80 Commits

Author	SHA1	Message	Date
Pierangelo Masarati	a7b55f4f44	assert administrative identity instead of the required one if doing auth check in non-caching mode	2004-07-23 00:11:05 +00:00
Pierangelo Masarati	277d921945	clear shared connections when ldap_result fails with -1 (typically, remote server is down); fixes ITS#3217	2004-07-04 23:35:18 +00:00
Pierangelo Masarati	1f70ad82f2	clean up unnecessary checks; don't use SASL native authz if authz ID is not static, because back-ldap pools connections...	2004-06-21 00:57:12 +00:00
Pierangelo Masarati	eca48b6f20	not sure that cyrus-sasl doesn't honor empty authz; need to check	2004-06-20 23:21:40 +00:00
Pierangelo Masarati	5bfb9fd590	make authz mode selection fully manual, plus more cleanup	2004-06-20 22:42:36 +00:00
Pierangelo Masarati	f34b11760a	allow a hidden parameter to instruct the proxy that the SASL mech can do native authz; will disappear as soon as I can detect it automnatically	2004-06-19 18:18:26 +00:00
Pierangelo Masarati	e6065fb20d	li->be didn't work; since it seems to be unnecessary, it's been removed; please check	2004-06-19 15:16:51 +00:00
Jong Hyuk Choi	f60f2d5048	Fix typo	2004-06-08 02:52:59 +00:00
Pierangelo Masarati	a18e199e0d	more on identity assertion	2004-05-22 17:26:02 +00:00
Pierangelo Masarati	cdebc4d376	more on idassert: SASL bind/authz	2004-05-15 10:11:10 +00:00
Pierangelo Masarati	8b954144d6	reflect Kurt's comments on ID assertion	2004-05-14 10:01:22 +00:00
Pierangelo Masarati	66ddf62922	add idassert code (undocumented yet)	2004-05-13 20:25:53 +00:00
Kurt Zeilenga	44725e7303	use BER_BVNULL	2004-04-07 04:11:43 +00:00
Pierangelo Masarati	e17be551a4	fix previous commit	2004-04-06 08:47:59 +00:00
Pierangelo Masarati	6a1dd9a1cd	exploit new frontend API 2 protocol error mapping; use urldesc...	2004-04-05 17:36:53 +00:00
Pierangelo Masarati	65b49dd312	add "searchFilterAttrDN" rewrite context, and allow filterstring rewrite	2004-03-10 21:11:14 +00:00
Kurt Zeilenga	3c598e89fb	Happy new year	2004-01-01 19:15:16 +00:00
Pierangelo Masarati	529a03df53	use dedicated admin identity to proxyAuthz	2003-12-13 10:57:42 +00:00
Kurt Zeilenga	fbba83b20f	notices and acknowledgements	2003-12-08 17:41:40 +00:00
Kurt Zeilenga	ed369e02af	Don't search for proxy authz control unnecessarily. ... Add note regarding control use with the Bind operation.	2003-12-01 21:49:52 +00:00
Pierangelo Masarati	cdb11fc5eb	add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852)	2003-12-01 08:04:51 +00:00
Kurt Zeilenga	a3d8cda201	notices and acknowledges	2003-11-27 06:35:14 +00:00
Howard Chu	9c47359912	Bind fixes for chaining	2003-06-11 22:35:31 +00:00
Hallvard Furuseth	6362a51fe8	Printf %p expects a void pointer. ... Other pointers may have different representation.	2003-05-22 22:00:54 +00:00
Howard Chu	b7351c66bc	ITS#2511 use %p to log pointer values	2003-05-14 13:54:15 +00:00
Pierangelo Masarati	629885a269	use SLAP_PTRCMP	2003-04-18 17:16:48 +00:00
Pierangelo Masarati	6bcbe9ad31	reset passwords before freeindg them	2003-04-18 10:02:43 +00:00
Howard Chu	d7a1eb0ea2	Fix AVL comparisons	2003-04-17 04:36:42 +00:00
Pierangelo Masarati	93abccdee3	group rewrite/map stuff in one structure and optimize more function calls	2003-04-07 16:52:59 +00:00
Pierangelo Masarati	77c4389f55	use rewrite info instead of ldapinfo for reusability in back-meta; will change soon	2003-04-07 12:53:00 +00:00
Howard Chu	68c5f6fa98	Cleanup ENABLE_REWRITE ifdefs, put into a new ldap_back_dn_massage(). ... All DN attrs are massaged, whether or not ENABLE_REWRITE is defined. Use "dnAttr" rewriteContext for Add, Compare, & Modify. Fixed ldap_back_compare.	2003-04-07 10:15:18 +00:00
Pierangelo Masarati	4235da91d4	massage bound dn only if operating on authz backend	2003-04-05 11:31:54 +00:00
Pierangelo Masarati	cb33a9ff44	minor fixes: leaks, dangling pointers, cleaner tag skip ... for subschemaSubentry; still having problems with group ACLs ...	2003-04-05 01:20:55 +00:00
Pierangelo Masarati	ab3ab80ecd	more args elimination + allow specific messages when mapping client API errors to LDAP_OTHER	2003-04-04 22:20:49 +00:00
Pierangelo Masarati	dfbbd11bd3	remove more unnecessary args	2003-04-04 00:43:40 +00:00
Howard Chu	a9339c99f6	Fix shared/private binds, fix entry_get malloc	2003-04-03 23:55:57 +00:00
Pierangelo Masarati	ebe0bb0b52	trim unnecessary args	2003-04-03 23:23:56 +00:00
Pierangelo Masarati	44c2d8a771	backout this for now	2003-04-03 23:09:17 +00:00
Pierangelo Masarati	d07ea8b450	need this to be able to bound searches when back-ldap and the source are on the same server; does it look fine?	2003-04-03 21:44:43 +00:00
Pierangelo Masarati	17e46d8468	cleanup and fixes	2003-04-03 21:35:27 +00:00
Howard Chu	3d0ffa1d58	Fix typos in prev commit	2003-04-02 00:40:51 +00:00
Howard Chu	e8c58b4e7f	Major API change - (SLAP_OP_BLOCKS) All request parameters are ... consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.	2003-03-30 09:03:54 +00:00
Howard Chu	9f0598034e	Fix do/don't send result logic	2003-02-19 00:01:22 +00:00
Howard Chu	532eea87c9	Added passwd_exop, added matchedDN rewrite for results.	2003-02-16 09:22:44 +00:00
Howard Chu	c04f3e7706	Fix previous commit	2003-02-14 09:17:42 +00:00
Howard Chu	0b6772492f	Use extended async APIs to allow direct parsing of results. Otherwise ... they will be interleaved in LDAP*. Avoid setting any options on the handle.	2003-02-14 05:23:45 +00:00
Howard Chu	202cf8af75	Implemented connection pooling. Requires libldap_r to allow multiple threads ... to access the same LDAP* handle.	2003-02-13 23:29:56 +00:00
Kurt Zeilenga	6939c53170	Happy new year	2003-01-03 20:20:47 +00:00
Pierangelo Masarati	a9c902a7ca	improve error messages	2002-11-10 18:16:43 +00:00
Pierangelo Masarati	58b860a15e	fix server-size controls handling in back-{ldap,meta}	2002-08-29 15:07:18 +00:00