Commit Graph

74 Commits

Author SHA1 Message Date
Kurt Zeilenga
990ab4b119 Randfile 2001-05-02 19:52:58 +00:00
Kurt Zeilenga
26e3fc4625 Document the "threads" directive 2000-10-18 00:22:30 +00:00
Kurt Zeilenga
9520b708eb Fix typo in concurrency description 2000-10-18 00:15:32 +00:00
Kurt Zeilenga
282b192474 Note that the directory containing the replogfile as well as
the slurpd temporary directory should have limited read/write/execute
access.
2000-10-16 22:19:29 +00:00
Kurt Zeilenga
df47e87ec3 Zap defaultaccess option 2000-10-13 04:46:50 +00:00
Kurt Zeilenga
bbe9651ca9 fix maxbufsize=factor typo 2000-10-07 02:07:39 +00:00
Kurt Zeilenga
a912e6eea0 Make sure authzid form produces a valid subject DN. Support
both u: and dn: forms.
Rework sasl-regex DN be of the form
	uid=user,cn=realm,cn=mech,cn=authz
Fix up slapd.conf(5)
2000-10-06 23:50:38 +00:00
Kurt Zeilenga
1e7fe604e9 Comment on rootpw only be valid if rootdn is with namingContext 2000-10-06 21:19:20 +00:00
Kurt Zeilenga
1b635156ab s/saslregex/sasl-regex/
Other minor updates
2000-10-06 21:16:36 +00:00
Mark Adamson
bf1ee530ea Implementation of SASL authorization. 2000-09-21 17:32:54 +00:00
Kurt Zeilenga
0cd8cf72fb Fix file:: uri 2000-09-19 20:44:05 +00:00
Kurt Zeilenga
34f8561467 Update slurpd with StartTLS and additional SASL parameters 2000-09-15 23:41:07 +00:00
Kurt Zeilenga
5852f7188b Add 'defaultSearchBase' configuration directive to help support
brain-damaged LDAPv2 clients.
2000-09-11 21:57:14 +00:00
Kurt Zeilenga
3342ea3b49 Add more bind allow/disallow flags 2000-09-11 18:24:24 +00:00
Kurt Zeilenga
2e13824d0d Add "allow tls_2_anon" to allow StartTLS to force session to anonymous.
Add "disallow tls_authc" to disallow StartTLS when session is authenticated.
Create and use connection2anonymous routine for consistency.
2000-09-08 22:59:01 +00:00
Kurt Zeilenga
db67d7cdc5 Add sasl-host directive 2000-08-30 03:50:16 +00:00
Kurt Zeilenga
26e8ba267d Add security factors to man page 2000-08-28 19:17:37 +00:00
Kurt Zeilenga
9715e7f008 Add disallow and requires to man page. Fix sasl ssf handling bug. 2000-08-28 18:58:13 +00:00
Kurt Zeilenga
95e11598ca Add URI to admin guide in See Also section 2000-08-24 23:18:06 +00:00
Kurt Zeilenga
8596bfe2d5 Document sasl_secprops 2000-08-24 01:09:18 +00:00
Kurt Zeilenga
2e4ed9333b Update date as well 2000-08-23 23:43:39 +00:00
Kurt Zeilenga
edd14b7c95 Update index description with substr varients and
(experimental) subtyping options.
2000-08-23 23:43:19 +00:00
Kurt Zeilenga
66552eb0bb Fix up examples 2000-08-21 03:10:47 +00:00
Kurt Zeilenga
2683cd6fe6 Update man page header 2000-08-20 01:00:12 +00:00
Kurt Zeilenga
3311d1ca8b Add descriptions for sasl options.
Clarify other options and re-order a bit.
2000-08-19 22:14:14 +00:00
Kurt Zeilenga
dd3e3a8fb8 rename admin guide 2000-08-18 02:58:05 +00:00
Mark Adamson
4a5498351e Added SASL authentication to slurpd for connecting to slave LDAP servers. 2000-08-17 16:30:37 +00:00
Kurt Zeilenga
2b3b074b1c Update date 2000-08-13 22:06:44 +00:00
Kurt Zeilenga
f40d19abfc s/SLAPD and SLURPD/OpenLDAP/ .. (admin guide) 2000-08-13 22:00:36 +00:00
Kurt Zeilenga
ee2e7457c7 Clean up attributetype and objectclass description 2000-08-07 23:04:20 +00:00
Kurt Zeilenga
b7f0758fa2 Minor updates, needs to be updated and cleaned up
Should be PRIMARY source for configuration options.
2000-07-22 19:04:33 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session.
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
2c7f89b1b2 remove locale option. OpenLDAP is designed only for the "C" locale. 2000-06-20 16:55:23 +00:00
Kurt Zeilenga
55d180f3ab Incomplete update of LDIF, refer to RFC 2000-06-18 19:41:49 +00:00
Kurt Zeilenga
65f9a005ed Add reference to slappasswd(8) 2000-06-18 19:40:38 +00:00
Kurt Zeilenga
93a8125eab Add OpenLDAP RCS ID 2000-06-18 19:39:31 +00:00
Kurt Zeilenga
ec426532b2 Reworked thread code to better support thread-library specific
r/w locks and thread pools.  Hide internal structures (using
pthread'ish technics).  Place common code in threads.c.  Move
no-thread code to thr_stub.c.  Move thread pool code to tpool.c.
Removed setconcurrency call from initializer, added 'concurrency'
directive to slapd.  Tested code under pthreads, pth, and no-threads.
2000-06-13 02:42:13 +00:00
Kurt Zeilenga
6892f74529 Remove old schema directives 2000-06-06 07:57:41 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Kurt Zeilenga
8c386888fa Move default LDBM directory from /usr/tmp to $(localstatedir) 2000-05-03 10:07:21 +00:00
Kurt Zeilenga
393ff0ad71 Add .ldaprc to SYSNOPSIS 2000-04-12 01:23:43 +00:00
Kurt Zeilenga
58987407fe Add comment concerning 'directory' LDBM option... a separate directory
must be specified for each database.
2000-03-03 19:51:39 +00:00
Kurt Zeilenga
152c0e25c2 Add reference to RFC 2307 (rootpw) 2000-03-01 22:58:30 +00:00
Kurt Zeilenga
ab7c490960 Add BINDDN user-only directive to .ldaprc
Used only for simple bind when dn == NULL and password != NULL.
1999-12-17 03:27:16 +00:00
Kurt Zeilenga
f6829ee903 Initial commit of new ACL engine. Engine supports descrete access
privs, additive/substractive rules, and rule continuation.  Existing
rules that use 'defaultaccess none' should be 100% compatible.  Rules
that rely other defaultaccess settings will require addition of
explicit clauses granting the access.
Needs additional testing and tuning of logs
1999-10-21 17:53:56 +00:00
Kurt Zeilenga
7e53b5bdeb Change 'attribute' directive to 'attributetype'
(and allowing 'attribute' for backwards compatibility).
manuals and *.schema to be updated as time permits.
1999-10-13 20:28:00 +00:00
Kurt Zeilenga
35655c056f Reimplement LDBM_SYNC/LDBM_NOSYNC code (dbnosync).
Old code applied sync flags to store(), however supported DBMs
require such flags to be specified during open().  The new
code now applies flags in ldbm_cache_open (which calls ldbm_open).
ldbm_cache_close() now calls ldbm_sync().  This will force
a updating of on-disk contents after each LDAP operation.
The old code either failed to sync the on-disk contents until
close or synced on every store.   Per LDBM operation syncing
*should* be safe enough... real data safety requires transactions.
Removed nosync option from BDB2 as it is not compatible with
txn support.
Also added code to disable DBM level locking as slapd is only
process acessing the databases (dbnolocking).
1999-09-23 19:49:20 +00:00
Kurt Zeilenga
305ed36159 Add RCSid and Copyright 1999-09-12 04:41:47 +00:00
Kurt Zeilenga
521f761b2a s/patch/path/ 1999-09-06 18:25:48 +00:00
Howard Chu
ccab3faa58 Update for attribute, objectclass, and objectidentifier descriptions. 1999-08-20 00:32:36 +00:00