Commit Graph

3540 Commits

Author SHA1 Message Date
Pierangelo Masarati
8558b8808e actually, get_perms is needed by ldapi:// rgeardless of -DSLAP_X_LISTENER_MOD 2002-10-26 10:02:41 +00:00
Kurt Zeilenga
36569048ff Add "allow update_anon"
Fix -USLAP_X_LISTENER_MOD builds
2002-10-25 18:47:24 +00:00
Jong Hyuk Choi
15c5943edd Addition of servers/slapd/lcup.c and servers/slapd/back-bdb/lcup.c for persistent search 2002-10-25 17:57:03 +00:00
Jong Hyuk Choi
8074294f1d LCUP persistent search code drop 2002-10-25 17:51:30 +00:00
Pierangelo Masarati
97e526cb2d add restrictions related to listeners in form of file permissions
(see in slapd(8) the description on how to enforce file permissions
on sockets in ldapi schema); at present, only user permissions are
used as follows: the url extension x-mod=-rwxrwxrwx is used; only
the user permisisons are considered, e.g. the first set of rwx;
	"r" means read is allowed from that listener
	"w" means write is allowed on that listener
	"x" means bind is not required on that listener
these restrictions ADD to those already present, and are actually
checked AFTER the other restrictions, but BEFORE ACLs, so they can
be used to apply gross restrictions but should not be viewed as
a replacement of ACLs. To compile this, #define SLAP_X_LISTENER_MOD
2002-10-25 16:43:44 +00:00
Kurt Zeilenga
6d199506bb ber_write error message cleanup 2002-10-25 05:47:08 +00:00
Kurt Zeilenga
2b2e406b46 Make sure that newSuperior isn't old superior 2002-10-25 01:09:50 +00:00
Pierangelo Masarati
956f1d16aa listener:
- use bervals for url and sockname
- pass connection_init() the listener struct pointer instead of each value
- don't copy them in the Connection struct 'cause they're not going to change
- define macros for legacy usage of c_listener_url and c_sockname
2002-10-24 10:03:52 +00:00
Pierangelo Masarati
fdd586a6b7 change socket permission syntax (to reuse function for other purposes) 2002-10-23 14:12:01 +00:00
Pierangelo Masarati
456a561b65 prevent use of uninitialized var 2002-10-23 14:11:02 +00:00
Pierangelo Masarati
665cb3e86e fix typo 2002-10-23 14:10:21 +00:00
Kurt Zeilenga
ff9dd56587 Add comment attributing origin of the Metaphone algorithm 2002-10-22 04:52:57 +00:00
Kurt Zeilenga
c382c5efa2 blind fix for NULL pointer in Debug() bug (ITS#2143) 2002-10-17 17:45:44 +00:00
Kurt Zeilenga
ac66a219d0 Fix comment 2002-10-17 04:35:55 +00:00
Kurt Zeilenga
c64d28aa4e correct security sample 2002-10-12 05:10:41 +00:00
Howard Chu
9d2a8ba1b4 More fixes for ITS#2136, make sure all error returns set *text. 2002-10-11 17:12:56 +00:00
Kurt Zeilenga
40b685b70d Patch: Delete the buggy surrogate parent code (ITS#1815)
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
2002-10-10 20:28:36 +00:00
Kurt Zeilenga
5504bed852 More OBSOLETE checks 2002-10-10 02:38:32 +00:00
Kurt Zeilenga
857165b1bf Add some OBSOLETE schema checks 2002-10-10 02:07:24 +00:00
Kurt Zeilenga
b5020aa16d Don't mask error text variables 2002-10-09 23:36:28 +00:00
Kurt Zeilenga
27cb98d28d Remove lint 2002-10-09 23:35:45 +00:00
Kurt Zeilenga
1aa829922f Implement content rule checks
w/ implicit default rules allowing any auxiliary class to be mixed in
2002-10-09 23:02:01 +00:00
Howard Chu
e6d10b9590 Revert previous commit. More thought needed re: IPV4 vs IPv6 failures 2002-10-09 21:18:51 +00:00
Howard Chu
2e538e19d4 ITS#2132, give up at first bind failure 2002-10-09 20:45:13 +00:00
Kurt Zeilenga
5060ebb36d Fix bad sup error 2002-10-09 19:24:02 +00:00
Kurt Zeilenga
dff7315edf Need ../cr.o 2002-10-09 19:11:12 +00:00
Howard Chu
b9bd44b047 Fix ITS#2132, give up if listener fails to open 2002-10-09 18:57:50 +00:00
Kurt Zeilenga
acc32b9d9e Basic framework for DIT Content Rules (not yet enforced) 2002-10-09 07:11:50 +00:00
Kurt Zeilenga
023d0e2a5c Rework unprotected simple bind checks 2002-10-08 19:03:18 +00:00
Kurt Zeilenga
06f69e603c Add security restrictions examples 2002-10-08 01:15:20 +00:00
Kurt Zeilenga
36fca96695 if "disallow bind_simple_unprotected", require at least SSF of 2 2002-10-08 01:06:49 +00:00
Kurt Zeilenga
df6c69ffd6 More entry level access control for back-shell
(should be applied to back-perl and other programmable backends)
2002-10-07 21:56:43 +00:00
Kurt Zeilenga
3a17376dfd s/256/LBER_ELEMENT_SIZEOF/
set LBER_ELEMENT_SIZEOF to 256
maybe this should be set to N*sizeof(size_t) or something
2002-10-07 21:01:47 +00:00
Kurt Zeilenga
cb73d243fb More "entry" level ACLs for entry add, delete, and rename. 2002-10-07 19:19:29 +00:00
Kurt Zeilenga
d19db4b7ed Fix up last commits 2002-10-04 23:42:27 +00:00
Kurt Zeilenga
9fbcc90bd5 Add "entry" ACL checks for add/delete/rename ops 2002-10-04 23:26:28 +00:00
Kurt Zeilenga
8975676fa4 Clean up some #else #if 'ing 2002-10-04 18:36:44 +00:00
Kurt Zeilenga
5b591d0dec Fix subentry OIDs 2002-10-02 01:18:46 +00:00
Kurt Zeilenga
33248a02e1 Code cleanup (no functional changes) 2002-10-01 04:07:55 +00:00
Kurt Zeilenga
f5e6d1db41 #unifdef -DSCHEMA_DN 2002-09-29 04:30:38 +00:00
Kurt Zeilenga
4ef4c9eb06 Return default referral if DN maps to empty domain. 2002-09-26 16:12:39 +00:00
Kurt Zeilenga
b4e1ea15f3 benign buffer overflow fix (ITS#1964) 2002-09-25 04:34:33 +00:00
Kurt Zeilenga
bbbf2f4ca7 Fix handling of non-critical controls for backends which
support no controls.
2002-09-24 18:20:59 +00:00
Kurt Zeilenga
d0a4fee37a Minor updates 2002-09-22 19:09:47 +00:00
Kurt Zeilenga
976c35fbf0 fix possible uninit bug 2002-09-21 04:33:19 +00:00
Howard Chu
bdf9b3ae1b Fix ITS#1033 slapd hangs with GNU Pth - don't write to the wakefd
more than once at any given time.
2002-09-21 03:52:16 +00:00
Kurt Zeilenga
f558b6b02f Add experimental +/- AttributeName support. 2002-09-21 00:11:43 +00:00
Kurt Zeilenga
d9d58ae02f Save "-" for no subtypes 2002-09-20 19:58:25 +00:00
Howard Chu
9ba829436e Add dummy reference to lutil_uuidstr() for dynamically loaded back-bdb
and back-ldbm.
2002-09-20 01:02:33 +00:00
Howard Chu
104f8cc409 Simpler fix for NO_THREADS 2002-09-19 06:34:53 +00:00