with requested attribute lists empty or containing "*" are expanded
to contain "+" as well, so that all operational attributes are returned.
This may be required to work around dumb clients that interrogate
the rootDSE requesting "*" and expecting operational attributes to be
returned as well. To make it a bit more generic, it can be configured
to do the same for an arbitrary search described by an URI. For example,
overlay allop
allop-URI ldap:///??sub
before any database instantiation causes all searches to return "*","+"
when ors_attrs is NULL or countains "*".
values in order to test equivalence, because the overlay engine
may have reset the backend pointer to a temporary copy on the stack.
So, we test pointer equivalence of the BackendDB itself, then of
be_nsuffix -- this macro can be updated if necessary.
Added OpenLDAPaciSyntax based on ITS#3877 by Nikita Shulga
aci_mask() doesn't exploit the normalized value yet (next step)
The case #define SLAPD_ACI_ENABLED / #undef SLAP_DYNACL should
be removed
This is necessary to compensate for a regression in the SLAPI
implementation since it moved to an overlay: global add preop
plugins no longer have access to operational attributes,
because slap_mods_opattrs() is called by fe_op_add(), invoked
after the global SLAPI overlay.
(Some of our plugins need to the structural object class of the
to-be-added entry.)
I suppose an option would be to have the SLAPI overlay
optimistically call slap_mods_opattrs() (as long as this can be
called idempotently). If there are any other ideas let me know.
"ABANDON", "STARTTLS", "CANCEL", "WHOAMI", "PASSMOD", "EXT", "INTERM",
"TLS established", SASL and Extended Response "RESULT".
In Statslog output "conn=xx fd=yy closed", append the reason in
"()" unless client or server closed the connection after Unbind.
Still missing Statslog output from a number of failed requests.