Commit Graph

137 Commits

Author SHA1 Message Date
Kurt Zeilenga
12e253fc66 entry_schema_check rename 2000-04-25 13:20:05 +00:00
Kurt Zeilenga
4710c74605 Rework error handling. Add error descriptions.
Don't use LDAP_OPERATIONS_ERROR for internal errors.  Use LDAP_OTHER
instead.  (more changes needed in this area)
2000-03-03 22:37:06 +00:00
Kurt Zeilenga
e96865c1a8 Reorder error detection based upon precedence 2000-03-01 22:59:34 +00:00
Kurt Zeilenga
4091381660 Yet another round of SLAPD_SCHEMA_NOT_COMPAT changes, including:
limited subtype support, modlist handling, filter updates,
lastmod attribute handling.
2000-02-28 21:16:05 +00:00
Kurt Zeilenga
76553ea53f More -DSLAPD_SCHEMA_NOT_COMPAT changes, including initial
impl of slap_modlist2mods() and is_at_subtype().
2000-02-25 19:36:07 +00:00
Kurt Zeilenga
ceb6412e62 More -DSLAPD_SCHEMA_NOT_COMPAT changes
Not hidden: "<anonymous>" modifiersname
2000-02-15 18:57:07 +00:00
Kurt Zeilenga
0dbaf87730 Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT
plus these changes unhidden changes:
	remove now meaning --enable-discreteaci configure option
	fix ITS#451, slapd filters
	Add ber_bvecadd() to support above
	constify ldap_pvt_find_wildcard() and misc slapd routines
	renamed some slap.h macros
	likely broken something
2000-02-14 20:57:34 +00:00
Kurt Zeilenga
36b0423311 Add Modification/Modifications structures for -DSLAPD_SCHEMA_NOT_COMPAT 2000-02-07 20:37:10 +00:00
Kurt Zeilenga
bc51bd5180 Yet another round of SLAPD_SCHEMA_NOT_COMPAT changes...
Changes outside of #ifdef include three value filter processing.
2000-02-06 21:09:44 +00:00
Kurt Zeilenga
f9195f9b6f Another round of SLAPD_SCHEMA_NOT_COMPAT changes including
basic structures for handing language tags and binary option
(but less actual code to actually support them).  Provided
for reference only.  Will not even compile.
2000-02-05 05:01:41 +00:00
Kurt Zeilenga
3a6e906194 Replace -DSLAPD_SCHEMA_COMPAT with -USLAPD_SCHEMA_NOT_COMPAT 2000-01-31 22:14:16 +00:00
Kurt Zeilenga
d298e35514 Add SLAP_SYNTAX_BINARY flag to indicate binary storage is used for
attributes of the syntax.  Such attribute values be transferred
using binary syntax unless ber2str/str2ber routines are provided.
Used in conjunction with ";binary" attribute description option
and/or the Binary syntax.
2000-01-31 01:49:44 +00:00
Kurt Zeilenga
49976b5bc1 Constify a few attr_*() routines 2000-01-29 22:03:34 +00:00
Kurt Zeilenga
d4c814ecd9 Move extern to proto header 2000-01-29 20:06:46 +00:00
Kurt Zeilenga
c5da0c76ce Additional changes to migrate to new schema codes
Still not usable.
2000-01-28 20:01:00 +00:00
Kurt Zeilenga
434e7229ac Add code to handle operational attributes via new schema codes
behind -USLAPD_SCHEMA_COMPAT.
2000-01-27 19:02:24 +00:00
Kurt Zeilenga
96ba43c591 Add in hooks for mr conversion routines 2000-01-26 00:12:51 +00:00
Kurt Zeilenga
9fec129997 Second round of schema changes
Revert normalization to matching rule per discussions with Julio.
May need separate normalization routines for stored value and asserted
value. Currently rely on passed in syntax/mr to allow "special" behavior.
Reworked filters to pass struct berval * instead of char *. (needs work)
Validation, normalization and matching needed.
2000-01-25 21:13:31 +00:00
Kurt Zeilenga
117a37272d Modify slapd syntax struct to have both a validation and normalization
routine.  Could be combined into one routine.
Modify slapd matching rule struct to only have match function.
Modify old attribute such that 'bin' implies octetString, not 'binary'.
Add compatibility for IA5 strings.  Only directoryStrings were handled
before.
Treat attribute types without syntax as incomplete, not default.
Add OctetStringValidate (always returns okay).
Add {UTF8,IA5}StringValidate/Normalize  (IA5 based loosely on
case_exact_normalize).  Need case{Exact,Ignore}UTFMatch, using IA5 versions
for now.
Removed default of syntax/mr handlders, should just skip
registration of syntax/mr's without handlers.
Added comments to slap.h about types versus descriptions.
2000-01-24 23:31:26 +00:00
Kurt Zeilenga
fdcd8465c3 s/case_ignore_normalize/caseIgnoreIA5Normalize/
s/case_ignore_compare/caseIgnoreIA5Match/
s/case_exact_normalize/caseExactIA5Normalize/
s/case_exact_compare/caseExactIA5Match/

to make room for UTF-8 and T.61 varients.
2000-01-23 20:53:12 +00:00
Kurt Zeilenga
6437785a82 Initial implementation of Kerberos password verification for
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library;
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
2000-01-02 01:21:25 +00:00
Kurt Zeilenga
da93ca8c5e Remove DNS_DN experimental code. 1999-12-18 19:54:22 +00:00
Kurt Zeilenga
6253e7c278 Updated sasl response to support returning of referrals.
Updates to extended operation framework to support arbitrary
referrals and extended results without OIDs.
Updated passwd extended operation to support returning update_refs
as needed.  Needs replog support.
1999-12-15 23:22:47 +00:00
Kurt Zeilenga
7c28aa058c Add password check and generation check.
Modify tests to use -h "ldap://localhost:port/" instead of -p port.
1999-12-12 18:45:06 +00:00
Mark Valence
a76c9f18a9 Start TLS extension: check that TLS was inited successfully, return default referral on failure as appropriate. 1999-12-10 19:18:33 +00:00
Kurt Zeilenga
431dad371c Fix slapd SASL/ExternalOps encoding
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
1999-12-10 04:52:32 +00:00
Kurt Zeilenga
1b787171fc Place passwd extended op into builtin list. 1999-12-09 23:05:15 +00:00
Mark Valence
454284f1ea Adds for Start TLS functionality on slapd and LDAP C API. 1999-12-09 22:33:22 +00:00
Kurt Zeilenga
354d0d5b50 Modify password code such that backend end routine calls into
frontend to complete parsing of extended op reqdata.
Modify password extended operation to allow optional id (DN)
entry to change (not tested).  Also, provide room to allow
server side password generation (not implemented).  Added optional old
password field to support proxying (not implemented).
Need to implement replog() support.
1999-12-09 21:30:32 +00:00
Kurt Zeilenga
26c7d69e8c Update for new password codes for MSVC5 1999-12-08 06:44:22 +00:00
Kurt Zeilenga
d5edb4bff6 Reengineered ldappasswd(1). Uses extended operation to set
user password.  Likely to be modified to use bind control
instead.  Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Kurt Zeilenga
831bfa760e reduce slap_passwd_check to simple form 1999-12-06 21:42:10 +00:00
Kurt Zeilenga
a9fb92467e Add send_ldap_sasl() to facility implementation of SASL bind. 1999-11-29 17:44:14 +00:00
Howard Chu
eaaea51b53 Fixes for NT dynamic linking. 1999-11-27 23:40:08 +00:00
Kurt Zeilenga
3978748e35 Fix prototypes to use ber_int_t consistently. 1999-11-25 17:52:47 +00:00
Kurt Zeilenga
42bb3e2e85 Move userPassord and krbName authentication routines to the frontend. 1999-11-23 19:00:09 +00:00
Mark Valence
0b9f7c8240 Added get_supported_acimech() 1999-11-22 18:40:05 +00:00
Mark Valence
883f9de61d Added get_supported_extension(), removed extern supportedExtensions[]. 1999-11-17 19:17:31 +00:00
Mark Valence
47d4d7fbb0 Added new module_* routines, changed def. of load_extension. 1999-11-09 21:20:23 +00:00
Mark Valence
edc7062f34 In preparation for extensions improvements -- added send_ldap_extended and load_extension. 1999-11-09 03:28:17 +00:00
Kurt Zeilenga
06eb390586 Make accessmask2str reentrant. 1999-10-21 23:19:22 +00:00
Kurt Zeilenga
f6829ee903 Initial commit of new ACL engine. Engine supports descrete access
privs, additive/substractive rules, and rule continuation.  Existing
rules that use 'defaultaccess none' should be 100% compatible.  Rules
that rely other defaultaccess settings will require addition of
explicit clauses granting the access.
Needs additional testing and tuning of logs
1999-10-21 17:53:56 +00:00
Kurt Zeilenga
7a0b0b2bbf In preparation for adding dn_rewrite()...
s/dn_normalize/dn_validate/
s/dn_normalize_case/dn_normalize/
1999-09-24 01:46:37 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Hallvard Furuseth
4a5e2febed Some constification & lint removal 1999-09-04 21:15:49 +00:00
Hallvard Furuseth
76a94de251 Fix: obey be->be_readonly. Also add & obey global_readonly. 1999-09-02 10:39:51 +00:00
Hallvard Furuseth
c09a2c63e7 Cleanup:
Fix printf formats, remove unused variables, add missing prototypes in slapd,
add static/const, add some return types or change to void return type.
1999-09-02 08:05:17 +00:00
Kurt Zeilenga
b509dd4d8c sockpair cleanup including:
provide prototype in lutil.h
use LBER_SOCKET_T instead of int in prototype.  (didn't use
	ber_socket_t so all of lber.h wouldn't have be dragged in)
rename signal handlers, use RETSIGTYPE, and make SIGHUP wake
rename fd to sd to reflect descriptor must be usable as a socket.
renamed sel_exit_fds to wake_sds to reflect current use
improve readability of sockpeer.c including removing obtuse goto.
1999-08-31 05:18:06 +00:00
Kurt Zeilenga
5c63fd55b5 Implement ldap_dn_normalize and friends. Should be used by clients
to validate input dn's BEFORE sending dn's to server.
Also fixed getfilter to use REG_EXTENDED|REG_NOSUB.  (and fixed one
case where REG_BASIC was still used).
s/strdup/LDAP_STRDUP/
Added ldap_pvt_str2lower/upper
1999-08-25 06:44:08 +00:00