mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
21,633 Commits 38 Branches 307 Tags 74 MiB
3b130b65a4
Commit Graph

607 Commits

Author SHA1 Message Date
Pierangelo Masarati
d5f65267bd also works for multi-stage binds (ITS#6771; needs ITS#6773 patch) 2011-01-04 16:19:51 +00:00
Pierangelo Masarati
e26b196f69 fix cloak behavior; plug leak (ITS#6762) 2011-01-04 13:08:28 +00:00
Pierangelo Masarati
565110b249 fix previous commit 2011-01-04 11:17:33 +00:00
Pierangelo Masarati
2d635156dc add minimal support for RFC3829 (ITS#6771) 2011-01-04 10:57:35 +00:00
Pierangelo Masarati
54e2b1464e plug leak in previous commit 2011-01-04 01:13:58 +00:00
Pierangelo Masarati
1a0c8e1e6e fix control response handling 2011-01-04 01:04:04 +00:00
Pierangelo Masarati
c5afa82d58 fix request controls 2011-01-04 00:10:02 +00:00
Pierangelo Masarati
7614e03a63 harmonize with specs; fix bugs in previous commit 2011-01-03 23:40:53 +00:00
Pierangelo Masarati
9757235557 first cut at new spec (needs #define LDAP_TAG_EXOP_VERIFY_CREDENTIALS_CONTROLS) 2011-01-03 21:50:54 +00:00
Pierangelo Masarati
c544fb7fc3 sync with client-side 2011-01-03 19:40:22 +00:00
Pierangelo Masarati
cb1414ba28 fix logging 2011-01-01 17:26:15 +00:00
Pierangelo Masarati
cd1fb3003c check return value 2011-01-01 16:10:23 +00:00
Hallvard Furuseth
f4a3304477 ITS#6758 Use rs_*() to manage SlapReply entries. 
Some noop changes + fixes entry leaks and REP_ENTRY_MODIFIABLE flag leaks.
 2010-12-31 17:55:36 +00:00
Hallvard Furuseth
6d7c1880a8 ITS#6758 Avoid SlapReply reuse. 
Caller provides a SlapReply and reads the result after the operation,
then reuses it.  Reinitialize before reuse, or move declaration inwards.
 2010-12-31 13:08:11 +00:00
Hallvard Furuseth
13f52646b2 ITS#6758 Avoid SlapReply reuse, simple cases. 
Caller provides and reuses a SlapReply it does not read after
initialization.  So reinitialize or move the declaration inwards.
In case of refint, move the rs parameter into refint_repair().
 2010-12-31 10:46:22 +00:00
Hallvard Furuseth
cd6e9156e7 Remove lint (unused vars/labels/funcs/default:s) 2010-12-30 23:34:55 +00:00
Pierangelo Masarati
41aa82350e silence valgrind 2010-12-30 21:52:09 +00:00
Pierangelo Masarati
ce4f5abb6e should also work for SASL binds (whenever supported) 2010-12-30 21:41:36 +00:00
Howard Chu
41f15a0080 ITS#6684 fix ppolicy crash, fix Makefile install target 2010-12-30 18:40:01 +00:00
Pierangelo Masarati
2ad0a297b8 verify credentials extop: support for simple bind 2010-12-30 15:49:34 +00:00
Ralf Haferkamp
026713f497 plugin for retrieving and updating KRB5 TGT 2010-10-22 14:31:56 +00:00
Howard Chu
7600b22f3c ITS#6676 only close/unlink socket in Server mode 2010-10-16 12:14:49 +00:00
Pierangelo Masarati
a51b20d663 register/unregister control based on overlay instantiation (indirectly related to ITS#6647) 2010-09-14 18:50:45 +00:00
Pierangelo Masarati
afe2764a03 support for no-op search control (ITS#6598) 2010-09-09 16:00:01 +00:00
Pierangelo Masarati
677a390f4d fix previous commit 2010-09-05 22:02:24 +00:00
Pierangelo Masarati
86528cfa1d honor all user attrs 2010-08-26 23:19:43 +00:00
Pierangelo Masarati
9813ce5504 add (partial) support for draft-ietf-ldapext-ldapv3-dupent-08.txt (expired) 2010-08-26 06:22:07 +00:00
Howard Chu
b0ccdd79fc ITS#6536 use the attr part of URIs. from Raphael Ouazana @ Linagora 2010-07-29 03:08:48 +00:00
Howard Chu
d2aac4ef22 ITS#6604 use LUTIL_GETPEEREID() 2010-07-28 22:26:35 +00:00
Pierangelo Masarati
012bab8902 (almost) ready for add-if-not-present 2010-05-26 06:31:49 +00:00
Pierangelo Masarati
68e02f92c1 add version number overlay (needs configuration yet) 2010-05-25 07:56:36 +00:00
Pierangelo Masarati
33c328c216 add pguid overlay (not considered right now) 2010-04-21 05:19:29 +00:00
Pierangelo Masarati
4cc324cb51 cleanup 2010-04-21 05:02:08 +00:00
Pierangelo Masarati
0d18a60ca6 add slapo-rdnval in support to Samba4 2010-04-21 05:01:32 +00:00
Kurt Zeilenga
3dadeb3efe happy belated New Year 2010-04-13 22:17:29 +00:00
Howard Chu
b463d6164a ITS#6488 update from nss-ldapd to nss-pam-ldapd, refer to nss-pam-ldapd 
home page instead of bundling the full code
 2010-04-12 03:04:02 +00:00
Pierangelo Masarati
5812265a84 fix previous commit (completely screwed, sorry) 2010-04-10 04:36:44 +00:00
Pierangelo Masarati
7d663ad81a add support for allowedChildClasses, allowedChildClassesEffective: the former basically consists of all structural objectClasses, the latter is identical if the user can write 'children', absent otherwise 2010-04-10 04:02:46 +00:00
Pierangelo Masarati
2bfd03cfe5 make room for further modules 2010-04-10 00:11:03 +00:00
Ralf Haferkamp
3fcf3c86de Make TlsOptions available in LDAPConnection 2010-03-15 15:07:45 +00:00
Ralf Haferkamp
5e9efb1720 be more verbose on StartTLS errors 2010-03-15 14:51:40 +00:00
Howard Chu
61129f8d7a ITS#6433 add mechs for generating SHA2 hashes 2010-03-03 23:56:30 +00:00
Howard Chu
5c527bc49e Fix compare checking in pam_authz 2010-03-03 19:30:58 +00:00
Howard Chu
c0e63e8350 Lookup user DN in pam_authz if it was not provided 2010-03-03 00:47:28 +00:00
Howard Chu
38b3fdafb7 Fix pam_authz parameter input 2010-03-03 00:15:04 +00:00
Ralf Haferkamp
a2dc37d053 Bring back destructor, to keep ABI compatibile (at least for now) 2010-02-19 14:02:32 +00:00
Ralf Haferkamp
183cdd4398 Example for TlsOptions usage 2010-02-18 16:46:23 +00:00
Ralf Haferkamp
67486ca0aa exclude some internal structs from documentation 2010-02-18 16:24:41 +00:00
Ralf Haferkamp
26421a5254 TlsOptions documentation 2010-02-18 16:23:40 +00:00
Ralf Haferkamp
35f19eac28 Hide internal use only constructor 2010-02-18 16:22:49 +00:00
Ralf Haferkamp
b0075c970e method to renew the tlsctx 2010-02-16 17:48:14 +00:00
Ralf Haferkamp
d0f4f42350 Make TlsOptions accessible per connection 2010-02-16 17:47:05 +00:00
Ralf Haferkamp
277b3318d4 use const where appropriate 2010-02-16 17:44:22 +00:00
Ralf Haferkamp
e3a23a0891 removed buggy destructor, use default instead 2010-02-16 15:20:05 +00:00
Ralf Haferkamp
98252925e3 fixed start_tls() error handling 2010-02-16 15:17:53 +00:00
Ralf Haferkamp
4ea6beae06 silenced compiler warning 2010-02-16 11:55:33 +00:00
Ralf Haferkamp
be72826917 uninitialized variable 2010-02-16 11:55:05 +00:00
Ralf Haferkamp
634ab644b6 automake changes for TlsOptions 2010-02-15 17:24:45 +00:00
Ralf Haferkamp
ad93b706a9 New class "TlsOptions" to handle TLS/SSL related settings 2010-02-15 17:17:42 +00:00
Ralf Haferkamp
78c09eadfd tab<->spaces cleanup 2010-02-15 17:07:46 +00:00
Howard Chu
aeeed3da85 Revert prev commit, wrong branch 2009-12-11 11:05:12 +00:00
Howard Chu
71b9dccbe2 New access_allowed() 2009-12-11 11:00:17 +00:00
Howard Chu
3fd074155f Move loginStatus to ldapns.schema 2009-10-03 21:37:55 +00:00
Howard Chu
6db4295f43 ITS#6323 libtool rpath 2009-10-02 23:12:05 +00:00
Howard Chu
e2dd639931 Fix authz return code checking 2009-09-29 08:30:21 +00:00
Howard Chu
992a20ee0a Fix pam_authz result code 2009-09-29 08:13:25 +00:00
Howard Chu
3f9151b79e Fix usage flags for normalizing 2009-09-29 08:11:52 +00:00
Howard Chu
8817fb4c45 ITS#6284 Provide default path for $(LIBTOOL) 2009-09-29 03:15:39 +00:00
Ralf Haferkamp
ad93ab595c Throw an exception when reading an unexpected LDIF record type 2009-09-25 15:08:37 +00:00
Howard Chu
e6102ec99e Fix: use attr_valfind, not value_find_ex 2009-09-18 02:39:35 +00:00
Howard Chu
76cc2f14b6 Fix: minuid/maxuid test used wrong attribute 2009-09-17 09:33:08 +00:00
Howard Chu
ed3260c2d6 ITS#6291 properly terminate responses with NSLCD_RESULT_END 2009-09-15 00:59:57 +00:00
Pierangelo Masarati
91ed170c29 don't open if no configuration is present (ITS#6279) 2009-09-08 08:15:08 +00:00
Howard Chu
3c22770aca Also install ldapns.schema 2009-09-01 02:28:10 +00:00
Howard Chu
f99f2e5fdb Minor tweaks 2009-09-01 02:24:00 +00:00
Quanah Gibson-Mount
8df3b043ba Portability fixes. Now has a clean and install target. 2009-09-01 02:05:19 +00:00
Quanah Gibson-Mount
f6ba3b246a Portability fixes 2009-09-01 01:45:20 +00:00
Howard Chu
dd9b31cc1d ITS#4730 add makefile 2009-08-26 01:24:38 +00:00
Howard Chu
053521cd75 ITS#6274 fix .c suffix rule dependencies 2009-08-25 21:11:39 +00:00
Howard Chu
12b570efe2 s/ber_bvmatch/bvmatch/ 2009-08-22 00:33:26 +00:00
Pierangelo Masarati
f3cdcadf89 wrap gmtime for reentrancy (ITS#6262) 2009-08-18 23:48:15 +00:00
Pierangelo Masarati
68ddf384ca only add attrs if values are present... 2009-08-18 14:32:02 +00:00
Pierangelo Masarati
5ce7813a9e s/aa/allowed/; we already ran into the issue of having a run-time loadable overlay whose file differs from the overlay's name... 2009-08-18 11:07:26 +00:00
Pierangelo Masarati
12d87d5711 add a readme 2009-08-18 10:50:45 +00:00
Kurt Zeilenga
36ef26a2af Cleanup 2009-08-18 00:49:15 +00:00
Pierangelo Masarati
1cd9659715 add on demand allowedAttributes/allowedAttributesEffective to entries (ITS#4730) 2009-08-18 00:27:05 +00:00
Howard Chu
84efb8773e Fix typos 2009-08-16 23:08:41 +00:00
Kurt Zeilenga
a5abeb92ec Update contrib notices to reflect that they are distributed as part of 
OpenLDAP Software (though they may not necessarily be supported by the
OpenLDAP Project).  Assistance in updating ACKNOWLEDGEMENTS welcomed.
 2009-08-16 22:55:23 +00:00
Howard Chu
6b07fdbb22 Revert prev commit, agi_mutex is needed sometimes. Need to eliminate the 
unnecessary cases still.
 2009-07-24 07:12:02 +00:00
Howard Chu
70981a30d9 Delete unnecessary agi_mutex 2009-07-24 06:59:40 +00:00
Howard Chu
c02131a8b8 Fix db_open, delete unused variables. More cleanup is needed. 2009-07-24 06:47:05 +00:00
Ralf Haferkamp
3ebee592e0 Missing #include 2009-07-17 16:21:14 +00:00
Howard Chu
8fb96225a3 ITS#5535 replace private _kadm5_*_key functions with public hdb funcs 2009-06-26 04:08:47 +00:00
Howard Chu
973c1698cb Note that pam-session logging requires a rootdn 2009-06-04 12:26:29 +00:00
Howard Chu
a440584dfd Align SSD names with nsswitch.conf names 2009-06-04 12:21:16 +00:00
Howard Chu
ec11a76a62 Accept spaces in group names unless -DSTRICT_GROUPS 2009-06-03 02:58:16 +00:00
Howard Chu
8252b67ead Use rootdn for session updates 2009-06-03 02:51:40 +00:00
Howard Chu
72690a01e0 Fix whitespace 2009-06-03 02:36:21 +00:00
Howard Chu
ed90646556 Add tty arg to authz 2009-06-03 02:28:22 +00:00
Howard Chu
2f2802342f Do a mkdir on /var/run/nslcd before trying to create the socket 2009-06-03 02:20:56 +00:00
Howard Chu
2d93461817 Add tty to authz params 2009-06-03 01:46:37 +00:00
Howard Chu
6cc1cf81c1 Added ruser and rhost to authz params 2009-06-03 01:40:03 +00:00
Howard Chu
9e82dee243 Fix typo 2009-05-20 06:38:43 +00:00
Howard Chu
8ff986b1bc Note that host SSD must be configured for hostservice option 2009-04-29 02:41:26 +00:00
Howard Chu
94ec116fca Rewritten 2009-04-29 02:31:20 +00:00
Howard Chu
16662542af Fix typos, use uid2dn by default 2009-04-29 02:27:39 +00:00
Howard Chu
8da06617a7 Add nssov-pam-session keyword to select which services will be recorded 
in session management
 2009-04-29 00:29:11 +00:00
Quanah Gibson-Mount
8f8128d727 Add missing CVS tag 2009-04-28 03:05:46 +00:00
Emmanuel Dreyfus
e240d55c07 Add libtoolized makefile 2009-04-25 18:19:24 +00:00
Gavin Henry
6981c8fd04 slapo-nssov.5 draft. Please use as starting point. 2009-04-23 11:29:36 +00:00
Howard Chu
21f5405978 Use nslcd-mapped PAM error codes instead of actual PAM error codes 2009-04-23 08:23:58 +00:00
Howard Chu
50283523bd More for sessions, working. TODO: configure list of sessions to record 2009-04-23 07:56:40 +00:00
Howard Chu
4a6d46dfa9 More for session management 2009-04-23 00:38:41 +00:00
Howard Chu
42a7e05809 Reformat requests, rough pwmod support 2009-04-20 10:25:24 +00:00
Howard Chu
9b67609efb More for prev commit 2009-04-20 10:24:42 +00:00
Howard Chu
d8778432cf Added uidnumber checks 2009-04-20 03:53:09 +00:00
Howard Chu
8619215354 Use local_ssf for our fake connections 2009-04-20 03:37:52 +00:00
Howard Chu
d17d30dc38 sanity check for host_ad and svc_ad 2009-04-20 03:18:34 +00:00
Howard Chu
8fd0d184a7 Flesh out config options, implement authorization checks 2009-04-20 02:42:40 +00:00
Howard Chu
655881d0c4 Start documenting PAM support 2009-04-19 01:56:24 +00:00
Howard Chu
825870a072 We need the authorizedService schema 2009-04-19 01:15:22 +00:00
Howard Chu
d7fa38c003 Move tmpluser to authz call; add ppolicy support to authc 2009-04-18 23:12:36 +00:00
Howard Chu
51b87202e0 In uid2dn, only return success if a unique DN was found 2009-04-18 23:11:33 +00:00
Howard Chu
408e751200 Move tmpluser to authz call; print authz messages regardless of success 
status
 2009-04-18 23:10:58 +00:00
Howard Chu
20657af2de In pwmod, ctx may be empty so always pass current username 2009-04-18 01:44:22 +00:00
Howard Chu
609efdc0b3 *** empty log message *** 2009-04-18 00:50:14 +00:00
Howard Chu
f735dcc712 Add pam support (work in progress) 2009-04-17 12:18:51 +00:00
Howard Chu
8b5489e681 Add pam support (work in progress) 2009-04-17 12:11:33 +00:00
Howard Chu
016500f41d Add missing newlines to debug msgs 2009-04-17 12:10:27 +00:00
Howard Chu
7ad72fca15 Fix prev commit - work-in-progress 2009-04-17 07:23:15 +00:00
Howard Chu
856a790a28 Add missing newlines to debug msgs 2009-04-17 07:19:48 +00:00
Howard Chu
060f193af7 Fix typo in debug 2009-04-17 03:41:54 +00:00
Emmanuel Dreyfus
b697550ddc If the change set becomes empty, prevent other overlays from executing and 
return a success.
 2009-03-16 22:05:47 +00:00
Pierangelo Masarati
161169aa11 free self in case anything goes wrong 2009-03-14 16:41:58 +00:00
Pierangelo Masarati
3f58df73a5 don't short circuit callback list 2009-03-14 16:27:59 +00:00
Emmanuel Dreyfus
58437e838a Remove two useless lines (a badly applied patch before the last commit?) 2009-02-11 05:03:25 +00:00
Emmanuel Dreyfus
b5baf7fd01 libtoolize autogroup 
add install rules for autogroup, nops and smbk5pwd
 2009-02-07 22:10:24 +00:00
Quanah Gibson-Mount
dab20397a7 Add CVS header 2009-02-02 23:48:07 +00:00
Emmanuel Dreyfus
f3254b319d Add makefile for slapo-cloak 2009-02-02 22:14:07 +00:00
Quanah Gibson-Mount
43a35baf98 Add CVS header 2009-02-02 19:32:35 +00:00
Emmanuel Dreyfus
56e651a041 Missing stuff for proper linking of the module (sorry for the double commit) 2009-01-31 19:23:04 +00:00
Emmanuel Dreyfus
4e08a2da1b libtoolize 2009-01-31 18:42:59 +00:00
Howard Chu
ba0863d500 ITS#5660 SHA2 password hashes 2009-01-26 04:08:34 +00:00
Howard Chu
4fe69b3fc5 ITS#5410 add support for gcrypt ( GnuTLS ) 2009-01-26 03:58:33 +00:00
Kurt Zeilenga
4af9eb9715 Update copyright notices 2009-01-22 00:40:04 +00:00
Emmanuel Dreyfus
e281c948cb Move cloak config OID from overlay to contrib branch (ITS#5872) 2009-01-10 11:22:36 +00:00
Emmanuel Dreyfus
f1e2cc411f The cloak overlay hides some attributes unless explicitely requested (ITS #5872) 2009-01-09 05:26:28 +00:00
Pierangelo Masarati
920dca9762 improvements by David Hawes (ITS#5756) 2008-11-19 10:17:27 +00:00
Ralf Haferkamp
8e358f214c corrected filter and search limits in uid2dn function (ITS#5802) 2008-11-10 15:45:01 +00:00
Ralf Haferkamp
def11e2fce Fixed "nssov-map" handling when using slapd.conf (ITS#5801) 2008-11-10 14:48:06 +00:00