mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
22,868 Commits 38 Branches 307 Tags 74 MiB
799607231d
Commit Graph

12139 Commits

Author SHA1 Message Date
Howard Chu
299a6ca0f4 ITS#8971 tweak prev commit 
Check for BVISNULL, maybe rootDSE is a valid reqDN
 2019-02-02 22:48:53 +00:00
Howard Chu
f052e94593 ITS#8971 most exops have no reqDN 2019-02-02 21:45:04 +00:00
Howard Chu
765dfaf0e4 ITS#8963 use BIND timeout for start_tls 
Since we only support it in conjunction with Bind anyway, not
as a standalone op
 2019-01-31 23:37:03 +00:00
Howard Chu
86b486e20a Schema cleanup 2019-01-30 14:06:09 +00:00
Howard Chu
e8c62bf8b4 ITS#8966 add changelog support to syncrepl consumer 
Tested against DSEE7. The DSEE binaries must be in your path to run the test script.
 2019-01-29 18:51:43 -08:00
Howard Chu
7b587018ec ITS#8472 only do index cleanup if DB is running 2019-01-25 18:11:58 +00:00
Howard Chu
e33d1c5461 ITS#6300 fix kqueue initialization 2019-01-15 21:39:46 +00:00
Quanah Gibson-Mount
b45a6a7dc7 Happy New Year! 2019-01-14 18:46:16 +00:00
Ondřej Kuzník
518e857c03 ITS#8663 Fix memberof SLAP_CONFIG_EMIT 2019-01-14 11:44:35 +00:00
Howard Chu
054c91335b ITS#8952 use msec for epoll / devpoll event wait 2019-01-02 21:51:48 +00:00
Howard Chu
dd760f2abc More for NULL modrdn modlist 2018-12-22 12:58:08 -08:00
Howard Chu
43d5d99494 More for NULL modrdn modlist 2018-12-22 10:40:59 -08:00
Howard Chu
ff6a671e64 MSAD dirsync fixes 
Don't hijack whenCreated attribute for createTimestamp
Don't add RDN to entry on modrdn
free cookie on cleanup
 2018-12-22 09:08:10 -08:00
Howard Chu
48461cbf7f Allow NULL modlist in modrdn 
For compat with MSAD which doesn't add the naming attribute to
the entry during a rename
 2018-12-22 09:00:34 -08:00
Howard Chu
6e6e6083b0 cleanup attr.c 
rename attr_list to attrs_list to avoid confusion with at.c in gdb
 2018-12-22 08:59:20 -08:00
Howard Chu
b4364baca7 Dirsync delete/modrdn fixes 
Delete could try to queue a NULL syncCSN (dirsync has none)
Modrdn could try to delete a nonexistent oldRDN (leftover from #7144)
 2018-12-22 05:21:56 -08:00
Thorsten Glaser
e0a7049ee5 ITS#8890 fix benign typos 
No functional impact
 2018-12-18 22:56:18 +00:00
Howard Chu
d8f8a60be8 More for privateKey tweak 
Leave olcTLSCertificateKey as its own attr, not a subtype
 2018-12-18 21:59:59 +00:00
Howard Chu
0e8c2d5a54 Tweak privateKey schema 
We're using PKCS#8 syntax, drop the OpenLDAP syntax OID.
Rename attribute accordingly.
Tweak validator to accept encrypted keys.
 2018-12-18 21:27:24 +00:00
Quanah Gibson-Mount
4e23cfc4a9 ITS#8286 - Additional fixes 
Fix incorrect matching rules for olcTLSCertificateKey and olcDbCryptKey
Fix SYNTAX for olcRootPW to be octetString
 2018-12-18 21:05:09 +00:00
Quanah Gibson-Mount
71a5d7cc0f Fix integerMatch to booleanMatch 2018-12-18 19:26:37 +00:00
Quanah Gibson-Mount
3add82a3bb ITS#8286 -- Add matching rules for attributes 
Add matching rules for all cases where it was missing.  Cleanup
incorrect types for a few attributes as well.  Fix network-timeout
handling in back-ldap/meta/asyncmeta.
 2018-12-18 19:14:06 +00:00
Ondřej Kuzník
c29542c418 ITS#8845 sc_extendedops is read-only 2018-12-18 18:34:23 +01:00
Howard Chu
190fccbcdc Missed a schema conflict 2018-12-17 16:21:03 -08:00
Howard Chu
9cc97ea9e1 MS AD DirSync support 
Requires "attribute_option range=" in config.
No test script provided yet, since testing requires an actual AD server.
 2018-12-17 16:11:25 -08:00
Howard Chu
2731ff0c23 ITS#5927 additional fix 
Fix 2ee43073e9 to recognize range tags
 2018-12-17 13:44:25 -08:00
Howard Chu
12dbcc0eb3 More for revert batched writes 2018-12-14 12:39:07 -08:00
Howard Chu
79ced664b8 Revert batched writes experimental code 
Reverts
bea2c5d438
535cf92ff4
5a3a54333c
afa9a9c3e0
due to backend deadlocks
 2018-12-13 06:34:54 -08:00
Howard Chu
6081a0307c ITS#8752 cleanup prev commit 2018-12-06 10:26:33 -08:00
Howard Chu
34823321c3 ITS#8752 more for accesslog deadlock 
Restructure response/cleanup invocation to avoid cleanup happening before response
 2018-12-06 10:03:27 -08:00
Howard Chu
a4fddc7b11 ITS#8932 check rdnNormalize success 2018-11-09 21:16:10 +00:00
Ondřej Kuzník
04a52cef40 ITS#8927 ppolicy: accept replicated changes even in MMR 2018-10-31 09:51:22 +00:00
Ondřej Kuzník
c351616ccd ITS#8866 Fix use-after free 2018-10-26 15:16:41 +01:00
Quanah Gibson-Mount
cd82de56c8 ITS#8866 (cont) slapo-unique 
use correct memory allocation/free functions
 2018-10-26 01:58:35 +00:00
Michael Ströder
7359a5413a ITS#8866 slapo-unique to return filter used in diagnostic message 2018-10-26 01:54:39 +00:00
Ondřej Kuzník
a2d93d69f0 ITS#8772 Remove reliance on the local rmutex implementation 2018-10-19 13:08:10 +01:00
Nadezhda Ivanova
33876e22d6 ITS#8859 Allow backends which do not need a database to work 2018-10-19 13:08:09 +01:00
Nadezhda Ivanova
d10fc664f7 ITS#8859 Enable backend configuration 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
1f2caff7b9 ITS#8859 Record the correct RDN 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
7127d5db11 ITS#8850 Wait until backends are closed before freeing connection_pool 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
f4e824c8da ITS#8849 Introduce (un)pause callbacks to backends 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
0f4d656a57 ITS#8849 Use server pause facility during config changes 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
fa2ba35ae8 ITS#8849 Introduce slap_(un)pause_server 2018-10-19 13:08:09 +01:00
Ondřej Kuzník
df83989f0f Skip ITS#6545 transition markers when we change mod op 2018-10-18 10:41:43 +01:00
Howard Chu
1e30640037 ITS#8923 fix dyngroup NO_SUCH_OBJECT error handling 2018-10-03 21:58:32 +01:00
Howard Chu
38f95b9ab8 ITS#8918 fix typo 2018-09-24 13:47:09 +01:00
Howard Chu
78229b3a5b ITS#8912 omit hidden DBs from rootDse 2018-09-05 11:42:05 +01:00
Howard Chu
a29391d495 More for multival 
fix index record detection
 2018-09-01 13:07:58 +01:00
Howard Chu
ba80b97505 Fix index delete 
Deleting all indices should also reset default mask
 2018-08-31 14:33:22 +01:00
Howard Chu
83acffd83c More for multival 
Fix clashes with index records
 2018-08-31 14:27:23 +01:00
Howard Chu
8ec9a3bcca More for multival 
Tweak config validity check
 2018-08-30 15:47:16 +01:00
Howard Chu
111329a2dc More for back-mdb multival 
Allow configuring thresholds for specific attributes
 2018-08-30 11:24:25 +01:00
Howard Chu
6c221e7730 ITS#8909 additional tweak 
Set error code on failure
 2018-08-29 02:02:13 +01:00
Howard Chu
36e4dd2828 ITS#8909 fix "authz-policy all" condition 
Broken since original commit 113727ba
 2018-08-29 01:14:19 +01:00
Ondřej Kuzník
0f320b3442 Fail if we can't change to a directory 2018-07-25 16:19:54 +01:00
Howard Chu
776de6d796 More for back-mdb multival 
Make sure a->a_numvals matches id2v counts
 2018-07-18 17:58:10 +01:00
Ondřej Kuzník
b06f5b0493 ITS#8663 Improve memberof cn=config handling 2018-07-02 16:19:54 +01:00
Ondřej Kuzník
dac02c7ef1 ITS#8667 Do not finish glue initialisation in tool mode unless requested 2018-07-02 16:19:48 +01:00
Ondřej Kuzník
242ab9c6ef ITS#8845 Recognise control-exop compatibility 2018-07-02 16:18:26 +01:00
Howard Chu
8568716376 ITS#8868 don't convert IDL to range needlessly 
in idl_intersection. It may lose precision in a subsequent union.
 2018-06-22 00:31:04 +01:00
Ondřej Kuzník
8a259e3df1 ITS#8573 allow all libldap options in tools -o option 2018-06-14 16:19:10 +01:00
Howard Chu
5292fb3a3b Fix ldif-wrap errmsg typo 2018-06-13 16:19:04 +01:00
Howard Chu
9069cbe543 ITS#8616 don't check for existing value when deleting values 2018-05-24 17:53:10 +01:00
Ondřej Kuzník
77e87690c0 Make syntax highlighting/folding happier 2018-05-10 11:58:21 +01:00
Howard Chu
0ba50a1d06 ITS#8843 check for NULL modlist 2018-05-02 16:51:49 +01:00
Quanah Gibson-Mount
f32384ef44 ITS#8840 Fix domainScope control to ensure the control value is absent as per Microsoft specification (https://msdn.microsoft.com/en-us/library/aa366979%28v=vs.85%29.aspx). 2018-04-30 17:33:22 +00:00
Quanah Gibson-Mount
59e9ff6243 Happy New Year 2018-03-22 15:35:24 +00:00
Howard Chu
8300eee017 back-mdb Multival fixes 
Fix multival logic on Replace
Fix return codes from modify_internal, id2entry_put
 2018-02-28 22:37:38 +00:00
Howard Chu
08851a8200 ITS#8789 revert previous patch 
And try another approach. Always write contextCSN updates, but
don't set dont_replicate for updates we want propagated.
 2018-02-28 22:19:57 +00:00
Howard Chu
e0cc94a0b7 ITS#8789 avoid unnecessary writes of context entry 
If syncprov is present, only write contextCSN attribute on
actual state changes, not on per-entry modifications.
Continue to update in-memory cookieState. Saves overhead,
syncprov will eventually checkpoint it into the DB anyway.
 2018-02-21 19:51:59 +00:00
Howard Chu
434c306cbe Add debug msg if adding entry to logDB fails 2018-02-21 19:50:45 +00:00
Howard Chu
9fc6b894ec ITS#8752 accesslog: partially revert 3bb8b737ed 2018-02-21 19:48:02 +00:00
Howard Chu
dc3b3be429 ITS#8486 Don't keep sl_mutex locked when playing the sessionlog 2018-02-11 16:47:47 +00:00
Howard Chu
0c1ebd178c ITS#8801 Fix CSN queue processing 2018-02-08 00:18:00 +00:00
Howard Chu
4d1077ffa4 ITS#8800 remove originator check in syncprov_search_response 
Let the entryCSN check do all the work. Reloading a server from an old
backup needs this to go thru.
 2018-02-08 00:17:07 +00:00
Howard Chu
0eb577632f ITS#8607 Don't record checkpoints 2018-02-08 00:16:50 +00:00
Howard Chu
ca7f697e14 ITS#8100 fixes for delta-syncrepl with empty accesslog 
Update syncprov contextCSNs when context entry is added.
Fix accesslog to properly tag Add op when adding context entry.
 2018-01-30 21:40:05 +00:00
Ondřej Kuzník
52f7daab01 ITS#8796 Fix SSF reset 
Maintain the SSF across SASL binds.
 2018-01-15 16:58:58 +00:00
Hallvard Furuseth
57253688b3 ITS#8778 Fix telephoneNumberNormalize("-" or " ") 2017-11-26 21:22:23 +01:00
Quanah Gibson-Mount
c5b73dd85b ITS#6300 -- Update for multi-listener support 2017-10-19 14:55:01 -07:00
Bryan Duncan
a25046535c ITS #6300: Added support for using kqueue in slapd (for systems that support kqueue(2). 
Patch obtained from:
        http://public.me.com/bryan.duncan/bryan-duncan.kqueue.090922.patch

 # This patch file is derived from OpenLDAP Software. All of the
 # modifications to OpenLDAP Software represented in the following
 # patch(es) were developed by Apple.  I, Bryan Duncan, am authorized by
 # Apple, my employer, to release this work under the following terms.
 #
 # Copyright 2009 Apple Inc. All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted only as authorized by the OpenLDAP
 # Public License.
 #
 # A copy of this license is available in file LICENSE in the
 # top-level directory of the distribution or, alternatively, at
 # http://www.OpenLDAP.org/license.html.
 #
 2017-10-19 14:54:50 -07:00
Howard Chu
3bb8b737ed ITS#8752 accesslog: cleanup should only be called on failures 2017-10-14 11:22:53 +01:00
Howard Chu
03ee55d725 Revert "ITS#8752 ppolicy: don't call same cleanup twice" 
This reverts commit 1c963f4739.

Revert "ITS#8752 make sure all cleanups are called in overlay_op_walk"

This reverts commit b0ad788b8a.
 2017-10-13 18:47:25 +01:00
Howard Chu
1c963f4739 ITS#8752 ppolicy: don't call same cleanup twice 
fallout from b0ad788b8a
 2017-10-13 17:39:37 +01:00
Howard Chu
0d7489b908 ITS#8752 fix syncrepl deadlock from updateCookie 
Must release cookieState->cs_mutex before invoking backend.
Add a condvar to serialize calls of updateCookie, so we can
release the mutex and still update sequentially.

Also added tid logging, useful in conjunction with
7ab0e1aff0cc48cdfb299ca7dbd27900a9e3d1a8
 2017-10-13 17:28:57 +01:00
Howard Chu
4a574324fd ITS#8752 additional debug info, thread ID of rmutex lockers 2017-10-13 17:28:46 +01:00
Howard Chu
b0ad788b8a ITS#8752 make sure all cleanups are called in overlay_op_walk 2017-10-13 17:28:38 +01:00
Howard Chu
065b315f0d fix syncprov_qtask race, test062 crashes 
Keep s_mutex locked until we know we're removed from queue.
Remember qtask cookie so we can retract if ineeded when deleting
the overlay from running slapd.

config_delete is still unsafe, overlay_remove is running with active
threadpool instead of paused pool.
 2017-10-13 17:28:28 +01:00
Josh Soref
10566c8be3 ITS#8605 - spelling fixes 
* javascript
* kernel
* ldap
* length
* macros
* maintained
* manager
* matching
* maximum
* mechanism
* memory
* method
* mimic
* minimum
* modifiable
* modifiers
* modifying
* multiple
* necessary
* normalized
* objectclass
* occurrence
* occurring
* offered
* operation
* original
* overridden
* parameter
* permanent
* preemptively
* printable
* protocol
* provider
* really
* redistribution
* referenced
* refresh
* regardless
* registered
* request
* reserved
* resource
* response
* sanity
* separated
* setconcurrency
* should
* specially
* specifies
* structure
* structures
* subordinates
* substitution
* succeed
* successful
* successfully
* sudoers
* sufficient
* superiors
* supported
* synchronization
* terminated
* they're
* through
* traffic
* transparent
* unsigned
* unsupported
* version
* absence
* achieves
* adamson
* additional
* address
* against
* appropriate
* architecture
* associated
* async
* attribute
* authentication
* authorized
* auxiliary
* available
* begin
* beginning
* buffered
* canonical
* certificate
* charray
* check
* class
* compatibility
* compilation
* component
* configurable
* configuration
* configure
* conjunction
* constraints
* constructor
* contained
* containing
* continued
* control
* convenience
* correspond
* credentials
* cyrillic
* database
* definitions
* deloldrdn
* dereferencing
* destroy
* distinguish
* documentation
* emmanuel
* enabled
* entry
* enumerated
* everything
* exhaustive
* existence
* existing
* explicitly
* extract
* fallthru
* fashion
* february
* finally
* function
* generically
* groupname
* happened
* implementation
* including
* initialization
* initializes
* insensitive
* instantiated
* instantiation
* integral
* internal
* iterate
 2017-10-11 14:39:38 -07:00
Quanah Gibson-Mount
fd5ad3ef39 ITS#8527 - Add additional debug logging on consumer/provider state when the consumer has a newer cookie than the provider 2017-10-11 14:32:25 -07:00
Ondřej Kuzník
3258bf40eb ITS#8291 Reopen cursor after delete 2017-10-11 14:32:08 -07:00
Emmanuel Lécharny
77408ac781 ITS#8153 - olcTimeLimit should be Single Value 2017-10-11 14:31:51 -07:00
Ivan Nejgebauer
cb9a4d01bc ITS#8037 - Add support for relax control to delta-syncrepl 2017-10-11 14:31:45 -07:00
Michael Ströder
636b63b5fd ITS#8692 let back-sock generate increment: line in case of LDAP_MOD_INCREMENT (see RFC 4525, section 3) 2017-10-11 13:04:38 -07:00
sca+openldap@andreasschulze.de
90835da72f ITS#8578 - remove unused-variables in RE24 testing call (2.4.45) 2017-10-06 10:45:08 -07:00
Nadezhda Ivanova
da170cbe3b ITS#8404 Fix an assertion failure during modify of olcDbRewrite in back-meta 2017-10-06 10:44:54 -07:00
Ted C. Cheng
e20ac6b539 ITS#7520 - back-ldap omit-unknown-schema changes 2017-10-06 10:44:31 -07:00
Ondřej Kuzník
08492987a0 ITS#7100 Update entryTtl behaviour to match RFC 2589 2017-10-06 10:43:48 -07:00
Howard Chu
70e54d2527 ITS#8752 fix syncrepl null_callback 
Make sure it's last in callback stack
 2017-10-05 22:13:39 +01:00
Quanah Gibson-Mount
0d4cd89786 LDAP_FEATURE_SUBORDINATE_SCOPE is from expired draft-sermersheim-ldap-subordinate-scope, leave behind LDAP_DEVEL 2017-09-26 11:51:27 -07:00
Quanah Gibson-Mount
30e2a904dc Move a bunch of featuers back behind LDAP_DEVEL for 2.5 
SLAP_AUXPROP_DONTUSECOPY is ok for release
 2017-09-26 11:35:50 -07:00
Quanah Gibson-Mount
86105092bd CHECK_CSN is a debug only flag for testing. It should always remain 
behind LDAP_DEVEL
 2017-09-26 11:30:50 -07:00
Quanah Gibson-Mount
a9ff0e97fc ITS#6817 - back-meta work for SLAP_AUTH_DN was never finished according 
to the ITS notes.  In addition, this would need man page updates for the
feature
 2017-09-26 11:27:15 -07:00
Quanah Gibson-Mount
41a9010773 The support for unindexed attributes being tracked in back-monitor needs 
to remain behind LDAP_DEVEL for now.  Right now, the mutex in
back-monitor cannot properly handle the load if the server had a lot
of unindexed attributes that were being accessed in search filters.
 2017-09-26 11:04:45 -07:00
Quanah Gibson-Mount
7246da8a66 Whitespace cleanup 2017-09-26 10:33:01 -07:00
Quanah Gibson-Mount
04cfd144d9 Fix additional compile for /dev/poll support. /dev/poll is neither tested nor supported. 2017-09-22 12:05:18 -07:00
Quanah Gibson-Mount
2085def079 Merge branch 'master' of ssh://git-master.openldap.org/~git/git/openldap 2017-09-19 15:21:56 -07:00
Quanah Gibson-Mount
09bec057e5 Fix calls to SLAP_DEVPOLL_SOCK_LX for multi-listener support. Support 
for /dev/poll is neither enabled nor tested, so other issues may exist.
 2017-09-19 15:20:56 -07:00
Howard Chu
20e46d8494 ITS#8725 fix 75999a18c3 
Not needed since callback uses tmpalloc
 2017-09-08 21:36:05 +01:00
Nadezhda Ivanova
82737719c8 ITS#8725 Always remove listener descriptors from daemon on shutdown 2017-09-08 19:43:59 +01:00
Howard Chu
db3909d27d ITS#8725 add slap_sl_mark / slap_sl_release 
For fast cleanup after constructing disposable entries
 2017-09-08 17:39:22 +01:00
Howard Chu
68e064ca84 ITS#8725 Avoid listener thread startup race 
Typically only shows up under valgrind, not in regular runs
 2017-09-08 17:39:22 +01:00
Howard Chu
8b1fb962fc ITS#8725 connection fixes 
Fix op_finish, must resched connection to pick up pending ops.
Fix op completion counter.
 2017-09-08 17:39:14 +01:00
Howard Chu
63308ef6bb ITS#8725 backover fixes for async 
Fix some valgrind race conditions - wait for frontend to finish up
Don't set callbacks for abandon or unbind - since they have no response
Use tmpalloc for backover callback
 2017-09-08 17:25:55 +01:00
Nadezhda Ivanova
c6e00c7b0f ITS#8725 Fix an invalid data access during add operations if backend is asynchronous 2017-09-08 16:51:27 +01:00
Howard Chu
75999a18c3 ITS#8725 Add SLAPD_ASYNCOP return code 
Tell frontend the op will finish asynchronously, leave it alone
 2017-09-07 18:07:39 +01:00
Howard Chu
afa861bf22 ITS#8719 add crypt_r() support 2017-09-06 21:25:16 +01:00
Michael Ströder
b65e0b5731 ITS#8714 Send out EXTENDED operation message from back-sock 2017-09-06 15:32:28 +01:00
Howard Chu
bb62d9cb73 ITS#8270 use the configured exop timeout for StartTLS 
Also, there's no need for a retry loop here. Just wait for
the specified timeout or give up.
 2017-08-31 16:53:45 +01:00
Ondřej Kuzník
9e156bf914 ITS#8444 Do not clear the pending operation when checkpointing 
When a checkpoint happens, if we remove the CSN from the pending list,
accesslog won't pass it onto the accesslog DB. But in a delta-mmr
scenario, an accesslog entry without a CSN faces a race where it might
be applied twice - that usually fails and causes a full refresh, other
times it can cause a silent desync - both are undesirable.
 2017-08-25 16:52:13 +01:00
Howard Chu
a9f462d615 ITS#8690 one more time 2017-08-04 20:58:07 +01:00
Howard Chu
c9e56b80f3 ITS#8690 fix again 2017-08-04 13:40:34 +01:00
Howard Chu
bcc6601091 Revert "ITS#8690 refix" 
This reverts commit a5f3a2885c.
 2017-08-04 13:34:03 +01:00
Howard Chu
a5f3a2885c ITS#8690 refix 
Don't double-queue delete ops
 2017-08-02 00:52:13 +01:00
Howard Chu
221dd43399 ITS#8226 optimization 
Don't release read txn unless there has actually been a new write txn
 2017-08-01 22:08:50 +01:00
Howard Chu
9827569ff0 ITS#8690 fix prev commit 2017-08-01 21:57:02 +01:00
Howard Chu
5bd89a1f1f Cleanup uninit'd vars 2017-08-01 21:47:15 +01:00
Howard Chu
1fbc0dff88 ITS#8690 plug memleak on Delete ops 2017-07-21 19:04:08 +01:00
Quanah Gibson-Mount
50d1588b2e ITS#8697 - For Windows builds with newer MINGW, remove refptr symbols 
mappings from slapd.def
 2017-07-20 17:11:01 -07:00
Howard Chu
375db33d13 ITS#8678 temporary hack 2017-06-22 18:09:48 +01:00
Ryan Tandy
0cee1ffb60 ITS#8655 fix double free on paged search with pagesize 0 
Fixes a double free when a search includes the Paged Results control
with a page size of 0 and the search base matches the filter.
 2017-05-20 18:28:54 +00:00
Kevin Lam
11bf6bc10a ITS#8592 Fix double free in sssvlv overlay 2017-04-26 11:05:00 -07:00
Howard Chu
2975a1d6f1 Tweaks for OpenSSL 1.1 API deprecations 2017-04-19 20:19:09 +01:00
Howard Chu
c0ff8e8a21 Delete extraneous #define 
Was only for convenience during testing
 2017-04-19 19:27:02 +01:00
Quanah Gibson-Mount
87f3477626 Fix autoca build with OpenSSL 1.1.0 2017-04-18 13:40:05 -07:00
Ondřej Kuzník
1b14198ad9 ITS#8631 Initialize sal 2017-04-10 14:24:56 +01:00
Howard Chu
29833786ad Cleanup unused vars 2017-04-10 00:54:21 +01:00
Howard Chu
d089b3c0d1 Tweak privateKeyValidate 
Only accept PKCS#8 private keys
 2017-04-10 00:51:09 +01:00
Howard Chu
25dc9e99ea Cleanup warnings, unused vars, etc. 2017-04-09 23:42:22 +01:00
Howard Chu
cff264c6e1 Fix autoca schema init 
Wait for core.schema to get loaded
 2017-04-09 22:45:36 +01:00
Howard Chu
268f71cb27 autoca fixups 
Move install of CA cert to a pool thread, otherwise cn=config deadlocks
on dynamically loaded overlay.

Dup/release entry before attempting to modify it, to avoid deadlocks
in back-bdb/hdb.

Always use PKCS#8 format when storing private keys.
 2017-04-09 20:31:11 +01:00
Howard Chu
f33c7d1ee6 Fixup for ;binary config attrs 
Use the plain attributeDescription when searching config tables
 2017-04-09 20:29:47 +01:00
Howard Chu
0f9ec8322f Add localDN config 
If a cert is generated for this DN, configure it as the local
TLS cert/key
 2017-04-09 16:44:14 +01:00
Howard Chu
b939bb519e Set the CA cert in cn=config if none was already set 2017-04-09 15:42:17 +01:00
Howard Chu
c9ccdf8554 Fixup pause handling, silence warnings 
Don't try to resume the pool if pausing failed.
 2017-04-09 15:41:16 +01:00
Howard Chu
7b41feed83 Support setting cacert/cert/key directly in cn=config entry 2017-04-09 14:51:25 +01:00
Howard Chu
2860fd4c6c Move privateKey schema into slapd 2017-04-09 14:16:56 +01:00
Howard Chu
2012795d3b Add config support for binary values 
Use base64 for .conf files, straight binary for back-config
 2017-04-09 02:26:41 +01:00
Howard Chu
2b920ecaec Add autoca overlay 
Automated certificate authority
 2017-04-08 02:51:08 +01:00
Ondřej Kuzník
ec5af7b5e7 ITS#6545 Update accesslog format and syncrepl consumer 
Make two successive modifications of the same attribute separate. This
lets the consumer interpret the log entry the same way as the server
that produced it.

Still depends on the log entry attributes being read in the same order
as they were written.
 2017-04-07 14:39:07 -07:00
Ondřej Kuzník
46c85a32ae ITS#8266 Allow empty mods 2017-03-30 15:27:45 -07:00
Quanah Gibson-Mount
2c84446240 ITS#8587 - Fix typos 2017-03-29 10:44:55 -07:00
Ondřej Kuzník
e56a849e5d ITS#8625 Separate Avlnode and TAvlnode types 
Switch AVL_CHILD/AVL_THREAD values and set Avlnode bits to AVL_CHILD for
better compatibility between avl and tavl as suggested by Howard.
 2017-03-29 14:52:44 +01:00
Howard Chu
a0cc1d9655 ITS#8054 add queue time to log 
Show time spent in conn+threadpool queues before an op actually executes.
Also clean up timestamp handling
 2017-03-16 14:21:31 +00:00
Howard Chu
e12ca8b6fe Fixes for multiple threadpool queues 
Remove poolq_hash, it wasn't distributing work evenly to the queues.
Just walk through all queues and use the one with smallest
active+pending count. Since pool_retract also relied on the hash,
a different means of locating the thread to retract was needed.
Add pool_submit2 which returns the threadpool task structure,
and record which poolq this task lives on.
 2017-03-15 11:13:09 +00:00
Ondřej Kuzník
53c6c9d16b ITS#8574 - Deal with rDN correctly 
This fixes issues with values that need escaping in the rDN when an
incorrect value would be passed to the handler and back-ldif.
 2017-03-08 15:32:17 -08:00
Howard Chu
451a9623f3 ITS#8576 Revert "LDAP_TAILQ fix" 
This reverts commit 8ee8248328.
 2017-02-01 11:58:54 +00:00
Howard Chu
2e9f95cbac More for large multival attrs 
Fix 2335285502
Use custom dupsort function, pass attributeDescription in so
it can use the actual matching rule for sorting.
 2017-01-26 10:58:55 +00:00
Quanah Gibson-Mount
cf8dc030c0 ITS#8568 2017-01-15 15:11:53 -08:00
Quanah Gibson-Mount
1df85d3427 Happy New Year! 2017-01-03 12:36:47 -08:00
Howard Chu
e3c8beb8d0 Fix its6794 test 
Must NULL out indexing cursors when closing tool txn
 2016-12-21 14:39:47 +00:00
Quanah Gibson-Mount
131203ec5d More for multival attrs 
check for enumerated delete that deletes all values
 2016-11-03 15:50:26 -07:00
Howard Chu
589331ea75 More for ITS#8460 
accesslog can alter the timestamp on contextCSN updates
 2016-08-11 17:27:35 +01:00
Howard Chu
f6510ec83b ITS#8460 fix slap_op_time 
broken in 2d5996ac60
Was allowing tv_usec to exceed 999999
 2016-07-28 23:40:57 +01:00
Howard Chu
5e6aadd779 More for multival attrs 
Fix id2entry_delete when deleting last multival entry in DB
 2016-07-22 10:30:57 +01:00
Howard Chu
3d5601e0ba Fix a4c7943d39 
Modify/replace was broken if attr didn't already exist
 2016-07-21 00:36:32 +01:00
Hallvard Furuseth
3e2f62ed0b ITS#8442 Fix uninitialized rs->sr_text in back-meta 2016-06-12 10:18:50 +02:00
Hallvard Furuseth
4a961ed6ed Catch slapmodify entry setup errors 2016-06-12 08:35:25 +02:00
Hallvard Furuseth
1899118e91 ITS#8435 Move sc_writewait to end of slap_callback 
So any initializers in code predating sc_writewait
will find sc_private in the expected position.
 2016-06-12 08:31:18 +02:00
Hallvard Furuseth
23c5d6bbdd ITS#8435 Fix uninited slap_callback.sc_writewait 2016-06-12 08:30:58 +02:00
Howard Chu
92724fd39e ITS#8432 fix infinite looping mods in delta-mmr 2016-06-09 22:37:54 +01:00
Howard Chu
2e60bf5ed0 ITS#8428 init sc_writewait 2016-05-18 12:30:31 +01:00
Howard Chu
b7c1a5d6b8 ITS#8423 check for pause in accesslog_purge 2016-05-15 00:51:14 +01:00
Howard Chu
3efde72cbe ITS#8413 fix prev commit 
Filter needs AttributeAssertions
 2016-04-28 10:54:47 +01:00
Howard Chu
b61d02d942 ITS#8413 don't use str2filter on precomputable filters 
and more importantly, avoid escaping requirements that str2filter has
 2016-04-28 03:04:16 +01:00
Howard Chu
2335285502 More for large multival attrs 
We can't persist the sorted flag since the sort order between
DB and attr schema don't necessarily agree
 2016-04-01 18:49:59 +01:00
Nadezhda Ivanova
500398180e ITS#8303 Track pending ops per a_metasingleconn_t 
so that unused target connections can be properly reset.
 2016-02-29 17:09:00 +00:00
Nadezhda Ivanova
26f88817f6 ITS#8303 Fixed an assertion error during test022 
The error was introduced with
commit 6cafdfa8d8
 2016-02-29 17:08:51 +00:00
Howard Chu
76d9be0196 More for large multival attrs 
Fix a4c7943d39 entry delete
Ignore when id2v table is empty
 2016-02-05 21:59:43 +00:00
Howard Chu
d6f3440d94 ITS#8365 partially revert ITS#8281 
Must setup psearch before snapshotting ctxcsn
 2016-02-02 19:41:13 +00:00
Nadezhda Ivanova
6cafdfa8d8 ITS#8303 Asynchronous meta back-end for OpenLDAP 2016-02-01 14:35:47 +00:00
Howard Chu
a4c7943d39 Large multivalued attr support 
Store attrs with a large number of values separately from the
main entry blob. Note - we need support for large DUPSORT values
for this to be generally usable.
 2016-01-31 15:35:11 +00:00
Quanah Gibson-Mount
6c4d6c880b Happy New Year! 2016-01-29 13:32:05 -06:00
Quanah Gibson-Mount
606d633290 Minor fix BDB -> MDB 2016-01-29 13:21:55 -06:00
Howard Chu
4a9f4439be ITS#8360 tweak for LDAP_TXNs too 2016-01-26 13:39:53 +00:00
Howard Chu
4001eb054f ITS#8360 fix ad info after failed txn 
If an add or modify op referenced a previously unused attrtype,
the mi_ads/mi_numads would be incremented to include it. If the
op fails to commit, these additions must also be reverted.
 2016-01-26 13:33:24 +00:00
Howard Chu
a9df031d0d ITS#8354 move abandon check 2016-01-23 16:06:32 +00:00
Howard Chu
6d2eb36ccb ITS#8354 tweak prev commit 
Delay mutex init to avoid leaking the mutex
 2016-01-22 20:46:23 +00:00
Howard Chu
4773850d42 ITS#8354 fix syncprov abandon 
Check for abandon just before recording psearch
 2016-01-22 20:41:48 +00:00
Howard Chu
eaee3b39ba ITS#8351 fix accesslog callback init 2016-01-15 10:37:56 +00:00
Howard Chu
901fe3318f ITS#8337 fix missing olcDbChecksum config attr 2015-12-12 16:14:45 +00:00
Howard Chu
af0c7ae038 ITS#8329 finish prev commit 2015-12-03 19:25:32 +00:00
Paul Terry
33ed03a64b ITS#8329 Add the id_query config item. 2015-12-03 19:21:46 +00:00
Howard Chu
3a305253a0 ITS#8327 fix ppolicy_get_default 
pwdMaxRecordedFailure must never be zero
 2015-12-03 00:58:33 +00:00
Howard Chu
2d5996ac60 ITS#8054 Cleanup duration patch 
Don't need op->o_hr_time, just use o_tincr, that's what it
was intended for anyway. Use "etime=" like other products do.
Simplify ifdefs. Use gettimeofday, it's always available now.
 2015-10-31 11:57:06 +00:00
Emily Backes
5324d283d9 ITS#8054 operation duration logging 2015-10-31 11:55:23 +00:00
Howard Chu
291b6a1a22 ITS#8215 fix cd9980c48b 
Wrong function signature
 2015-10-27 11:46:08 +00:00
Howard Chu
0d9b8ebe4b ITS#8289 fix mod Increment with inherited attr type 2015-10-27 03:41:17 +00:00
HAMANO Tsukasa
c05c9619a6 ITS#8114 LDAP MODIFY handling 2015-10-25 09:13:27 +00:00
HAMANO Tsukasa
30f80a005d ITS#8114 suppress warn message 2015-10-25 09:12:02 +00:00