PR#50334: Issue 49730 - MozLDAP bindings have been unsupported for a while - 389-ds-base

Makefile.am

file modified

-6

		`@@ -154,15 +154,10 @@`
		`NSPR_LINK = $(NSPR_LIBS)`
		`NSS_LINK = $(NSS_LIBS)`

		`- if OPENLDAP`
		`# with recent versions of openldap - if you link with both ldap_r and ldap, the`
		`# shared lib _fini for one will stomp on the other, and the program will crash`
		`LDAPSDK_LINK_NOTHR = @openldap_lib@ -lldap@ol_libver@ @ldap_lib_ldif@ -llber@ol_libver@`
		`LDAPSDK_LINK = @openldap_lib@ -lldap_r@ol_libver@ @ldap_lib_ldif@ -llber@ol_libver@`
		`- else`
		`- LDAPSDK_LINK = @ldapsdk_lib@ -lssldap60 -lprldap60 -lldap60 -lldif60`
		`- LDAPSDK_LINK_NOTHR = $(LDAPSDK_LINK)`
		`- endif`
		`ldaplib = @ldaplib@`
		`ldaplib_defs = @ldaplib_defs@`

		`@@ -519,7 +514,6 @@`
		`ldap/servers/slapd/http.h \`
		`ldap/servers/slapd/intrinsics.h \`
		`ldap/servers/slapd/log.h \`
		`- ldap/servers/slapd/mozldap.h \`
		`ldap/servers/slapd/openldapber.h \`
		`ldap/servers/slapd/pblock_v3.h \`
		`ldap/servers/slapd/poll_using_select.h \`

configure.ac

file modified

-1

		`@@ -834,7 +834,6 @@`
		`AC_SUBST(nss_libdir)`

		`m4_include(m4/openldap.m4)`
		`- m4_include(m4/mozldap.m4)`
		`m4_include(m4/db.m4)`

		`PKG_CHECK_MODULES([SASL], [libsasl2])`

ldap/admin/src/scripts/bak2db.pl.in

file modified

+1 -1

		`@@ -17,7 +17,7 @@`
		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$dbtype = "ldbm database";`

ldap/admin/src/scripts/cleanallruv.pl.in

file modified

+1 -1

		`@@ -16,7 +16,7 @@`
		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$i = 0;`

ldap/admin/src/scripts/db2bak.pl.in

file modified

+1 -1

		`@@ -18,7 +18,7 @@`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$dbtype = "ldbm database";`

ldap/admin/src/scripts/db2index.pl.in

file modified

+1 -1

		`@@ -17,7 +17,7 @@`
		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$i = 0;`

ldap/admin/src/scripts/db2ldif.pl.in

file modified

+1 -1

		`@@ -17,7 +17,7 @@`
		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$maxidx = 50;`

ldap/admin/src/scripts/fixup-linkedattrs.pl.in

file modified

+1 -1

		`@@ -16,7 +16,7 @@`
		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$i = 0;`

ldap/admin/src/scripts/fixup-memberof.pl.in

file modified

+1 -1

		`@@ -16,7 +16,7 @@`
		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$i = 0;`

ldap/admin/src/scripts/ldif2db.pl.in

file modified

+1 -1

		`@@ -16,7 +16,7 @@`
		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$maxidx = 50;`

ldap/admin/src/scripts/ldif2ldap.in

file modified

+1 -1

		`@@ -10,7 +10,7 @@`
		`export LD_LIBRARY_PATH`
		`SHLIB_PATH=$LD_LIBRARY_PATH`
		`export SHLIB_PATH`
		`- PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap`
		`+ PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin`

		`usage ()`
		`{`

ldap/admin/src/scripts/monitor.in

file modified

+1 -1

		`@@ -10,7 +10,7 @@`
		`export LD_LIBRARY_PATH`
		`SHLIB_PATH=$LD_LIBRARY_PATH`
		`export SHLIB_PATH`
		`- PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin/:/usr/lib64/mozldap`
		`+ PATH=$PATH:@ldaptool_bindir@:@ldaptool_bindir@:/usr/bin/`

		`protocol=""`

ldap/admin/src/scripts/ns-accountstatus.pl.in

file modified

+1 -1

		`@@ -16,7 +16,7 @@`

		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`my $single = 0;`

ldap/admin/src/scripts/ns-activate.pl.in

file modified

+1 -1

		`@@ -17,7 +17,7 @@`

		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`my $single = 0;`

ldap/admin/src/scripts/ns-inactivate.pl.in

file modified

+1 -1

		`@@ -16,7 +16,7 @@`

		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$single = 0;`

ldap/admin/src/scripts/ns-newpwpolicy.pl.in

file modified

+1 -1

		`@@ -17,7 +17,7 @@`
		`# all of this nonsense can be omitted if the mozldapsdk and perldap are`
		`# installed in the operating system locations (e.g. /usr/lib /usr/lib/perl5)`

		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`DSUtil::libpath_add("@nss_libdir@");`

ldap/admin/src/scripts/schema-reload.pl.in

file modified

+1 -1

		`@@ -17,7 +17,7 @@`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`

		`$i = 0;`

ldap/admin/src/scripts/syntax-validate.pl.in

file modified

+1 -1

		`@@ -16,7 +16,7 @@`
		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$i = 0;`

ldap/admin/src/scripts/usn-tombstone-cleanup.pl.in

file modified

+1 -1

		`@@ -15,7 +15,7 @@`
		`DSUtil::libpath_add("@nss_libdir@");`
		`DSUtil::libpath_add("/usr/lib");`
		`DSUtil::libpath_add("/usr/lib64");`
		`- $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin:/usr/lib64/mozldap/";`
		`+ $ENV{'PATH'} = "@ldaptool_bindir@:/usr/bin";`
		`$ENV{'SHLIB_PATH'} = "$ENV{'LD_LIBRARY_PATH'}";`

		`$i = 0;`

ldap/servers/plugins/automember/automember.c

file modified

-19

		`@@ -2789,14 +2789,9 @@`
		`PRFileDesc *ldif_fd_out = NULL;`
		`char *entrystr = NULL;`
		`char *errstr = NULL;`
		`- #if defined(USE_OPENLDAP)`
		`int buflen = 0;`
		`LDIFFP *ldif_fd_in = NULL;`
		`ldif_record_lineno_t lineno = 0;`
		`- #else`
		`- FILE *ldif_fd_in = NULL;`
		`- int lineno = 0;`
		`- #endif`
		`int rc = 0;`

		`if (!task) {`
		`@@ -2828,15 +2823,9 @@`
		`goto out;`
		`}`

		`- #if defined(USE_OPENLDAP)`
		`if ((ldif_fd_in = ldif_open(td->ldif_in, "r")) == NULL) {`
		`rc = errno;`
		`errstr = strerror(rc);`
		`- #else`
		`- if ((ldif_fd_in = fopen(td->ldif_in, "r")) == NULL) {`
		`- rc = PR_GetOSError();`
		`- errstr = (char *)slapi_system_strerror(rc);`
		`- #endif`
		`slapi_task_log_notice(task, "The ldif file %s could not be accessed, error %d (%s). Aborting task.\n",`
		`td->ldif_in, rc, errstr);`
		`slapi_task_log_status(task, "The ldif file %s could not be accessed, error %d (%s). Aborting task.\n",`
		`@@ -2851,12 +2840,8 @@`
		`* Convert each LDIF entry to a slapi_entry`
		`*/`
		`automember_config_read_lock();`
		`- #if defined(USE_OPENLDAP)`
		`while (ldif_read_record(ldif_fd_in, &lineno, &entrystr, &buflen)) {`
		`buflen = 0;`
		`- #else`
		`- while ((entrystr = ldif_get_entry(ldif_fd_in, &lineno)) != NULL) {`
		`- #endif`
		`e = slapi_str2entry(entrystr, 0);`
		`if (e != NULL) {`
		`if (!PR_CLIST_IS_EMPTY(g_automember_config)) {`
		`@@ -2892,11 +2877,7 @@`
		`PR_Close(ldif_fd_out);`
		`}`
		`if (ldif_fd_in) {`
		`- #if defined(USE_OPENLDAP)`
		`ldif_close(ldif_fd_in);`
		`- #else`
		`- fclose(ldif_fd_in);`
		`- #endif`
		`}`
		`slapi_task_inc_progress(task);`
		`slapi_task_finish(task, result);`

ldap/servers/plugins/chainingdb/cb_conn_stateless.c

file modified

-4

		`@@ -13,10 +13,6 @@`

		`#include "cb.h"`

		`- #ifndef USE_OPENLDAP`
		`- #include "ldap_ssl.h" /* for start_tls */`
		`- #endif`
		`-`
		`/*`
		`* Most of the complicated connection-related code lives in this file. Some`
		`* general notes about how we manage our connections to "remote" LDAP servers:`

ldap/servers/plugins/dna/dna.c

file modified

-6

		`@@ -2003,9 +2003,7 @@`
		`int ret = LDAP_OPERATIONS_ERROR;`
		`int port = 0;`
		`int timelimit;`
		`- #if defined(USE_OPENLDAP)`
		`struct timeval timeout;`
		`- #endif`
		`/* See if we're allowed to send a range request now */`
		`slapi_lock_mutex(config_entry->extend_lock);`
		`if (config_entry->extend_in_progress) {`
		`@@ -2051,13 +2049,9 @@`
		`ldap_set_option(ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);`
		`timelimit = config_entry->timeout / 1000; /* timeout is in msec */`
		`ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &timelimit);`
		`- #if defined(USE_OPENLDAP)`
		`timeout.tv_sec = config_entry->timeout / 1000;`
		`timeout.tv_usec = (config_entry->timeout % 1000) * 1000;`
		`ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &timeout);`
		`- #else`
		`- ldap_set_option(ld, LDAP_X_OPT_CONNECT_TIMEOUT, &config_entry->timeout);`
		`- #endif`
		`/* Bind to the replica server */`
		`ret = slapi_ldap_bind(ld, bind_dn, bind_passwd, bind_method,`
		`NULL, NULL, NULL, NULL);`

ldap/servers/plugins/replication/cl5_api.c

file modified

-21

		`@@ -768,14 +768,9 @@`
		`int`
		`cl5ImportLDIF(const char clDir, const char ldifFile, Object **replicas)`
		`{`
		`- #if defined(USE_OPENLDAP)`
		`LDIFFP *file = NULL;`
		`int buflen = 0;`
		`ldif_record_lineno_t lineno = 0;`
		`- #else`
		`- FILE *file = NULL;`
		`- int lineno = 0;`
		`- #endif`
		`int rc;`
		`char *buff = NULL;`
		`slapi_operation_parameters op;`
		`@@ -834,11 +829,7 @@`
		`}`

		`/* open LDIF file */`
		`- #if defined(USE_OPENLDAP)`
		`file = ldif_open(ldifFile, "r");`
		`- #else`
		`- file = fopen(ldifFile, "r"); /* XXXggood Does fopen reliably work if > 255 files open? */`
		`- #endif`
		`if (file == NULL) {`
		`slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name_cl,`
		`"cl5ImportLDIF - Failed to open (%s) ldif file; system error - %d\n",`
		`@@ -865,11 +856,7 @@`
		`s_cl5Desc.dbState = CL5_STATE_OPEN; /* force to change the state */`

		`/* read entries and write them to changelog */`
		`- #if defined(USE_OPENLDAP)`
		`while (ldif_read_record(file, &lineno, &buff, &buflen))`
		`- #else`
		`- while ((buff = ldif_get_entry(file, &lineno)) != NULL)`
		`- #endif`
		`{`
		`rc = _cl5LDIF2Operation(buff, &op, &replGen);`
		`if (rc != CL5_SUCCESS) {`
		`@@ -925,15 +912,11 @@`
		`}`
		`}`
		`slapi_ch_free_string(&buff);`
		`- #if defined(USE_OPENLDAP)`
		`buflen = 0;`
		`- #endif`
		`goto next;`
		`}`
		`slapi_ch_free_string(&buff);`
		`- #if defined(USE_OPENLDAP)`
		`buflen = 0;`
		`- #endif`
		`/* if we perform selective import, check if the operation should be wriiten to changelog */`
		`replica_obj = _cl5GetReplica(&op, replGen);`
		`if (replica_obj == NULL) {`
		`@@ -1023,11 +1006,7 @@`
		`slapi_ch_free((void **)&maxvals);`

		`if (file) {`
		`- #if defined(USE_OPENLDAP)`
		`ldif_close(file);`
		`- #else`
		`- fclose(file);`
		`- #endif`
		`}`
		`if (CL5_STATE_OPEN == s_cl5Desc.dbState) {`
		`_cl5Close();`

ldap/servers/plugins/replication/repl5_connection.c

file modified

+1 -84

		`@@ -25,12 +25,7 @@`
		`#include "repl5.h"`
		`#include "repl5_prot_private.h"`
		`#include "slapi-private.h"`
		`- #if defined(USE_OPENLDAP)`
		`#include "ldap.h"`
		`- #else`
		`- #include "ldappr.h"`
		`- #include "ldap-extension.h"`
		`- #endif`
		`#include "nspr.h"`
		`#include "private/pprio.h"`
		`#include "nss.h"`
		`@@ -530,7 +525,6 @@`
		`* on the same connection), we need to _first_ verify that the connection`
		`* is writable. If it isn't, we can deadlock if we proceed any further...`
		`*/`
		`- #if defined(USE_OPENLDAP)`
		`/* openldap has LBER_SB_OPT_DATA_READY but that doesn't really`
		`work for our purposes - so we grab the openldap fd from the`
		`ber sockbuf layer, import it into a PR Poll FD, then`
		`@@ -583,74 +577,6 @@`

		`return CONN_OPERATION_SUCCESS;`
		`}`
		`- #else /* ! USE_OPENLDAP */`
		`- /* Since we're poking around with ldap c sdk internals, we have to`
		`- be careful since the PR layer stores different session and socket`
		`- info than the NSS SSL layer than the SASL layer - and they all`
		`- use different poll functions too`
		`- */`
		`- static ConnResult`
		`- see_if_write_available(Repl_Connection *conn, PRIntervalTime timeout)`
		`- {`
		`- LDAP_X_PollFD pollstr;`
		`- int nfds = 1;`
		`- struct ldap_x_ext_io_fns iofns;`
		`- int rc = LDAP_SUCCESS;`
		`- LDAP_X_EXTIOF_POLL_CALLBACK *ldap_poll;`
		`- struct lextiof_session_private *private;`
		`-`
		`- /* get the poll function to use */`
		`- memset(&iofns, 0, sizeof(iofns));`
		`- iofns.lextiof_size = LDAP_X_EXTIO_FNS_SIZE;`
		`- if (ldap_get_option(conn->ld, LDAP_X_OPT_EXTIO_FN_PTRS, &iofns) < 0) {`
		`- rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL);`
		`- slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,`
		`- "see_if_write_available - %s: Failed call to ldap_get_option to get extiofns: LDAP error %d (%s)\n",`
		`- agmt_get_long_name(conn->agmt),`
		`- rc, ldap_err2string(rc));`
		`- conn->last_ldap_error = rc;`
		`- return CONN_OPERATION_FAILED;`
		`- }`
		`- ldap_poll = iofns.lextiof_poll;`
		`-`
		`- /* set up the poll structure */`
		`- if (ldap_get_option(conn->ld, LDAP_OPT_DESC, &pollstr.lpoll_fd) < 0) {`
		`- rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL);`
		`- slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,`
		`- "see_if_write_available - %s: Failed call to ldap_get_option for poll_fd: LDAP error %d (%s)\n",`
		`- agmt_get_long_name(conn->agmt),`
		`- rc, ldap_err2string(rc));`
		`- conn->last_ldap_error = rc;`
		`- return CONN_OPERATION_FAILED;`
		`- }`
		`-`
		`- if (ldap_get_option(conn->ld, LDAP_X_OPT_SOCKETARG,`
		`- &pollstr.lpoll_socketarg) < 0) {`
		`- rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL);`
		`- slapi_log_err(SLAPI_LOG_ERR, repl_plugin_name,`
		`- "see_if_write_available - %s: Failed call to ldap_get_option for socketarg: LDAP error %d (%s)\n",`
		`- agmt_get_long_name(conn->agmt),`
		`- rc, ldap_err2string(rc));`
		`- conn->last_ldap_error = rc;`
		`- return CONN_OPERATION_FAILED;`
		`- }`
		`-`
		`- pollstr.lpoll_events = LDAP_X_POLLOUT;`
		`- pollstr.lpoll_revents = 0;`
		`- private`
		`- = iofns.lextiof_session_arg;`
		`-`
		`- if (0 == (*ldap_poll)(&pollstr, nfds, timeout, private)) {`
		`- slapi_log_err(SLAPI_LOG_REPL, repl_plugin_name,`
		`- "%s: poll timed out - poll interval [%d]\n",`
		`- agmt_get_long_name(conn->agmt),`
		`- timeout);`
		`- return CONN_TIMEOUT;`
		`- }`
		`-`
		`- return CONN_OPERATION_SUCCESS;`
		`- }`
		`- #endif /* ! USE_OPENLDAP */`

		`/*`
		`* During a total update, this function checks how much entries`
		`@@ -1196,9 +1122,6 @@`
		`}`

		`if (return_value == CONN_OPERATION_SUCCESS) {`
		`- #if !defined(USE_OPENLDAP)`
		`- int io_timeout_ms;`
		`- #endif`
		`/* Now we initialize the LDAP Structure and set options */`

		`slapi_log_err(SLAPI_LOG_REPL, repl_plugin_name,`
		`@@ -1244,14 +1167,8 @@`
		`/* Don't chase any referrals (although we shouldn't get any) */`
		`ldap_set_option(conn->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);`

		`- /* override the default timeout with the specified timeout */`
		`- #if defined(USE_OPENLDAP)`
		`+ /* override the default timeout with the specified timeout */`
		`ldap_set_option(conn->ld, LDAP_OPT_NETWORK_TIMEOUT, &conn->timeout);`
		`- #else`
		`- io_timeout_ms = conn->timeout.tv_sec * 1000 + conn->timeout.tv_usec / 1000;`
		`- prldap_set_session_option(conn->ld, NULL, PRLDAP_OPT_IO_MAX_TIMEOUT,`
		`- io_timeout_ms);`
		`- #endif`
		`/* We've got an ld. Now bind to the server. */`
		`conn->last_operation = CONN_BIND;`
		`}`

ldap/servers/plugins/replication/windows_connection.c

file modified

+1 -14

		`@@ -24,9 +24,6 @@`

		`#include "repl5.h"`
		`#include "windowsrepl.h"`
		`- #if !defined(USE_OPENLDAP)`
		`- #include "ldappr.h"`
		`- #endif`
		`#include "slap.h"`
		`#include "nss.h"`

		`@@ -1231,11 +1228,7 @@`
		`}`

		`if (return_value == CONN_OPERATION_SUCCESS) {`
		`- #if !defined(USE_OPENLDAP)`
		`- int io_timeout_ms;`
		`- #endif`
		`/* Now we initialize the LDAP Structure and set options */`
		`-`
		`slapi_log_err(SLAPI_LOG_REPL, windows_repl_plugin_name,`
		`"windows_conn_connect - %s: Trying %s%s slapi_ldap_init_ext\n",`
		`agmt_get_long_name(conn->agmt),`
		`@@ -1274,14 +1267,8 @@`
		`/* Don't chase any referrals (although we shouldn't get any) */`
		`ldap_set_option(conn->ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);`

		`- /* override the default timeout with the specified timeout */`
		`- #if defined(USE_OPENLDAP)`
		`+ /* override the default timeout with the specified timeout */`
		`ldap_set_option(conn->ld, LDAP_OPT_NETWORK_TIMEOUT, &conn->timeout);`
		`- #else`
		`- io_timeout_ms = conn->timeout.tv_sec * 1000 + conn->timeout.tv_usec / 1000;`
		`- prldap_set_session_option(conn->ld, NULL, PRLDAP_OPT_IO_MAX_TIMEOUT,`
		`- io_timeout_ms);`
		`- #endif`
		`/* We've got an ld. Now bind to the server. */`
		`conn->last_operation = CONN_BIND;`
		`}`

ldap/servers/slapd/back-ldbm/ldbm_search.c

file modified

+2 -3

		`@@ -23,9 +23,8 @@`
		`* Used for ldap_result passed to ldbm_back_search_cleanup.`
		`* If (ldap_result == LDBM_SRCH_DEFAULT_RESULT) \|\| (ldap_result == LDAP_SUCCESS),`
		`* don't call slapi_send_ldap_result.`
		`- * Note: mozldap ldap_result codes are all positive; openldap result codes could`
		`- * be negative values. OL (-1) is LDAP_SERVER_DOWN. Thus, it's safe to`
		`- * borrow the value here.`
		`+ * Note: openldap result codes could be negative values. OL (-1) is LDAP_SERVER_DOWN.`
		`+ * Thus, it's safe to borrow the value here.`
		`*/`
		`#define LDBM_SRCH_DEFAULT_RESULT (-1)`

ldap/servers/slapd/back-ldbm/misc.c

file modified

+1 -2

		`@@ -472,8 +472,7 @@`
		`want to change the ldif string because it will be`
		`parsed again in the future`
		`openldap ldif_getline() is more of a problem because`
		`- it does this for every comment line too, whereas mozldap`
		`- ldif_getline() just skips comment lines`
		`+ it does this for every comment line too.`
		`*/`
		`static void`
		`ldif_getline_fixline(char start, char end)`

ldap/servers/slapd/back-ldbm/vlv_srch.c

file modified

-8

		`@@ -849,19 +849,11 @@`
		`void`
		`internal_ldap_free_sort_keylist(LDAPsortkey **sortKeyList)`
		`{`
		`- #if defined(USE_OPENLDAP)`
		`ldap_free_sort_keylist((LDAPSortKey **)sortKeyList);`
		`- #else`
		`- ldap_free_sort_keylist(sortKeyList);`
		`- #endif`
		`}`

		`int`
		`internal_ldap_create_sort_keylist(LDAPsortkey **sortKeyList, const char string_rep)`
		`{`
		`- #if defined(USE_OPENLDAP)`
		`return ldap_create_sort_keylist((LDAPSortKey **)sortKeyList, (char )string_rep);`
		`- #else`
		`- return ldap_create_sort_keylist(sortKeyList, string_rep);`
		`- #endif`
		`}`

ldap/servers/slapd/back-ldbm/vlv_srch.h

file modified

-2

		`@@ -26,14 +26,12 @@`
		`extern char *const type_vlvEnabled;`
		`extern char *const type_vlvUses;`

		`- #if defined(USE_OPENLDAP)`
		`typedef struct LDAPsortkey`
		`{ /* structure for a sort-key */`
		`char *sk_attrtype;`
		`char *sk_matchruleoid;`
		`int sk_reverseorder;`
		`} LDAPsortkey;`
		`- #endif`

		`void internal_ldap_free_sort_keylist(LDAPsortkey **sortKeyList);`
		`int internal_ldap_create_sort_keylist(LDAPsortkey **sortKeyList, const char string_rep);`

ldap/servers/slapd/connection.c

file modified

+2 -26

		`@@ -534,13 +534,11 @@`
		`/* Copy the Connection DN and SSF into the operation struct */`
		`op_copy_identity(conn, op);`

		`- #if defined(USE_OPENLDAP)`
		`if (slapi_operation_is_flag_set(op, OP_FLAG_REPLICATED)) {`
		`/* If it is replicated op, ignore the maxbersize. */`
		`ber_len_t maxbersize = 0;`
		`ber_sockbuf_ctrl(conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &maxbersize);`
		`}`
		`- #endif`

		`/* If the minimum SSF requirements are not met, only allow`
		`* bind and extended operations through. The bind and extop`
		`@@ -780,7 +778,6 @@`
		`int use_buffer; /* if true, use the buffer - if false, ber_get_next reads directly from socket */`
		`};`

		`- #if defined(USE_OPENLDAP)`
		`/* Copy up to bytes_to_read bytes from b into return_buffer.`
		`* Returns a count of bytes copied (always >= 0).`
		`*/`
		`@@ -834,7 +831,6 @@`
		`done:`
		`return bytes_to_copy;`
		`}`
		`- #endif`

		`int`
		`connection_new_private(Connection *conn)`
		`@@ -988,20 +984,12 @@`
		`return ret;`
		`}`

		`- #ifdef USE_OPENLDAP`
		`#include "openldapber.h"`
		`- #else`
		`- #include "mozldap.h"`
		`- #endif`

		`static ber_tag_t`
		`_ber_get_len(BerElement ber, ber_len_t lenp)`
		`{`
		`- #ifdef USE_OPENLDAP`
		`OLBerElement lber = (OLBerElement )ber;`
		`- #else`
		`- MozElement lber = (MozElement )ber;`
		`- #endif`

		`if (NULL == lenp) {`
		`return LBER_DEFAULT;`
		`@@ -1041,12 +1029,7 @@`
		`ber_len_t bytes_scanned = 0;`

		`*lenp = 0;`
		`- #if defined(USE_OPENLDAP)`
		`*tagp = ber_get_next(conn->c_sb, &bytes_scanned, ber);`
		`- #else`
		`- *tagp = ber_get_next_buffer_ext(buffer, buffer_size, lenp, ber,`
		`- &bytes_scanned, conn->c_sb);`
		`- #endif`
		`/* openldap ber_get_next doesn't return partial bytes_scanned if it hasn't`
		`read a whole pdu - so we have to check the errno for the`
		`"would block" condition meaning openldap needs more data to read */`
		`@@ -1080,15 +1063,8 @@`
		`SLAPD_SYSTEM_WOULD_BLOCK_ERROR(errno)) {`
		`return -2; /* tells connection_read_operation we need to try again */`
		`}`
		`- } else {`
		`- /* openldap_read_function will advance c_buffer_offset */`
		`- #if !defined(USE_OPENLDAP)`
		`- /* success, or need to wait for more data */`
		`- /* if openldap could not read a whole pdu, bytes_scanned will be zero -`
		`- it does not return partial results */`
		`- conn->c_private->c_buffer_offset += bytes_scanned;`
		`- #endif`
		`- }`
		`+ } /* else, openldap_read_function will advance c_buffer_offset,`
		`+ nothing to do (we had to previously with mozldap) */`
		`return 0;`
		`}`

ldap/servers/slapd/conntable.c

file modified

-8

		`@@ -37,16 +37,8 @@`
		`ct->c[i].c_sb = ber_sockbuf_alloc();`
		`invalid_socket = SLAPD_INVALID_SOCKET;`
		`ct->c[i].c_sd = SLAPD_INVALID_SOCKET;`
		`- #if defined(USE_OPENLDAP)`
		`ber_sockbuf_ctrl(ct->c[i].c_sb, LBER_SB_OPT_SET_FD, &invalid_socket);`
		`ber_sockbuf_ctrl(ct->c[i].c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &maxbersize);`
		`- #else`
		`- ber_sockbuf_set_option(ct->c[i].c_sb, LBER_SOCKBUF_OPT_DESC, &invalid_socket);`
		`- /* openldap by default does not use readahead - the implementation is`
		`- via a sockbuf_io layer */`
		`- ber_sockbuf_set_option(ct->c[i].c_sb, LBER_SOCKBUF_OPT_NO_READ_AHEAD, LBER_OPT_ON);`
		`- ber_sockbuf_set_option(ct->c[i].c_sb, LBER_SOCKBUF_OPT_MAX_INCOMING_SIZE, &maxbersize);`
		`- #endif /* !USE_OPENLDAP */`
		`/* all connections start out invalid */`
		`ct->fd[i].fd = SLAPD_INVALID_SOCKET;`

ldap/servers/slapd/daemon.c

file modified

-25

		`@@ -1977,13 +1977,8 @@`
		`* Revision: handle changed to void * and first`
		`* argument which used to be integer system fd is now ignored.`
		`*/`
		`- #if defined(USE_OPENLDAP)`
		`static int`
		`write_function(int ignore __attribute__((unused)), void buffer, int count, void handle)`
		`- #else`
		`- static int`
		`- write_function(int ignore, const void buffer, int count, struct lextiof_socket_private handle)`
		`- #endif`
		`{`
		`int sentbytes = 0;`
		`int bytes;`
		`@@ -2040,7 +2035,6 @@`
		`return -1;`
		`}`

		`- #if defined(USE_OPENLDAP)`
		`/* The argument is a pointer to the socket descriptor */`
		`static int`
		`openldap_io_setup(Sockbuf_IO_Desc sbiod, void arg)`
		`@@ -2095,8 +2089,6 @@`
		`openldap_io_close /* sbi_close */`
		`};`

		`- #endif /* USE_OPENLDAP */`
		`-`

		`int connection_type = -1; /* The type number assigned by the Factory for 'Connection' */`

		`@@ -2367,9 +2359,7 @@`
		`void`
		`handle_closed_connection(Connection *conn)`
		`{`
		`- #ifdef USE_OPENLDAP`
		`ber_sockbuf_remove_io(conn->c_sb, &openldap_sockbuf_io, LBER_SBIOD_LEVEL_PROVIDER);`
		`- #endif`
		`}`

		`/* NOTE: this routine is not reentrant */`
		`@@ -2436,25 +2426,10 @@`
		`* won't have a mapping. */`
		`/* fds[ns].out_flags = 0; */`

		`- #if defined(USE_OPENLDAP)`
		`ber_sockbuf_add_io(conn->c_sb, &openldap_sockbuf_io,`
		`LBER_SBIOD_LEVEL_PROVIDER, conn);`
		`- #else /* !USE_OPENLDAP */`
		`- {`
		`- struct lber_x_ext_io_fns func_pointers = {0};`
		`- func_pointers.lbextiofn_size = LBER_X_EXTIO_FNS_SIZE;`
		`- func_pointers.lbextiofn_read = NULL; /* see connection_read_function */`
		`- func_pointers.lbextiofn_write = write_function;`
		`- func_pointers.lbextiofn_writev = NULL;`
		`- func_pointers.lbextiofn_socket_arg = (struct lextiof_socket_private *)pr_clonefd;`
		`- ber_sockbuf_set_option(conn->c_sb,`
		`- LBER_SOCKBUF_OPT_EXT_IO_FNS, &func_pointers);`
		`- }`
		`- #endif /* !USE_OPENLDAP */`
		`maxbersize = conn->c_maxbersize;`
		`- #if defined(USE_OPENLDAP)`
		`ber_sockbuf_ctrl(conn->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &maxbersize);`
		`- #endif`
		`if (secure && config_get_SSLclientAuth() != SLAPD_SSLCLIENTAUTH_OFF) {`
		`/* Prepare to handle the client's certificate (if any): */`
		`int rv;`

ldap/servers/slapd/ldaputil.c

file modified

-165

		`@@ -62,10 +62,6 @@`
		`#include "prtime.h"`
		`#include "prinrval.h"`
		`#include "snmp_collator.h"`
		`- #if !defined(USE_OPENLDAP)`
		`- #include <ldap_ssl.h>`
		`- #include <ldappr.h>`
		`- #else`

		`#ifdef HAVE_HEIMDAL_KERBEROS`
		`#include <com_err.h>`
		`@@ -79,10 +75,8 @@`
		`static PRCallOnceType ol_init_callOnce = {0, 0, 0};`
		`static PRLock *ol_init_lock = NULL;`

		`- #if defined(USE_OPENLDAP)`
		`extern void getSSLVersionRangeOL(int min, int max);`
		`extern int getSSLVersionRange(char min, char max);`
		`- #endif`

		`static PRStatus`
		`internal_ol_init_init(void)`
		`@@ -97,7 +91,6 @@`

		`return PR_SUCCESS;`
		`}`
		`- #endif`

		`/* the server depends on the old, deprecated ldap_explode behavior which openldap`
		`does not support - the use of the mozldap code should be discouraged as`
		`@@ -122,7 +115,6 @@`
		`}`
		`}`

		`- #if defined(USE_OPENLDAP)`
		`/* mozldap ldap_init and ldap_url_parse accept a hostname in the form`
		`host1[:port1]SPACEhost2[:port2]SPACEhostN[:portN]`
		`where SPACE is a single space (0x20) character`
		`@@ -199,7 +191,6 @@`
		`slapi_ch_free_string(&my_copy);`
		`return retstr;`
		`}`
		`- #endif /* USE_OPENLDAP */`

		`const char *`
		`slapi_urlparse_err2string(int err)`
		`@@ -219,7 +210,6 @@`
		`case LDAP_URL_ERR_PARAM:`
		`s = "bad parameter to an LDAP URL function";`
		`break;`
		`- #if defined(USE_OPENLDAP)`
		`case LDAP_URL_ERR_BADSCHEME:`
		`s = "does not begin with ldap://, ldaps://, or ldapi://";`
		`break;`
		`@@ -241,14 +231,6 @@`
		`case LDAP_URL_ERR_BADEXTS:`
		`s = "extensions not specified correctly";`
		`break;`
		`- #else /* !USE_OPENLDAP */`
		`- case LDAP_URL_ERR_NOTLDAP:`
		`- s = "missing ldap:// or ldaps:// or ldapi://";`
		`- break;`
		`- case LDAP_URL_ERR_NODN:`
		`- s = "missing suffix";`
		`- break;`
		`- #endif`
		`}`

		`return (s);`
		`@@ -268,14 +250,11 @@`
		`return LDAP_PARAM_ERROR;`
		`}`
		`const char *url_to_use = url;`
		`- #if defined(USE_OPENLDAP)`
		`char *urlescaped = NULL;`
		`- #endif`

		`if (secure) {`
		`*secure = 0;`
		`}`
		`- #if defined(USE_OPENLDAP)`
		`/* openldap does not support the non-standard multi host:port URLs supported`
		`by mozldap - so we have to fake out openldap - replace all spaces with %20 -`
		`replace all but the last colon with %3A`
		`@@ -332,14 +311,7 @@`
		`}`
		`}`
		`}`
		`- #endif`

		`- #if defined(HAVE_LDAP_URL_PARSE_NO_DEFAULTS)`
		`- rc = ldap_url_parse_no_defaults(url_to_use, ludpp, require_dn);`
		`- if (!rc && *ludpp && secure) {`
		`- secure = (ludpp)->lud_options & LDAP_URL_OPT_SECURE;`
		`- }`
		`- #else /* openldap */`
		`#if defined(HAVE_LDAP_URL_PARSE_EXT) && defined(LDAP_PVT_URL_PARSE_NONE) && defined(LDAP_PVT_URL_PARSE_NOEMPTY_DN)`
		`rc = ldap_url_parse_ext(url_to_use, ludpp, require_dn ? LDAP_PVT_URL_PARSE_NONE : LDAP_PVT_URL_PARSE_NOEMPTY_DN);`
		`#else`
		`@@ -370,9 +342,7 @@`
		`if (!rc && *ludpp && secure) {`
		`secure = (ludpp)->lud_scheme && !strcmp((*ludpp)->lud_scheme, "ldaps");`
		`}`
		`- #endif /* openldap */`

		`- #if defined(USE_OPENLDAP)`
		`if (urlescaped && (ludpp) && (ludpp)->lud_host) {`
		`/* have to unescape lud_host - can unescape in place */`
		`char p = strstr((ludpp)->lud_host, "://");`
		`@@ -400,7 +370,6 @@`
		`}`
		`}`
		`slapi_ch_free_string(&urlescaped);`
		`- #endif`
		`return rc;`
		`}`

		`@@ -411,7 +380,6 @@`
		`{`
		`int rc = LDAP_SUCCESS;`

		`- #if defined(USE_OPENLDAP)`
		`ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &rc);`
		`if (m) {`
		`ldap_get_option(ld, LDAP_OPT_MATCHED_DN, m);`
		`@@ -423,16 +391,12 @@`
		`ldap_get_option(ld, LDAP_OPT_ERROR_STRING, s);`
		`#endif`
		`}`
		`- #else /* !USE_OPENLDAP */`
		`- rc = ldap_get_lderrno(ld, m, s);`
		`- #endif`
		`return rc;`
		`}`

		`void`
		`slapi_ldif_put_type_and_value_with_options(char *out, const char t, const char *val, int vlen, unsigned long options)`
		`{`
		`- #if defined(USE_OPENLDAP)`
		`/* openldap always wraps and always does conservative base64 encoding`
		`we unwrap here, but clients will have to do their own base64 decode */`
		`int type = LDIF_PUT_VALUE;`
		`@@ -454,29 +418,18 @@`
		`}`
		`out = dest; / move 'out' back if we removed some continuation lines */`
		`}`
		`- #else`
		`- ldif_put_type_and_value_with_options(out, (char )t, (char )val, vlen, options);`
		`- #endif`
		`}`

		`void`
		`slapi_ldap_value_free(char **vals)`
		`{`
		`- #if defined(USE_OPENLDAP)`
		`slapi_ch_array_free(vals);`
		`- #else`
		`- ldap_value_free(vals);`
		`- #endif`
		`}`

		`int`
		`slapi_ldap_count_values(char **vals)`
		`{`
		`- #if defined(USE_OPENLDAP)`
		`return ldap_count_values_len((struct berval **)vals);`
		`- #else`
		`- return ldap_count_values(vals);`
		`- #endif`
		`}`

		`int`
		`@@ -489,7 +442,6 @@`
		`)`
		`{`
		`int rc = 0;`
		`- #if defined(USE_OPENLDAP)`
		`BerElement *ber = NULL;`
		`int beropts = 0;`
		`char *berfmtstr = NULL;`
		`@@ -538,13 +490,6 @@`
		`rc = ldap_control_create(ctrloid, ctl_iscritical, bv, 1, ctrlp);`
		`ber_bvfree(bv);`
		`ber_free(ber, 1);`
		`- #else`
		`- if (usev2) {`
		`- rc = ldap_create_proxiedauth_control(ld, dn, ctrlp);`
		`- } else {`
		`- rc = ldap_create_proxyauth_control(ld, dn, ctl_iscritical, ctrlp);`
		`- }`
		`- #endif`
		`return rc;`
		`}`

		`@@ -556,21 +501,10 @@`
		`int *freeval)`
		`{`
		`int rc;`
		`- #if defined(USE_OPENLDAP)`
		`rc = ldif_parse_line2(line, type, value, freeval);`
		`- /* check that type and value are null terminated */`
		`- #else`
		`- int vlen;`
		`- rc = ldif_parse_line(line, &type->bv_val, &value->bv_val, &vlen);`
		`- type->bv_len = type->bv_val ? strlen(type->bv_val) : 0;`
		`- value->bv_len = vlen;`
		`- freeval = 0; / always returns in place */`
		`- #endif`
		`return rc;`
		`}`

		`- #if defined(USE_OPENLDAP)`
		`-`
		`static int`
		`setup_ol_tls_conn(LDAP *ld, int clientauth)`
		`{`
		`@@ -654,7 +588,6 @@`

		`return rc;`
		`}`
		`- #endif /* defined(USE_OPENLDAP) */`

		`/*`
		`Perform LDAP init and return an LDAP* handle. If ldapurl is given,`
		`@@ -742,14 +675,6 @@`
		`}`
		`}`

		`- /* ldap_url_parse doesn't yet handle ldapi */`
		`- /*`
		`- if (!ldapi_socket && ludp && ludp->lud_file) {`
		`- ldapi_socket = ludp->lud_file;`
		`- }`
		`- */`
		`-`
		`- #if defined(USE_OPENLDAP)`
		`if (ldapurl) {`
		`if (PR_SUCCESS != PR_CallOnce(&ol_init_callOnce, internal_ol_init_init)) {`
		`slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext",`
		`@@ -811,20 +736,6 @@`
		`ldapurl, rc, ldap_err2string(rc));`
		`}`
		`}`
		`- #else /* !USE_OPENLDAP */`
		`- if (ldapi_socket) {`
		`- /* ldapi in mozldap client is not yet supported */`
		`- } else if (secure == SLAPI_LDAP_INIT_FLAG_SSL) {`
		`- ld = ldapssl_init(hostname, port, secure);`
		`- } else { /* regular ldap and/or starttls */`
		`- /*`
		`- * Leverage the libprldap layer to take care of all the NSPR`
		`- * integration.`
		`- * Note that ldapssl_init() uses libprldap implicitly.`
		`- */`
		`- ld = prldap_init(hostname, port, shared);`
		`- }`
		`- #endif /* !USE_OPENLDAP */`

		`/* must explicitly set version to 3 */`
		`ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldap_version3);`
		`@@ -845,7 +756,6 @@`
		`int io_timeout_ms = config_get_outbound_ldap_io_timeout();`

		`if (io_timeout_ms > 0) {`
		`- #if defined(USE_OPENLDAP)`
		`struct timeval tv;`

		`tv.tv_sec = io_timeout_ms / 1000;`
		`@@ -857,62 +767,16 @@`
		`ld = NULL;`
		`goto done;`
		`}`
		`- #else /* !USE_OPENLDAP */`
		`- if (prldap_set_session_option(ld, NULL, PRLDAP_OPT_IO_MAX_TIMEOUT, io_timeout_ms) != LDAP_SUCCESS) {`
		`- slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext",`
		`- "failed: unable to set outbound I/O timeout to %dms\n", io_timeout_ms);`
		`- slapi_ldap_unbind(ld);`
		`- ld = NULL;`
		`- goto done;`
		`- }`
		`- #endif /* !USE_OPENLDAP */`
		`}`

		`/*`
		`* Set SSL strength (server certificate validity checking).`
		`*/`
		`if (secure > 0) {`
		`- #if defined(USE_OPENLDAP)`
		`if (setup_ol_tls_conn(ld, 0)) {`
		`slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext",`
		`"failed: unable to set SSL/TLS options\n");`
		`}`
		`- #else`
		`- int ssl_strength = 0;`
		`- LDAP *myld = NULL;`
		`-`
		`- /*`
		`- * We can only use the set functions below with a real`
		`- * LDAP* if it has already gone through ldapssl_init -`
		`- * so, use NULL if using starttls`
		`- */`
		`- if (secure == SLAPI_LDAP_INIT_FLAG_SSL) {`
		`- myld = ld;`
		`- }`
		`-`
		`- if (config_get_ssl_check_hostname()) {`
		`- /* check hostname against name in certificate */`
		`- ssl_strength = LDAPSSL_AUTH_CNCHECK;`
		`- } else {`
		`- /* verify certificate only */`
		`- ssl_strength = LDAPSSL_AUTH_CERT;`
		`- }`
		`-`
		`- if ((rc = ldapssl_set_strength(myld, ssl_strength)) \|\|`
		`- (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL2, PR_FALSE)) \|\|`
		`- (rc = ldapssl_set_option(myld, SSL_ENABLE_SSL3, PR_TRUE)) \|\|`
		`- (rc = ldapssl_set_option(myld, SSL_ENABLE_TLS, PR_TRUE))) {`
		`- int prerr = PR_GetError();`
		`-`
		`- slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_init_ext",`
		`- "failed: unable to set SSL options (" SLAPI_COMPONENT_NAME_NSPR " error %d - %s)\n",`
		`- prerr, slapd_pr_strerror(prerr));`
		`- }`
		`- if (secure == SLAPI_LDAP_INIT_FLAG_SSL) {`
		`- /* tell bind code we are using SSL */`
		`- ldap_set_option(ld, LDAP_OPT_SSL, LDAP_OPT_ON);`
		`- }`
		`- #endif /* !USE_OPENLDAP */`
		`}`
		`}`

		`@@ -1055,7 +919,6 @@`
		`slapi_control_present(clientctrls, START_TLS_OID, NULL, NULL)) {`
		`secure = SLAPI_LDAP_INIT_FLAG_startTLS;`
		`} else {`
		`- #if defined(USE_OPENLDAP)`
		`/* openldap doesn't have a SSL/TLS yes/no flag - so grab the`
		`ldapurl, parse it, and see if it is a secure one */`
		`char *ldapurl = NULL;`
		`@@ -1065,27 +928,16 @@`
		`secure = SLAPI_LDAP_INIT_FLAG_SSL;`
		`}`
		`slapi_ch_free_string(&ldapurl);`
		`- #else /* !USE_OPENLDAP */`
		`- ldap_get_option(ld, LDAP_OPT_SSL, &secure);`
		`- #endif`
		`}`
		`ldap_controls_free(clientctrls);`
		`ldap_set_option(ld, LDAP_OPT_CLIENT_CONTROLS, NULL);`

		`if ((secure > 0) && mech && !strcmp(mech, LDAP_SASL_EXTERNAL)) {`
		`- #if defined(USE_OPENLDAP)`
		`/*`
		`* we already set up a tls context in slapi_ldap_init_ext() - this will`
		`* free those old settings and context and create a new one`
		`*/`
		`rc = setup_ol_tls_conn(ld, 1);`
		`- #else`
		`- /*`
		`- * SSL connections will use the server's security context`
		`- * and cert for client auth`
		`- */`
		`- rc = slapd_SSL_client_auth(ld);`
		`- #endif`
		`if (rc != 0) {`
		`slapi_log_err(SLAPI_LOG_ERR, "slapi_ldap_bind",`
		`"Error: could not configure the server for cert "`
		`@@ -1300,12 +1152,6 @@`
		`* a SASL mech - set the sasl ssf to 0 if using TLS/SSL.`
		`* openldap supports tls + sasl security`
		`*/`
		`- #if !defined(USE_OPENLDAP)`
		`- if (secure) {`
		`- sasl_ssf_t max_ssf = 0;`
		`- ldap_set_option(ld, LDAP_OPT_X_SASL_SSF_MAX, &max_ssf);`
		`- }`
		`- #endif`
		`/*`
		`* we are using static variables and sharing an in-memory credentials cache`
		`* so we put a lock around all kerberos interactions`
		`@@ -1646,16 +1492,9 @@`
		`/* call the bind function */`
		`/* openldap does not have the ext version - not sure how to get the`
		`returned controls */`
		`- #if defined(USE_OPENLDAP)`
		`rc = ldap_sasl_interactive_bind_s(ld, bindid, mech, serverctrls,`
		`NULL, LDAP_SASL_QUIET,`
		`ldap_sasl_interact_cb, defaults);`
		`- #else`
		`- rc = ldap_sasl_interactive_bind_ext_s(ld, bindid, mech, serverctrls,`
		`- NULL, LDAP_SASL_QUIET,`
		`- ldap_sasl_interact_cb, defaults,`
		`- returnedctrls);`
		`- #endif`
		`ldap_sasl_free_interact_vals(defaults);`
		`if (LDAP_SUCCESS != rc) {`
		`char *errmsg = NULL;`
		`@@ -2495,7 +2334,6 @@`
		`slapi_client_uses_non_nss(LDAP *ld)`
		`{`
		`static int not_nss = 0;`
		`- #if defined(USE_OPENLDAP)`
		`static int initialized = 0;`
		`char *package_name = NULL;`
		`int rc;`
		`@@ -2509,7 +2347,6 @@`
		`slapi_ch_free_string(&package_name);`
		`}`
		`initialized = 1;`
		`- #endif`
		`return not_nss;`
		`}`

		`@@ -2517,7 +2354,6 @@`
		`slapi_client_uses_openssl(LDAP *ld)`
		`{`
		`static int is_openssl = 0;`
		`- #if defined(USE_OPENLDAP)`
		`static int initialized = 0;`
		`char *package_name = NULL;`
		`int rc;`
		`@@ -2531,6 +2367,5 @@`
		`slapi_ch_free_string(&package_name);`
		`}`
		`initialized = 1;`
		`- #endif`
		`return is_openssl;`
		`}`

ldap/servers/slapd/libglobs.c

file modified

-50

		`@@ -8220,57 +8220,7 @@`
		`char *`
		`slapi_err2string(int result)`
		`{`
		`- /*`
		`- * If we are using openldap, then we can safely use ldap_err2string with`
		`- * positive and negative result codes. MozLDAP's ldap_err2string can`
		`- * only handle positive result codes.`
		`- */`
		`- #if defined(USE_OPENLDAP)`
		`return ldap_err2string(result);`
		`- #else`
		`- if (result >= 0) {`
		`- return ldap_err2string(result);`
		`- }`
		`- switch (result) {`
		`- case -1:`
		`- return ("Can't contact LDAP server");`
		`- case -2:`
		`- return ("Local error");`
		`- case -3:`
		`- return ("Encoding error");`
		`- case -4:`
		`- return ("Decoding error");`
		`- case -5:`
		`- return ("Timed out");`
		`- case -6:`
		`- return ("Unknown authentication method");`
		`- case -7:`
		`- return ("Bad search filter");`
		`- case -8:`
		`- return ("User canceled operation");`
		`- case -9:`
		`- return ("Bad parameter to an ldap routine");`
		`- case -10:`
		`- return ("Out of memory");`
		`- case -11:`
		`- return ("Connect error");`
		`- case -12:`
		`- return ("Not Supported");`
		`- case -13:`
		`- return ("Control not found");`
		`- case -14:`
		`- return ("No results returned");`
		`- case -15:`
		`- return ("More results to return");`
		`- case -16:`
		`- return ("Client Loop");`
		`- case -17:`
		`- return ("Referral Limit Exceeded");`
		`-`
		`- default:`
		`- return ("Unknown system error");`
		`- }`
		`- #endif`
		`}`

		`/* replace commas with spaces */`

ldap/servers/slapd/modify.c

file modified

+2 -13

		`@@ -302,15 +302,11 @@`
		`goto free_and_return;`
		`}`

		`- /* check for decoding error */`
		`- /*`
		`- if using mozldap - will return LBER_END_OF_SEQORSET if loop`
		`- completed successfully, otherwise, other value`
		`- if using openldap - will return LBER_DEFAULT in either case`
		`+ /* check for decoding error */`
		`+ /* will return LBER_DEFAULT in either case`
		`if there was at least one element read, len will be -1`
		`if there were no elements read (empty modify) len will be 0`
		`*/`
		`- #if defined(USE_OPENLDAP)`
		`if (tag != LBER_END_OF_SEQORSET) {`
		`if ((len == 0) && (0 == smods.num_elements) && !ignored_some_mods) {`
		`/* ok - empty modify - allow empty modifies */`
		`@@ -321,13 +317,6 @@`
		`}`
		`/* else ok */`
		`}`
		`- #else`
		`- if (tag != LBER_END_OF_SEQORSET) {`
		`- op_shared_log_error_access(pb, "MOD", rawdn, "decoding error");`
		`- send_ldap_result(pb, LDAP_PROTOCOL_ERROR, NULL, "decoding error", 0, NULL);`
		`- goto free_and_return;`
		`- }`
		`- #endif`

		`/* decode the optional controls - put them in the pblock */`
		`if ((err = get_ldapmessage_controls(pb, ber, NULL)) != 0) {`

ldap/servers/slapd/mozldap.h

file removed

-46

		`@@ -1,46 +0,0 @@`
		`- /*`
		`- * mozldap does not have all the openldap "ber" functions, like ber_skip_element.`
		`- * So we need to directly parse the ber element, and see inside the ber struct.`
		`- * From lber-int.h`
		`- */`
		`- typedef struct seqorset`
		`- {`
		`- ber_len_t sos_clen;`
		`- ber_tag_t sos_tag;`
		`- char *sos_first;`
		`- char *sos_ptr;`
		`- struct seqorset *sos_next;`
		`- } Seqorset;`
		`-`
		`- #define SOS_STACK_SIZE 8 /* depth of the pre-allocated sos structure stack */`
		`- #define MAX_TAG_SIZE (1 + sizeof(ber_int_t)) /* One byte for the length of the tag */`
		`- #define MAX_LEN_SIZE (1 + sizeof(ber_int_t)) /* One byte for the length of the length */`
		`- #define MAX_VALUE_PREFIX_SIZE (2 + sizeof(ber_int_t)) /* 1 byte for the tag and 1 for the len (msgid) */`
		`- #define BER_ARRAY_QUANTITY 7 /* 0:Tag 1:Length 2:Value-prefix 3:Value 4:Value-suffix */`
		`-`
		`- struct berelement`
		`- {`
		`- ldap_x_iovec ber_struct[BER_ARRAY_QUANTITY]; /* See above */`
		`- char ber_tag_contents[MAX_TAG_SIZE];`
		`- char ber_len_contents[MAX_LEN_SIZE];`
		`- char ber_pre_contents[MAX_VALUE_PREFIX_SIZE];`
		`- char ber_suf_contents[MAX_LEN_SIZE + 1];`
		`- char ber_buf; / update the value value when writing in case realloc is called */`
		`- char *ber_ptr;`
		`- char *ber_end;`
		`- struct seqorset *ber_sos;`
		`- ber_len_t ber_tag_len_read;`
		`- ber_tag_t ber_tag; /* Remove me someday */`
		`- ber_len_t ber_len; /* Remove me someday */`
		`- int ber_usertag;`
		`- char ber_options;`
		`- char *ber_rwptr;`
		`- BERTranslateProc ber_encode_translate_proc;`
		`- BERTranslateProc ber_decode_translate_proc;`
		`- int ber_flags;`
		`- #define LBER_FLAG_NO_FREE_BUFFER 1 /* don't free ber_buf */`
		`- unsigned int ber_buf_reallocs; /* realloc counter */`
		`- int ber_sos_stack_posn;`
		`- Seqorset ber_sos_stack[SOS_STACK_SIZE];`
		`- };`
		`- typedef struct berelement MozElement;`

ldap/servers/slapd/operation.c

file modified

-9

		`@@ -107,7 +107,6 @@`
		`return operation_type;`
		`}`

		`- #if defined(USE_OPENLDAP)`
		`/* openldap doesn't have anything like this, nor does it have`
		`a way to portably and without cheating discover the`
		`sizeof BerElement - see lber_pvt.h for the trick used`
		`@@ -142,7 +141,6 @@`
		`ber_free(ber, 1);`
		`slapi_ch_free(&buf);`
		`}`
		`- #endif`

		`void`
		`operation_init(Slapi_Operation *o, int flags)`
		`@@ -225,7 +223,6 @@`
		`(*op)->o_results.result_controls = NULL;`
		`}`
		`slapi_ch_free_string(&(*op)->o_results.result_matched);`
		`- #if defined(USE_OPENLDAP)`
		`int options = 0;`
		`/* save the old options */`
		`if ((*op)->o_ber) {`
		`@@ -235,12 +232,6 @@`
		`/* clear out the ber for the next operation */`
		`ber_init2((*op)->o_ber, NULL, options);`
		`}`
		`- #else`
		`- if ((*op)->o_ber) {`
		`- ber_special_free(op, (op)->o_ber); /* have to free everything here */`
		`- *op = NULL;`
		`- }`
		`- #endif`
		`}`
		`}`

ldap/servers/slapd/proto-slap.h

file modified

-2

		`@@ -1450,9 +1450,7 @@`
		`int connection_release_nolock_ext(Connection *conn, int release_only);`
		`int connection_is_free(Connection *conn, int user_lock);`
		`int connection_is_active_nolock(Connection *conn);`
		`- #if defined(USE_OPENLDAP)`
		`ber_slen_t openldap_read_function(Sockbuf_IO_Desc sbiod, void buf, ber_len_t len);`
		`- #endif`

		`/*`
		`* saslbind.c`

ldap/servers/slapd/sasl_io.c

file modified

-30

		`@@ -16,13 +16,6 @@`
		`#include "fe.h"`
		`#include <sasl/sasl.h>`
		`#include <arpa/inet.h>`
		`- #ifndef USE_OPENLDAP`
		`- #include "mozldap.h"`
		`- #if LDAP_VENDOR_VERSION > 604`
		`- /* garbage to cause build to fail */`
		`- MOZLDAP is newer than expected, if the ber structure has not changed(see ldap / server / slapd / mozldap.h), please bump the version number(604->new version)`
		`- #endif`
		`- #endif`

		`/*`
		`* I/O Shim Layer for SASL Encryption`
		`@@ -243,12 +236,8 @@`
		`*/`
		`if (!sp->send_encrypted && *sp->encrypted_buffer == LDAP_TAG_MESSAGE) {`
		`struct berval bv;`
		`- #ifdef USE_OPENLDAP`
		`BerElement *ber = NULL;`
		`struct berval tmp_bv;`
		`- #else`
		`- MozElement *ber = NULL;`
		`- #endif`
		`ber_len_t maxbersize = config_get_maxbersize();`
		`ber_len_t ber_len = 0;`
		`ber_tag_t tag = 0;`
		`@@ -331,11 +320,7 @@`
		`bv.bv_val = sp->encrypted_buffer;`
		`bv.bv_len = sp->encrypted_buffer_offset;`

		`- #ifdef USE_OPENLDAP`
		`if ((ber = ber_init(&bv)) == NULL) {`
		`- #else`
		`- if ((ber = (MozElement *)ber_init(&bv)) == NULL) {`
		`- #endif`
		`goto done;`
		`}`

		`@@ -343,27 +328,16 @@`
		`* Start parsing the berElement. First skip this tag, and move on to the`
		`* tag msgid`
		`*/`
		`- #ifdef USE_OPENLDAP`
		`ber_skip_tag(ber, &ber_len);`
		`if (ber_peek_tag(ber, &ber_len) == LDAP_TAG_MSGID) {`
		`- #else`
		`- ber_skip_tag((BerElement *)ber, &ber_len);`
		`- if (ber_peek_tag((BerElement *)ber, &ber_len) == LDAP_TAG_MSGID) {`
		`- #endif`
		`/*`
		`* Skip the entire msgid element, so we can get to the LDAP op tag`
		`*/`
		`- #ifdef USE_OPENLDAP`
		`if (ber_skip_element(ber, &tmp_bv) == LDAP_TAG_MSGID) {`
		`/*`
		`* We only allow unbind operations to be processed for unencrypted operations`
		`*/`
		`if ((tag = ber_peek_tag(ber, &ber_len)) == LDAP_REQ_UNBIND) {`
		`- #else`
		`- {`
		`- tag = *ber->ber_ptr++;`
		`- if (*ber->ber_ptr == LDAP_REQ_UNBIND) {`
		`- #endif`
		`slapi_log_err(SLAPI_LOG_CONNS, "sasl_io_start_packet", "conn=%" PRIu64 " fd=%d "`
		`"Received unencrypted UNBIND operation.\n",`
		`c->c_connid,`
		`@@ -375,11 +349,7 @@`
		`}`
		`slapi_log_err(SLAPI_LOG_CONNS, "sasl_io_start_packet", "conn=%" PRIu64 " fd=%d "`
		`"Error: received an LDAP message (tag 0x%lx) that was not encrypted.\n",`
		`- #ifdef USE_OPENLDAP`
		`c->c_connid, c->c_sd, (long unsigned int)tag);`
		`- #else`
		`- c->c_connid, c->c_sd, (long unsigned int)*ber->ber_ptr);`
		`- #endif`
		`}`
		`}`

ldap/servers/slapd/schema.c

file modified

+114 -1392

		`@@ -22,9 +22,7 @@`
		`#include <plhash.h>`
		`#include "slap.h"`

		`- #if defined(USE_OPENLDAP)`
		`#include <ldap_schema.h> /* openldap schema parser */`
		`- #endif`

		`static struct slapdplugin schema_plugin = {0};`

		`@@ -184,30 +182,9 @@`
		`static int parse_at_str(const char input, struct asyntaxinfo asipp, char errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, int is_remote);`
		`static int extension_is_user_defined(schemaext *extensions);`
		`static size_t strcat_qdlist(char buf, char prefix, char **qdlist);`
		`- #if defined(USE_OPENLDAP)`
		`- /*`
		`- * openldap`
		`- */`
		`static int parse_attr_str(const char input, struct asyntaxinfo asipp, char errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, int is_remote);`
		`static int parse_objclass_str(const char input, struct objclass oc, char errorbuf, size_t errorbufsize, PRUint32 schema_flags, int is_user_defined, int schema_ds4x_compat, struct objclass *private_schema);`

		`- #else`
		`- /*`
		`- * mozldap`
		`- */`
		`- static char *parse_qdescrs(const char s, int *n);`
		`- static char *parse_qdstrings(const char s, int *n);`
		`- static char *parse_qdlist(const char s, int *n, int strip_options);`
		`- static void free_qdlist(char **vals, int n);`
		`- static int read_at_ldif(const char input, struct asyntaxinfo asipp, char errorbuf, size_t errorbufsize, PRUint32 flags, int is_user_defined, int schema_ds4x_compat, int is_remote);`
		`- static int read_oc_ldif(const char input, struct objclass oc, char errorbuf, size_t errorbufsize, PRUint32 flags, int is_user_defined, int schema_ds4x_compat);`
		`- static int get_flag_keyword(const char keyword, int flag_value, const char *inputp, schema_strstr_fn_t strstr_fn);`
		`- static char get_tagged_oid(const char tag, const char **inputp, schema_strstr_fn_t strstr_fn);`
		`- static char *read_dollar_values(char vals);`
		`- static schemaext parse_extensions(const char schema_value, char **default_list);`
		`- #endif`
		`-`
		`-`
		`/*`
		`* Some utility functions for dealing with a dynamic buffer`
		`*/`
		`@@ -254,11 +231,7 @@`
		`if (asipp) {`
		`*asipp = NULL;`
		`}`
		`- #ifdef USE_OPENLDAP`
		`return parse_attr_str(input, asipp, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat, is_remote);`
		`- #else`
		`- return read_at_ldif(input, asipp, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat, is_remote);`
		`- #endif`
		`}`

		`static int`
		`@@ -267,11 +240,7 @@`
		`if (oc) {`
		`*oc = NULL;`
		`}`
		`- #ifdef USE_OPENLDAP`
		`return parse_objclass_str(input, oc, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat, private_schema);`
		`- #else`
		`- return read_oc_ldif(input, oc, errorbuf, errorbufsize, schema_flags, is_user_defined, schema_ds4x_compat);`
		`- #endif`
		`}`


		`@@ -527,170 +496,6 @@`
		`return SLAPI_DSE_CALLBACK_ERROR;`
		`}`

		`- #if !defined(USE_OPENLDAP)`
		`- static const char *`
		`- skipWS(const char *s)`
		`- {`
		`- while (s && isascii(s) && isspace(s)) {`
		`- ++s;`
		`- }`
		`-`
		`- if ((isascii(*s)) == 0) {`
		`- return NULL;`
		`- }`
		`- return s;`
		`- }`
		`-`
		`- /*`
		`- * like strchr() but strings within single quotes are skipped.`
		`- */`
		`- static char *`
		`- strchr_skip_quoted_strings(char *s, int c)`
		`- {`
		`- int in_quote = 0;`
		`-`
		`- while (*s != '\0') {`
		`- if (*s == '\'') {`
		`- in_quote = 1 - in_quote; /* toggle */`
		`- } else if (!in_quote && *s == c) {`
		`- return s;`
		`- }`
		`- ++s;`
		`- }`
		`-`
		`- return (NULL);`
		`- }`
		`- /**`
		`- * parses a string containing a qdescrs or qdstrings (as described by`
		`- * RFC 2252, section 4.1) into an array of strings; the second parameter`
		`- * will hold the actual number of strings in the array. The returned array`
		`- * is NULL terminated.`
		`- *`
		`- * This function can handle qdescrs or qdstrings because the only`
		`- * difference between the two is that fewer characters are allowed in`
		`- * a qdescr (our parsing code does not check anyway) and we want to`
		`- * strip attribute options when parsing qdescrs (indicated by a non-zero`
		`- * strip_options parameter).`
		`- */`
		`- static char **`
		`- parse_qdlist(const char s, int n, int strip_options)`
		`- {`
		`- char **retval = 0;`
		`- char *work = 0;`
		`- char start = 0, end = 0;`
		`- int num = 0;`
		`- int in_quote = 0;`
		`-`
		`- if (n)`
		`- *n = 0;`
		`-`
		`- if (!s \|\| !*s \|\| !n) {`
		`- return retval;`
		`- }`
		`-`
		`- /* make a working copy of the given string */`
		`- work = slapi_ch_strdup(s);`
		`-`
		`- /* count the number of qdescr items in the string e.g. just count`
		`- the number of spaces */`
		`- /* for a single qdescr, the terminal character will be the final`
		`- single quote; for a qdesclist, the terminal will be the close`
		`- parenthesis */`
		`- end = strrchr(work, '\'');`
		`- if ((start = strchr_skip_quoted_strings(work, '(')) != NULL)`
		`- end = strchr_skip_quoted_strings(work, ')');`
		`- else`
		`- start = strchr(work, '\'');`
		`-`
		`- if (!end) /* already nulled out */`
		`- end = work + strlen(work);`
		`-`
		`- if (start) {`
		`- num = 1;`
		`- /* first pass: count number of items and zero out non useful tokens */`
		`- for (; *start && (start != end); ++start) {`
		`- if (*start == '\'') {`
		`- in_quote = 1 - in_quote; /* toggle */`
		`- *start = 0;`
		`- } else if (!in_quote && ((start == ' ') \|\| (start == '(') \|\|`
		`- (*start == ')'))) {`
		`- if (*start == ' ') {`
		`- num++;`
		`- }`
		`- *start = 0;`
		`- }`
		`- }`
		`- *start = 0;`
		`-`
		`- /* allocate retval; num will be >= actual number of items */`
		`- retval = (char *)slapi_ch_calloc(num + 1, sizeof(char ));`
		`-`
		`- /* second pass: copy strings into the return value and set the`
		`- actual number of items returned */`
		`- start = work;`
		`- while (start != end) {`
		`- /* skip over nulls */`
		`- while (!*start && (start != end))`

389-ds-base

Source Code

#50334 Issue 49730 - MozLDAP bindings have been unsupported for a while Closed 2 years ago by spichugi. Opened 3 years ago by mhonek. mhonek/389-ds-base remove-use_openldap into master

#50334 Issue 49730 - MozLDAP bindings have been unsupported for a while

Closed 2 years ago by spichugi. Opened 3 years ago by mhonek.

mhonek/389-ds-base remove-use_openldap into master