mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-12 10:54:48 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,082 Commits 38 Branches 307 Tags 75 MiB
bbad1de8e1
Commit Graph

214 Commits

Author SHA1 Message Date
Howard Chu
f50b75f0c2 Added replica attr=<attribute list> support to filter replog content 2002-02-08 06:44:33 +00:00
Howard Chu
c3c85b4062 Extended TLS_REQCERT/TLSVerifyClient syntax to 4 states: never,allow,try, 
and hard/demand.
 2002-01-27 02:56:18 +00:00
Pierangelo Masarati
cb8299d124 allow trailing '\' to continue a config line (ITS#1551) 2002-01-23 16:28:48 +00:00
Kurt Zeilenga
13af7fb073 Misc. cleanup, remove lint, remove unused deprecated functions, etc. 2002-01-15 07:29:15 +00:00
Kurt Zeilenga
504404725a Flip some bits in the backend flags mask 2002-01-11 02:31:47 +00:00
Kurt Zeilenga
55501e886f Rework backend (lastmod + glue + system schema) flags 2002-01-10 22:34:11 +00:00
Kurt Zeilenga
c80d93f2bb Start of new operational attribute framework 2002-01-10 00:17:21 +00:00
Pierangelo Masarati
a744ca2be3 fix logs 2002-01-05 16:53:08 +00:00
Pierangelo Masarati
ca60d05dd1 fix malformed test 2002-01-05 15:44:08 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
f52cc9bab5 Change struct berval ** to BVarray 2002-01-02 11:00:36 +00:00
Howard Chu
975a5e9a24 Added dnPretty2/dnNormalize2 using preallocated destination berval 2001-12-29 04:48:00 +00:00
Howard Chu
0039cb2a37 More dnPrettyNormal 2001-12-28 07:58:54 +00:00
Kurt Zeilenga
b17572c7d3 cleanup 2001-12-27 23:01:09 +00:00
Kurt Zeilenga
ef7a99ff99 Additional struct berval DN changes... 2001-12-26 23:26:55 +00:00
Kurt Zeilenga
2dd27b0786 More struct berval DNs 2001-12-25 19:48:26 +00:00
Kurt Zeilenga
3336619c80 More "char *" to struct berval DN changes 2001-12-25 02:30:01 +00:00
Kurt Zeilenga
5ee89d6167 Use struct berval DNs for root DN and update DN 2001-12-25 00:05:26 +00:00
Kurt Zeilenga
0c28b66a75 use dnPretty instead of dn_pretty 2001-12-23 00:43:57 +00:00
Kurt Zeilenga
d23313a068 LDAPv2 disallow and other flag changes 
Fix compile errors
 2001-12-21 04:44:34 +00:00
Howard Chu
923cdcf3c5 fix from jon@symas.com - missing arguments to Debug/LDAP_LOG 2001-12-17 22:47:36 +00:00
Howard Chu
ff682be26e Added acl_destroy, acl_free. 2001-12-15 12:41:53 +00:00
Howard Chu
826056e75b More thorough backend_destroy. Added config_destroy. Destroy slap_listeners. 
Plugged other small leaks.
 2001-12-15 12:05:58 +00:00
Pierangelo Masarati
e754997da0 minor cleanup 2001-12-11 11:30:01 +00:00
Howard Chu
ef0b308bea Changed backglue configuration. Added noSubordinates arg to select_backend 
to deal with glued subordinates.
 2001-12-10 12:09:40 +00:00
Pierangelo Masarati
95f1740aa6 improvements to monitor backend: added a log entry that lists the current log level and can be modified via protocol at runtime, to change the log level; minor improvements; fixed a problem in dealing with dn normalization 2001-12-10 09:50:06 +00:00
Howard Chu
fd7e23c188 Converted suffixAlias to struct bervals. 2001-12-09 14:57:42 +00:00
Howard Chu
55a217d9ae Changed be_nsuffix from char ** to struct berval ** to eliminate strlen's 2001-12-08 05:15:58 +00:00
Pierangelo Masarati
379e0e9d50 another step towards schema aware normalization: ava sorting in rdns; now by defining USE_LDAP_DN_PARSING both the new dn parsing and the server side normalization is used. There might be, every now and then, a flaw mostly due to naive normalization of pseudo-dn (thinking about some acl/regex stuff and so) 2001-12-05 19:26:30 +00:00
Pierangelo Masarati
aee3600276 minor cleanup 2001-11-17 16:18:07 +00:00
Kurt Zeilenga
82fad7d0c8 First stable an implementing latest namedref specification. 
Includes rewriting of URLs where the DN of the referral object
and the DN of the ref attribute attribute are not the same.
Also, always returns explicit DN and scope.
Currently, back-ldbm only.  Needs to be ported to back-bdb.
 2001-10-26 02:05:14 +00:00
Pierangelo Masarati
271c323281 Fixes ITS#1385 2001-10-25 15:15:34 +00:00
Kurt Zeilenga
23bf2fb086 Fix error messages 2001-10-24 05:27:49 +00:00
Kurt Zeilenga
fcd1ce0e28 Use defined Root DSE attributes. 
Developed by Julius Enarusai/IBM
Copyright IBM Corp. 2001

Use of this source code is subject to the terms of The OpenLDAP
Public License Version 2.7, 7 September 2001.  No trademarks of the
IBM Corporation are to be used to identify, endorse or promote any
products derived from this code without the prior written consent
of IBM.
 2001-10-23 23:29:41 +00:00
Kurt Zeilenga
2af75ecc6a Trim both \n and \r\n from config files. 2001-09-24 22:18:02 +00:00
Kurt Zeilenga
c0c9c47032 bump MAXARGS to 500 2001-09-21 00:48:47 +00:00
Kurt Zeilenga
d05e6af326 Clean up include logging 2001-09-17 22:38:52 +00:00
Kurt Zeilenga
a49392981a There is no TLSProtocol option. 2001-08-31 16:48:30 +00:00
Pierangelo Masarati
b637967b95 fix malformed test 2001-08-04 16:46:03 +00:00
Pierangelo Masarati
6a5b253bc6 allow multiple limits setting on one global/per backend config line 2001-08-04 11:09:25 +00:00
Pierangelo Masarati
8471ef7ed0 add global, per backend and per op_ndn time/size soft, hard and to-be-checked limits (exploited by back-ldbm); see slapd.conf(5) for details 2001-08-01 10:09:04 +00:00
Pierangelo Masarati
4051547dfa handle regex-based per op_ndn time/size limits 2001-07-28 11:24:22 +00:00
Pierangelo Masarati
589a5c7442 added extra check to suffix param of replica entry 2001-07-23 14:32:59 +00:00
Pierangelo Masarati
ece9bdb0eb Added the suffix=<dn> parameter to replica config directive 
to allow selective replication of subtrees of a single database.
Multiple occurrences allow the same replica to handle different
subtrees
 2001-07-21 14:15:23 +00:00
Kurt Zeilenga
c46014e27e Fix typo in disallow logging 2001-07-15 17:25:00 +00:00
Pierangelo Masarati
5fdba27288 This is the skeleton of back-monitor, the slapd monitoring backend. 
The old monitoring stuff has been removed; the new backend is
enabled by using --enable-monitor at configure time and requires

	database monitor

in slapd.conf to be activated.  At present it implements a subset
of the old monitoring options, and it should be extendable to
a number of different subsystems.  The search operation has been
implementd; it does not honor abandon or size/time limits, though.
The compare and the abandon operations are planned.

Copyright Pierangelo Masarati <ando@sys-net.it>; the code is provided
AS IS with NO GUARANTEE.  It can be used and distributed under the
conditions stated by the OpenLDAP Public License.
 2001-07-14 17:34:24 +00:00
Randy Kunkee
a9097044ea Remove global_backendsyncfreq code (code has been pushed down into back-ldbm). 2001-06-28 18:02:46 +00:00
Randy Kunkee
d492880870 Add sync_daemon to daemon.c, enabled by global configuration 
backendsyncfreq <seconds>.  Setting this automatically enables
dbnosync (because the synchronizer takes care of it).
 2001-06-22 08:38:58 +00:00
Kurt Zeilenga
8d4c20cd6d Adding crypt(3) salt format (ITS#1202) from Jeff Costlow <j.costlow@f5.com> 
with minor changes by committer
---
Copyright 2001, F5 Networks, Inc, All rights reserved.
This software is not subject to any license of F5 Networks.

This is free software; you can redistribute and use it
under the same terms as OpenLDAP itself.
 2001-06-13 03:47:17 +00:00
Kurt Zeilenga
cc6fab319e Add support for separate max incoming for anonymous and authenticated 
sessions (defaults: 256K and 16M respectively).
 2001-05-29 20:00:55 +00:00
Kurt Zeilenga
8360b4396f Take rc out from #ifdef 2001-05-20 17:39:32 +00:00
Kurt Zeilenga
0aef7722e6 Add support for obsolete attributes. 
We don't support collective attributes (yet).
Remove exit() calls from scheme parsers.  Need to do same for acl parser.
 2001-05-17 07:31:59 +00:00
Kurt Zeilenga
0445405299 if continuation line starts with a tab, rewrite it to a space 2001-05-12 18:43:06 +00:00
Kurt Zeilenga
4055077607 Add simple configure support for sockbuf max incoming 2001-05-05 07:29:21 +00:00
Kurt Zeilenga
3310663d02 RANDFILE directives 2001-05-02 19:46:01 +00:00
Stig Venaas
b92bceed2a Now loading all UCDATA files 2001-01-26 14:33:09 +00:00
Stig Venaas
13e628bcf4 Load UCDATA composition data 2001-01-24 15:31:53 +00:00
Kurt Zeilenga
28d1dbd8ac Add "sasl-external-x509dn-convert" configuration option aimed 
at providing authid TLS/X.509 to LDAP DN mapping.  Experimental.
 2001-01-19 00:47:32 +00:00
Gary Williams
84658f8a11 add new logging 2001-01-17 21:12:54 +00:00
Gary Williams
d531a20f52 more new logging (finally), behind NEW_LOGGING 2001-01-11 17:11:23 +00:00
Stig Venaas
b44cc963c2 Improved ucdata loading error handling 2000-11-09 12:39:18 +00:00
Stig Venaas
87e58fb031 Changed ucdata loading, all is done in config.c. Tried to make ucdata load 
when found in config file, or before first call to dn_normalize/dn_validate
 2000-11-02 10:10:36 +00:00
Gary Williams
d65bf04894 add logfile directive to config (behind NEW_LOGGING) 2000-10-25 16:49:23 +00:00
Kurt Zeilenga
dbdba34972 First-cut at manageDSAit-aware backend selection. 2000-10-21 03:29:02 +00:00
Gary Williams
696de70df4 fix lutil_set_debug_level call 2000-10-20 14:46:33 +00:00
Gary Williams
aacd6e78f4 convert text level to int 2000-10-17 19:42:24 +00:00
Kurt Zeilenga
f7e9842160 Remove "defaultaccess" option. No longer needed as without 
ACLs, the only sane and useful option is "read".
 2000-10-13 04:45:24 +00:00
Howard Chu
004f4f3260 Fix TLSVerifyClient. Applied in wrong branch before. 2000-10-13 00:54:05 +00:00
Gary Williams
bbc0ac00b2 get new debug configuration 2000-10-12 20:11:49 +00:00
Kurt Zeilenga
1b635156ab s/saslregex/sasl-regex/ 
Other minor updates
 2000-10-06 21:16:36 +00:00
Kurt Zeilenga
2b82d4f486 remove lint 
update bdb codes
 2000-09-22 01:40:57 +00:00
Kurt Zeilenga
d78a515860 Fix build issues 2000-09-21 23:00:51 +00:00
Mark Adamson
bf1ee530ea Implementation of SASL authorization. 2000-09-21 17:32:54 +00:00
Kurt Zeilenga
d6a56aaf25 Fix typo in last commit 2000-09-12 19:35:19 +00:00
Kurt Zeilenga
bd9de9d90d Clean up defaultSearchBase code 2000-09-12 18:21:09 +00:00
Kurt Zeilenga
5852f7188b Add 'defaultSearchBase' configuration directive to help support 
brain-damaged LDAPv2 clients.
 2000-09-11 21:57:14 +00:00
Kurt Zeilenga
3342ea3b49 Add more bind allow/disallow flags 2000-09-11 18:24:24 +00:00
Kurt Zeilenga
2e13824d0d Add "allow tls_2_anon" to allow StartTLS to force session to anonymous. 
Add "disallow tls_authc" to disallow StartTLS when session is authenticated.
Create and use connection2anonymous routine for consistency.
 2000-09-08 22:59:01 +00:00
Kurt Zeilenga
d463b3cab1 Add missing "disallow bind_anon" directive (ITS#721) 2000-09-07 17:53:05 +00:00
Kurt Zeilenga
cee040a321 Bring UCdata infrastructure. 2000-09-03 23:48:35 +00:00
Randy Kunkee
58bb439d08 Raise MAXARGS to 200, since the schema syntax burns more. 2000-08-31 22:16:16 +00:00
Kurt Zeilenga
a60438c1ce Add sasl-host option and treat sasl-realm as global only 
(ie: not backend specific).
 2000-08-30 01:44:39 +00:00
Kurt Zeilenga
4520cd4ec2 Align with man page 2000-08-28 19:19:47 +00:00
Kurt Zeilenga
bf3df2f7a6 restrictops, requires, disallow knobs; ssf acls; and misc other changes 
man pages to follow...
 2000-08-28 18:38:48 +00:00
Kurt Zeilenga
5b856458a2 s/SAFEMEMCPY/AC_MEMCPY/ 
Use AC_FMEMCPY where appropriate (-llber)
 2000-07-28 01:07:07 +00:00
Randy Kunkee
46ca9103b6 Fix MAXARGS boundary condition problem: slapd crashed if number of tokens 
parsed == MAXARGS (only applicable if you have really large objectclasses).
 2000-07-19 01:40:05 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session. 
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
 2000-07-13 22:54:38 +00:00
Mark Valence
d4d03e36e5 Added "threads" config to slapd.conf. 2000-07-04 19:24:13 +00:00
Kurt Zeilenga
2c7f89b1b2 remove locale option. OpenLDAP is designed only for the "C" locale. 2000-06-20 16:55:23 +00:00
Kurt Zeilenga
ec426532b2 Reworked thread code to better support thread-library specific 
r/w locks and thread pools.  Hide internal structures (using
pthread'ish technics).  Place common code in threads.c.  Move
no-thread code to thr_stub.c.  Move thread pool code to tpool.c.
Removed setconcurrency call from initializer, added 'concurrency'
directive to slapd.  Tested code under pthreads, pth, and no-threads.
 2000-06-13 02:42:13 +00:00
Kurt Zeilenga
693fb9424a unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT 2000-06-06 19:43:18 +00:00
Kurt Zeilenga
7b14e1304a Relocate schema_init() call to main() 
Add schema_prep() call to main()
Similiar changes to slapcommon.c
Add schema_prep() impl to schema_init.c
Add slap_ad_entry and slap_ad_children globals.
Add "entry" and "children" to openldap.schema (this likely should
  be added to schema via code, not configuration)
 2000-05-15 20:04:36 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Kurt Zeilenga
0dbaf87730 Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT 
plus these changes unhidden changes:
	remove now meaning --enable-discreteaci configure option
	fix ITS#451, slapd filters
	Add ber_bvecadd() to support above
	constify ldap_pvt_find_wildcard() and misc slapd routines
	renamed some slap.h macros
	likely broken something
 2000-02-14 20:57:34 +00:00
Kurt Zeilenga
3a6e906194 Replace -DSLAPD_SCHEMA_COMPAT with -USLAPD_SCHEMA_NOT_COMPAT 2000-01-31 22:14:16 +00:00
Kurt Zeilenga
c5da0c76ce Additional changes to migrate to new schema codes 
Still not usable.
 2000-01-28 20:01:00 +00:00
Kurt Zeilenga
5e12c84a6f Add simple password test program. 
Rework lutil_passwd routines to use struct berval instead of strings.
 1999-12-09 01:11:16 +00:00
Kurt Zeilenga
d5edb4bff6 Reengineered ldappasswd(1). Uses extended operation to set 
user password.  Likely to be modified to use bind control
instead.  Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
 1999-12-08 04:37:59 +00:00
Mark Valence
249313f75a Removed previous changes for extensions -- extensions now use moduleload. 1999-11-09 21:18:37 +00:00
Mark Valence
c8aa051571 Load extension library on "extension" keyword in configs (actual load routine is in extended.c). Protected by #ifdef SLAPD_EXTERNAL_EXTENSIONS. 1999-11-09 03:37:05 +00:00