Commit Graph

294 Commits

Author SHA1 Message Date
Pierangelo Masarati
a7b55f4f44 assert administrative identity instead of the required one if doing auth check in non-caching mode 2004-07-23 00:11:05 +00:00
Pierangelo Masarati
07f010a01f fix previous fix 2004-07-22 23:03:04 +00:00
Pierangelo Masarati
b94d5e17e2 rework op/rs structures to deal with opeartional attributes 2004-07-18 21:44:29 +00:00
Hallvard Furuseth
af5ab4f196 Add missing format argument for 'unhandled idassert-method' error message. 2004-07-18 07:16:34 +00:00
Pierangelo Masarati
81d89ddd63 validate/pretty before normalizing... (ITS#3218) 2004-07-06 22:02:52 +00:00
Pierangelo Masarati
277d921945 clear shared connections when ldap_result fails with -1 (typically, remote server is down); fixes ITS#3217 2004-07-04 23:35:18 +00:00
Pierangelo Masarati
1f70ad82f2 clean up unnecessary checks; don't use SASL native authz if authz ID is not static, because back-ldap pools connections... 2004-06-21 00:57:12 +00:00
Pierangelo Masarati
eca48b6f20 not sure that cyrus-sasl doesn't honor empty authz; need to check 2004-06-20 23:21:40 +00:00
Pierangelo Masarati
5bfb9fd590 make authz mode selection fully manual, plus more cleanup 2004-06-20 22:42:36 +00:00
Pierangelo Masarati
176e5542bb fix erroneous logging 2004-06-20 22:42:04 +00:00
Pierangelo Masarati
5d843b2b13 detect mechs that are known to perform native authz 2004-06-19 18:32:55 +00:00
Pierangelo Masarati
f34b11760a allow a hidden parameter to instruct the proxy that the SASL mech can do native authz; will disappear as soon as I can detect it automnatically 2004-06-19 18:18:26 +00:00
Pierangelo Masarati
e6065fb20d li->be didn't work; since it seems to be unnecessary, it's been removed; please check 2004-06-19 15:16:51 +00:00
Pierangelo Masarati
d1b692ceb4 clarify no limits in (internal) searches 2004-06-12 11:33:21 +00:00
Jong Hyuk Choi
f60f2d5048 Fix typo 2004-06-08 02:52:59 +00:00
Howard Chu
7488f557cd Fix entry_get, only check mapped attr if attr was provided 2004-05-25 04:54:32 +00:00
Pierangelo Masarati
a18e199e0d more on identity assertion 2004-05-22 17:26:02 +00:00
Howard Chu
a11553c212 Always normalize entries (ITS#3152, ITS#3144) 2004-05-19 23:19:24 +00:00
Pierangelo Masarati
cdebc4d376 more on idassert: SASL bind/authz 2004-05-15 10:11:10 +00:00
Pierangelo Masarati
8b954144d6 reflect Kurt's comments on ID assertion 2004-05-14 10:01:22 +00:00
Pierangelo Masarati
3b38676dd3 complete idassert options 2004-05-13 22:12:46 +00:00
Pierangelo Masarati
66ddf62922 add idassert code (undocumented yet) 2004-05-13 20:25:53 +00:00
Pierangelo Masarati
d40e5a365a fix DN_SEPARATOR() and clarify its use 2004-05-07 09:03:05 +00:00
Pierangelo Masarati
b34cf02488 more on fixing escaped semicolon in normalized DN 2004-05-07 02:18:08 +00:00
Luke Howard
22f425c1f3 Fix warning in assignment 2004-04-15 02:37:40 +00:00
Luke Howard
12949734bd Fix warning in assignment 2004-04-15 02:36:23 +00:00
Pierangelo Masarati
c0c24cfec5 first round of SHADOW flags/isupdate test unification 2004-04-10 10:00:58 +00:00
Kurt Zeilenga
c7f0438044 bvalue cleanup 2004-04-08 06:49:17 +00:00
Howard Chu
8c6fe48806 More dynamic/static cleanup 2004-04-08 05:58:54 +00:00
Howard Chu
f2e1df3ef7 Consolidated static/dynamic backend switches 2004-04-08 05:56:23 +00:00
Jong Hyuk Choi
1c1b2bb6ee updatedn fix for syncrepl 2004-04-07 17:32:37 +00:00
Kurt Zeilenga
44725e7303 use BER_BVNULL 2004-04-07 04:11:43 +00:00
Pierangelo Masarati
a11dc61e05 rework be_isupdate accordingly to be_isroot 2004-04-06 09:42:40 +00:00
Pierangelo Masarati
e17be551a4 fix previous commit 2004-04-06 08:47:59 +00:00
Pierangelo Masarati
0f867b9577 revert erroneous commit; cure the test the right way 2004-04-05 23:47:17 +00:00
Kurt Zeilenga
9a64fdb991 use SLAP_DBFLAGS instead of be->be_flags 2004-04-05 23:42:59 +00:00
Pierangelo Masarati
6a1dd9a1cd exploit new frontend API 2 protocol error mapping; use urldesc... 2004-04-05 17:36:53 +00:00
Pierangelo Masarati
fa3baaeae9 overlays reworking 2004-03-18 18:59:46 +00:00
Pierangelo Masarati
66ee9b2d73 carefully check the URI 2004-03-17 22:36:47 +00:00
Pierangelo Masarati
ec6a663820 reset SlapReply flags 2004-03-17 11:50:15 +00:00
Pierangelo Masarati
246fa41c96 "searchFilter" by default must be empty 2004-03-10 21:53:39 +00:00
Pierangelo Masarati
65b49dd312 add "searchFilterAttrDN" rewrite context, and allow filterstring rewrite 2004-03-10 21:11:14 +00:00
Pierangelo Masarati
091246c6fd move limits evaluation to frontend 2004-03-08 18:12:45 +00:00
Pierangelo Masarati
5c6ec10f48 massage normalized DN when either is fine 2004-03-06 16:49:08 +00:00
Pierangelo Masarati
2b393962fc fix continuation of ITS#2999 2004-03-06 09:33:24 +00:00
Howard Chu
b480d7c9ff Added pwdexop request structure to avoid redundant parsing 2004-02-29 19:04:34 +00:00
Pierangelo Masarati
d015b9583c handle filter computed in a more granular way (ITS#2977) 2004-02-28 16:05:59 +00:00
Pierangelo Masarati
4e57108991 allow search limits based on groups (ITS#2967) 2004-02-18 16:40:36 +00:00
Pierangelo Masarati
1ac20b1f02 improve previous commit 2004-02-17 13:34:51 +00:00
Pierangelo Masarati
cb3d538ea3 allow no-user-modification propagations if back-ldap is used for replication (i.e. updatedn is defined) 2004-02-17 12:39:42 +00:00