mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-21 03:10:25 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,315 Commits 38 Branches 307 Tags 74 MiB
33d5f0f8f8
Commit Graph

108 Commits

Author SHA1 Message Date
Howard Chu
4191f39037 Changed slap_authz_info.sai_mech to struct berval. 
Changed sasl_* to use struct bervals.
 2002-01-26 13:57:41 +00:00
Howard Chu
ac1332cdb8 Renamed BVarray to BerVarray. Moved slapd:bvarray_{add,free} to 
liblber:ber_bvarray_{add,free}.
 2002-01-14 01:43:17 +00:00
Howard Chu
ec46a2f33a Use 'm' ber_scanf format where convenient 2002-01-06 06:11:01 +00:00
Howard Chu
ce7d8d26f2 Changed conn->c_cdn to struct berval. 2002-01-06 03:26:09 +00:00
Kurt Zeilenga
eaf3264184 Add some critical control checks. 2002-01-06 00:36:55 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
f52cc9bab5 Change struct berval ** to BVarray 2002-01-02 11:00:36 +00:00
Howard Chu
975a5e9a24 Added dnPretty2/dnNormalize2 using preallocated destination berval 2001-12-29 04:48:00 +00:00
Howard Chu
292c575c1f Added dnPrettyNormal, do both Pretty and Normalize at once to save 
some ldap_str2dn overhead.
 2001-12-28 07:27:15 +00:00
Kurt Zeilenga
ef7a99ff99 Additional struct berval DN changes... 2001-12-26 23:26:55 +00:00
Kurt Zeilenga
21cecb3831 Update referral handling to use struct berval DNs. 2001-12-26 20:59:24 +00:00
Howard Chu
d474789d0d First pass at converting bind to struct bervals 2001-12-26 11:41:38 +00:00
Kurt Zeilenga
3336619c80 More "char *" to struct berval DN changes 2001-12-25 02:30:01 +00:00
Howard Chu
70194f9ad6 Changed suffix_alias() to use struct berval * in-place. 2001-12-24 16:29:18 +00:00
Howard Chu
2f3399265c Changed sai_dn, sai_ndn to struct berval. (Affects op->o_dn,o_ndn, 
conn->c_dn,c_ndn, Access->a_dn_pat)
 2001-12-24 15:11:01 +00:00
Howard Chu
9969058a06 Fix typo in berval commit 2001-12-24 13:47:47 +00:00
Kurt Zeilenga
0c28b66a75 use dnPretty instead of dn_pretty 2001-12-23 00:43:57 +00:00
Kurt Zeilenga
a4a1325a6a Update BER decoding of PDU to use "o" (struct berval) instead of 
"a" (char **)... another step towards BerValue DNs.
 2001-12-22 21:52:58 +00:00
Kurt Zeilenga
d23313a068 LDAPv2 disallow and other flag changes 
Fix compile errors
 2001-12-21 04:44:34 +00:00
Howard Chu
ef0b308bea Changed backglue configuration. Added noSubordinates arg to select_backend 
to deal with glued subordinates.
 2001-12-10 12:09:40 +00:00
Howard Chu
45aadbbbba Eliminate unnecessary per-operation dn_normalize(o_ndn); it's already 
done in do_bind() and there's space in the connection structure for c_ndn
already, just copy it.
 2001-12-09 14:46:29 +00:00
Pierangelo Masarati
aee3600276 minor cleanup 2001-11-17 16:18:07 +00:00
Kurt Zeilenga
82fad7d0c8 First stable an implementing latest namedref specification. 
Includes rewriting of URLs where the DN of the referral object
and the DN of the ref attribute attribute are not the same.
Also, always returns explicit DN and scope.
Currently, back-ldbm only.  Needs to be ported to back-bdb.
 2001-10-26 02:05:14 +00:00
Kurt Zeilenga
cc6fab319e Add support for separate max incoming for anonymous and authenticated 
sessions (defaults: 256K and 16M respectively).
 2001-05-29 20:00:55 +00:00
Kurt Zeilenga
0fc62be316 Rework security restrictions for SASL bind 2001-02-03 03:17:22 +00:00
Gary Williams
f49fd8a98e fix format 2001-01-17 16:35:53 +00:00
Gary Williams
d531a20f52 more new logging (finally), behind NEW_LOGGING 2001-01-11 17:11:23 +00:00
Kurt Zeilenga
dbdba34972 First-cut at manageDSAit-aware backend selection. 2000-10-21 03:29:02 +00:00
Kurt Zeilenga
2b2ee1ccbd Return authMethodNotSupported not authUnknown for unknown 
bind authentication method
 2000-10-13 05:28:23 +00:00
Kurt Zeilenga
27b30275a6 We need to set sasl_layers prior to returning result... 2000-10-07 02:00:54 +00:00
Mark Adamson
bf1ee530ea Implementation of SASL authorization. 2000-09-21 17:32:54 +00:00
Kurt Zeilenga
825c3c4c5c Fix handling of optional cred 2000-09-15 00:09:44 +00:00
Kurt Zeilenga
3342ea3b49 Add more bind allow/disallow flags 2000-09-11 18:24:24 +00:00
Kurt Zeilenga
2e13824d0d Add "allow tls_2_anon" to allow StartTLS to force session to anonymous. 
Add "disallow tls_authc" to disallow StartTLS when session is authenticated.
Create and use connection2anonymous routine for consistency.
 2000-09-08 22:59:01 +00:00
Kurt Zeilenga
4e8973e6cb Rework bind restrictions 2000-08-28 23:37:44 +00:00
Kurt Zeilenga
102f12a71a Restrict bind 2000-08-28 23:29:29 +00:00
Kurt Zeilenga
3e91d48127 Move authzid_backend to after restrictions checks 2000-08-28 21:28:22 +00:00
Kurt Zeilenga
9715e7f008 Add disallow and requires to man page. Fix sasl ssf handling bug. 2000-08-28 18:58:13 +00:00
Kurt Zeilenga
bf3df2f7a6 restrictops, requires, disallow knobs; ssf acls; and misc other changes 
man pages to follow...
 2000-08-28 18:38:48 +00:00
Kurt Zeilenga
1c328aa9c7 Minor typedef and other clean ups 2000-08-26 01:14:05 +00:00
Kurt Zeilenga
a50f391bb3 Working SASL security layers! 2000-07-28 00:04:07 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session. 
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
 2000-07-13 22:54:38 +00:00
Kurt Zeilenga
5c4cef793f Fix error handling 2000-07-05 22:15:43 +00:00
Kurt Zeilenga
60802201e3 Const'ification 
SASL mech removed from backend bind callback (as SASL is managed by frontend)
Changes to some backends are untested (as I don't have all dependent
  software install)
 2000-05-22 03:46:57 +00:00
Kurt Zeilenga
b2f56a7318 SLAPD_SCHEMA_NOT_COMPAT: framework for value_match() and value_find() 2000-05-21 22:46:51 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Kurt Zeilenga
643864c569 Change negotiated mechanism: 
If application provide one, use it.  If application doesn't
	provide one, use best of server advertised.
Fix SASL/ANONYMOUS (not normally used, but should work)
PLAIN is not currently working... might be local to me as my
Cyrus installation is a bit hosted.
 2000-05-11 20:16:26 +00:00
Kurt Zeilenga
92e2453467 A NULL (empty) SASL mechanism should not result in a protocol error. 2000-04-26 09:20:25 +00:00
Kurt Zeilenga
20351a05cc SASL: me thinks I got the states okay... now to test. 2000-04-25 18:02:50 +00:00
Kurt Zeilenga
42a20681cc SASL closer to working from frontend only, need to work through 
states.
 2000-04-25 17:23:54 +00:00