mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
12,572 Commits 38 Branches 307 Tags 74 MiB
b131aab00e
Commit Graph

386 Commits

Author SHA1 Message Date
Pierangelo Masarati
5bfb9fd590 make authz mode selection fully manual, plus more cleanup 2004-06-20 22:42:36 +00:00
Pierangelo Masarati
176e5542bb fix erroneous logging 2004-06-20 22:42:04 +00:00
Pierangelo Masarati
5d843b2b13 detect mechs that are known to perform native authz 2004-06-19 18:32:55 +00:00
Pierangelo Masarati
f34b11760a allow a hidden parameter to instruct the proxy that the SASL mech can do native authz; will disappear as soon as I can detect it automnatically 2004-06-19 18:18:26 +00:00
Pierangelo Masarati
e6065fb20d li->be didn't work; since it seems to be unnecessary, it's been removed; please check 2004-06-19 15:16:51 +00:00
Pierangelo Masarati
d1b692ceb4 clarify no limits in (internal) searches 2004-06-12 11:33:21 +00:00
Jong Hyuk Choi
f60f2d5048 Fix typo 2004-06-08 02:52:59 +00:00
Howard Chu
7488f557cd Fix entry_get, only check mapped attr if attr was provided 2004-05-25 04:54:32 +00:00
Pierangelo Masarati
a18e199e0d more on identity assertion 2004-05-22 17:26:02 +00:00
Howard Chu
a11553c212 Always normalize entries (ITS#3152, ITS#3144) 2004-05-19 23:19:24 +00:00
Pierangelo Masarati
cdebc4d376 more on idassert: SASL bind/authz 2004-05-15 10:11:10 +00:00
Pierangelo Masarati
8b954144d6 reflect Kurt's comments on ID assertion 2004-05-14 10:01:22 +00:00
Pierangelo Masarati
3b38676dd3 complete idassert options 2004-05-13 22:12:46 +00:00
Pierangelo Masarati
66ddf62922 add idassert code (undocumented yet) 2004-05-13 20:25:53 +00:00
Pierangelo Masarati
d40e5a365a fix DN_SEPARATOR() and clarify its use 2004-05-07 09:03:05 +00:00
Pierangelo Masarati
b34cf02488 more on fixing escaped semicolon in normalized DN 2004-05-07 02:18:08 +00:00
Luke Howard
22f425c1f3 Fix warning in assignment 2004-04-15 02:37:40 +00:00
Luke Howard
12949734bd Fix warning in assignment 2004-04-15 02:36:23 +00:00
Pierangelo Masarati
c0c24cfec5 first round of SHADOW flags/isupdate test unification 2004-04-10 10:00:58 +00:00
Kurt Zeilenga
c7f0438044 bvalue cleanup 2004-04-08 06:49:17 +00:00
Howard Chu
8c6fe48806 More dynamic/static cleanup 2004-04-08 05:58:54 +00:00
Howard Chu
f2e1df3ef7 Consolidated static/dynamic backend switches 2004-04-08 05:56:23 +00:00
Jong Hyuk Choi
1c1b2bb6ee updatedn fix for syncrepl 2004-04-07 17:32:37 +00:00
Kurt Zeilenga
44725e7303 use BER_BVNULL 2004-04-07 04:11:43 +00:00
Pierangelo Masarati
a11dc61e05 rework be_isupdate accordingly to be_isroot 2004-04-06 09:42:40 +00:00
Pierangelo Masarati
e17be551a4 fix previous commit 2004-04-06 08:47:59 +00:00
Pierangelo Masarati
0f867b9577 revert erroneous commit; cure the test the right way 2004-04-05 23:47:17 +00:00
Kurt Zeilenga
9a64fdb991 use SLAP_DBFLAGS instead of be->be_flags 2004-04-05 23:42:59 +00:00
Pierangelo Masarati
6a1dd9a1cd exploit new frontend API 2 protocol error mapping; use urldesc... 2004-04-05 17:36:53 +00:00
Pierangelo Masarati
fa3baaeae9 overlays reworking 2004-03-18 18:59:46 +00:00
Pierangelo Masarati
66ee9b2d73 carefully check the URI 2004-03-17 22:36:47 +00:00
Pierangelo Masarati
ec6a663820 reset SlapReply flags 2004-03-17 11:50:15 +00:00
Pierangelo Masarati
246fa41c96 "searchFilter" by default must be empty 2004-03-10 21:53:39 +00:00
Pierangelo Masarati
65b49dd312 add "searchFilterAttrDN" rewrite context, and allow filterstring rewrite 2004-03-10 21:11:14 +00:00
Pierangelo Masarati
091246c6fd move limits evaluation to frontend 2004-03-08 18:12:45 +00:00
Pierangelo Masarati
5c6ec10f48 massage normalized DN when either is fine 2004-03-06 16:49:08 +00:00
Pierangelo Masarati
2b393962fc fix continuation of ITS#2999 2004-03-06 09:33:24 +00:00
Howard Chu
b480d7c9ff Added pwdexop request structure to avoid redundant parsing 2004-02-29 19:04:34 +00:00
Pierangelo Masarati
d015b9583c handle filter computed in a more granular way (ITS#2977) 2004-02-28 16:05:59 +00:00
Pierangelo Masarati
4e57108991 allow search limits based on groups (ITS#2967) 2004-02-18 16:40:36 +00:00
Pierangelo Masarati
1ac20b1f02 improve previous commit 2004-02-17 13:34:51 +00:00
Pierangelo Masarati
cb3d538ea3 allow no-user-modification propagations if back-ldap is used for replication (i.e. updatedn is defined) 2004-02-17 12:39:42 +00:00
Howard Chu
8a55795fbe ITS#2888 fix back-ldap to check result of send_search_entry. 
Make sure sizelimit errors are propagated.
 2004-02-13 02:44:13 +00:00
Pierangelo Masarati
d65f402058 improve fix to ITS#2923; note that suffix massaging is inherently flawed, because comperisons should always occur on Normalized DN, while massaging can also occur on Pretty DN, but there is no guarantee they have the same length or any length-based comparison can work; so in any case, we should pass the Normalized DN and, if the Pretty DN is present, massage it as well accordingly 2004-01-17 12:25:46 +00:00
Pierangelo Masarati
2c049ebb42 fix ITS#2923 2004-01-17 11:48:14 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Pierangelo Masarati
529a03df53 use dedicated admin identity to proxyAuthz 2003-12-13 10:57:42 +00:00
Howard Chu
b011c51390 Clean up entry initialization 2003-12-13 02:00:07 +00:00
Kurt Zeilenga
fbba83b20f notices and acknowledgements 2003-12-08 17:41:40 +00:00
Howard Chu
0690f79a5a Cleanup unknown config directive handling. 2003-12-07 07:07:00 +00:00
Howard Chu
c59e89de2f Clear ocflags 2003-12-06 14:39:07 +00:00
Howard Chu
2d07fc4f3b ITS#2740 - link librewrite statically into back-ldap when it's built 
as a module. Since back-meta also depends on back-ldap, this fixes
both at once.
 2003-12-04 10:50:36 +00:00
Kurt Zeilenga
ed369e02af Don't search for proxy authz control unnecessarily. 
Add note regarding control use with the Bind operation.
 2003-12-01 21:49:52 +00:00
Pierangelo Masarati
cdb11fc5eb add administrative bind and proxyAuthz control to enable bound operations in distributed directories (need to manually #define LDAP_BACK_PROXY_AUTHZ and patches from ITS#2851 and ITS#2852) 2003-12-01 08:04:51 +00:00
Pierangelo Masarati
2c68cb41f6 this memory will be freed by free() 2003-12-01 08:01:31 +00:00
Hallvard Furuseth
51f1b8ccd7 Avoid /* inside comments. 2003-11-29 17:29:44 +00:00
Kurt Zeilenga
a3d8cda201 notices and acknowledges 2003-11-27 06:35:14 +00:00
Kurt Zeilenga
e3a4c4ec9c Notice/Acknowledge updates 2003-11-26 02:58:56 +00:00
Pierangelo Masarati
a3deda8026 fix a number of mem leaks; add destroy code; HEADS-UP: API change in rewrite_info_delete() 2003-11-14 18:39:18 +00:00
Howard Chu
20902a2be3 Fix segfault if entry_get is called with NULL attribute 2003-09-20 07:48:57 +00:00
Howard Chu
aa3b69eb32 ITS#2440 unmunge init_module names 2003-06-12 22:25:20 +00:00
Howard Chu
9c47359912 Bind fixes for chaining 2003-06-11 22:35:31 +00:00
Howard Chu
4c5de987cd Fix config, chaining 2003-06-11 06:32:24 +00:00
Howard Chu
09d05a57c2 More overlay tweaks. Added LDAP chaining overlay. 2003-06-11 04:36:35 +00:00
Kurt Zeilenga
16af7fdd4c Hide experimental controls and extended operations 2003-05-31 20:19:02 +00:00
Kurt Zeilenga
7ca24a8591 Another round of minor copyright updates 2003-05-25 03:56:57 +00:00
Hallvard Furuseth
6362a51fe8 Printf %p expects a void pointer. 
Other pointers may have different representation.
 2003-05-22 22:00:54 +00:00
Howard Chu
b7351c66bc ITS#2511 use %p to log pointer values 2003-05-14 13:54:15 +00:00
Hallvard Furuseth
c5d60fc043 ctrls[] was initialized with which non-constants. 2003-05-02 13:26:25 +00:00
Kurt Zeilenga
5cd994ed21 remove dnNormalize2 
replace calls to dnNormalize2 with calls to dnNormalize
 2003-04-29 18:28:14 +00:00
Kurt Zeilenga
eebc51b9bf remove dnPretty 
rename dnPretty2 to dnPretty
 2003-04-29 18:13:10 +00:00
Hallvard Furuseth
9d9ac9e4d9 #include <ac/string.h>, to get memset() and strlen(). 2003-04-29 15:02:01 +00:00
Pierangelo Masarati
629885a269 use SLAP_PTRCMP 2003-04-18 17:16:48 +00:00
Pierangelo Masarati
6bcbe9ad31 reset passwords before freeindg them 2003-04-18 10:02:43 +00:00
Howard Chu
d7a1eb0ea2 Fix AVL comparisons 2003-04-17 04:36:42 +00:00
Howard Chu
423ad06fa6 Revert previous, committed by mistake 2003-04-11 04:28:26 +00:00
Luke Howard
f26a0e0db0 Don't pass NULL DN to rewrite_session(), causes assertion failure 
(Howard might like to check that this is the correct fix)
 2003-04-11 04:23:21 +00:00
Howard Chu
ece7452b05 More memory context tweaks 2003-04-11 01:29:28 +00:00
Pierangelo Masarati
b4dbfb570a cleanup 2003-04-08 13:22:12 +00:00
Pierangelo Masarati
51c658babd fix typo 2003-04-07 21:06:06 +00:00
Howard Chu
91bb1bd980 schema checks 2003-04-07 20:16:56 +00:00
Howard Chu
cd76391078 Fix !ENABLE_REWRITE 2003-04-07 19:48:10 +00:00
Howard Chu
3c704f4d14 Fix returncode checks 2003-04-07 19:47:31 +00:00
Pierangelo Masarati
eed02aea22 need a second function because of different free() routines 2003-04-07 17:51:42 +00:00
Pierangelo Masarati
243311d56a move to more appropriate file ... 2003-04-07 17:18:42 +00:00
Pierangelo Masarati
6dbd7341f9 use berval 2003-04-07 17:07:52 +00:00
Pierangelo Masarati
96e1632d4a default remapping from target to server aliases searchResult 2003-04-07 16:59:56 +00:00
Pierangelo Masarati
93abccdee3 group rewrite/map stuff in one structure and optimize more function calls 2003-04-07 16:52:59 +00:00
Pierangelo Masarati
77c4389f55 use rewrite info instead of ldapinfo for reusability in back-meta; will change soon 2003-04-07 12:53:00 +00:00
Howard Chu
c823f9a995 Use individual addAttrDN, compareAttrDN, modifyAttrDN, searchAttrDN contexts 
instead of re-using other contexts.
 2003-04-07 11:55:12 +00:00
Howard Chu
8ef3bbb174 Fix prev 2003-04-07 11:50:15 +00:00
Howard Chu
7972ebe66f Fix freeval check 2003-04-07 11:49:40 +00:00
Howard Chu
c4ab31ddc9 Cleanup previous 2003-04-07 11:40:23 +00:00
Howard Chu
c607ed0a6f (SLAP_NVALUES) attr->a_nvals must not be NULL, set equal to a_vals when 
not normalizing.
 2003-04-07 11:38:45 +00:00
Howard Chu
bb305eee0b Fix matchedDn detection 2003-04-07 10:51:57 +00:00
Howard Chu
df05038f9e Actually free mapped attrval 2003-04-07 10:31:32 +00:00
Howard Chu
68c5f6fa98 Cleanup ENABLE_REWRITE ifdefs, put into a new ldap_back_dn_massage(). 
All DN attrs are massaged, whether or not ENABLE_REWRITE is defined.
Use "dnAttr" rewriteContext for Add, Compare, & Modify.
Fixed ldap_back_compare.
 2003-04-07 10:15:18 +00:00
Pierangelo Masarati
1bae6d28e5 silence warnings 2003-04-05 16:58:36 +00:00
Pierangelo Masarati
1ce560383a map attrs improvement 2003-04-05 16:53:29 +00:00
Pierangelo Masarati
4235da91d4 massage bound dn only if operating on authz backend 2003-04-05 11:31:54 +00:00
Kurt Zeilenga
c75be97ae9 #ifdef -DSLAP_NVALUES 2003-04-05 03:35:16 +00:00
Pierangelo Masarati
f8682550d7 cleanup 2003-04-05 01:25:57 +00:00
Pierangelo Masarati
cb33a9ff44 minor fixes: leaks, dangling pointers, cleaner tag skip 
for subschemaSubentry; still having problems with group ACLs ...
 2003-04-05 01:20:55 +00:00
Pierangelo Masarati
ab3ab80ecd more args elimination + allow specific messages when mapping client API errors to LDAP_OTHER 2003-04-04 22:20:49 +00:00
Pierangelo Masarati
172e93bfc9 normalize values only if required 2003-04-04 11:03:29 +00:00
Pierangelo Masarati
19dc49180d handle failure or missing attrs 2003-04-04 09:55:56 +00:00
Howard Chu
604ba59196 Fix req DN massaging 2003-04-04 02:05:49 +00:00
Howard Chu
ba0b8d1ac9 Fix prev commit 2003-04-04 01:47:25 +00:00
Howard Chu
6e551b53f4 Mapping fixes, SLAP_NVALUES fixes 2003-04-04 01:01:28 +00:00
Pierangelo Masarati
5598add84e first cut at mapping/rewriting before search (after search it's already handled by ldap_build_entry) 2003-04-04 00:48:54 +00:00
Pierangelo Masarati
dfbbd11bd3 remove more unnecessary args 2003-04-04 00:43:40 +00:00
Howard Chu
a9339c99f6 Fix shared/private binds, fix entry_get malloc 2003-04-03 23:55:57 +00:00
Pierangelo Masarati
ebe0bb0b52 trim unnecessary args 2003-04-03 23:23:56 +00:00
Pierangelo Masarati
44c2d8a771 backout this for now 2003-04-03 23:09:17 +00:00
Pierangelo Masarati
811929011d anyone knows a safer way to skip a tag? 2003-04-03 22:54:51 +00:00
Pierangelo Masarati
d218848b14 of course there's a better way to skip a tag :) 2003-04-03 22:48:17 +00:00
Pierangelo Masarati
bb4624c8b0 eat undesired values 2003-04-03 22:40:41 +00:00
Pierangelo Masarati
d07ea8b450 need this to be able to bound searches when back-ldap and the source are on the same server; does it look fine? 2003-04-03 21:44:43 +00:00
Pierangelo Masarati
17e46d8468 cleanup and fixes 2003-04-03 21:35:27 +00:00
Howard Chu
3d0ffa1d58 Fix typos in prev commit 2003-04-02 00:40:51 +00:00
Howard Chu
9355dca9af Consolidated slap_callbacks into one function. Removed send_search_result. 2003-04-01 04:12:18 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are 
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
 2003-03-30 09:03:54 +00:00
Howard Chu
c9ec6b0cab Remove attribute.c, group.c from build 2003-03-26 11:52:59 +00:00
Howard Chu
99950e4fe4 Deleted BackendInfo->bi_acl_attribute, bi_acl_group. 
Replaced with bi_entry_get_rw.
Implemented for back-bdb, back-ldbm, back-ldap.
 2003-03-26 11:50:03 +00:00
Howard Chu
dfe3b4fb2f SLAP_NVALUES - quick hack, just set a->a_nvals = a->a_vals. will need to 
fix this if ACLs are expected to work on the local slapd.
 2003-03-24 02:59:43 +00:00
Pierangelo Masarati
fc87692576 fix ITS#2362 and other leaks/unhandled massaged DN memory 2003-03-11 18:09:38 +00:00
Pierangelo Masarati
cd41bb1a06 set return code 2003-03-03 21:32:58 +00:00
Pierangelo Masarati
bf35f8e37f improved filter mapping/rewrite; improved result rewriting; improved attribute/objectclass mapping configuration 2003-03-01 11:08:53 +00:00
Howard Chu
64be098f28 Sync with MR flags in slap.h 2003-02-26 08:40:33 +00:00
Howard Chu
9f0598034e Fix do/don't send result logic 2003-02-19 00:01:22 +00:00
Howard Chu
187f1d2ad4 Added proxy-whoami keyword for forwarding whoami requests. 2003-02-16 11:21:15 +00:00
Howard Chu
7e1a566391 Use struct berval * instead of ** for newpasswd 2003-02-16 09:42:04 +00:00
Howard Chu
532eea87c9 Added passwd_exop, added matchedDN rewrite for results. 2003-02-16 09:22:44 +00:00
Howard Chu
c04f3e7706 Fix previous commit 2003-02-14 09:17:42 +00:00
Howard Chu
0b6772492f Use extended async APIs to allow direct parsing of results. Otherwise 
they will be interleaved in LDAP*. Avoid setting any options on the handle.
 2003-02-14 05:23:45 +00:00
Howard Chu
202cf8af75 Implemented connection pooling. Requires libldap_r to allow multiple threads 
to access the same LDAP* handle.
 2003-02-13 23:29:56 +00:00
Howard Chu
b228caa723 Revert previous, wasn't broken. 2003-02-13 23:19:51 +00:00
Howard Chu
568829d821 Fix uninit'd timeout value 2003-02-13 10:24:32 +00:00
Pierangelo Masarati
71e35141e1 cleanup null mapping detection 2003-01-27 21:34:25 +00:00
Pierangelo Masarati
57e0ac008c cleanup 2003-01-27 16:48:55 +00:00
Pierangelo Masarati
985dc00b30 cleanup objectclass detection 2003-01-27 16:46:02 +00:00
Pierangelo Masarati
45f4e3602b clean up mapping api 2003-01-27 16:39:56 +00:00
Pierangelo Masarati
a62249ed27 fix objectclass mapping (to nothing) 2003-01-27 16:07:10 +00:00
Hallvard Furuseth
6a51371fc5 Silence gcc warnings (signed vs. unsigned, implicit declarations, unused vars). 2003-01-19 15:03:25 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Hallvard Furuseth
2bcb48361d Remove casts of AVL function pointers. 2002-12-14 22:25:52 +00:00
Howard Chu
09679eb715 Added SLAP_MR_VALUE_NORMALIZED_MATCH, avoid redundant normalize when 
calling value_find with already-normalized DNs
 2002-12-04 18:19:46 +00:00
Pierangelo Masarati
59aea47963 improve limits handling and consistency; return "Admin limit exceeded" instead of "Unwilling to perform" 2002-11-21 12:58:59 +00:00
Pierangelo Masarati
a9c902a7ca improve error messages 2002-11-10 18:16:43 +00:00
Pierangelo Masarati
a777c53564 fix attribute delete (ITS#2158) patch provided by Timofey B. Nickonov <ntb@mts.ru> 2002-11-02 16:00:21 +00:00