mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,054 Commits 38 Branches 307 Tags 74 MiB
5d9479a3e8
Commit Graph

3371 Commits

Author SHA1 Message Date
Howard Chu
554311a4c8 Fix cargv leak in recursive read_config() 2002-08-07 08:22:43 +00:00
Kurt Zeilenga
4a4323e3b7 Move large string comment to just above UTF8StringValidate(). 2002-08-07 08:19:11 +00:00
Howard Chu
50d490be6c Revert previous commit 2002-08-07 06:37:11 +00:00
Howard Chu
13d13baeda In backend_operational don't add subschemaSubentry unless it was 
requested. In send_search_entry don't malloc vrFilter flags unless
a matchedValue filter was given; malloc 1 contiguous block instead
of multiple sub-arrays.
 2002-08-07 05:31:03 +00:00
Howard Chu
6862cfd97c Don't strdup conn->authz into op, just reference directly. (Conn cannot 
be freed until after all associated ops are freed.)
 2002-08-07 05:19:55 +00:00
Kurt Zeilenga
f1047b704e ITS#2010: use snprintf instead of strcpy to prevent buffer overflow 2002-08-06 19:31:00 +00:00
Kurt Zeilenga
3f2faa1a84 other->invalid 2002-08-06 05:38:49 +00:00
Kurt Zeilenga
a35d5b90fc For IA5, printable, telephone: 
Don't allow empty string values.
Treat string values with only spaces as one space.
DirectoryString needs more work (space handling needs
to be done post normalization).
 2002-08-06 05:35:59 +00:00
Kurt Zeilenga
6fdcdeb816 Add a summary to strings comment 2002-08-06 04:25:54 +00:00
Kurt Zeilenga
48f72b6862 Update string commment with examples. 2002-08-06 04:03:13 +00:00
Kurt Zeilenga
82540c5cc1 Add start of discussion of strings in LDAP/X.500 and OpenLDAP. 2002-08-06 03:52:02 +00:00
Kurt Zeilenga
3b3232f21c Fix nameAndOptionalUUID normalization, 
now uses bitStringNormalize().
 2002-08-06 03:18:02 +00:00
Kurt Zeilenga
3fbfd3064a Remove lint 2002-08-06 03:08:12 +00:00
Howard Chu
e14f471a27 Add #include "lutil.h" for lutil_str* functions 2002-08-06 02:36:34 +00:00
Howard Chu
61731500d0 ITS#1998 UTF8StringNormalize should accept all-space vals 2002-08-06 02:35:24 +00:00
Kurt Zeilenga
428c15d883 Misc clean up of last commit. 
Still need to fix my devbox so I can test this....
 2002-08-05 23:40:08 +00:00
Kurt Zeilenga
119462adfa Rework saslRegex code (not yet tested) 2002-08-05 23:16:28 +00:00
Kurt Zeilenga
64791571aa Prevent overflow in .rej creation (ITS#2007) 2002-08-05 19:44:24 +00:00
Kurt Zeilenga
c673b651e8 Set O_EXCL (ITS#2009) 2002-08-05 19:43:01 +00:00
Kurt Zeilenga
d38d19edc1 Fix lutil_str*() warnings 2002-08-05 17:56:13 +00:00
Kurt Zeilenga
526d010635 Patch: add OpenLDAPaci #public# access (ITS#2005) 
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

I couldn't find a way for an OpenLDAPaci to grant public access to an
entry, so I added a dnType #public# for that.  It is in the position
of subjectDn in the draft, which seems kind of stupid, so I put it
in the position of dnType instead.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.
 2002-08-05 17:53:39 +00:00
Kurt Zeilenga
f8c0481dd4 Patch: ACL #access-id#<invalid-DN> granted access to everyone (ITS#2006) 
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

There is a bug in OpenLDAPaci's "access-id":  If the specified DN is
invalid so dnNormalize2() fails, everyone gets access.
This means that e.g. "#access-id#[all]" gives public access, so it
might be considered a feature, but I fixed it anyway:-)  I guess that
means the change should be documented in the release notes, though.

See also ITS#2005 (add OpenLDAPaci #public# access).

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.
 2002-08-05 17:52:16 +00:00
Howard Chu
771f70eb0f Fix ITS#1994, Windows heap consistency 2002-08-03 02:57:52 +00:00
Pierangelo Masarati
40f3da36b0 need <lutil.h> for lutil_gentime 2002-08-02 10:24:03 +00:00
Pierangelo Masarati
540dbbe1ed fix previous commit 2002-08-02 10:00:44 +00:00
Kurt Zeilenga
d22612e8db ITS#1951: saslRegexp limits syntax of regular expressions 
Don't normalize regex.
Also, s/LDAP_OPERATIONS_ERROR/LDAP_OTHER/
 2002-08-01 01:10:55 +00:00
Howard Chu
d01375b200 Fix bdb_idl_union of range and list (related to ITS#1969 2002-07-31 23:43:56 +00:00
Kurt Zeilenga
838643d5ad operationsError != Internal Error 
hence, s/LDAP_OPERATIONS_ERROR/LDAP_OTHER/
 2002-07-31 22:49:02 +00:00
Kurt Zeilenga
182dcf27e2 clean up curly matching 2002-07-28 07:37:46 +00:00
Kurt Zeilenga
eb581e43e7 Fix for: 
SASL regex segmentation faults with group based acls (ITS#1978)
based, in part, by patch submitted by Simon Wilkinson <simon@sxw.org.uk>.
 2002-07-28 07:27:55 +00:00
Kurt Zeilenga
c054d8458a Fix pkiUser 2002-07-27 10:25:42 +00:00
Kurt Zeilenga
e53214b26f ITS#1965: use snprintf 2002-07-27 07:39:50 +00:00
Kurt Zeilenga
1677f178ce ITS#1985 fix: blind commit 2002-07-27 07:37:04 +00:00
Kurt Zeilenga
2f9b89b4af Improve schema error messages 2002-07-27 06:08:51 +00:00
Howard Chu
b6620f3d25 Use lutil_gentime 2002-07-27 02:10:43 +00:00
Howard Chu
5a01db28e3 Moved slap_strcopy, slap_strncopy to lutil_strcopy, lutil_strncopy 2002-07-27 00:24:02 +00:00
Kurt Zeilenga
e981dcbad5 use strongAuthRequired instead of operationsError to indicate 
authentication required before modification.
 2002-07-26 15:29:36 +00:00
Howard Chu
d6ae1d95de Include <sys/stat.h> for mkdir prototype 2002-07-26 13:24:37 +00:00
Pierangelo Masarati
90f127472d fix normalization bug; change time stamping by using createTimestamp and modifyTimestamp (related to ITS#1984) 2002-07-25 09:49:02 +00:00
Pierangelo Masarati
7e81297147 fix normalization bug (related to ITS#1984) 2002-07-25 09:48:29 +00:00
Kurt Zeilenga
4d22977f7f BootParamSyntax: be more liberal than the ABNF such that 
examples in RFC 2307 are treated as valid.
 2002-07-24 15:29:22 +00:00
Kurt Zeilenga
3b775fce8b Should allow keystring in bootParams 2002-07-24 15:19:40 +00:00
Kurt Zeilenga
8a3d02bf6b misc cleanup 2002-07-23 18:35:12 +00:00
Julius Enarusai
2168be2b4a Converted LDAP_LOG messages to use new Macro 2002-07-23 00:01:53 +00:00
Pierangelo Masarati
437014723c fix ITS#1953 2002-07-22 14:24:32 +00:00
Howard Chu
aab953ba3f Change list->range conversion again, avoid extra c_put. 2002-07-19 23:19:53 +00:00
Jong Hyuk Choi
db490b4cef change in the IDL conversion from a list to a range 2002-07-18 15:34:51 +00:00
Kurt Zeilenga
202e516450 krbName is now builtin 2002-07-16 02:42:29 +00:00
Howard Chu
e514685144 Tweak: For slap tools, don't set DB_RECOVERY flag when opening DB environment. 
This allows slapcat to run while slapd is running, otherwise causes db
corruption.
 2002-07-13 00:18:15 +00:00
Howard Chu
a073e28510 Fix setting c_authz_backend for SASL binds: 
in slap_sasl2dn, make sure it's set for base DN searches as well.
  in do_bind, don't zero it during multi-stage binds.
 2002-07-13 00:11:03 +00:00
Howard Chu
7fdb38bca9 Fix previous commit - the stub was never needed. 2002-07-12 23:43:46 +00:00
Howard Chu
f9cbbc6770 Fix order of params to sasl_setpass. Added initial stub for setpass to 
change in-directory password.
 2002-07-12 20:55:12 +00:00
Stig Venaas
bf5e3a15ca Use AF_INET instead of AF_UNSPEC when IPv6 disabled 2002-07-12 15:36:33 +00:00
Julius Enarusai
6107ba67d2 Coverted LDAP_LOG macro to use subsystem ID int values instead of string values 2002-07-11 20:33:24 +00:00
Kurt Zeilenga
ef3d895cb8 More ACL to dn="" bug fixing... and add test006-acl check 2002-07-11 01:45:22 +00:00
Kurt Zeilenga
98a2e41911 Fix ACL to dn="" bug 2002-07-11 01:35:37 +00:00
Kurt Zeilenga
32a2f291ee Change dn="" to dn.base="". 2002-07-11 01:17:41 +00:00
Kurt Zeilenga
0fffad53c3 get data if ready 2002-07-10 22:03:32 +00:00
Kurt Zeilenga
fffd84ff9f Fix matched values zero allocation bug (ITS#1931) 2002-07-09 00:20:30 +00:00
Kurt Zeilenga
4f48237d22 remove lint 2002-07-08 18:55:50 +00:00
Kurt Zeilenga
e6627e93d0 Add matchedValues 2002-07-08 18:54:52 +00:00
Stig Venaas
deb62446fe Added normalization to caseIgnoreIA5Indexer() 2002-07-07 13:22:45 +00:00
Stig Venaas
62139b6ef3 Set peeraddr also for IPv6, fixes ITS#1918 2002-07-05 20:29:15 +00:00
Stig Venaas
804490a8b1 Use IPV6_V6ONLY on IPv6 sockets if available. This way we only get IPv6 
packets on the IPv6 socket, and we receive only IPv6 with -6.
 2002-06-27 13:20:37 +00:00
Stig Venaas
6d025001da Ignore error if listen on socket bound to 0.0.0.0 fails and already 
listening on socket bound to ::
 2002-06-27 12:41:09 +00:00
Kurt Zeilenga
f708b4e94e Add krbName's definition (ITS#1913) 2002-06-26 18:43:55 +00:00
Kurt Zeilenga
0a2a381d07 Fix for "no structuralObjectClass" when lastmod is off (ITS#1904) 2002-06-25 01:04:54 +00:00
Kurt Zeilenga
3d90fcda3a authcId might be NULL 2002-06-22 21:27:38 +00:00
Howard Chu
7e8c77c5de Fix dynamic module linking 2002-06-21 01:34:53 +00:00
Kurt Zeilenga
54d5d65791 Yet another schema error bug fix 2002-06-20 20:48:19 +00:00
Kurt Zeilenga
a5f29741a6 Fix off by one error in erorr reporting 2002-06-20 20:46:16 +00:00
Kurt Zeilenga
03a4901b5f assert( e != NULL ) in entry2str() 2002-06-19 22:04:28 +00:00
Pierangelo Masarati
93dbac3caf use monitorContext for the monitor database 2002-06-19 07:57:01 +00:00
Kurt Zeilenga
0371c61073 Add monitorContext rootDSE attribute 2002-06-19 06:44:16 +00:00
Kurt Zeilenga
dec67d1ad9 Hide cn=Monitor from namingContexts 
Should add a special DN pointer
 2002-06-19 06:06:21 +00:00
Kurt Zeilenga
35749a2520 make curlies match 2002-06-18 22:41:03 +00:00
Kurt Zeilenga
ba4faad6e5 Use correct ssfs. 2002-06-18 07:31:20 +00:00
Howard Chu
cf61e03cb8 ITS#1891, debug msg in send_search_entry 2002-06-18 00:37:45 +00:00
Kurt Zeilenga
9a38d98d37 Add option to disallow unprotected simple authentication. 
Add protected simple authentication as a "strong" mechanism.
 2002-06-17 22:18:27 +00:00
Kurt Zeilenga
27fdd04153 Add -4/-6 flags to slapd to force use of IPv4 or IPv6 2002-06-15 22:01:39 +00:00
Pierangelo Masarati
bf449f33bd small cleanup 2002-06-15 18:20:41 +00:00
Pierangelo Masarati
d75249abfe define and normalize static bervals alltogether 2002-06-15 17:01:35 +00:00
Pierangelo Masarati
b9254b8ab4 should compile even without Cyrus SASL 2002-06-15 15:01:17 +00:00
Kurt Zeilenga
cbba11d7cd saslAuthzTo/From LDUP URLs should have hostnames 2002-06-14 22:03:52 +00:00
Kurt Zeilenga
04df89d972 zap unnecessary include 2002-06-14 09:10:02 +00:00
Kurt Zeilenga
3b695bc6c8 Use experimental OIDs for saslAuth attributes and hide 'em 
make the usage distributedOperation
 2002-06-14 08:25:14 +00:00
Howard Chu
077aea8127 Fix OID clash in previous commit 2002-06-14 08:16:06 +00:00
Howard Chu
07a34489c6 Added saslAuthzTo and saslAuthzFrom to system schema. 
Added sasl-authz-policy config keyword to control proxy authorization.
Moved sasl-related config processing to sasl.c:slap_sasl_config().
Moved other global defs used only in saslauthz.c into saslauthz.c.
 2002-06-14 08:10:14 +00:00
Kurt Zeilenga
ad673923a3 ITS#1882: fix typo 2002-06-13 14:50:33 +00:00
Kurt Zeilenga
b5e7208cb8 Date: Thu, 2 May 2002 08:54:59 GMT 
From: h.b.furuseth@usit.uio.no
To: openldap-its@OpenLDAP.org
Subject: Patch: Bugs with back-ldap/meta mappings

Full_Name: Hallvard B. Furuseth
Version: HEAD
OS: Linux
URL: http://folk.uio.no/hbf/OpenLDAP/back-ldap.txt
Submission from: (NULL) (158.36.148.34)


The source claims the 'map' attribute has syntax
map {objectclass | attribute}   {<source> | *}      [<dest> | *]
while it actually has syntax
map {objectclass | attribute} [<local name> | *] {<foreign name> |
*}
except that the code is confused about it.  Removed attributes are
put in both the maps for local and foreign names:
	# Remove description and present title as description instead
	map attribute	description
	map attribute	description title
-->
	slapd.conf: line 10: duplicate mapping found (ignored)

Also, map.c:ldap_back_map_attrs() loops forever on removed attributes
(ie. if one asks ldapsearch for an attribute which has been removed).
 2002-06-12 16:39:05 +00:00
Kurt Zeilenga
faf91f1f1f Update to the 'gentle SIGHUP' patch. (ITS#1679) 
- Let write operations return unwilling-to-perform after
  'gentle shutdown' has been initiated.
- Change -1 to 2 in slapd_gentle_shutdown and slapd_shutdown, since
  sig_atomic_t can be unsigned (ITS#1736).  The 'gentle SIGHUP' patch
  is older than ITS#1736 but was applied later, so it reintroduced
  the problem.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, June 2002.
 2002-06-12 15:43:19 +00:00
Howard Chu
c5c1ddb1ca Deleted Connection->c_cdn. Use conn->c_dn instead... 2002-06-12 08:38:59 +00:00
Howard Chu
a5cd5535e8 Fix typo in previous commit 2002-06-12 04:12:51 +00:00
Howard Chu
6d1a322f73 Finished slap_sasl_setpass for Cyrus 1.5; Cyrus 2.1 is incomplete. 
Added conn->c_sasl_dn, streamlined slap_sasl_bind.
 2002-06-12 04:05:48 +00:00
Kurt Zeilenga
1410b3e7d9 An almost complete slap_sasl_setpass() 2002-06-12 00:13:29 +00:00
Kurt Zeilenga
d6e7f0f630 Rework c_authzid_backend in preparation for sasl_setpass() support 2002-06-11 22:56:47 +00:00
Kurt Zeilenga
4d3b4f9eb8 return PROTOCOL_ERROR if reqdata is empty. 2002-06-10 19:56:17 +00:00
Jong Hyuk Choi
09a2a8fbce DB_RMW flag to dn2id and id2entry 2002-06-10 19:02:25 +00:00
Kurt Zeilenga
116e165a5c Be less forgiving (don't ignore so many configuration errors) 2002-06-08 18:38:52 +00:00
Kurt Zeilenga
a784e4d054 Add rootdn check when rootpw is set. 2002-06-08 18:04:43 +00:00