Julio Sánchez Fernández
44e371d45c
Add missing semicolon.
1999-07-23 09:45:34 +00:00
Randy Kunkee
820ac76ceb
Include sys/param.h on OSF4.0e to define MAXPATHLEN.
1999-07-23 00:59:27 +00:00
Kurt Zeilenga
d147e609d2
Implement TCP_NODELAY on both client and server side.
1999-07-22 21:49:35 +00:00
Kurt Zeilenga
f0c1fc37f5
Fix IP: typo in peername
1999-07-22 20:37:56 +00:00
Kurt Zeilenga
983f43785b
Fix "*" op-attr search
1999-07-22 20:19:18 +00:00
Kurt Zeilenga
766b78765f
Typo made all missed all aliasedobjectname values.
1999-07-22 19:17:16 +00:00
Kurt Zeilenga
c9778dd116
Implement better DN checking... make sure attribute type is
...
an OID or a proper type string (letter followed by 0 or more
alnum/-).
1999-07-22 19:06:56 +00:00
Kurt Zeilenga
68d561a97b
Add limited LDAP_INVALID_DN_SYNTAX support. dn_normalize{,_case}() now returns
...
NULL does not meet basic syntax rules.
1999-07-22 17:14:42 +00:00
Kurt Zeilenga
3f91cffa15
Fix unknown critical extensions.
1999-07-22 05:06:41 +00:00
Kurt Zeilenga
42304b7ada
Fix control parsing and controls free routine.
1999-07-22 04:47:58 +00:00
Kurt Zeilenga
0ed1a76d27
Release writer lock on new parent.
1999-07-22 03:42:02 +00:00
Kurt Zeilenga
5600097ae1
Update ACL field names and usage statement to match -devel post
1999-07-22 00:50:11 +00:00
Kurt Zeilenga
a11630f9b8
Fix maxDeref directive
1999-07-22 00:49:25 +00:00
Kurt Zeilenga
d5b1892ccc
Fix acl parse bug
1999-07-21 21:08:05 +00:00
Kurt Zeilenga
933908f72f
ACL CHANGES:
...
by <who> <access> changed to by <who>+ <access> (joined with AND)
added peername=<regex> sockname=<regex> url=<regex>
removed addr=<regex> (use peername instead).
replace dn_upcase with str2upper and str2lower. Use where needed.
1999-07-21 20:54:23 +00:00
Gary Williams
b8b68f0668
set tls_port to zero if !defined(HAVE_TLS) to satisfy assert in slapd_daemon_init
1999-07-21 15:08:50 +00:00
Julio Sánchez Fernández
f0f29cd82e
Backout the input exhaustion change, it loops. Still looking for
...
the right way.
1999-07-21 13:22:35 +00:00
Gary Williams
f4eb2feba5
use rd instead of i looking for listeners (line 848)
1999-07-20 21:55:06 +00:00
Julio Sánchez Fernández
288a28a762
Add support for TLSVerifyClient.
1999-07-20 18:05:50 +00:00
Julio Sánchez Fernández
504038ffac
Move the input data exhaustion loop to connection.c from daemon.c
1999-07-20 18:03:29 +00:00
Julio Sánchez Fernández
76227acb1f
Move the input data exhaustion loop to connection.c from daemon.c
...
Let transport (TLS or somesuch) force reading or writing on
sockets even if the higher layers think otherwise.
1999-07-20 18:02:44 +00:00
Julio Sánchez Fernández
535cc34421
If we did gethostbyname, we need no further address manipulation.
1999-07-20 11:26:44 +00:00
Kurt Zeilenga
cb94e155ae
Don't call Debug inside a signal handler
1999-07-20 07:11:56 +00:00
Kurt Zeilenga
b2937bee5b
s/struct entry/Entry/
1999-07-19 21:08:59 +00:00
Kurt Zeilenga
598c472bf9
s/backend_db/slap_backend_db/
1999-07-19 21:01:07 +00:00
Kurt Zeilenga
6847e329bc
Fix new URL startup code.
1999-07-19 20:48:19 +00:00
Kurt Zeilenga
170836751a
Namespace changes
...
added slap_ and ldbm_ to many structures
added typedefs to many structures
used typedefs
New main.c argument parsing with ldap url support (replacing -a address).
New sockaddr_in handling and support for multiple listeners.
1999-07-19 19:40:33 +00:00
Hallvard Furuseth
30b3958f94
Introduce got_<gid,uid> (the r1.4 change misbehaved with -user <root>).
...
Also free <user> in !HAVE_GETPWUID case.
1999-07-18 01:04:49 +00:00
Kurt Zeilenga
12f481d657
Import patches mistakenly applied to OPENLDAP_DEVEL_REFERRALS.
...
ldap_modify: delete of last attribute value should delete attribute (ITS#229)
thr_nt: use sleep to yield
1999-07-18 00:33:30 +00:00
Kurt Zeilenga
f92d01c2bb
fix substring_comp_candidates logic if intersection of candidates
...
is ever empty. See ITS#228.
1999-07-16 22:26:57 +00:00
Kurt Zeilenga
059ee8c86d
(re)introduce o_connid such that STATS doesn't need c_mutex (which it
...
didn't bother to acquire)...
1999-07-16 22:24:32 +00:00
Hallvard Furuseth
425bab2c47
Add comment thatPass socklen_t* instead of int* to getsockopt, accept, getpeername, recvfrom
1999-07-16 18:57:11 +00:00
Julio Sánchez Fernández
0053b27ce0
Look on connection_read() if it returns positive so it has a chance
...
to exhaust all protocol units received from the transport layer.
I think this is the necessary fix for the TLS-data-ready/
socket-not-ready issue, but I have not experimented that problem
yet, so I am unsure about its effectiveness.
Now, do we need something like that for connection_write? How would
we go about implementing it?
1999-07-16 18:53:30 +00:00
Julio Sánchez Fernández
ea8669c37d
Clear c_needs_tls_acccept on ldap_pvt_tls_accept errors
1999-07-16 18:48:13 +00:00
Hallvard Furuseth
5ab862aee7
Pass socklen_t* instead of int* to getsockopt, accept, getpeername, recvfrom
1999-07-16 18:43:10 +00:00
Julio Sánchez Fernández
68b508d2f0
Move calls to ldap_pvt_tls_accept to connection_read instead of
...
connection_init so that we get into the select() logic.
Make use of new flags in the connection.
BTW, and before I forget, it sort of works. I have connected with
a Netscape client using a secure connection and did a failed
search (my test database is empty), but the trace looked correct.
Make sure you have your CA certificate in your Netscape preinstalled.
Otherwise, the connection fails with error 0xFFFFFFFF that is rather
uninformative.
1999-07-16 15:52:17 +00:00
Julio Sánchez Fernández
a4a675f987
Two new flags in Connection. One to indicate that it is a raw TLS
...
section (that is, not SASL). The second to indicate that we need to
do SSL_accept on this connection.
1999-07-16 15:43:47 +00:00
Julio Sánchez Fernández
8af470a543
Fix syntax oid for type 2.16.840.1.113730.3.1.34 (ref)
1999-07-16 10:51:31 +00:00
Julio Sánchez Fernández
ac49f25f75
Definitely, 'dn' and 'distinguishedName' are different things. The
...
former is a pseudo attribute type used internally by slapd to represent
the distinguished name of an entry and its existance should not be
visible. The latter is an "abstract" attribute type that is not meant
to exist in practice except as supertype of other dn-valued types.
So, the definition of attribute type 2.5.4.49 has been changed to be
just distinguishedName. Work on the OPENLDAP_DEVEL_SCHEMA branch will
treat pseudo attributes especially and will not be visible to the
clients.
1999-07-16 10:39:40 +00:00
Julio Sánchez Fernández
fd8b582aa9
We should stop using SSL to refer to TLS. This is a first step.
1999-07-16 10:28:51 +00:00
Kurt Zeilenga
73276e84ae
Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS.
...
Includes support for update referral for each replicated backend.
Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world. Still testing in LDAPv3 world.
Added default referral (test009) test.
1999-07-16 02:45:46 +00:00
Kurt Zeilenga
9568a013a8
Backend lock wasn't being released properly.
1999-07-16 00:16:54 +00:00
Julio Sánchez Fernández
edb1d671f8
Initialize the TLS environment *after* reading the config files.
1999-07-15 21:07:01 +00:00
Julio Sánchez Fernández
fd49eacc4b
Parse more TLS options in slapd.conf
1999-07-15 21:05:08 +00:00
Julio Sánchez Fernández
d92c7c1c7d
A couple of options for TLS configuration. Still a conflict here,
...
the default context is initialized before the config file is read,
so the locations are not know at context initialization.
1999-07-15 15:04:02 +00:00
Julio Sánchez Fernández
1df71e1814
Get rid of two compilation warnings. One is thought to be properly
...
taken care of. The second, however, on remove_old_locks is unclear.
1999-07-14 19:51:35 +00:00
Julio Sánchez Fernández
e74ff638ba
Parsing of flag -T was falling through to the default case.
...
Init the TLS environment if necessary. Lots of things needed here,
in particular, preparing properly the default context.
1999-07-14 19:49:39 +00:00
Julio Sánchez Fernández
6d75d0f8fb
connection_init now takes one more argument that indicates whether to
...
use TLS right away or not on that connection.
1999-07-14 19:44:18 +00:00
Julio Sánchez Fernández
c18d6e7ecf
Only bind on TLS port if explicitly requested with -T, otherwise all
...
kind of conflicts happen when running tests.
1999-07-14 13:39:30 +00:00
Julio Sánchez Fernández
5b7babdee4
Bind and listen on TLS port too
1999-07-14 13:16:13 +00:00