Commit Graph

200 Commits

Author SHA1 Message Date
Howard Chu
88e569d857 ITS#9249 librewrite: fix malloc/free corruption
If substitution parsing fails, would attempt to free a mapping
that hadn't been allocated yet.

Also, on failure, caller in saslauthz would attempt to free a
rwinfo struct that hadn't been allocated.
2020-08-23 19:32:51 +00:00
Quanah Gibson-Mount
bc9a92866a ITS#6740 - Always enable rewrite 2020-04-22 14:49:10 +00:00
Ryan Tandy
1d562a7a52 ITS#6035 olcAuthIDRewrite insert/delete support 2020-04-02 09:10:51 -07:00
Ryan Tandy
c4db906107 ITS#6035 olcAuthzRegexp insert/delete support 2020-04-02 09:10:51 -07:00
Ryan Tandy
822ed8c11d ITS#6035 saslauthz cleanups (no functional change)
- give authid-rewrite's argument a name
- tidy saslauthz.c whitespace (mixed spaces/tabs)
- always declare slap_sasl_regexp_destroy: fixes an implicit declaration
  warning when configured without librewrite
- delete dead code: ENABLE_REWRITE implies SLAP_AUTH_REWRITE, so this
  code is never compiled
- make slap_sasl_regexp_rewrite_config static
- omit sasl_regexp unused fields when built with librewrite
2020-04-02 09:10:51 -07:00
Quanah Gibson-Mount
f6ad222e41 Happy New Year! 2020-01-09 16:50:21 +00:00
Howard Chu
fbe5611e60 ITS#9038 restrict rootDN proxyauthz to its own DBs.
Treat as normal user for any other DB.
2019-06-19 12:40:19 +01:00
Ondřej Kuzník
97a310b312 ITS#8731 Apply doc/devel/variadic_debug/04-variadic.cocci 2019-02-15 16:51:53 +00:00
Quanah Gibson-Mount
b45a6a7dc7 Happy New Year! 2019-01-14 18:46:16 +00:00
Howard Chu
6c221e7730 ITS#8909 additional tweak
Set error code on failure
2018-08-29 02:02:13 +01:00
Howard Chu
36e4dd2828 ITS#8909 fix "authz-policy all" condition
Broken since original commit 113727ba
2018-08-29 01:14:19 +01:00
Quanah Gibson-Mount
59e9ff6243 Happy New Year 2018-03-22 15:35:24 +00:00
Quanah Gibson-Mount
1df85d3427 Happy New Year! 2017-01-03 12:36:47 -08:00
Quanah Gibson-Mount
6c4d6c880b Happy New Year! 2016-01-29 13:32:05 -06:00
Howard Chu
a96fc51ebb ITS#8218 zero filter after freeing
This appears to be cruft leftover from rev e8c58b4e7f
2015-08-19 15:35:45 +01:00
Quanah Gibson-Mount
1705fa7e55 Happy New Year 2015-02-11 15:36:57 -06:00
Kurt Zeilenga
5c878c1bf2 Happy new year (belated) 2014-01-25 05:21:25 -08:00
Kurt Zeilenga
0fd1bf30b8 Happy New Year 2013-01-02 10:22:57 -08:00
Kurt Zeilenga
2bbf9804b9 Happy New Year! 2012-01-01 07:10:53 -08:00
Pierangelo Masarati
fb2092328c do not set c_authz_backend unless needed (ITS#6824, thanks to Howard) 2011-02-03 20:04:56 +00:00
Kurt Zeilenga
966cef8c9a Happy New Year 2011-01-05 00:42:37 +00:00
Kurt Zeilenga
3dadeb3efe happy belated New Year 2010-04-13 22:17:29 +00:00
Kurt Zeilenga
4af9eb9715 Update copyright notices 2009-01-22 00:40:04 +00:00
Hallvard Furuseth
7b3bdf2185 Warning cleanup: signed meets unsigned. ber_flatten2() returns -1 on
error, not LBER_ERROR.
2008-10-13 10:18:15 +00:00
Pierangelo Masarati
6845c2510d don't free and reuse filter structure; don't rewrite undefined filter values (ITS#5731,ITS#5732) 2008-10-09 22:34:43 +00:00
Kurt Zeilenga
c890c96d13 Happy New Year (belated) 2008-01-08 00:19:56 +00:00
Howard Chu
d88ab7bf36 ITS#5264 don't log NULL/anonymous DNs 2007-12-22 21:16:54 +00:00
Pierangelo Masarati
56d9a93ad4 authzMatch IS octetStringMatch 2007-09-01 15:44:24 +00:00
Howard Chu
88cbe052e0 Fallout from ITS#4986 - remove unused param of select_backend() 2007-07-13 03:18:20 +00:00
Kurt Zeilenga
da6d9eb046 happy new year 2007-01-02 20:00:42 +00:00
Pierangelo Masarati
0981516abf fix ITS#4760 differently 2006-11-24 13:02:26 +00:00
Pierangelo Masarati
14ac05436a fix defaults in "group" in parsing (ITS#4761) 2006-11-24 11:29:05 +00:00
Howard Chu
7a92d4af1f Short-circuit the mapping search if more than 1 entry is found 2006-11-12 00:54:37 +00:00
Howard Chu
4df4d4f46c Tweak prev commit, use LDAP_UNAVAILABLE to force early termination 2006-11-11 23:38:01 +00:00
Howard Chu
161574b00d ITS#4744 authzTo/authzFrom patterns are supposed to allow multiple targets.
Partially revert rev 1.126.
2006-11-11 22:55:09 +00:00
Pierangelo Masarati
35f8b9c9f5 release authz resources at shutdown 2006-09-04 07:20:59 +00:00
Pierangelo Masarati
004b69d070 callbacks must return valid error codes (ITS#4499) 2006-04-25 19:07:34 +00:00
Kurt Zeilenga
eb9a3c1876 unifdef -DSLAP_ACL_HONOR_DISCLOSE
unifdef -DSLAP_ACL_HONOR_MANAGE
unifdef -DSLAP_OVERLAY_ACCESS
unifdef -DSLAP_ORDERED_PRETTYNORM
unifdef -DSLAP_AUTHZ_SYNTAX
Move LDAP_COLLECTIVE_ATTRIBUTES, LDAP_COMP_MATCH, and LDAP_SYNC_TIMESTAMP
back behind LDAP_DEVEL (as these either too experimental or not yet
implemented).
2006-04-12 05:53:26 +00:00
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Kurt Zeilenga
d1bc820b2f fix ITS#4283/4 segfaults 2005-12-23 02:20:11 +00:00
Kurt Zeilenga
48cb85865d Remove some unnecessary #ifdefs 2005-11-26 07:38:18 +00:00
Pierangelo Masarati
474dfbc8fd don't trust strchr/strrchr with bervals 2005-11-13 22:26:53 +00:00
Howard Chu
7dcb68f6fa Move CSN invocations to backends 2005-10-13 11:58:44 +00:00
Howard Chu
61d96fa17c Add dummy reference to librewrite to force it to link 2005-09-17 00:55:50 +00:00
Hallvard Furuseth
a222469d0d assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL). 2005-08-13 21:10:41 +00:00
Pierangelo Masarati
d10250d9f6 add authzSyntax for authzTo/authzFrom attributes; add X-ORDERED 'VALUES' if support for ordered_value_{validate,pretty,normalize} is present; exploit normalization in slap_parseURI (only #ifdef LDAP_DEVEL) 2005-08-11 23:52:17 +00:00
Pierangelo Masarati
8b54d3b7e1 fix potential leak (if URL form is broken); cleanup 2005-08-06 20:56:02 +00:00
Pierangelo Masarati
682a1981a1 use macros instead of literals 2005-08-06 11:29:08 +00:00
Hallvard Furuseth
81ecb0b153 assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL). 2005-07-18 06:22:33 +00:00
Hallvard Furuseth
d6cc947561 Silence "unused <something>" warnings 2005-07-14 19:52:08 +00:00