Commit Graph

149 Commits

Author SHA1 Message Date
Kurt Zeilenga
f9b2a8a1d2 ITS#3557: {SSHA} not default due to missing include 2005-02-27 16:46:45 +00:00
Pierangelo Masarati
7348603a53 fix ITS#3484 2005-01-12 23:22:56 +00:00
Pierangelo Masarati
6f2ffa30ed fix ACL value checking for bind (ITS#3446) 2005-01-07 13:50:38 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Howard Chu
916e931065 Always exclude subordinates from top-level ops so glue overlay can
intercept. Now a single syncprov works over the entire glued context.
2004-12-04 19:26:22 +00:00
Howard Chu
e6dd9ec8a2 More Opheader fixes 2004-11-26 10:10:29 +00:00
Howard Chu
90cc409325 Split Operation into Opheader and op 2004-11-25 22:59:00 +00:00
Howard Chu
7e87f54716 Revert ITS#3353 patch, it needs to be reworked. 2004-10-06 05:51:38 +00:00
Howard Chu
fda3d6260e ITS#3353 consolidate slapd globals into a single struct 2004-10-01 07:33:16 +00:00
Jong Hyuk Choi
5c0581b184 Modified @oc supprot code to the share anlist routines; Revised anlist routines 2004-09-23 02:48:14 +00:00
Jong Hyuk Choi
98dc97bcb9 memory leak fixes 2004-09-11 02:02:09 +00:00
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Pierangelo Masarati
dbb4593d75 rework passwd_extop to comply with rwm requirements... 2004-07-20 00:22:05 +00:00
Pierangelo Masarati
a11dc61e05 rework be_isupdate accordingly to be_isroot 2004-04-06 09:42:40 +00:00
Kurt Zeilenga
37ef5350bd Rework return of update referrals 2004-04-06 00:47:21 +00:00
Pierangelo Masarati
0f867b9577 revert erroneous commit; cure the test the right way 2004-04-05 23:47:17 +00:00
Pierangelo Masarati
0b37fb4eb1 check in portions of code is done on length rather than pointer 2004-04-05 17:25:22 +00:00
Howard Chu
54fba01be2 ITS#3036 check for syncrepl 2004-03-25 09:40:02 +00:00
Kurt Zeilenga
45332097a6 password always replaces old passwords 2004-03-17 22:21:21 +00:00
Howard Chu
71bc8817e6 Revert "delete old" change; doesn't work for salted hashes. 2004-03-16 04:24:39 +00:00
Howard Chu
075137b8dd Fix prev commit 2004-03-16 03:24:08 +00:00
Howard Chu
db52f51943 Preserve old slap_passwd_hash() signature, add slap_passwd_hash_type() 2004-03-15 20:58:41 +00:00
Howard Chu
0c9b308781 Delete old password if provided 2004-03-15 19:52:17 +00:00
Pierangelo Masarati
2d8467d480 declarations must occur before instructions 2004-03-08 11:01:52 +00:00
Howard Chu
4504b48c6b default_passwd_hash now takes a list of schemes
passwordModify exop will generate all the configured hashes
2004-03-02 22:12:23 +00:00
Howard Chu
b480d7c9ff Added pwdexop request structure to avoid redundant parsing 2004-02-29 19:04:34 +00:00
Pierangelo Masarati
1dd604fb04 fix ITS#2900 2004-01-05 18:32:27 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Howard Chu
e933f076cc Better fix for ITS#2512. Use callback to invoke replog before sending
result to client.
2003-12-25 15:01:53 +00:00
Howard Chu
4c1ce5a02a Fix prev commit 2003-12-24 23:48:07 +00:00
Howard Chu
d31230f859 Fix replog sequencing - assign sequence numbers at beginning of operation,
instead of getting a timestamp at the end. This makes it possible for
slurpd to sort the log later.
2003-12-23 18:48:36 +00:00
Howard Chu
be1a728c5b Added sc_next and sc_cleanup to slap_callback 2003-12-07 08:51:23 +00:00
Kurt Zeilenga
fc11d8312c ITS#2861 fix: don't try to dup a NULL reqdata... 2003-12-05 19:54:42 +00:00
Howard Chu
49b0985c88 Fix prev commit, return generated passwd 2003-12-02 00:49:26 +00:00
Howard Chu
b552cdb5c7 Let the backend have a crack at the op (for back-ldap etc.), then do it
in the frontend if the backend doesn't.
2003-12-01 12:51:54 +00:00
Howard Chu
94f7141dda Consolidate passwd extop in frontend 2003-12-01 12:38:11 +00:00
Pierangelo Masarati
bd134e22e5 ITS#2851 2003-12-01 11:12:04 +00:00
Kurt Zeilenga
4e15a84452 Updated notices 2003-11-27 01:17:14 +00:00
Jong Hyuk Choi
1fdda703e6 Support multiple sync replication at the consumer :
1) simultaneous operation of multiple active sync replication threads
2) cookie management for individual sync replication thread
   (include rid=%3d to the slapd cookie command line option (-c))
2003-11-26 19:49:47 +00:00
Kurt Zeilenga
ce4b199485 Syncrepl code cleanup (namely prefix struct field names) 2003-10-22 05:19:30 +00:00
Kurt Zeilenga
767cf365ea Initial fix for berbuf alignment bug (ITS#2760)
Needs to be applied to other stack allocated berbufs.
2003-10-12 04:45:09 +00:00
Kurt Zeilenga
8f0bc2d55b cleanup 2003-09-15 21:53:58 +00:00
Jong Hyuk Choi
090ac0a772 unifdef LDAP_SYNC and LDAP_SYNCREPL 2003-08-27 22:16:04 +00:00
Jong Hyuk Choi
cc6f31782d - partial attribute replication tested ok
- conf file processing udpate
- misc updates
2003-07-02 14:51:23 +00:00
Jong Hyuk Choi
7087a8f58d ITS#2618 fix 2003-06-27 20:29:32 +00:00
Jong Hyuk Choi
86196e11a0 - syncrepl uses LDAP URL only 2003-06-23 14:15:28 +00:00
Jong Hyuk Choi
e8cd5c2386 - LDAP_SYNCREPL defined in include/ldap.h
- add "updatedn" to the replication specification
- return referral to update to the slave server
2003-05-01 23:39:29 +00:00
Howard Chu
46e2b97757 ITS#2424 use two SASL contexts per session to conform to RFC 2222 2003-05-01 04:11:57 +00:00
Howard Chu
7e2273b30e Added errmsg arg to lutil_passwd_{check,hash} functions 2003-04-30 07:52:05 +00:00
Howard Chu
fa9bf23501 Minor cleanup 2003-03-31 07:49:34 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
2003-03-30 09:03:54 +00:00
Howard Chu
d6dab5dfb4 Suppress warning 2003-02-16 12:22:06 +00:00
Howard Chu
65bf90ff73 Use struct berval for exop reqoid everywhere. Define berval constants
for the known exops.
2003-02-16 06:15:28 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Pierangelo Masarati
7091853dfc ITS#2176: Change password on slave when multimaster is enabled (do not use multimaster) 2002-11-22 00:56:20 +00:00
Kurt Zeilenga
3a17376dfd s/256/LBER_ELEMENT_SIZEOF/
set LBER_ELEMENT_SIZEOF to 256
maybe this should be set to N*sizeof(size_t) or something
2002-10-07 21:01:47 +00:00
Julius Enarusai
6107ba67d2 Coverted LDAP_LOG macro to use subsystem ID int values instead of string values 2002-07-11 20:33:24 +00:00
Kurt Zeilenga
1410b3e7d9 An almost complete slap_sasl_setpass() 2002-06-12 00:13:29 +00:00
Kurt Zeilenga
d6e7f0f630 Rework c_authzid_backend in preparation for sasl_setpass() support 2002-06-11 22:56:47 +00:00
Kurt Zeilenga
4d3b4f9eb8 return PROTOCOL_ERROR if reqdata is empty. 2002-06-10 19:56:17 +00:00
Kurt Zeilenga
4832cc09d3 Fix bogus assert. 2002-05-31 20:23:33 +00:00
Kurt Zeilenga
af02eee0d5 Reworking backend_check_restrictions for extensions
Should resolve ITS#1781.
2002-05-01 01:04:57 +00:00
Kurt Zeilenga
a1d757a038 Check components of extensible match filter sooner than later. 2002-03-12 23:07:07 +00:00
Pierangelo Masarati
a1b65bcdfe detect unavailable hash algorithms at startup 2002-03-09 11:02:32 +00:00
Howard Chu
933f6a5fdd For ITS#1601, add ber_init2() using given buffer in-place instead of
allocating a copy.
2002-02-14 13:32:40 +00:00
Kurt Zeilenga
14662be692 Add whoami extended operation.
Add no-op control (needs backend implementation)
Updated modify password extended option API
Kludged control infrastructure to support frontend only controls
2002-01-28 20:25:30 +00:00
Howard Chu
ac1332cdb8 Renamed BVarray to BerVarray. Moved slapd:bvarray_{add,free} to
liblber:ber_bvarray_{add,free}.
2002-01-14 01:43:17 +00:00
Howard Chu
ec46a2f33a Use 'm' ber_scanf format where convenient 2002-01-06 06:11:01 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
f52cc9bab5 Change struct berval ** to BVarray 2002-01-02 11:00:36 +00:00
Howard Chu
74cd06efdd Fix previous commit 2001-12-31 06:09:29 +00:00
Howard Chu
9383bf3265 Use ber_free_buf 2001-12-31 06:02:35 +00:00
Kurt Zeilenga
5ee89d6167 Use struct berval DNs for root DN and update DN 2001-12-25 00:05:26 +00:00
Howard Chu
2f3399265c Changed sai_dn, sai_ndn to struct berval. (Affects op->o_dn,o_ndn,
conn->c_dn,c_ndn, Access->a_dn_pat)
2001-12-24 15:11:01 +00:00
Kurt Zeilenga
82fad7d0c8 First stable an implementing latest namedref specification.
Includes rewriting of URLs where the DN of the referral object
and the DN of the ref attribute attribute are not the same.
Also, always returns explicit DN and scope.
Currently, back-ldbm only.  Needs to be ported to back-bdb.
2001-10-26 02:05:14 +00:00
Kurt Zeilenga
87dc3e2091 Use SMD5 is SHA1 is not available 2001-05-02 19:46:30 +00:00
Gary Williams
f49fd8a98e fix format 2001-01-17 16:35:53 +00:00
Gary Williams
ffcdc6d11d More new logging (Behind NEW_LOGGING) 2001-01-15 19:17:29 +00:00
Kurt Zeilenga
c42c2847cf Fix SLAPD_SPASSWD typo which caused passwd_mutex not to be used
consistently.
2000-10-09 19:09:28 +00:00
Kurt Zeilenga
4617f2e946 Fix SPASSWD merge for real 2000-09-20 17:34:06 +00:00
Kurt Zeilenga
31dd2fb5eb Fix merge of SPASSWD changes 2000-09-20 17:13:36 +00:00
Kurt Zeilenga
50714d2d48 merge changes from authPassword work which should fix SPASSWD code... 2000-09-20 00:28:57 +00:00
Kurt Zeilenga
bf3df2f7a6 restrictops, requires, disallow knobs; ssf acls; and misc other changes
man pages to follow...
2000-08-28 18:38:48 +00:00
Kurt Zeilenga
2d3e998c3c Remove extended op callback function... doesn't provide necessary locking 2000-08-26 02:13:52 +00:00
Kurt Zeilenga
49f4147385 Added -llber 'N' ber_printf format which inserts a NULL if
an internal flag set.  Used for SEQUENCE testing.  Flag must
be set using debugger.  Modified ber_printf to use new format
were needed for extensibility testing.

Added first cut -lldap support for extended responses.
Modified ldapsearch(1) to handle v3 search references when not
chasing.  Also added extended/unsolicited notification handling
and extended partial response handling.  Changes include a
number of LDIF enhancements.

Fixed getpassphrase() returns NULL bugs
2000-06-24 01:40:39 +00:00
Kurt Zeilenga
60802201e3 Const'ification
SASL mech removed from backend bind callback (as SASL is managed by frontend)
Changes to some backends are untested (as I don't have all dependent
  software install)
2000-05-22 03:46:57 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Bastiaan Bakker
14418bdff3 Avoid C++ keyword 'new' in header files. 2000-04-30 15:26:51 +00:00
Kurt Zeilenga
5681a79d96 StartTLS now grabs conn->c_mutex before mucking with connection.
Add comment concerning sequencing issues which need to be resolved
by reworking of connection state machine.  Add note that a race
condition exists until this rework is complete.
Rework extended operations to return pointer to static error text.
2000-03-02 20:36:53 +00:00
Kurt Zeilenga
34197ca974 ITS#464: Fix multiple password support 2000-02-24 17:59:10 +00:00
Kurt Zeilenga
6253e7c278 Updated sasl response to support returning of referrals.
Updates to extended operation framework to support arbitrary
referrals and extended results without OIDs.
Updated passwd extended operation to support returning update_refs
as needed.  Needs replog support.
1999-12-15 23:22:47 +00:00
Kurt Zeilenga
fe5608c4d5 Wrap request/response bervals in a sequence. 1999-12-11 19:33:45 +00:00
Kurt Zeilenga
431dad371c Fix slapd SASL/ExternalOps encoding
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
1999-12-10 04:52:32 +00:00
Kurt Zeilenga
1b787171fc Place passwd extended op into builtin list. 1999-12-09 23:05:15 +00:00
Kurt Zeilenga
354d0d5b50 Modify password code such that backend end routine calls into
frontend to complete parsing of extended op reqdata.
Modify password extended operation to allow optional id (DN)
entry to change (not tested).  Also, provide room to allow
server side password generation (not implemented).  Added optional old
password field to support proxying (not implemented).
Need to implement replog() support.
1999-12-09 21:30:32 +00:00
Kurt Zeilenga
5e12c84a6f Add simple password test program.
Rework lutil_passwd routines to use struct berval instead of strings.
1999-12-09 01:11:16 +00:00
Kurt Zeilenga
d5edb4bff6 Reengineered ldappasswd(1). Uses extended operation to set
user password.  Likely to be modified to use bind control
instead.  Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Kurt Zeilenga
831bfa760e reduce slap_passwd_check to simple form 1999-12-06 21:42:10 +00:00
Kurt Zeilenga
42bb3e2e85 Move userPassord and krbName authentication routines to the frontend. 1999-11-23 19:00:09 +00:00