mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
20,247 Commits 38 Branches 307 Tags 74 MiB
979e0f00b9
Commit Graph

134 Commits

Author SHA1 Message Date
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Pierangelo Masarati
1b42fde372 implement (per-target) per-conn proxy-side idle-timeout (ITS#4115); revitalize (per-target) network-timeout in back-meta; fix issue with connection initialization error in ldap_back_retry(); cleanup configuration of back-ldap 2005-12-07 17:35:02 +00:00
Pierangelo Masarati
3e7fd464dc streamline back-ldap/slapo-chain configuration; add the possibility to cache non-configured, anonymous referral URIs 2005-11-19 17:48:33 +00:00
Pierangelo Masarati
7fa4b159bf fix dangling resources issue in slapd-ldap; completely rework slapo-chain to fix the resource leak/concurrency issue; add support for multiple well-known URIs to set credentials for, and deal with unknown URIs anonymously; similar reworking and cleanup for slapd-meta 2005-11-19 15:00:50 +00:00
Pierangelo Masarati
4cab386d13 backport write operation timeouts from back-meta to back-ldap; minor cleanup & silence warnings 2005-11-06 23:29:10 +00:00
Pierangelo Masarati
37f4e80929 hide unused member (will likely be removed) 2005-09-24 18:46:01 +00:00
Pierangelo Masarati
112be0118e cleanup states/timeout handling in back-ldap/meta; add connection pooling and defer of pseudoroot bind to back-meta 2005-09-24 18:39:26 +00:00
Pierangelo Masarati
c6e2a69f27 fix tls propagation, including rebind 2005-08-11 16:01:24 +00:00
Pierangelo Masarati
4ed743cc84 remove unrequired member; address ITS#3913 2005-08-02 22:48:30 +00:00
Pierangelo Masarati
982981d465 fix potential deadlock; improve idassert in case of authzFrom rules (new flag values); rootdn can always idassert 2005-07-03 23:27:56 +00:00
Pierangelo Masarati
9e811df052 seems to definitely fix issues related to ITS#3808 2005-06-29 16:38:09 +00:00
Pierangelo Masarati
a7f44159c1 complete back-config support, including chain overlay; passes all tests; HEADS-UP: few syntax changes (essentially backwards compatible) 2005-05-23 07:25:00 +00:00
Pierangelo Masarati
da2a26d19f first round of back-config support; need to #define LDAP_BACK_BCONFIG; no support for rewrite and so, still stuff to fix. Doesn't pass most of the tests 2005-05-21 19:07:14 +00:00
Pierangelo Masarati
c80eb34888 honor T-F filters (ITS#3706) and some cleanup 2005-05-05 00:07:17 +00:00
Pierangelo Masarati
a141e3badf enable use of asynchronous call to StartTLS 2005-04-16 02:56:46 +00:00
Pierangelo Masarati
5affbfa428 add SASL bind for acl-authc; use slap_bindconf 2005-04-10 23:44:06 +00:00
Pierangelo Masarati
43138aa500 use asynchronous Start TLS exop; allow propagating TLS if used in the original connection; minor cleanup 2005-02-05 15:55:02 +00:00
Pierangelo Masarati
cfc77f0a0a make referrals chasing optional (default is to chase them) 2005-01-30 22:56:59 +00:00
Pierangelo Masarati
c6b6d2a5ec StartTLS (ITS#3507) + chain overlay fixes and improvements 2005-01-24 09:38:11 +00:00
Pierangelo Masarati
1d919d35a5 remove #ifdef's for identity assertion 2005-01-20 09:04:37 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
db4f223c66 improve overlay helpers 2004-11-13 17:20:24 +00:00
Pierangelo Masarati
f176935a58 remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 14:43:30 +00:00
Pierangelo Masarati
79f744f30b rework static backend initialization 2004-11-11 00:39:19 +00:00
Pierangelo Masarati
f06f2a6aec fix ITS#3350 (rewrite/remap will be replaced by the rwm overlay) 2004-11-10 09:56:55 +00:00
Howard Chu
55f12a7eee Add a retry for failed connections 2004-10-01 11:16:38 +00:00
Pierangelo Masarati
277d921945 clear shared connections when ldap_result fails with -1 (typically, remote server is down); fixes ITS#3217 2004-07-04 23:35:18 +00:00
Pierangelo Masarati
5bfb9fd590 make authz mode selection fully manual, plus more cleanup 2004-06-20 22:42:36 +00:00
Pierangelo Masarati
f34b11760a allow a hidden parameter to instruct the proxy that the SASL mech can do native authz; will disappear as soon as I can detect it automnatically 2004-06-19 18:18:26 +00:00
Pierangelo Masarati
e6065fb20d li->be didn't work; since it seems to be unnecessary, it's been removed; please check 2004-06-19 15:16:51 +00:00
Pierangelo Masarati
a18e199e0d more on identity assertion 2004-05-22 17:26:02 +00:00
Pierangelo Masarati
cdebc4d376 more on idassert: SASL bind/authz 2004-05-15 10:11:10 +00:00
Pierangelo Masarati
8b954144d6 reflect Kurt's comments on ID assertion 2004-05-14 10:01:22 +00:00
Pierangelo Masarati
66ddf62922 add idassert code (undocumented yet) 2004-05-13 20:25:53 +00:00
Pierangelo Masarati
6a1dd9a1cd exploit new frontend API 2 protocol error mapping; use urldesc... 2004-04-05 17:36:53 +00:00
Pierangelo Masarati
fa3baaeae9 overlays reworking 2004-03-18 18:59:46 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Pierangelo Masarati
529a03df53 use dedicated admin identity to proxyAuthz 2003-12-13 10:57:42 +00:00
Kurt Zeilenga
fbba83b20f notices and acknowledgements 2003-12-08 17:41:40 +00:00
Pierangelo Masarati
cdb11fc5eb add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852) 2003-12-01 08:04:51 +00:00
Kurt Zeilenga
a3d8cda201 notices and acknowledges 2003-11-27 06:35:14 +00:00
Howard Chu
09d05a57c2 More overlay tweaks. Added LDAP chaining overlay. 2003-06-11 04:36:35 +00:00
Howard Chu
423ad06fa6 Revert previous, committed by mistake 2003-04-11 04:28:26 +00:00
Howard Chu
ece7452b05 More memory context tweaks 2003-04-11 01:29:28 +00:00
Pierangelo Masarati
eed02aea22 need a second function because of different free() routines 2003-04-07 17:51:42 +00:00
Pierangelo Masarati
93abccdee3 group rewrite/map stuff in one structure and optimize more function calls 2003-04-07 16:52:59 +00:00
Pierangelo Masarati
77c4389f55 use rewrite info instead of ldapinfo for reusability in back-meta; will change soon 2003-04-07 12:53:00 +00:00
Howard Chu
68c5f6fa98 Cleanup ENABLE_REWRITE ifdefs, put into a new ldap_back_dn_massage(). 
All DN attrs are massaged, whether or not ENABLE_REWRITE is defined.
Use "dnAttr" rewriteContext for Add, Compare, & Modify.
Fixed ldap_back_compare.
 2003-04-07 10:15:18 +00:00
Pierangelo Masarati
1ce560383a map attrs improvement 2003-04-05 16:53:29 +00:00
Pierangelo Masarati
ab3ab80ecd more args elimination + allow specific messages when mapping client API errors to LDAP_OTHER 2003-04-04 22:20:49 +00:00
Pierangelo Masarati
172e93bfc9 normalize values only if required 2003-04-04 11:03:29 +00:00
Pierangelo Masarati
dfbbd11bd3 remove more unnecessary args 2003-04-04 00:43:40 +00:00
Pierangelo Masarati
ebe0bb0b52 trim unnecessary args 2003-04-03 23:23:56 +00:00
Pierangelo Masarati
17e46d8468 cleanup and fixes 2003-04-03 21:35:27 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are 
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
 2003-03-30 09:03:54 +00:00
Howard Chu
99950e4fe4 Deleted BackendInfo->bi_acl_attribute, bi_acl_group. 
Replaced with bi_entry_get_rw.
Implemented for back-bdb, back-ldbm, back-ldap.
 2003-03-26 11:50:03 +00:00
Pierangelo Masarati
bf35f8e37f improved filter mapping/rewrite; improved result rewriting; improved attribute/objectclass mapping configuration 2003-03-01 11:08:53 +00:00
Howard Chu
9f0598034e Fix do/don't send result logic 2003-02-19 00:01:22 +00:00
Howard Chu
532eea87c9 Added passwd_exop, added matchedDN rewrite for results. 2003-02-16 09:22:44 +00:00
Howard Chu
0b6772492f Use extended async APIs to allow direct parsing of results. Otherwise 
they will be interleaved in LDAP*. Avoid setting any options on the handle.
 2003-02-14 05:23:45 +00:00
Howard Chu
202cf8af75 Implemented connection pooling. Requires libldap_r to allow multiple threads 
to access the same LDAP* handle.
 2003-02-13 23:29:56 +00:00
Pierangelo Masarati
45f4e3602b clean up mapping api 2003-01-27 16:39:56 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Hallvard Furuseth
2bcb48361d Remove casts of AVL function pointers. 2002-12-14 22:25:52 +00:00
Pierangelo Masarati
c1edf76e20 use BerVarray for suffix_massaging stuff 2002-05-01 17:45:03 +00:00
Pierangelo Masarati
6feec86e5d - trim check for real naming context already defined as suffix 
- improve automatic massaging (prettify once)
- add (optimistic) automatic filter massaging
- cleanup of massaging stuff
 2002-05-01 11:41:57 +00:00
Howard Chu
c7262c7599 Added rebind-as-user option; saves bind credentials and sets a rebind_proc 
to allow chasing referrals using the same user's credentials.
 2002-04-25 02:05:34 +00:00
Howard Chu
ac1332cdb8 Renamed BVarray to BerVarray. Moved slapd:bvarray_{add,free} to 
liblber:ber_bvarray_{add,free}.
 2002-01-14 01:43:17 +00:00
Howard Chu
225fa32d8f BVarray fixes for ldap_dnattr_rewrite 2002-01-05 11:41:23 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Pierangelo Masarati
bd535be5cb hide mapping initialization 2002-01-04 17:51:20 +00:00
Howard Chu
f52cc9bab5 Change struct berval ** to BVarray 2002-01-02 11:00:36 +00:00
Howard Chu
743c402265 Changed search attrs from struct berval ** to AttributeName * 2001-12-31 11:35:52 +00:00
Howard Chu
6b413395fd More struct beral conversion 2001-12-28 04:20:08 +00:00
Howard Chu
d00fe773ae Fix attrs handling 2001-12-26 09:19:57 +00:00
Pierangelo Masarati
74fa239a20 This is the commit of: 
- librewrite, for string rewriting; it may be used in back-ldap
    by configuring with '--enable-rewrite'. It must be used in
    back-meta. There's a text file, 'libraries/librewrite/RATIONALE',
    that explains the usage and the features. More comprehensive
    documentation will follow.
  - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137)
    including dn rewriting, a fix to group acl matching and so
  - back-meta: a new backend that proxies a set of remote servers
    by spawning queries. It uses portions of back-ldap and the rewrite
    capabilities of librewrite. It can be compiled by configuring
    with `--enable-ldap --enable-rewrite --enable-meta'.
    There's a text file, 'servers/slapd/back-meta/Documentation', that
    describes the main features and config statements.

Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as
my autoconf version must be different: my configures contain a number
of differences and I didn't feel comfortable in adding them :)
 2001-05-12 00:51:28 +00:00
Mark Valence
6e6118c6cc attribute & objectclass mapping rules 2001-02-19 19:14:12 +00:00
Howard Chu
4703fe82b2 Pierangelo Masarati's bugfixes and enhancements for suffix-massaging. 
See the Changes file for detailed description.
 2001-01-19 21:27:20 +00:00
Kurt Zeilenga
c55a82baa2 Mark as "altered version" 2001-01-17 07:09:22 +00:00
Howard Chu
99c88eace1 Fix: remap API error codes into protocol error codes before sending 
back to client.
 2000-10-23 13:32:14 +00:00
Mark Valence
3d599d1bd3 Use "uri" directive (instead of "server") to specify server. Add "bin 
ddn" and "bindpw" directives for supporting group lookups.
 2000-06-05 04:59:26 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers. 
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
 1999-09-08 19:06:24 +00:00
Hallvard Furuseth
c09a2c63e7 Cleanup: 
Fix printf formats, remove unused variables, add missing prototypes in slapd,
add static/const, add some return types or change to void return type.
 1999-09-02 08:05:17 +00:00
Howard Chu
967d1dcb2d For ITS#157: Added LDAP backend for slapd, which also required adding 
LDAP_OPT_MATCH_STRING to ldap.h and libldap/options.c.
 1999-05-26 02:35:20 +00:00