mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-02-17 14:00:30 +08:00
Code Issues Packages Projects Releases Wiki Activity
22,901 Commits 38 Branches 307 Tags 76 MiB
bdc9dbc511
Commit Graph

935 Commits

Author SHA1 Message Date
Ondřej Kuzník
bdc9dbc511 ITS#8701 Implement account usability in ppolicy 2020-07-07 16:43:37 +01:00
Ondřej Kuzník
376d5d65cb ITS#7084 ACL of 'manage' gives pasword administrator access 
Password administrators can bypass safeModify, password quality checks
and trigger reset if policy instructs the server to.
 2020-07-03 20:42:14 +00:00
Quanah Gibson-Mount
58c978825c Issue#9020 - Use consistent namespaces for overlays 2020-06-22 20:44:12 +00:00
Quanah Gibson-Mount
f926e66723 ITS#8873 - Delete obsolete configuration options from back-ldap, back-meta, and back-asyncmeta 2020-05-26 19:59:56 +00:00
Howard Chu
9183abe62c ITS#9264 add an optional lock to slapo-unique 2020-05-22 15:08:20 +01:00
Quanah Gibson-Mount
005c870d68 ITS#8154 - olcTimeLimit and olcSizeLimit are single valued, fix docs 2020-05-18 20:49:25 +00:00
Quanah Gibson-Mount
83217b9842 ITS#8614 - documentation updates 2020-05-18 19:37:47 +00:00
Ryan Tandy
9282e6edea ITS#8155 Support cacertdir with GnuTLS 2020-05-14 07:56:28 -07:00
Isaac Boukris
3cd50fa8b3 ITS#9189 rework sasl-cbinding support 
Add LDAP_OPT_X_SASL_CBINDING option to define the binding type to use,
defaults to "none".

Add "tls-endpoint" binding type implementing "tls-server-end-point" from
RCF 5929, which is compatible with Windows.

Fix "tls-unique" to include the prefix in the bindings as per RFC 5056.
 2020-04-23 21:00:39 +02:00
Quanah Gibson-Mount
a019e7fe1a ITS#9207 - Remove MozNSS code and documentation 2020-04-20 21:38:01 +00:00
Ondřej Kuzník
6d6a330057 ITS#8245 Use Relax control to avoid uniqueness checks 
Still needs to retrieve the entry for ACL resolution until we can
restrict controls with ACLs.
 2020-04-06 20:44:09 +00:00
Quanah Gibson-Mount
a5b8a41c13 ITS#9003 
Note that with slapd-ldap, the special character "*" actually allows anonymous rather than denies, as is the case with authz-policy
 2020-04-01 19:40:27 +00:00
Ondřej Kuzník
ba290f1c35 ITS#9156 Document ppolicy changes 2020-01-23 23:47:14 +00:00
Ondřej Kuzník
419b9ad202 ITS#9156 Implement pwdMaxIdle 2020-01-23 23:46:58 +00:00
Quanah Gibson-Mount
f6ad222e41 Happy New Year! 2020-01-09 16:50:21 +00:00
Howard Chu
90b0abd894 ITS#9121 dynlist enhancements 
1) allow filtering on dynamic attribute values
2) populate an optionally configured memberOf attribute

test044 script still needs to be extended to test these
enhancements. We need to define an interim attributeType
for testing memberOf functionality.
 2019-12-16 18:31:12 +00:00
Ondřej Kuzník
5b304a3ae6 ITS#9071 Document "tls none" for back-ldap 2019-08-30 14:02:31 +01:00
Quanah Gibson-Mount
efbfc1fe95 ITS#9065 - Document correct attribute pwdGraceAuthnLimit 2019-08-19 15:45:31 +00:00
Quanah Gibson-Mount
7cc34fa722 ITS#9063 -- Fix missing bold tag for tls_reqcert 2019-08-12 23:49:50 +00:00
Quanah Gibson-Mount
c4df431c6c ITS#8977 - Note allowed value range for idlexp 2019-06-26 18:15:32 +00:00
Ondřej Kuzník
17b5b3d7f8 Separate VERSION to its own paragraph 2019-06-21 13:44:06 +02:00
Quanah Gibson-Mount
ec2cb12e68 ITS#9010 - Delete back-bdb/back-hdb 
This commits deletes all references and code for back-bdb and back-hdb.
There is some follow up work still necessary to flush out the admin
guide for back-mdb.
 2019-05-13 17:20:28 +00:00
Ondřej Kuzník
a5ad0e0643 ITS#8693 Tweak previous commit 2019-05-08 15:31:13 +01:00
Ondřej Kuzník
a4e2d5c501 ITS#8693 Document unused but generated starttls parameter 2019-05-08 15:12:08 +01:00
Quanah Gibson-Mount
6d79439630 ITS#8881 - Note MDB is the primary backend 
Update to note that MDB is the primary backend and HDB/BDB are
deprecated.
 2019-04-17 23:52:51 +00:00
Quanah Gibson-Mount
c5ad08c1a4 ITS#8771 - Note back-mdb is recommended 
Commit 279594c22f officially marked
slapd-mdb as being the recommended backend for OpenLDAP, superseding
back-hdb.  This man page was missed during that update.
 2019-04-17 23:49:08 +00:00
Nadezhda Ivanova
bb7e14d201 ITS#8734 Fixes for many back-asyncmeta issues 
Includes all the changes necessary to fix back-asyncmeta issues
discovered during on-site testing since the start of 2016.
These include:
Issues with stability - crashes and assetion failures
Incorrect behavior during unstable network conditions, such as inability to reset connections
or process responses, or "hanging" to wait for a response that would never be received.
Memory leaks and memory management fixes - major redesign of the way back-asyncmeta
works with memory contexts.
Rewrite was replaced with suffix-massage in configuration, and the network-timeout value was changed to milliseconds.
Incorrect behavior when SASL is used to bind to a target.
Many problems caused by race conditions
Fixes for compiler warnings, and tests.
Cleanup of unused code.
 2019-02-28 16:22:11 +00:00
Howard Chu
c8b806b676 ITS#8977 make IDL size configurable 2019-02-15 14:37:51 +00:00
Quanah Gibson-Mount
b45a6a7dc7 Happy New Year! 2019-01-14 18:46:16 +00:00
Howard Chu
52ace4554e More for privateKey tweak 2018-12-18 21:56:18 +00:00
Quanah Gibson-Mount
3add82a3bb ITS#8286 -- Add matching rules for attributes 
Add matching rules for all cases where it was missing.  Cleanup
incorrect types for a few attributes as well.  Fix network-timeout
handling in back-ldap/meta/asyncmeta.
 2018-12-18 19:14:06 +00:00
Quanah Gibson-Mount
9d4a5f64b6 Change backend reference from slapd-bdb to slapd-mdb 2018-11-14 21:28:01 +00:00
Howard Chu
111329a2dc More for back-mdb multival 
Allow configuring thresholds for specific attributes
 2018-08-30 11:24:25 +01:00
Ondřej Kuzník
18afc2446d Fix quoting example 2018-06-14 16:19:10 +01:00
Quanah Gibson-Mount
59e9ff6243 Happy New Year 2018-03-22 15:35:24 +00:00
Howard Chu
f183b81a68 ITS#8818 SASL_MECH/SASL_REALM are not user-only 
Changed as of ITS#4327 commit 86d10729
 2018-03-13 18:57:53 +00:00
Ondřej Kuzník
4035016796 ITS#6656 Docs for reqEntryUUID 2017-10-26 11:53:50 +01:00
Josh Soref
10566c8be3 ITS#8605 - spelling fixes 
* javascript
* kernel
* ldap
* length
* macros
* maintained
* manager
* matching
* maximum
* mechanism
* memory
* method
* mimic
* minimum
* modifiable
* modifiers
* modifying
* multiple
* necessary
* normalized
* objectclass
* occurrence
* occurring
* offered
* operation
* original
* overridden
* parameter
* permanent
* preemptively
* printable
* protocol
* provider
* really
* redistribution
* referenced
* refresh
* regardless
* registered
* request
* reserved
* resource
* response
* sanity
* separated
* setconcurrency
* should
* specially
* specifies
* structure
* structures
* subordinates
* substitution
* succeed
* successful
* successfully
* sudoers
* sufficient
* superiors
* supported
* synchronization
* terminated
* they're
* through
* traffic
* transparent
* unsigned
* unsupported
* version
* absence
* achieves
* adamson
* additional
* address
* against
* appropriate
* architecture
* associated
* async
* attribute
* authentication
* authorized
* auxiliary
* available
* begin
* beginning
* buffered
* canonical
* certificate
* charray
* check
* class
* compatibility
* compilation
* component
* configurable
* configuration
* configure
* conjunction
* constraints
* constructor
* contained
* containing
* continued
* control
* convenience
* correspond
* credentials
* cyrillic
* database
* definitions
* deloldrdn
* dereferencing
* destroy
* distinguish
* documentation
* emmanuel
* enabled
* entry
* enumerated
* everything
* exhaustive
* existence
* existing
* explicitly
* extract
* fallthru
* fashion
* february
* finally
* function
* generically
* groupname
* happened
* implementation
* including
* initialization
* initializes
* insensitive
* instantiated
* instantiation
* integral
* internal
* iterate
 2017-10-11 14:39:38 -07:00
Quanah Gibson-Mount
9bef357403 ITS#6475 - Man page updates to slapd.conf/slapd-config for the new olcSaslAuxpropsDontUseCopy and olcSaslAuxpropsDontUseCopyIgnore parameters for use with SASL/OTP 2017-10-11 14:31:01 -07:00
Ted C. Cheng
e20ac6b539 ITS#7520 - back-ldap omit-unknown-schema changes 2017-10-06 10:44:31 -07:00
Quanah Gibson-Mount
44b9fd1c81 ITS#5048 - index on entryCSN is mandatory 2017-10-06 10:39:43 -07:00
Michael Ströder
b65e0b5731 ITS#8714 Send out EXTENDED operation message from back-sock 2017-09-06 15:32:28 +01:00
Quanah Gibson-Mount
0f80e05eeb ITS#8715 Fix typo with olcTLSCiphersuite 2017-08-21 09:19:12 -07:00
Quanah Gibson-Mount
17cc93d570 ITS#8713 Delete stub man page for LDBM 2017-08-16 08:50:39 -07:00
Quanah Gibson-Mount
cc79503e04 ITS#8123 - Fix wording to match examples 2017-04-26 11:05:35 -07:00
Quanah Gibson-Mount
3eeb562489 Fix slapo-pcache to use mdb as the example backend 2017-04-25 16:09:22 -07:00
Quanah Gibson-Mount
33f5e7122c ITS#8635 - Note that non-zero serverID's are required for MMR, and that serverID 0 is specific to single master replication only 2017-04-24 13:15:56 -07:00
Quanah Gibson-Mount
c4eaa5416d ITS#8613 - Note that slapo-memberOf should not be used in a replicated environment 2017-04-24 11:51:15 -07:00
Howard Chu
dacf15475f autoca manpage updates 2017-04-09 20:48:37 +01:00
Howard Chu
2b920ecaec Add autoca overlay 
Automated certificate authority
 2017-04-08 02:51:08 +01:00