134 Commits

Author	SHA1	Message	Date
Ondrej Kuznik	979e0f00b9	ITS#7182 Rework monitor registration. ... Letting back-monitor create the subsystem entries is much more readable than doing this manually. Only the database is registered if needed (chain overlay has to be updated to cope with this), the cn=Connection entry is removed in this patch to be reinstated in the following one as part of the correct subsystem. The owner (overlay mostly) should already know the target subtree DN, therefore the filter machinery can go away too.	2012-03-29 07:01:04 -07:00
Ondrej Kuznik	7c40b6e904	ITS#7182 Keep connection IDs for monitoring purposes.	2012-03-29 07:00:56 -07:00
Ondrej Kuznik	fb2d235615	ITS#7182 Introduce the variables for operation monitoring. ... Only completed operations are considered for now, this can be changed if needed.	2012-03-27 04:28:26 -07:00
Kurt Zeilenga	2bbf9804b9	Happy New Year!	2012-01-01 07:10:53 -08:00
Pierangelo Masarati	293b5e51a5	first cut at SASL bind issues in idassert (related to ITS#6817)	2011-01-31 22:07:04 +00:00
Kurt Zeilenga	966cef8c9a	Happy New Year	2011-01-05 00:42:37 +00:00
Pierangelo Masarati	bbe7272c7f	allow strict adherence to RFC4370 wrt/ control criticality (ITS#6523)	2010-04-14 21:37:03 +00:00
Kurt Zeilenga	3dadeb3efe	happy belated New Year	2010-04-13 22:17:29 +00:00
Pierangelo Masarati	f75825881a	honor X-ORDERED in olcDbIdAssertAuthzFrom; add olcDbIdAssertPassthru (ITS#6456); note: breaks binary compatibility with module back-meta.la	2010-04-09 22:47:55 +00:00
Pierangelo Masarati	20359f2020	fix previous commit (ITS#6267)	2009-08-24 00:41:12 +00:00
Pierangelo Masarati	69878f43c8	refactor connection handling	2009-08-19 16:45:15 +00:00
Pierangelo Masarati	bdec7702d7	better logging of privileged connections (more to come; might be unstable for a bit)	2009-08-19 15:00:59 +00:00
Pierangelo Masarati	c39815ee28	don't deadlock when a TLS uri is not responding (ITS#6167)	2009-06-11 06:51:01 +00:00
Kurt Zeilenga	4af9eb9715	Update copyright notices	2009-01-22 00:40:04 +00:00
Pierangelo Masarati	5a50733e39	don't send error when going to retry (alternative fix to ITS#5854)	2008-12-12 09:29:51 +00:00
Pierangelo Masarati	30ffa33d7e	do not propagate undefined or otherwise broken search filters (ITS#5614)	2008-07-14 22:14:49 +00:00
Pierangelo Masarati	c6f12694fc	allow proxies to filter out search references (ITS#5593)	2008-07-07 21:25:59 +00:00
Howard Chu	010295e9e7	More symbols for ITS#5355	2008-06-29 21:13:03 +00:00
Howard Chu	f481ffef9c	ITS#5355 use bi_extra instead of calling directly into back-ldap	2008-02-08 02:01:17 +00:00
Kurt Zeilenga	c890c96d13	Happy New Year (belated)	2008-01-08 00:19:56 +00:00
Pierangelo Masarati	9a00bbb35f	add support for session tracking (draft-wahl-ldap-sessio) to proxy backends requests	2007-08-22 15:49:35 +00:00
Pierangelo Masarati	e07dc8c757	fix more spurious return stuff; split quarantine in: detection, exploitation, recovery; describe failure reasons	2007-01-28 00:24:10 +00:00
Kurt Zeilenga	3297be046b	silence warnings	2007-01-19 07:31:02 +00:00
Pierangelo Masarati	3042c57ac0	allow forcing abandon of search operations on a connection basis	2007-01-09 12:19:04 +00:00
Pierangelo Masarati	e2d65fb69b	fix previous commit(s)	2007-01-09 00:59:17 +00:00
Howard Chu	a6a8fb514b	Add TLS context configuration	2007-01-08 23:36:24 +00:00
Pierangelo Masarati	d132415e5f	cleanup	2007-01-05 10:34:32 +00:00
Kurt Zeilenga	da6d9eb046	happy new year	2007-01-02 20:00:42 +00:00
Pierangelo Masarati	7e8242d50d	pool privileged connections (ITS#4791)	2006-12-24 18:23:36 +00:00
Pierangelo Masarati	3e427ad75a	support a separate cached connection for binds when using (liberal) idassert flagged with "override" (ITS#4781)	2006-12-17 22:11:40 +00:00
Pierangelo Masarati	f8d1a61866	more on clarification of special proxy identities and resilience to connection failure	2006-10-07 18:07:56 +00:00
Pierangelo Masarati	5714f8565f	fix rebind with idassert when a connection expires; also, fix override	2006-09-30 01:11:19 +00:00
Pierangelo Masarati	6e18cdb5fd	add basic monitoring support to back-ldap/slapo-chain (slapo-chain needs work)	2006-09-14 01:05:48 +00:00
Pierangelo Masarati	150a4f106c	improve timeout support (ITS#4157, ITS#4663); manpage cleanup	2006-09-04 08:24:05 +00:00
Pierangelo Masarati	34af916e3f	fix response sending while rebinding (ITS#4597)	2006-06-24 16:58:49 +00:00
Pierangelo Masarati	3ebb40c4dd	port identity assertion to back-meta; share as much code as possible with back-ldap; misc cleanup	2006-06-15 23:12:38 +00:00
Pierangelo Masarati	740f196548	rework quarantine locking and so	2006-06-07 23:25:38 +00:00
Pierangelo Masarati	85c9a7b4c5	further cleanop of previous commits	2006-05-30 00:40:39 +00:00
Pierangelo Masarati	f5fcd2c169	cleanup previous commit	2006-05-30 00:12:23 +00:00
Pierangelo Masarati	a6406de871	make room for plugins that deal with quarantine end	2006-05-29 21:43:20 +00:00
Pierangelo Masarati	795841b5a4	implement proxy quarantine (ITS#4569)	2006-05-27 19:54:27 +00:00
Pierangelo Masarati	e5c173691d	add cancel strategies (ITS#4560)	2006-05-20 14:29:01 +00:00
Pierangelo Masarati	0c33c17bb5	"single-conn" forces flushing of existing conns during rebind on same conn (ITS#4546)	2006-05-14 17:32:15 +00:00
Pierangelo Masarati	373ded8d24	add URI list resorting feature (ITS#4524)	2006-05-06 16:15:25 +00:00
Pierangelo Masarati	0500576056	add support for old proxyAuthz encoding; allow to workaround buggy implementations of the new version (now RFC4370)	2006-04-08 11:12:30 +00:00
Pierangelo Masarati	8c1b8d3f7b	actually, if a connection is already in the AVL tree, use it if not binding; otherwise use a tainted one; taint connections that must be freed when refcnt goes to zero	2006-04-07 01:28:56 +00:00
Pierangelo Masarati	3861c47316	queue implicit binds (ITS#4409)	2006-03-03 16:27:00 +00:00
Pierangelo Masarati	54aefe30f7	implement proxy long-lived connection TTL	2006-02-01 23:10:12 +00:00
Pierangelo Masarati	543c588772	don't send error with back-meta	2006-01-09 15:13:29 +00:00
Howard Chu	2b39a26150	ITS#4315 fix bind concurrency issue	2006-01-09 09:14:53 +00:00