mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
14,830 Commits 38 Branches 307 Tags 74 MiB
1d24564f9d
Commit Graph

127 Commits

Author SHA1 Message Date
Pierangelo Masarati
c6b6d2a5ec StartTLS (ITS#3507) + chain overlay fixes and improvements 2005-01-24 09:38:11 +00:00
Pierangelo Masarati
ae0f47b063 improve parsing of acl-authcDN/acl-passwd 2005-01-22 18:48:03 +00:00
Pierangelo Masarati
1d919d35a5 remove #ifdef's for identity assertion 2005-01-20 09:04:37 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
fefa59059d minor cleanup 2004-12-08 19:11:27 +00:00
Pierangelo Masarati
6b1c641bc1 warn users of the need to use the rwm overlay 2004-11-29 12:40:36 +00:00
Pierangelo Masarati
6eec000889 improve diagnostics 2004-11-17 17:55:44 +00:00
Pierangelo Masarati
ee4c10d5d0 allow backends to automatically install overlays; issue warnings in case of duplicates (fixes ITS#3395 for cases (1.a), (1.b) and (2) simultaneously) 2004-11-15 10:28:33 +00:00
Pierangelo Masarati
db4f223c66 improve overlay helpers 2004-11-13 17:20:24 +00:00
Pierangelo Masarati
f176935a58 remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 14:43:30 +00:00
Howard Chu
bbe986b94e Add a retry for failed connections 2004-10-01 12:00:41 +00:00
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Pierangelo Masarati
cc60b5ce76 cleanup previous fix; maybe the advanced url parsing funcs should go in some ldap_pvt.h header? 2004-07-26 08:31:01 +00:00
Pierangelo Masarati
cd7540feee cleanup URI parsing/checking (fixes ITS#3253) 2004-07-24 11:17:03 +00:00
Hallvard Furuseth
af5ab4f196 Add missing format argument for 'unhandled idassert-method' error message. 2004-07-18 07:16:34 +00:00
Pierangelo Masarati
277d921945 clear shared connections when ldap_result fails with -1 (typically, remote server is down); fixes ITS#3217 2004-07-04 23:35:18 +00:00
Pierangelo Masarati
5bfb9fd590 make authz mode selection fully manual, plus more cleanup 2004-06-20 22:42:36 +00:00
Pierangelo Masarati
5d843b2b13 detect mechs that are known to perform native authz 2004-06-19 18:32:55 +00:00
Pierangelo Masarati
f34b11760a allow a hidden parameter to instruct the proxy that the SASL mech can do native authz; will disappear as soon as I can detect it automnatically 2004-06-19 18:18:26 +00:00
Pierangelo Masarati
a18e199e0d more on identity assertion 2004-05-22 17:26:02 +00:00
Pierangelo Masarati
cdebc4d376 more on idassert: SASL bind/authz 2004-05-15 10:11:10 +00:00
Pierangelo Masarati
8b954144d6 reflect Kurt's comments on ID assertion 2004-05-14 10:01:22 +00:00
Pierangelo Masarati
3b38676dd3 complete idassert options 2004-05-13 22:12:46 +00:00
Pierangelo Masarati
66ddf62922 add idassert code (undocumented yet) 2004-05-13 20:25:53 +00:00
Pierangelo Masarati
6a1dd9a1cd exploit new frontend API 2 protocol error mapping; use urldesc... 2004-04-05 17:36:53 +00:00
Pierangelo Masarati
66ee9b2d73 carefully check the URI 2004-03-17 22:36:47 +00:00
Pierangelo Masarati
65b49dd312 add "searchFilterAttrDN" rewrite context, and allow filterstring rewrite 2004-03-10 21:11:14 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Pierangelo Masarati
529a03df53 use dedicated admin identity to proxyAuthz 2003-12-13 10:57:42 +00:00
Kurt Zeilenga
fbba83b20f notices and acknowledgements 2003-12-08 17:41:40 +00:00
Howard Chu
0690f79a5a Cleanup unknown config directive handling. 2003-12-07 07:07:00 +00:00
Kurt Zeilenga
a3d8cda201 notices and acknowledges 2003-11-27 06:35:14 +00:00
Kurt Zeilenga
16af7fdd4c Hide experimental controls and extended operations 2003-05-31 20:19:02 +00:00
Hallvard Furuseth
c5d60fc043 ctrls[] was initialized with which non-constants. 2003-05-02 13:26:25 +00:00
Howard Chu
ece7452b05 More memory context tweaks 2003-04-11 01:29:28 +00:00
Pierangelo Masarati
b4dbfb570a cleanup 2003-04-08 13:22:12 +00:00
Howard Chu
cd76391078 Fix !ENABLE_REWRITE 2003-04-07 19:48:10 +00:00
Pierangelo Masarati
96e1632d4a default remapping from target to server aliases searchResult 2003-04-07 16:59:56 +00:00
Pierangelo Masarati
93abccdee3 group rewrite/map stuff in one structure and optimize more function calls 2003-04-07 16:52:59 +00:00
Pierangelo Masarati
1bae6d28e5 silence warnings 2003-04-05 16:58:36 +00:00
Pierangelo Masarati
ab3ab80ecd more args elimination + allow specific messages when mapping client API errors to LDAP_OTHER 2003-04-04 22:20:49 +00:00
Pierangelo Masarati
ebe0bb0b52 trim unnecessary args 2003-04-03 23:23:56 +00:00
Pierangelo Masarati
17e46d8468 cleanup and fixes 2003-04-03 21:35:27 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are 
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
 2003-03-30 09:03:54 +00:00
Pierangelo Masarati
bf35f8e37f improved filter mapping/rewrite; improved result rewriting; improved attribute/objectclass mapping configuration 2003-03-01 11:08:53 +00:00
Howard Chu
187f1d2ad4 Added proxy-whoami keyword for forwarding whoami requests. 2003-02-16 11:21:15 +00:00
Hallvard Furuseth
6a51371fc5 Silence gcc warnings (signed vs. unsigned, implicit declarations, unused vars). 2003-01-19 15:03:25 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Pierangelo Masarati
85a74efc71 remove dependency from LDAP_FILT_MAXSIZ (and handle arbitrary size filters) 2002-08-09 13:51:35 +00:00
Howard Chu
e14f471a27 Add #include "lutil.h" for lutil_str* functions 2002-08-06 02:36:34 +00:00
Howard Chu
5a01db28e3 Moved slap_strcopy, slap_strncopy to lutil_strcopy, lutil_strncopy 2002-07-27 00:24:02 +00:00
Kurt Zeilenga
b5e7208cb8 Date: Thu, 2 May 2002 08:54:59 GMT 
From: h.b.furuseth@usit.uio.no
To: openldap-its@OpenLDAP.org
Subject: Patch: Bugs with back-ldap/meta mappings

Full_Name: Hallvard B. Furuseth
Version: HEAD
OS: Linux
URL: http://folk.uio.no/hbf/OpenLDAP/back-ldap.txt
Submission from: (NULL) (158.36.148.34)


The source claims the 'map' attribute has syntax
map {objectclass | attribute}   {<source> | *}      [<dest> | *]
while it actually has syntax
map {objectclass | attribute} [<local name> | *] {<foreign name> |
*}
except that the code is confused about it.  Removed attributes are
put in both the maps for local and foreign names:
	# Remove description and present title as description instead
	map attribute	description
	map attribute	description title
-->
	slapd.conf: line 10: duplicate mapping found (ignored)

Also, map.c:ldap_back_map_attrs() loops forever on removed attributes
(ie. if one asks ldapsearch for an attribute which has been removed).
 2002-06-12 16:39:05 +00:00
Howard Chu
b3d0ab87aa More cleanups for suffixmassage DNs 2002-05-01 19:05:09 +00:00
Pierangelo Masarati
c1edf76e20 use BerVarray for suffix_massaging stuff 2002-05-01 17:45:03 +00:00
Pierangelo Masarati
6feec86e5d - trim check for real naming context already defined as suffix 
- improve automatic massaging (prettify once)
- add (optimistic) automatic filter massaging
- cleanup of massaging stuff
 2002-05-01 11:41:57 +00:00
Howard Chu
c7262c7599 Added rebind-as-user option; saves bind credentials and sets a rebind_proc 
to allow chasing referrals using the same user's credentials.
 2002-04-25 02:05:34 +00:00
Pierangelo Masarati
4a8ab5dbf2 Mostly based on patches provided by Hallvard B. Furuseth 
ITS#1677 - cast away const warnings
ITS#1678 - unsigned char args to ctype funcs
ITS#1682 - don't redefine ldap_debug
ITS#1683 - uninitialized vars
ITS#1703 - ldo_debug initialization
ITS#1705 - unsigned testing
ITS#1706 - socklen_t args
ITS#1719 - back-tcl update (other cleanups/fixes/improvements; yet untested)
ITS#1724 - integerNormalize/integerFilter/integerIndexer bugs
ITS#1725 - libdes not required

Implement back-null (/dev/null style backend)
Cleanup some misc warnings ("%lu" format, unused/uninitialized vars,
        ambiguous operator precedence)

Kurt, please regenerate configure
 2002-04-08 09:43:22 +00:00
Pierangelo Masarati
39a652d2de cleanup and better dn handling 2002-01-12 16:04:15 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Pierangelo Masarati
4f4f5dc93f move mapping in a separate file 2002-01-04 18:01:56 +00:00
Pierangelo Masarati
bd535be5cb hide mapping initialization 2002-01-04 17:51:20 +00:00
Howard Chu
bcdfdb968f Changed AttributeName back into an array instead of a linked list. 
Fixed bug in do_search eating up controls.
 2002-01-03 05:38:26 +00:00
Kurt Zeilenga
38d800637f Use AC_MEMCPY instead of memcpy 
Use sizeof instead of strlen
 2002-01-02 16:58:37 +00:00
Howard Chu
f52cc9bab5 Change struct berval ** to BVarray 2002-01-02 11:00:36 +00:00
Howard Chu
743c402265 Changed search attrs from struct berval ** to AttributeName * 2001-12-31 11:35:52 +00:00
Howard Chu
975a5e9a24 Added dnPretty2/dnNormalize2 using preallocated destination berval 2001-12-29 04:48:00 +00:00
Howard Chu
6b413395fd More struct beral conversion 2001-12-28 04:20:08 +00:00
Howard Chu
d00fe773ae Fix attrs handling 2001-12-26 09:19:57 +00:00
Howard Chu
ef0b308bea Changed backglue configuration. Added noSubordinates arg to select_backend 
to deal with glued subordinates.
 2001-12-10 12:09:40 +00:00
Pierangelo Masarati
74fa239a20 This is the commit of: 
- librewrite, for string rewriting; it may be used in back-ldap
    by configuring with '--enable-rewrite'. It must be used in
    back-meta. There's a text file, 'libraries/librewrite/RATIONALE',
    that explains the usage and the features. More comprehensive
    documentation will follow.
  - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137)
    including dn rewriting, a fix to group acl matching and so
  - back-meta: a new backend that proxies a set of remote servers
    by spawning queries. It uses portions of back-ldap and the rewrite
    capabilities of librewrite. It can be compiled by configuring
    with `--enable-ldap --enable-rewrite --enable-meta'.
    There's a text file, 'servers/slapd/back-meta/Documentation', that
    describes the main features and config statements.

Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as
my autoconf version must be different: my configures contain a number
of differences and I didn't feel comfortable in adding them :)
 2001-05-12 00:51:28 +00:00
Mark Valence
6e6118c6cc attribute & objectclass mapping rules 2001-02-19 19:14:12 +00:00
Howard Chu
4703fe82b2 Pierangelo Masarati's bugfixes and enhancements for suffix-massaging. 
See the Changes file for detailed description.
 2001-01-19 21:27:20 +00:00
Kurt Zeilenga
c55a82baa2 Mark as "altered version" 2001-01-17 07:09:22 +00:00
Mark Valence
3d599d1bd3 Use "uri" directive (instead of "server") to specify server. Add "bin 
ddn" and "bindpw" directives for supporting group lookups.
 2000-06-05 04:59:26 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers. 
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
 1999-09-08 19:06:24 +00:00
Kurt Zeilenga
8ac21b67a1 more const'ification 1999-08-20 19:29:43 +00:00
Howard Chu
967d1dcb2d For ITS#157: Added LDAP backend for slapd, which also required adding 
LDAP_OPT_MATCH_STRING to ldap.h and libldap/options.c.
 1999-05-26 02:35:20 +00:00