* We must use the full path to the source file when calling MSVC so that debugging information shows up in the object files.
* Because of cygwin's use of /cygdrive when using full paths, we must use a cygwin-wrapper script in some cases to allow native win32 programs to use a fully qualified cygwin path.
* We have to call configure using the full path so that $(srcdir) contains the
full path in the Makefiles. The rules have been changed for win32 so that it
always use $(srcdir)/$*.{c,cpp} as the sourcefile name even when the file is in
the cwd. This works around both the /cygdrive issue and the msvc's path info
optimization.
* We still use the wrapper when calling rc.exe & nsinstall. nsinstall
frequently takes multiple args and is called all over the tree so changing each
calling site is going to be expensive. (I'll have to check the logs again but
I think the rc wrapping can go.)
* nspr & ldap still use the wrappers for all native win32 progs. Neither nspr
nor ldap uses the acoutput-fast.pl script to speed up the substitution of
@srcdir@ into their Makefiles so, makefile substitution will break if we use
dos-paths.
* In the handful of directories where we copy srcfiles from another directory
in lieu of using VPATHs, we have to now copy those files to $(srcdir) so that
the default rules can find them.
Bug #141834 r=leaf,wtc,dmose,mcs
length or tag is split across buffers.
Improve backwards compatibility by setting *Bytes_Scanned to zero
when errors occur; use errno to report specific errors.
A queue of pending outbound requests is kept. UnBind requests are NOT
queued however.
Abandon requests are not sent if a request is not outstanding.
Cleaned up the code in result.c to avoid use of magic return values
such as -1 and -2. Also removed some dead code and dead files.
ltest (test.c) now supports SSL and async I/O options.
Fix most critical warnings in the core LDAP library code:
AIX has snprintf() so we now #define HAVE_SNPRINTF there.
Use snprintf() instead of sprintf() in ldap_perror().
Use snprintf() instead of sprintf() in ldap_init_getfilter_buf()
and improve error reporting for bad regular expressions.
Don't treat a request as complete if its LDAP result message
has not yet been received. Previously, nested referrals and
references could cause requests to be prematurely terminated.
The LDAP tools code no longer has any knowledge of the NSS
file names; the certpath2keypath() function has been deleted
and we now simply use the certdbpath as keydbpath when it is
provided (it makes no difference in the end). But note that
because we need to maintain backwards compatibility, the
libssldap code used by the ldapssl_.*_init() functions still
knows the default name of the NSS module file (secmod.db),
and the code also relies on the fact that the suffix for the
key and cert files is ".db" and that the first letter in the
main part of the name is either 'c' or 'k'.
Also fixed a bug that caused the module file name specified on
the LDAP tools command line (-m name) to be ignored.
The ldapsearch and ldapcmp tools now exit with LDAP_NO_MEMORY
if an LDIF fragment can't be constructed.
Also fixed some issues reported by lint:
Return values that were ignored.
Make more functions and global variables static.
Add /*ARGSUSED*/ and similar lint-friendly comments.
If HAVE_LIBNLS is not defined, OS functions (iconv and Win32
native APIs) are used for character set conversion of command
line arguments.
Fix bug # 177766 - LDAP tools should reject second -h argument.
A second -p argument is also rejected.
Fix bug # 159139 - HP/UX: LDAP command line tools do no charset conversion.
Removed special case makefile rules for convutf8.cpp on HP/UX.
If a NULL keypasswd value is passed to ldapssl_enable_clientauth()
then it is assumed that the application has already unlocked
the key DB or has installed its own GetPassword callback.
Also improved some error reporting.
The prldap_tsd_destroy() function (which is called when a
thread exits) was not freeing the information contained within
the PRLDAP_ErrorInfo structure. Added prldap_free_errorinfo()
and a way to determine if that thread-private data looks like
error information (the plei_magic field). At the moment, only
one kind of thread-private data is stored anyway (the error
information).
The prldap_allocate_map() function, which is called when a new
LDAP session is created, was blindly setting the thread-private
error information pointer to NULL. But if a different thread
created or used an LDAP session than called ldap_unbind(), old
error information may have been left in memory. Now the error
info. pointer is reset and reused, which was the original goal.
Added two new libssldap public functions: ldapssl_set_option() and
ldapssl_get_option().
Also fixed a bug in ldapsinit:do_ldapssl_connect() that sometimes
caused PR_Close() to be called twice on an SSL file descriptor
if an error occurred (once in do_ldapssl_connect() itself and
once in the libprldap close function that is called from
do_ldapssl_connect()).
Also updated the NSPR and NSS "error code to string" mapping
tables that are used by ldapssl_err2string().
Also fixed a bug in common.c:ldaptool_print_lderror (LDAP command
line tools) where we did not check for SSL errors when the
error code was "can't connect." We were only checking on
"server down" errors.
Fix bug # 121276 - use sigthreadmask instead of sigprocmask (AIX).
Fix bug # 81584 - strtok use and STRTOK on Linux.
The charray() code now uses strtok_r() if available.
strtok_r() is now used everywhere on Linux if available.
New libssldap public function: ldapssl_set_strength().
New command line tool option: -3 ("no third").
Fix bug # 134035 - LDAP command line tools don't report vendor mismatch.
Improved error checks and reporting for SSL errors in tools.
ldap_url_search() now uses the port from the LDAP * if no hostport
is included in the URL. This is a change in behavior, but the old
behavior was wrong.
