Pierangelo Masarati
118bf1e9f9
apply a different fix for ITS#2342
2003-03-03 23:06:58 +00:00
Howard Chu
8f88bc1f8f
Free default_passwd_hash on cleanup
2003-02-16 06:13:34 +00:00
Kurt Zeilenga
aaf253318b
Move include <slapi.h> behind #ifdef
2003-02-10 02:09:00 +00:00
Kurt Zeilenga
8f82e9f772
ITS#2117: remove suffixalias support until someone fixes it
2003-02-09 07:20:03 +00:00
Kurt Zeilenga
698d73d5f3
Disable reverse lookups by default for security
...
(and performance) reasons.
2003-02-08 07:40:19 +00:00
Kurt Zeilenga
c315e28779
Move RDN checks to entry_schema_check() so that it is consistently
...
applied (and disabled via schemacheck off). Removed add-rdn-values flag.
2003-02-07 20:12:26 +00:00
Pierangelo Masarati
7a97f37bd4
add 'add-rdn-values {on|off}' (default off) switch
2003-02-07 15:19:58 +00:00
Pierangelo Masarati
c3847a6136
slapi header cleanup
2003-01-27 21:53:23 +00:00
Luke Howard
7d5978b4aa
Put #endif in correct place when commenting out backend directive check
...
for plugins (now that global plugins are nominally supported)
2003-01-21 15:14:07 +00:00
Luke Howard
17b761cf96
Allow global plugins.
2003-01-21 15:11:35 +00:00
Kurt Zeilenga
6939c53170
Happy new year
2003-01-03 20:20:47 +00:00
Pierangelo Masarati
df5d69df8f
allow a custom error log file for plugins by means of a slapd.conf directive; add very bare-bone back-monitor info about installed plugins
2002-12-14 15:04:37 +00:00
Hallvard Furuseth
54728f367e
Implement user-defined tagging attribute options and ranges
2002-12-12 13:56:05 +00:00
Pierangelo Masarati
1b70e16448
SLAPI - Netscape plugin API for slapd - based on patch contributed by Steve Omrani <somrani@us.ibm.com> as ITS#2073
2002-12-07 17:19:29 +00:00
Kurt Zeilenga
da76c1951e
First-cut proxy authorization support.
2002-12-03 06:11:32 +00:00
Kurt Zeilenga
8754c8f2a3
#unifdef paged results, remove lint
2002-11-28 04:38:41 +00:00
Pierangelo Masarati
415a8d325f
add limits to entries count for paged results
2002-11-21 20:49:02 +00:00
Julius Enarusai
2d98b19bf7
Converted ch_malloc, ch_calloc and ch_realloc calls to SLAP_MALLOC and
...
SLAP_CALLOC in add_value/add_value_one functions and propagated errors to
all functions that use these functions.
2002-11-01 18:59:52 +00:00
Pierangelo Masarati
53e1930fd0
use keyword "unlimited" instead of -1 for no limits
2002-10-31 09:57:24 +00:00
Kurt Zeilenga
36569048ff
Add "allow update_anon"
...
Fix -USLAP_X_LISTENER_MOD builds
2002-10-25 18:47:24 +00:00
Kurt Zeilenga
acc32b9d9e
Basic framework for DIT Content Rules (not yet enforced)
2002-10-09 07:11:50 +00:00
Kurt Zeilenga
023d0e2a5c
Rework unprotected simple bind checks
2002-10-08 19:03:18 +00:00
Kurt Zeilenga
f5e6d1db41
#unifdef -DSCHEMA_DN
2002-09-29 04:30:38 +00:00
Kurt Zeilenga
1c75a7f25c
Fix inverted bvmatch logic in modrdn
2002-08-12 08:45:20 +00:00
Howard Chu
07ebdca237
ITS#1893, use "schemadn" to configure subschemasubentry DN. (diff was
...
inaccessible, this is original code, not contributed.)
2002-08-10 03:10:52 +00:00
Howard Chu
554311a4c8
Fix cargv leak in recursive read_config()
2002-08-07 08:22:43 +00:00
Kurt Zeilenga
8a3d02bf6b
misc cleanup
2002-07-23 18:35:12 +00:00
Julius Enarusai
6107ba67d2
Coverted LDAP_LOG macro to use subsystem ID int values instead of string values
2002-07-11 20:33:24 +00:00
Kurt Zeilenga
9a38d98d37
Add option to disallow unprotected simple authentication.
...
Add protected simple authentication as a "strong" mechanism.
2002-06-17 22:18:27 +00:00
Pierangelo Masarati
b9254b8ab4
should compile even without Cyrus SASL
2002-06-15 15:01:17 +00:00
Howard Chu
07a34489c6
Added saslAuthzTo and saslAuthzFrom to system schema.
...
Added sasl-authz-policy config keyword to control proxy authorization.
Moved sasl-related config processing to sasl.c:slap_sasl_config().
Moved other global defs used only in saslauthz.c into saslauthz.c.
2002-06-14 08:10:14 +00:00
Kurt Zeilenga
116e165a5c
Be less forgiving (don't ignore so many configuration errors)
2002-06-08 18:38:52 +00:00
Kurt Zeilenga
a784e4d054
Add rootdn check when rootpw is set.
2002-06-08 18:04:43 +00:00
Kurt Zeilenga
19eca33ca3
Gentile HUP shutdown from Hallvard
2002-06-03 16:47:43 +00:00
Kurt Zeilenga
bdad40c696
Disallow addition of system schema via config files.
2002-05-30 05:23:37 +00:00
Pierangelo Masarati
2ca323d2b5
Fixes ITS#1786: dynamically growing number of tokens in config line
...
for both slapd and slurpd
Copyright 2002, John Morrissey (jwm at horde dot net), All rights reserved.
This is free software; you can redistribute and use it under the same terms
as OpenLDAP itself.
Applied with changes
2002-05-02 08:48:14 +00:00
Howard Chu
7fae7fe155
Changed be_[n]suffix, be_[n]suffixAlias to BerVarray. No more bvec's anywhere.
2002-05-01 18:50:14 +00:00
Julius Enarusai
ed8f299245
ITS#1730: Misc typos in NEW_LOGGING code from Hallvard
2002-04-25 22:12:44 +00:00
Kurt Zeilenga
0ca5d06f77
Re: PRIVATE: Patch: Passwords (ITS#1740)
...
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
2002-04-22 17:31:16 +00:00
Howard Chu
8a5423ea8d
deleted sasl_external_x509dn_convert; X509 DNs are always converted to
...
normalized LDAP DNs now.
Changed dnDCEnormalize to dnX509normalize, added dnX509peerNormalize,
based on new ldap_X509dn2bv() etc.
2002-04-18 12:26:36 +00:00
Kurt Zeilenga
709ce4fa6c
Re: Patch: ctype functions require 'unsigned char' args (ITS#1678)
...
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
Here are fixes for more places where the argument to ctype.h functions
should be in the range of `unsigned char'.
Explanation of the last patch (to schema_init.c:bvcasechr()):
TOLOWER() and TOUPPER() return values in the range of `unsigned char',
but bvcasechr() then compares those values with a plain `char'. So I
convert the return values from TOLOWER()/TOUPPER() to `char' first.
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
2002-04-15 20:42:42 +00:00
Howard Chu
bf6fccd7bb
ITS#1740
2002-04-13 10:56:16 +00:00
Pierangelo Masarati
4a2b9b2195
ITS#1730
2002-04-08 18:39:23 +00:00
Pierangelo Masarati
f4dba925ff
add a switch that enables/disables reverse lookups if configured with rlookups
2002-04-03 15:40:49 +00:00
Pierangelo Masarati
9bf3ccd0bf
allow attribute exclusion list in selective replica
2002-03-30 08:52:20 +00:00
Howard Chu
a1063a041d
Fix previous commit, lutil_passwd_scheme() returns boolean, not pointer.
2002-03-18 08:56:47 +00:00
Pierangelo Masarati
a1b65bcdfe
detect unavailable hash algorithms at startup
2002-03-09 11:02:32 +00:00
Julius Enarusai
08d0a48ac5
The following file fails compile when NEW_LOGGING is enabled.
2002-03-07 17:50:56 +00:00
Kurt Zeilenga
32fb8b0bff
Add ACL state recording to avoid multiple evaluation of
...
value-independent access controls.
2002-02-09 05:14:17 +00:00
Howard Chu
f50b75f0c2
Added replica attr=<attribute list> support to filter replog content
2002-02-08 06:44:33 +00:00
Howard Chu
c3c85b4062
Extended TLS_REQCERT/TLSVerifyClient syntax to 4 states: never,allow,try,
...
and hard/demand.
2002-01-27 02:56:18 +00:00
Pierangelo Masarati
cb8299d124
allow trailing '\' to continue a config line (ITS#1551)
2002-01-23 16:28:48 +00:00
Kurt Zeilenga
13af7fb073
Misc. cleanup, remove lint, remove unused deprecated functions, etc.
2002-01-15 07:29:15 +00:00
Kurt Zeilenga
504404725a
Flip some bits in the backend flags mask
2002-01-11 02:31:47 +00:00
Kurt Zeilenga
55501e886f
Rework backend (lastmod + glue + system schema) flags
2002-01-10 22:34:11 +00:00
Kurt Zeilenga
c80d93f2bb
Start of new operational attribute framework
2002-01-10 00:17:21 +00:00
Pierangelo Masarati
a744ca2be3
fix logs
2002-01-05 16:53:08 +00:00
Pierangelo Masarati
ca60d05dd1
fix malformed test
2002-01-05 15:44:08 +00:00
Kurt Zeilenga
0e2af54a3f
Update copyright statements
2002-01-04 21:17:25 +00:00
Howard Chu
f52cc9bab5
Change struct berval ** to BVarray
2002-01-02 11:00:36 +00:00
Howard Chu
975a5e9a24
Added dnPretty2/dnNormalize2 using preallocated destination berval
2001-12-29 04:48:00 +00:00
Howard Chu
0039cb2a37
More dnPrettyNormal
2001-12-28 07:58:54 +00:00
Kurt Zeilenga
b17572c7d3
cleanup
2001-12-27 23:01:09 +00:00
Kurt Zeilenga
ef7a99ff99
Additional struct berval DN changes...
2001-12-26 23:26:55 +00:00
Kurt Zeilenga
2dd27b0786
More struct berval DNs
2001-12-25 19:48:26 +00:00
Kurt Zeilenga
3336619c80
More "char *" to struct berval DN changes
2001-12-25 02:30:01 +00:00
Kurt Zeilenga
5ee89d6167
Use struct berval DNs for root DN and update DN
2001-12-25 00:05:26 +00:00
Kurt Zeilenga
0c28b66a75
use dnPretty instead of dn_pretty
2001-12-23 00:43:57 +00:00
Kurt Zeilenga
d23313a068
LDAPv2 disallow and other flag changes
...
Fix compile errors
2001-12-21 04:44:34 +00:00
Howard Chu
923cdcf3c5
fix from jon@symas.com - missing arguments to Debug/LDAP_LOG
2001-12-17 22:47:36 +00:00
Howard Chu
ff682be26e
Added acl_destroy, acl_free.
2001-12-15 12:41:53 +00:00
Howard Chu
826056e75b
More thorough backend_destroy. Added config_destroy. Destroy slap_listeners.
...
Plugged other small leaks.
2001-12-15 12:05:58 +00:00
Pierangelo Masarati
e754997da0
minor cleanup
2001-12-11 11:30:01 +00:00
Howard Chu
ef0b308bea
Changed backglue configuration. Added noSubordinates arg to select_backend
...
to deal with glued subordinates.
2001-12-10 12:09:40 +00:00
Pierangelo Masarati
95f1740aa6
improvements to monitor backend: added a log entry that lists the current log level and can be modified via protocol at runtime, to change the log level; minor improvements; fixed a problem in dealing with dn normalization
2001-12-10 09:50:06 +00:00
Howard Chu
fd7e23c188
Converted suffixAlias to struct bervals.
2001-12-09 14:57:42 +00:00
Howard Chu
55a217d9ae
Changed be_nsuffix from char ** to struct berval ** to eliminate strlen's
2001-12-08 05:15:58 +00:00
Pierangelo Masarati
379e0e9d50
another step towards schema aware normalization: ava sorting in rdns; now by defining USE_LDAP_DN_PARSING both the new dn parsing and the server side normalization is used. There might be, every now and then, a flaw mostly due to naive normalization of pseudo-dn (thinking about some acl/regex stuff and so)
2001-12-05 19:26:30 +00:00
Pierangelo Masarati
aee3600276
minor cleanup
2001-11-17 16:18:07 +00:00
Kurt Zeilenga
82fad7d0c8
First stable an implementing latest namedref specification.
...
Includes rewriting of URLs where the DN of the referral object
and the DN of the ref attribute attribute are not the same.
Also, always returns explicit DN and scope.
Currently, back-ldbm only. Needs to be ported to back-bdb.
2001-10-26 02:05:14 +00:00
Pierangelo Masarati
271c323281
Fixes ITS#1385
2001-10-25 15:15:34 +00:00
Kurt Zeilenga
23bf2fb086
Fix error messages
2001-10-24 05:27:49 +00:00
Kurt Zeilenga
fcd1ce0e28
Use defined Root DSE attributes.
...
Developed by Julius Enarusai/IBM
Copyright IBM Corp. 2001
Use of this source code is subject to the terms of The OpenLDAP
Public License Version 2.7, 7 September 2001. No trademarks of the
IBM Corporation are to be used to identify, endorse or promote any
products derived from this code without the prior written consent
of IBM.
2001-10-23 23:29:41 +00:00
Kurt Zeilenga
2af75ecc6a
Trim both \n and \r\n from config files.
2001-09-24 22:18:02 +00:00
Kurt Zeilenga
c0c9c47032
bump MAXARGS to 500
2001-09-21 00:48:47 +00:00
Kurt Zeilenga
d05e6af326
Clean up include logging
2001-09-17 22:38:52 +00:00
Kurt Zeilenga
a49392981a
There is no TLSProtocol option.
2001-08-31 16:48:30 +00:00
Pierangelo Masarati
b637967b95
fix malformed test
2001-08-04 16:46:03 +00:00
Pierangelo Masarati
6a5b253bc6
allow multiple limits setting on one global/per backend config line
2001-08-04 11:09:25 +00:00
Pierangelo Masarati
8471ef7ed0
add global, per backend and per op_ndn time/size soft, hard and to-be-checked limits (exploited by back-ldbm); see slapd.conf(5) for details
2001-08-01 10:09:04 +00:00
Pierangelo Masarati
4051547dfa
handle regex-based per op_ndn time/size limits
2001-07-28 11:24:22 +00:00
Pierangelo Masarati
589a5c7442
added extra check to suffix param of replica entry
2001-07-23 14:32:59 +00:00
Pierangelo Masarati
ece9bdb0eb
Added the suffix=<dn> parameter to replica config directive
...
to allow selective replication of subtrees of a single database.
Multiple occurrences allow the same replica to handle different
subtrees
2001-07-21 14:15:23 +00:00
Kurt Zeilenga
c46014e27e
Fix typo in disallow logging
2001-07-15 17:25:00 +00:00
Pierangelo Masarati
5fdba27288
This is the skeleton of back-monitor, the slapd monitoring backend.
...
The old monitoring stuff has been removed; the new backend is
enabled by using --enable-monitor at configure time and requires
database monitor
in slapd.conf to be activated. At present it implements a subset
of the old monitoring options, and it should be extendable to
a number of different subsystems. The search operation has been
implementd; it does not honor abandon or size/time limits, though.
The compare and the abandon operations are planned.
Copyright Pierangelo Masarati <ando@sys-net.it>; the code is provided
AS IS with NO GUARANTEE. It can be used and distributed under the
conditions stated by the OpenLDAP Public License.
2001-07-14 17:34:24 +00:00
Randy Kunkee
a9097044ea
Remove global_backendsyncfreq code (code has been pushed down into back-ldbm).
2001-06-28 18:02:46 +00:00
Randy Kunkee
d492880870
Add sync_daemon to daemon.c, enabled by global configuration
...
backendsyncfreq <seconds>. Setting this automatically enables
dbnosync (because the synchronizer takes care of it).
2001-06-22 08:38:58 +00:00
Kurt Zeilenga
8d4c20cd6d
Adding crypt(3) salt format (ITS#1202) from Jeff Costlow <j.costlow@f5.com>
...
with minor changes by committer
---
Copyright 2001, F5 Networks, Inc, All rights reserved.
This software is not subject to any license of F5 Networks.
This is free software; you can redistribute and use it
under the same terms as OpenLDAP itself.
2001-06-13 03:47:17 +00:00
Kurt Zeilenga
cc6fab319e
Add support for separate max incoming for anonymous and authenticated
...
sessions (defaults: 256K and 16M respectively).
2001-05-29 20:00:55 +00:00
Kurt Zeilenga
8360b4396f
Take rc out from #ifdef
2001-05-20 17:39:32 +00:00
Kurt Zeilenga
0aef7722e6
Add support for obsolete attributes.
...
We don't support collective attributes (yet).
Remove exit() calls from scheme parsers. Need to do same for acl parser.
2001-05-17 07:31:59 +00:00
Kurt Zeilenga
0445405299
if continuation line starts with a tab, rewrite it to a space
2001-05-12 18:43:06 +00:00
Kurt Zeilenga
4055077607
Add simple configure support for sockbuf max incoming
2001-05-05 07:29:21 +00:00
Kurt Zeilenga
3310663d02
RANDFILE directives
2001-05-02 19:46:01 +00:00
Stig Venaas
b92bceed2a
Now loading all UCDATA files
2001-01-26 14:33:09 +00:00
Stig Venaas
13e628bcf4
Load UCDATA composition data
2001-01-24 15:31:53 +00:00
Kurt Zeilenga
28d1dbd8ac
Add "sasl-external-x509dn-convert" configuration option aimed
...
at providing authid TLS/X.509 to LDAP DN mapping. Experimental.
2001-01-19 00:47:32 +00:00
Gary Williams
84658f8a11
add new logging
2001-01-17 21:12:54 +00:00
Gary Williams
d531a20f52
more new logging (finally), behind NEW_LOGGING
2001-01-11 17:11:23 +00:00
Stig Venaas
b44cc963c2
Improved ucdata loading error handling
2000-11-09 12:39:18 +00:00
Stig Venaas
87e58fb031
Changed ucdata loading, all is done in config.c. Tried to make ucdata load
...
when found in config file, or before first call to dn_normalize/dn_validate
2000-11-02 10:10:36 +00:00
Gary Williams
d65bf04894
add logfile directive to config (behind NEW_LOGGING)
2000-10-25 16:49:23 +00:00
Kurt Zeilenga
dbdba34972
First-cut at manageDSAit-aware backend selection.
2000-10-21 03:29:02 +00:00
Gary Williams
696de70df4
fix lutil_set_debug_level call
2000-10-20 14:46:33 +00:00
Gary Williams
aacd6e78f4
convert text level to int
2000-10-17 19:42:24 +00:00
Kurt Zeilenga
f7e9842160
Remove "defaultaccess" option. No longer needed as without
...
ACLs, the only sane and useful option is "read".
2000-10-13 04:45:24 +00:00
Howard Chu
004f4f3260
Fix TLSVerifyClient. Applied in wrong branch before.
2000-10-13 00:54:05 +00:00
Gary Williams
bbc0ac00b2
get new debug configuration
2000-10-12 20:11:49 +00:00
Kurt Zeilenga
1b635156ab
s/saslregex/sasl-regex/
...
Other minor updates
2000-10-06 21:16:36 +00:00
Kurt Zeilenga
2b82d4f486
remove lint
...
update bdb codes
2000-09-22 01:40:57 +00:00
Kurt Zeilenga
d78a515860
Fix build issues
2000-09-21 23:00:51 +00:00
Mark Adamson
bf1ee530ea
Implementation of SASL authorization.
2000-09-21 17:32:54 +00:00
Kurt Zeilenga
d6a56aaf25
Fix typo in last commit
2000-09-12 19:35:19 +00:00
Kurt Zeilenga
bd9de9d90d
Clean up defaultSearchBase code
2000-09-12 18:21:09 +00:00
Kurt Zeilenga
5852f7188b
Add 'defaultSearchBase' configuration directive to help support
...
brain-damaged LDAPv2 clients.
2000-09-11 21:57:14 +00:00
Kurt Zeilenga
3342ea3b49
Add more bind allow/disallow flags
2000-09-11 18:24:24 +00:00
Kurt Zeilenga
2e13824d0d
Add "allow tls_2_anon" to allow StartTLS to force session to anonymous.
...
Add "disallow tls_authc" to disallow StartTLS when session is authenticated.
Create and use connection2anonymous routine for consistency.
2000-09-08 22:59:01 +00:00
Kurt Zeilenga
d463b3cab1
Add missing "disallow bind_anon" directive (ITS#721)
2000-09-07 17:53:05 +00:00
Kurt Zeilenga
cee040a321
Bring UCdata infrastructure.
2000-09-03 23:48:35 +00:00
Randy Kunkee
58bb439d08
Raise MAXARGS to 200, since the schema syntax burns more.
2000-08-31 22:16:16 +00:00
Kurt Zeilenga
a60438c1ce
Add sasl-host option and treat sasl-realm as global only
...
(ie: not backend specific).
2000-08-30 01:44:39 +00:00
Kurt Zeilenga
4520cd4ec2
Align with man page
2000-08-28 19:19:47 +00:00
Kurt Zeilenga
bf3df2f7a6
restrictops, requires, disallow knobs; ssf acls; and misc other changes
...
man pages to follow...
2000-08-28 18:38:48 +00:00
Kurt Zeilenga
5b856458a2
s/SAFEMEMCPY/AC_MEMCPY/
...
Use AC_FMEMCPY where appropriate (-llber)
2000-07-28 01:07:07 +00:00
Randy Kunkee
46ca9103b6
Fix MAXARGS boundary condition problem: slapd crashed if number of tokens
...
parsed == MAXARGS (only applicable if you have really large objectclasses).
2000-07-19 01:40:05 +00:00
Kurt Zeilenga
5fc22599e2
Update SASL code to reuse context through life of session.
...
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Mark Valence
d4d03e36e5
Added "threads" config to slapd.conf.
2000-07-04 19:24:13 +00:00
Kurt Zeilenga
2c7f89b1b2
remove locale option. OpenLDAP is designed only for the "C" locale.
2000-06-20 16:55:23 +00:00
Kurt Zeilenga
ec426532b2
Reworked thread code to better support thread-library specific
...
r/w locks and thread pools. Hide internal structures (using
pthread'ish technics). Place common code in threads.c. Move
no-thread code to thr_stub.c. Move thread pool code to tpool.c.
Removed setconcurrency call from initializer, added 'concurrency'
directive to slapd. Tested code under pthreads, pth, and no-threads.
2000-06-13 02:42:13 +00:00
Kurt Zeilenga
693fb9424a
unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT
2000-06-06 19:43:18 +00:00
Kurt Zeilenga
7b14e1304a
Relocate schema_init() call to main()
...
Add schema_prep() call to main()
Similiar changes to slapcommon.c
Add schema_prep() impl to schema_init.c
Add slap_ad_entry and slap_ad_children globals.
Add "entry" and "children" to openldap.schema (this likely should
be added to schema via code, not configuration)
2000-05-15 20:04:36 +00:00
Kurt Zeilenga
4bc786f34b
Y2k copyright update
2000-05-13 02:47:56 +00:00
Kurt Zeilenga
0dbaf87730
Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT
...
plus these changes unhidden changes:
remove now meaning --enable-discreteaci configure option
fix ITS#451, slapd filters
Add ber_bvecadd() to support above
constify ldap_pvt_find_wildcard() and misc slapd routines
renamed some slap.h macros
likely broken something
2000-02-14 20:57:34 +00:00
Kurt Zeilenga
3a6e906194
Replace -DSLAPD_SCHEMA_COMPAT with -USLAPD_SCHEMA_NOT_COMPAT
2000-01-31 22:14:16 +00:00
Kurt Zeilenga
c5da0c76ce
Additional changes to migrate to new schema codes
...
Still not usable.
2000-01-28 20:01:00 +00:00
Kurt Zeilenga
5e12c84a6f
Add simple password test program.
...
Rework lutil_passwd routines to use struct berval instead of strings.
1999-12-09 01:11:16 +00:00
Kurt Zeilenga
d5edb4bff6
Reengineered ldappasswd(1). Uses extended operation to set
...
user password. Likely to be modified to use bind control
instead. Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Mark Valence
249313f75a
Removed previous changes for extensions -- extensions now use moduleload.
1999-11-09 21:18:37 +00:00
Mark Valence
c8aa051571
Load extension library on "extension" keyword in configs (actual load routine is in extended.c). Protected by #ifdef SLAPD_EXTERNAL_EXTENSIONS.
1999-11-09 03:37:05 +00:00
Kurt Zeilenga
f6829ee903
Initial commit of new ACL engine. Engine supports descrete access
...
privs, additive/substractive rules, and rule continuation. Existing
rules that use 'defaultaccess none' should be 100% compatible. Rules
that rely other defaultaccess settings will require addition of
explicit clauses granting the access.
Needs additional testing and tuning of logs
1999-10-21 17:53:56 +00:00
Kurt Zeilenga
859dbe1398
Change the defaultaccess to 'auth'
...
Set defaultaccess to 'read' in distribution slapd.conf and add warnings
Set schemacheck to 'on' in distribution slapd.conf and add warnings
1999-10-15 20:34:42 +00:00
Kurt Zeilenga
7e53b5bdeb
Change 'attribute' directive to 'attributetype'
...
(and allowing 'attribute' for backwards compatibility).
manuals and *.schema to be updated as time permits.
1999-10-13 20:28:00 +00:00
Kurt Zeilenga
7a0b0b2bbf
In preparation for adding dn_rewrite()...
...
s/dn_normalize/dn_validate/
s/dn_normalize_case/dn_normalize/
1999-09-24 01:46:37 +00:00
Kurt Zeilenga
fc10815fc8
config should return error if backend or database initialization fail.
1999-09-13 18:47:05 +00:00
Kurt Zeilenga
403f4479bc
Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
...
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Hallvard Furuseth
1cde481298
Move `#include "ldap_defaults.h"' into slap.h, which #ifdefs on it.
1999-09-03 23:10:05 +00:00
Hallvard Furuseth
76a94de251
Fix: obey be->be_readonly. Also add & obey global_readonly.
1999-09-02 10:39:51 +00:00
Kurt Zeilenga
bc1186bfb1
Fix "database fubar" crash
1999-08-26 19:09:40 +00:00
Kurt Zeilenga
5c63fd55b5
Implement ldap_dn_normalize and friends. Should be used by clients
...
to validate input dn's BEFORE sending dn's to server.
Also fixed getfilter to use REG_EXTENDED|REG_NOSUB. (and fixed one
case where REG_BASIC was still used).
s/strdup/LDAP_STRDUP/
Added ldap_pvt_str2lower/upper
1999-08-25 06:44:08 +00:00
Kurt Zeilenga
2a74677799
const'fication
1999-08-20 19:00:44 +00:00
Howard Chu
75c9a1e222
Add OIDmacros for attribute & objectclass numericOIDs. Allow parsing
...
attribute syntaxes using syntax description in addition to syntax OID.
Removed all whitespace from syntax descriptions.
1999-08-19 22:09:33 +00:00
Howard Chu
22ad6bd6d4
Add "modulepath" config statement for setting the search path for locating
...
loadable modules. Gratuitously renamed "loadmodule" to "moduleload".
"modulepath" takes a single argument, a colon-separated list of absolute
pathnames.
1999-08-17 01:30:09 +00:00
Howard Chu
0743e963ca
Modified to use libtool's ltdl instead of gmodule
1999-08-07 07:58:11 +00:00
Kurt Zeilenga
9c3ed0310b
Add copyright notices.
1999-08-06 23:07:46 +00:00
Kurt Zeilenga
10591cb47d
Update default access usage comment.
1999-08-03 21:35:53 +00:00
Kurt Zeilenga
df8f7cbb9b
s/exit(1)/exit(EXIT_FAILURE)/
...
s/exit(0)/exit(EXIT_SUCCESS)/
add <ac/stdlib.h> where needed and other minor header adjustments
1999-08-03 18:14:24 +00:00
Kurt Zeilenga
5456f4ed18
Default lastmod to ON.
1999-07-27 20:05:37 +00:00
Kurt Zeilenga
c12547cf3b
Resurrect suffix aliasing...
1999-07-27 18:43:30 +00:00
Kurt Zeilenga
68d561a97b
Add limited LDAP_INVALID_DN_SYNTAX support. dn_normalize{,_case}() now returns
...
NULL does not meet basic syntax rules.
1999-07-22 17:14:42 +00:00
Kurt Zeilenga
a11630f9b8
Fix maxDeref directive
1999-07-22 00:49:25 +00:00
Kurt Zeilenga
933908f72f
ACL CHANGES:
...
by <who> <access> changed to by <who>+ <access> (joined with AND)
added peername=<regex> sockname=<regex> url=<regex>
removed addr=<regex> (use peername instead).
replace dn_upcase with str2upper and str2lower. Use where needed.
1999-07-21 20:54:23 +00:00
Julio Sánchez Fernández
288a28a762
Add support for TLSVerifyClient.
1999-07-20 18:05:50 +00:00
Kurt Zeilenga
170836751a
Namespace changes
...
added slap_ and ldbm_ to many structures
added typedefs to many structures
used typedefs
New main.c argument parsing with ldap url support (replacing -a address).
New sockaddr_in handling and support for multiple listeners.
1999-07-19 19:40:33 +00:00
Julio Sánchez Fernández
fd8b582aa9
We should stop using SSL to refer to TLS. This is a first step.
1999-07-16 10:28:51 +00:00
Kurt Zeilenga
73276e84ae
Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS.
...
Includes support for update referral for each replicated backend.
Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world. Still testing in LDAPv3 world.
Added default referral (test009) test.
1999-07-16 02:45:46 +00:00
Julio Sánchez Fernández
fd49eacc4b
Parse more TLS options in slapd.conf
1999-07-15 21:05:08 +00:00
Julio Sánchez Fernández
d92c7c1c7d
A couple of options for TLS configuration. Still a conflict here,
...
the default context is initialized before the config file is read,
so the locations are not know at context initialization.
1999-07-15 15:04:02 +00:00
Kurt Zeilenga
549c89f817
Regarding previous commit:
...
Fix broken ACL macros.
Fix o_dn/o_ndn == NULL vs "".
1999-07-04 19:53:00 +00:00
Kurt Zeilenga
106eef41d8
HEADS UP: connections are forced to "anonymous" status upon receiving
...
of a bind request and, upon failure, are left "anonymous."
Rework ACL code to hide access testing within macros to facilate additions
and eventual redesign.
Addition of #ifdef SLAPD_ACLAUTH to conditional include EXPERIMENTAL
"auth" access controls. Adds ACL_AUTH "auth" access level (above none,
below "compare"). bind requires anonymous access at this level or above access
to "entry"/"userPassword"/"krbName". This allows administrators to restrict
which entries can be bound to. (This will likely become default behavior
after testing has completed).
1999-07-04 18:46:24 +00:00
Kurt Zeilenga
b7bbc7504d
More bind changes to support SASL/DIGEST.
...
Added configuration support for "digest-realm <realm>" configure directive.
Added connection state and bind_in_progress fields to cn=monitor connection
attribute.
1999-07-02 19:48:07 +00:00
Bastiaan Bakker
5a470f8959
Merged dynamic module support patch (see ITS #196 ). To enable, run ./configure w
...
ith --enable-modules. GLib v1.2 or higher is required.
1999-06-24 17:06:34 +00:00
Kurt Zeilenga
7e4b3bc2e7
initial commit of idletimeout code... everything but the actual timeout.
1999-06-18 22:54:19 +00:00
Kurt Zeilenga
21e081dc5b
Separate autoconf generated values from "defaults".
...
ldap_defaults.h incorporates non-generated ldapconfig.h values.
ldap_config.h.in is new template for autoconf generated defaults
(namely directories and paths)
ldap_config.h.nt, NT template (must be manually copied)
s/<ldapconfig.h>/<ldap_defaults.h>/
s/DIRSEP/LDAP_DIRSEP/ & s/DEFAULT_/LDAP_/
1999-06-17 03:54:25 +00:00
Julio Sánchez Fernández
803d6d1204
Moved call of schema_init from main to read_config.
1999-06-15 12:26:07 +00:00
Julio Sánchez Fernández
ae481022f9
Oops, fp_parse_line tokenizes in place, so we need to take a copy of
...
input before letting fp_parse_line ruin it.
1999-05-30 00:07:40 +00:00
Julio Sánchez Fernández
7f357399cf
First step in new schema support.
1999-05-28 14:27:07 +00:00
Howard Chu
31a0c4a917
For ITS#158: keep mixed-case backend suffix in addition to upcased suffix.
1999-05-25 21:40:40 +00:00
Kurt Zeilenga
01b967244d
Make 'schemacheck on' the default.
1999-04-29 18:10:40 +00:00
Hallvard Furuseth
2b32e6afd7
Plug memory leaks
1999-04-04 21:34:33 +00:00
Hallvard Furuseth
815a62930c
UNDO LAST COMMIT.
1999-04-02 03:45:33 +00:00
Hallvard Furuseth
45118be88e
Fix wait4child change: Prefer wait3 over wait. Use SIGNAL instead of signal.
1999-04-02 03:23:20 +00:00
Hallvard Furuseth
3250aef49c
function pointers are incompatible with `void *'; remove NULL or replace with 0
1999-03-03 18:49:59 +00:00
Hallvard Furuseth
1d8ae81a06
Fix previous change to strtok_quote
1999-02-23 15:48:47 +00:00
Hallvard Furuseth
6b40ed4882
Make strtok_quote treat the character following \ as a normal character.
1999-02-23 15:40:18 +00:00
Hallvard Furuseth
79f7c85067
Add locale support (slapd.conf keyword "locale") to slapd if HAVE_LOCALE_H
1999-02-22 21:01:24 +00:00
Hallvard Furuseth
73db912500
Cast char' arguments to ctype.h functions to
unsigned char'.
...
These functions require their arguments to be in the range of `unsigned char'.
1999-02-22 17:57:22 +00:00
Hallvard Furuseth
1fda8f9382
read_config() did not return a value
1999-02-20 08:18:07 +00:00
Kurt Zeilenga
216049bd12
New Frontend->Backend Interface
...
Separates per backend type from per backend database initialization
and startup. Also supports per type / per backend shutdown.
New frontend startup/shutdown routines are also provided:
slap_init() slap_startup() slap_shutdown() slap_destroy()
New frontend->backend startup/shutdown is managed by:
backend_init() backend_startup() backend_shutdown backend_destroy
backend_init() now calls bi_init() to initial all function pointers
for the backend (excepting bi_init() which is now the only hardcoded
entry point). New entry points are detailed in slap.h struct
backend_info. backend_info is a per database type structure.
Besides the new startup/shutdown entry points, the new interface
also supports per backend type configuration options. One could have:
backend bdb2 (new Berkeley DB 2 backend)
bdb2_home /directory
database bdb2
...
*** This code is fairly experimental ***
*** Much cleanup and testing is still needed ***
see slap.h for details on struct backend_db and backend_info.
1999-02-05 09:03:47 +00:00
Kurt Zeilenga
d27b2f811e
Backout recent initialization/startup changes in prep for new
...
frontend->backend interface.
1999-02-04 17:33:46 +00:00
Kurt Spanier
314f3f6ed7
Introduction of a backend startup/shutdown function to make backend-specific
...
initialization after reading slapd.conf, and before starting the daemon
1999-02-01 17:37:43 +00:00
Kurt Zeilenga
163077ec93
Don't leak slap_op when op not in list.
...
Don't leak abandon mutex.
Use ch_malloc and friends.
1999-01-29 05:46:12 +00:00
Will Ballantyne
07f566e712
fix suffix alias compare in config.c, logic was reversed. The suffix alias
...
is now ignored if it is the same as the real suffix.
1999-01-27 04:58:02 +00:00
Kurt Spanier
68a8798594
Definition of slapd pid and args files as slapd.conf general parameters;
...
introduction of pid/agrs parameters to the test-suite slapd.conf files;
creation of sub-directory test/var for storage of pid/args files during test;
update of the slapd and slapd.conf man pages.
(The change reduces dependency on ldapconfig.h, since SLAPD_PIDEXT
and SLAPD_ARGSEXT are deleted from the code.)
1999-01-21 15:53:54 +00:00
Kurt Zeilenga
19a17982c6
suffixes need to be stored in normalized uppercase format
1999-01-20 05:43:33 +00:00
Kurt Zeilenga
3efaabe560
Don't allow suffixAliases were alias and aliased dn our the same.
1999-01-19 18:39:20 +00:00
Kurt Zeilenga
e2a15115b0
Update slap_conn to maintain client provided dn and bound dn.
...
Update slap_op to maintain dn and ndn (derived from conn->c_dn).
Update ldbm_back_bind to return actual bound dn (including rootdn)
for use in slapd_conn. Other backends use client dn.
Modify other codes to use ndn (normalized uppercase dn) most everywhere.
Aliasing, Suffixing and modrdn could use more work.
Applied suffixing to compare and modrdn.
1999-01-19 05:10:50 +00:00
Kurt Zeilenga
2805b25682
Store rootdn in normalized uppercase format.
1999-01-18 19:47:12 +00:00
Hallvard Furuseth
c3a692787c
Change overlapping strcpy( x, y )' to
SAFEMEMCPY( x, y, strlen( y ) + 1 )'
1998-12-27 02:00:08 +00:00
Kurt Zeilenga
e2ee741ea8
Replace strdup() with ch_strdup() such that exit() will be called
...
if strdup fails. This is better than not checking, but we should
add orderly shutdown.
1998-11-27 20:21:54 +00:00
Hallvard Furuseth
7e6ad5100c
Protoized, moved extern definitions to .h files, fixed related bugs.
...
Most function and variable definitions are now preceded by its extern
definition, for error checking. Retyped a number of functions, usually
to return void. Fixed a number of printf format errors.
API changes (in ldap/include):
Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.
A number of `extern' declarations are left (some added by protoize), to
be cleaned away later. Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
1998-11-15 22:40:11 +00:00
Kurt Zeilenga
2a869f5a99
merged with autoconf branch
1998-10-25 01:41:42 +00:00
Kurt Zeilenga
bf6c1e0ad2
Added Will Ballantyne's General Aliasing code.
...
Not quite sure if the entry lock handling is correct yet.
1998-10-24 02:42:38 +00:00
Kurt Zeilenga
42e0d83cb3
Initial revision
1998-08-09 00:43:13 +00:00