mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
15,150 Commits 38 Branches 307 Tags 74 MiB
55b5685425
Commit Graph

203 Commits

Author SHA1 Message Date
Pierangelo Masarati
a7f44159c1 complete back-config support, including chain overlay; passes all tests; HEADS-UP: few syntax changes (essentially backwards compatible) 2005-05-23 07:25:00 +00:00
Pierangelo Masarati
471f4772a0 cleanup connection locking 2005-04-21 00:49:35 +00:00
Pierangelo Masarati
a141e3badf enable use of asynchronous call to StartTLS 2005-04-16 02:56:46 +00:00
Pierangelo Masarati
5affbfa428 add SASL bind for acl-authc; use slap_bindconf 2005-04-10 23:44:06 +00:00
Pierangelo Masarati
edfbbeb653 clarify comment 2005-02-19 16:55:14 +00:00
Pierangelo Masarati
f8b463d0bc use asynchronous StartTLS 2005-02-19 16:14:22 +00:00
Howard Chu
beaeb5ed5c Fix if HAVE_TLS is missing 2005-02-18 04:20:56 +00:00
Pierangelo Masarati
e50092878d temporarily revert to synchronous start tls 2005-02-05 17:33:22 +00:00
Pierangelo Masarati
43138aa500 use asynchronous Start TLS exop; allow propagating TLS if used in the original connection; minor cleanup 2005-02-05 15:55:02 +00:00
Howard Chu
122cdf4549 In ldap_back_bind, don't send success result, frontend does it 2005-02-01 00:19:45 +00:00
Pierangelo Masarati
cfc77f0a0a make referrals chasing optional (default is to chase them) 2005-01-30 22:56:59 +00:00
Pierangelo Masarati
3dd2f4150b allow proxyAuthz of users authenticated via SASL 2005-01-26 20:01:02 +00:00
Pierangelo Masarati
c6b6d2a5ec StartTLS (ITS#3507) + chain overlay fixes and improvements 2005-01-24 09:38:11 +00:00
Pierangelo Masarati
1d919d35a5 remove #ifdef's for identity assertion 2005-01-20 09:04:37 +00:00
Pierangelo Masarati
41d7c03e8b clear out the error 2005-01-09 23:30:19 +00:00
Pierangelo Masarati
cd2e651c26 ITS#3469: C99 compliance 2005-01-08 11:25:11 +00:00
Pierangelo Masarati
4d8267595f retry on ldap_result() with a timeout 2005-01-08 09:19:51 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
fefa59059d minor cleanup 2004-12-08 19:11:27 +00:00
Pierangelo Masarati
f176935a58 remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 14:43:30 +00:00
Pierangelo Masarati
dd367a2b78 make sure we're comparing the same database 2004-11-11 13:12:34 +00:00
Howard Chu
55f12a7eee Add a retry for failed connections 2004-10-01 11:16:38 +00:00
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Pierangelo Masarati
a7b55f4f44 assert administrative identity instead of the required one if doing auth check in non-caching mode 2004-07-23 00:11:05 +00:00
Pierangelo Masarati
277d921945 clear shared connections when ldap_result fails with -1 (typically, remote server is down); fixes ITS#3217 2004-07-04 23:35:18 +00:00
Pierangelo Masarati
1f70ad82f2 clean up unnecessary checks; don't use SASL native authz if authz ID is not static, because back-ldap pools connections... 2004-06-21 00:57:12 +00:00
Pierangelo Masarati
eca48b6f20 not sure that cyrus-sasl doesn't honor empty authz; need to check 2004-06-20 23:21:40 +00:00
Pierangelo Masarati
5bfb9fd590 make authz mode selection fully manual, plus more cleanup 2004-06-20 22:42:36 +00:00
Pierangelo Masarati
f34b11760a allow a hidden parameter to instruct the proxy that the SASL mech can do native authz; will disappear as soon as I can detect it automnatically 2004-06-19 18:18:26 +00:00
Pierangelo Masarati
e6065fb20d li->be didn't work; since it seems to be unnecessary, it's been removed; please check 2004-06-19 15:16:51 +00:00
Jong Hyuk Choi
f60f2d5048 Fix typo 2004-06-08 02:52:59 +00:00
Pierangelo Masarati
a18e199e0d more on identity assertion 2004-05-22 17:26:02 +00:00
Pierangelo Masarati
cdebc4d376 more on idassert: SASL bind/authz 2004-05-15 10:11:10 +00:00
Pierangelo Masarati
8b954144d6 reflect Kurt's comments on ID assertion 2004-05-14 10:01:22 +00:00
Pierangelo Masarati
66ddf62922 add idassert code (undocumented yet) 2004-05-13 20:25:53 +00:00
Kurt Zeilenga
44725e7303 use BER_BVNULL 2004-04-07 04:11:43 +00:00
Pierangelo Masarati
e17be551a4 fix previous commit 2004-04-06 08:47:59 +00:00
Pierangelo Masarati
6a1dd9a1cd exploit new frontend API 2 protocol error mapping; use urldesc... 2004-04-05 17:36:53 +00:00
Pierangelo Masarati
65b49dd312 add "searchFilterAttrDN" rewrite context, and allow filterstring rewrite 2004-03-10 21:11:14 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Pierangelo Masarati
529a03df53 use dedicated admin identity to proxyAuthz 2003-12-13 10:57:42 +00:00
Kurt Zeilenga
fbba83b20f notices and acknowledgements 2003-12-08 17:41:40 +00:00
Kurt Zeilenga
ed369e02af Don't search for proxy authz control unnecessarily. 
Add note regarding control use with the Bind operation.
 2003-12-01 21:49:52 +00:00
Pierangelo Masarati
cdb11fc5eb add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852) 2003-12-01 08:04:51 +00:00
Kurt Zeilenga
a3d8cda201 notices and acknowledges 2003-11-27 06:35:14 +00:00
Howard Chu
9c47359912 Bind fixes for chaining 2003-06-11 22:35:31 +00:00
Hallvard Furuseth
6362a51fe8 Printf %p expects a void pointer. 
Other pointers may have different representation.
 2003-05-22 22:00:54 +00:00
Howard Chu
b7351c66bc ITS#2511 use %p to log pointer values 2003-05-14 13:54:15 +00:00
Pierangelo Masarati
629885a269 use SLAP_PTRCMP 2003-04-18 17:16:48 +00:00
Pierangelo Masarati
6bcbe9ad31 reset passwords before freeindg them 2003-04-18 10:02:43 +00:00
Howard Chu
d7a1eb0ea2 Fix AVL comparisons 2003-04-17 04:36:42 +00:00
Pierangelo Masarati
93abccdee3 group rewrite/map stuff in one structure and optimize more function calls 2003-04-07 16:52:59 +00:00
Pierangelo Masarati
77c4389f55 use rewrite info instead of ldapinfo for reusability in back-meta; will change soon 2003-04-07 12:53:00 +00:00
Howard Chu
68c5f6fa98 Cleanup ENABLE_REWRITE ifdefs, put into a new ldap_back_dn_massage(). 
All DN attrs are massaged, whether or not ENABLE_REWRITE is defined.
Use "dnAttr" rewriteContext for Add, Compare, & Modify.
Fixed ldap_back_compare.
 2003-04-07 10:15:18 +00:00
Pierangelo Masarati
4235da91d4 massage bound dn only if operating on authz backend 2003-04-05 11:31:54 +00:00
Pierangelo Masarati
cb33a9ff44 minor fixes: leaks, dangling pointers, cleaner tag skip 
for subschemaSubentry; still having problems with group ACLs ...
 2003-04-05 01:20:55 +00:00
Pierangelo Masarati
ab3ab80ecd more args elimination + allow specific messages when mapping client API errors to LDAP_OTHER 2003-04-04 22:20:49 +00:00
Pierangelo Masarati
dfbbd11bd3 remove more unnecessary args 2003-04-04 00:43:40 +00:00
Howard Chu
a9339c99f6 Fix shared/private binds, fix entry_get malloc 2003-04-03 23:55:57 +00:00
Pierangelo Masarati
ebe0bb0b52 trim unnecessary args 2003-04-03 23:23:56 +00:00
Pierangelo Masarati
44c2d8a771 backout this for now 2003-04-03 23:09:17 +00:00
Pierangelo Masarati
d07ea8b450 need this to be able to bound searches when back-ldap and the source are on the same server; does it look fine? 2003-04-03 21:44:43 +00:00
Pierangelo Masarati
17e46d8468 cleanup and fixes 2003-04-03 21:35:27 +00:00
Howard Chu
3d0ffa1d58 Fix typos in prev commit 2003-04-02 00:40:51 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are 
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
 2003-03-30 09:03:54 +00:00
Howard Chu
9f0598034e Fix do/don't send result logic 2003-02-19 00:01:22 +00:00
Howard Chu
532eea87c9 Added passwd_exop, added matchedDN rewrite for results. 2003-02-16 09:22:44 +00:00
Howard Chu
c04f3e7706 Fix previous commit 2003-02-14 09:17:42 +00:00
Howard Chu
0b6772492f Use extended async APIs to allow direct parsing of results. Otherwise 
they will be interleaved in LDAP*. Avoid setting any options on the handle.
 2003-02-14 05:23:45 +00:00
Howard Chu
202cf8af75 Implemented connection pooling. Requires libldap_r to allow multiple threads 
to access the same LDAP* handle.
 2003-02-13 23:29:56 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Pierangelo Masarati
a9c902a7ca improve error messages 2002-11-10 18:16:43 +00:00
Pierangelo Masarati
58b860a15e fix server-size controls handling in back-{ldap,meta} 2002-08-29 15:07:18 +00:00
Pierangelo Masarati
7e2317c842 add server side controls to back-ldap and back-meta 2002-08-29 14:39:31 +00:00
Kurt Zeilenga
838643d5ad operationsError != Internal Error 
hence, s/LDAP_OPERATIONS_ERROR/LDAP_OTHER/
 2002-07-31 22:49:02 +00:00
Julius Enarusai
6107ba67d2 Coverted LDAP_LOG macro to use subsystem ID int values instead of string values 2002-07-11 20:33:24 +00:00
Howard Chu
c5c1ddb1ca Deleted Connection->c_cdn. Use conn->c_dn instead... 2002-06-12 08:38:59 +00:00
Howard Chu
c7262c7599 Added rebind-as-user option; saves bind credentials and sets a rebind_proc 
to allow chasing referrals using the same user's credentials.
 2002-04-25 02:05:34 +00:00
Pierangelo Masarati
4a8ab5dbf2 Mostly based on patches provided by Hallvard B. Furuseth 
ITS#1677 - cast away const warnings
ITS#1678 - unsigned char args to ctype funcs
ITS#1682 - don't redefine ldap_debug
ITS#1683 - uninitialized vars
ITS#1703 - ldo_debug initialization
ITS#1705 - unsigned testing
ITS#1706 - socklen_t args
ITS#1719 - back-tcl update (other cleanups/fixes/improvements; yet untested)
ITS#1724 - integerNormalize/integerFilter/integerIndexer bugs
ITS#1725 - libdes not required

Implement back-null (/dev/null style backend)
Cleanup some misc warnings ("%lu" format, unused/uninitialized vars,
        ambiguous operator precedence)

Kurt, please regenerate configure
 2002-04-08 09:43:22 +00:00
Pierangelo Masarati
f83fd25872 as a temporary hack, return result without rewriting match 2002-01-22 08:17:02 +00:00
Howard Chu
ce7d8d26f2 Changed conn->c_cdn to struct berval. 2002-01-06 03:26:09 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
6b413395fd More struct beral conversion 2001-12-28 04:20:08 +00:00
Pierangelo Masarati
e2fdaed3c7 some char* to berval fixes 2001-12-26 20:47:41 +00:00
Howard Chu
d474789d0d First pass at converting bind to struct bervals 2001-12-26 11:41:38 +00:00
Pierangelo Masarati
395cc1d7bb added new log; minor cleanup of rewrite stuff 2001-05-16 22:55:44 +00:00
Pierangelo Masarati
74fa239a20 This is the commit of: 
- librewrite, for string rewriting; it may be used in back-ldap
    by configuring with '--enable-rewrite'. It must be used in
    back-meta. There's a text file, 'libraries/librewrite/RATIONALE',
    that explains the usage and the features. More comprehensive
    documentation will follow.
  - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137)
    including dn rewriting, a fix to group acl matching and so
  - back-meta: a new backend that proxies a set of remote servers
    by spawning queries. It uses portions of back-ldap and the rewrite
    capabilities of librewrite. It can be compiled by configuring
    with `--enable-ldap --enable-rewrite --enable-meta'.
    There's a text file, 'servers/slapd/back-meta/Documentation', that
    describes the main features and config statements.

Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as
my autoconf version must be different: my configures contain a number
of differences and I didn't feel comfortable in adding them :)
 2001-05-12 00:51:28 +00:00
Mark Valence
6e6118c6cc attribute & objectclass mapping rules 2001-02-19 19:14:12 +00:00
Howard Chu
4703fe82b2 Pierangelo Masarati's bugfixes and enhancements for suffix-massaging. 
See the Changes file for detailed description.
 2001-01-19 21:27:20 +00:00
Kurt Zeilenga
c55a82baa2 Mark as "altered version" 2001-01-17 07:09:22 +00:00
Howard Chu
e2ff92c6fc Set outbound connection to use the same protocol version as the inbound. 2000-11-11 03:01:00 +00:00
Howard Chu
99c88eace1 Fix: remap API error codes into protocol error codes before sending 
back to client.
 2000-10-23 13:32:14 +00:00
Mark Valence
3d599d1bd3 Use "uri" directive (instead of "server") to specify server. Add "bin 
ddn" and "bindpw" directives for supporting group lookups.
 2000-06-05 04:59:26 +00:00
Kurt Zeilenga
a5c2403eb1 const'ification 2000-05-22 03:55:03 +00:00
Kurt Zeilenga
60802201e3 Const'ification 
SASL mech removed from backend bind callback (as SASL is managed by frontend)
Changes to some backends are untested (as I don't have all dependent
  software install)
 2000-05-22 03:46:57 +00:00
Kurt Zeilenga
28d7d099be LDAP_OPERATIONS -> LDAP_OTHER 2000-04-19 13:42:08 +00:00
Howard Chu
f991ef04e6 Added mixed-case as well as up-cased DN argument. The behavior of back-bdb2 
and back-ldbm are preserved, they only use the up-cased DNs. back-passwd
uses the mixed-case DN. All others are using mixed-case DN, may need more
fixing.
 1999-09-18 23:40:03 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers. 
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
 1999-09-08 19:06:24 +00:00
Hallvard Furuseth
c09a2c63e7 Cleanup: 
Fix printf formats, remove unused variables, add missing prototypes in slapd,
add static/const, add some return types or change to void return type.
 1999-09-02 08:05:17 +00:00
Kurt Zeilenga
73276e84ae Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS. 
Includes support for update referral for each replicated backend.
	Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world.  Still testing in LDAPv3 world.
Added default referral (test009) test.
 1999-07-16 02:45:46 +00:00
Kurt Zeilenga
a7dfc2aada Add sasl "mech" argument to backend bind routines. 1999-06-29 03:29:26 +00:00
Kurt Zeilenga
ccad4c8225 s/LDAP_OPT_MATCH_STRING/LDAP_OPT_MATCHED_DN/ 1999-06-05 20:27:43 +00:00
Howard Chu
967d1dcb2d For ITS#157: Added LDAP backend for slapd, which also required adding 
LDAP_OPT_MATCH_STRING to ldap.h and libldap/options.c.
 1999-05-26 02:35:20 +00:00