Commit Graph

3567 Commits

Author SHA1 Message Date
Julius Enarusai
614e7d565d Converted ch_malloc and ch_calloc calls to SLAP_MALLOC and SLAP_CALLOC. 2002-11-19 21:26:09 +00:00
Julius Enarusai
3fddf93a7b Converted ch_malloc and ch_calloc calls to SLAP_MALLOC and SLAP_CALLOC. 2002-11-19 20:20:00 +00:00
Julius Enarusai
fe569dbb75 Converted ch_malloc and ch_calloc calls to SLAP_MALLOC and SLAP_CALLOC. 2002-11-19 18:24:18 +00:00
Julius Enarusai
d9e7a7190b Converted ch_calloc and ch_malloc calls to SLAP_CALLOC and SLAP_MALLOC. 2002-11-19 17:06:17 +00:00
Howard Chu
1385f29ebc Fix is_entry_objectclass flag comparisons (from Jason Townsend @ Apple) 2002-11-18 03:56:54 +00:00
Kurt Zeilenga
390cdcfbc2 Add AUTHZ stats logging 2002-11-11 18:55:45 +00:00
Kurt Zeilenga
e1f2ed9bc1 Delete some old (bad) statslog messages 2002-11-11 18:38:57 +00:00
Pierangelo Masarati
498d1f043d silence warnings; fix messages 2002-11-10 20:00:44 +00:00
Pierangelo Masarati
76bf91f553 remove #ifdef SLAP_FILTER_HASSUBORDINATES 2002-11-10 19:48:36 +00:00
Pierangelo Masarati
a9c902a7ca improve error messages 2002-11-10 18:16:43 +00:00
Kurt Zeilenga
b5b495a871 Remove extra entry_free() 2002-11-10 06:48:55 +00:00
Pierangelo Masarati
5794b3a2dd Add checks for SQL headers in configure.in (need to rerun autoheader
and autoconf); #include "ac/string.h" instead of <string.h>
2002-11-09 17:03:07 +00:00
Pierangelo Masarati
0491710fa7 Patch: Wrong args to Debug() and LDAP_LOG() (ITS#2170,2171)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================
2002-11-09 16:09:50 +00:00
Pierangelo Masarati
7400191ba8 cleanup str2adlist 2002-11-09 14:46:00 +00:00
Julius Enarusai
8669824fd5 Converted ch_calloc calls to SLAP_CALLOC. 2002-11-08 18:17:21 +00:00
Julius Enarusai
6e9c21cff8 Converted ch_malloc, ch_calloc and ch_realloc calls to SLAP_MALLOC,
SLAP_CALLOC and SLAP_REALLOC respectively.
2002-11-08 17:13:20 +00:00
Pierangelo Masarati
a777c53564 fix attribute delete (ITS#2158) patch provided by Timofey B. Nickonov <ntb@mts.ru> 2002-11-02 16:00:21 +00:00
Julius Enarusai
2d98b19bf7 Converted ch_malloc, ch_calloc and ch_realloc calls to SLAP_MALLOC and
SLAP_CALLOC in add_value/add_value_one functions and propagated errors to
all functions that use these functions.
2002-11-01 18:59:52 +00:00
Howard Chu
24f1a11cde Fix sasl_server_start invocation, must pass NULL cred when credlen is 0. 2002-11-01 02:14:55 +00:00
Stig Venaas
0f86bbde87 Fix referrals and alias. For ldbm and I think for bdb, this is necessary
now that we normalize to lower case. Should be merged into 2.1.
2002-10-31 16:48:04 +00:00
Pierangelo Masarati
53e1930fd0 use keyword "unlimited" instead of -1 for no limits 2002-10-31 09:57:24 +00:00
Jong Hyuk Choi
ca8ab9d809 changes in bdb_psearch() - search scope check 2002-10-29 08:05:45 +00:00
Jong Hyuk Choi
2e1809d76f change due to removal of servers/slapd/lcup.c 2002-10-29 04:39:05 +00:00
Jong Hyuk Choi
3d4a915f2b Removal of servers/slapd/lcup.c 2002-10-29 00:00:47 +00:00
Jong Hyuk Choi
3a9229a3e9 Use of slap_schema.si_ad_entryUUID in bdb_psearch() 2002-10-28 23:57:54 +00:00
Kurt Zeilenga
6f59ca0e5b Add superiorUUID to system schema 2002-10-28 20:01:55 +00:00
Kurt Zeilenga
293158f432 code cleanup 2002-10-27 03:42:32 +00:00
Kurt Zeilenga
886f60f822 Fix typo 2002-10-27 00:41:52 +00:00
Howard Chu
322a800c26 Fix ITS#2157, server should never attempt to unlink the client's socket.
It likely has no name anyway, and the client owns it after all.
2002-10-26 22:41:26 +00:00
Pierangelo Masarati
dea2420569 beautify "unknown" 2002-10-26 18:51:24 +00:00
Pierangelo Masarati
f07cabad0f need to move #define here; on by default 2002-10-26 16:32:11 +00:00
Pierangelo Masarati
7b3f889ec1 fix hasSubordinate filtering; now it can be safely turned on 2002-10-26 16:18:31 +00:00
Pierangelo Masarati
69343add5a use more appropriate error code 2002-10-26 10:05:35 +00:00
Pierangelo Masarati
8558b8808e actually, get_perms is needed by ldapi:// rgeardless of -DSLAP_X_LISTENER_MOD 2002-10-26 10:02:41 +00:00
Kurt Zeilenga
36569048ff Add "allow update_anon"
Fix -USLAP_X_LISTENER_MOD builds
2002-10-25 18:47:24 +00:00
Jong Hyuk Choi
15c5943edd Addition of servers/slapd/lcup.c and servers/slapd/back-bdb/lcup.c for persistent search 2002-10-25 17:57:03 +00:00
Jong Hyuk Choi
8074294f1d LCUP persistent search code drop 2002-10-25 17:51:30 +00:00
Pierangelo Masarati
97e526cb2d add restrictions related to listeners in form of file permissions
(see in slapd(8) the description on how to enforce file permissions
on sockets in ldapi schema); at present, only user permissions are
used as follows: the url extension x-mod=-rwxrwxrwx is used; only
the user permisisons are considered, e.g. the first set of rwx;
	"r" means read is allowed from that listener
	"w" means write is allowed on that listener
	"x" means bind is not required on that listener
these restrictions ADD to those already present, and are actually
checked AFTER the other restrictions, but BEFORE ACLs, so they can
be used to apply gross restrictions but should not be viewed as
a replacement of ACLs. To compile this, #define SLAP_X_LISTENER_MOD
2002-10-25 16:43:44 +00:00
Kurt Zeilenga
6d199506bb ber_write error message cleanup 2002-10-25 05:47:08 +00:00
Kurt Zeilenga
2b2e406b46 Make sure that newSuperior isn't old superior 2002-10-25 01:09:50 +00:00
Pierangelo Masarati
956f1d16aa listener:
- use bervals for url and sockname
- pass connection_init() the listener struct pointer instead of each value
- don't copy them in the Connection struct 'cause they're not going to change
- define macros for legacy usage of c_listener_url and c_sockname
2002-10-24 10:03:52 +00:00
Pierangelo Masarati
fdd586a6b7 change socket permission syntax (to reuse function for other purposes) 2002-10-23 14:12:01 +00:00
Pierangelo Masarati
456a561b65 prevent use of uninitialized var 2002-10-23 14:11:02 +00:00
Pierangelo Masarati
665cb3e86e fix typo 2002-10-23 14:10:21 +00:00
Kurt Zeilenga
ff9dd56587 Add comment attributing origin of the Metaphone algorithm 2002-10-22 04:52:57 +00:00
Kurt Zeilenga
c382c5efa2 blind fix for NULL pointer in Debug() bug (ITS#2143) 2002-10-17 17:45:44 +00:00
Kurt Zeilenga
ac66a219d0 Fix comment 2002-10-17 04:35:55 +00:00
Kurt Zeilenga
c64d28aa4e correct security sample 2002-10-12 05:10:41 +00:00
Howard Chu
9d2a8ba1b4 More fixes for ITS#2136, make sure all error returns set *text. 2002-10-11 17:12:56 +00:00
Kurt Zeilenga
40b685b70d Patch: Delete the buggy surrogate parent code (ITS#1815)
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
2002-10-10 20:28:36 +00:00
Kurt Zeilenga
5504bed852 More OBSOLETE checks 2002-10-10 02:38:32 +00:00
Kurt Zeilenga
857165b1bf Add some OBSOLETE schema checks 2002-10-10 02:07:24 +00:00
Kurt Zeilenga
b5020aa16d Don't mask error text variables 2002-10-09 23:36:28 +00:00
Kurt Zeilenga
27cb98d28d Remove lint 2002-10-09 23:35:45 +00:00
Kurt Zeilenga
1aa829922f Implement content rule checks
w/ implicit default rules allowing any auxiliary class to be mixed in
2002-10-09 23:02:01 +00:00
Howard Chu
e6d10b9590 Revert previous commit. More thought needed re: IPV4 vs IPv6 failures 2002-10-09 21:18:51 +00:00
Howard Chu
2e538e19d4 ITS#2132, give up at first bind failure 2002-10-09 20:45:13 +00:00
Kurt Zeilenga
5060ebb36d Fix bad sup error 2002-10-09 19:24:02 +00:00
Kurt Zeilenga
dff7315edf Need ../cr.o 2002-10-09 19:11:12 +00:00
Howard Chu
b9bd44b047 Fix ITS#2132, give up if listener fails to open 2002-10-09 18:57:50 +00:00
Kurt Zeilenga
acc32b9d9e Basic framework for DIT Content Rules (not yet enforced) 2002-10-09 07:11:50 +00:00
Kurt Zeilenga
023d0e2a5c Rework unprotected simple bind checks 2002-10-08 19:03:18 +00:00
Kurt Zeilenga
06f69e603c Add security restrictions examples 2002-10-08 01:15:20 +00:00
Kurt Zeilenga
36fca96695 if "disallow bind_simple_unprotected", require at least SSF of 2 2002-10-08 01:06:49 +00:00
Kurt Zeilenga
df6c69ffd6 More entry level access control for back-shell
(should be applied to back-perl and other programmable backends)
2002-10-07 21:56:43 +00:00
Kurt Zeilenga
3a17376dfd s/256/LBER_ELEMENT_SIZEOF/
set LBER_ELEMENT_SIZEOF to 256
maybe this should be set to N*sizeof(size_t) or something
2002-10-07 21:01:47 +00:00
Kurt Zeilenga
cb73d243fb More "entry" level ACLs for entry add, delete, and rename. 2002-10-07 19:19:29 +00:00
Kurt Zeilenga
d19db4b7ed Fix up last commits 2002-10-04 23:42:27 +00:00
Kurt Zeilenga
9fbcc90bd5 Add "entry" ACL checks for add/delete/rename ops 2002-10-04 23:26:28 +00:00
Kurt Zeilenga
8975676fa4 Clean up some #else #if 'ing 2002-10-04 18:36:44 +00:00
Kurt Zeilenga
5b591d0dec Fix subentry OIDs 2002-10-02 01:18:46 +00:00
Kurt Zeilenga
33248a02e1 Code cleanup (no functional changes) 2002-10-01 04:07:55 +00:00
Kurt Zeilenga
f5e6d1db41 #unifdef -DSCHEMA_DN 2002-09-29 04:30:38 +00:00
Kurt Zeilenga
4ef4c9eb06 Return default referral if DN maps to empty domain. 2002-09-26 16:12:39 +00:00
Kurt Zeilenga
b4e1ea15f3 benign buffer overflow fix (ITS#1964) 2002-09-25 04:34:33 +00:00
Kurt Zeilenga
bbbf2f4ca7 Fix handling of non-critical controls for backends which
support no controls.
2002-09-24 18:20:59 +00:00
Kurt Zeilenga
d0a4fee37a Minor updates 2002-09-22 19:09:47 +00:00
Kurt Zeilenga
976c35fbf0 fix possible uninit bug 2002-09-21 04:33:19 +00:00
Howard Chu
bdf9b3ae1b Fix ITS#1033 slapd hangs with GNU Pth - don't write to the wakefd
more than once at any given time.
2002-09-21 03:52:16 +00:00
Kurt Zeilenga
f558b6b02f Add experimental +/- AttributeName support. 2002-09-21 00:11:43 +00:00
Kurt Zeilenga
d9d58ae02f Save "-" for no subtypes 2002-09-20 19:58:25 +00:00
Howard Chu
9ba829436e Add dummy reference to lutil_uuidstr() for dynamically loaded back-bdb
and back-ldbm.
2002-09-20 01:02:33 +00:00
Howard Chu
104f8cc409 Simpler fix for NO_THREADS 2002-09-19 06:34:53 +00:00
Howard Chu
ff9e580d33 Updated BDB_HIER for current API 2002-09-19 06:08:12 +00:00
Howard Chu
6fa0363d09 Don't set bdb yield with NO_THREADS 2002-09-19 01:38:00 +00:00
Howard Chu
919274432b Fixes for NO_THREADS
Use a per-env locker ID
	Always set lock_detect, since we allow slapadd etc. concurrently
Also removed unused lock_detect_task code. lockdetect config keyword only
needs <policy>, no <seconds> argument.
2002-09-19 01:13:27 +00:00
Howard Chu
7666bb7482 Add calls to module_init/module_kill to support dynamically loaded backends. 2002-09-18 11:58:19 +00:00
Kurt Zeilenga
3eb21d8a6c Misc cleanup 2002-09-16 21:50:55 +00:00
Kurt Zeilenga
cc7d1433bb For object classes in attribute lists, use '+' (or '-') to indicate
name is an objectClass.
2002-09-16 20:48:08 +00:00
Kurt Zeilenga
a1da292989 Wrap csn filter frees with sync mode check. 2002-09-15 22:42:50 +00:00
Kurt Zeilenga
88c8cca820 Fix return value 2002-09-15 22:42:07 +00:00
Kurt Zeilenga
0ad91236fd Add LDAP_CONTROL_CLIENT_UPDATE to list of supported controls 2002-09-15 22:28:38 +00:00
Kurt Zeilenga
1d0e916c6f Misc CLIENT_UPDATE cleanups 2002-09-15 22:22:51 +00:00
Kurt Zeilenga
2a9783bd5e Fix typos in last commit 2002-09-15 22:13:25 +00:00
Kurt Zeilenga
629a0219f2 Cleanup up LDAP_CLIENT_UPDATE code... including some bug fixing. 2002-09-15 21:08:34 +00:00
Jong Hyuk Choi
1509e321de LCUP Response Control Code 2002-09-14 00:29:06 +00:00
Howard Chu
3e61f0630d Fix ITS#2082, bdb_idl_intersection 2002-09-13 20:19:56 +00:00
Howard Chu
7e493b87be Fix debug messages 2002-09-13 20:19:15 +00:00
Howard Chu
a8297e6d22 Fix test of uninit'd rc at LOCK_ID 2002-09-13 12:32:08 +00:00
Howard Chu
1263e40b55 Set BDB's global allocators to ber_*, don't bother with the per-env setting. 2002-09-12 02:47:18 +00:00
Pierangelo Masarati
ae2cd84d16 trim c++ style comments 2002-09-11 17:15:55 +00:00
Howard Chu
7823832770 Fix ITS#2075, NULL moddn->newsup->bv_val 2002-09-11 10:59:41 +00:00
Pierangelo Masarati
8758a30bf2 #undef SLAP_X_FILTER_HASSUBORDINATES while I fix the entry lock problem ... 2002-09-10 10:10:11 +00:00
Howard Chu
35e8b8325d Unifdef BDB_IDL_MULTI. 2002-09-10 04:20:45 +00:00
Kurt Zeilenga
e6fdfd4cee only optimize objectClass filters when (objectClass=*) is
presented... avoids (&(objectClass=*)(objectClass=foo)) problems.
2002-09-09 23:25:22 +00:00
Howard Chu
9953574b47 Fix: if slapadd was used with an un-ordered LDIF file, we can't rely on
entries having ascending entry IDs. Always start from the beginning of
the candidate list. (This should be fine in the general case as well,
since the subtree index will also have refined the candidates.)
2002-09-09 04:24:38 +00:00
Howard Chu
30de884223 More memory cleanup 2002-09-09 00:56:57 +00:00
Howard Chu
a4b30ce455 Plug memleaks from -r1.45 2002-09-09 00:55:52 +00:00
Pierangelo Masarati
b8240724ad optimize also duplicate/existence check in value delete operations 2002-09-07 16:08:30 +00:00
Howard Chu
b623e4495b Fix typo in one-level searches, left over from -r1.23 cleanup 2002-09-06 12:37:24 +00:00
Kurt Zeilenga
37d9880495 Some LCUP clean up 2002-09-06 00:29:20 +00:00
Howard Chu
73207c7110 Replace HACK in slap_sasl_canonicalize with safer test. 2002-09-05 11:01:12 +00:00
Kurt Zeilenga
ab80b03057 back_attribute() should use ACL_AUTH not ACL_READ (at
least for current callers, may need to pass it the
permission level)
2002-09-05 02:37:10 +00:00
Howard Chu
62ceae250c ITS#2065 omit libbackends.a when no static backends configured.
Also fixed dependencies for dynamic backends and tools.
2002-09-04 10:58:25 +00:00
Jong Hyuk Choi
4b48c05a8e LDAP Client Update Protocol - non-persistent update (TODO: response control ...) 2002-09-04 02:00:42 +00:00
Pierangelo Masarati
5d50463376 optimize duplicate detection based on mods and existing values count 2002-09-03 15:12:36 +00:00
Kurt Zeilenga
69ba1a21bc Extend checks to substrings rules. Need to kludge around
LDAP's kludged builtin substrings rules.
2002-09-03 07:28:57 +00:00
Kurt Zeilenga
8a5b200c44 Add appropriate matching rule checks.
Clean up syntax error reporting.
2002-09-03 07:01:09 +00:00
Howard Chu
3099d89d9e Don't use sasl_set_alloc on Cyrus 2, it manages all of its memory
internally and we don't want to get in the way.
2002-09-02 22:25:26 +00:00
Kurt Zeilenga
3e1a896928 Update comment 2002-09-02 22:07:23 +00:00
Pierangelo Masarati
d3ca441ae8 /*
* The original code performs ( n ) normalizations
 * and ( n * ( n - 1 ) / 2 ) matches, which hide
 * the same number of normalizations.  The new code
 * performs the same number of normalizations ( n )
 * and ( n * ( n - 1 ) / 2 ) mem compares, far less
 * expensive than an entire match, if a match is
 * equivalent to a normalization and a mem compare ...
 *
 * This is far more memory expensive than the previous,
 * but it can heavily improve performances when big
 * chunks of data are added (typical example is a group
 * with thousands of DN-syntax members; on my system:
 * for members of 5-RDN DNs,

 members         orig            bvmatch (dirty) new
 1000            0m38.456s       0m0.553s        0m0.608s
 2000            2m33.341s       0m0.851s        0m1.003s

 * Moreover, 100 groups with 10000 members each were
 * added in 37m27.933s (an analogous LDIF file was
 * loaded into Active Directory in 38m28.682s, BTW).
 *
 * Maybe we could switch to the new algorithm when
 * the number of values overcomes a given threshold?
 */
2002-09-02 19:41:03 +00:00
Pierangelo Masarati
eb38db1be5 various fixes and improvements 2002-09-02 19:39:31 +00:00
Pierangelo Masarati
857d08ea21 use bvmatch() instead of ber_bvcmp() when testing for match without ordering 2002-09-02 19:39:06 +00:00
Kurt Zeilenga
132506e13c Add NOOP search support. 2002-09-02 17:38:17 +00:00
Kurt Zeilenga
af183089b8 unifdef -DSLAP_X_MRA_MATCH_DNATTRS 2002-09-01 00:33:20 +00:00
Kurt Zeilenga
b5f51ed4a5 have get_mra use mr_usable_with_at() as well 2002-08-31 21:39:42 +00:00
Kurt Zeilenga
c6052ac8b0 Add mr_usable_with_at() routine. Use both in generation
of rule uses, but also in test_filter_mra()
2002-08-31 21:23:45 +00:00
Kurt Zeilenga
5c61f55faa Make sure we don't expose hidden attribute types in rule uses 2002-08-31 20:49:50 +00:00
Kurt Zeilenga
e9a71156cc Add matching rule use support where assertion syntax != value syntax 2002-08-31 20:42:25 +00:00
Kurt Zeilenga
04c71ce9b2 List approximates as well in rule uses.
Don't yet list ordering rules yet, these require special attention (and
hence are not marked MR_EXT yet)
2002-08-31 19:25:41 +00:00
Kurt Zeilenga
d6ac7ac544 Fix last commit.
Also add uses where mr is the attribute's equality rule.
2002-08-31 19:17:54 +00:00
Kurt Zeilenga
2908cdff11 MR_EXT rules can be used with any type whose syntax is same as
the syntax's assertion syntax.
2002-08-31 19:05:36 +00:00
Kurt Zeilenga
6c7104c82b Don't hide matchingRuleUse's description (now implemented)
Use attribute's cname not oid in matching rule uses
2002-08-31 18:41:21 +00:00
Pierangelo Masarati
966dd1bdca definitely fix NOOP in back-bdb 2002-08-31 17:03:42 +00:00
Pierangelo Masarati
0d5fe062e2 improved support for NOOP; add is fine, the other write funcs still need work 2002-08-31 12:00:39 +00:00
Pierangelo Masarati
a0c54f1625 use ldap_charray_add instead of dedicated helper; get rid of dependency from ldap-int.h 2002-08-31 11:14:15 +00:00
Pierangelo Masarati
71aecea2aa fix bitwise matching (courtesy of Luke Howard) 2002-08-31 10:56:27 +00:00
Pierangelo Masarati
804a111fbd add {create,modify}Timestamp to subschema subentry (SHOULD per RFC2251; use server startup time to be conservative) 2002-08-31 10:49:03 +00:00
Pierangelo Masarati
aea52e5bc9 define macros for appropriate sizing of lutil buffers 2002-08-31 10:48:02 +00:00
Pierangelo Masarati
e2ec62f09f add matchingRuleUse to schema; use a berval instead of _oidlen in syntax and matching rule 2002-08-31 10:45:22 +00:00
Pierangelo Masarati
c76b36254c cleanup comments 2002-08-31 10:41:49 +00:00
Pierangelo Masarati
c8cfbca64d fix extendedMatch and approx hfilter andling; get rid of subtree_cond (argh, need to trim it from config and docs ...) 2002-08-31 10:39:23 +00:00
Pierangelo Masarati
a1bb43946b better handling of children_cond 2002-08-31 10:38:29 +00:00
Pierangelo Masarati
95a99bd522 trace illegal condition in backsql_strfcat 2002-08-31 10:37:42 +00:00
Pierangelo Masarati
685363e880 add 'children_cond' config statement 2002-08-31 10:36:16 +00:00
Pierangelo Masarati
b0dfd89e1b added referral support to back-{ldap,meta}; need to allow send_serch_reference() handle NULL entry pointer 2002-08-31 10:35:23 +00:00
Pierangelo Masarati
501cd4c611 fix extendedMatch values return filter control 2002-08-31 10:29:03 +00:00
Kurt Zeilenga
b04483a6a2 We don't support substrings matching via extensibleMatch 2002-08-30 19:30:58 +00:00
Howard Chu
70673417f2 Fix debug statement 2002-08-30 14:28:45 +00:00
Howard Chu
c4f74ac639 Fix crash in mra_free, freeing ber-private value. 2002-08-30 12:38:50 +00:00