mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
13,069 Commits 38 Branches 307 Tags 74 MiB
3356017b93
Commit Graph

7315 Commits

Author SHA1 Message Date
Pierangelo Masarati
3356017b93 complete ACI syntax exploitation 2005-08-19 00:25:18 +00:00
Pierangelo Masarati
9c02a32b7c more about matchedDN in back-meta (ITS#3944) 2005-08-18 14:55:28 +00:00
Pierangelo Masarati
ef38cc9501 cleanup 2005-08-18 12:50:48 +00:00
Pierangelo Masarati
66c173deb9 a bit redundant, but works around ITS#3951 2005-08-18 12:14:07 +00:00
Pierangelo Masarati
11211d0dae strip entryDN from search entries; frontend will reattach it :( 2005-08-18 11:26:29 +00:00
Pierangelo Masarati
e066ec210e merge sml_managing into sml_flags (SLAP_MOD_MANAGING) 2005-08-18 08:48:10 +00:00
Pierangelo Masarati
9487629061 zero out sml_managing any time a Modifications is built (use calloc?) 2005-08-18 08:12:26 +00:00
Howard Chu
315c4a3b72 ITS#3946 reset lockout status at beginning of all Binds 2005-08-18 07:05:56 +00:00
Luke Howard
2ff5c27f63 Check for NULL in be_match() 
Use be_match() in backend.c operational processing
 2005-08-18 04:34:04 +00:00
Luke Howard
53a15b6820 Use be_match() instead of testing pointer equivalence 2005-08-18 04:12:54 +00:00
Luke Howard
6cf14a777a Add be_match() macro: one cannot always compare BackendDB pointer 
values in order to test equivalence, because the overlay engine
may have reset the backend pointer to a temporary copy on the stack.

So, we test pointer equivalence of the BackendDB itself, then of
be_nsuffix -- this macro can be updated if necessary.
 2005-08-18 04:12:04 +00:00
Pierangelo Masarati
ef7421b87d more on manage access level 2005-08-18 02:25:10 +00:00
Pierangelo Masarati
add1add854 condition compile dynacl 2005-08-17 22:41:30 +00:00
Pierangelo Masarati
b2284183f9 more on manage 2005-08-17 22:06:46 +00:00
Pierangelo Masarati
965d00a1dd allow to manage entryUUID; allow to manage noUserMod attrs during add 2005-08-17 20:53:39 +00:00
Pierangelo Masarati
557f5eb2ca allow noUserMod attrs write proxying when manageDIT is set (still to work in frontend for add) 2005-08-17 19:40:02 +00:00
Pierangelo Masarati
5873048347 fix return code (prevents clean usage of back-ldap for internal searchs) 2005-08-17 19:38:36 +00:00
Pierangelo Masarati
ec49990d51 ACIs almost entirely factored out of slapd 
Added OpenLDAPaciSyntax based on ITS#3877 by Nikita Shulga
aci_mask() doesn't exploit the normalized value yet (next step)
The case #define SLAPD_ACI_ENABLED / #undef SLAP_DYNACL should
be removed
 2005-08-17 17:14:57 +00:00
Howard Chu
d247840d6b ITS#3946 use connection_destroy hook to reset lockouts instead of unbind 2005-08-17 16:42:22 +00:00
Pierangelo Masarati
69c6cd5365 fix small issues with dynacl and ACI in general 2005-08-17 14:44:41 +00:00
Pierangelo Masarati
99ea177e05 implement overlapping targets enhancement (ITS#3711) 2005-08-17 08:34:49 +00:00
Pierangelo Masarati
76f52279ef fix "matched" return and return code (ITS#3944) 2005-08-17 08:25:48 +00:00
Pierangelo Masarati
24befe380c fix resources release issue 2005-08-17 08:25:10 +00:00
Pierangelo Masarati
c4ab7b1af2 in some cases, back-meta needs to propagate pseudo-root identity even if it's not the authorizing backend 2005-08-17 08:19:37 +00:00
Pierangelo Masarati
ecd99b83dd set "matched" as appropriate (ITS#3942) 2005-08-17 08:13:24 +00:00
Pierangelo Masarati
88e89bf4e7 cleanup 2005-08-17 08:08:23 +00:00
Luke Howard
d174f6720a Add read-only SLAPI_X_ADD_STRUCTURAL_CLASS pblock extension. 
This is necessary to compensate for a regression in the SLAPI
implementation since it moved to an overlay: global add preop
plugins no longer have access to operational attributes,
because slap_mods_opattrs() is called by fe_op_add(), invoked
after the global SLAPI overlay.

(Some of our plugins need to the structural object class of the
to-be-added entry.)

I suppose an option would be to have the SLAPI overlay
optimistically call slap_mods_opattrs() (as long as this can be
called idempotently). If there are any other ideas let me know.
 2005-08-17 07:25:27 +00:00
Kurt Zeilenga
65d2925249 ITS#3941: posixGroup should be STRUCTURAL 2005-08-17 07:10:02 +00:00
Hallvard Furuseth
a0b5f5138b Remove unused label "error_return" 2005-08-16 19:45:50 +00:00
Luke Howard
f68a2b1663 Make sure we release entry lock before sending paged response 2005-08-15 11:27:42 +00:00
Howard Chu
88dd1c5659 More optimization for CSN filter checks 2005-08-15 07:18:19 +00:00
Howard Chu
8c20a11293 Fix prev commit 2005-08-15 05:36:56 +00:00
Howard Chu
71bc69bfff Optimize FINDCSN case 2005-08-15 00:04:13 +00:00
Howard Chu
b15a72caec ITS#3931 fix dnRelativeMatch return values 2005-08-14 23:08:20 +00:00
Howard Chu
f4c1eee382 ITS#3935 tweak sessionlog description 2005-08-14 08:35:31 +00:00
Howard Chu
9326c2b313 ITS#3845 allow rootpw to be used for rootdn SASL binds, based on 
patch from Jason Townsend
 2005-08-14 08:00:54 +00:00
Hallvard Furuseth
9873eb7ab0 Add missing Statslog() statements (loglevel stats/stats2): 
"ABANDON", "STARTTLS", "CANCEL", "WHOAMI", "PASSMOD", "EXT", "INTERM",
  "TLS established", SASL and Extended Response "RESULT".
In Statslog output "conn=xx fd=yy closed", append the reason in
  "()" unless client or server closed the connection after Unbind.
Still missing Statslog output from a number of failed requests.
 2005-08-14 00:14:58 +00:00
Hallvard Furuseth
a222469d0d assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL). 2005-08-13 21:10:41 +00:00
Pierangelo Masarati
f6ef5170fa personally, I'm much more comfortable using hex for log levels... 2005-08-13 16:04:40 +00:00
Howard Chu
0246338206 utime is not needed here any more 2005-08-13 13:18:00 +00:00
Howard Chu
c722dd9ca8 Rework auto-recovery logic: 
Removes ITS#3824 patch.
  Adds trace message for ITS#3833.
  Streamlines ITS#3607 patch.
 2005-08-13 12:59:45 +00:00
Kurt Zeilenga
eceb493bc0 Use IANA assigned OIDs 2005-08-12 21:24:13 +00:00
Kurt Zeilenga
7dec65ee10 Replace 666 OIDs for Assertion/pre-read/post-read controls with 
appropriate IANA assigned OIDs, and remove hide.
 2005-08-12 18:08:15 +00:00
Pierangelo Masarati
7b9173d0bb should compile also when #undef HAVE_TLS 2005-08-12 10:51:39 +00:00
Pierangelo Masarati
a23466f64a should compile also when #undef HAVE_TLS 2005-08-12 10:49:55 +00:00
Pierangelo Masarati
e93c8f18d4 minor cleanup 2005-08-11 23:53:52 +00:00
Pierangelo Masarati
d10250d9f6 add authzSyntax for authzTo/authzFrom attributes; add X-ORDERED 'VALUES' if support for ordered_value_{validate,pretty,normalize} is present; exploit normalization in slap_parseURI (only #ifdef LDAP_DEVEL) 2005-08-11 23:52:17 +00:00
Pierangelo Masarati
53a4d530d9 plug one-time leak 2005-08-11 23:35:47 +00:00
Pierangelo Masarati
2b93e9b376 wrap validate/pretty/normalize for ordered values (only #ifdef LDAP_DEVEL) 2005-08-11 23:35:15 +00:00
Pierangelo Masarati
53921b2c1a fix error message 2005-08-11 21:02:32 +00:00