mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
15,150 Commits 38 Branches 307 Tags 74 MiB
55b5685425
Commit Graph

203 Commits

Author SHA1 Message Date
Kurt Zeilenga
cbc11c9233 unifdef -DLDAP_NULL_IS_NULL 2006-02-14 23:18:12 +00:00
Pierangelo Masarati
f4c578cb31 delete all conns cached for a single client->proxy connection (partially addresses ITS#4387) 2006-02-06 21:39:56 +00:00
Pierangelo Masarati
f0d6ac3e0b debug cleanup 2006-02-04 15:50:22 +00:00
Pierangelo Masarati
54aefe30f7 implement proxy long-lived connection TTL 2006-02-01 23:10:12 +00:00
Pierangelo Masarati
7038044c91 in abnormal cases, error may be sent twice 2006-01-11 15:32:34 +00:00
Pierangelo Masarati
0dce854ce4 complete fix to back-ldap (ITS#4315?); not sure dobind should actually be treated as a bind... 2006-01-11 12:11:59 +00:00
Pierangelo Masarati
7368ffb77a don't idassert anon2anon (ITS#4321) 2006-01-10 13:17:31 +00:00
Pierangelo Masarati
f3c2c7ba48 use slab memory for proxyauthz 2006-01-09 20:00:51 +00:00
Pierangelo Masarati
6995603a3d refine fix to ITS#4315; apply it to back-meta as well 2006-01-09 14:20:37 +00:00
Howard Chu
8538223def TS#4315 fix prev commit, spinning in ldap_back_dobind 2006-01-09 09:37:52 +00:00
Howard Chu
2b39a26150 ITS#4315 fix bind concurrency issue 2006-01-09 09:14:53 +00:00
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Pierangelo Masarati
8c2ceeb605 don't idassert anonymous unless explicitly configured (ITS#4272) 2005-12-20 20:43:14 +00:00
Pierangelo Masarati
4538422dc9 better handling of internal operations 2005-12-15 13:47:25 +00:00
Pierangelo Masarati
430aff35bb assume operations with version set to 0 are internal, and use LDAPv3 2005-12-15 11:39:46 +00:00
Pierangelo Masarati
fcda57e90f use macros instead of numbers... 2005-12-13 20:11:26 +00:00
Pierangelo Masarati
1b42fde372 implement (per-target) per-conn proxy-side idle-timeout (ITS#4115); revitalize (per-target) network-timeout in back-meta; fix issue with connection initialization error in ldap_back_retry(); cleanup configuration of back-ldap 2005-12-07 17:35:02 +00:00
Pierangelo Masarati
2ea72234aa return more appropriate error code 2005-12-06 20:04:52 +00:00
Pierangelo Masarati
4852bf8a58 don't care about empty matched/text #ifdef LDAP_NULL_IS_NULL 2005-11-20 01:59:26 +00:00
Pierangelo Masarati
7fa4b159bf fix dangling resources issue in slapd-ldap; completely rework slapo-chain to fix the resource leak/concurrency issue; add support for multiple well-known URIs to set credentials for, and deal with unknown URIs anonymously; similar reworking and cleanup for slapd-meta 2005-11-19 15:00:50 +00:00
Pierangelo Masarati
78bd3bf6a3 handle LDAPv2 when returning timelimit; silence warning 2005-11-11 09:54:07 +00:00
Pierangelo Masarati
93abd4c616 cannot happen... 2005-11-09 12:58:57 +00:00
Pierangelo Masarati
4cab386d13 backport write operation timeouts from back-meta to back-ldap; minor cleanup & silence warnings 2005-11-06 23:29:10 +00:00
Pierangelo Masarati
4744733638 don't copy o_ndn into lc_bound_ndn, otherwise we end up in a bind with DN but no password\! 2005-10-14 23:25:57 +00:00
Pierangelo Masarati
112be0118e cleanup states/timeout handling in back-ldap/meta; add connection pooling and defer of pseudoroot bind to back-meta 2005-09-24 18:39:26 +00:00
Pierangelo Masarati
fb3fc81c7e improved authz_backend detection for internal databases (ITS#4018) 2005-09-10 09:56:29 +00:00
Pierangelo Masarati
866148810e release resources (ITS#4016) 2005-09-09 02:37:38 +00:00
Pierangelo Masarati
075220dd7e need some minimal timeout otherwise strange issues occur 2005-08-22 18:14:41 +00:00
Pierangelo Masarati
15d1b4d5dd cleanup locking 2005-08-20 19:00:56 +00:00
Pierangelo Masarati
5873048347 fix return code (prevents clean usage of back-ldap for internal searchs) 2005-08-17 19:38:36 +00:00
Hallvard Furuseth
a0b5f5138b Remove unused label "error_return" 2005-08-16 19:45:50 +00:00
Pierangelo Masarati
7b9173d0bb should compile also when #undef HAVE_TLS 2005-08-12 10:51:39 +00:00
Pierangelo Masarati
a23466f64a should compile also when #undef HAVE_TLS 2005-08-12 10:49:55 +00:00
Pierangelo Masarati
c6e2a69f27 fix tls propagation, including rebind 2005-08-11 16:01:24 +00:00
Pierangelo Masarati
fa27310d77 use trylock only where necessary 2005-08-07 00:35:11 +00:00
Pierangelo Masarati
4ed743cc84 remove unrequired member; address ITS#3913 2005-08-02 22:48:30 +00:00
Pierangelo Masarati
4148ddc31f save 1 function call... 2005-08-02 08:13:16 +00:00
Pierangelo Masarati
a91ebfac79 plug leaks 2005-07-25 20:47:39 +00:00
Pierangelo Masarati
3e84f692aa there might definitely be concurrency issues, but it's not pooled connections' fault 2005-07-23 22:03:35 +00:00
Pierangelo Masarati
e810105f87 (mostly) reverting previous commit (overconservative) 2005-07-23 22:02:12 +00:00
Pierangelo Masarati
796316bc84 strengthen concurrency protection 2005-07-23 19:39:51 +00:00
Pierangelo Masarati
6adfb5dd2f note an issue 2005-07-22 03:23:26 +00:00
Hallvard Furuseth
81ecb0b153 assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL). 2005-07-18 06:22:33 +00:00
Pierangelo Masarati
681a547e13 fix potential deadlock 2005-07-04 22:41:27 +00:00
Pierangelo Masarati
982981d465 fix potential deadlock; improve idassert in case of authzFrom rules (new flag values); rootdn can always idassert 2005-07-03 23:27:56 +00:00
Pierangelo Masarati
1aaa18b180 more on ITS#3808 2005-06-29 18:16:29 +00:00
Pierangelo Masarati
9e811df052 seems to definitely fix issues related to ITS#3808 2005-06-29 16:38:09 +00:00
Pierangelo Masarati
cbe9c74675 return LDAP_SUCCESS if Start TLS failed but was not critical 2005-06-29 12:38:18 +00:00
Pierangelo Masarati
671b02f748 more on ITS#3808 2005-06-29 12:28:40 +00:00
Pierangelo Masarati
196af0e056 (partial?) fix ITS#3808 2005-06-29 11:44:11 +00:00
Pierangelo Masarati
a7f44159c1 complete back-config support, including chain overlay; passes all tests; HEADS-UP: few syntax changes (essentially backwards compatible) 2005-05-23 07:25:00 +00:00
Pierangelo Masarati
471f4772a0 cleanup connection locking 2005-04-21 00:49:35 +00:00
Pierangelo Masarati
a141e3badf enable use of asynchronous call to StartTLS 2005-04-16 02:56:46 +00:00
Pierangelo Masarati
5affbfa428 add SASL bind for acl-authc; use slap_bindconf 2005-04-10 23:44:06 +00:00
Pierangelo Masarati
edfbbeb653 clarify comment 2005-02-19 16:55:14 +00:00
Pierangelo Masarati
f8b463d0bc use asynchronous StartTLS 2005-02-19 16:14:22 +00:00
Howard Chu
beaeb5ed5c Fix if HAVE_TLS is missing 2005-02-18 04:20:56 +00:00
Pierangelo Masarati
e50092878d temporarily revert to synchronous start tls 2005-02-05 17:33:22 +00:00
Pierangelo Masarati
43138aa500 use asynchronous Start TLS exop; allow propagating TLS if used in the original connection; minor cleanup 2005-02-05 15:55:02 +00:00
Howard Chu
122cdf4549 In ldap_back_bind, don't send success result, frontend does it 2005-02-01 00:19:45 +00:00
Pierangelo Masarati
cfc77f0a0a make referrals chasing optional (default is to chase them) 2005-01-30 22:56:59 +00:00
Pierangelo Masarati
3dd2f4150b allow proxyAuthz of users authenticated via SASL 2005-01-26 20:01:02 +00:00
Pierangelo Masarati
c6b6d2a5ec StartTLS (ITS#3507) + chain overlay fixes and improvements 2005-01-24 09:38:11 +00:00
Pierangelo Masarati
1d919d35a5 remove #ifdef's for identity assertion 2005-01-20 09:04:37 +00:00
Pierangelo Masarati
41d7c03e8b clear out the error 2005-01-09 23:30:19 +00:00
Pierangelo Masarati
cd2e651c26 ITS#3469: C99 compliance 2005-01-08 11:25:11 +00:00
Pierangelo Masarati
4d8267595f retry on ldap_result() with a timeout 2005-01-08 09:19:51 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
fefa59059d minor cleanup 2004-12-08 19:11:27 +00:00
Pierangelo Masarati
f176935a58 remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 14:43:30 +00:00
Pierangelo Masarati
dd367a2b78 make sure we're comparing the same database 2004-11-11 13:12:34 +00:00
Howard Chu
55f12a7eee Add a retry for failed connections 2004-10-01 11:16:38 +00:00
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Pierangelo Masarati
a7b55f4f44 assert administrative identity instead of the required one if doing auth check in non-caching mode 2004-07-23 00:11:05 +00:00
Pierangelo Masarati
277d921945 clear shared connections when ldap_result fails with -1 (typically, remote server is down); fixes ITS#3217 2004-07-04 23:35:18 +00:00
Pierangelo Masarati
1f70ad82f2 clean up unnecessary checks; don't use SASL native authz if authz ID is not static, because back-ldap pools connections... 2004-06-21 00:57:12 +00:00
Pierangelo Masarati
eca48b6f20 not sure that cyrus-sasl doesn't honor empty authz; need to check 2004-06-20 23:21:40 +00:00
Pierangelo Masarati
5bfb9fd590 make authz mode selection fully manual, plus more cleanup 2004-06-20 22:42:36 +00:00
Pierangelo Masarati
f34b11760a allow a hidden parameter to instruct the proxy that the SASL mech can do native authz; will disappear as soon as I can detect it automnatically 2004-06-19 18:18:26 +00:00
Pierangelo Masarati
e6065fb20d li->be didn't work; since it seems to be unnecessary, it's been removed; please check 2004-06-19 15:16:51 +00:00
Jong Hyuk Choi
f60f2d5048 Fix typo 2004-06-08 02:52:59 +00:00
Pierangelo Masarati
a18e199e0d more on identity assertion 2004-05-22 17:26:02 +00:00
Pierangelo Masarati
cdebc4d376 more on idassert: SASL bind/authz 2004-05-15 10:11:10 +00:00
Pierangelo Masarati
8b954144d6 reflect Kurt's comments on ID assertion 2004-05-14 10:01:22 +00:00
Pierangelo Masarati
66ddf62922 add idassert code (undocumented yet) 2004-05-13 20:25:53 +00:00
Kurt Zeilenga
44725e7303 use BER_BVNULL 2004-04-07 04:11:43 +00:00
Pierangelo Masarati
e17be551a4 fix previous commit 2004-04-06 08:47:59 +00:00
Pierangelo Masarati
6a1dd9a1cd exploit new frontend API 2 protocol error mapping; use urldesc... 2004-04-05 17:36:53 +00:00
Pierangelo Masarati
65b49dd312 add "searchFilterAttrDN" rewrite context, and allow filterstring rewrite 2004-03-10 21:11:14 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Pierangelo Masarati
529a03df53 use dedicated admin identity to proxyAuthz 2003-12-13 10:57:42 +00:00
Kurt Zeilenga
fbba83b20f notices and acknowledgements 2003-12-08 17:41:40 +00:00
Kurt Zeilenga
ed369e02af Don't search for proxy authz control unnecessarily. 
Add note regarding control use with the Bind operation.
 2003-12-01 21:49:52 +00:00
Pierangelo Masarati
cdb11fc5eb add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852) 2003-12-01 08:04:51 +00:00
Kurt Zeilenga
a3d8cda201 notices and acknowledges 2003-11-27 06:35:14 +00:00
Howard Chu
9c47359912 Bind fixes for chaining 2003-06-11 22:35:31 +00:00
Hallvard Furuseth
6362a51fe8 Printf %p expects a void pointer. 
Other pointers may have different representation.
 2003-05-22 22:00:54 +00:00
Howard Chu
b7351c66bc ITS#2511 use %p to log pointer values 2003-05-14 13:54:15 +00:00
Pierangelo Masarati
629885a269 use SLAP_PTRCMP 2003-04-18 17:16:48 +00:00
Pierangelo Masarati
6bcbe9ad31 reset passwords before freeindg them 2003-04-18 10:02:43 +00:00