5038 Commits

Author	SHA1	Message	Date
Pierangelo Masarati	18360d1eb2	fix previous commit	2003-12-20 17:41:08 +00:00
Pierangelo Masarati	79bc396ed8	in the <what> clause of ACLs, only 'attr=' or 'attrs=' are allowed; the former for backwards compatibility, while slapd.access(5) correctly uses only the latter form	2003-12-20 15:31:54 +00:00
Pierangelo Masarati	39574bcb5f	for consistency, always allow 'onelevel' as an alias for 'one' in dnstyle	2003-12-20 15:18:21 +00:00
Howard Chu	2b44c72d84	Fix handling of an_oc_exclude	2003-12-20 14:35:13 +00:00
Howard Chu	1586a68219	ITS#2888 don't return LDAP_SIZELIMIT_EXCEEDED prematurely	2003-12-20 10:10:59 +00:00
Howard Chu	c3bb9e42a6	More cleanup	2003-12-20 09:55:17 +00:00
Howard Chu	59f76d543c	Clean up prev commit	2003-12-20 09:19:19 +00:00
Howard Chu	d27b734770	ITS#2889 - fix explicit objectClass inclusion/exclusion	2003-12-20 06:28:05 +00:00
Luke Howard	120adb6b1b	Fix slapi_modify_internal() to deal with just the modification type of ... a mod operation	2003-12-19 10:10:59 +00:00
Kurt Zeilenga	aabcce3e58	Document +0	2003-12-19 05:06:51 +00:00
Kurt Zeilenga	5481755c0e	Move ldapi to /var/run	2003-12-19 02:28:06 +00:00
Kurt Zeilenga	fdbd8705ae	Move pid/args files into $(RUNDIR)/run ... Move ldapi into $(RUNDIR)/run/openldap	2003-12-19 02:18:29 +00:00
Howard Chu	3b0b66de10	Fix install rule	2003-12-18 20:26:05 +00:00
Kurt Zeilenga	e9133952fb	Move experimental built-in SASL behind SLAP_BUILTIN_SASL macro	2003-12-18 20:01:47 +00:00
Pierangelo Masarati	42d7d6d743	propagate flags to sasl-regexp functions (will need it later)	2003-12-18 18:32:45 +00:00
Pierangelo Masarati	113727ba53	allow 'all' vs. 'any' sasl-authz-policy	2003-12-18 18:28:43 +00:00
Kurt Zeilenga	babc993ef7	clarify default access control policy	2003-12-18 17:32:30 +00:00
Kurt Zeilenga	9647ccd945	Completely untested built-in EXTERNAL implementation ... Needs identity mapping and proxy authorization support	2003-12-18 06:52:39 +00:00
Howard Chu	e4b899df95	ITS#2884 silence warning. We don't dereference this pointer, we just use ... it's value as a unique key.	2003-12-18 03:54:48 +00:00
Howard Chu	9777dc2114	ITS#2883 initialize rc before running callbacks	2003-12-18 03:50:09 +00:00
Kurt Zeilenga	3eb5337020	Make modify/increment conditional	2003-12-17 21:42:48 +00:00
Pierangelo Masarati	f2a9089e4d	cleanup most of the -pedantic warnings (ITS#2884) and other small fixes	2003-12-17 20:55:46 +00:00
Kurt Zeilenga	271fff13de	Sync with HEAD	2003-12-17 17:55:27 +00:00
Luke Howard	516fd0ff50	First round of SLAPI cleanups - use slapi_int_XXX for internal functions ... (slapi_x_XXX is still reserved for exported functions that are not part of the SLAPI specification)	2003-12-16 15:49:31 +00:00
Pierangelo Masarati	2d948c7106	fix a couple of (too optimistic) comments...	2003-12-16 14:25:36 +00:00
Luke Howard	c8f62b12d3	Honour any controls that are sent by a SLAPI plugin	2003-12-16 11:17:54 +00:00
Pierangelo Masarati	8fa476a5c6	line up comments and code	2003-12-16 11:05:52 +00:00
Pierangelo Masarati	4e83a282d0	improve error handling for attr val ACL syntax	2003-12-16 10:56:21 +00:00
Luke Howard	0bcddbc908	Don't leak SLAPI_RESCONTROLS when free'ing parameter block - these ... are allocated by the plugin	2003-12-16 05:59:50 +00:00
Kurt Zeilenga	a736f237f8	Deprecate +objectClass in favor of @objectClass per IETF discussions	2003-12-16 05:55:52 +00:00
Kurt Zeilenga	e3ffc1b165	Revert last commit	2003-12-16 01:55:56 +00:00
Pierangelo Masarati	e2483d8a9b	honor '!' (objectClass negation) when checking attribute presence in list	2003-12-16 01:10:33 +00:00
Pierangelo Masarati	ee34f3fb64	add to 'val[.<style>=<value>' ACLs special match styles for DN-valued attributes; add negated objectClass to attribute name lists for ACLs and partial replication	2003-12-16 00:49:10 +00:00
Howard Chu	6e6bef8f56	Fix - need to initialize lutil_passwd.	2003-12-16 00:39:29 +00:00
Pierangelo Masarati	bc972e0656	allow 'AUTHZ' mech in proxyAuthz control to allow also the <mech> part of the 'u:' user	2003-12-15 18:19:14 +00:00
Pierangelo Masarati	3a5c53a8b1	typo	2003-12-14 15:36:46 +00:00
Pierangelo Masarati	b4629f1e79	fix previous commits	2003-12-14 14:08:15 +00:00
Pierangelo Masarati	588f1f6185	resolve naming conflicts when compiling rwm overlay as static (will disappear as soon as rwm stuff is removed from back-ldap/back-meta)	2003-12-14 11:13:25 +00:00
Kurt Zeilenga	4d29df5bd1	Add LDAP_DEPRECATED macro ... Need to remove use of deprecated functions.	2003-12-14 02:47:42 +00:00
Kurt Zeilenga	5b0236f4ae	Add u: comment	2003-12-13 23:41:44 +00:00
Kurt Zeilenga	1fadacaa31	Forward parse the uauthzid. A realm cannot be specified unless ... a mechanism is specified. (Few mechanisms (DIGEST-MD5 only) support separate realms.)	2003-12-13 23:38:05 +00:00
Pierangelo Masarati	4602c935f7	saslAuthzTo/From stuff ... when comparing IDs to saslAuthzTo/From values, the saslAuthzTo saslAuthzFrom values can take different forms: dn[.<style>]:<pattern> <style> ::= exact ; exact match children ; children of <pattern> match subtree ; <pattern> or children of <pattern> match regex ; <pattern> is regcomp() & regexec() if no <style>, then exact is assumed u[.<mech>][/<realm>]:<user> when parsing a proxyAuthz value, only exact DN is allowed, and no <mech> can be specified. <user> cannot contain ':' and <mech> cannot contain '/'.	2003-12-13 23:02:59 +00:00
Howard Chu	0d8613c274	Use c_authmech when c_sasl_bind_mech is empty	2003-12-13 22:43:01 +00:00
Howard Chu	e85cd1e154	Fix prev commit, use c_authtype	2003-12-13 22:16:03 +00:00
Howard Chu	d9aec4ef28	Always set c_authmech	2003-12-13 21:39:51 +00:00
Kurt Zeilenga	4bedf015f0	cleanup	2003-12-13 18:57:00 +00:00
Kurt Zeilenga	dbc37977f2	Look for the '@' in userid@realm in reverse so that a@b@c results ... in userid of a@b and realm of c.	2003-12-13 17:25:59 +00:00
Pierangelo Masarati	6e5ddd6420	note a potential problem	2003-12-13 17:21:17 +00:00
Pierangelo Masarati	5a00f25542	conn must be non-null	2003-12-13 15:29:49 +00:00
Pierangelo Masarati	d6bc071dd9	add subtree/children styles to saslAuthzTo/From; 'dn:' now defaults to exact	2003-12-13 12:23:56 +00:00