mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
13,120 Commits 38 Branches 307 Tags 74 MiB
075220dd7e
Commit Graph

7339 Commits

Author SHA1 Message Date
Pierangelo Masarati
075220dd7e need some minimal timeout otherwise strange issues occur 2005-08-22 18:14:41 +00:00
Pierangelo Masarati
0717a598b6 fix ACIs; few issues remain (e.g. disclose) 2005-08-22 17:59:47 +00:00
Pierangelo Masarati
849ecbcf1f allow options in dynacl configuration 2005-08-22 16:28:50 +00:00
Pierangelo Masarati
4bc8197dcb further ACI factoring out & confinement 2005-08-22 16:03:35 +00:00
Pierangelo Masarati
d4ec31f677 fix cleanup on error 2005-08-22 16:01:16 +00:00
Pierangelo Masarati
65f07479ac fix previous commit 2005-08-22 10:46:57 +00:00
Pierangelo Masarati
de90dbbc52 mutex-protect "undefined" attribute descriptions/objectClasses addition (ITS#3958) 2005-08-22 09:46:17 +00:00
Pierangelo Masarati
a3554aad3a log the right string 2005-08-22 09:42:51 +00:00
Pierangelo Masarati
ec1042b19e allow a minimal timeout in compares 2005-08-22 09:42:26 +00:00
Pierangelo Masarati
150bcfcbcb moved to contrib/slapd-overlays/allop 2005-08-22 09:12:21 +00:00
Hallvard Furuseth
94747c50db SLAP_OP_* enums are always used. Delete #ifdef SLAPD_MONITOR around definition. 2005-08-21 00:00:09 +00:00
Pierangelo Masarati
5b7f996566 cleanup 2005-08-20 19:50:59 +00:00
Pierangelo Masarati
919781ea45 fix referral logging @STATS2 2005-08-20 19:20:53 +00:00
Pierangelo Masarati
c8ef609ea1 fix (and partially revert) last commit 2005-08-20 19:05:10 +00:00
Pierangelo Masarati
00b5d8c1bc allow objectClass checking including sups 2005-08-20 19:01:53 +00:00
Pierangelo Masarati
15d1b4d5dd cleanup locking 2005-08-20 19:00:56 +00:00
Pierangelo Masarati
6bae592866 cleanup objectclass inheritance; don't proceed if initial lookup resulted in a hit with "success" errcode and the base is search; either the filter doesn't match, or the same action is taken twice 2005-08-20 18:00:40 +00:00
Pierangelo Masarati
f227a96053 more for the allop overlay 2005-08-20 11:53:31 +00:00
Pierangelo Masarati
95f65ff352 all-operational overlay: allows to configure part of te DIT so that requests 
with requested attribute lists empty or containing "*" are expanded
to contain "+" as well, so that all operational attributes are returned.
This may be required to work around dumb clients that interrogate
the rootDSE requesting "*" and expecting operational attributes to be
returned as well.  To make it a bit more generic, it can be configured
to do the same for an arbitrary search described by an URI.  For example,

overlay		allop
allop-URI	ldap:///??sub

before any database instantiation causes all searches to return "*","+"
when ors_attrs is NULL or countains "*".
 2005-08-20 11:48:13 +00:00
Pierangelo Masarati
fdfcf0406e need an AUXILIARY objectClass to play with some special error codes (need to update man page as well)... 2005-08-20 11:31:51 +00:00
Pierangelo Masarati
e5d302e84f normalize/pretty attributes when possible 2005-08-20 11:31:07 +00:00
Kurt Zeilenga
6f99b15ee0 Clarify second all user attrs comment 2005-08-20 07:00:16 +00:00
Kurt Zeilenga
5beeb04346 Clarify attribute comment 2005-08-20 06:58:22 +00:00
Pierangelo Masarati
725423ef4f couldn't slapcat with ACIs in slapd.conf :) 2005-08-19 00:30:10 +00:00
Pierangelo Masarati
3356017b93 complete ACI syntax exploitation 2005-08-19 00:25:18 +00:00
Pierangelo Masarati
9c02a32b7c more about matchedDN in back-meta (ITS#3944) 2005-08-18 14:55:28 +00:00
Pierangelo Masarati
ef38cc9501 cleanup 2005-08-18 12:50:48 +00:00
Pierangelo Masarati
66c173deb9 a bit redundant, but works around ITS#3951 2005-08-18 12:14:07 +00:00
Pierangelo Masarati
11211d0dae strip entryDN from search entries; frontend will reattach it :( 2005-08-18 11:26:29 +00:00
Pierangelo Masarati
e066ec210e merge sml_managing into sml_flags (SLAP_MOD_MANAGING) 2005-08-18 08:48:10 +00:00
Pierangelo Masarati
9487629061 zero out sml_managing any time a Modifications is built (use calloc?) 2005-08-18 08:12:26 +00:00
Howard Chu
315c4a3b72 ITS#3946 reset lockout status at beginning of all Binds 2005-08-18 07:05:56 +00:00
Luke Howard
2ff5c27f63 Check for NULL in be_match() 
Use be_match() in backend.c operational processing
 2005-08-18 04:34:04 +00:00
Luke Howard
53a15b6820 Use be_match() instead of testing pointer equivalence 2005-08-18 04:12:54 +00:00
Luke Howard
6cf14a777a Add be_match() macro: one cannot always compare BackendDB pointer 
values in order to test equivalence, because the overlay engine
may have reset the backend pointer to a temporary copy on the stack.

So, we test pointer equivalence of the BackendDB itself, then of
be_nsuffix -- this macro can be updated if necessary.
 2005-08-18 04:12:04 +00:00
Pierangelo Masarati
ef7421b87d more on manage access level 2005-08-18 02:25:10 +00:00
Pierangelo Masarati
add1add854 condition compile dynacl 2005-08-17 22:41:30 +00:00
Pierangelo Masarati
b2284183f9 more on manage 2005-08-17 22:06:46 +00:00
Pierangelo Masarati
965d00a1dd allow to manage entryUUID; allow to manage noUserMod attrs during add 2005-08-17 20:53:39 +00:00
Pierangelo Masarati
557f5eb2ca allow noUserMod attrs write proxying when manageDIT is set (still to work in frontend for add) 2005-08-17 19:40:02 +00:00
Pierangelo Masarati
5873048347 fix return code (prevents clean usage of back-ldap for internal searchs) 2005-08-17 19:38:36 +00:00
Pierangelo Masarati
ec49990d51 ACIs almost entirely factored out of slapd 
Added OpenLDAPaciSyntax based on ITS#3877 by Nikita Shulga
aci_mask() doesn't exploit the normalized value yet (next step)
The case #define SLAPD_ACI_ENABLED / #undef SLAP_DYNACL should
be removed
 2005-08-17 17:14:57 +00:00
Howard Chu
d247840d6b ITS#3946 use connection_destroy hook to reset lockouts instead of unbind 2005-08-17 16:42:22 +00:00
Pierangelo Masarati
69c6cd5365 fix small issues with dynacl and ACI in general 2005-08-17 14:44:41 +00:00
Pierangelo Masarati
99ea177e05 implement overlapping targets enhancement (ITS#3711) 2005-08-17 08:34:49 +00:00
Pierangelo Masarati
76f52279ef fix "matched" return and return code (ITS#3944) 2005-08-17 08:25:48 +00:00
Pierangelo Masarati
24befe380c fix resources release issue 2005-08-17 08:25:10 +00:00
Pierangelo Masarati
c4ab7b1af2 in some cases, back-meta needs to propagate pseudo-root identity even if it's not the authorizing backend 2005-08-17 08:19:37 +00:00
Pierangelo Masarati
ecd99b83dd set "matched" as appropriate (ITS#3942) 2005-08-17 08:13:24 +00:00
Pierangelo Masarati
88e89bf4e7 cleanup 2005-08-17 08:08:23 +00:00