Kurt Zeilenga
d6a56aaf25
Fix typo in last commit
2000-09-12 19:35:19 +00:00
Kurt Zeilenga
bd9de9d90d
Clean up defaultSearchBase code
2000-09-12 18:21:09 +00:00
Kurt Zeilenga
5852f7188b
Add 'defaultSearchBase' configuration directive to help support
...
brain-damaged LDAPv2 clients.
2000-09-11 21:57:14 +00:00
Kurt Zeilenga
3342ea3b49
Add more bind allow/disallow flags
2000-09-11 18:24:24 +00:00
Kurt Zeilenga
2e13824d0d
Add "allow tls_2_anon" to allow StartTLS to force session to anonymous.
...
Add "disallow tls_authc" to disallow StartTLS when session is authenticated.
Create and use connection2anonymous routine for consistency.
2000-09-08 22:59:01 +00:00
Kurt Zeilenga
d463b3cab1
Add missing "disallow bind_anon" directive (ITS#721)
2000-09-07 17:53:05 +00:00
Kurt Zeilenga
cee040a321
Bring UCdata infrastructure.
2000-09-03 23:48:35 +00:00
Randy Kunkee
58bb439d08
Raise MAXARGS to 200, since the schema syntax burns more.
2000-08-31 22:16:16 +00:00
Kurt Zeilenga
a60438c1ce
Add sasl-host option and treat sasl-realm as global only
...
(ie: not backend specific).
2000-08-30 01:44:39 +00:00
Kurt Zeilenga
4520cd4ec2
Align with man page
2000-08-28 19:19:47 +00:00
Kurt Zeilenga
bf3df2f7a6
restrictops, requires, disallow knobs; ssf acls; and misc other changes
...
man pages to follow...
2000-08-28 18:38:48 +00:00
Kurt Zeilenga
5b856458a2
s/SAFEMEMCPY/AC_MEMCPY/
...
Use AC_FMEMCPY where appropriate (-llber)
2000-07-28 01:07:07 +00:00
Randy Kunkee
46ca9103b6
Fix MAXARGS boundary condition problem: slapd crashed if number of tokens
...
parsed == MAXARGS (only applicable if you have really large objectclasses).
2000-07-19 01:40:05 +00:00
Kurt Zeilenga
5fc22599e2
Update SASL code to reuse context through life of session.
...
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Mark Valence
d4d03e36e5
Added "threads" config to slapd.conf.
2000-07-04 19:24:13 +00:00
Kurt Zeilenga
2c7f89b1b2
remove locale option. OpenLDAP is designed only for the "C" locale.
2000-06-20 16:55:23 +00:00
Kurt Zeilenga
ec426532b2
Reworked thread code to better support thread-library specific
...
r/w locks and thread pools. Hide internal structures (using
pthread'ish technics). Place common code in threads.c. Move
no-thread code to thr_stub.c. Move thread pool code to tpool.c.
Removed setconcurrency call from initializer, added 'concurrency'
directive to slapd. Tested code under pthreads, pth, and no-threads.
2000-06-13 02:42:13 +00:00
Kurt Zeilenga
693fb9424a
unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT
2000-06-06 19:43:18 +00:00
Kurt Zeilenga
7b14e1304a
Relocate schema_init() call to main()
...
Add schema_prep() call to main()
Similiar changes to slapcommon.c
Add schema_prep() impl to schema_init.c
Add slap_ad_entry and slap_ad_children globals.
Add "entry" and "children" to openldap.schema (this likely should
be added to schema via code, not configuration)
2000-05-15 20:04:36 +00:00
Kurt Zeilenga
4bc786f34b
Y2k copyright update
2000-05-13 02:47:56 +00:00
Kurt Zeilenga
0dbaf87730
Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT
...
plus these changes unhidden changes:
remove now meaning --enable-discreteaci configure option
fix ITS#451, slapd filters
Add ber_bvecadd() to support above
constify ldap_pvt_find_wildcard() and misc slapd routines
renamed some slap.h macros
likely broken something
2000-02-14 20:57:34 +00:00
Kurt Zeilenga
3a6e906194
Replace -DSLAPD_SCHEMA_COMPAT with -USLAPD_SCHEMA_NOT_COMPAT
2000-01-31 22:14:16 +00:00
Kurt Zeilenga
c5da0c76ce
Additional changes to migrate to new schema codes
...
Still not usable.
2000-01-28 20:01:00 +00:00
Kurt Zeilenga
5e12c84a6f
Add simple password test program.
...
Rework lutil_passwd routines to use struct berval instead of strings.
1999-12-09 01:11:16 +00:00
Kurt Zeilenga
d5edb4bff6
Reengineered ldappasswd(1). Uses extended operation to set
...
user password. Likely to be modified to use bind control
instead. Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Mark Valence
249313f75a
Removed previous changes for extensions -- extensions now use moduleload.
1999-11-09 21:18:37 +00:00
Mark Valence
c8aa051571
Load extension library on "extension" keyword in configs (actual load routine is in extended.c). Protected by #ifdef SLAPD_EXTERNAL_EXTENSIONS.
1999-11-09 03:37:05 +00:00
Kurt Zeilenga
f6829ee903
Initial commit of new ACL engine. Engine supports descrete access
...
privs, additive/substractive rules, and rule continuation. Existing
rules that use 'defaultaccess none' should be 100% compatible. Rules
that rely other defaultaccess settings will require addition of
explicit clauses granting the access.
Needs additional testing and tuning of logs
1999-10-21 17:53:56 +00:00
Kurt Zeilenga
859dbe1398
Change the defaultaccess to 'auth'
...
Set defaultaccess to 'read' in distribution slapd.conf and add warnings
Set schemacheck to 'on' in distribution slapd.conf and add warnings
1999-10-15 20:34:42 +00:00
Kurt Zeilenga
7e53b5bdeb
Change 'attribute' directive to 'attributetype'
...
(and allowing 'attribute' for backwards compatibility).
manuals and *.schema to be updated as time permits.
1999-10-13 20:28:00 +00:00
Kurt Zeilenga
7a0b0b2bbf
In preparation for adding dn_rewrite()...
...
s/dn_normalize/dn_validate/
s/dn_normalize_case/dn_normalize/
1999-09-24 01:46:37 +00:00
Kurt Zeilenga
fc10815fc8
config should return error if backend or database initialization fail.
1999-09-13 18:47:05 +00:00
Kurt Zeilenga
403f4479bc
Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
...
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Hallvard Furuseth
1cde481298
Move `#include "ldap_defaults.h"' into slap.h, which #ifdefs on it.
1999-09-03 23:10:05 +00:00
Hallvard Furuseth
76a94de251
Fix: obey be->be_readonly. Also add & obey global_readonly.
1999-09-02 10:39:51 +00:00
Kurt Zeilenga
bc1186bfb1
Fix "database fubar" crash
1999-08-26 19:09:40 +00:00
Kurt Zeilenga
5c63fd55b5
Implement ldap_dn_normalize and friends. Should be used by clients
...
to validate input dn's BEFORE sending dn's to server.
Also fixed getfilter to use REG_EXTENDED|REG_NOSUB. (and fixed one
case where REG_BASIC was still used).
s/strdup/LDAP_STRDUP/
Added ldap_pvt_str2lower/upper
1999-08-25 06:44:08 +00:00
Kurt Zeilenga
2a74677799
const'fication
1999-08-20 19:00:44 +00:00
Howard Chu
75c9a1e222
Add OIDmacros for attribute & objectclass numericOIDs. Allow parsing
...
attribute syntaxes using syntax description in addition to syntax OID.
Removed all whitespace from syntax descriptions.
1999-08-19 22:09:33 +00:00
Howard Chu
22ad6bd6d4
Add "modulepath" config statement for setting the search path for locating
...
loadable modules. Gratuitously renamed "loadmodule" to "moduleload".
"modulepath" takes a single argument, a colon-separated list of absolute
pathnames.
1999-08-17 01:30:09 +00:00
Howard Chu
0743e963ca
Modified to use libtool's ltdl instead of gmodule
1999-08-07 07:58:11 +00:00
Kurt Zeilenga
9c3ed0310b
Add copyright notices.
1999-08-06 23:07:46 +00:00
Kurt Zeilenga
10591cb47d
Update default access usage comment.
1999-08-03 21:35:53 +00:00
Kurt Zeilenga
df8f7cbb9b
s/exit(1)/exit(EXIT_FAILURE)/
...
s/exit(0)/exit(EXIT_SUCCESS)/
add <ac/stdlib.h> where needed and other minor header adjustments
1999-08-03 18:14:24 +00:00
Kurt Zeilenga
5456f4ed18
Default lastmod to ON.
1999-07-27 20:05:37 +00:00
Kurt Zeilenga
c12547cf3b
Resurrect suffix aliasing...
1999-07-27 18:43:30 +00:00
Kurt Zeilenga
68d561a97b
Add limited LDAP_INVALID_DN_SYNTAX support. dn_normalize{,_case}() now returns
...
NULL does not meet basic syntax rules.
1999-07-22 17:14:42 +00:00
Kurt Zeilenga
a11630f9b8
Fix maxDeref directive
1999-07-22 00:49:25 +00:00
Kurt Zeilenga
933908f72f
ACL CHANGES:
...
by <who> <access> changed to by <who>+ <access> (joined with AND)
added peername=<regex> sockname=<regex> url=<regex>
removed addr=<regex> (use peername instead).
replace dn_upcase with str2upper and str2lower. Use where needed.
1999-07-21 20:54:23 +00:00
Julio Sánchez Fernández
288a28a762
Add support for TLSVerifyClient.
1999-07-20 18:05:50 +00:00