mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-02-23 14:09:39 +08:00
Code Issues Packages Projects Releases Wiki Activity
24,091 Commits 38 Branches 307 Tags 77 MiB
13d9c925dd
Commit Graph

13020 Commits

Author SHA1 Message Date
Howard Chu
7979892dfe ITS#9711 fix TLS ctx init for tools 
The code to initialize the TLS context was being bypassed by tool startup,
causing tools to get the wrong default setting. Move it earlier to avoid
being bypassed.
 2021-09-30 19:17:38 +01:00
Howard Chu
66c6284119 ITS#6949 fixup loglevel delete, consolidate redundant code 2021-09-30 04:23:29 +01:00
Howard Chu
10fb8c0ae5 ITS#6949 fix logfile_only regression in prev commit 2021-09-29 14:39:28 +01:00
Howard Chu
77adb19207 ITS#6949 honor specified loglevel, not just debuglevel 
But skip calls to syslog() if logfile_only is set.
 2021-09-27 16:54:24 +00:00
Howard Chu
42fc772c23 slapd: delete unused entry_schema_check(oldattrs) parameter 
Unused since 2001 2ae02fc19b
 2021-09-23 17:03:19 +01:00
Ondřej Kuzník
77dfb204c1 ITS#9671 Revert some NO-USER-MODIFICATION flags in ppolicy 2021-09-16 16:18:17 +00:00
Anton Avramov
01b653fd61 ITS#9679 - Update ldap_entry_objectclass table for current mysql/mariadb 2021-09-15 01:59:33 +00:00
Howard Chu
09a22d5512 ITS#9678 slapadd: avoid destroying configDB prematurely 2021-09-14 20:01:47 +01:00
Ondřej Kuzník
bfe3d19e95 ITS#8341 Allow normalised values for namingContexts in cn=monitor 2021-09-09 10:26:06 +01:00
Ondřej Kuzník
2958925ca1 ITS#9664 Add normalised suffix into rootDSE for ACL, etc. 
This was removed in ITS#5540 since there was no EQUALITY matching rule,
but that situation changed in ITS#8341 and we need to add it back.
 2021-09-09 10:26:06 +01:00
Ondřej Kuzník
c2b81a3c5b ITS#6949 Allow for fd 0 2021-09-08 15:53:02 +00:00
Ondřej Kuzník
dc6b6276fc ITS#6949 Save errno 2021-09-08 15:53:02 +00:00
Ondřej Kuzník
2abbf6781d ITS#6949 Extract logging code so lloadd can also use it 2021-09-08 15:53:02 +00:00
Quanah Gibson-Mount
c1f3895412 ITS#9649 - Fix typo compatibilty to compatibility 2021-09-06 19:18:46 +00:00
HAMANO Tsukasa
c66c9f87eb ITS#9631 back-wt: closing cache db politely 2021-09-06 15:19:25 +00:00
Ondřej Kuzník
17394f380a ITS#9641 Grab a new local csn for failed ops 2021-09-05 14:33:59 +00:00
Ondřej Kuzník
781a6c25a7 ITS#9538 Only queue csns for ops that don't get skipped 2021-09-05 14:33:59 +00:00
Ondřej Kuzník
8f8674fc86 ITS#9538 Populate op2.o_hdr earlier 2021-09-05 14:33:59 +00:00
Ondřej Kuzník
c34f2a1b29 ITS#9650 Move ldap_pvt_thread_initialize into main.c 2021-09-04 22:57:00 +00:00
HAMANO Tsukasa
ccb4f4854a ITS#9643 Fix out of bounds read in entry_decode() 2021-09-02 15:25:39 +00:00
Howard Chu
73be971a7d ITS#9659 remove redundant peerbv def 2021-09-01 04:00:57 +01:00
Quanah Gibson-Mount
affa9de311 ITS#9649 - Add information for schema files 2021-08-31 17:34:16 +00:00
Quanah Gibson-Mount
c4d399c203 ITS#9156 - Remove ppolicy.schema from README 
Also remove nadf.schema, that got removed some time long ago
 2021-08-26 15:43:24 +00:00
Quanah Gibson-Mount
d943d7f2fb ITS#9636 - Delete shell backend 2021-08-17 16:01:29 +00:00
Quanah Gibson-Mount
c6b43dcdc5 ITS#9635 - Delete back-ndb 2021-08-17 16:01:29 +00:00
HAMANO Tsukasa
31b0bf68c2 ITS#9497 fix duplicate ldap control response 2021-08-17 15:45:06 +00:00
Howard Chu
ac637676f8 ITS#9637 more for idlexp max 2021-08-16 22:56:38 +01:00
Howard Chu
c3aca3d545 ITS#9637 back-mdb fix max idlexp 2021-08-16 22:44:54 +01:00
Howard Chu
49ee5d9b24 ITS#5344 slapo-rwm: fix prev commit 
Must always generate newDN
 2021-08-13 21:09:28 +01:00
Ondřej Kuzník
4588f4e528 ITS#9597 Fix NoD support 2021-08-13 16:01:13 +01:00
Ondřej Kuzník
e78ecead09 ITS#9600 Support closing connections on request 2021-08-13 10:57:14 +01:00
Ondřej Kuzník
e9dfb7d21d ITS#9600 Rework monitor entry management 
Connection entries are now persistent and can be addressed, preparing
the ground so we can process modify operations on individual entries.
 2021-08-13 10:57:14 +01:00
Ondřej Kuzník
6d95cc3935 ITS#9599 Online latency tracking 2021-08-13 10:57:14 +01:00
Ondřej Kuzník
8219a3a414 ITS#9599 Push based latency tracking 2021-08-13 10:57:14 +01:00
Ondřej Kuzník
84dab3f961 ITS#9599 Add bestof tier implementation 2021-08-13 10:57:14 +01:00
Ondřej Kuzník
1ca559668f ITS#9599 Add latency tracking 2021-08-13 10:57:14 +01:00
Ondřej Kuzník
ab90bfd95c ITS#9599 Implement tiered load balancing 2021-08-13 10:57:14 +01:00
Ondřej Kuzník
ddc9430727 ITS#9598 Per OID restrictions 2021-08-13 10:57:14 +01:00
Ondřej Kuzník
0190f18b4c ITS#9598 Introduce backend-restricted selection 2021-08-13 10:57:14 +01:00
Ondřej Kuzník
7173e4726e ITS#9598 Factor out upstream checking 2021-08-13 10:57:13 +01:00
Ondřej Kuzník
b66a62799d ITS#9597 Send Notice of Disconnection when shutting down a client connection 2021-08-13 10:57:13 +01:00
Ondřej Kuzník
96d0eec034 ITS#8747 Use the same message when upstream connection is ready 2021-08-13 10:57:13 +01:00
Howard Chu
973a93036e ITS#9122 expose SLAP_TOOL_DRYRUN to backends 
Most backends should no-op everything. back-config will
still parse and process all config directives.
 2021-08-13 02:09:48 +00:00
Ondřej Kuzník
c4ac5b319b ITS#9538 Serialise CSN assignment in slapo-accesslog 2021-08-12 20:48:09 +00:00
Howard Chu
f6a61ab7fe ITS#8958 back-mdb: checkpoint online indexer 
Save old/new indexmasks to allow processing to resume if slapd is
stopped and restarted. Save last entryID indexed to allow resume
after restart or pool pause.
 2021-08-12 18:59:06 +00:00
Howard Chu
5ad6ab3568 ITS#8958 rename ldap_pvt_thread_pool_pausecheck() 
to ..._pausewait() since that's what it really does.
Add ..._pausequery() that only checks and doesn't wait.
 2021-08-12 18:59:06 +00:00
Nadezhda Ivanova
81ed9e0d0e ITS#9628 Fix incorrect c_n_ops_executing counter when backend is asynchronous 2021-08-12 15:57:49 +00:00
Aapo Romu
5b11591db9 ITS#9630 back-sql: Close transactions after bind and search 2021-08-12 14:40:51 +01:00
Aapo Romu
ab3db65388 ITS#9629 back-sql: Add support for ppolicy opattrs 
So that ppolicy rules are applied
 2021-08-12 14:40:40 +01:00
Quanah Gibson-Mount
2a6e24e924 ITS#9463 - Fix typo 2021-08-08 02:01:31 +00:00
HAMANO Tsukasa
2aaaf98315 ITS#9463 cumulative fix for back-wt 
- LDAP MODRDN handling
- support paged response
- add wt_extended
- add config emit
- wt_key_read() return WT_NOTFOUND if not found key.
- add ext_candidates()
- fix idlcache session name
- fix warning
- don't reuse idlcache cursor
- set correct pid when modrdn with newsuperior
- fix condition bug
- fix send_search_entry() error handling
- fix for referral handling
- fix for readonly mode
- fix sizelimit response
- support modrdn
- improve modify handling
- clear ancestor idlcache
- fix for multi-DIT
- IMPORTANT CHANGES: Compatibility is broken with previous database table, please restore database from LDIF.
- checking for scope=children
- sort dn2idl result
- fix cursor leak
- support db_open with readonly mode
- add wt_tool_entry_delete
- initialize comp variable
- support referrals
- implement wt_tool_dn2id_get() and wt_tool_entry_modify() for slapadd -w
- skip redundant scan, and more debug message
- fix OID conflict with back-passwd
- no need to close session, It may cause SEGV.
- fixed wt_dn2entry for empty DN
- support multiple database
- Construct wiredtiger's config parameter. It allow multi line wtconfig settings
- add idlcache
- fix concurrent modification to a entry with multi values
- prevent to add duplicate dn entry
- suppress error message "search_near failed: WT_NOTFOUND"
- update Debug statements
- back-wt does not support subtree rename
- fix for @ondra review
- update slapd-wt.5 and warning for mode option
- add back-wt test into test target
- add scope checking
 2021-08-07 19:27:43 +00:00
Howard Chu
d877251b2c (From ITS#8958) allow 2.5 slapcat to read 2.4 DB 2021-08-06 22:50:23 +01:00
Howard Chu
6237ae17db ITS#9611 bconfig: canonicalize structuralObjectclass 2021-08-06 22:13:47 +01:00
Ondřej Kuzník
94b361ed45 ITS#9620 Freeze cache while we search 2021-08-06 18:51:51 +00:00
Ondřej Kuzník
60c219243b ITS#9620 Turn mi_cache_mutex into a RW lock 2021-08-06 18:51:51 +00:00
Ondřej Kuzník
8d235737c8 ITS#9620 Only persistent entries are stored in the cache 2021-08-06 18:51:51 +00:00
Ondřej Kuzník
1cf39a8568 ITS#5344 Record and maintain new DN on ModRDN ops 2021-08-06 15:30:47 +01:00
Howard Chu
9f4de680e3 ITS#6949 add support for logfile rotation 
Uses debuglevel, not sysloglevel.
 2021-08-05 15:45:19 +00:00
Quanah Gibson-Mount
27a5424371 ITS#9625 - Fix handling when pwdChangedTime is not present 
Add a check to see if pwdChangedTime was actually present on the entry. If not, skip the expiry check.

Additionally change the debug log statement to TRACE instead of ANY, as the message is informational.
 2021-08-04 19:58:01 +00:00
Ondřej Kuzník
8b24104d1a ITS#9624 Read state while holding relevant mutex, cache if needed 2021-08-04 15:30:36 +00:00
Ondřej Kuzník
71de64fac4 ITS#9624 Make sure we reset only for Binds 2021-08-04 15:30:36 +00:00
Ondřej Kuzník
7c17f06197 ITS#9624 We've already checked before we call request_extended 2021-08-04 15:30:36 +00:00
Howard Chu
e700dc03ee ITS#9615 move CheckModule from policy to overlay config 
And fix errmsg FIXME
 2021-08-03 16:31:49 +00:00
Howard Chu
a54f99858c ITS#6138 let frontend handle all exop responses 2021-08-03 15:19:49 +00:00
Howard Chu
66ed15a288 ITS#6138 FIx exop handler to ignore SLAPD_ASYNCOPs 2021-08-03 15:19:49 +00:00
Howard Chu
658e526bb0 ITS#6138 drop unnecessary use of o_abandon 2021-08-03 15:19:49 +00:00
Howard Chu
795add7b96 ITS#6138 use SLAPD_NO_REPLY for persistent searches 
The particular code doesn't matter, any result besides
SLAP_CB_CONTINUE always halts overlay/response processing.
 2021-08-03 15:19:49 +00:00
Howard Chu
e9e6fd71e1 ITS#6138 don't overwrite rs->sr_err after sending response 2021-08-03 15:19:49 +00:00
Howard Chu
5a61175deb ITS#6138 add lock flag to connection_op_finish() 2021-08-03 15:19:49 +00:00
Howard Chu
d3bd4aa76d ITS#6138 don't allow redundant abandon/cancel ops 2021-08-03 15:19:49 +00:00
Howard Chu
bc29154c62 ITS#8649 syncrepl: fix backend selection in glued DBs 2021-08-03 13:10:27 +01:00
Howard Chu
5cd45ec937 ITS#9621 fix for multival with NULL mr 2021-08-02 20:24:58 +01:00
Quanah Gibson-Mount
417accbce4 ITS#9616 - Make example slapd.conf and slapd.ldif files functional 2021-07-30 17:30:19 +00:00
Quanah Gibson-Mount
6cfed41537 ITS#9616 - Always define olcModuleList for slapd-config 2021-07-30 17:29:51 +00:00
Nadezhda Ivanova
6463280d8c Enable addition of targets to back-asyncmeta via cn=config 2021-07-29 15:05:36 +00:00
Howard Chu
79d33fe40e ITS#9584 avoid busy-loop while refresh is serialized 2021-07-29 13:28:34 +01:00
Howard Chu
92ea88ec1f ITS#9569 make reqMod optional in modify ops 2021-07-29 12:02:22 +01:00
Howard Chu
e1c90d0977 ITS#9584 serialize refresh phase 
Only allow one consumer at a time to perform a refresh on a database.
 2021-07-27 16:12:14 +01:00
Howard Chu
2c0707cf13 ITS#9157 save TLS errmsg in ld->ld_error 2021-07-22 15:27:31 +01:00
Howard Chu
81076a7f7c ITS#8775 for passwordMod, pass real DN thru 
Since conn->c_dn is the real DN, need to see real DN for <self>
ACLs to work.
 2021-07-20 19:27:45 +01:00
Howard Chu
4bd6a6d49d ITS#6916 unique: internal ops shouldn't have user's controls 2021-07-20 17:54:26 +01:00
Howard Chu
0ae71bafcf ITS#9608 fix delete of nonexistent sessionlog 2021-07-13 12:10:28 +01:00
Howard Chu
a464a6e98f ITS#9603 fix IPv6 addrs with tcpd 2021-07-01 16:16:19 +01:00
Ondřej Kuzník
a2e9cb1acd ITS#7080 Postread control support for back-ldif/config 2021-06-27 17:39:46 +00:00
Ondřej Kuzník
5e4f1e862f ITS#7080 Move slap_read_controls Debug message to STATS 2021-06-27 17:39:46 +00:00
Ondřej Kuzník
4cd096deff ITS#9156 Do not spam the logs on account of lastbind 2021-06-21 18:37:30 +00:00
Ondřej Kuzník
9e1a961792 ITS#9581 Implement lastbind precision 2021-06-21 18:37:30 +00:00
Ondřej Kuzník
c7f4a5eb28 ITS#7215 Allow cleanups/commits to fail (once) 
Some config changes need to be prepared at entry modification time and
then checked/committed at the end. Such a check can fail, so we need to
do this early enough and also commit the opposite change during a revert
step.

The assumption is that the original version is consistent and bconfig
can accurately reconstruct it, so the revert cleanups will not fail and
so all of them get to be run. We set ca->reply.err so that the cleanups
can be made aware and comply with this assumption.
 2021-06-21 16:36:06 +00:00
Ondřej Kuzník
4255288ac4 ITS#7215 Postpone index_substr check 2021-06-21 16:36:06 +00:00
Ondřej Kuzník
3dcfffbd00 ITS#9576 Use stored defaults 2021-06-21 16:36:06 +00:00
Ondřej Kuzník
b4afe00942 ITS#9576 Put the used table in ConfigArgs 2021-06-21 16:36:06 +00:00
Ondřej Kuzník
3138c8d5db ITS#9363 Some missed MAGIC defaults 2021-06-21 16:36:06 +00:00
Ondřej Kuzník
2d78b6274f ITS#8747 Allow olcBkLloadClientMaxPending in cn=config 2021-06-21 16:36:06 +00:00
Ondřej Kuzník
f016d88786 ITS#9575 Warn when specifying olcPasswordHash in the cn=config entry 2021-06-21 15:32:03 +00:00
Quanah Gibson-Mount
362fbedc51 ITS#8333 - Update internationalISDNNumber for RFC4519 2021-06-15 18:18:03 +00:00
Tero Saarni
3e45c71d29 ITS#9468 do not arm expire timer for connections that are already tainted 2021-06-08 15:41:40 +00:00
Howard Chu
2f880087c9 ITS#9468 always init lc_time and lc_create_time 
Doesn't cost us anything and guarantees expiry will work if conn_ttl
or idletimeout are configured at a later time.
 2021-06-08 15:41:40 +00:00
Howard Chu
4de2314555 ITS#9561 slapd init.c: fix copy/paste error 
Added in 629cafc98d for ITS#8707
 2021-06-03 21:28:36 +01:00
Ondřej Kuzník
0ea78fde20 ITS#6467 Indicate which operation is lost if we fail to add log entry 2021-06-03 10:23:43 +01:00
Ondřej Kuzník
726a203133 ITS#6467 Free uuid list after we're finished 2021-06-03 10:22:14 +01:00
Howard Chu
3ca790514f ITS#9557 back-mdb: fix mdb_waitfixup for candidate-based searches 
Off-by-one left last scope unrefreshed
 2021-05-27 12:48:36 +01:00
Nadezhda Ivanova
b92b03373b ITS#9555 Changed alignment in the default definitions block to tabs instead of spaces 2021-05-25 15:01:51 +00:00
Nadezhda Ivanova
915e515970 ITS#9555 Introduce a default operations timeout for back-asyncmeta 2021-05-25 15:01:51 +00:00
Ondřej Kuzník
5943a33456 ITS#6467 Adjust log message 2021-05-15 10:01:51 +01:00
Ondřej Kuzník
c216ef53cd ITS#6467 Reset avl root after releasing the tree 2021-05-15 10:01:18 +01:00
Ondřej Kuzník
6977635c3e ITS#6467 Deal with modRDNs 2021-05-13 20:14:55 +00:00
Ondřej Kuzník
c2edf41fff ITS#9552 Record reqNewDN for modRDNs 2021-05-13 20:14:55 +00:00
Ondřej Kuzník
df27b2bbfd ITS#6467 Plug a shutdown leak 2021-05-13 20:14:55 +00:00
Ondřej Kuzník
b0b0fc8c67 ITS#9551 Handle empty DN in extended filters 2021-05-13 18:33:25 +00:00
Howard Chu
07e79471f9 ITS#9534,#9324 fix refresh startup 
Partially revert 5aa7e0f69b
Use an explicit timeout for Refresh response. Need to give time
for the provider to reply.
 2021-05-13 18:29:22 +01:00
Ondřej Kuzník
efb84b3e9b ITS#6467 Handle syncrepl searches with base of "" 2021-05-11 18:19:22 +00:00
Tero Saarni
255a37461e ITS#9468 fixed typos 2021-05-11 15:05:50 +00:00
Tero Saarni
06ed787137 ITS#9468 summarize discussion about rebind-as-user 2021-05-11 15:05:50 +00:00
Tero Saarni
97217da5e3 ITS#9468 back-ldap: Return disconect if rebind cannot be done 2021-05-11 15:05:50 +00:00
Ondřej Kuzník
cba03e49a4 ITS#8747 Protect shutdown code while workers are still alive 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
8e4d7ffe79 ITS#8747 Remove c_private from LloadConnection 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
1cb65102ce ITS#8747 Keep an explicit backend pointer 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
3802fa9217 ITS#8747 Fix lloadd builds --without-tls 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
a186fd70ab ITS#8747 Do not continue reading if connection is dying 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
4f4997551d ITS#8747 Avoid epoch recursion in connection_write_cb 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
2c1bb42f01 ITS#8747 Do not observe an epoch while calling dispose_cb 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
c472639170 Report mbe->register_entry() errors 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
de0caafe96 ITS#8721 Do not update ri_last unless we're actually retrying 2021-05-07 19:26:19 +00:00
Quanah Gibson-Mount
5c8bd550dd ITS#9548 - Ensure modules in the pwmods directory get installed 2021-05-07 16:08:58 +00:00
Howard Chu
4993b34365 ITS#9544 fix #9511 patch 
Include was erroneously deleted. partially reverts 6cdfc85fc5
 2021-05-04 10:04:20 +01:00
Howard Chu
7b2c9aed3c ITS#9541 fix typo in daemon.c 
From commit ee49c83976
 2021-04-30 09:24:32 +01:00
Howard Chu
145325dcc1 ITS#9537 slap_op_time: avoid duplicates across restarts 
Initialize last_ times with current time sec & usec
 2021-04-27 17:10:51 +01:00
Howard Chu
0c90b8c001 ITS#9531 back-mdb: fix delete of context entry 
We already checked if attempting to delete the suffix, but
didn't skip the parent check as we should have.
 2021-04-26 18:27:40 +01:00
Howard Chu
2cda679e3b ITS#9534 fix prev commit 2021-04-24 15:47:03 +01:00
Howard Chu
87099f8e0d ITS#9534 additional 
Partially revert 0b20b92ec1
Reuse the client conn for delta-sync startup
 2021-04-24 15:45:58 +01:00
Howard Chu
8a72584bd1 ITS#9534 fix delta-sync startup 
When transitioning from plain refresh to delta mode, don't
wait for a reschedule, go immediately.
Partially reverts f2740c79b3
 2021-04-24 15:38:02 +01:00
Ondřej Kuzník
9bbbbf5f6a ITS#9502 TCP_USER_TIMEOUT for lloadd 2021-04-22 21:52:12 +00:00
Nadezhda Ivanova
6e3f6639b9 ITS#9502 Implement tcp-user-timeout support for back-ldap/(async)meta 2021-04-22 21:52:12 +00:00
Howard Chu
c63216abdc ITS#9529 pcache: update refresh_time after query refresh 2021-04-21 22:32:42 +01:00
Howard Chu
6d285a33f8 ITS#9529 pcache: fix consistency_check locking 2021-04-21 22:15:27 +01:00
Ondřej Kuzník
72caa56a8c ITS#8707 systemd notifications from lloadd 2021-04-20 22:54:19 +00:00
SATOH Fumiyasu
f3501534d4 ITS#8707 - Add slapd.service and lloadd.service for systemd 2021-04-20 22:54:19 +00:00
Ondřej Kuzník
629cafc98d ITS#8707 Add systemd service notification support 2021-04-20 22:54:19 +00:00
Howard Chu
8f392914ca ITS#9526 slapd-mdb tools: fix cursor init check 2021-04-18 17:51:30 +01:00
Ondřej Kuzník
ae77343d67 ITS#9520 Refuse parallelism if not compiled with libargon2 2021-04-14 18:17:59 +01:00
Ondřej Kuzník
8b353df0e2 ITS#9517 Add module args support to slappaswd and relevant docs 2021-04-14 18:17:59 +01:00
Ondřej Kuzník
d0eae40961 Expose slapTool for use elsewhere 2021-04-14 18:17:59 +01:00
Ondřej Kuzník
c29f0315c2 ITS#7786 Allow parsing of invalid entries when schema checking off 2021-04-12 16:28:49 +00:00
Ondřej Kuzník
afa19de2cb ITS#9295 Handle add+delete on a single-value attr 2021-04-12 15:15:02 +00:00
Ondřej Kuzník
932cc56817 ITS#9519 Add namedObject draft and schema 2021-04-09 18:33:48 +00:00
Ondřej Kuzník
dde1bdf48f ITS#9511 Fix terminator comment 2021-04-07 16:07:36 +01:00
Quanah Gibson-Mount
6cdfc85fc5 ITS#9511 - Stop plugin.c from generating an error when running make depend even if slapi is not enabled 2021-04-02 21:12:53 +00:00
Quanah Gibson-Mount
cd7127309e Cleanup on example slapd.conf that's shipped to highlight the ability to temporarily modify a running slapd process even when using a slapd.conf file 2021-04-01 23:28:28 +00:00
Quanah Gibson-Mount
0ad73f8717 ITS#9437 - Fix slapo-otp overlay name 2021-03-31 23:12:00 +00:00
Howard Chu
94fbd96826 ITS#9513 Change all lutil time structs to use nanoseconds 
Instead of microseconds
 2021-03-31 18:53:50 +00:00
Howard Chu
9ac3909ead ITS#9513 Intercept liblber error printer 
And add time and thread ID prefix to all debug output
 2021-03-31 18:53:50 +00:00
Howard Chu
01e5664c7c ITS#9513 Cleanup debug output 
Avoid splitting single lines across multiple Debug invocations
 2021-03-31 18:53:50 +00:00
Ondřej Kuzník
80cfd8117b ITS#7786 Try to synthesize missing attribute types 2021-03-31 16:14:25 +00:00
Ondřej Kuzník
fe7e4697e9 ITS#9437 Implement TOTP drift correction 2021-03-31 14:57:56 +00:00
Ondřej Kuzník
87f3bad8bb ITS#9437 Add otp_2fa overlay 2021-03-31 14:57:56 +00:00
Ondřej Kuzník
e36d1e31c5 ITS#9001 manual changes 2021-03-30 15:46:40 +01:00
Ondřej Kuzník
51c444b065 ITS#8698 Defer policy checker cleanup if it's a pw extop 2021-03-30 02:10:19 +00:00
Ondřej Kuzník
0df931b98b ITS#8698 Only remove our own callback 2021-03-30 02:10:19 +00:00
Quanah Gibson-Mount
adb16cbd64 ITS#9470 - Fix typos 2021-03-26 16:28:39 +00:00
Howard Chu
e6bf5795ac ITS#9498 replace asserts 
Just no-op if trying to close a connection that's already being closed.
 2021-03-26 13:46:56 +00:00
Howard Chu
829263c454 ITS#8847 move lutil_sockaddrstr() to ldap_pvt_sockaddrstr() 2021-03-26 13:45:26 +00:00
Ondřej Kuzník
8382d3c380 ITS#9470 Add homedir overlay 2021-03-26 01:27:09 +00:00
Ondřej Kuzník
61e9b6d37a ITS#9347 Log which policy attribute is invalid 2021-03-25 23:57:07 +00:00
Ondřej Kuzník
109d967ff2 ITS#7788 Hashing should be independent of a useable policy 2021-03-25 19:43:18 +00:00
Howard Chu
c6e521fa98 ITS#8950 move txn setup to frontend 
Backends should just execute when invoked, frontend should
exclusively take care of queueing for txn setup.
 2021-03-23 14:58:09 +00:00
Howard Chu
f9cb918d05 ITS#9504 back-ldap: set default idassert mode as documented 2021-03-22 17:50:32 +00:00
Howard Chu
f1ebb45695 ITS#9251 make max filter depth configurable 2021-03-22 17:31:13 +00:00
Howard Chu
da57548e52 ITS#9498 More connection streamlining 
Since c_mutex is now always inited at startup time, we no longer
need connections_mutex to protect from uninit'd structures
 2021-03-22 17:12:30 +00:00
Howard Chu
5398d44a36 ITS#8967 additional check 2021-03-22 09:18:32 +00:00
Howard Chu
a3935c7249 ITS#8967 back-mdb: fix adminlimit check 2021-03-22 08:36:49 +00:00
Howard Chu
f2740c79b3 ITS#8589 syncrepl: defer on REFRESH_REQUIRED 
Schedule a new retry instead of immediate looping back. This
will also prevent locking up cn=config replication.
 2021-03-21 17:41:19 +00:00
Howard Chu
cc2834c87a ITS#9152 autoca: no-op if DB doesn't exist yet 2021-03-21 17:28:50 +00:00
Howard Chu
7a4e70f3e6 ITS#8577 don't allow setting logDB to current DB 2021-03-21 17:20:05 +00:00
Howard Chu
696d5656fa ITS#9241 all ARG_DN configs must also use ARG_QUOTE 2021-03-21 16:47:43 +00:00
Howard Chu
cbb6441c30 ITS#8726 check newly registered loglevels immediately 
See if they were requested as soon as they are successfully registered.
 2021-03-21 16:36:30 +00:00
Howard Chu
bb6844e296 ITS#7295 don't init TLS threads by default 
Do it explicitly in servers
 2021-03-21 15:26:57 +00:00
Howard Chu
7ff1f42f7e ITS#8246 frontend and config DBs are unique 
Also make sure config_add_internal errmsg is returned to slapadd
 2021-03-21 14:58:22 +00:00
Ondřej Kuzník
cf67fc22f3 ITS#9016 Do not forget to close directory handle 2021-03-19 12:48:09 +00:00
Ondřej Kuzník
3c12993fbe ITS#9016 Check confdir is empty before generating from scratch 2021-03-18 21:07:43 +00:00
Ondřej Kuzník
eafcc405e2 ITS#6830 Enable NO-USER-MODIFICATION on ppolicy attributes 2021-03-18 17:32:30 +00:00
Ondřej Kuzník
4d6b01802a ITS#9051 Check for more success result codes 2021-03-18 16:36:56 +00:00
Ondřej Kuzník
152c12d4d3 ITS#9051 Do not remove callback on intermediate responses 2021-03-18 16:36:56 +00:00
Ondřej Kuzník
0c8afb036a ITS#9444 Manage sr_ref/sr_matched flags accordingly 
send_ldap_response() clears them immediately even if we never attached
the data to be freed, so when we reinstate them, the flags are gone and
the next send_ldap_response() doesn't consider freeing them.
 2021-03-18 15:34:26 +00:00
Ondřej Kuzník
f78887390a ITS#9444 Pass original message when chain-return-error is set 2021-03-18 15:34:26 +00:00
Howard Chu
616e5bf1c3 ITS#9498 connection_next: fix validity check 2021-03-11 09:31:41 +00:00
Quanah Gibson-Mount
c7763538de ITS#9453 - Make pw argon2 official 2021-03-10 23:21:08 +00:00
Howard Chu
28a04795f6 ITS#9479 asyncmeta: fix hanging ops 
Two separate problems
  1) ops that never got sent because of a pending Bind
  2) errors that never got returned because of an active op
 2021-03-10 00:18:59 +00:00
Quanah Gibson-Mount
180f5b62cb ITS#9482 - Fix possiblity of uninitialized data being returned in slapi plugin 2021-03-09 20:49:42 +00:00
Quanah Gibson-Mount
891fc1e117 ITS#9481 - Fix cases when IPv6 support is disabled 2021-03-08 18:10:41 +00:00
Paul B. Henson
b91491a8ee ITS#9481 - fix proxyp when IPv6 disabled 2021-03-08 18:10:41 +00:00
Konstantin Andreev
f2481c8d88 ITS#9446 - Correctly parse gecos field 2021-03-04 19:05:23 +00:00
Howard Chu
17abe7e710 ITS#9491 plug memctx leak - frontend already clears it 2021-03-04 17:03:20 +00:00
Ondřej Kuzník
99efeda06f ITS#9288 Do no change tainted status on failed retry 
It seems refcnt == 0 connections are tainted only if they were just
removed from cache.
 2021-03-02 20:00:55 +00:00
Ondřej Kuzník
6bfdb0342d ITS#8215 Some more slapmodify manpage tweaks 2021-03-02 19:08:50 +00:00
Quanah Gibson-Mount
05b1b4688c ITS#9480 - Update example configurations to include monitor db 2021-03-02 16:12:05 +00:00
Ondřej Kuzník
34b95c520e ITS#9438 Add remoteauth overlay 2021-02-25 22:11:39 +00:00
Ondřej Kuzník
38ea26b35f ITS#7262 Retrieve the policy from the correct backend 2021-02-24 22:15:48 +00:00
Tero Saarni
0eacc4a793 ITS#9197 back-ldap: added task that prunes expired connections 2021-02-24 22:07:48 +00:00
Howard Chu
22fd5a8924 ITS#9477 fix regression from #9339 
Must provide plain IP address for TCP wrapper
 2021-02-24 19:59:51 +00:00
Paul B. Henson
146889f205 ITS#9419 Add support for HAProxy proxy protocol v2 2021-02-24 18:11:09 +00:00