mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
20,320 Commits 38 Branches 307 Tags 74 MiB
68ffed7130
Commit Graph

280 Commits

Author SHA1 Message Date
Howard Chu
9326c2b313 ITS#3845 allow rootpw to be used for rootdn SASL binds, based on 
patch from Jason Townsend
 2005-08-14 08:00:54 +00:00
Luke Howard
71d76fbeba slap_mods2entry() should not zero pointers into the modifications 
list because checking is performed on these, rather than the entry.

slap_mods_free() now takes an extra argument indicating whether to
free the values or not.
 2005-08-01 02:16:02 +00:00
Hallvard Furuseth
e404a15082 Cleanup 2005-07-31 18:17:13 +00:00
Hallvard Furuseth
a7f82239b6 assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL). 2005-07-22 14:35:16 +00:00
Pierangelo Masarati
49619058ee really fix the invalid free issue (I totally overlooked this piece of code) 2005-07-21 20:23:47 +00:00
Pierangelo Masarati
1efe2e80f4 attempt to fix invalid free 2005-07-21 18:17:58 +00:00
Hallvard Furuseth
81ecb0b153 assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL). 2005-07-18 06:22:33 +00:00
Howard Chu
46fab05997 ITS#3846 don't give hashed passwords to SASL, it only wants cleartext. 2005-07-08 06:02:00 +00:00
Hallvard Furuseth
8a696d21b2 Format fixes (%d<->%lu etc) 2005-07-04 05:29:12 +00:00
Howard Chu
8f58409749 Add SLAP_MOD_INTERNAL flag to Modifications, allow internal ops to bypass 
ACL checks when modifying user-modifiable attributes as non-root user.
 2005-06-04 09:44:39 +00:00
Kurt Zeilenga
18c3f9e093 Add manage obsolete attributes capability. 2005-05-13 23:51:43 +00:00
Kurt Zeilenga
3e800f20bd <limits.h> cleanup && ITS#3643 2005-04-10 19:32:14 +00:00
Howard Chu
bf0373b486 Add conn->c_sasl_authz_dn, store SASL authzDN separately from authcDN 2005-04-03 09:38:53 +00:00
Howard Chu
2da2336ac6 Reorganiza SLAPD_CRYPT and SLAPD_SPASSWD support for better reentrancy 2005-03-18 06:06:38 +00:00
Howard Chu
89210b7100 Added ldap_pvt_sasl_secprops_unparse, slap_sasl_secprops_unparse 2005-03-01 11:42:31 +00:00
Howard Chu
dfb6f870f6 Rearrange, merge sasl config back into main config 2005-02-20 06:47:54 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
2f5e17d056 improve usability of global ovrlays for write operations; may need to anticipate SLAPI accordingly. More work needed for add (overlays need to understand they're global and call slap_mods2entry() explicitly) 2004-12-11 17:48:15 +00:00
Pierangelo Masarati
f3a959970e hardcode "uid" into slapd & improve previous commit 2004-12-07 10:01:48 +00:00
Pierangelo Masarati
cc78fb525b ITS#3419: values in built auth DNs may need DN escaping, so build them via ldap_dn2bv 2004-12-06 15:17:23 +00:00
Howard Chu
90cc409325 Split Operation into Opheader and op 2004-11-25 22:59:00 +00:00
Kurt Zeilenga
38c7e86d67 ITS#3311: check sasl_auxprop_add_plugin return 
cleanup
 2004-10-11 20:52:31 +00:00
Howard Chu
7e87f54716 Revert ITS#3353 patch, it needs to be reworked. 2004-10-06 05:51:38 +00:00
Howard Chu
fda3d6260e ITS#3353 consolidate slapd globals into a single struct 2004-10-01 07:33:16 +00:00
Pierangelo Masarati
761f287943 multiple precision with BIGNUM/gmp/ulong 2004-09-26 22:58:47 +00:00
Jong Hyuk Choi
98dc97bcb9 memory leak fixes 2004-09-11 02:02:09 +00:00
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Pierangelo Masarati
b29808f4ae cleanup function name in log 2004-07-20 00:32:43 +00:00
Pierangelo Masarati
b94d5e17e2 rework op/rs structures to deal with opeartional attributes 2004-07-18 21:44:29 +00:00
Pierangelo Masarati
d1b692ceb4 clarify no limits in (internal) searches 2004-06-12 11:33:21 +00:00
Kurt Zeilenga
1372965d89 ITS#3092: Rename sl_free() and friends to slap_sl_free() 2004-04-20 03:44:57 +00:00
Kurt Zeilenga
a54900be42 s/saslAuthz/authz/ 2004-04-16 06:12:13 +00:00
Pierangelo Masarati
3643d5fc16 cleanup 2004-04-14 17:47:53 +00:00
Pierangelo Masarati
c846d75b8b lots of cleanup 2004-04-13 16:47:23 +00:00
Howard Chu
76453e82ea Cleanup, fix for SASL/PLAIN 2004-04-07 15:26:25 +00:00
Kurt Zeilenga
44725e7303 use BER_BVNULL 2004-04-07 04:11:43 +00:00
Howard Chu
49da68a2bb ITS#3048 delete sasl_checkpass support 2004-04-05 11:23:47 +00:00
Howard Chu
4a8bb3991f ITS#2961 check for NULL authcDN 2004-03-02 18:37:49 +00:00
Howard Chu
2d0af83c71 ITS#2934 - don't touch conn->c_sasl_dn for Simple Binds 2004-02-26 11:48:34 +00:00
Kurt Zeilenga
57a7682f40 Fix typo in slap_auxprop_init() (should not impact behavior) (ITS#2909) 
found by Nalin Dahyabhai (Redhat).
 2004-01-08 01:14:04 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Kurt Zeilenga
c7f1759e80 Misc cleanup 2003-12-30 01:26:38 +00:00
Howard Chu
8aaaad0dd7 Revert to simple authzID behavior 2003-12-23 14:27:54 +00:00
Kurt Zeilenga
e9133952fb Move experimental built-in SASL behind SLAP_BUILTIN_SASL macro 2003-12-18 20:01:47 +00:00
Pierangelo Masarati
42d7d6d743 propagate flags to sasl-regexp functions (will need it later) 2003-12-18 18:32:45 +00:00
Kurt Zeilenga
9647ccd945 Completely untested built-in EXTERNAL implementation 
Needs identity mapping and proxy authorization support
 2003-12-18 06:52:39 +00:00
Pierangelo Masarati
2d948c7106 fix a couple of (too optimistic) comments... 2003-12-16 14:25:36 +00:00
Pierangelo Masarati
4602c935f7 saslAuthzTo/From stuff 
when comparing IDs to saslAuthzTo/From values, the saslAuthzTo
saslAuthzFrom values can take different forms:

dn[.<style>]:<pattern>

<style> ::= 	exact		; exact match
		children	; children of <pattern> match
		subtree		; <pattern> or children of <pattern> match
		regex		; <pattern> is regcomp() & regexec()
if no <style>, then exact is assumed

u[.<mech>][/<realm>]:<user>

when parsing a proxyAuthz value, only exact DN is allowed,
and no <mech> can be specified.  <user> cannot contain ':'
and <mech> cannot contain '/'.
 2003-12-13 23:02:59 +00:00
Howard Chu
0d8613c274 Use c_authmech when c_sasl_bind_mech is empty 2003-12-13 22:43:01 +00:00
Kurt Zeilenga
dbc37977f2 Look for the '@' in userid@realm in reverse so that a@b@c results 
in userid of a@b and realm of c.
 2003-12-13 17:25:59 +00:00
Pierangelo Masarati
6e5ddd6420 note a potential problem 2003-12-13 17:21:17 +00:00
Pierangelo Masarati
5a00f25542 conn must be non-null 2003-12-13 15:29:49 +00:00
Howard Chu
be1a728c5b Added sc_next and sc_cleanup to slap_callback 2003-12-07 08:51:23 +00:00
Howard Chu
42d8c0a39d Added slap_null_cb 2003-12-01 12:03:20 +00:00
Howard Chu
0a5f1e8516 #ifdef for slap_auxprop_store 2003-11-29 23:01:56 +00:00
Kurt Zeilenga
f0cd57eb9b cleanup 2003-11-29 22:37:07 +00:00
Pierangelo Masarati
e30a736354 clarify auxprop_store member type 2003-11-29 17:50:50 +00:00
Howard Chu
ddd056158e Add auxprop_store support for Cyrus SASL 2.1.16+ 2003-11-29 07:02:16 +00:00
Kurt Zeilenga
4e15a84452 Updated notices 2003-11-27 01:17:14 +00:00
Howard Chu
f4649fbde3 ITS#2825 fix SASL internal searches 2003-11-13 21:42:28 +00:00
Howard Chu
b5b036d9fb ITS#2762 tweak SASL include paths 2003-10-11 01:24:44 +00:00
Kurt Zeilenga
3e49a9cf6e add "proxy" to "authorization" in a few places 2003-09-19 18:23:37 +00:00
Howard Chu
1881ae872f ITS#2729 fix typos 2003-09-19 00:49:33 +00:00
Howard Chu
10811b6f51 Clarify/standardize library version mismatch error messages 2003-09-12 00:54:21 +00:00
Luke Howard
d649ae0808 Inherit operation pblock for SLAPI 2003-08-31 08:14:54 +00:00
Howard Chu
9dace23dec Change slap_sasl_authorized to take an Operation instead of a Connection, 
for compatibility with proxyAuthz control
 2003-05-24 02:44:46 +00:00
Howard Chu
46e2b97757 ITS#2424 use two SASL contexts per session to conform to RFC 2222 2003-05-01 04:11:57 +00:00
Howard Chu
04c5d82817 Fix prev commit 2003-04-30 16:00:36 +00:00
Howard Chu
4b73446ab5 ITS#2424 reset SASL on an existing connection 2003-04-30 15:38:32 +00:00
Howard Chu
7e2273b30e Added errmsg arg to lutil_passwd_{check,hash} functions 2003-04-30 07:52:05 +00:00
Kurt Zeilenga
5cd994ed21 remove dnNormalize2 
replace calls to dnNormalize2 with calls to dnNormalize
 2003-04-29 18:28:14 +00:00
Hallvard Furuseth
778a38f49c Reduce warnings: Add missing 0 or NULL initializers for struct members. 2003-04-29 16:36:19 +00:00
Howard Chu
280fc819cf Memory context tweaks for Bind 2003-04-12 06:56:42 +00:00
Howard Chu
ece7452b05 More memory context tweaks 2003-04-11 01:29:28 +00:00
Howard Chu
f897519d11 Minor cleanups 2003-04-09 23:37:00 +00:00
Howard Chu
813d5c8ed8 First cut at thread-local malloc. Only used by search() for now... 
Needs work in normalizers, etc.
 2003-04-09 16:52:03 +00:00
Howard Chu
aa3b717937 Don't build generic_filter dynamically, it's a simple static. 2003-04-09 08:28:19 +00:00
Howard Chu
b282339c96 Minor cleanup, use shorthand macros 2003-04-04 05:49:21 +00:00
Howard Chu
9355dca9af Consolidated slap_callbacks into one function. Removed send_search_result. 2003-04-01 04:12:18 +00:00
Howard Chu
fa9bf23501 Minor cleanup 2003-03-31 07:49:34 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are 
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
 2003-03-30 09:03:54 +00:00
Kurt Zeilenga
8873006105 SLAP_NVALUES changes 
and misc cleanup
 2003-03-16 18:10:16 +00:00
Howard Chu
40454ccec8 Added op->o_is_auth_check; use ACL_AUTH instead of ACL_SEARCH/ACL_READ 
in access_allowed() if flag is set. Set in sasl/saslauth searches.
 2003-03-10 22:07:21 +00:00
Howard Chu
65bf90ff73 Use struct berval for exop reqoid everywhere. Define berval constants 
for the known exops.
 2003-02-16 06:15:28 +00:00
Pierangelo Masarati
f8a1007994 (mostly blind) fix of possible leak/dangling pointer and cleanup 2003-02-07 00:46:11 +00:00
Pierangelo Masarati
9f28f12346 make sure the DN is null-terminated before normalizing it 2003-02-06 19:15:14 +00:00
Luke Howard
eee0086ab2 Add search ref callback 2003-02-01 07:05:01 +00:00
Kurt Zeilenga
bcd7306877 ITS#2268: SASL/ANONYMOUS fixes from kuenne@rentec.com 2003-01-20 18:09:46 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Kurt Zeilenga
a3837b107a Minor cleanup 2002-12-21 22:54:25 +00:00
Kurt Zeilenga
539693f56c Correct fix 2002-12-20 17:57:00 +00:00
Kurt Zeilenga
b47d0d6b6a if 0 out bad statslog 2002-12-20 17:25:51 +00:00
Howard Chu
0e69c86461 Fix Statslog messages 2002-12-17 00:23:36 +00:00
Howard Chu
7c7daf8556 Statslog additions: 
Added StatslogTest macro.
	Added attributes to modify and search Statslog.
	Added Statslog of SASL authcid.
 2002-12-16 12:14:37 +00:00
Kurt Zeilenga
7be4d566d7 cleanup 2002-12-13 00:18:54 +00:00
Howard Chu
88adbc8691 Fix ITS#2234 canonicalization bug 2002-12-12 13:49:25 +00:00
Luke Howard
a6edb2ae36 Treat all EXTERNAL DNs are already normalized. 2002-12-04 04:13:20 +00:00
Kurt Zeilenga
da76c1951e First-cut proxy authorization support. 2002-12-03 06:11:32 +00:00
Howard Chu
3260b26717 Fix ITS#2200, must use SASL creds exactly as received 2002-11-28 16:16:05 +00:00
Howard Chu
ca4764ccfa ITS#2202, set SASL_SUCCESS_DATA on sasl_server_new(). 2002-11-27 03:49:04 +00:00