Commit Graph

57 Commits

Author SHA1 Message Date
Kurt Zeilenga
da6d9eb046 happy new year 2007-01-02 20:00:42 +00:00
Howard Chu
2a9afa55a7 Avoid unnecessary calls to oc_bvfind 2006-11-27 19:59:59 +00:00
Pierangelo Masarati
d1824b14ae fix NOOP return code (ITS#4563; I'll check and confirm it later; NOOP support might be broken) 2006-05-25 16:58:41 +00:00
Kurt Zeilenga
eb9a3c1876 unifdef -DSLAP_ACL_HONOR_DISCLOSE
unifdef -DSLAP_ACL_HONOR_MANAGE
unifdef -DSLAP_OVERLAY_ACCESS
unifdef -DSLAP_ORDERED_PRETTYNORM
unifdef -DSLAP_AUTHZ_SYNTAX
Move LDAP_COLLECTIVE_ATTRIBUTES, LDAP_COMP_MATCH, and LDAP_SYNC_TIMESTAMP
back behind LDAP_DEVEL (as these either too experimental or not yet
implemented).
2006-04-12 05:53:26 +00:00
Howard Chu
fe3b6d0071 ITS#4384 rework entryCSN handling, retrieve from incoming request
if it was provided. Always check and graduate, regardless of shadow status.
2006-02-05 01:09:48 +00:00
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Pierangelo Masarati
c226563da4 fix various memory leaks and handling issues 2005-12-06 22:06:29 +00:00
Pierangelo Masarati
55c52c5c72 better fix to ITS#4183 (the prototype in proto-slap.h was erroneously committed earlier) 2005-11-18 00:00:39 +00:00
Pierangelo Masarati
bdb661440b fix operational attrs addition 2005-11-06 23:34:03 +00:00
Pierangelo Masarati
09f749da96 remove unnecessary data from search_info 2005-08-07 20:43:07 +00:00
Luke Howard
12d006d17d Add o_no_schema_check to operation structure
entry_schema_check() nows takes Operation instead of Backend as first
argument, allows it to check o_no_schema_check
2005-08-01 15:26:13 +00:00
Pierangelo Masarati
acf5187b2e rework assertion 2005-06-13 22:12:11 +00:00
Pierangelo Masarati
3751f0325d work around syncprov interoperation issues; minor cleanup 2005-06-01 19:35:13 +00:00
Kurt Zeilenga
feeeabcd68 manageDIT framework and obsolete objectclasses/DIT-content-rule override 2005-05-13 19:07:31 +00:00
Pierangelo Masarati
740835dff9 remove global_schemacheck 2005-05-12 00:03:50 +00:00
Pierangelo Masarati
0c601c5db2 fix compare; more manageDSAit cleanup 2005-01-20 00:17:52 +00:00
Pierangelo Masarati
8b26737c27 fix different issues with referrals in searches; remove unused tests; cleanup referrals in tests so that they don't get chased; improve schema checking in modrdn and updates in general; minor cleanup 2005-01-18 01:10:01 +00:00
Pierangelo Masarati
eb0421c471 fix several schema checking issues; add rename specific statement for entry renaming without losing ID (helps e.g. in renaming referrals, otherwise referential integrity would prevent del/add because of referenced stuff in ldap_referrals and ldap_entry_objclasses); referrals need schemacheck off otherwise objectClass chain is invalid (they need to be attached to another objectClass by now; will address this later) 2005-01-17 19:32:28 +00:00
Pierangelo Masarati
b4e37e518f fixes for ITS#3480,3485,3489; implementation of DISCLOSE access for all operations (ITS#3472); ITS#3432.4; added value validate/pretty when applicable (see comments and #defines in back-sql.h) 2005-01-16 23:12:36 +00:00
Pierangelo Masarati
c8c043bd39 address ITS#3472/3480/3488/3489 2005-01-15 18:43:34 +00:00
Pierangelo Masarati
014ee81c34 plug memory leak: bsi_attrs member
use tmpmemctx for bsi_attrs (should be used more for temporaries)
fix ITS#3480: allow to fetch all attrs or provide hints
fixed access check to entry for rename
TODO: fetch entries for access checking in selected code portions (e.g. rename)
2005-01-14 00:39:24 +00:00
Pierangelo Masarati
056c5ba7c1 fix couple of bugs in recent 'disclose' commits; prepare for sending matchedDN when appropriate; note ITS#3480 access control issues 2005-01-12 00:28:37 +00:00
Pierangelo Masarati
9d5d9cc2ec fix mix memory issues and cleanup 2005-01-08 09:59:16 +00:00
Pierangelo Masarati
edc9b936d0 mostly copyright cleanup; removal of unnecessary headers 2005-01-03 10:51:59 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
642f7aed50 apply patches 1,2,3,5,8 (with changes) from ITS#3432) 2005-01-01 16:21:55 +00:00
Pierangelo Masarati
0cc024a370 more on DN munging; now works for all operations 2004-12-02 00:33:36 +00:00
Pierangelo Masarati
396743f62f fix DN munging; also fix potential error when logging incomplete deletes 2004-12-01 23:16:21 +00:00
Pierangelo Masarati
78ddb88960 minor cleanup 2004-11-15 22:10:10 +00:00
Pierangelo Masarati
87a63d3b5d improve previous commit; consistently use dn/ndn; add support for LDAP_SCOPE_SUBORDINATE 2004-10-03 21:08:54 +00:00
Pierangelo Masarati
761f287943 multiple precision with BIGNUM/gmp/ulong 2004-09-26 22:58:47 +00:00
Pierangelo Masarati
b703cfb008 Added provisions for a layer between the backend and the ODBC
for further mucking with data.  This can be of use in ill situations
where not all the required massaging can be done on data with SQL
by means of stored procedures, but overlays are called too early
and cannot be used to make data non LDAP compliant.
- only support for bidirectional DN mucking is provided right now
- support for other values mucking is planned
- write is not completely tested yet
- the API could change quite often; don't rely too much on it

other cleanup has been added.
2004-04-10 09:33:55 +00:00
Pierangelo Masarati
354372987f General improvements:
- There might be special cases that require the unique key to be a string
  (just ran into one); since this is not a generally useful change, it's
  hidden behind #defines.
- Added essential support for telephoneNumber match; the same infrastructure
  might be useful for other specialized matches (also regular matches should
  use it to handle multiple spaces and so!).
- Fixed dynamic backend initialization.
- Cleaned up search base DN normalization (works also if no uppercase function
  is available, using case exact matches).
2004-04-08 09:08:28 +00:00
Pierangelo Masarati
eeb9a07823 make file names more slapd-ish; add attribute inheritance to search attributes; precompile uppercased search 2004-01-19 22:13:15 +00:00
Pierangelo Masarati
634324d5b9 allow multiple attribute definitions; honor ldap_entry_objclasses in filter; major cleanup 2004-01-10 10:42:44 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Kurt Zeilenga
fd5ded3afb notices and acknowledgements 2003-12-07 19:19:18 +00:00
Howard Chu
c58ac9d8f1 Add memctx param to build_new_dn(). cleanup DN leaks. 2003-09-24 04:30:41 +00:00
Kurt Zeilenga
5cd994ed21 remove dnNormalize2
replace calls to dnNormalize2 with calls to dnNormalize
2003-04-29 18:28:14 +00:00
Pierangelo Masarati
d8887ac063 fix update operations 2003-04-16 01:21:02 +00:00
Pierangelo Masarati
805894be1d fix context memory and more cleanup 2003-04-11 23:23:03 +00:00
Howard Chu
ece7452b05 More memory context tweaks 2003-04-11 01:29:28 +00:00
Pierangelo Masarati
8995d8341f more new API ... back-sql should be OK 2003-04-03 00:35:16 +00:00
Kurt Zeilenga
c981ebcb61 Don't return LDAP_OPERATIONS_ERROR for internal errors 2003-03-01 20:17:52 +00:00
Pierangelo Masarati
5794b3a2dd Add checks for SQL headers in configure.in (need to rerun autoheader
and autoconf); #include "ac/string.h" instead of <string.h>
2002-11-09 17:03:07 +00:00
Pierangelo Masarati
eb38db1be5 various fixes and improvements 2002-09-02 19:39:31 +00:00
Pierangelo Masarati
fbc11bd16a - added the capability to filter based on hasSubordinate attribute
to back-bdb, back-ldbm and back-sql (the latter with limitations);
- added handling of ":dn" attributes to extended rfc2254 filters
  and to matched value filter
- altered the behavior of get_mra() when a matching rule is given:
  now it checks whether it is compatible with the attribute syntax
  and, in case it is, the given mr is used.  In case of no type,
  the check is delayed when filtering
2002-08-29 10:55:48 +00:00
Pierangelo Masarati
f11c6b27e7 Final run of changes to back-sql; IBM db2 support has been tested.
Now related ITSes need be audited and possibly closed.

Enhancements:
  - re-styled code for better readability
  - upgraded backend API to reflect recent changes
  - LDAP schema is checked when loading SQL/LDAP mapping
  - AttributeDescription/ObjectClass pointers used for more efficient
    mapping lookup
  - bervals used where string length is required often
  - atomized write operations by committing at the end of each operation
    and defaulting connection closure to rollback
  - added LDAP access control to write operations
  - fully implemented modrdn (with rdn attrs change, deleteoldrdn,
    access check, parent/children check and more)
  - added parent access control, children control to delete operation
  - added structuralObjectClass operational attribute check and
    value return on search
  - added hasSubordinate operational attribute on demand
  - search limits are appropriately enforced
  - function backsql_strcat() has been made more efficient
  - concat function has been made configurable by means of a pattern
  - added config switches:
      - fail_if_no_mapping	write operations fail if there is no mapping
      - has_ldapinfo_dn_ru	overrides autodetect
      - concat_pattern		a string containing two '?' is used
				(note that "?||?" should be more portable
				than builtin function "CONCAT(?,?)")
      - strcast_func		cast of string constants in "SELECT DISTINCT					statements (needed by PostgreSQL)
      - upper_needs_cast	cast the argument of upper when required
				(basically when building dn substring queries)

Todo:
  - add security checks for SQL statements that can be injected (?)
  - re-test with previously supported RDBMs
  - replace dn_ru and so with normalized dn (no need for upper() and so
    in dn match)
  - implement a backsql_normalize() function to replace the upper()
    conversion routines
  - note that subtree deletion, subtree renaming and so could be easily
    implemented (rollback and consistency checks are available :)
  - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 08:54:08 +00:00
Pierangelo Masarati
05348c5fc5 CHANGES:
- now all write operations appear to work correctly with PostgeSQL 7.0
- all write operations have been made transactional (atomic writes to
  entries are committed separately only in case of complete^1 success
  while all other operations are rolled-back by default)
- more cleanup and handling of exceptional conditions

TODO:
- deen to check with different databases and more up to date versions
  of both unixODBC and PostgreSQL.

^1: attribute add/modify/delete operations silently succeed if the
    appropriate add/delete proc does not exist for each attribute;
    this may be correct to hide undesired/unimplemented correspondence
    between LDAP and SQL databases; however, a more appropriate
    LDAP behavior would be a failure with LDAP_UNAVAILABLE if a
    single write operation cannot be executed for such reason
2002-08-16 16:45:24 +00:00
Pierangelo Masarati
115408986c changes:
- re-style according to the style giudelines for better readability
- updated to recent frontend/backend API changes
- fixed a few quirks about normalization
- "optimized" a few memory allocation/string handling functions
- fixed a few quirks about add/modify (still have to look ad modrdn)

todo:
- there is still something broken (at least with PostgreSQL and IBM db2,
  the two RDBMS O have at hand) when adding
- move everything to struct bervals and try to save a few strlen
- try some LDAP/SQL syntax relation to use appropriate value bind if possible
- ...
2002-08-13 17:12:27 +00:00