ITS-8587)
OpenLDAP 2.4.44 Release (2016/02/05) Fixed slapd-bdb/hdb missing olcDbChecksum config attr (ITS-8337) Fixed slapd-mdb behavior with long lived read transactions (ITS-8226) Fixed slapd-mdb cleanup after failed transaction (ITS-8360) Fixed slapd-sql missing id_query/olcSqlIdQuery (ITS-8329) Fixed slapo-accesslog callback initialization (ITS-8351) Fixed slapo-ppolicy pwdMaxRecordedFailure must never be zero (ITS-8327) Fixed slapo-syncprov abandon processing (ITS-8354) Fixed slapo-syncprov ctxcsn snapshot on refresh (ITS-8281, ITS-8365) Documentation admin24 Stop linking to Berkeley DB downloads (ITS-8362) admin24 Update documentation for LMDB preference
OpenLDAP 2.4.43 Release (2015/11/30) Fixed liblber remove obsolete assert (ITS-8240, ITS-8301) Fixed libldap file URLs on windows (ITS-8273) Fixed libldap microsecond timer for windows (ITS-8295) Fixed slap tools minor one time memory leak (ITS-8082) Fixed slapd to avoid redundant processing of abandon ops (ITS-8232) Fixed slapd syncrepl segv when present list is NULL (ITS-8231, ITS-8042) Fixed slapd segfault with invalid SASL URI (ITS-8218) Fixed slapd configuration parser with unbalanced quotes (ITS-8233) Fixed slapd syncrepl check with config db on windows (ITS-8277) Fixed slapd with mod Increment and inherited attribute type (ITS-8289) Fixed slapd-ldap SEGV after failed retry (ITS-8173) Fixed slapd-ldap to skip client controls in ldap_back_entry_get (ITS-8244) Fixed slapd-null to have an option to return a search entry (ITS-8249) Fixed slapd-relay to correctly handle quoted options (ITS-8284) Fixed slapo-accesslog delta-sync MMR with interrupted refresh phase (ITS-8281) Fixed slapo-dds segfault when using slapo-memberof (ITS-8133) Fixed slapo-ppolicy to allow purging of stale pwdFailureTime attributes (ITS-8185) Fixed slapo-ppolicy to release entry on failure (ITS-7537) Fixed slapo-ppolicy to fall back to default policy if there is a parsing error (ITS-8234) Fixed slapo-syncprov with interrupted refresh phase (ITS-8281) Fixed slapo-refint with subtree renames (ITS-8220) Fixed slapo-rwm missing olcDropUnrequested attribute (ITS-7889) Fixed slapo-rwm parsing to avoid double-escaping rewrite rules (ITS-7964) Build Environment Fixed ldif-filter option parsing (ITS-8292) Fixed slapd-tester EOL handling in test output for windows (ITS-8280) Fixed slapd-tester executable suffix for windows (ITS-8216) Fixed test061 timing issues (ITS-8297) Contrib Added libnettle support to pw-pbkdf2 (ITS-8198) Fixed smbk5pwd compiler warnings with libnettle (ITS-8235) Fixed passwd symbol collisions with other crypto libraries (ITS-8294) Documentation Updated guide to reflect changes to how TLS is handled with syncrepl
OpenLDAP 2.4.42 Release (2015/08/14) Fixed liblber address length for CLDAP (ITS 8158) Fixed libldap dnssrv potential overflow with port number (ITS 7027,ITS 8195) Fixed slapd cn=config when updating olcAttributeTypes (ITS 8199) Fixed slapd-mdb to correctly update search candidates for scoped searches (ITS 8203) Fixed slapo-ppolicy with redundant mod ops on glued trees (ITS 8184) Fixed slapo-rwm crash when deleting rewrite rules (ITS 8213) Build Environment Fixed libdb detection with gcc 5.x (ITS 8056)
OpenLDAP 2.4.41 Release (2015/06/21) Fixed ldapsearch to explicitly flush its buffer (ITS-8118) Fixed libldap async connections (ITS-8090) Fixed libldap double free of request during abandon (ITS-7967) Fixed libldap error string for LDAP_X_CONNECTING (ITS-8093) Fixed libldap segfault in ldap_sync_initialize (ITS-8001) Fixed libldap ldif-wrap off by one error (ITS-8003) Fixed libldap handling of TLS in async mode (ITS-8022) Fixed libldap null pointer dereference (ITS-8028) Fixed libldap mutex handling with LDAP_OPT_SESSION_REFCNT (ITS-8050) Fixed slapd slapadd config db import of minimal frontend entry (ITS-8150) Fixed slapd slapadd onetime leak with -w (ITS-8014) Fixed slapd sasl auxprop crash with invalid config (ITS-8092) Fixed slapd syncrepl delta-mmr issue with overlays and slapd.conf (ITS-7976) Fixed slapd syncrepl mutex for cookie state (ITS-7968) Fixed slapd syncrepl memory leaks (ITS-8035) Fixed slapd syncrepl to free presentlist at end of refresh mode (ITS-8038) Fixed slapd syncrepl to streamline presentlist (ITS-8042) Fixed slapd syncrepl concurrency when CHECK_CSN is enabled (ITS-8120) Fixed slapd rootdn checks for hidden backends (ITS-8108) Fixed slapd segfault when using matched values control (ITS-8046) Fixed slapd-ldap reconnection behavior on remote failure (ITS-8142) Fixed slapd-mdb minor case typo (ITS-8049) Fixed slapd-mdb one-level search (ITS-7975) Fixed slapd-mdb heap corruption (ITS-7965) Fixed slapd-mdb crash after deleting in-use schema (ITS-7995) Fixed slapd-mdb minor code cleanup (ITS-8011) Fixed slapd-mdb to return errors when using incorrect env flags (ITS-8016) Fixed slapd-mdb to correctly update search candidates (ITS-8036, ITS-7904) Fixed slapd-mdb when there were more than 65535 aliases in scope (ITS-8103) Fixed slapd-mdb alias deref when objectClass is not indexed (ITS-8146) Fixed slapd-meta TLS initialization with ldaps URIs (ITS-8022) Fixed slapd-meta to have better error logging (ITS-8131) Fixed slapd-perl conversion to cn=config (ITS-8105) Fixed slapd-sql autocommit config variable (ITS-8129,ITS-6613) Fixed slapo-collect segfault (ITS-7797) Fixed slapo-constraint with 0 count constraint (ITS-7780,ITS-7781) Fixed slapo-deref with empty attribute list (ITS-8027) Fixed slapo-memberof to correctly reject invalid members (ITS-8107) Fixed slapo-sock result parser for CONTINUE (ITS-8048) Fixed slapo-syncprov synprov_matchops usage of test_filter (ITS-8013) Fixed slapo-syncprov segfault on disconnect/abandon (ITS-5452,ITS-8012) Fixed slapo-syncprov memory leak (ITS-8039) Fixed slapo-syncprov segfault on disconnect/abandon (ITS-8043) Fixed slapo-syncprov deadlock when autogroup is in use (ITS-8063) Fixed slapo-syncprov potential loss of changes when under load (ITS-8081) Fixed slapo-unique enforcement of uniqueness with manageDSAit control (ITS-8057) Build Environment Fixed libdb detection with gcc 5.x (ITS-8056) Fixed ftello reference for Win32 (ITS-8127) Enhanced contrib modules build paths (ITS-7782) Fixed contrib/autogroup internal operation identity (ITS-8006) Fixed contrib/autogroup to skip internal ops with accesslog (ITS-8065) Fixed contrib/passwd/sha2 compiler warning (ITS-8000) Fixed contrib/noopsrch compiler warning (ITS-7998) Fixed contrib/dupent compiler warnings (ITS-7997) Test suite: Added vrFilter test (ITS-8046) Contrib Added pbkdf2 sha256 and sha512 schemes (ITS-7977) Fixed autogroup modification callback responses (ITS-6970) Fixed nssov compare with usergroup (ITS-8079) Fixed nssov password change behavior (ITS-8080) Fixed nssov updated to 0.9.4 (ITS-8097) Documentation Added ldap_get_option(3) LDAP_FEATURE_INFO_VERSION information (ITS-8032) Added ldap_get_option(3) LDAP_OPT_API_INFO_VERSION information (ITS-8032) Fixed slapd-config(5), slapd.conf(5) tls_cipher_suite option (ITS-8099) Fixed slapd-meta(5), slapd-ldap(5) tls_cipher_suite option (ITS-8099) Fixed slapd-meta(5) fix minor typo (ITS-7769)
Changes 2.4.40: Fixed libldap DNS SRV priority handling (ITS-7027) Fixed libldap don't leak libldap err codes (ITS-7676) Fixed libldap CR/LF handling (ITS-4635) Fixed libldap ldif-wrap length (ITS-7871) Fixed libldap GnuTLS ciphersuite parsing (ITS-7500) Fixed libldap GnuTLS with newer versions (ITS-7430,ITS-6359) Fixed libldif to correctly handle 4096 character lines (ITS-7859) Fixed librewrite reference counting (ITS-7723) Fixed slapacl with back-mdb reader transactions (ITS-7920) Fixed slapd syncrepl to send cookie on fallback (ITS-7849) Fixed slapd syncrepl SEGV when abandoning a connection (ITS-7928) Fixed slapd slapcat with external schema (ITS-7895) Fixed slapd schema RDN normalization (ITS-7935) Fixed slapd with repeated language tags (ITS-7941) Fixed slapd modrdn crash on naming attr with no matching rule (ITS-7850) Fixed slapd memory leak in control handling (ITS-7942) Fixed slapd-ldap removed dead code (ITS-7922) Fixed slapd-mdb to work concurrently with slapadd (ITS-7798) Fixed slapd-mdb with paged results (ITS-7705, ITS-7800) Fixed slapd-mdb slapcat with nonexistent indices (ITS-7870) Fixed slapd-mdb long lived reader transactions (ITS-7904) Fixed slapd-mdb memory leak on matchedDN (ITS-7872) Fixed slapd-mdb sorting of attribute values (ITS-7902) Fixed slapd-mdb to flag attribute values as sorted (ITS-7903) Fixed slapd-mdb index config handling (ITS-7912) Fixed slapd-mdb entry release handling (ITS-7915) Fixed slapd-mdb with aliases and referrals (ITS-7927) Fixed slapd-mdb alias dereferencing (ITS-7702) Fixed slapd-sock socket flushing (ITS-7937) Fixed slapo-accesslog attribute normalization (ITS-7934) Fixed slapo-accesslog internal search logging (ITS-7929) Fixed slapo-auditlog connection destroy logic (ITS-7906,ITS-7923) Fixed slapo-chain interaction with slapo-rwm (ITS-7930) Fixed slapo-constraint connection destroy logic (ITS-7906,ITS-7923) Fixed slapo-dds connection destroy logic (ITS-7906,ITS-7923) Fixed slapo-dyngroup connection destroy logic (ITS-7906,ITS-7923) Fixed slapo-memberof attr count (ITS-7893) Fixed slapo-memberof frontendDB handling (ITS-7249) Fixed slapo-memberof internal search logging (ITS-7929) Fixed slapo-pcache config processing (ITS-7919) Fixed slapo-pcache connection destroy logic (ITS-7906,ITS-7923) Added slapo-ppolicy ORDERING rules (ITS-7838) Fixed slapo-ppolicy timestamp resolution to use microseconds (ITS-7161) Fixed slapo-ppolicy connection destroy logic (ITS-7906,ITS-7923) Fixed slapo-refint to check for pauses in cn=config (ITS-7873) Fixed slapo-refint internal search logging (ITS-7929) Fixed slapo-refint connection destroy logic (ITS-7906,ITS-7923) Fixed slapo-seqmod connection destroy logic (ITS-7906,ITS-7923) Fixed slapo-slapover connection destroy logic (ITS-7906,ITS-7923) Fixed slapo-sock db_init (ITS-7868) Fixed slapo-sssvlv fix olcSssVlvMaxPerConn (ITS-7908) Fixed slapo-translucent double free (ITS-7587) Fixed slapo-translucent to work with manageDSAit (ITS-7864) Fixed slapo-translucent to use local backend with local entries (ITS-7915) Fixed slapo-unique connection destroy logic (ITS-7906,ITS-7923) Fixed slapcacl with invalid suffix
Changes 2.4.39: Fixed libldap MozNSS crash Fixed libldap memory leak with SASL Fixed libldap assert in parse_passwdpolicy_control Fixed libldap shortcut NULL RDNs Fixed libldap deref to use correct control Fixed liblmdb keysizes with mdb_update_key Fixed slapd cn=config olcDbConfig modification Fixed slapd-bdb/hdb to bail out of search if config is paused Fixed slapd-bdb/hdb indexing issue with derived attributes Fixed slapd-mdb to bail out of search if config is paused Fixed slapd-mdb indexing issue with derived attributes Fixed slapd-perl to bail out of search if config is paused Fixed slapd-sql to bail out of search if config is paused Fixed slapo-constraint handling of softadd/softdel Fixed slapo-syncprov assert with findbase Build Environment Test suite: Use $(MAKE) for tests Documentation admin24 fix TLSDHParamFile to be correct
Changes 2.4.38: Fixed liblmdb nordahead flag Fixed liblmdb to check cursor index before cursor_del Fixed liblmdb wasted space on split Fixed slapd for certs with a NULL issuerDN Fixed slapd cn=config with empty nested includes Fixed slapd syncrepl memory leak with delta-sync MMR Fixed slapd-bdb/hdb to stop processing on dn not found Fixed slapd-bdb/hdb with indexed ANDed filters Fixed slapd-mdb to stop processing on dn not found Fixed slapd-mdb dangling reader Fixed slapd-mdb matching rule for OlcDbEnvFlags Fixed slapd-mdb with indexed ANDed filters Fixed slapd-meta from blocking other threads Fixed slapo-syncprov assert with findbase
Changes 2.4.37: Added liblmdb nordahead environment flag Fixed client tools CLDAP with IPv6 Fixed libldap CLDAP with IPv6 Fixed libldap lock ordering with abandon op Fixed liblmdb segfault with mdb_cursor_del Fixed liblmdb when converting to writemap Fixed liblmdb assert on MDB_NEXT with delete Fixed liblmdb wasted space on split Fixed slapd cn=config with olcTLSProtocolMin Fixed slapd-bdb/hdb optimize index updates Fixed slapd-ldap chaining with cn=config Fixed slapd-ldap chaning with controls Fixed slapd-mdb optimize index updates Fixed slapd-meta chaining with cn=config Fixed slapo-constraint to no-op on nonexistent entries Fixed slapo-dds assert on startup Fixed slapo-memberof to not replicate internal ops Fixed slapo-refint to not replicate internal ops Build Environment Fixed slapd-mdb ptr arithmetic on void *s Documentation ldapsearch(1) minor typo fix slapd-passwd(5) minor typo fix
Changes 2.4.36: Added back-meta target filter patterns (ITS 7609) Added liblmdb mdb_txn_env to API (ITS 7660) Fixed libldap CLDAP with uninit'd memory (ITS 7582) Fixed libldap with UDP (ITS 7583) Fixed libldap OpenSSL TLS versions (ITS 7645) Fixed liblmdb MDB_PREV behavior (ITS 7556) Fixed liblmdb transaction issues (ITS 7515) Fixed liblmdb mdb_drop overflow page return (ITS 7561) Fixed liblmdb nested split (ITS 7592) Fixed liblmdb overflow page behavior (ITS 7620) Fixed liblmdb race condition with read and write txns (ITS 7635) Fixed liblmdb mdb_del behavior with MDB_DUPSORT and mdb_del (ITS 7658) Fixed slapd cn=config with unknown schema elements (ITS 7608) Fixed slapd cn=config with loglevel 0 (ITS 7611) Fixed slapd slapi filterlist free behavior (ITS 7636) Fixed slapd slapi control free behavior (ITS 7641) Fixed slapd schema countryString as directoryString (ITS 7659) Fixed slapd schema telephoneNumber as directoryString (ITS 7659) Fixed slapd-bdb/hdb to wait for read locks in tool mode (ITS 6365) Fixed slapd-mdb behavior with alias dereferencing (ITS 7577) Fixed slapd-mdb modrdn and base-scoped searches (ITS 7604) Fixed slapd-mdb refcount behavior (ITS 7628) Fixed slapd-meta binding flag is set (ITS 7524) Fixed slapd-meta with minimal config (ITS 7581) Fixed slapd-meta missing results messages (ITS 7591) Added slapd-meta TCP keepalive support (ITS 7513) Fixed slapo-sssvlv double free (ITS 7588) Fixed slaptest to list -Q option (ITS 7568) Build Environment Fixed slapd-meta declaration warnings (ITS 7654) Contrib Fixed nssov group enumeration bug (ITS 7569) Fixed autogroup when URI has no attrs (ITS 7580) Documentation admin24 Update database backend notes (ITS 7590) ldap.conf(5) fixed typos (ITS 7568) ldapmodify(1) remove replog reference (ITS 7562) ldif(5) remove replog reference (ITS 7562) slapd-config(5) remove replog reference (ITS 7562) slapd.conf(5) remove replog reference (ITS 7562) slapd-config(5) document TLSProtocolMin (ITS 5655,ITS 7645) slapd.conf(5) document TLSProtocolMin
Changes 2.4.35: Fixed liblmdb mdb_cursor_put with MDB_MULTIPLE Fixed liblmdb page rebalance Fixed liblmdb missing parens Fixed liblmdb mdb_cursor_del crash Fixed slapd syncrepl updateCookie status Fixed slapd connection logging Fixed slapd segfault on modify Fixed slapd-mdb to reject undefined attrs Fixed slapo-pcache with +/- attrsets Build Environment don't install DB_CONFIG if no BDB backends Documentation slapschema(8) fix tool name admin24 fixed pcache example admin24 fixed config examples
OpenLDAP 2.4.34 Release (2013/03/03) Fixed libldap connections with EINTR (ITS7476) Fixed libldap lineno overflow in ldif_read_record (ITS7497) Fixed liblmdb mdb_env_open flag handling (ITS7453) Fixed liblmdb mdb_midl_sort array optimization (ITS7432) Fixed liblmdb freelist with large entries (ITS7455) Fixed liblmdb to check for filled dirty page list (ITS7491) Fixed liblmdb to validate data limits (ITS7485) Fixed liblmdb mdb_update_key for large keys (ITS7505) Fixed ldapmodify to not core dump with invalid LDIF (ITS7477) Fixed slapd syncrepl for old entries in MMR setup (ITS7427) Fixed slapd signedness for index_substr_any_* (ITS7449) Fixed slapd enforce SLAPD_MAX_DAEMON_THREADS (ITS7450) Fixed slapd mutex in send_ldap_ber (ITS6164) Added slapd-ldap onerr option (ITS7492) Added slapd-ldap keepalive support (ITS7501) Fixed slapd-ldif with empty dir (ITS7451) Fixed slapd-mdb to reopen attr DBs after env reopen (ITS7416) Fixed slapd-mdb handling of missing entries (ITS7483,7496) Fixed slapd-mdb environment flag setting (ITS7452) Fixed slapd-mdb with sub db slapcat (ITS7469) Fixed slapd-mdb to correctly work with toolthreads > 2 (ITS7488,ITS7527) Fixed slapd-mdb subtree search speed (ITS7473) Fixed slapd-meta conversion to cn=config (ITS7525) Fixed slapd-meta segfault when modifying olcDbUri (ITS7526) Fixed slapd-sql back-config support (ITS7499) Fixed slapo-constraint handle uri and restrict correctly (ITS7418) Fixed slapo-constraint with multi-master replication (ITS7426) Fixed slapo-constraint segfault (ITS7431) Fixed slapo-deref control initialization (ITS7436) Fixed slapo-deref control exposure (ITS7445) Fixed slapo-memberof with internal ops (ITS7487) Fixed slapo-pcache matching rules for config db (ITS7459) Fixed slapo-rwm modrdn cleanup (ITS7414) Fixed slapo-sssvlv maxperconn parameter (ITS7484) Build Environment Fixed slapo-constraint test suite (ITS7423) Contrib Added nssov nssov_config support (ITS7518) Added nssov password_prohibit_message (ITS7518) Fixed ldapc++ with gcc-4.7 (ITS7281,ITS7304) Fixed nssov olcNssPamSession handling (ITS7481) Fixed nssov connection DN (ITS7518) Add missing Makefile for various modules (ITS7308) Unify Makefile structure for modules (ITS7309) Fixed slapo-allowed attribute replication (ITS7493) Fixed slapo-passwd SHA2 to correctly zero buffer (ITS7490) Documentation ldapurl(1) fix example usage (ITS7454) ldap_get_option(3) fixed trailing whitespace (ITS7411) slapd-config(5) olcExtraAttrs is per db (ITS7421) slapd-overlays(5) update manpage index (ITS7489) slapo-dynlist(5) Search behavior notes (ITS7486) slapo-valsort(5) Document valsort control syntax (ITS7523)
Changes 2.4.33: Added slapd-meta cn=config support Fixed libldap MozNSS slot picking Fixed libldap MozNSS with tokenname:certnickname format Fixed libmdb POSIX semaphore cleanup on environment close Fixed libmdb mdb_page_split Fixed slapd alock handling on Windows Fixed slapd acl handling with zero-length values Fixed slapd syncprov to not reference ops inside a lock Fixed slapd delta-syncrepl MMR with large attribute values Fixed slapd slapd_rw_destroy function Fixed slapd-ldap idassert bind handling Fixed slapd-mdb slapadd -q -w double free Fixed slapd-mdb to close read txn in reindex commit Fixed slapo-constraint with multiple modifications Build Environment Fixed build with Visual Studio Fixed libmdb posix semaphore use on BSD system Add slapo-constraint test suite Contrib Updated radius passwd module for NAS-Identifier Documentation slapo-refint(5) Note that refint is not replicated
Changes 2.4.32: Added slappasswd loadable module support Fixed tools to not clobber SASL_NOCANON Fixed libldap function declarations Fixed libldap double free Fixed libldap debug level setting Fixed libldap MozNSS PEM/certdb handling Fixed libldap MozNSS cipher suite selection Fixed libldap MozNSS error handling Fixed libldap MozNSS cipher suite being ignored Fixed libldap MozNSS infinite loop Fixed libldap MozNSS context token for certdb Fixed libldap MozNSS store certificate object Fixed libldap MozNSS fix init and cleanup Fixed libldap MozNSS slot and pin usage Fixed libldap MozNSS to avoid infinite loop Fixed libldap MozNSS untrusted issuer error Fixed libldap gettime() regression Fixed libldap sasl handling Fixed libldap to correctly free socket with TLS Fixed libmdb leaf node handling Fixed libmdb mutexes on Apple/Windows Fixed slapd config index renumbering Fixed slapd duplicate error response Fixed slapd parsing of PermissiveModify control Fixed slapd-bdb/hdb cache hang under high load Fixed slapd-bdb/hdb alias checking Fixed slapd-bdb/hdb olcDbConfig changes work immediately Fixed slapd-ldap to encode user DN during password change Fixed slapd-ldap assertion when proxying to MS AD Fixed slapd-ldap monitoring Fixed slapd-mdb with tool mode Fixed slapd-mdb with approx indexing Fixed slapd-mdb dn2id delete Fixed slapd-mdb memory leak in online indexer Fixed slapd-mdb db corruption when hitting maxsize Fixed slapd-mdb aborts with online indexing Fixed slapd-perl panic Fixed slapo-accesslog memory leaks with sync replication Fixed slapo-syncprov memory leaks with sync replication Fixed contrib/smbk5pwd to not compile with MozNSS Fixed contrib/sha2 portability Fixed contrib/sha2 thread safety Added contrib/sha2 {SSHA256}, {SSHA384}, {SSHA512} support Build Environment Fixed test057 timing issues Fixed compilation with MS Visual Studio Contrib Added slapi_[get|free]_client_ip() Documentation slapo-sssvlv Added note about criticality admin24 Fix peername.regex typo Fixed slapd-config file include example slapd-ldap(5) Reference RFC4526 slapd-meta(5) Reference RFC4526