mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
23,388 Commits 38 Branches 307 Tags 74 MiB
4242acba98
Commit Graph

2545 Commits

Author SHA1 Message Date
Ondřej Kuzník
bdc9dbc511 ITS#8701 Implement account usability in ppolicy 2020-07-07 16:43:37 +01:00
Quanah Gibson-Mount
c06ac436e2 ITS#9235 Merge libldap_r into libldap 2020-07-03 17:23:14 -07:00
Ondřej Kuzník
376d5d65cb ITS#7084 ACL of 'manage' gives pasword administrator access 
Password administrators can bypass safeModify, password quality checks
and trigger reset if policy instructs the server to.
 2020-07-03 20:42:14 +00:00
Quanah Gibson-Mount
58c978825c Issue#9020 - Use consistent namespaces for overlays 2020-06-22 20:44:12 +00:00
Quanah Gibson-Mount
f3e0707e34 Cleanup links to old ITS system 2020-06-21 16:37:48 +00:00
Quanah Gibson-Mount
479745365d Issue #8888 - Change numbered list to Note format 2020-06-01 19:05:26 +00:00
Ondřej Kuzník
528ab11f66 ITS#9271 Document ldap_parse_intermediate 2020-05-28 16:02:02 +00:00
Quanah Gibson-Mount
f926e66723 ITS#8873 - Delete obsolete configuration options from back-ldap, back-meta, and back-asyncmeta 2020-05-26 19:59:56 +00:00
Howard Chu
9183abe62c ITS#9264 add an optional lock to slapo-unique 2020-05-22 15:08:20 +01:00
Quanah Gibson-Mount
005c870d68 ITS#8154 - olcTimeLimit and olcSizeLimit are single valued, fix docs 2020-05-18 20:49:25 +00:00
Quanah Gibson-Mount
83217b9842 ITS#8614 - documentation updates 2020-05-18 19:37:47 +00:00
Ryan Tandy
9282e6edea ITS#8155 Support cacertdir with GnuTLS 2020-05-14 07:56:28 -07:00
Ryan Tandy
7dfbcfa151 Fix typos 2020-04-28 11:24:48 -07:00
Quanah Gibson-Mount
af5b31b2a7 2.5 version updates 2020-04-27 23:25:19 +00:00
Isaac Boukris
3cd50fa8b3 ITS#9189 rework sasl-cbinding support 
Add LDAP_OPT_X_SASL_CBINDING option to define the binding type to use,
defaults to "none".

Add "tls-endpoint" binding type implementing "tls-server-end-point" from
RCF 5929, which is compatible with Windows.

Fix "tls-unique" to include the prefix in the bindings as per RFC 5056.
 2020-04-23 21:00:39 +02:00
Quanah Gibson-Mount
1f4d4c9536 ITS#9230 - Update truncate man page information for 2.5 and later 2020-04-22 00:37:23 +00:00
Quanah Gibson-Mount
a019e7fe1a ITS#9207 - Remove MozNSS code and documentation 2020-04-20 21:38:01 +00:00
Ondřej Kuzník
6d6a330057 ITS#8245 Use Relax control to avoid uniqueness checks 
Still needs to retrieve the entry for ACL resolution until we can
restrict controls with ACLs.
 2020-04-06 20:44:09 +00:00
Quanah Gibson-Mount
4358ab5d73 ITS#9184 - Document V[V[V]] option to slapd 2020-04-06 18:46:01 +00:00
Quanah Gibson-Mount
a5b8a41c13 ITS#9003 
Note that with slapd-ldap, the special character "*" actually allows anonymous rather than denies, as is the case with authz-policy
 2020-04-01 19:40:27 +00:00
Ryan Tandy
5d8c491fa1 ITS#9166 Fix slapdconfig.sdf mismatched braces 2020-02-12 10:55:08 -08:00
Ondřej Kuzník
ba290f1c35 ITS#9156 Document ppolicy changes 2020-01-23 23:47:14 +00:00
Ondřej Kuzník
419b9ad202 ITS#9156 Implement pwdMaxIdle 2020-01-23 23:46:58 +00:00
Ondřej Kuzník
2b007d01db ITS#9156 Document corner cases and omissions 2020-01-23 23:46:10 +00:00
Quanah Gibson-Mount
f6ad222e41 Happy New Year! 2020-01-09 16:50:21 +00:00
Howard Chu
90b0abd894 ITS#9121 dynlist enhancements 
1) allow filtering on dynamic attribute values
2) populate an optionally configured memberOf attribute

test044 script still needs to be extended to test these
enhancements. We need to define an interim attributeType
for testing memberOf functionality.
 2019-12-16 18:31:12 +00:00
Ondřej Kuzník
5b304a3ae6 ITS#9071 Document "tls none" for back-ldap 2019-08-30 14:02:31 +01:00
Quanah Gibson-Mount
efbfc1fe95 ITS#9065 - Document correct attribute pwdGraceAuthnLimit 2019-08-19 15:45:31 +00:00
Quanah Gibson-Mount
7cc34fa722 ITS#9063 -- Fix missing bold tag for tls_reqcert 2019-08-12 23:49:50 +00:00
Quanah Gibson-Mount
c4df431c6c ITS#8977 - Note allowed value range for idlexp 2019-06-26 18:15:32 +00:00
Ondřej Kuzník
17b5b3d7f8 Separate VERSION to its own paragraph 2019-06-21 13:44:06 +02:00
Ondřej Kuzník
6a5e30674b ITS#8671 Expose OpenLDAP specific interfaces in openldap.h 2019-06-14 11:52:35 +02:00
Quanah Gibson-Mount
86bffa713e ITS#9010 - More BDB/HDB cleanup 
Remove some remaining documentation bits referencing bdb/hdb databases
Remove regression test specific to back-bdb
 2019-06-07 17:31:53 +00:00
Quanah Gibson-Mount
71599e4ef4 ITS#9031 - Fix missing reqDN index 2019-06-07 17:26:36 +00:00
Quanah Gibson-Mount
98442e3272 ITS#9031 - Add missing reqDN index for delta-syncrepl 2019-06-07 16:32:35 +00:00
Quanah Gibson-Mount
1aa1d9e4c3 Fix examples by removing quotes 2019-05-21 20:34:32 +00:00
Quanah Gibson-Mount
ec2cb12e68 ITS#9010 - Delete back-bdb/back-hdb 
This commits deletes all references and code for back-bdb and back-hdb.
There is some follow up work still necessary to flush out the admin
guide for back-mdb.
 2019-05-13 17:20:28 +00:00
Ondřej Kuzník
a5ad0e0643 ITS#8693 Tweak previous commit 2019-05-08 15:31:13 +01:00
Ondřej Kuzník
a4e2d5c501 ITS#8693 Document unused but generated starttls parameter 2019-05-08 15:12:08 +01:00
Quanah Gibson-Mount
6d79439630 ITS#8881 - Note MDB is the primary backend 
Update to note that MDB is the primary backend and HDB/BDB are
deprecated.
 2019-04-17 23:52:51 +00:00
Quanah Gibson-Mount
c5ad08c1a4 ITS#8771 - Note back-mdb is recommended 
Commit 279594c22f officially marked
slapd-mdb as being the recommended backend for OpenLDAP, superseding
back-hdb.  This man page was missed during that update.
 2019-04-17 23:49:08 +00:00
Ondřej Kuzník
4a136c7651 ITS#8731 Improve sample processing script 2019-03-21 10:29:03 +00:00
Nadezhda Ivanova
f239bbd3c6 Add LDAP_OPT_KEEPCONN option 
This option instructs try_read1msg to not free the connection on read error
or on Notice of disconnections, but leave it to the caller. It is needed,
for example, by back-asyncmeta, who expects to have control on when
its target connections are freed. Must be used with caution.
 2019-02-28 17:27:54 +00:00
Nadezhda Ivanova
bb7e14d201 ITS#8734 Fixes for many back-asyncmeta issues 
Includes all the changes necessary to fix back-asyncmeta issues
discovered during on-site testing since the start of 2016.
These include:
Issues with stability - crashes and assetion failures
Incorrect behavior during unstable network conditions, such as inability to reset connections
or process responses, or "hanging" to wait for a response that would never be received.
Memory leaks and memory management fixes - major redesign of the way back-asyncmeta
works with memory contexts.
Rewrite was replaced with suffix-massage in configuration, and the network-timeout value was changed to milliseconds.
Incorrect behavior when SASL is used to bind to a target.
Many problems caused by race conditions
Fixes for compiler warnings, and tests.
Cleanup of unused code.
 2019-02-28 16:22:11 +00:00
Ondřej Kuzník
e5b5232516 ITS#8731 Add the documentation and scripts 2019-02-15 16:51:53 +00:00
Howard Chu
c8b806b676 ITS#8977 make IDL size configurable 2019-02-15 14:37:51 +00:00
Quanah Gibson-Mount
b45a6a7dc7 Happy New Year! 2019-01-14 18:46:16 +00:00
Howard Chu
52ace4554e More for privateKey tweak 2018-12-18 21:56:18 +00:00
Quanah Gibson-Mount
3add82a3bb ITS#8286 -- Add matching rules for attributes 
Add matching rules for all cases where it was missing.  Cleanup
incorrect types for a few attributes as well.  Fix network-timeout
handling in back-ldap/meta/asyncmeta.
 2018-12-18 19:14:06 +00:00
Quanah Gibson-Mount
2f27605811 ITS#8887 
Fix repeated use of the word is
 2018-11-16 22:31:16 +00:00
Quanah Gibson-Mount
9d4a5f64b6 Change backend reference from slapd-bdb to slapd-mdb 2018-11-14 21:28:01 +00:00
Ondřej Kuzník
5c0b820c4a ITS#8772 Remove cthread support 2018-10-19 13:08:10 +01:00
Howard Chu
111329a2dc More for back-mdb multival 
Allow configuring thresholds for specific attributes
 2018-08-30 11:24:25 +01:00
Ondřej Kuzník
8a259e3df1 ITS#8573 allow all libldap options in tools -o option 2018-06-14 16:19:10 +01:00
Ondřej Kuzník
18afc2446d Fix quoting example 2018-06-14 16:19:10 +01:00
Quanah Gibson-Mount
59e9ff6243 Happy New Year 2018-03-22 15:35:24 +00:00
Howard Chu
f183b81a68 ITS#8818 SASL_MECH/SASL_REALM are not user-only 
Changed as of ITS#4327 commit 86d10729
 2018-03-13 18:57:53 +00:00
Ondřej Kuzník
4035016796 ITS#6656 Docs for reqEntryUUID 2017-10-26 11:53:50 +01:00
Quanah Gibson-Mount
a2b946d008 ITS#6300 - Remove kqueue from project list 2017-10-19 16:07:13 -07:00
Josh Soref
10566c8be3 ITS#8605 - spelling fixes 
* javascript
* kernel
* ldap
* length
* macros
* maintained
* manager
* matching
* maximum
* mechanism
* memory
* method
* mimic
* minimum
* modifiable
* modifiers
* modifying
* multiple
* necessary
* normalized
* objectclass
* occurrence
* occurring
* offered
* operation
* original
* overridden
* parameter
* permanent
* preemptively
* printable
* protocol
* provider
* really
* redistribution
* referenced
* refresh
* regardless
* registered
* request
* reserved
* resource
* response
* sanity
* separated
* setconcurrency
* should
* specially
* specifies
* structure
* structures
* subordinates
* substitution
* succeed
* successful
* successfully
* sudoers
* sufficient
* superiors
* supported
* synchronization
* terminated
* they're
* through
* traffic
* transparent
* unsigned
* unsupported
* version
* absence
* achieves
* adamson
* additional
* address
* against
* appropriate
* architecture
* associated
* async
* attribute
* authentication
* authorized
* auxiliary
* available
* begin
* beginning
* buffered
* canonical
* certificate
* charray
* check
* class
* compatibility
* compilation
* component
* configurable
* configuration
* configure
* conjunction
* constraints
* constructor
* contained
* containing
* continued
* control
* convenience
* correspond
* credentials
* cyrillic
* database
* definitions
* deloldrdn
* dereferencing
* destroy
* distinguish
* documentation
* emmanuel
* enabled
* entry
* enumerated
* everything
* exhaustive
* existence
* existing
* explicitly
* extract
* fallthru
* fashion
* february
* finally
* function
* generically
* groupname
* happened
* implementation
* including
* initialization
* initializes
* insensitive
* instantiated
* instantiation
* integral
* internal
* iterate
 2017-10-11 14:39:38 -07:00
Nathaniel McCallum
29f6260364 ITS#7532 - Add new function ldap_connect(). 
This function is used to manually establish a connection after
a call to ldap_initialize(). This is primarily so that a file
descriptor can be obtained before any requests are sent for the
purposes of polling for writability.
 2017-10-11 14:31:22 -07:00
Quanah Gibson-Mount
9bef357403 ITS#6475 - Man page updates to slapd.conf/slapd-config for the new olcSaslAuxpropsDontUseCopy and olcSaslAuxpropsDontUseCopyIgnore parameters for use with SASL/OTP 2017-10-11 14:31:01 -07:00
Quanah Gibson-Mount
fba60ab2ed ITS#8121 - Note ldap_sasl_bind and ldap_sasl_bind_s can be used to make simple binds via the LDAP_SASL_SIMPLE mechanism 2017-10-06 10:44:38 -07:00
Ted C. Cheng
e20ac6b539 ITS#7520 - back-ldap omit-unknown-schema changes 2017-10-06 10:44:31 -07:00
Quanah Gibson-Mount
44b9fd1c81 ITS#5048 - index on entryCSN is mandatory 2017-10-06 10:39:43 -07:00
Michael Ströder
b65e0b5731 ITS#8714 Send out EXTENDED operation message from back-sock 2017-09-06 15:32:28 +01:00
Quanah Gibson-Mount
0f80e05eeb ITS#8715 Fix typo with olcTLSCiphersuite 2017-08-21 09:19:12 -07:00
Quanah Gibson-Mount
17cc93d570 ITS#8713 Delete stub man page for LDBM 2017-08-16 08:50:39 -07:00
Quanah Gibson-Mount
cc79503e04 ITS#8123 - Fix wording to match examples 2017-04-26 11:05:35 -07:00
Quanah Gibson-Mount
3eeb562489 Fix slapo-pcache to use mdb as the example backend 2017-04-25 16:09:22 -07:00
Quanah Gibson-Mount
33f5e7122c ITS#8635 - Note that non-zero serverID's are required for MMR, and that serverID 0 is specific to single master replication only 2017-04-24 13:15:56 -07:00
Quanah Gibson-Mount
c4eaa5416d ITS#8613 - Note that slapo-memberOf should not be used in a replicated environment 2017-04-24 11:51:15 -07:00
Jephte CLAIN
70e85ec624 ITS#8344 - accesslog database should not be replicated 2017-04-24 11:38:35 -07:00
Howard Chu
dacf15475f autoca manpage updates 2017-04-09 20:48:37 +01:00
Howard Chu
2860fd4c6c Move privateKey schema into slapd 2017-04-09 14:16:56 +01:00
Howard Chu
6b573cea57 Flesh out experimental OIDs 2017-04-09 13:47:25 +01:00
Howard Chu
79284a06d3 Catalog of assigned OID arcs 
With some specific elements as well, but not exhaustively listed.
Patches welcome.
 2017-04-09 03:55:01 +01:00
Howard Chu
2b920ecaec Add autoca overlay 
Automated certificate authority
 2017-04-08 02:51:08 +01:00
Quanah Gibson-Mount
207fde15eb ITS#7700 - Update documentation about the "limits" configuration option 2017-03-29 14:29:25 -07:00
Quanah Gibson-Mount
515ac60fdc ITS#7700 - Update syncrepl configuration bits with missing parameters 2017-03-29 13:47:13 -07:00
Quanah Gibson-Mount
b1e1904a8c ITS#7177, ITS#6339 - Fix VV option information 2017-03-29 12:36:42 -07:00
Jan Vcelak
54c4df72dd ITS#7177 add SASL_NOCANON option to ldap.conf(5) 2017-03-29 12:35:09 -07:00
Quanah Gibson-Mount
92559cc663 ITS#7341 Fix typo in access control so that it is attrs= not attr= 2017-03-29 12:00:26 -07:00
Gerardo Santana
1ae58200fe ITS#8499 Fix typo in admin guide 2017-03-29 10:52:48 -07:00
Quanah Gibson-Mount
2af41ec852 ITS#8253 - Further clarification around replication information 2017-02-21 15:27:13 -08:00
Quanah Gibson-Mount
45018fef17 ITS#8253 - better document options for the syncprov module 2017-02-06 15:27:25 -08:00
Howard Chu
6f3c970f47 Document threadqueues option 
Implemented in 34f832faee
 2017-02-06 09:35:05 +00:00
Quanah Gibson-Mount
c01bbc7e3b Tweak examples to use back-mdb 2017-02-02 10:43:01 -08:00
Quanah Gibson-Mount
6e15ccb4dd Fix grammar 2017-01-18 13:32:23 -08:00
Quanah Gibson-Mount
ba59f9859d ITS#8544 - Grammar and escaping fixes 2017-01-18 07:56:59 -08:00
Quanah Gibson-Mount
7b3a853736 ITS#8565 - Clearly document rootdn requirement for the ppolicy overlay 2017-01-18 07:50:23 -08:00
Quanah Gibson-Mount
bf9d779171 ITS#8563 - Fix missing mentions of back-mdb 2017-01-17 10:40:45 -08:00
Quanah Gibson-Mount
760ee6cd10 ITS#8562 - Various typo fixes 2017-01-17 10:35:32 -08:00
Quanah Gibson-Mount
1df85d3427 Happy New Year! 2017-01-03 12:36:47 -08:00
Quanah Gibson-Mount
cd140c12eb ITS#8538 - Update information on the interval keyword, as it affects refreshAndPersist in very specific circumstances 2016-12-02 13:27:56 -08:00
Ryan Tandy
bbc15ab657 ITS#8185 fix typo in man page 2016-10-11 21:45:32 -07:00
Quanah Gibson-Mount
abe4b3f0ca Add -n 0 option to example slapadd command 2016-08-28 11:55:48 -07:00
Quanah Gibson-Mount
8d45eb03c2 Fix quickstart guide to reference etc/slapd.d instead of etc/cn=config 2016-08-27 13:22:40 -07:00
Ryan Tandy
e35deef110 ITS#8099 bindconf ciphersuite setting is 'tls_cipher_suite' 2016-06-24 18:14:17 -07:00
Quanah Gibson-Mount
4d3a54835c Fix minor typo 2016-02-26 18:37:10 -06:00