Jong Hyuk Choi
3a9229a3e9
Use of slap_schema.si_ad_entryUUID in bdb_psearch()
2002-10-28 23:57:54 +00:00
Kurt Zeilenga
6f59ca0e5b
Add superiorUUID to system schema
2002-10-28 20:01:55 +00:00
Kurt Zeilenga
293158f432
code cleanup
2002-10-27 03:42:32 +00:00
Kurt Zeilenga
886f60f822
Fix typo
2002-10-27 00:41:52 +00:00
Howard Chu
322a800c26
Fix ITS#2157, server should never attempt to unlink the client's socket.
...
It likely has no name anyway, and the client owns it after all.
2002-10-26 22:41:26 +00:00
Pierangelo Masarati
dea2420569
beautify "unknown"
2002-10-26 18:51:24 +00:00
Pierangelo Masarati
f07cabad0f
need to move #define here; on by default
2002-10-26 16:32:11 +00:00
Pierangelo Masarati
7b3f889ec1
fix hasSubordinate filtering; now it can be safely turned on
2002-10-26 16:18:31 +00:00
Pierangelo Masarati
69343add5a
use more appropriate error code
2002-10-26 10:05:35 +00:00
Pierangelo Masarati
8558b8808e
actually, get_perms is needed by ldapi:// rgeardless of -DSLAP_X_LISTENER_MOD
2002-10-26 10:02:41 +00:00
Kurt Zeilenga
36569048ff
Add "allow update_anon"
...
Fix -USLAP_X_LISTENER_MOD builds
2002-10-25 18:47:24 +00:00
Jong Hyuk Choi
15c5943edd
Addition of servers/slapd/lcup.c and servers/slapd/back-bdb/lcup.c for persistent search
2002-10-25 17:57:03 +00:00
Jong Hyuk Choi
8074294f1d
LCUP persistent search code drop
2002-10-25 17:51:30 +00:00
Pierangelo Masarati
97e526cb2d
add restrictions related to listeners in form of file permissions
...
(see in slapd(8) the description on how to enforce file permissions
on sockets in ldapi schema); at present, only user permissions are
used as follows: the url extension x-mod=-rwxrwxrwx is used; only
the user permisisons are considered, e.g. the first set of rwx;
"r" means read is allowed from that listener
"w" means write is allowed on that listener
"x" means bind is not required on that listener
these restrictions ADD to those already present, and are actually
checked AFTER the other restrictions, but BEFORE ACLs, so they can
be used to apply gross restrictions but should not be viewed as
a replacement of ACLs. To compile this, #define SLAP_X_LISTENER_MOD
2002-10-25 16:43:44 +00:00
Kurt Zeilenga
6d199506bb
ber_write error message cleanup
2002-10-25 05:47:08 +00:00
Kurt Zeilenga
2b2e406b46
Make sure that newSuperior isn't old superior
2002-10-25 01:09:50 +00:00
Pierangelo Masarati
956f1d16aa
listener:
...
- use bervals for url and sockname
- pass connection_init() the listener struct pointer instead of each value
- don't copy them in the Connection struct 'cause they're not going to change
- define macros for legacy usage of c_listener_url and c_sockname
2002-10-24 10:03:52 +00:00
Pierangelo Masarati
fdd586a6b7
change socket permission syntax (to reuse function for other purposes)
2002-10-23 14:12:01 +00:00
Pierangelo Masarati
456a561b65
prevent use of uninitialized var
2002-10-23 14:11:02 +00:00
Pierangelo Masarati
665cb3e86e
fix typo
2002-10-23 14:10:21 +00:00
Kurt Zeilenga
ff9dd56587
Add comment attributing origin of the Metaphone algorithm
2002-10-22 04:52:57 +00:00
Kurt Zeilenga
c382c5efa2
blind fix for NULL pointer in Debug() bug (ITS#2143)
2002-10-17 17:45:44 +00:00
Kurt Zeilenga
ac66a219d0
Fix comment
2002-10-17 04:35:55 +00:00
Kurt Zeilenga
c64d28aa4e
correct security sample
2002-10-12 05:10:41 +00:00
Howard Chu
9d2a8ba1b4
More fixes for ITS#2136, make sure all error returns set *text.
2002-10-11 17:12:56 +00:00
Kurt Zeilenga
40b685b70d
Patch: Delete the buggy surrogate parent code (ITS#1815)
...
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
2002-10-10 20:28:36 +00:00
Kurt Zeilenga
5504bed852
More OBSOLETE checks
2002-10-10 02:38:32 +00:00
Kurt Zeilenga
857165b1bf
Add some OBSOLETE schema checks
2002-10-10 02:07:24 +00:00
Kurt Zeilenga
b5020aa16d
Don't mask error text variables
2002-10-09 23:36:28 +00:00
Kurt Zeilenga
27cb98d28d
Remove lint
2002-10-09 23:35:45 +00:00
Kurt Zeilenga
1aa829922f
Implement content rule checks
...
w/ implicit default rules allowing any auxiliary class to be mixed in
2002-10-09 23:02:01 +00:00
Howard Chu
e6d10b9590
Revert previous commit. More thought needed re: IPV4 vs IPv6 failures
2002-10-09 21:18:51 +00:00
Howard Chu
2e538e19d4
ITS#2132, give up at first bind failure
2002-10-09 20:45:13 +00:00
Kurt Zeilenga
5060ebb36d
Fix bad sup error
2002-10-09 19:24:02 +00:00
Kurt Zeilenga
dff7315edf
Need ../cr.o
2002-10-09 19:11:12 +00:00
Howard Chu
b9bd44b047
Fix ITS#2132, give up if listener fails to open
2002-10-09 18:57:50 +00:00
Kurt Zeilenga
acc32b9d9e
Basic framework for DIT Content Rules (not yet enforced)
2002-10-09 07:11:50 +00:00
Kurt Zeilenga
023d0e2a5c
Rework unprotected simple bind checks
2002-10-08 19:03:18 +00:00
Kurt Zeilenga
06f69e603c
Add security restrictions examples
2002-10-08 01:15:20 +00:00
Kurt Zeilenga
36fca96695
if "disallow bind_simple_unprotected", require at least SSF of 2
2002-10-08 01:06:49 +00:00
Kurt Zeilenga
df6c69ffd6
More entry level access control for back-shell
...
(should be applied to back-perl and other programmable backends)
2002-10-07 21:56:43 +00:00
Kurt Zeilenga
3a17376dfd
s/256/LBER_ELEMENT_SIZEOF/
...
set LBER_ELEMENT_SIZEOF to 256
maybe this should be set to N*sizeof(size_t) or something
2002-10-07 21:01:47 +00:00
Kurt Zeilenga
cb73d243fb
More "entry" level ACLs for entry add, delete, and rename.
2002-10-07 19:19:29 +00:00
Kurt Zeilenga
d19db4b7ed
Fix up last commits
2002-10-04 23:42:27 +00:00
Kurt Zeilenga
9fbcc90bd5
Add "entry" ACL checks for add/delete/rename ops
2002-10-04 23:26:28 +00:00
Kurt Zeilenga
8975676fa4
Clean up some #else #if 'ing
2002-10-04 18:36:44 +00:00
Kurt Zeilenga
5b591d0dec
Fix subentry OIDs
2002-10-02 01:18:46 +00:00
Kurt Zeilenga
33248a02e1
Code cleanup (no functional changes)
2002-10-01 04:07:55 +00:00
Kurt Zeilenga
f5e6d1db41
#unifdef -DSCHEMA_DN
2002-09-29 04:30:38 +00:00
Kurt Zeilenga
4ef4c9eb06
Return default referral if DN maps to empty domain.
2002-09-26 16:12:39 +00:00