Howard Chu
09679eb715
Added SLAP_MR_VALUE_NORMALIZED_MATCH, avoid redundant normalize when
...
calling value_find with already-normalized DNs
2002-12-04 18:19:46 +00:00
Howard Chu
827ea96e16
ITS#1523 enhanced ACL caching
2002-12-04 02:35:00 +00:00
Kurt Zeilenga
da76c1951e
First-cut proxy authorization support.
2002-12-03 06:11:32 +00:00
Kurt Zeilenga
8754c8f2a3
#unifdef paged results, remove lint
2002-11-28 04:38:41 +00:00
Pierangelo Masarati
415a8d325f
add limits to entries count for paged results
2002-11-21 20:49:02 +00:00
Pierangelo Masarati
c354bb23bf
Support for RFC 2696:
...
LDAP Control Extension for Simple Paged Results Manipulation
contributed by Lynn Moss <lynnmoss@us.ibm.com> (ITS#2189)
applied with changes.
2002-11-21 02:16:53 +00:00
Pierangelo Masarati
76bf91f553
remove #ifdef SLAP_FILTER_HASSUBORDINATES
2002-11-10 19:48:36 +00:00
Kurt Zeilenga
6f59ca0e5b
Add superiorUUID to system schema
2002-10-28 20:01:55 +00:00
Pierangelo Masarati
f07cabad0f
need to move #define here; on by default
2002-10-26 16:32:11 +00:00
Pierangelo Masarati
7b3f889ec1
fix hasSubordinate filtering; now it can be safely turned on
2002-10-26 16:18:31 +00:00
Kurt Zeilenga
36569048ff
Add "allow update_anon"
...
Fix -USLAP_X_LISTENER_MOD builds
2002-10-25 18:47:24 +00:00
Jong Hyuk Choi
8074294f1d
LCUP persistent search code drop
2002-10-25 17:51:30 +00:00
Pierangelo Masarati
97e526cb2d
add restrictions related to listeners in form of file permissions
...
(see in slapd(8) the description on how to enforce file permissions
on sockets in ldapi schema); at present, only user permissions are
used as follows: the url extension x-mod=-rwxrwxrwx is used; only
the user permisisons are considered, e.g. the first set of rwx;
"r" means read is allowed from that listener
"w" means write is allowed on that listener
"x" means bind is not required on that listener
these restrictions ADD to those already present, and are actually
checked AFTER the other restrictions, but BEFORE ACLs, so they can
be used to apply gross restrictions but should not be viewed as
a replacement of ACLs. To compile this, #define SLAP_X_LISTENER_MOD
2002-10-25 16:43:44 +00:00
Pierangelo Masarati
956f1d16aa
listener:
...
- use bervals for url and sockname
- pass connection_init() the listener struct pointer instead of each value
- don't copy them in the Connection struct 'cause they're not going to change
- define macros for legacy usage of c_listener_url and c_sockname
2002-10-24 10:03:52 +00:00
Kurt Zeilenga
1aa829922f
Implement content rule checks
...
w/ implicit default rules allowing any auxiliary class to be mixed in
2002-10-09 23:02:01 +00:00
Kurt Zeilenga
acc32b9d9e
Basic framework for DIT Content Rules (not yet enforced)
2002-10-09 07:11:50 +00:00
Kurt Zeilenga
023d0e2a5c
Rework unprotected simple bind checks
2002-10-08 19:03:18 +00:00
Kurt Zeilenga
f5e6d1db41
#unifdef -DSCHEMA_DN
2002-09-29 04:30:38 +00:00
Jong Hyuk Choi
1509e321de
LCUP Response Control Code
2002-09-14 00:29:06 +00:00
Kurt Zeilenga
37d9880495
Some LCUP clean up
2002-09-06 00:29:20 +00:00
Jong Hyuk Choi
4b48c05a8e
LDAP Client Update Protocol - non-persistent update (TODO: response control ...)
2002-09-04 02:00:42 +00:00
Kurt Zeilenga
8a5b200c44
Add appropriate matching rule checks.
...
Clean up syntax error reporting.
2002-09-03 07:01:09 +00:00
Kurt Zeilenga
e9a71156cc
Add matching rule use support where assertion syntax != value syntax
2002-08-31 20:42:25 +00:00
Pierangelo Masarati
e2ec62f09f
add matchingRuleUse to schema; use a berval instead of _oidlen in syntax and matching rule
2002-08-31 10:45:22 +00:00
Pierangelo Masarati
fbc11bd16a
- added the capability to filter based on hasSubordinate attribute
...
to back-bdb, back-ldbm and back-sql (the latter with limitations);
- added handling of ":dn" attributes to extended rfc2254 filters
and to matched value filter
- altered the behavior of get_mra() when a matching rule is given:
now it checks whether it is compatible with the attribute syntax
and, in case it is, the given mr is used. In case of no type,
the check is delayed when filtering
2002-08-29 10:55:48 +00:00
Kurt Zeilenga
1086ffb438
Round one of subclass indexing for objectClass and structualObjectClasss.
...
add soc_cname to ObjectClass structure
2002-08-29 01:12:59 +00:00
Howard Chu
9f5b28baf3
Remove c_sasl_bindmutex, Binds are already serialized.
2002-08-26 22:20:30 +00:00
Kurt Zeilenga
1c5725010e
Add a Connection pointer to the Operation.
2002-08-26 19:29:34 +00:00
Howard Chu
925714ceef
Experimental cruft to propagate valid Operation to SASL callbacks.
...
If you have a better way, jupm on in...
2002-08-24 07:34:50 +00:00
Howard Chu
8c30114d84
Added thread-pool getkey/setkey functions
2002-08-24 05:39:43 +00:00
Howard Chu
e5091f5926
Updated register_syntax, register_matching_rule for more convenient
...
calling from other modules
2002-08-17 01:29:18 +00:00
Howard Chu
07ebdca237
ITS#1893, use "schemadn" to configure subschemasubentry DN. (diff was
...
inaccessible, this is original code, not contributed.)
2002-08-10 03:10:52 +00:00
Kurt Zeilenga
eb581e43e7
Fix for:
...
SASL regex segmentation faults with group based acls (ITS#1978)
based, in part, by patch submitted by Simon Wilkinson <simon@sxw.org.uk>.
2002-07-28 07:27:55 +00:00
Kurt Zeilenga
0371c61073
Add monitorContext rootDSE attribute
2002-06-19 06:44:16 +00:00
Kurt Zeilenga
9a38d98d37
Add option to disallow unprotected simple authentication.
...
Add protected simple authentication as a "strong" mechanism.
2002-06-17 22:18:27 +00:00
Kurt Zeilenga
27fdd04153
Add -4/-6 flags to slapd to force use of IPv4 or IPv6
2002-06-15 22:01:39 +00:00
Howard Chu
07a34489c6
Added saslAuthzTo and saslAuthzFrom to system schema.
...
Added sasl-authz-policy config keyword to control proxy authorization.
Moved sasl-related config processing to sasl.c:slap_sasl_config().
Moved other global defs used only in saslauthz.c into saslauthz.c.
2002-06-14 08:10:14 +00:00
Howard Chu
c5c1ddb1ca
Deleted Connection->c_cdn. Use conn->c_dn instead...
2002-06-12 08:38:59 +00:00
Howard Chu
6d1a322f73
Finished slap_sasl_setpass for Cyrus 1.5; Cyrus 2.1 is incomplete.
...
Added conn->c_sasl_dn, streamlined slap_sasl_bind.
2002-06-12 04:05:48 +00:00
Kurt Zeilenga
55e925abe6
Add abstract/final system attribute types.
...
clean up error code macros
2002-05-31 20:24:26 +00:00
Kurt Zeilenga
bdad40c696
Disallow addition of system schema via config files.
2002-05-30 05:23:37 +00:00
Kurt Zeilenga
aecf4033f6
Hide some yet-to-be-implemented schema
2002-05-29 06:14:55 +00:00
Howard Chu
a067d64c3a
Fixes for slap_sasl_regexp parsing and normalization
2002-05-07 18:46:32 +00:00
Kurt Zeilenga
8c152396b9
Matched Values implementation (ITS#1776) based upon submission
...
form Mikhail Sahalaev <M.Sahalayev@pgr.salford.ac.uk>.
Further work needed:
add testxxx-matchedvalues
rework ldapsearch(1) portion of patch to generalize use of options
---
Copyright 2001, Mikhail Sahalaev, All rights reserved.
This software is not subject to any license of University Of
Salford.
Redistribution and use in source and binary forms are permitted
without restriction or fee of any kind as long as this notice
is preserved.
2002-05-02 18:56:56 +00:00
Howard Chu
7fae7fe155
Changed be_[n]suffix, be_[n]suffixAlias to BerVarray. No more bvec's anywhere.
2002-05-01 18:50:14 +00:00
Pierangelo Masarati
6b8828ed28
handle trivial cases
2002-04-29 19:14:42 +00:00
Howard Chu
efecf4e121
ITS#1733 eliminate o_abandonmutex
2002-04-11 08:03:40 +00:00
Howard Chu
5c4a924f81
ITS#1735 unused conn.c_uthc_backend, include ldap_pvt.h
2002-04-11 07:42:57 +00:00
Pierangelo Masarati
c22f10f4ca
don't count operations per request if back-monitor is not built
2002-04-08 19:13:13 +00:00
Pierangelo Masarati
51e33154b3
count initiated/completed operations divided per request
2002-04-08 18:41:15 +00:00
Pierangelo Masarati
440637dde7
various acl improvements/cleanups/speedups (need to be documented, though)
2002-04-03 15:42:19 +00:00
Pierangelo Masarati
9bf3ccd0bf
allow attribute exclusion list in selective replica
2002-03-30 08:52:20 +00:00
Kurt Zeilenga
e7523b1496
add si_syn_octetString to keep syntax load checks in one place.
2002-03-30 01:07:20 +00:00
Kurt Zeilenga
0be4d842bc
Update control framework
...
Misc cleanup
NT updates
2002-03-24 02:17:21 +00:00
Pierangelo Masarati
49f324a1fa
fix ITS#1671 and more
2002-03-23 16:53:44 +00:00
Kurt Zeilenga
33516fa9eb
#ifdef ACI/authpasswd schema
2002-02-18 20:06:50 +00:00
Kurt Zeilenga
32fb8b0bff
Add ACL state recording to avoid multiple evaluation of
...
value-independent access controls.
2002-02-09 05:14:17 +00:00
Howard Chu
f50b75f0c2
Added replica attr=<attribute list> support to filter replog content
2002-02-08 06:44:33 +00:00
Kurt Zeilenga
41e8195c2e
Fix binary v lang_range typo
2002-01-31 15:09:55 +00:00
Kurt Zeilenga
057dda50d3
remove deadwood, e.g. slap_index2prefix()
2002-01-31 00:11:44 +00:00
Kurt Zeilenga
0a31400d63
Some misc cleanup
2002-01-29 06:06:20 +00:00
Kurt Zeilenga
14662be692
Add whoami extended operation.
...
Add no-op control (needs backend implementation)
Updated modify password extended option API
Kludged control infrastructure to support frontend only controls
2002-01-28 20:25:30 +00:00
Howard Chu
5e522ca882
Changed Access.a_sockurl_pat, Connection.c_listener_url etc.
...
to struct bervals
2002-01-28 11:41:07 +00:00
Kurt Zeilenga
8057b1a0a8
Language Tag and Range Support <draft-zeilenga-ldap-rfc2596-xx.txt>
...
Based upon code submitted by Steve Omrani <somrani@us.ibm.com> (ITS#1525)
2002-01-26 23:14:51 +00:00
Howard Chu
4191f39037
Changed slap_authz_info.sai_mech to struct berval.
...
Changed sasl_* to use struct bervals.
2002-01-26 13:57:41 +00:00
Howard Chu
1226d620e0
Added Entry->e_bv for entry_decode
2002-01-25 07:11:52 +00:00
Kurt Zeilenga
3d8c269f2e
Update collective attribute schema
2002-01-19 22:33:07 +00:00
Howard Chu
44f0efb44f
Defined some ObjectClass->soc_flags values, changed is_entry_*objectclass
...
macros to use flags
2002-01-19 02:58:00 +00:00
Kurt Zeilenga
7f0289a390
Move most of the new ber_*cmp routines to lber_pvt.h to keep them private,
...
rework them slightly to avoid computations which might result in underflow.
Rename them for consistency with other berval routines.
Remove some utf8 lint.
2002-01-16 18:16:15 +00:00
Kurt Zeilenga
20af643fc4
more cleanup
2002-01-16 04:40:41 +00:00
Kurt Zeilenga
13af7fb073
Misc. cleanup, remove lint, remove unused deprecated functions, etc.
2002-01-15 07:29:15 +00:00
Howard Chu
d70498f0f2
Revert previous commit again. autosubtypes are gone for good.
2002-01-15 01:49:53 +00:00
Howard Chu
1180279104
Revert previous commit
2002-01-14 20:13:25 +00:00
Howard Chu
2e8a98e3a1
Fix subtype indexing. Really really made it the default.
2002-01-14 10:37:08 +00:00
Howard Chu
ac1332cdb8
Renamed BVarray to BerVarray. Moved slapd:bvarray_{add,free} to
...
liblber:ber_bvarray_{add,free}.
2002-01-14 01:43:17 +00:00
Howard Chu
92481f7057
Modify performance patch from Gertjan van Wingerde <gwingerde@home.nl>
2002-01-13 23:23:23 +00:00
Kurt Zeilenga
ff23cd0f7f
Clean up last patch
2002-01-13 20:06:53 +00:00
Kurt Zeilenga
64619bed94
Install system schema checks
2002-01-13 19:38:12 +00:00
Howard Chu
af862f8c6b
Reworked callback layout, added send_search_entry callback
2002-01-13 16:40:37 +00:00
Kurt Zeilenga
ce2d8ebc7e
Misc cleanup, lint removal, and minor optimizations
2002-01-13 05:00:59 +00:00
Pierangelo Masarati
f8fb4aca76
error message from be_entry_put tool backend function
2002-01-12 16:00:51 +00:00
Pierangelo Masarati
ea86a19460
monitor objectclass definition
2002-01-12 11:36:23 +00:00
Kurt Zeilenga
19f2925ab1
Add some basic system schema checks.
2002-01-11 18:56:01 +00:00
Kurt Zeilenga
f57057ee01
Add system schema flags to backends supporting system schema.
2002-01-11 18:26:17 +00:00
Kurt Zeilenga
f402762f9a
Remove lint.
2002-01-11 18:03:28 +00:00
Kurt Zeilenga
20dd3c1273
Add Backend to system schema check routines
2002-01-11 18:00:22 +00:00
Pierangelo Masarati
5dfbf93687
need this outside for back monitor ...
2002-01-11 10:46:58 +00:00
Kurt Zeilenga
504404725a
Flip some bits in the backend flags mask
2002-01-11 02:31:47 +00:00
Kurt Zeilenga
c3b62aae91
Fix the bits
2002-01-10 22:54:24 +00:00
Kurt Zeilenga
55501e886f
Rework backend (lastmod + glue + system schema) flags
2002-01-10 22:34:11 +00:00
Howard Chu
8067107ed2
Added an_oc to AttributeName for caching ObjectClass lookups.
...
Added error checking to str2anlist; if the attr name doesn't match
any attribute or objectclass the offending attr name is displayed.
2002-01-10 09:54:14 +00:00
Kurt Zeilenga
bf5b4405fe
More clean up of system schema changes
2002-01-10 06:58:57 +00:00
Kurt Zeilenga
cadecfaae1
Finish building in operational attributes
2002-01-10 04:10:54 +00:00
Kurt Zeilenga
f4336c8953
More builtin operational attributes
2002-01-10 03:31:11 +00:00
Kurt Zeilenga
6ed15e3350
Another round of operational attribute changes... more to follow.
2002-01-10 01:46:08 +00:00
Kurt Zeilenga
91644affd9
Minor cleanup
2002-01-10 00:54:31 +00:00
Kurt Zeilenga
c80d93f2bb
Start of new operational attribute framework
2002-01-10 00:17:21 +00:00
Kurt Zeilenga
9b0585f393
Add very basic subentry search support.
2002-01-09 19:21:07 +00:00
Kurt Zeilenga
bc1cd95149
Rework control infrastructure a bit. Add subentries visibility control.
2002-01-09 06:29:54 +00:00
Kurt Zeilenga
645ae7a22f
Hide select matching rules from published schema
2002-01-06 05:29:04 +00:00