Commit Graph

91 Commits

Author SHA1 Message Date
Kurt Zeilenga
bd1543ce44 notices 2003-11-29 22:38:48 +00:00
Kurt Zeilenga
f0cd57eb9b cleanup 2003-11-29 22:37:07 +00:00
Kurt Zeilenga
e3a4c4ec9c Notice/Acknowledge updates 2003-11-26 02:58:56 +00:00
Howard Chu
c58ac9d8f1 Add memctx param to build_new_dn(). cleanup DN leaks. 2003-09-24 04:30:41 +00:00
Pierangelo Masarati
53b7e6fbcf apparently Oracle does not support AS in joins (ITS#2642) 2003-07-15 11:26:17 +00:00
Pierangelo Masarati
0bb807f4be fix format (ITS#2640?) 2003-07-15 10:57:12 +00:00
Howard Chu
aa3b69eb32 ITS#2440 unmunge init_module names 2003-06-12 22:25:20 +00:00
Kurt Zeilenga
7ca24a8591 Another round of minor copyright updates 2003-05-25 03:56:57 +00:00
Kurt Zeilenga
8035d016c4 Fix typos in last commit
Apply to Makefile as well
2003-05-24 06:15:00 +00:00
Kurt Zeilenga
73f2048456 Add clarification as to source of this file
Add OpenLDAP copyright statement
2003-05-24 03:18:50 +00:00
Howard Chu
7e2273b30e Added errmsg arg to lutil_passwd_{check,hash} functions 2003-04-30 07:52:05 +00:00
Kurt Zeilenga
5cd994ed21 remove dnNormalize2
replace calls to dnNormalize2 with calls to dnNormalize
2003-04-29 18:28:14 +00:00
Pierangelo Masarati
629885a269 use SLAP_PTRCMP 2003-04-18 17:16:48 +00:00
Pierangelo Masarati
9caafcb3d9 cleanup; improve error handling 2003-04-16 22:22:57 +00:00
Pierangelo Masarati
786d4e23b7 allow compare on dynamically generated operational attributes (may be moved to the frontend) 2003-04-16 20:55:42 +00:00
Pierangelo Masarati
d564770156 clarify hasSubordinate filtering 2003-04-16 20:54:56 +00:00
Pierangelo Masarati
57bb4fd89a fix id query 2003-04-16 20:54:30 +00:00
Pierangelo Masarati
d9d5912383 use syntax and matching rules knowledge when preparing SQL filters (to reduce pseudo-normalization efforts and search candidate number) 2003-04-16 10:22:33 +00:00
Pierangelo Masarati
d8887ac063 fix update operations 2003-04-16 01:21:02 +00:00
Pierangelo Masarati
0c67c0493b more cleanup; small improvements 2003-04-15 23:11:31 +00:00
Pierangelo Masarati
1f400adca7 honor attributes request 2003-04-15 22:43:56 +00:00
Pierangelo Masarati
adf3744dd6 fix backsql new API; use berbuf instead of berval 2003-04-15 21:55:25 +00:00
Pierangelo Masarati
805894be1d fix context memory and more cleanup 2003-04-11 23:23:03 +00:00
Howard Chu
ece7452b05 More memory context tweaks 2003-04-11 01:29:28 +00:00
Pierangelo Masarati
9e66d3d1f0 fix referrals return 2003-04-07 23:21:55 +00:00
Kurt Zeilenga
c75be97ae9 #ifdef -DSLAP_NVALUES 2003-04-05 03:35:16 +00:00
Pierangelo Masarati
8995d8341f more new API ... back-sql should be OK 2003-04-03 00:35:16 +00:00
Pierangelo Masarati
09b92f0aeb more new API ... 2003-04-02 22:58:02 +00:00
Howard Chu
99950e4fe4 Deleted BackendInfo->bi_acl_attribute, bi_acl_group.
Replaced with bi_entry_get_rw.
Implemented for back-bdb, back-ldbm, back-ldap.
2003-03-26 11:50:03 +00:00
Pierangelo Masarati
26895b9fa5 fix bug in schema check 2003-03-25 14:34:01 +00:00
Kurt Zeilenga
c981ebcb61 Don't return LDAP_OPERATIONS_ERROR for internal errors 2003-03-01 20:17:52 +00:00
Pierangelo Masarati
7ab954d516 blind fix (accrding to back-monitor hack) 2003-02-26 19:41:27 +00:00
Pierangelo Masarati
06b981429a fix ITS#2309 2003-02-10 18:15:36 +00:00
Hallvard Furuseth
2bcb48361d Remove casts of AVL function pointers. 2002-12-14 22:25:52 +00:00
Pierangelo Masarati
59aea47963 improve limits handling and consistency; return "Admin limit exceeded" instead of "Unwilling to perform" 2002-11-21 12:58:59 +00:00
Pierangelo Masarati
76bf91f553 remove #ifdef SLAP_FILTER_HASSUBORDINATES 2002-11-10 19:48:36 +00:00
Pierangelo Masarati
5794b3a2dd Add checks for SQL headers in configure.in (need to rerun autoheader
and autoconf); #include "ac/string.h" instead of <string.h>
2002-11-09 17:03:07 +00:00
Pierangelo Masarati
7b3f889ec1 fix hasSubordinate filtering; now it can be safely turned on 2002-10-26 16:18:31 +00:00
Pierangelo Masarati
665cb3e86e fix typo 2002-10-23 14:10:21 +00:00
Kurt Zeilenga
c382c5efa2 blind fix for NULL pointer in Debug() bug (ITS#2143) 2002-10-17 17:45:44 +00:00
Pierangelo Masarati
eb38db1be5 various fixes and improvements 2002-09-02 19:39:31 +00:00
Pierangelo Masarati
c8cfbca64d fix extendedMatch and approx hfilter andling; get rid of subtree_cond (argh, need to trim it from config and docs ...) 2002-08-31 10:39:23 +00:00
Pierangelo Masarati
a1bb43946b better handling of children_cond 2002-08-31 10:38:29 +00:00
Pierangelo Masarati
95a99bd522 trace illegal condition in backsql_strfcat 2002-08-31 10:37:42 +00:00
Pierangelo Masarati
685363e880 add 'children_cond' config statement 2002-08-31 10:36:16 +00:00
Pierangelo Masarati
a8bf275221 cleaner handling of unchecked limit support 2002-08-29 19:43:29 +00:00
Pierangelo Masarati
fbc11bd16a - added the capability to filter based on hasSubordinate attribute
to back-bdb, back-ldbm and back-sql (the latter with limitations);
- added handling of ":dn" attributes to extended rfc2254 filters
  and to matched value filter
- altered the behavior of get_mra() when a matching rule is given:
  now it checks whether it is compatible with the attribute syntax
  and, in case it is, the given mr is used.  In case of no type,
  the check is delayed when filtering
2002-08-29 10:55:48 +00:00
Kurt Zeilenga
c67781d0ea use ldap_charray_free() instead of slapd's charray_free() 2002-08-24 00:40:25 +00:00
Pierangelo Masarati
f11c6b27e7 Final run of changes to back-sql; IBM db2 support has been tested.
Now related ITSes need be audited and possibly closed.

Enhancements:
  - re-styled code for better readability
  - upgraded backend API to reflect recent changes
  - LDAP schema is checked when loading SQL/LDAP mapping
  - AttributeDescription/ObjectClass pointers used for more efficient
    mapping lookup
  - bervals used where string length is required often
  - atomized write operations by committing at the end of each operation
    and defaulting connection closure to rollback
  - added LDAP access control to write operations
  - fully implemented modrdn (with rdn attrs change, deleteoldrdn,
    access check, parent/children check and more)
  - added parent access control, children control to delete operation
  - added structuralObjectClass operational attribute check and
    value return on search
  - added hasSubordinate operational attribute on demand
  - search limits are appropriately enforced
  - function backsql_strcat() has been made more efficient
  - concat function has been made configurable by means of a pattern
  - added config switches:
      - fail_if_no_mapping	write operations fail if there is no mapping
      - has_ldapinfo_dn_ru	overrides autodetect
      - concat_pattern		a string containing two '?' is used
				(note that "?||?" should be more portable
				than builtin function "CONCAT(?,?)")
      - strcast_func		cast of string constants in "SELECT DISTINCT					statements (needed by PostgreSQL)
      - upper_needs_cast	cast the argument of upper when required
				(basically when building dn substring queries)

Todo:
  - add security checks for SQL statements that can be injected (?)
  - re-test with previously supported RDBMs
  - replace dn_ru and so with normalized dn (no need for upper() and so
    in dn match)
  - implement a backsql_normalize() function to replace the upper()
    conversion routines
  - note that subtree deletion, subtree renaming and so could be easily
    implemented (rollback and consistency checks are available :)
  - implement "lastmod" and other operational stuff (ldap_entries table ?)
2002-08-23 08:54:08 +00:00
Pierangelo Masarati
05348c5fc5 CHANGES:
- now all write operations appear to work correctly with PostgeSQL 7.0
- all write operations have been made transactional (atomic writes to
  entries are committed separately only in case of complete^1 success
  while all other operations are rolled-back by default)
- more cleanup and handling of exceptional conditions

TODO:
- deen to check with different databases and more up to date versions
  of both unixODBC and PostgreSQL.

^1: attribute add/modify/delete operations silently succeed if the
    appropriate add/delete proc does not exist for each attribute;
    this may be correct to hide undesired/unimplemented correspondence
    between LDAP and SQL databases; however, a more appropriate
    LDAP behavior would be a failure with LDAP_UNAVAILABLE if a
    single write operation cannot be executed for such reason
2002-08-16 16:45:24 +00:00