Commit Graph

75 Commits

Author SHA1 Message Date
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Kurt Zeilenga
100facedf3 Don't return subordinate referrals (per RFC 3296) 2004-03-27 22:47:31 +00:00
Kurt Zeilenga
2876b3bb84 Don't disclose information to attacker.
Referrals need work (not sure why return referrals for bind requests)
2004-03-27 18:19:52 +00:00
Howard Chu
9f5667c703 Restructure to release locks before sending result 2004-03-20 09:25:00 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Kurt Zeilenga
9d811eb1fa Notices 2003-11-28 21:08:20 +00:00
Howard Chu
1bb48a06fc ITS#2736 clear result strings 2003-09-27 07:36:20 +00:00
Jong Hyuk Choi
090ac0a772 unifdef LDAP_SYNC and LDAP_SYNCREPL 2003-08-27 22:16:04 +00:00
Jong Hyuk Choi
264f690c81 ITS#2681: set rc to LDAP_INVALID_CREDENTIALS or 1 2003-08-13 20:27:10 +00:00
Jong Hyuk Choi
d0868eae95 Various changes
- SyncRepl support in back-ldbm
- back-ldbm functions return LDAP return codes for internal operations (callback)
- subentry code copy from back-bdb
- Misc udpates
2003-07-15 00:55:58 +00:00
Howard Chu
7e2273b30e Added errmsg arg to lutil_passwd_{check,hash} functions 2003-04-30 07:52:05 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
2003-03-30 09:03:54 +00:00
Hallvard Furuseth
bf8bbc27fe Fix typo in comment. 2003-01-24 20:12:50 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Julius Enarusai
6107ba67d2 Coverted LDAP_LOG macro to use subsystem ID int values instead of string values 2002-07-11 20:33:24 +00:00
Kurt Zeilenga
32fb8b0bff Add ACL state recording to avoid multiple evaluation of
value-independent access controls.
2002-02-09 05:14:17 +00:00
Kurt Zeilenga
78fe3a311f Add giant lock code back in... (it's my flakey devbox that needed work) 2002-01-29 17:58:36 +00:00
Kurt Zeilenga
77e8e46bdf Back out giant lock code, needs more work 2002-01-29 17:49:37 +00:00
Kurt Zeilenga
634cca7f0d Add GIANT rwlock! This should resolve nasty concurrency issues. 2002-01-29 17:27:20 +00:00
Howard Chu
ac1332cdb8 Renamed BVarray to BerVarray. Moved slapd:bvarray_{add,free} to
liblber:ber_bvarray_{add,free}.
2002-01-14 01:43:17 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
f52cc9bab5 Change struct berval ** to BVarray 2002-01-02 11:00:36 +00:00
Howard Chu
affa8f5a65 More struct berval conversions 2002-01-01 13:31:20 +00:00
Howard Chu
b92710e3a5 Minor cleanup 2001-12-31 06:44:36 +00:00
Kurt Zeilenga
21cecb3831 Update referral handling to use struct berval DNs. 2001-12-26 20:59:24 +00:00
Howard Chu
d474789d0d First pass at converting bind to struct bervals 2001-12-26 11:41:38 +00:00
Kurt Zeilenga
82fad7d0c8 First stable an implementing latest namedref specification.
Includes rewriting of URLs where the DN of the referral object
and the DN of the ref attribute attribute are not the same.
Also, always returns explicit DN and scope.
Currently, back-ldbm only.  Needs to be ported to back-bdb.
2001-10-26 02:05:14 +00:00
Gary Williams
3281138bcf fix format for new logging 2001-01-17 17:01:19 +00:00
Kurt Zeilenga
4617f2e946 Fix SPASSWD merge for real 2000-09-20 17:34:06 +00:00
Kurt Zeilenga
50714d2d48 merge changes from authPassword work which should fix SPASSWD code... 2000-09-20 00:28:57 +00:00
Kurt Zeilenga
f9690a37bb ITS#717 slapd kbind patch 2000-09-07 22:03:32 +00:00
Kurt Zeilenga
a75a024fd3 Consistently don't require "entry" access (except on search) 2000-09-05 21:48:12 +00:00
Kurt Zeilenga
acb451a031 Return unwillingToPerform for step 2 kerberos bind. 2000-06-25 20:39:34 +00:00
Kurt Zeilenga
693fb9424a unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT 2000-06-06 19:43:18 +00:00
Kurt Zeilenga
3d26427c02 SLAPD_SCHEMA_NOT_COMPAT: fix bind acls 2000-05-27 23:16:30 +00:00
Kurt Zeilenga
60802201e3 Const'ification
SASL mech removed from backend bind callback (as SASL is managed by frontend)
Changes to some backends are untested (as I don't have all dependent
  software install)
2000-05-22 03:46:57 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Kurt Zeilenga
16937cb91d remove SASL bind call. Frontend code coming. 2000-04-25 13:10:31 +00:00
Kurt Zeilenga
28c6217a12 s/userPassword/password/ (variable name) 2000-03-17 02:06:50 +00:00
Kurt Zeilenga
0dbaf87730 Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT
plus these changes unhidden changes:
	remove now meaning --enable-discreteaci configure option
	fix ITS#451, slapd filters
	Add ber_bvecadd() to support above
	constify ldap_pvt_find_wildcard() and misc slapd routines
	renamed some slap.h macros
	likely broken something
2000-02-14 20:57:34 +00:00
Kurt Zeilenga
6437785a82 Initial implementation of Kerberos password verification for
simple bind via:
	{KERBEROS}principal
Code is disabled by default (for security reasons).  Use
--enable-kpasswd to enable.  Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support.  Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library;
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
2000-01-02 01:21:25 +00:00
Kurt Zeilenga
831bfa760e reduce slap_passwd_check to simple form 1999-12-06 21:42:10 +00:00
Kurt Zeilenga
42bb3e2e85 Move userPassord and krbName authentication routines to the frontend. 1999-11-23 19:00:09 +00:00
Kurt Zeilenga
5c876f85e6 bind should not return noSuchObject 1999-09-24 02:19:31 +00:00
Howard Chu
f991ef04e6 Added mixed-case as well as up-cased DN argument. The behavior of back-bdb2
and back-ldbm are preserved, they only use the up-cased DNs. back-passwd
uses the mixed-case DN. All others are using mixed-case DN, may need more
fixing.
1999-09-18 23:40:03 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Kurt Zeilenga
9c3ed0310b Add copyright notices. 1999-08-06 23:07:46 +00:00
Kurt Zeilenga
73276e84ae Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS.
Includes support for update referral for each replicated backend.
	Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world.  Still testing in LDAPv3 world.
Added default referral (test009) test.
1999-07-16 02:45:46 +00:00
Kurt Zeilenga
b8edef2b2c Copy LDBM bind "ACL_AUTH" and SASL framework to bdb2. 1999-07-07 18:47:51 +00:00