Commit Graph

82 Commits

Author SHA1 Message Date
Gary Williams
d531a20f52 more new logging (finally), behind NEW_LOGGING 2001-01-11 17:11:23 +00:00
Kurt Zeilenga
dbdba34972 First-cut at manageDSAit-aware backend selection. 2000-10-21 03:29:02 +00:00
Kurt Zeilenga
2b2ee1ccbd Return authMethodNotSupported not authUnknown for unknown
bind authentication method
2000-10-13 05:28:23 +00:00
Kurt Zeilenga
27b30275a6 We need to set sasl_layers prior to returning result... 2000-10-07 02:00:54 +00:00
Mark Adamson
bf1ee530ea Implementation of SASL authorization. 2000-09-21 17:32:54 +00:00
Kurt Zeilenga
825c3c4c5c Fix handling of optional cred 2000-09-15 00:09:44 +00:00
Kurt Zeilenga
3342ea3b49 Add more bind allow/disallow flags 2000-09-11 18:24:24 +00:00
Kurt Zeilenga
2e13824d0d Add "allow tls_2_anon" to allow StartTLS to force session to anonymous.
Add "disallow tls_authc" to disallow StartTLS when session is authenticated.
Create and use connection2anonymous routine for consistency.
2000-09-08 22:59:01 +00:00
Kurt Zeilenga
4e8973e6cb Rework bind restrictions 2000-08-28 23:37:44 +00:00
Kurt Zeilenga
102f12a71a Restrict bind 2000-08-28 23:29:29 +00:00
Kurt Zeilenga
3e91d48127 Move authzid_backend to after restrictions checks 2000-08-28 21:28:22 +00:00
Kurt Zeilenga
9715e7f008 Add disallow and requires to man page. Fix sasl ssf handling bug. 2000-08-28 18:58:13 +00:00
Kurt Zeilenga
bf3df2f7a6 restrictops, requires, disallow knobs; ssf acls; and misc other changes
man pages to follow...
2000-08-28 18:38:48 +00:00
Kurt Zeilenga
1c328aa9c7 Minor typedef and other clean ups 2000-08-26 01:14:05 +00:00
Kurt Zeilenga
a50f391bb3 Working SASL security layers! 2000-07-28 00:04:07 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session.
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
5c4cef793f Fix error handling 2000-07-05 22:15:43 +00:00
Kurt Zeilenga
60802201e3 Const'ification
SASL mech removed from backend bind callback (as SASL is managed by frontend)
Changes to some backends are untested (as I don't have all dependent
  software install)
2000-05-22 03:46:57 +00:00
Kurt Zeilenga
b2f56a7318 SLAPD_SCHEMA_NOT_COMPAT: framework for value_match() and value_find() 2000-05-21 22:46:51 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Kurt Zeilenga
643864c569 Change negotiated mechanism:
If application provide one, use it.  If application doesn't
	provide one, use best of server advertised.
Fix SASL/ANONYMOUS (not normally used, but should work)
PLAIN is not currently working... might be local to me as my
Cyrus installation is a bit hosted.
2000-05-11 20:16:26 +00:00
Kurt Zeilenga
92e2453467 A NULL (empty) SASL mechanism should not result in a protocol error. 2000-04-26 09:20:25 +00:00
Kurt Zeilenga
20351a05cc SASL: me thinks I got the states okay... now to test. 2000-04-25 18:02:50 +00:00
Kurt Zeilenga
42a20681cc SASL closer to working from frontend only, need to work through
states.
2000-04-25 17:23:54 +00:00
Kurt Zeilenga
55ae3cffd8 SASL code without backend support. Should work with
external store, but not yet tested.  [Intent is to support
both in same server... may not be doable]
2000-04-25 16:03:17 +00:00
Kurt Zeilenga
2e22c55a6c Fix typo in prev commit 2000-04-25 13:25:55 +00:00
Kurt Zeilenga
6f2a817d9d bind/sasl cleanup PRIOR TO moving call from backend to frontend 2000-04-25 13:21:42 +00:00
Kurt Zeilenga
4710c74605 Rework error handling. Add error descriptions.
Don't use LDAP_OPERATIONS_ERROR for internal errors.  Use LDAP_OTHER
instead.  (more changes needed in this area)
2000-03-03 22:37:06 +00:00
Kurt Zeilenga
e96865c1a8 Reorder error detection based upon precedence 2000-03-01 22:59:34 +00:00
Kurt Zeilenga
ac7f6c2e37 Replace do_*() return -1 with return SLAPD_DISCONNECT.
Only return SLAPD_DISCONNECT with a send_ldap_disconnect()
was called.
Add initial code for support predetermined filter results
when filter is undefined (or known to be true or false).
2000-02-29 23:48:01 +00:00
Kurt Zeilenga
3708530620 Didn't return after returning unknown critical control.
Noticed that abandon and unbind don't have control support... something for
another day.
2000-02-01 01:22:06 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library;
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
2000-01-02 01:21:25 +00:00
Kurt Zeilenga
d5edb4bff6 Reengineered ldappasswd(1). Uses extended operation to set
user password.  Likely to be modified to use bind control
instead.  Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Howard Chu
3b49944829 Fix to avoid freeing an uninitialized pointer 1999-11-05 22:45:43 +00:00
Howard Chu
2395c6c23c Added line to #include "ldap_pvt.h". Part of Mingw32 support.
See README 1.27 log.
1999-10-28 07:13:33 +00:00
Kurt Zeilenga
7a0b0b2bbf In preparation for adding dn_rewrite()...
s/dn_normalize/dn_validate/
s/dn_normalize_case/dn_normalize/
1999-09-24 01:46:37 +00:00
Howard Chu
b070303a6b Fix previous dn checkin 1999-09-19 01:29:45 +00:00
Howard Chu
f991ef04e6 Added mixed-case as well as up-cased DN argument. The behavior of back-bdb2
and back-ldbm are preserved, they only use the up-cased DNs. back-passwd
uses the mixed-case DN. All others are using mixed-case DN, may need more
fixing.
1999-09-18 23:40:03 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Kurt Zeilenga
2a74677799 const'fication 1999-08-20 19:00:44 +00:00
Kurt Zeilenga
8ead8c5fd9 Clean up debug messages. 1999-08-19 00:40:18 +00:00
Hallvard Furuseth
6054463eeb Minor cleanup:
Fix Statlog() formats, remove an implicit int, include <ctype.h> for isspace().
1999-08-07 05:36:48 +00:00
Kurt Zeilenga
9c3ed0310b Add copyright notices. 1999-08-06 23:07:46 +00:00
Kurt Zeilenga
354d49fb9a List supportedSASLmechanisms based upon what sasl_listmech() returns. 1999-08-03 23:23:05 +00:00
Kurt Zeilenga
f90ed5aef8 Add a little SASL framework and remove old X-DIGEST-MD5 hardcode.
This code is not called (yet).
1999-08-03 02:37:42 +00:00
Kurt Zeilenga
c12547cf3b Resurrect suffix aliasing... 1999-07-27 18:43:30 +00:00
Kurt Zeilenga
68d561a97b Add limited LDAP_INVALID_DN_SYNTAX support. dn_normalize{,_case}() now returns
NULL does not meet basic syntax rules.
1999-07-22 17:14:42 +00:00
Kurt Zeilenga
059ee8c86d (re)introduce o_connid such that STATS doesn't need c_mutex (which it
didn't bother to acquire)...
1999-07-16 22:24:32 +00:00
Kurt Zeilenga
73276e84ae Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS.
Includes support for update referral for each replicated backend.
	Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world.  Still testing in LDAPv3 world.
Added default referral (test009) test.
1999-07-16 02:45:46 +00:00
Kurt Zeilenga
e9c2895472 Add support for unsolicited notifications. 1999-07-07 18:51:39 +00:00