Commit Graph

693 Commits

Author SHA1 Message Date
Kurt Zeilenga
05463503e8 ITS#3118: fix objectIdentifierFirstComponentMatch for schema elements 2004-04-28 20:10:21 +00:00
Pierangelo Masarati
b9dcdbb2d8 rename macro accordingly to new authz naming 2004-04-20 19:12:56 +00:00
Kurt Zeilenga
1372965d89 ITS#3092: Rename sl_free() and friends to slap_sl_free() 2004-04-20 03:44:57 +00:00
Pierangelo Masarati
7be90a7ddf remove unused structure member ps_id 2004-04-17 15:01:13 +00:00
Pierangelo Masarati
e46e44c34d enable use of librewrite for sasl-regexp only if librewrite is compiled (ITS#3084) 2004-04-14 23:17:57 +00:00
Pierangelo Masarati
c0c24cfec5 first round of SHADOW flags/isupdate test unification 2004-04-10 10:00:58 +00:00
Kurt Zeilenga
2f924dc488 Temporary defines for SLAP_*_SHADOW. 2004-04-09 20:43:15 +00:00
Pierangelo Masarati
b157f668b7 honor sizelimit requests on the overall count when pagedResults control is used; cleanup and more features 2004-04-09 17:55:21 +00:00
Pierangelo Masarati
36941332a1 improve previous commit; now special limit on the number of total entries of a paged results can be set via the limits. Need to decide whether the default should be unlimited or what 2004-04-09 12:26:34 +00:00
Pierangelo Masarati
fadf3398d4 honor size limits when using paged results 2004-04-09 11:44:28 +00:00
Kurt Zeilenga
c7f0438044 bvalue cleanup 2004-04-08 06:49:17 +00:00
Kurt Zeilenga
13d25a675f cleanup 2004-04-06 01:48:36 +00:00
Kurt Zeilenga
37ef5350bd Rework return of update referrals 2004-04-06 00:47:21 +00:00
Kurt Zeilenga
843400deb7 Add SLAP_SHADOW(be): true if be is a shadow database (via any mech) 2004-04-05 21:54:40 +00:00
Kurt Zeilenga
2fcaa15b90 First rounds of backend/database flag cleanup 2004-04-05 21:00:16 +00:00
Pierangelo Masarati
873be21a22 add referral check to functions elaborated by overlays 2004-04-05 17:28:13 +00:00
Howard Chu
e9188de738 Replaced slap_overinfo.oi_bd with oi_orig. 2004-03-20 12:56:31 +00:00
Kurt Zeilenga
e323437c6a cleanup for release engineering 2004-03-18 01:06:39 +00:00
Howard Chu
cdeda34029 Add c_conn_idx, to simplify external modules managing per-connection state 2004-03-12 18:22:37 +00:00
Pierangelo Masarati
042869366d use "expand" instead of "regex" for group ACLs that allow substring expansion, preserving backwards compatibility; add sanity checks 2004-03-09 16:33:05 +00:00
Luke Howard
87a02dbb14 Support server search flag control as alias for permissive modify
Recognise tree delete control - needs backend support
2004-03-09 14:05:01 +00:00
Pierangelo Masarati
a4e062ca36 apply advanced peername ACL (ITS#2907) 2004-03-08 18:49:12 +00:00
Pierangelo Masarati
091246c6fd move limits evaluation to frontend 2004-03-08 18:12:45 +00:00
Howard Chu
87a4c01b29 ITS#2998 rename pcl -> be_pcl 2004-03-05 10:33:41 +00:00
Howard Chu
b480d7c9ff Added pwdexop request structure to avoid redundant parsing 2004-02-29 19:04:34 +00:00
Jong Hyuk Choi
0c58aa3ab9 Glue entry pruning support: delete the parent entries when they are glue and become leaf 2004-02-23 22:47:55 +00:00
Pierangelo Masarati
4e57108991 allow search limits based on groups (ITS#2967) 2004-02-18 16:40:36 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Kurt Zeilenga
c7f1759e80 Misc cleanup 2003-12-30 01:26:38 +00:00
Howard Chu
d8f9f4ee22 Revert prev commit, unnecessary 2003-12-25 14:57:26 +00:00
Howard Chu
d31230f859 Fix replog sequencing - assign sequence numbers at beginning of operation,
instead of getting a timestamp at the end. This makes it possible for
slurpd to sort the log later.
2003-12-23 18:48:36 +00:00
Kurt Zeilenga
9647ccd945 Completely untested built-in EXTERNAL implementation
Needs identity mapping and proxy authorization support
2003-12-18 06:52:39 +00:00
Kurt Zeilenga
271fff13de Sync with HEAD 2003-12-17 17:55:27 +00:00
Pierangelo Masarati
ee34f3fb64 add to 'val[.<style>=<value>' ACLs special match styles for DN-valued attributes; add negated objectClass to attribute name lists for ACLs and partial replication 2003-12-16 00:49:10 +00:00
Kurt Zeilenga
552a51ca50 Tweak the codes 2003-12-11 07:28:01 +00:00
Kurt Zeilenga
38ccdaf7a3 unifdef -DLDAP_CONTROL_PAGEDRESULTS (as it is always defined) 2003-12-08 18:16:07 +00:00
Howard Chu
be1a728c5b Added sc_next and sc_cleanup to slap_callback 2003-12-07 08:51:23 +00:00
Howard Chu
0690f79a5a Cleanup unknown config directive handling. 2003-12-07 07:07:00 +00:00
Howard Chu
74db966ebb Move SLAB_SIZE def to slap.h 2003-12-06 22:30:45 +00:00
Howard Chu
1762b5b71d Overlay build environment, remove internal proxycache support 2003-12-06 11:04:39 +00:00
Pierangelo Masarati
723bc044e0 changes required to use rwm overlay 2003-12-06 10:54:10 +00:00
Kurt Zeilenga
4e15a84452 Updated notices 2003-11-27 01:17:14 +00:00
Jong Hyuk Choi
4ae382fd79 misc updates
- syncrepl : id -> rid
 - man page update
2003-11-26 21:37:44 +00:00
Jong Hyuk Choi
1fdda703e6 Support multiple sync replication at the consumer :
1) simultaneous operation of multiple active sync replication threads
2) cookie management for individual sync replication thread
   (include rid=%3d to the slapd cookie command line option (-c))
2003-11-26 19:49:47 +00:00
Jong Hyuk Choi
f97dc983ac Collective entryUUID transmission of PRESENT messages in a single PDU
(refer to draft-zeilenga-ldup-sync-04.txt)
2003-11-20 02:14:47 +00:00
Jong Hyuk Choi
f6db6d336f misc cleanup 2003-11-18 19:08:33 +00:00
Jong Hyuk Choi
f3586499d0 update ldapsync/syncrepl code according to the new version of
the protocol (draft-zeilenga-ldup-sync-04)
2003-11-11 20:25:19 +00:00
Jong Hyuk Choi
279760a467 1. Session history support
- memory based session history to minimize sync traffic
	- when client is covered by a session history, then
      [add+delete] mode is used
	- when client cookie is not covered by the history because
      the cookie is too outdated and/or the history is truncated,
	  [add+present] mode is used
2. Sync cookie syntax : comma separated name=value pairs
	- csn=yyyymmddhh:mm:ssZ#0xSSSS#r#ssssr,sid=nnn
2003-11-10 02:44:25 +00:00
Howard Chu
f2e1d7434b Fix ASCII_HEX tests 2003-11-03 07:00:16 +00:00
Kurt Zeilenga
80fa73bf8c Update entryUUID to latest draft specification 2003-10-31 17:41:31 +00:00
Howard Chu
08676eb49d Add support for outbound connections in main listener.
Restructure syncrepl/persist to use outbound connection manager.
2003-10-24 12:57:24 +00:00
Kurt Zeilenga
d0c05e814d Add a basic DIT content rule test.
Fix DIT rules to allow extensibleObject in AUX
unifdef -DSLAP_EXTENDED_SCHEMA
2003-10-24 04:40:32 +00:00
Howard Chu
102d8159a7 ITS#2779, cache group ACLs per operation instead of per-connection 2003-10-23 01:23:45 +00:00
Kurt Zeilenga
ce4b199485 Syncrepl code cleanup (namely prefix struct field names) 2003-10-22 05:19:30 +00:00
Howard Chu
b6835be962 ITS#2747, Reorganize syncrepl, fix some memleaks. More remain. 2003-10-18 14:13:37 +00:00
Kurt Zeilenga
aa225c2c70 Explicitly mark attribute/assertion syntax of values to be normalized 2003-10-18 06:18:05 +00:00
Jong Hyuk Choi
d5823fa912 no caching flag in Operation structure 2003-09-25 07:48:53 +00:00
Howard Chu
6da0f1e48e ITS#2573 dynamic group support
moved labeledURI into system schema
  attribute types that inherit from labeledURI may be used in dynamic
    groups e.g. access to * by group/groupOfURLs/memberURL=foo
2003-09-20 08:16:04 +00:00
Howard Chu
1240c70ff4 ITS#2497, implement value-level ACLs:
access to attr=foo val.regex=bar.*
2003-09-20 03:23:10 +00:00
Kurt Zeilenga
99f968b597 Initial support for pre/post read controls.
TODO:
	Fix transactional consistency
	Add client response control handling
2003-09-16 18:56:04 +00:00
Jong Hyuk Choi
7f882daf15 Schema checking option for LDAP Sync replication 2003-09-03 21:42:52 +00:00
Jong Hyuk Choi
d06d4d33a8 no schema checking patch for proxy cache (apurva) 2003-09-03 15:44:22 +00:00
Jong Hyuk Choi
c36f32a9e4 slaptool update for LDAP Sync replication 2003-08-30 15:19:35 +00:00
Jong Hyuk Choi
9760933c20 unifdef LDAP_CACHING 2003-08-27 23:21:17 +00:00
Jong Hyuk Choi
090ac0a772 unifdef LDAP_SYNC and LDAP_SYNCREPL 2003-08-27 22:16:04 +00:00
Jong Hyuk Choi
4559aa06aa cleanup 2003-08-27 20:51:04 +00:00
Jong Hyuk Choi
286986c4e8 NO_SCHEMA_CHECK backend flag 2003-08-27 16:40:26 +00:00
Jong Hyuk Choi
660617ae66 Context CSN patch (1)
- currenty works for refreshOnly mode of LDAP Sync
- Context CSN for add / modify is implemented
- code for delete / modrdn / refreshAndPersist will be soon committed
2003-08-23 02:51:33 +00:00
Jong Hyuk Choi
6659cf3ea1 LDAP Sync protocol change : state mode (add+present) and log mode (add+delete) 2003-08-14 16:27:36 +00:00
Jong Hyuk Choi
fcc59c6488 Proxy caching update : op->o_caching_on flag removed 2003-08-14 02:11:46 +00:00
Kurt Zeilenga
b54780f940 Add initial support for modify/increment. No over/under flow detection.
Currently discovered via a "feature", but should use a control.
Start of a control made, but needs to be better integrated (with
auto use in ldapmodify(1)).
2003-08-07 16:42:40 +00:00
Jong Hyuk Choi
2b803b0459 SyncRepl is changed to share the following routnines :
slap_mods_opattrs(), slap_mods_check(), slap_mods2entry()
2003-07-11 01:01:27 +00:00
Luke Howard
c9e134f0f7 Support for SLAPI plugin extensions API.
This API allows a plugin to associate arbitrary context with an
internal server object such as a connection or operation.

Some documentation is at:

http://enterprise.netscape.com/docs/directory/602/plugin/function.htm#1104211
2003-07-03 19:04:18 +00:00
Jong Hyuk Choi
cc6f31782d - partial attribute replication tested ok
- conf file processing udpate
- misc updates
2003-07-02 14:51:23 +00:00
Jong Hyuk Choi
7087a8f58d ITS#2618 fix 2003-06-27 20:29:32 +00:00
Jong Hyuk Choi
262f8bf11f LCUP primitive routines removed 2003-06-27 17:39:48 +00:00
Jong Hyuk Choi
5a5da65d36 #ifdef'ing SLAP_OC_GLUE definition 2003-06-25 16:46:36 +00:00
Jong Hyuk Choi
5d203d0cc5 not returning glue entries unless manageDSAit is set 2003-06-25 16:22:08 +00:00
Jong Hyuk Choi
86196e11a0 - syncrepl uses LDAP URL only 2003-06-23 14:15:28 +00:00
Jong Hyuk Choi
f07179ca61 syncrepl changes
- can handle multiple syncinfo
- ldap_sync_search() added
2003-06-11 17:03:57 +00:00
Howard Chu
09d05a57c2 More overlay tweaks. Added LDAP chaining overlay. 2003-06-11 04:36:35 +00:00
Howard Chu
62da6969dc Preliminary backend overlay support, based on backglue, not tested... 2003-06-11 02:27:51 +00:00
Kurt Zeilenga
544805dcec localize SYNCREPL config defines 2003-06-10 18:36:47 +00:00
Kurt Zeilenga
a908d75f0c s/tls/starttls/
s/master/provider/
2003-06-10 18:33:44 +00:00
Kurt Zeilenga
3ca2a91ae1 Assertion control with no backend support (yet) 2003-06-10 02:19:30 +00:00
Hallvard Furuseth
efcb1b0bc0 Remove comma at end of enumerator list. 2003-06-03 17:47:26 +00:00
Kurt Zeilenga
cc6630d8dd Don't bother to hide when LDAP_DEVEL is defined. 2003-05-31 20:57:14 +00:00
Kurt Zeilenga
16af7fdd4c Hide experimental controls and extended operations 2003-05-31 20:19:02 +00:00
Kurt Zeilenga
11f990a641 Fix intermediate responses 2003-05-31 05:32:57 +00:00
Kurt Zeilenga
12304f64e5 Merge partial and intermediate responses 2003-05-31 05:01:49 +00:00
Kurt Zeilenga
03233d2719 Move SYNC, SYNCREPL, and LDAP_CACHING out from behind LDAP_DEVEL 2003-05-31 02:55:23 +00:00
Kurt Zeilenga
0954351565 Change ACL default style to exact (from regex) 2003-05-30 05:24:39 +00:00
Kurt Zeilenga
193c7ca228 Fix matching rule flags 2003-05-30 02:17:30 +00:00
Howard Chu
8e550fae0c Streamlined listener/select/accept handling:
For ITS#2482:
  added sl_is_mute flag to Listener - when set, the listener is ignored
  if accept() on a listener fails with EMFILE, set the sl_is_mute flag
  when removing a connection, if emfile != 0, look for a listener to unmute

  For ITS#2374:
  if global_idletimeout is set and there are active sessions, use a timeout
  on the select() to actively detect idle sessions.
2003-05-15 13:10:52 +00:00
Howard Chu
6aa3637545 Added SLAP_TOOL_READMAIN and SLAP_TOOL_READONLY slapMode flags. The rw
arg to tool_entry_open comes too late for back-bdb to use.
2003-05-11 07:03:48 +00:00
Jong Hyuk Choi
ca1da5b89a -reenabling LDAP_CACHING 2003-05-09 16:48:50 +00:00
Jong Hyuk Choi
986bcd52a9 -syncUUID search in syncrepl
-test017-syncreplication
2003-05-09 06:50:44 +00:00
Jong Hyuk Choi
6b0e1b39e5 temporarily disable LDAP_CACHING (till API update) 2003-05-05 16:03:59 +00:00
Jong Hyuk Choi
e8cd5c2386 - LDAP_SYNCREPL defined in include/ldap.h
- add "updatedn" to the replication specification
- return referral to update to the slave server
2003-05-01 23:39:29 +00:00
Howard Chu
46e2b97757 ITS#2424 use two SASL contexts per session to conform to RFC 2222 2003-05-01 04:11:57 +00:00
Jong Hyuk Choi
c4f7bcfc56 list of nonpresent entries in syncinfo_t 2003-04-30 16:38:15 +00:00
Kurt Zeilenga
a0bcff1630 generic first component matching routines
Need to add specific routines for schema attribute types
2003-04-28 04:41:47 +00:00
Jong Hyuk Choi
86a46c267a OpenLDAP synchronization based replication engine 2003-04-21 14:08:13 +00:00
Pierangelo Masarati
d9d5912383 use syntax and matching rules knowledge when preparing SQL filters (to reduce pseudo-normalization efforts and search candidate number) 2003-04-16 10:22:33 +00:00
Kurt Zeilenga
1260da0cbf Add comments about associated rules. Need to add checks
in mr.c, populated their values in schema_init.c, and then
put them to use.
2003-04-16 03:30:20 +00:00
Pierangelo Masarati
1fa756cd24 backout unintended commit :) 2003-04-15 21:58:16 +00:00
Pierangelo Masarati
adf3744dd6 fix backsql new API; use berbuf instead of berval 2003-04-15 21:55:25 +00:00
Pierangelo Masarati
be8820d660 HEADS-UP: complete reworking of back-monitor 2003-04-12 17:41:49 +00:00
Howard Chu
ece7452b05 More memory context tweaks 2003-04-11 01:29:28 +00:00
Howard Chu
f897519d11 Minor cleanups 2003-04-09 23:37:00 +00:00
Howard Chu
813d5c8ed8 First cut at thread-local malloc. Only used by search() for now...
Needs work in normalizers, etc.
2003-04-09 16:52:03 +00:00
Kurt Zeilenga
b59bb2de35 More #unifdef -DSLAP_NVALUES 2003-04-06 19:16:49 +00:00
Kurt Zeilenga
c75be97ae9 #ifdef -DSLAP_NVALUES 2003-04-05 03:35:16 +00:00
Kurt Zeilenga
2d68ec09f2 #unifdef -DSLAP_NVALUES_ON_DISK 2003-04-05 03:11:29 +00:00
Kurt Zeilenga
4ecf817a87 NVALUES_ON_DISK enabled by default 2003-04-02 18:05:10 +00:00
Howard Chu
9355dca9af Consolidated slap_callbacks into one function. Removed send_search_result. 2003-04-01 04:12:18 +00:00
Howard Chu
bc9aa656a2 Shorthand macros for request fields 2003-03-31 05:10:10 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
2003-03-30 09:03:54 +00:00
Howard Chu
3a71bddbc4 ITS#2389 - added conn_max_pending/auth config keywords to cap the number
of outstanding requests on a connection. Set rate limits for request
execution:
   no connection can have more than maxthreads/2 ops executing at once.
   a connection that is write-blocked will not execute any new ops.
   queued ops must drain before any new ops can execute.
If the queue exceeds the max_pending limit, the connection is closed.
...also fixed a bug where a connection was not marked active if it never
received a Bind.
2003-03-27 03:35:46 +00:00
Howard Chu
99950e4fe4 Deleted BackendInfo->bi_acl_attribute, bi_acl_group.
Replaced with bi_entry_get_rw.
Implemented for back-bdb, back-ldbm, back-ldap.
2003-03-26 11:50:03 +00:00
Howard Chu
945fd190f9 SLAP_OP_BLOCKS - added response block 2003-03-25 23:42:55 +00:00
Kurt Zeilenga
c9805cf0c8 Add SLAP_NVALUES_ON_DISK define (but not code) 2003-03-23 03:23:32 +00:00
Kurt Zeilenga
91a2fb1c96 Add namingCSN attribute type
Make SLAP_NVALUES the default.
2003-03-23 02:58:36 +00:00
Kurt Zeilenga
9ac9102b55 Undo last commit 2003-03-16 23:54:40 +00:00
Kurt Zeilenga
8b6e1db2d3 SLAP_NVALUES: remove all the extra frees 2003-03-16 23:54:22 +00:00
Kurt Zeilenga
72b6f82cc4 Tweak SLAP_OP_BLOCKS 2003-03-11 17:26:57 +00:00
Howard Chu
ed884fe0ee Added proposed request parameters to Operation. #ifdef'd, not active.
Replaces "be, conn, op" triple with just "op" for most functions. Removes
individual arguments from backend op functions. Please review/comment.
2003-03-11 10:39:32 +00:00
Howard Chu
40454ccec8 Added op->o_is_auth_check; use ACL_AUTH instead of ACL_SEARCH/ACL_READ
in access_allowed() if flag is set. Set in sasl/saslauth searches.
2003-03-10 22:07:21 +00:00
Jong Hyuk Choi
6f81235386 Commit of the Proxy Cache contribution (ITS#2062)
from IBM India Research (Apurva Kumar)
Code review by Pierangelo, Kurt, and Jong.
2003-03-06 19:44:41 +00:00
Howard Chu
3955eaede2 Fix LDAP_DEBUG/LDAP_SYSLOG test 2003-03-05 02:22:58 +00:00
Pierangelo Masarati
51849d6ecb fix ITS#2343 2003-03-03 22:25:28 +00:00
Luke Howard
cc39f75261 Support for dynamic registration of controls, both through native and
SLAPI plugins.
2003-02-28 12:34:35 +00:00
Howard Chu
507781eeb3 Partial fix of ITS#2335, restore proper CLDAP msg format for LDAPv2 2003-02-28 08:34:31 +00:00
Kurt Zeilenga
840f3644f4 SLAP_NVALUES: a couple of basic normalizers... but not working yet. 2003-02-28 05:13:29 +00:00
Kurt Zeilenga
32399d9bd9 axe mr_ptr in favor or schema_prep 2003-02-27 03:29:07 +00:00
Kurt Zeilenga
152829be87 SLAP_NVALUES:
schema engine updated (but not schema routines so things don't run yet)
	nvalues mostly populated, enough for tests 0-2 to pass
	schema routines needs lots of work
	modify/mods codes needs lots of work
2003-02-27 01:54:43 +00:00
Kurt Zeilenga
baa5c88d75 whoops (again). Don't define SLAP_NOVALUES yet. 2003-02-26 16:48:31 +00:00
Kurt Zeilenga
dd66e6e929 SLAP_NVALUES, round 3 2003-02-26 07:39:30 +00:00
Kurt Zeilenga
25886d989a Change MR flag names and add comments as to what they mean to slap.h 2003-02-26 02:55:28 +00:00
Kurt Zeilenga
51e841c694 Whoops, SLAP_NVALUES should be off for now 2003-02-25 23:46:40 +00:00
Kurt Zeilenga
122f5d4299 *** empty log message *** 2003-02-25 23:16:21 +00:00
Kurt Zeilenga
6390e947b0 SLAP_NVALUES, round 2 2003-02-25 22:49:41 +00:00
Kurt Zeilenga
8502301b00 Round one of SLAP_NVALUES code 2003-02-25 21:08:48 +00:00
Kurt Zeilenga
4d9a4174f5 Lower SLAP_MAX_WORKER_THREAD to 16 (from 32) 2003-02-17 17:36:01 +00:00
Howard Chu
65bf90ff73 Use struct berval for exop reqoid everywhere. Define berval constants
for the known exops.
2003-02-16 06:15:28 +00:00
Kurt Zeilenga
1a14def903 Use function pointers to get at backend routines. 2003-02-14 20:51:35 +00:00
Kurt Zeilenga
074b1a0d3a Place SLAP_EXTENDED_SCHEMA behind defined(LDAP_DEVEL) 2003-02-13 20:47:46 +00:00
Kurt Zeilenga
8f82e9f772 ITS#2117: remove suffixalias support until someone fixes it 2003-02-09 07:20:03 +00:00
Kurt Zeilenga
282f6bc32d Cancel exop updates 2003-02-09 05:54:45 +00:00
Kurt Zeilenga
c04e9ac993 rename "permit modify" control to "permissive modify"
rename "no referrals" controls to "domain scope"
misc cleanup
2003-02-09 05:39:21 +00:00
Kurt Zeilenga
48d47954a6 Rework #ifdef'ing of expermental controls to ease release engineering
using LDAP_DEVEL (to indicate experimental) to enable experimental features
(true for HEAD unless LDAP_REL_ENG is defined)
2003-02-08 21:53:05 +00:00
Jong Hyuk Choi
85b1783d5c LDAP Sync Operation (draft-zeilenga-ldup-sync) as a groundwork for an LDAP replication design 2003-02-05 07:37:02 +00:00
Jong Hyuk Choi
e1bf8cc437 Intermediate Response 2003-02-03 17:28:19 +00:00
Luke Howard
dfc7d338a6 Add sendreference callback 2003-02-01 07:04:13 +00:00
Jong Hyuk Choi
0c43007e55 LDAP cancel operation 2003-01-25 00:36:50 +00:00
Luke Howard
eec370af52 LDAPv3 over UDP disposition is now compatible with Active Directory
Stubs for PermitModify/NoReferrals controls; implementation coming soon
2003-01-23 15:12:53 +00:00
Kurt Zeilenga
6d1ca4c747 Remove values match v. filter struct field macro overloads
Use LDAP_SLISTs instead of per-struct list management for schema structs
misc cleanup and lint removal
2003-01-20 20:21:17 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Howard Chu
7c7daf8556 Statslog additions:
Added StatslogTest macro.
	Added attributes to modify and search Statslog.
	Added Statslog of SASL authcid.
2002-12-16 12:14:37 +00:00
Hallvard Furuseth
486eaa69b6 Rename "lang(uage)" to "tag(s)". (Cleanup after attribute options patch.) 2002-12-13 19:15:20 +00:00
Hallvard Furuseth
54728f367e Implement user-defined tagging attribute options and ranges 2002-12-12 13:56:05 +00:00
Hallvard Furuseth
fbbbdd8b94 ITS#2215: Let Statslog() work if only one of LDAP_DEBUG/LDAP_SYSLOG is #defined 2002-12-09 18:18:14 +00:00
Pierangelo Masarati
1b70e16448 SLAPI - Netscape plugin API for slapd - based on patch contributed by Steve Omrani <somrani@us.ibm.com> as ITS#2073 2002-12-07 17:19:29 +00:00
Pierangelo Masarati
8e74ed4dfc fix initialization size and silence warning 2002-12-05 11:47:44 +00:00
Howard Chu
09679eb715 Added SLAP_MR_VALUE_NORMALIZED_MATCH, avoid redundant normalize when
calling value_find with already-normalized DNs
2002-12-04 18:19:46 +00:00
Howard Chu
827ea96e16 ITS#1523 enhanced ACL caching 2002-12-04 02:35:00 +00:00
Kurt Zeilenga
da76c1951e First-cut proxy authorization support. 2002-12-03 06:11:32 +00:00
Kurt Zeilenga
8754c8f2a3 #unifdef paged results, remove lint 2002-11-28 04:38:41 +00:00
Pierangelo Masarati
415a8d325f add limits to entries count for paged results 2002-11-21 20:49:02 +00:00
Pierangelo Masarati
c354bb23bf Support for RFC 2696:
LDAP Control Extension for Simple Paged Results Manipulation

contributed by Lynn Moss <lynnmoss@us.ibm.com> (ITS#2189)

applied with changes.
2002-11-21 02:16:53 +00:00
Pierangelo Masarati
76bf91f553 remove #ifdef SLAP_FILTER_HASSUBORDINATES 2002-11-10 19:48:36 +00:00
Kurt Zeilenga
6f59ca0e5b Add superiorUUID to system schema 2002-10-28 20:01:55 +00:00
Pierangelo Masarati
f07cabad0f need to move #define here; on by default 2002-10-26 16:32:11 +00:00
Pierangelo Masarati
7b3f889ec1 fix hasSubordinate filtering; now it can be safely turned on 2002-10-26 16:18:31 +00:00
Kurt Zeilenga
36569048ff Add "allow update_anon"
Fix -USLAP_X_LISTENER_MOD builds
2002-10-25 18:47:24 +00:00
Jong Hyuk Choi
8074294f1d LCUP persistent search code drop 2002-10-25 17:51:30 +00:00
Pierangelo Masarati
97e526cb2d add restrictions related to listeners in form of file permissions
(see in slapd(8) the description on how to enforce file permissions
on sockets in ldapi schema); at present, only user permissions are
used as follows: the url extension x-mod=-rwxrwxrwx is used; only
the user permisisons are considered, e.g. the first set of rwx;
	"r" means read is allowed from that listener
	"w" means write is allowed on that listener
	"x" means bind is not required on that listener
these restrictions ADD to those already present, and are actually
checked AFTER the other restrictions, but BEFORE ACLs, so they can
be used to apply gross restrictions but should not be viewed as
a replacement of ACLs. To compile this, #define SLAP_X_LISTENER_MOD
2002-10-25 16:43:44 +00:00
Pierangelo Masarati
956f1d16aa listener:
- use bervals for url and sockname
- pass connection_init() the listener struct pointer instead of each value
- don't copy them in the Connection struct 'cause they're not going to change
- define macros for legacy usage of c_listener_url and c_sockname
2002-10-24 10:03:52 +00:00
Kurt Zeilenga
1aa829922f Implement content rule checks
w/ implicit default rules allowing any auxiliary class to be mixed in
2002-10-09 23:02:01 +00:00
Kurt Zeilenga
acc32b9d9e Basic framework for DIT Content Rules (not yet enforced) 2002-10-09 07:11:50 +00:00
Kurt Zeilenga
023d0e2a5c Rework unprotected simple bind checks 2002-10-08 19:03:18 +00:00
Kurt Zeilenga
f5e6d1db41 #unifdef -DSCHEMA_DN 2002-09-29 04:30:38 +00:00
Jong Hyuk Choi
1509e321de LCUP Response Control Code 2002-09-14 00:29:06 +00:00
Kurt Zeilenga
37d9880495 Some LCUP clean up 2002-09-06 00:29:20 +00:00
Jong Hyuk Choi
4b48c05a8e LDAP Client Update Protocol - non-persistent update (TODO: response control ...) 2002-09-04 02:00:42 +00:00
Kurt Zeilenga
8a5b200c44 Add appropriate matching rule checks.
Clean up syntax error reporting.
2002-09-03 07:01:09 +00:00
Kurt Zeilenga
e9a71156cc Add matching rule use support where assertion syntax != value syntax 2002-08-31 20:42:25 +00:00
Pierangelo Masarati
e2ec62f09f add matchingRuleUse to schema; use a berval instead of _oidlen in syntax and matching rule 2002-08-31 10:45:22 +00:00
Pierangelo Masarati
fbc11bd16a - added the capability to filter based on hasSubordinate attribute
to back-bdb, back-ldbm and back-sql (the latter with limitations);
- added handling of ":dn" attributes to extended rfc2254 filters
  and to matched value filter
- altered the behavior of get_mra() when a matching rule is given:
  now it checks whether it is compatible with the attribute syntax
  and, in case it is, the given mr is used.  In case of no type,
  the check is delayed when filtering
2002-08-29 10:55:48 +00:00
Kurt Zeilenga
1086ffb438 Round one of subclass indexing for objectClass and structualObjectClasss.
add soc_cname to ObjectClass structure
2002-08-29 01:12:59 +00:00
Howard Chu
9f5b28baf3 Remove c_sasl_bindmutex, Binds are already serialized. 2002-08-26 22:20:30 +00:00
Kurt Zeilenga
1c5725010e Add a Connection pointer to the Operation. 2002-08-26 19:29:34 +00:00
Howard Chu
925714ceef Experimental cruft to propagate valid Operation to SASL callbacks.
If you have a better way, jupm on in...
2002-08-24 07:34:50 +00:00
Howard Chu
8c30114d84 Added thread-pool getkey/setkey functions 2002-08-24 05:39:43 +00:00
Howard Chu
e5091f5926 Updated register_syntax, register_matching_rule for more convenient
calling from other modules
2002-08-17 01:29:18 +00:00
Howard Chu
07ebdca237 ITS#1893, use "schemadn" to configure subschemasubentry DN. (diff was
inaccessible, this is original code, not contributed.)
2002-08-10 03:10:52 +00:00
Kurt Zeilenga
eb581e43e7 Fix for:
SASL regex segmentation faults with group based acls (ITS#1978)
based, in part, by patch submitted by Simon Wilkinson <simon@sxw.org.uk>.
2002-07-28 07:27:55 +00:00
Kurt Zeilenga
0371c61073 Add monitorContext rootDSE attribute 2002-06-19 06:44:16 +00:00
Kurt Zeilenga
9a38d98d37 Add option to disallow unprotected simple authentication.
Add protected simple authentication as a "strong" mechanism.
2002-06-17 22:18:27 +00:00
Kurt Zeilenga
27fdd04153 Add -4/-6 flags to slapd to force use of IPv4 or IPv6 2002-06-15 22:01:39 +00:00