Commit Graph

244 Commits

Author SHA1 Message Date
Kurt Zeilenga
2b82d4f486 remove lint
update bdb codes
2000-09-22 01:40:57 +00:00
Kurt Zeilenga
d78a515860 Fix build issues 2000-09-21 23:00:51 +00:00
Mark Adamson
bf1ee530ea Implementation of SASL authorization. 2000-09-21 17:32:54 +00:00
Kurt Zeilenga
d6a56aaf25 Fix typo in last commit 2000-09-12 19:35:19 +00:00
Kurt Zeilenga
bd9de9d90d Clean up defaultSearchBase code 2000-09-12 18:21:09 +00:00
Kurt Zeilenga
5852f7188b Add 'defaultSearchBase' configuration directive to help support
brain-damaged LDAPv2 clients.
2000-09-11 21:57:14 +00:00
Kurt Zeilenga
3342ea3b49 Add more bind allow/disallow flags 2000-09-11 18:24:24 +00:00
Kurt Zeilenga
2e13824d0d Add "allow tls_2_anon" to allow StartTLS to force session to anonymous.
Add "disallow tls_authc" to disallow StartTLS when session is authenticated.
Create and use connection2anonymous routine for consistency.
2000-09-08 22:59:01 +00:00
Kurt Zeilenga
d463b3cab1 Add missing "disallow bind_anon" directive (ITS#721) 2000-09-07 17:53:05 +00:00
Kurt Zeilenga
cee040a321 Bring UCdata infrastructure. 2000-09-03 23:48:35 +00:00
Randy Kunkee
58bb439d08 Raise MAXARGS to 200, since the schema syntax burns more. 2000-08-31 22:16:16 +00:00
Kurt Zeilenga
a60438c1ce Add sasl-host option and treat sasl-realm as global only
(ie: not backend specific).
2000-08-30 01:44:39 +00:00
Kurt Zeilenga
4520cd4ec2 Align with man page 2000-08-28 19:19:47 +00:00
Kurt Zeilenga
bf3df2f7a6 restrictops, requires, disallow knobs; ssf acls; and misc other changes
man pages to follow...
2000-08-28 18:38:48 +00:00
Kurt Zeilenga
5b856458a2 s/SAFEMEMCPY/AC_MEMCPY/
Use AC_FMEMCPY where appropriate (-llber)
2000-07-28 01:07:07 +00:00
Randy Kunkee
46ca9103b6 Fix MAXARGS boundary condition problem: slapd crashed if number of tokens
parsed == MAXARGS (only applicable if you have really large objectclasses).
2000-07-19 01:40:05 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session.
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Mark Valence
d4d03e36e5 Added "threads" config to slapd.conf. 2000-07-04 19:24:13 +00:00
Kurt Zeilenga
2c7f89b1b2 remove locale option. OpenLDAP is designed only for the "C" locale. 2000-06-20 16:55:23 +00:00
Kurt Zeilenga
ec426532b2 Reworked thread code to better support thread-library specific
r/w locks and thread pools.  Hide internal structures (using
pthread'ish technics).  Place common code in threads.c.  Move
no-thread code to thr_stub.c.  Move thread pool code to tpool.c.
Removed setconcurrency call from initializer, added 'concurrency'
directive to slapd.  Tested code under pthreads, pth, and no-threads.
2000-06-13 02:42:13 +00:00
Kurt Zeilenga
693fb9424a unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT 2000-06-06 19:43:18 +00:00
Kurt Zeilenga
7b14e1304a Relocate schema_init() call to main()
Add schema_prep() call to main()
Similiar changes to slapcommon.c
Add schema_prep() impl to schema_init.c
Add slap_ad_entry and slap_ad_children globals.
Add "entry" and "children" to openldap.schema (this likely should
  be added to schema via code, not configuration)
2000-05-15 20:04:36 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Kurt Zeilenga
0dbaf87730 Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT
plus these changes unhidden changes:
	remove now meaning --enable-discreteaci configure option
	fix ITS#451, slapd filters
	Add ber_bvecadd() to support above
	constify ldap_pvt_find_wildcard() and misc slapd routines
	renamed some slap.h macros
	likely broken something
2000-02-14 20:57:34 +00:00
Kurt Zeilenga
3a6e906194 Replace -DSLAPD_SCHEMA_COMPAT with -USLAPD_SCHEMA_NOT_COMPAT 2000-01-31 22:14:16 +00:00
Kurt Zeilenga
c5da0c76ce Additional changes to migrate to new schema codes
Still not usable.
2000-01-28 20:01:00 +00:00
Kurt Zeilenga
5e12c84a6f Add simple password test program.
Rework lutil_passwd routines to use struct berval instead of strings.
1999-12-09 01:11:16 +00:00
Kurt Zeilenga
d5edb4bff6 Reengineered ldappasswd(1). Uses extended operation to set
user password.  Likely to be modified to use bind control
instead.  Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Mark Valence
249313f75a Removed previous changes for extensions -- extensions now use moduleload. 1999-11-09 21:18:37 +00:00
Mark Valence
c8aa051571 Load extension library on "extension" keyword in configs (actual load routine is in extended.c). Protected by #ifdef SLAPD_EXTERNAL_EXTENSIONS. 1999-11-09 03:37:05 +00:00
Kurt Zeilenga
f6829ee903 Initial commit of new ACL engine. Engine supports descrete access
privs, additive/substractive rules, and rule continuation.  Existing
rules that use 'defaultaccess none' should be 100% compatible.  Rules
that rely other defaultaccess settings will require addition of
explicit clauses granting the access.
Needs additional testing and tuning of logs
1999-10-21 17:53:56 +00:00
Kurt Zeilenga
859dbe1398 Change the defaultaccess to 'auth'
Set defaultaccess to 'read' in distribution slapd.conf and add warnings
Set schemacheck to 'on' in distribution slapd.conf and add warnings
1999-10-15 20:34:42 +00:00
Kurt Zeilenga
7e53b5bdeb Change 'attribute' directive to 'attributetype'
(and allowing 'attribute' for backwards compatibility).
manuals and *.schema to be updated as time permits.
1999-10-13 20:28:00 +00:00
Kurt Zeilenga
7a0b0b2bbf In preparation for adding dn_rewrite()...
s/dn_normalize/dn_validate/
s/dn_normalize_case/dn_normalize/
1999-09-24 01:46:37 +00:00
Kurt Zeilenga
fc10815fc8 config should return error if backend or database initialization fail. 1999-09-13 18:47:05 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Hallvard Furuseth
1cde481298 Move `#include "ldap_defaults.h"' into slap.h, which #ifdefs on it. 1999-09-03 23:10:05 +00:00
Hallvard Furuseth
76a94de251 Fix: obey be->be_readonly. Also add & obey global_readonly. 1999-09-02 10:39:51 +00:00
Kurt Zeilenga
bc1186bfb1 Fix "database fubar" crash 1999-08-26 19:09:40 +00:00
Kurt Zeilenga
5c63fd55b5 Implement ldap_dn_normalize and friends. Should be used by clients
to validate input dn's BEFORE sending dn's to server.
Also fixed getfilter to use REG_EXTENDED|REG_NOSUB.  (and fixed one
case where REG_BASIC was still used).
s/strdup/LDAP_STRDUP/
Added ldap_pvt_str2lower/upper
1999-08-25 06:44:08 +00:00
Kurt Zeilenga
2a74677799 const'fication 1999-08-20 19:00:44 +00:00
Howard Chu
75c9a1e222 Add OIDmacros for attribute & objectclass numericOIDs. Allow parsing
attribute syntaxes using syntax description in addition to syntax OID.
Removed all whitespace from syntax descriptions.
1999-08-19 22:09:33 +00:00
Howard Chu
22ad6bd6d4 Add "modulepath" config statement for setting the search path for locating
loadable modules. Gratuitously renamed "loadmodule" to "moduleload".
"modulepath" takes a single argument, a colon-separated list of absolute
pathnames.
1999-08-17 01:30:09 +00:00
Howard Chu
0743e963ca Modified to use libtool's ltdl instead of gmodule 1999-08-07 07:58:11 +00:00
Kurt Zeilenga
9c3ed0310b Add copyright notices. 1999-08-06 23:07:46 +00:00
Kurt Zeilenga
10591cb47d Update default access usage comment. 1999-08-03 21:35:53 +00:00
Kurt Zeilenga
df8f7cbb9b s/exit(1)/exit(EXIT_FAILURE)/
s/exit(0)/exit(EXIT_SUCCESS)/
add <ac/stdlib.h> where needed and other minor header adjustments
1999-08-03 18:14:24 +00:00
Kurt Zeilenga
5456f4ed18 Default lastmod to ON. 1999-07-27 20:05:37 +00:00
Kurt Zeilenga
c12547cf3b Resurrect suffix aliasing... 1999-07-27 18:43:30 +00:00
Kurt Zeilenga
68d561a97b Add limited LDAP_INVALID_DN_SYNTAX support. dn_normalize{,_case}() now returns
NULL does not meet basic syntax rules.
1999-07-22 17:14:42 +00:00
Kurt Zeilenga
a11630f9b8 Fix maxDeref directive 1999-07-22 00:49:25 +00:00
Kurt Zeilenga
933908f72f ACL CHANGES:
by <who> <access> changed to by <who>+ <access> (joined with AND)
  added peername=<regex> sockname=<regex> url=<regex>
  removed addr=<regex> (use peername instead).
replace dn_upcase with str2upper and str2lower.  Use where needed.
1999-07-21 20:54:23 +00:00
Julio Sánchez Fernández
288a28a762 Add support for TLSVerifyClient. 1999-07-20 18:05:50 +00:00
Kurt Zeilenga
170836751a Namespace changes
added slap_ and ldbm_ to many structures
  added typedefs to many structures
  used typedefs
New main.c argument parsing with ldap url support (replacing -a address).
New sockaddr_in handling and support for multiple listeners.
1999-07-19 19:40:33 +00:00
Julio Sánchez Fernández
fd8b582aa9 We should stop using SSL to refer to TLS. This is a first step. 1999-07-16 10:28:51 +00:00
Kurt Zeilenga
73276e84ae Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS.
Includes support for update referral for each replicated backend.
	Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world.  Still testing in LDAPv3 world.
Added default referral (test009) test.
1999-07-16 02:45:46 +00:00
Julio Sánchez Fernández
fd49eacc4b Parse more TLS options in slapd.conf 1999-07-15 21:05:08 +00:00
Julio Sánchez Fernández
d92c7c1c7d A couple of options for TLS configuration. Still a conflict here,
the default context is initialized before the config file is read,
so the locations are not know at context initialization.
1999-07-15 15:04:02 +00:00
Kurt Zeilenga
549c89f817 Regarding previous commit:
Fix broken ACL macros.
	Fix o_dn/o_ndn == NULL vs "".
1999-07-04 19:53:00 +00:00
Kurt Zeilenga
106eef41d8 HEADS UP: connections are forced to "anonymous" status upon receiving
of a bind request and, upon failure, are left "anonymous."

Rework ACL code to hide access testing within macros to facilate additions
and eventual redesign.

Addition of #ifdef SLAPD_ACLAUTH to conditional include EXPERIMENTAL
"auth" access controls.  Adds ACL_AUTH "auth" access level (above none,
below "compare").  bind requires anonymous access at this level or above access
to "entry"/"userPassword"/"krbName".  This allows administrators to restrict
which entries can be bound to.  (This will likely become default behavior
after testing has completed).
1999-07-04 18:46:24 +00:00
Kurt Zeilenga
b7bbc7504d More bind changes to support SASL/DIGEST.
Added configuration support for "digest-realm <realm>" configure directive.
Added connection state and bind_in_progress fields to cn=monitor connection
attribute.
1999-07-02 19:48:07 +00:00
Bastiaan Bakker
5a470f8959 Merged dynamic module support patch (see ITS #196). To enable, run ./configure w
ith --enable-modules. GLib v1.2 or higher is required.
1999-06-24 17:06:34 +00:00
Kurt Zeilenga
7e4b3bc2e7 initial commit of idletimeout code... everything but the actual timeout. 1999-06-18 22:54:19 +00:00
Kurt Zeilenga
21e081dc5b Separate autoconf generated values from "defaults".
ldap_defaults.h incorporates non-generated ldapconfig.h values.
	ldap_config.h.in is new template for autoconf generated defaults
		(namely directories and paths)
	ldap_config.h.nt, NT template (must be manually copied)
	s/<ldapconfig.h>/<ldap_defaults.h>/
	s/DIRSEP/LDAP_DIRSEP/ & s/DEFAULT_/LDAP_/
1999-06-17 03:54:25 +00:00
Julio Sánchez Fernández
803d6d1204 Moved call of schema_init from main to read_config. 1999-06-15 12:26:07 +00:00
Julio Sánchez Fernández
ae481022f9 Oops, fp_parse_line tokenizes in place, so we need to take a copy of
input before letting fp_parse_line ruin it.
1999-05-30 00:07:40 +00:00
Julio Sánchez Fernández
7f357399cf First step in new schema support. 1999-05-28 14:27:07 +00:00
Howard Chu
31a0c4a917 For ITS#158: keep mixed-case backend suffix in addition to upcased suffix. 1999-05-25 21:40:40 +00:00
Kurt Zeilenga
01b967244d Make 'schemacheck on' the default. 1999-04-29 18:10:40 +00:00
Hallvard Furuseth
2b32e6afd7 Plug memory leaks 1999-04-04 21:34:33 +00:00
Hallvard Furuseth
815a62930c UNDO LAST COMMIT. 1999-04-02 03:45:33 +00:00
Hallvard Furuseth
45118be88e Fix wait4child change: Prefer wait3 over wait. Use SIGNAL instead of signal. 1999-04-02 03:23:20 +00:00
Hallvard Furuseth
3250aef49c function pointers are incompatible with `void *'; remove NULL or replace with 0 1999-03-03 18:49:59 +00:00
Hallvard Furuseth
1d8ae81a06 Fix previous change to strtok_quote 1999-02-23 15:48:47 +00:00
Hallvard Furuseth
6b40ed4882 Make strtok_quote treat the character following \ as a normal character. 1999-02-23 15:40:18 +00:00
Hallvard Furuseth
79f7c85067 Add locale support (slapd.conf keyword "locale") to slapd if HAVE_LOCALE_H 1999-02-22 21:01:24 +00:00
Hallvard Furuseth
73db912500 Cast char' arguments to ctype.h functions to unsigned char'.
These functions require their arguments to be in the range of `unsigned char'.
1999-02-22 17:57:22 +00:00
Hallvard Furuseth
1fda8f9382 read_config() did not return a value 1999-02-20 08:18:07 +00:00
Kurt Zeilenga
216049bd12 New Frontend->Backend Interface
Separates per backend type from per backend database initialization
	and startup.  Also supports per type / per backend shutdown.
New frontend startup/shutdown routines are also provided:
	slap_init() slap_startup() slap_shutdown() slap_destroy()
New frontend->backend startup/shutdown is managed by:
	backend_init() backend_startup() backend_shutdown backend_destroy
backend_init() now calls bi_init() to initial all function pointers
for the backend (excepting bi_init() which is now the only hardcoded
entry point).  New entry points are detailed in slap.h struct
backend_info.  backend_info is a per database type structure.
Besides the new startup/shutdown entry points, the new interface
also supports per backend type configuration options.  One could have:

	backend bdb2	(new Berkeley DB 2 backend)
	bdb2_home	/directory

	database bdb2
	...

	*** This code is fairly experimental ***
	*** Much cleanup and testing is still needed ***

see slap.h for details on struct backend_db and backend_info.
1999-02-05 09:03:47 +00:00
Kurt Zeilenga
d27b2f811e Backout recent initialization/startup changes in prep for new
frontend->backend interface.
1999-02-04 17:33:46 +00:00
Kurt Spanier
314f3f6ed7 Introduction of a backend startup/shutdown function to make backend-specific
initialization after reading slapd.conf, and before starting the daemon
1999-02-01 17:37:43 +00:00
Kurt Zeilenga
163077ec93 Don't leak slap_op when op not in list.
Don't leak abandon mutex.
Use ch_malloc and friends.
1999-01-29 05:46:12 +00:00
Will Ballantyne
07f566e712 fix suffix alias compare in config.c, logic was reversed. The suffix alias
is now ignored if it is the same as the real suffix.
1999-01-27 04:58:02 +00:00
Kurt Spanier
68a8798594 Definition of slapd pid and args files as slapd.conf general parameters;
introduction of pid/agrs parameters to the test-suite slapd.conf files;
creation of sub-directory test/var for storage of pid/args files during test;
update of the slapd and slapd.conf man pages.
(The change reduces dependency on ldapconfig.h, since SLAPD_PIDEXT
 and SLAPD_ARGSEXT are deleted from the code.)
1999-01-21 15:53:54 +00:00
Kurt Zeilenga
19a17982c6 suffixes need to be stored in normalized uppercase format 1999-01-20 05:43:33 +00:00
Kurt Zeilenga
3efaabe560 Don't allow suffixAliases were alias and aliased dn our the same. 1999-01-19 18:39:20 +00:00
Kurt Zeilenga
e2a15115b0 Update slap_conn to maintain client provided dn and bound dn.
Update slap_op to maintain dn and ndn (derived from conn->c_dn).
Update ldbm_back_bind to return actual bound dn (including rootdn)
	for use in slapd_conn.  Other backends use client dn.
Modify other codes to use ndn (normalized uppercase dn) most everywhere.
Aliasing, Suffixing and modrdn could use more work.
Applied suffixing to compare and modrdn.
1999-01-19 05:10:50 +00:00
Kurt Zeilenga
2805b25682 Store rootdn in normalized uppercase format. 1999-01-18 19:47:12 +00:00
Hallvard Furuseth
c3a692787c Change overlapping strcpy( x, y )' to SAFEMEMCPY( x, y, strlen( y ) + 1 )' 1998-12-27 02:00:08 +00:00
Kurt Zeilenga
e2ee741ea8 Replace strdup() with ch_strdup() such that exit() will be called
if strdup fails.  This is better than not checking, but we should
add orderly shutdown.
1998-11-27 20:21:54 +00:00
Hallvard Furuseth
7e6ad5100c Protoized, moved extern definitions to .h files, fixed related bugs.
Most function and variable definitions are now preceded by its extern
definition, for error checking.  Retyped a number of functions, usually
to return void.  Fixed a number of printf format errors.

API changes (in ldap/include):
  Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
  for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.

A number of `extern' declarations are left (some added by protoize), to
be cleaned away later.  Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
1998-11-15 22:40:11 +00:00
Kurt Zeilenga
2a869f5a99 merged with autoconf branch 1998-10-25 01:41:42 +00:00
Kurt Zeilenga
bf6c1e0ad2 Added Will Ballantyne's General Aliasing code.
Not quite sure if the entry lock handling is correct yet.
1998-10-24 02:42:38 +00:00
Kurt Zeilenga
42e0d83cb3 Initial revision 1998-08-09 00:43:13 +00:00