Commit Graph

82 Commits

Author SHA1 Message Date
Howard Chu
55f12a7eee Add a retry for failed connections 2004-10-01 11:16:38 +00:00
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Pierangelo Masarati
a7b55f4f44 assert administrative identity instead of the required one if doing auth check in non-caching mode 2004-07-23 00:11:05 +00:00
Pierangelo Masarati
277d921945 clear shared connections when ldap_result fails with -1 (typically, remote server is down); fixes ITS#3217 2004-07-04 23:35:18 +00:00
Pierangelo Masarati
1f70ad82f2 clean up unnecessary checks; don't use SASL native authz if authz ID is not static, because back-ldap pools connections... 2004-06-21 00:57:12 +00:00
Pierangelo Masarati
eca48b6f20 not sure that cyrus-sasl doesn't honor empty authz; need to check 2004-06-20 23:21:40 +00:00
Pierangelo Masarati
5bfb9fd590 make authz mode selection fully manual, plus more cleanup 2004-06-20 22:42:36 +00:00
Pierangelo Masarati
f34b11760a allow a hidden parameter to instruct the proxy that the SASL mech can do native authz; will disappear as soon as I can detect it automnatically 2004-06-19 18:18:26 +00:00
Pierangelo Masarati
e6065fb20d li->be didn't work; since it seems to be unnecessary, it's been removed; please check 2004-06-19 15:16:51 +00:00
Jong Hyuk Choi
f60f2d5048 Fix typo 2004-06-08 02:52:59 +00:00
Pierangelo Masarati
a18e199e0d more on identity assertion 2004-05-22 17:26:02 +00:00
Pierangelo Masarati
cdebc4d376 more on idassert: SASL bind/authz 2004-05-15 10:11:10 +00:00
Pierangelo Masarati
8b954144d6 reflect Kurt's comments on ID assertion 2004-05-14 10:01:22 +00:00
Pierangelo Masarati
66ddf62922 add idassert code (undocumented yet) 2004-05-13 20:25:53 +00:00
Kurt Zeilenga
44725e7303 use BER_BVNULL 2004-04-07 04:11:43 +00:00
Pierangelo Masarati
e17be551a4 fix previous commit 2004-04-06 08:47:59 +00:00
Pierangelo Masarati
6a1dd9a1cd exploit new frontend API 2 protocol error mapping; use urldesc... 2004-04-05 17:36:53 +00:00
Pierangelo Masarati
65b49dd312 add "searchFilterAttrDN" rewrite context, and allow filterstring rewrite 2004-03-10 21:11:14 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Pierangelo Masarati
529a03df53 use dedicated admin identity to proxyAuthz 2003-12-13 10:57:42 +00:00
Kurt Zeilenga
fbba83b20f notices and acknowledgements 2003-12-08 17:41:40 +00:00
Kurt Zeilenga
ed369e02af Don't search for proxy authz control unnecessarily.
Add note regarding control use with the Bind operation.
2003-12-01 21:49:52 +00:00
Pierangelo Masarati
cdb11fc5eb add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852) 2003-12-01 08:04:51 +00:00
Kurt Zeilenga
a3d8cda201 notices and acknowledges 2003-11-27 06:35:14 +00:00
Howard Chu
9c47359912 Bind fixes for chaining 2003-06-11 22:35:31 +00:00
Hallvard Furuseth
6362a51fe8 Printf %p expects a void pointer.
Other pointers may have different representation.
2003-05-22 22:00:54 +00:00
Howard Chu
b7351c66bc ITS#2511 use %p to log pointer values 2003-05-14 13:54:15 +00:00
Pierangelo Masarati
629885a269 use SLAP_PTRCMP 2003-04-18 17:16:48 +00:00
Pierangelo Masarati
6bcbe9ad31 reset passwords before freeindg them 2003-04-18 10:02:43 +00:00
Howard Chu
d7a1eb0ea2 Fix AVL comparisons 2003-04-17 04:36:42 +00:00
Pierangelo Masarati
93abccdee3 group rewrite/map stuff in one structure and optimize more function calls 2003-04-07 16:52:59 +00:00
Pierangelo Masarati
77c4389f55 use rewrite info instead of ldapinfo for reusability in back-meta; will change soon 2003-04-07 12:53:00 +00:00
Howard Chu
68c5f6fa98 Cleanup ENABLE_REWRITE ifdefs, put into a new ldap_back_dn_massage().
All DN attrs are massaged, whether or not ENABLE_REWRITE is defined.
Use "dnAttr" rewriteContext for Add, Compare, & Modify.
Fixed ldap_back_compare.
2003-04-07 10:15:18 +00:00
Pierangelo Masarati
4235da91d4 massage bound dn only if operating on authz backend 2003-04-05 11:31:54 +00:00
Pierangelo Masarati
cb33a9ff44 minor fixes: leaks, dangling pointers, cleaner tag skip
for subschemaSubentry; still having problems with group ACLs ...
2003-04-05 01:20:55 +00:00
Pierangelo Masarati
ab3ab80ecd more args elimination + allow specific messages when mapping client API errors to LDAP_OTHER 2003-04-04 22:20:49 +00:00
Pierangelo Masarati
dfbbd11bd3 remove more unnecessary args 2003-04-04 00:43:40 +00:00
Howard Chu
a9339c99f6 Fix shared/private binds, fix entry_get malloc 2003-04-03 23:55:57 +00:00
Pierangelo Masarati
ebe0bb0b52 trim unnecessary args 2003-04-03 23:23:56 +00:00
Pierangelo Masarati
44c2d8a771 backout this for now 2003-04-03 23:09:17 +00:00
Pierangelo Masarati
d07ea8b450 need this to be able to bound searches when back-ldap and the source are on the same server; does it look fine? 2003-04-03 21:44:43 +00:00
Pierangelo Masarati
17e46d8468 cleanup and fixes 2003-04-03 21:35:27 +00:00
Howard Chu
3d0ffa1d58 Fix typos in prev commit 2003-04-02 00:40:51 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
2003-03-30 09:03:54 +00:00
Howard Chu
9f0598034e Fix do/don't send result logic 2003-02-19 00:01:22 +00:00
Howard Chu
532eea87c9 Added passwd_exop, added matchedDN rewrite for results. 2003-02-16 09:22:44 +00:00
Howard Chu
c04f3e7706 Fix previous commit 2003-02-14 09:17:42 +00:00
Howard Chu
0b6772492f Use extended async APIs to allow direct parsing of results. Otherwise
they will be interleaved in LDAP*. Avoid setting any options on the handle.
2003-02-14 05:23:45 +00:00
Howard Chu
202cf8af75 Implemented connection pooling. Requires libldap_r to allow multiple threads
to access the same LDAP* handle.
2003-02-13 23:29:56 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00