If HAVE_LIBNLS is not defined, OS functions (iconv and Win32
native APIs) are used for character set conversion of command
line arguments.
Fix bug # 177766 - LDAP tools should reject second -h argument.
A second -p argument is also rejected.
Fix bug # 159139 - HP/UX: LDAP command line tools do no charset conversion.
Removed special case makefile rules for convutf8.cpp on HP/UX.
If a NULL keypasswd value is passed to ldapssl_enable_clientauth()
then it is assumed that the application has already unlocked
the key DB or has installed its own GetPassword callback.
Also improved some error reporting.
The prldap_tsd_destroy() function (which is called when a
thread exits) was not freeing the information contained within
the PRLDAP_ErrorInfo structure. Added prldap_free_errorinfo()
and a way to determine if that thread-private data looks like
error information (the plei_magic field). At the moment, only
one kind of thread-private data is stored anyway (the error
information).
The prldap_allocate_map() function, which is called when a new
LDAP session is created, was blindly setting the thread-private
error information pointer to NULL. But if a different thread
created or used an LDAP session than called ldap_unbind(), old
error information may have been left in memory. Now the error
info. pointer is reset and reused, which was the original goal.
Added two new libssldap public functions: ldapssl_set_option() and
ldapssl_get_option().
Also fixed a bug in ldapsinit:do_ldapssl_connect() that sometimes
caused PR_Close() to be called twice on an SSL file descriptor
if an error occurred (once in do_ldapssl_connect() itself and
once in the libprldap close function that is called from
do_ldapssl_connect()).
Also updated the NSPR and NSS "error code to string" mapping
tables that are used by ldapssl_err2string().
Also fixed a bug in common.c:ldaptool_print_lderror (LDAP command
line tools) where we did not check for SSL errors when the
error code was "can't connect." We were only checking on
"server down" errors.
Fix bug # 121276 - use sigthreadmask instead of sigprocmask (AIX).
Fix bug # 81584 - strtok use and STRTOK on Linux.
The charray() code now uses strtok_r() if available.
strtok_r() is now used everywhere on Linux if available.
New libssldap public function: ldapssl_set_strength().
New command line tool option: -3 ("no third").
Fix bug # 134035 - LDAP command line tools don't report vendor mismatch.
Improved error checks and reporting for SSL errors in tools.
ldap_url_search() now uses the port from the LDAP * if no hostport
is included in the URL. This is a change in behavior, but the old
behavior was wrong.
