Commit Graph

183 Commits

Author SHA1 Message Date
Kurt Zeilenga
f6829ee903 Initial commit of new ACL engine. Engine supports descrete access
privs, additive/substractive rules, and rule continuation.  Existing
rules that use 'defaultaccess none' should be 100% compatible.  Rules
that rely other defaultaccess settings will require addition of
explicit clauses granting the access.
Needs additional testing and tuning of logs
1999-10-21 17:53:56 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Hallvard Furuseth
33cc7d4cf1 Introduce and use LDAP_GCCATTR() = __attributes__() in gcc 1999-09-03 21:06:33 +00:00
Hallvard Furuseth
ac09c64f5c Fix fprintf format args 1999-08-29 00:26:44 +00:00
Hallvard Furuseth
1a16766b3c Always compile acl_dn_pat when it is set, otherwise acl.c breaks 1999-08-22 03:30:45 +00:00
Kurt Zeilenga
87675a953d ACIs from Mark Valence <kurash@sassafras.com> (ITS#261) 1999-08-20 22:42:04 +00:00
Kurt Zeilenga
2a74677799 const'fication 1999-08-20 19:00:44 +00:00
Kurt Zeilenga
9c3ed0310b Add copyright notices. 1999-08-06 23:07:46 +00:00
Kurt Zeilenga
df8f7cbb9b s/exit(1)/exit(EXIT_FAILURE)/
s/exit(0)/exit(EXIT_SUCCESS)/
add <ac/stdlib.h> where needed and other minor header adjustments
1999-08-03 18:14:24 +00:00
Kurt Zeilenga
5600097ae1 Update ACL field names and usage statement to match -devel post 1999-07-22 00:50:11 +00:00
Kurt Zeilenga
d5b1892ccc Fix acl parse bug 1999-07-21 21:08:05 +00:00
Kurt Zeilenga
933908f72f ACL CHANGES:
by <who> <access> changed to by <who>+ <access> (joined with AND)
  added peername=<regex> sockname=<regex> url=<regex>
  removed addr=<regex> (use peername instead).
replace dn_upcase with str2upper and str2lower.  Use where needed.
1999-07-21 20:54:23 +00:00
Kurt Zeilenga
170836751a Namespace changes
added slap_ and ldbm_ to many structures
  added typedefs to many structures
  used typedefs
New main.c argument parsing with ldap url support (replacing -a address).
New sockaddr_in handling and support for multiple listeners.
1999-07-19 19:40:33 +00:00
Kurt Zeilenga
73276e84ae Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS.
Includes support for update referral for each replicated backend.
	Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world.  Still testing in LDAPv3 world.
Added default referral (test009) test.
1999-07-16 02:45:46 +00:00
Kurt Zeilenga
51d1c90887 unifdef -DSLAPD_ACLGROUPS -DSLAPD_ACLAUTH 1999-07-05 06:26:26 +00:00
Kurt Zeilenga
549c89f817 Regarding previous commit:
Fix broken ACL macros.
	Fix o_dn/o_ndn == NULL vs "".
1999-07-04 19:53:00 +00:00
Kurt Zeilenga
106eef41d8 HEADS UP: connections are forced to "anonymous" status upon receiving
of a bind request and, upon failure, are left "anonymous."

Rework ACL code to hide access testing within macros to facilate additions
and eventual redesign.

Addition of #ifdef SLAPD_ACLAUTH to conditional include EXPERIMENTAL
"auth" access controls.  Adds ACL_AUTH "auth" access level (above none,
below "compare").  bind requires anonymous access at this level or above access
to "entry"/"userPassword"/"krbName".  This allows administrators to restrict
which entries can be bound to.  (This will likely become default behavior
after testing has completed).
1999-07-04 18:46:24 +00:00
Kurt Zeilenga
93fa38cd08 Apply fix to "group/group_objectclass/member_atribute" parsing
suggested by Gerrit Thomson
1999-04-10 01:34:55 +00:00
Hallvard Furuseth
815a62930c UNDO LAST COMMIT. 1999-04-02 03:45:33 +00:00
Hallvard Furuseth
45118be88e Fix wait4child change: Prefer wait3 over wait. Use SIGNAL instead of signal. 1999-04-02 03:23:20 +00:00
Kurt Zeilenga
ab64c237f7 Use calloc properly... could result in too few bytes being allocated.
calloc(1, nelem*size) -> calloc(nelem, size)
1999-03-20 01:25:11 +00:00
Hallvard Furuseth
5ef648a109 Silence warnings: Remove unused variables. Enclose some initializers in in {}. 1999-03-09 07:15:35 +00:00
Hallvard Furuseth
73db912500 Cast char' arguments to ctype.h functions to unsigned char'.
These functions require their arguments to be in the range of `unsigned char'.
1999-02-22 17:57:22 +00:00
Kurt Zeilenga
25f2f9dd70 Use charray_free to free alist charray 1998-12-29 23:23:21 +00:00
Kurt Zeilenga
08134c9e16 printf("\tby") belongs on stderr. 1998-12-04 19:29:17 +00:00
Kurt Zeilenga
e2ee741ea8 Replace strdup() with ch_strdup() such that exit() will be called
if strdup fails.  This is better than not checking, but we should
add orderly shutdown.
1998-11-27 20:21:54 +00:00
Hallvard Furuseth
7e6ad5100c Protoized, moved extern definitions to .h files, fixed related bugs.
Most function and variable definitions are now preceded by its extern
definition, for error checking.  Retyped a number of functions, usually
to return void.  Fixed a number of printf format errors.

API changes (in ldap/include):
  Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
  for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.

A number of `extern' declarations are left (some added by protoize), to
be cleaned away later.  Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
1998-11-15 22:40:11 +00:00
Hallvard Furuseth
83ec12246e Enclose debug variables in #ifdef LDAP_DEBUG 1998-11-05 05:03:12 +00:00
Kurt Zeilenga
d0a843b74d Insert #ifdef SLAPD_ACLGROUPS 1998-10-27 06:34:01 +00:00
Stuart Lynne
7c52060c67 1. extend aclgroup's to be able to specify objectClassValue and groupAttrName
2. update print_acl() a bit and call it during aclparse if LDAP_DEBUG_ACL
1998-10-27 02:07:12 +00:00
Kurt Zeilenga
2a869f5a99 merged with autoconf branch 1998-10-25 01:41:42 +00:00
Kurt Zeilenga
2ec25ef881 Merged files from branch REGEX_REMOVAL. Despite name, this merge
adds POSIX RegEx (and removes BSD re_comp/re_exec) support.
* POSIX RegEx is not currently included in the distribution, however
	we will probably add Henry Spencer's REGEX library soon.
* ACL Group functionality is also included in this merge!
1998-08-21 06:33:42 +00:00
Kurt Zeilenga
42e0d83cb3 Initial revision 1998-08-09 00:43:13 +00:00