mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
9,584 Commits 38 Branches 307 Tags 74 MiB
3a5c53a8b1
Commit Graph

224 Commits

Author SHA1 Message Date
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Pierangelo Masarati
e9a74cffba slapi used the old version of the LDAP_LOG macro (caught by Howard) 2002-12-27 14:59:01 +00:00
Pierangelo Masarati
1b70e16448 SLAPI - Netscape plugin API for slapd - based on patch contributed by Steve Omrani <somrani@us.ibm.com> as ITS#2073 2002-12-07 17:19:29 +00:00
Pierangelo Masarati
69343add5a use more appropriate error code 2002-10-26 10:05:35 +00:00
Kurt Zeilenga
36569048ff Add "allow update_anon" 
Fix -USLAP_X_LISTENER_MOD builds
 2002-10-25 18:47:24 +00:00
Pierangelo Masarati
97e526cb2d add restrictions related to listeners in form of file permissions 
(see in slapd(8) the description on how to enforce file permissions
on sockets in ldapi schema); at present, only user permissions are
used as follows: the url extension x-mod=-rwxrwxrwx is used; only
the user permisisons are considered, e.g. the first set of rwx;
	"r" means read is allowed from that listener
	"w" means write is allowed on that listener
	"x" means bind is not required on that listener
these restrictions ADD to those already present, and are actually
checked AFTER the other restrictions, but BEFORE ACLs, so they can
be used to apply gross restrictions but should not be viewed as
a replacement of ACLs. To compile this, #define SLAP_X_LISTENER_MOD
 2002-10-25 16:43:44 +00:00
Kurt Zeilenga
023d0e2a5c Rework unprotected simple bind checks 2002-10-08 19:03:18 +00:00
Kurt Zeilenga
f5e6d1db41 #unifdef -DSCHEMA_DN 2002-09-29 04:30:38 +00:00
Kurt Zeilenga
bbbf2f4ca7 Fix handling of non-critical controls for backends which 
support no controls.
 2002-09-24 18:20:59 +00:00
Pierangelo Masarati
857d08ea21 use bvmatch() instead of ber_bvcmp() when testing for match without ordering 2002-09-02 19:39:06 +00:00
Pierangelo Masarati
e53d272b3f cleanup error check logic; don't deref be->controls when it's NULL 2002-08-29 10:43:39 +00:00
Kurt Zeilenga
23efa07a99 use ldap_charray_*() instead of charray_*() 2002-08-24 00:55:24 +00:00
Howard Chu
07ebdca237 ITS#1893, use "schemadn" to configure subschemasubentry DN. (diff was 
inaccessible, this is original code, not contributed.)
 2002-08-10 03:10:52 +00:00
Howard Chu
13d13baeda In backend_operational don't add subschemaSubentry unless it was 
requested. In send_search_entry don't malloc vrFilter flags unless
a matchedValue filter was given; malloc 1 contiguous block instead
of multiple sub-arrays.
 2002-08-07 05:31:03 +00:00
Kurt Zeilenga
eb581e43e7 Fix for: 
SASL regex segmentation faults with group based acls (ITS#1978)
based, in part, by patch submitted by Simon Wilkinson <simon@sxw.org.uk>.
 2002-07-28 07:27:55 +00:00
Kurt Zeilenga
e981dcbad5 use strongAuthRequired instead of operationsError to indicate 
authentication required before modification.
 2002-07-26 15:29:36 +00:00
Kurt Zeilenga
8a3d02bf6b misc cleanup 2002-07-23 18:35:12 +00:00
Julius Enarusai
6107ba67d2 Coverted LDAP_LOG macro to use subsystem ID int values instead of string values 2002-07-11 20:33:24 +00:00
Kurt Zeilenga
9a38d98d37 Add option to disallow unprotected simple authentication. 
Add protected simple authentication as a "strong" mechanism.
 2002-06-17 22:18:27 +00:00
Howard Chu
7fae7fe155 Changed be_[n]suffix, be_[n]suffixAlias to BerVarray. No more bvec's anywhere. 2002-05-01 18:50:14 +00:00
Kurt Zeilenga
af02eee0d5 Reworking backend_check_restrictions for extensions 
Should resolve ITS#1781.
 2002-05-01 01:04:57 +00:00
Howard Chu
efecf4e121 ITS#1733 eliminate o_abandonmutex 2002-04-11 08:03:40 +00:00
Pierangelo Masarati
4a8ab5dbf2 Mostly based on patches provided by Hallvard B. Furuseth 
ITS#1677 - cast away const warnings
ITS#1678 - unsigned char args to ctype funcs
ITS#1682 - don't redefine ldap_debug
ITS#1683 - uninitialized vars
ITS#1703 - ldo_debug initialization
ITS#1705 - unsigned testing
ITS#1706 - socklen_t args
ITS#1719 - back-tcl update (other cleanups/fixes/improvements; yet untested)
ITS#1724 - integerNormalize/integerFilter/integerIndexer bugs
ITS#1725 - libdes not required

Implement back-null (/dev/null style backend)
Cleanup some misc warnings ("%lu" format, unused/uninitialized vars,
        ambiguous operator precedence)

Kurt, please regenerate configure
 2002-04-08 09:43:22 +00:00
Howard Chu
bad62d2167 Fix backend_attribute trying to reference a NULL be. Neither backend_group 
nor backend_attribute need to worry about the noSubs parameter of
select_backend().
 2002-03-18 08:59:02 +00:00
Kurt Zeilenga
20e46b27fc no need to check escaping of normalized dn 2002-02-12 04:50:40 +00:00
Kurt Zeilenga
0a31400d63 Some misc cleanup 2002-01-29 06:06:20 +00:00
Kurt Zeilenga
c0daf2aac4 Back out unintended commit 2002-01-26 23:36:39 +00:00
Kurt Zeilenga
8057b1a0a8 Language Tag and Range Support <draft-zeilenga-ldap-rfc2596-xx.txt> 
Based upon code submitted by Steve Omrani <somrani@us.ibm.com> (ITS#1525)
 2002-01-26 23:14:51 +00:00
Howard Chu
4191f39037 Changed slap_authz_info.sai_mech to struct berval. 
Changed sasl_* to use struct bervals.
 2002-01-26 13:57:41 +00:00
Howard Chu
07d0f4e411 Changed be_issuffix and dnParent to take struct bervals. 
Changed dn_rdnlen, assumes an already pretty/normalized DN.
Added slap_empty_bv, a zero-length non-NULL berval.
 2002-01-26 05:27:28 +00:00
Kurt Zeilenga
b4df227d94 Initialize backend ssf set from global. 2002-01-25 21:35:40 +00:00
Kurt Zeilenga
dc0f90d36d Set lock detector to DEFAULT, not NORUN. 
Clean up some error handling
 2002-01-21 08:19:28 +00:00
Kurt Zeilenga
4468ffa9e0 Remove some lint. 2002-01-19 01:54:56 +00:00
Pierangelo Masarati
d70f117b69 first round at eliminating dn_parent ... 2002-01-17 19:05:21 +00:00
Kurt Zeilenga
d2f5d75885 Remove unused deprecated DN routines. 
Only dn_validate, dn_normalize, and dn_parent remain (for now).
 2002-01-16 00:16:51 +00:00
Howard Chu
ac1332cdb8 Renamed BVarray to BerVarray. Moved slapd:bvarray_{add,free} to 
liblber:ber_bvarray_{add,free}.
 2002-01-14 01:43:17 +00:00
Pierangelo Masarati
fafce1601e consistently use dn_match macro throughout slapd 2002-01-12 18:17:13 +00:00
Kurt Zeilenga
55501e886f Rework backend (lastmod + glue + system schema) flags 2002-01-10 22:34:11 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
f52cc9bab5 Change struct berval ** to BVarray 2002-01-02 11:00:36 +00:00
Howard Chu
743c402265 Changed search attrs from struct berval ** to AttributeName * 2001-12-31 11:35:52 +00:00
Howard Chu
b92710e3a5 Minor cleanup 2001-12-31 06:44:36 +00:00
Kurt Zeilenga
a553a03586 More struct berval DNs changes 2001-12-26 23:43:28 +00:00
Kurt Zeilenga
d64ec6ee0d modify be_referral to use struct berval DNs. 2001-12-26 17:40:34 +00:00
Howard Chu
d474789d0d First pass at converting bind to struct bervals 2001-12-26 11:41:38 +00:00
Howard Chu
68b1bbb89d Changed search attrs to struct berval **. 
Use typedefs for all backend functions, to minimize work in future API
updates. (back-*/external.h will never need updating in the future.)
 2001-12-26 08:17:44 +00:00
Howard Chu
b96645af7d More struct berval changes, dnNormalize migration... 2001-12-26 04:17:49 +00:00
Kurt Zeilenga
2dd27b0786 More struct berval DNs 2001-12-25 19:48:26 +00:00
Kurt Zeilenga
3336619c80 More "char *" to struct berval DN changes 2001-12-25 02:30:01 +00:00
Kurt Zeilenga
5ee89d6167 Use struct berval DNs for root DN and update DN 2001-12-25 00:05:26 +00:00
Kurt Zeilenga
f6085d3f82 Every quick mod to use a struct berval for e_dn/e_ndn. No bv_len yet. 2001-12-24 16:53:47 +00:00
Howard Chu
2f3399265c Changed sai_dn, sai_ndn to struct berval. (Affects op->o_dn,o_ndn, 
conn->c_dn,c_ndn, Access->a_dn_pat)
 2001-12-24 15:11:01 +00:00
Pierangelo Masarati
328d38713a better handling of on-the-fly operational attrs by means of helpers 2001-12-22 14:24:13 +00:00
Pierangelo Masarati
e36bde9180 added backend-side support for on-the-fly operational attributes; added hasSubordinates to schema and back-ldbm 2001-12-22 11:50:16 +00:00
Howard Chu
ff682be26e Added acl_destroy, acl_free. 2001-12-15 12:41:53 +00:00
Howard Chu
826056e75b More thorough backend_destroy. Added config_destroy. Destroy slap_listeners. 
Plugged other small leaks.
 2001-12-15 12:05:58 +00:00
Howard Chu
ef0b308bea Changed backglue configuration. Added noSubordinates arg to select_backend 
to deal with glued subordinates.
 2001-12-10 12:09:40 +00:00
Kurt Zeilenga
abd9be4def Remove lint and misc MSVC updates 2001-12-09 02:34:45 +00:00
Howard Chu
3a8075e9b0 Added new backglue pseudo-backend. Uses callbacks to glue different backends 
together into a single searchable hierarchy.
 2001-12-08 15:58:47 +00:00
Howard Chu
55a217d9ae Changed be_nsuffix from char ** to struct berval ** to eliminate strlen's 2001-12-08 05:15:58 +00:00
Howard Chu
0552b1c53f NT updates from jon@symas.com. 2001-12-07 04:03:25 +00:00
Pierangelo Masarati
0f64b72a00 paranoid check for escaped dn separators when naively checking for rdn boundary 2001-12-01 16:28:21 +00:00
Pierangelo Masarati
b1688462ce check for update dn 2001-11-16 11:47:15 +00:00
Howard Chu
52d3f7b3da Fix - put group cache search after backend has been selected 2001-11-12 21:39:55 +00:00
Howard Chu
a0a24d73dc Added backend_group result caching. 2001-11-12 19:25:41 +00:00
Howard Chu
0e16f6acf9 Moved AttributeDescription caching into main code: 
Changed AttributeDescription.{ad_cname,ad_lang} to struct berval everywhere
   Deleted ad_free() everywhere
   Added ad_mutex to init.c

The AttributeDescriptions are in a linked list hanging off of the
corresponding AttributeType.
 2001-10-22 13:23:05 +00:00
Kurt Zeilenga
3120d37951 More changes to let BDB build without LDBM. 2001-10-04 06:34:03 +00:00
Pierangelo Masarati
8471ef7ed0 add global, per backend and per op_ndn time/size soft, hard and to-be-checked limits (exploited by back-ldbm); see slapd.conf(5) for details 2001-08-01 10:09:04 +00:00
Pierangelo Masarati
5fdba27288 This is the skeleton of back-monitor, the slapd monitoring backend. 
The old monitoring stuff has been removed; the new backend is
enabled by using --enable-monitor at configure time and requires

	database monitor

in slapd.conf to be activated.  At present it implements a subset
of the old monitoring options, and it should be extendable to
a number of different subsystems.  The search operation has been
implementd; it does not honor abandon or size/time limits, though.
The compare and the abandon operations are planned.

Copyright Pierangelo Masarati <ando@sys-net.it>; the code is provided
AS IS with NO GUARANTEE.  It can be used and distributed under the
conditions stated by the OpenLDAP Public License.
 2001-07-14 17:34:24 +00:00
Randy Kunkee
a9097044ea Remove global_backendsyncfreq code (code has been pushed down into back-ldbm). 2001-06-28 18:02:46 +00:00
Randy Kunkee
d492880870 Add sync_daemon to daemon.c, enabled by global configuration 
backendsyncfreq <seconds>.  Setting this automatically enables
dbnosync (because the synchronizer takes care of it).
 2001-06-22 08:38:58 +00:00
Kurt Zeilenga
7d89fb5446 Fix empty suffix separator test. 2001-05-28 19:40:42 +00:00
Pierangelo Masarati
74fa239a20 This is the commit of: 
- librewrite, for string rewriting; it may be used in back-ldap
    by configuring with '--enable-rewrite'. It must be used in
    back-meta. There's a text file, 'libraries/librewrite/RATIONALE',
    that explains the usage and the features. More comprehensive
    documentation will follow.
  - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137)
    including dn rewriting, a fix to group acl matching and so
  - back-meta: a new backend that proxies a set of remote servers
    by spawning queries. It uses portions of back-ldap and the rewrite
    capabilities of librewrite. It can be compiled by configuring
    with `--enable-ldap --enable-rewrite --enable-meta'.
    There's a text file, 'servers/slapd/back-meta/Documentation', that
    describes the main features and config statements.

Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as
my autoconf version must be different: my configures contain a number
of differences and I didn't feel comfortable in adding them :)
 2001-05-12 00:51:28 +00:00
Kurt Zeilenga
c2c7ccc228 Disallow anonymous modification. 2001-04-19 19:28:15 +00:00
Gary Williams
a26612bc00 fix for select_backend suggested G. Gombas (ITS 1090) 2001-03-27 15:04:06 +00:00
Kurt Zeilenga
fd41a199c0 Make sure we have a separator when doing suffix matching 2001-03-15 03:05:33 +00:00
Kurt Zeilenga
0fc62be316 Rework security restrictions for SASL bind 2001-02-03 03:17:22 +00:00
Kurt Zeilenga
8091aedc76 Add security checks to root DSE searches. 
Fix checking of require statements.
 2001-02-03 02:21:37 +00:00
Gary Williams
f49fd8a98e fix format 2001-01-17 16:35:53 +00:00
Gary Williams
d531a20f52 more new logging (finally), behind NEW_LOGGING 2001-01-11 17:11:23 +00:00
Kurt Zeilenga
dbdba34972 First-cut at manageDSAit-aware backend selection. 2000-10-21 03:29:02 +00:00
Kurt Zeilenga
c42c2847cf Fix SLAPD_SPASSWD typo which caused passwd_mutex not to be used 
consistently.
 2000-10-09 19:09:28 +00:00
Kurt Zeilenga
7c96f629ee Add connection and operation arguments to backend callbacks. 
Needed for transactions.
 2000-09-29 05:25:44 +00:00
Kurt Zeilenga
ce382475f0 misc cleanup 2000-09-29 02:50:34 +00:00
Kurt Zeilenga
2b82d4f486 remove lint 
update bdb codes
 2000-09-22 01:40:57 +00:00
Kurt Zeilenga
4617f2e946 Fix SPASSWD merge for real 2000-09-20 17:34:06 +00:00
Kurt Zeilenga
50714d2d48 merge changes from authPassword work which should fix SPASSWD code... 2000-09-20 00:28:57 +00:00
Kurt Zeilenga
583cbc8c25 Framework for back-bdb 2000-09-18 18:51:07 +00:00
Kurt Zeilenga
a60438c1ce Add sasl-host option and treat sasl-realm as global only 
(ie: not backend specific).
 2000-08-30 01:44:39 +00:00
Kurt Zeilenga
4e8973e6cb Rework bind restrictions 2000-08-28 23:37:44 +00:00
Kurt Zeilenga
9715e7f008 Add disallow and requires to man page. Fix sasl ssf handling bug. 2000-08-28 18:58:13 +00:00
Kurt Zeilenga
bf3df2f7a6 restrictops, requires, disallow knobs; ssf acls; and misc other changes 
man pages to follow...
 2000-08-28 18:38:48 +00:00
Kurt Zeilenga
5425a5e4c8 remove bdb2 cruft 2000-08-18 04:24:08 +00:00
Kurt Zeilenga
5b856458a2 s/SAFEMEMCPY/AC_MEMCPY/ 
Use AC_FMEMCPY where appropriate (-llber)
 2000-07-28 01:07:07 +00:00
Kurt Zeilenga
317d04a5d9 Modify backend_attribute to return bervals and adjust ACLs 
(actually, ACL here might be dangerous)
 2000-06-26 01:22:32 +00:00
Mark Valence
295f3ba0aa New backend routine: back_attribute 2000-06-21 17:23:24 +00:00
Kurt Zeilenga
c332df50de Remove unnecessary arg from front end backend_check_referrals call 2000-06-16 04:07:57 +00:00
Kurt Zeilenga
79ebfbc4fe Rework referral entry point with DNS SRV implementation (needs testing). 2000-06-16 03:50:02 +00:00
Kurt Zeilenga
6f378341a2 Add backend_check_referrals() framework. 2000-06-16 01:19:30 +00:00
Kurt Zeilenga
df4b2a443e Fix addition of dynamic operational attributes (subschemaSubentry) 2000-06-13 17:48:51 +00:00