mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-30 13:30:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,734 Commits 38 Branches 307 Tags 75 MiB
bf8bbc27fe
Commit Graph

3657 Commits

Author SHA1 Message Date
Kurt Zeilenga
b5b495a871 Remove extra entry_free() 2002-11-10 06:48:55 +00:00
Pierangelo Masarati
5794b3a2dd Add checks for SQL headers in configure.in (need to rerun autoheader 
and autoconf); #include "ac/string.h" instead of <string.h>
 2002-11-09 17:03:07 +00:00
Pierangelo Masarati
0491710fa7 Patch: Wrong args to Debug() and LDAP_LOG() (ITS#2170,2171) 
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================
 2002-11-09 16:09:50 +00:00
Pierangelo Masarati
7400191ba8 cleanup str2adlist 2002-11-09 14:46:00 +00:00
Julius Enarusai
8669824fd5 Converted ch_calloc calls to SLAP_CALLOC. 2002-11-08 18:17:21 +00:00
Julius Enarusai
6e9c21cff8 Converted ch_malloc, ch_calloc and ch_realloc calls to SLAP_MALLOC, 
SLAP_CALLOC and SLAP_REALLOC respectively.
 2002-11-08 17:13:20 +00:00
Pierangelo Masarati
a777c53564 fix attribute delete (ITS#2158) patch provided by Timofey B. Nickonov <ntb@mts.ru> 2002-11-02 16:00:21 +00:00
Julius Enarusai
2d98b19bf7 Converted ch_malloc, ch_calloc and ch_realloc calls to SLAP_MALLOC and 
SLAP_CALLOC in add_value/add_value_one functions and propagated errors to
all functions that use these functions.
 2002-11-01 18:59:52 +00:00
Howard Chu
24f1a11cde Fix sasl_server_start invocation, must pass NULL cred when credlen is 0. 2002-11-01 02:14:55 +00:00
Stig Venaas
0f86bbde87 Fix referrals and alias. For ldbm and I think for bdb, this is necessary 
now that we normalize to lower case. Should be merged into 2.1.
 2002-10-31 16:48:04 +00:00
Pierangelo Masarati
53e1930fd0 use keyword "unlimited" instead of -1 for no limits 2002-10-31 09:57:24 +00:00
Jong Hyuk Choi
ca8ab9d809 changes in bdb_psearch() - search scope check 2002-10-29 08:05:45 +00:00
Jong Hyuk Choi
2e1809d76f change due to removal of servers/slapd/lcup.c 2002-10-29 04:39:05 +00:00
Jong Hyuk Choi
3d4a915f2b Removal of servers/slapd/lcup.c 2002-10-29 00:00:47 +00:00
Jong Hyuk Choi
3a9229a3e9 Use of slap_schema.si_ad_entryUUID in bdb_psearch() 2002-10-28 23:57:54 +00:00
Kurt Zeilenga
6f59ca0e5b Add superiorUUID to system schema 2002-10-28 20:01:55 +00:00
Kurt Zeilenga
293158f432 code cleanup 2002-10-27 03:42:32 +00:00
Kurt Zeilenga
886f60f822 Fix typo 2002-10-27 00:41:52 +00:00
Howard Chu
322a800c26 Fix ITS#2157, server should never attempt to unlink the client's socket. 
It likely has no name anyway, and the client owns it after all.
 2002-10-26 22:41:26 +00:00
Pierangelo Masarati
dea2420569 beautify "unknown" 2002-10-26 18:51:24 +00:00
Pierangelo Masarati
f07cabad0f need to move #define here; on by default 2002-10-26 16:32:11 +00:00
Pierangelo Masarati
7b3f889ec1 fix hasSubordinate filtering; now it can be safely turned on 2002-10-26 16:18:31 +00:00
Pierangelo Masarati
69343add5a use more appropriate error code 2002-10-26 10:05:35 +00:00
Pierangelo Masarati
8558b8808e actually, get_perms is needed by ldapi:// rgeardless of -DSLAP_X_LISTENER_MOD 2002-10-26 10:02:41 +00:00
Kurt Zeilenga
36569048ff Add "allow update_anon" 
Fix -USLAP_X_LISTENER_MOD builds
 2002-10-25 18:47:24 +00:00
Jong Hyuk Choi
15c5943edd Addition of servers/slapd/lcup.c and servers/slapd/back-bdb/lcup.c for persistent search 2002-10-25 17:57:03 +00:00
Jong Hyuk Choi
8074294f1d LCUP persistent search code drop 2002-10-25 17:51:30 +00:00
Pierangelo Masarati
97e526cb2d add restrictions related to listeners in form of file permissions 
(see in slapd(8) the description on how to enforce file permissions
on sockets in ldapi schema); at present, only user permissions are
used as follows: the url extension x-mod=-rwxrwxrwx is used; only
the user permisisons are considered, e.g. the first set of rwx;
	"r" means read is allowed from that listener
	"w" means write is allowed on that listener
	"x" means bind is not required on that listener
these restrictions ADD to those already present, and are actually
checked AFTER the other restrictions, but BEFORE ACLs, so they can
be used to apply gross restrictions but should not be viewed as
a replacement of ACLs. To compile this, #define SLAP_X_LISTENER_MOD
 2002-10-25 16:43:44 +00:00
Kurt Zeilenga
6d199506bb ber_write error message cleanup 2002-10-25 05:47:08 +00:00
Kurt Zeilenga
2b2e406b46 Make sure that newSuperior isn't old superior 2002-10-25 01:09:50 +00:00
Pierangelo Masarati
956f1d16aa listener: 
- use bervals for url and sockname
- pass connection_init() the listener struct pointer instead of each value
- don't copy them in the Connection struct 'cause they're not going to change
- define macros for legacy usage of c_listener_url and c_sockname
 2002-10-24 10:03:52 +00:00
Pierangelo Masarati
fdd586a6b7 change socket permission syntax (to reuse function for other purposes) 2002-10-23 14:12:01 +00:00
Pierangelo Masarati
456a561b65 prevent use of uninitialized var 2002-10-23 14:11:02 +00:00
Pierangelo Masarati
665cb3e86e fix typo 2002-10-23 14:10:21 +00:00
Kurt Zeilenga
ff9dd56587 Add comment attributing origin of the Metaphone algorithm 2002-10-22 04:52:57 +00:00
Kurt Zeilenga
c382c5efa2 blind fix for NULL pointer in Debug() bug (ITS#2143) 2002-10-17 17:45:44 +00:00
Kurt Zeilenga
ac66a219d0 Fix comment 2002-10-17 04:35:55 +00:00
Kurt Zeilenga
c64d28aa4e correct security sample 2002-10-12 05:10:41 +00:00
Howard Chu
9d2a8ba1b4 More fixes for ITS#2136, make sure all error returns set *text. 2002-10-11 17:12:56 +00:00
Kurt Zeilenga
40b685b70d Patch: Delete the buggy surrogate parent code (ITS#1815) 
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
 2002-10-10 20:28:36 +00:00
Kurt Zeilenga
5504bed852 More OBSOLETE checks 2002-10-10 02:38:32 +00:00
Kurt Zeilenga
857165b1bf Add some OBSOLETE schema checks 2002-10-10 02:07:24 +00:00
Kurt Zeilenga
b5020aa16d Don't mask error text variables 2002-10-09 23:36:28 +00:00
Kurt Zeilenga
27cb98d28d Remove lint 2002-10-09 23:35:45 +00:00
Kurt Zeilenga
1aa829922f Implement content rule checks 
w/ implicit default rules allowing any auxiliary class to be mixed in
 2002-10-09 23:02:01 +00:00
Howard Chu
e6d10b9590 Revert previous commit. More thought needed re: IPV4 vs IPv6 failures 2002-10-09 21:18:51 +00:00
Howard Chu
2e538e19d4 ITS#2132, give up at first bind failure 2002-10-09 20:45:13 +00:00
Kurt Zeilenga
5060ebb36d Fix bad sup error 2002-10-09 19:24:02 +00:00
Kurt Zeilenga
dff7315edf Need ../cr.o 2002-10-09 19:11:12 +00:00
Howard Chu
b9bd44b047 Fix ITS#2132, give up if listener fails to open 2002-10-09 18:57:50 +00:00
Kurt Zeilenga
acc32b9d9e Basic framework for DIT Content Rules (not yet enforced) 2002-10-09 07:11:50 +00:00
Kurt Zeilenga
023d0e2a5c Rework unprotected simple bind checks 2002-10-08 19:03:18 +00:00
Kurt Zeilenga
06f69e603c Add security restrictions examples 2002-10-08 01:15:20 +00:00
Kurt Zeilenga
36fca96695 if "disallow bind_simple_unprotected", require at least SSF of 2 2002-10-08 01:06:49 +00:00
Kurt Zeilenga
df6c69ffd6 More entry level access control for back-shell 
(should be applied to back-perl and other programmable backends)
 2002-10-07 21:56:43 +00:00
Kurt Zeilenga
3a17376dfd s/256/LBER_ELEMENT_SIZEOF/ 
set LBER_ELEMENT_SIZEOF to 256
maybe this should be set to N*sizeof(size_t) or something
 2002-10-07 21:01:47 +00:00
Kurt Zeilenga
cb73d243fb More "entry" level ACLs for entry add, delete, and rename. 2002-10-07 19:19:29 +00:00
Kurt Zeilenga
d19db4b7ed Fix up last commits 2002-10-04 23:42:27 +00:00
Kurt Zeilenga
9fbcc90bd5 Add "entry" ACL checks for add/delete/rename ops 2002-10-04 23:26:28 +00:00
Kurt Zeilenga
8975676fa4 Clean up some #else #if 'ing 2002-10-04 18:36:44 +00:00
Kurt Zeilenga
5b591d0dec Fix subentry OIDs 2002-10-02 01:18:46 +00:00
Kurt Zeilenga
33248a02e1 Code cleanup (no functional changes) 2002-10-01 04:07:55 +00:00
Kurt Zeilenga
f5e6d1db41 #unifdef -DSCHEMA_DN 2002-09-29 04:30:38 +00:00
Kurt Zeilenga
4ef4c9eb06 Return default referral if DN maps to empty domain. 2002-09-26 16:12:39 +00:00
Kurt Zeilenga
b4e1ea15f3 benign buffer overflow fix (ITS#1964) 2002-09-25 04:34:33 +00:00
Kurt Zeilenga
bbbf2f4ca7 Fix handling of non-critical controls for backends which 
support no controls.
 2002-09-24 18:20:59 +00:00
Kurt Zeilenga
d0a4fee37a Minor updates 2002-09-22 19:09:47 +00:00
Kurt Zeilenga
976c35fbf0 fix possible uninit bug 2002-09-21 04:33:19 +00:00
Howard Chu
bdf9b3ae1b Fix ITS#1033 slapd hangs with GNU Pth - don't write to the wakefd 
more than once at any given time.
 2002-09-21 03:52:16 +00:00
Kurt Zeilenga
f558b6b02f Add experimental +/- AttributeName support. 2002-09-21 00:11:43 +00:00
Kurt Zeilenga
d9d58ae02f Save "-" for no subtypes 2002-09-20 19:58:25 +00:00
Howard Chu
9ba829436e Add dummy reference to lutil_uuidstr() for dynamically loaded back-bdb 
and back-ldbm.
 2002-09-20 01:02:33 +00:00
Howard Chu
104f8cc409 Simpler fix for NO_THREADS 2002-09-19 06:34:53 +00:00
Howard Chu
ff9e580d33 Updated BDB_HIER for current API 2002-09-19 06:08:12 +00:00
Howard Chu
6fa0363d09 Don't set bdb yield with NO_THREADS 2002-09-19 01:38:00 +00:00
Howard Chu
919274432b Fixes for NO_THREADS 
Use a per-env locker ID
	Always set lock_detect, since we allow slapadd etc. concurrently
Also removed unused lock_detect_task code. lockdetect config keyword only
needs <policy>, no <seconds> argument.
 2002-09-19 01:13:27 +00:00
Howard Chu
7666bb7482 Add calls to module_init/module_kill to support dynamically loaded backends. 2002-09-18 11:58:19 +00:00
Kurt Zeilenga
3eb21d8a6c Misc cleanup 2002-09-16 21:50:55 +00:00
Kurt Zeilenga
cc7d1433bb For object classes in attribute lists, use '+' (or '-') to indicate 
name is an objectClass.
 2002-09-16 20:48:08 +00:00
Kurt Zeilenga
a1da292989 Wrap csn filter frees with sync mode check. 2002-09-15 22:42:50 +00:00
Kurt Zeilenga
88c8cca820 Fix return value 2002-09-15 22:42:07 +00:00
Kurt Zeilenga
0ad91236fd Add LDAP_CONTROL_CLIENT_UPDATE to list of supported controls 2002-09-15 22:28:38 +00:00
Kurt Zeilenga
1d0e916c6f Misc CLIENT_UPDATE cleanups 2002-09-15 22:22:51 +00:00
Kurt Zeilenga
2a9783bd5e Fix typos in last commit 2002-09-15 22:13:25 +00:00
Kurt Zeilenga
629a0219f2 Cleanup up LDAP_CLIENT_UPDATE code... including some bug fixing. 2002-09-15 21:08:34 +00:00
Jong Hyuk Choi
1509e321de LCUP Response Control Code 2002-09-14 00:29:06 +00:00
Howard Chu
3e61f0630d Fix ITS#2082, bdb_idl_intersection 2002-09-13 20:19:56 +00:00
Howard Chu
7e493b87be Fix debug messages 2002-09-13 20:19:15 +00:00
Howard Chu
a8297e6d22 Fix test of uninit'd rc at LOCK_ID 2002-09-13 12:32:08 +00:00
Howard Chu
1263e40b55 Set BDB's global allocators to ber_*, don't bother with the per-env setting. 2002-09-12 02:47:18 +00:00
Pierangelo Masarati
ae2cd84d16 trim c++ style comments 2002-09-11 17:15:55 +00:00
Howard Chu
7823832770 Fix ITS#2075, NULL moddn->newsup->bv_val 2002-09-11 10:59:41 +00:00
Pierangelo Masarati
8758a30bf2 #undef SLAP_X_FILTER_HASSUBORDINATES while I fix the entry lock problem ... 2002-09-10 10:10:11 +00:00
Howard Chu
35e8b8325d Unifdef BDB_IDL_MULTI. 2002-09-10 04:20:45 +00:00
Kurt Zeilenga
e6fdfd4cee only optimize objectClass filters when (objectClass=*) is 
presented... avoids (&(objectClass=*)(objectClass=foo)) problems.
 2002-09-09 23:25:22 +00:00
Howard Chu
9953574b47 Fix: if slapadd was used with an un-ordered LDIF file, we can't rely on 
entries having ascending entry IDs. Always start from the beginning of
the candidate list. (This should be fine in the general case as well,
since the subtree index will also have refined the candidates.)
 2002-09-09 04:24:38 +00:00
Howard Chu
30de884223 More memory cleanup 2002-09-09 00:56:57 +00:00
Howard Chu
a4b30ce455 Plug memleaks from -r1.45 2002-09-09 00:55:52 +00:00
Pierangelo Masarati
b8240724ad optimize also duplicate/existence check in value delete operations 2002-09-07 16:08:30 +00:00
Howard Chu
b623e4495b Fix typo in one-level searches, left over from -r1.23 cleanup 2002-09-06 12:37:24 +00:00
Kurt Zeilenga
37d9880495 Some LCUP clean up 2002-09-06 00:29:20 +00:00
Howard Chu
73207c7110 Replace HACK in slap_sasl_canonicalize with safer test. 2002-09-05 11:01:12 +00:00
Kurt Zeilenga
ab80b03057 back_attribute() should use ACL_AUTH not ACL_READ (at 
least for current callers, may need to pass it the
permission level)
 2002-09-05 02:37:10 +00:00
Howard Chu
62ceae250c ITS#2065 omit libbackends.a when no static backends configured. 
Also fixed dependencies for dynamic backends and tools.
 2002-09-04 10:58:25 +00:00
Jong Hyuk Choi
4b48c05a8e LDAP Client Update Protocol - non-persistent update (TODO: response control ...) 2002-09-04 02:00:42 +00:00
Pierangelo Masarati
5d50463376 optimize duplicate detection based on mods and existing values count 2002-09-03 15:12:36 +00:00
Kurt Zeilenga
69ba1a21bc Extend checks to substrings rules. Need to kludge around 
LDAP's kludged builtin substrings rules.
 2002-09-03 07:28:57 +00:00
Kurt Zeilenga
8a5b200c44 Add appropriate matching rule checks. 
Clean up syntax error reporting.
 2002-09-03 07:01:09 +00:00
Howard Chu
3099d89d9e Don't use sasl_set_alloc on Cyrus 2, it manages all of its memory 
internally and we don't want to get in the way.
 2002-09-02 22:25:26 +00:00
Kurt Zeilenga
3e1a896928 Update comment 2002-09-02 22:07:23 +00:00
Pierangelo Masarati
d3ca441ae8 /* 
* The original code performs ( n ) normalizations
 * and ( n * ( n - 1 ) / 2 ) matches, which hide
 * the same number of normalizations.  The new code
 * performs the same number of normalizations ( n )
 * and ( n * ( n - 1 ) / 2 ) mem compares, far less
 * expensive than an entire match, if a match is
 * equivalent to a normalization and a mem compare ...
 *
 * This is far more memory expensive than the previous,
 * but it can heavily improve performances when big
 * chunks of data are added (typical example is a group
 * with thousands of DN-syntax members; on my system:
 * for members of 5-RDN DNs,

 members         orig            bvmatch (dirty) new
 1000            0m38.456s       0m0.553s        0m0.608s
 2000            2m33.341s       0m0.851s        0m1.003s

 * Moreover, 100 groups with 10000 members each were
 * added in 37m27.933s (an analogous LDIF file was
 * loaded into Active Directory in 38m28.682s, BTW).
 *
 * Maybe we could switch to the new algorithm when
 * the number of values overcomes a given threshold?
 */
 2002-09-02 19:41:03 +00:00
Pierangelo Masarati
eb38db1be5 various fixes and improvements 2002-09-02 19:39:31 +00:00
Pierangelo Masarati
857d08ea21 use bvmatch() instead of ber_bvcmp() when testing for match without ordering 2002-09-02 19:39:06 +00:00
Kurt Zeilenga
132506e13c Add NOOP search support. 2002-09-02 17:38:17 +00:00
Kurt Zeilenga
af183089b8 unifdef -DSLAP_X_MRA_MATCH_DNATTRS 2002-09-01 00:33:20 +00:00
Kurt Zeilenga
b5f51ed4a5 have get_mra use mr_usable_with_at() as well 2002-08-31 21:39:42 +00:00
Kurt Zeilenga
c6052ac8b0 Add mr_usable_with_at() routine. Use both in generation 
of rule uses, but also in test_filter_mra()
 2002-08-31 21:23:45 +00:00
Kurt Zeilenga
5c61f55faa Make sure we don't expose hidden attribute types in rule uses 2002-08-31 20:49:50 +00:00
Kurt Zeilenga
e9a71156cc Add matching rule use support where assertion syntax != value syntax 2002-08-31 20:42:25 +00:00
Kurt Zeilenga
04c71ce9b2 List approximates as well in rule uses. 
Don't yet list ordering rules yet, these require special attention (and
hence are not marked MR_EXT yet)
 2002-08-31 19:25:41 +00:00
Kurt Zeilenga
d6ac7ac544 Fix last commit. 
Also add uses where mr is the attribute's equality rule.
 2002-08-31 19:17:54 +00:00
Kurt Zeilenga
2908cdff11 MR_EXT rules can be used with any type whose syntax is same as 
the syntax's assertion syntax.
 2002-08-31 19:05:36 +00:00
Kurt Zeilenga
6c7104c82b Don't hide matchingRuleUse's description (now implemented) 
Use attribute's cname not oid in matching rule uses
 2002-08-31 18:41:21 +00:00
Pierangelo Masarati
966dd1bdca definitely fix NOOP in back-bdb 2002-08-31 17:03:42 +00:00
Pierangelo Masarati
0d5fe062e2 improved support for NOOP; add is fine, the other write funcs still need work 2002-08-31 12:00:39 +00:00
Pierangelo Masarati
a0c54f1625 use ldap_charray_add instead of dedicated helper; get rid of dependency from ldap-int.h 2002-08-31 11:14:15 +00:00
Pierangelo Masarati
71aecea2aa fix bitwise matching (courtesy of Luke Howard) 2002-08-31 10:56:27 +00:00
Pierangelo Masarati
804a111fbd add {create,modify}Timestamp to subschema subentry (SHOULD per RFC2251; use server startup time to be conservative) 2002-08-31 10:49:03 +00:00
Pierangelo Masarati
aea52e5bc9 define macros for appropriate sizing of lutil buffers 2002-08-31 10:48:02 +00:00
Pierangelo Masarati
e2ec62f09f add matchingRuleUse to schema; use a berval instead of _oidlen in syntax and matching rule 2002-08-31 10:45:22 +00:00
Pierangelo Masarati
c76b36254c cleanup comments 2002-08-31 10:41:49 +00:00
Pierangelo Masarati
c8cfbca64d fix extendedMatch and approx hfilter andling; get rid of subtree_cond (argh, need to trim it from config and docs ...) 2002-08-31 10:39:23 +00:00
Pierangelo Masarati
a1bb43946b better handling of children_cond 2002-08-31 10:38:29 +00:00
Pierangelo Masarati
95a99bd522 trace illegal condition in backsql_strfcat 2002-08-31 10:37:42 +00:00
Pierangelo Masarati
685363e880 add 'children_cond' config statement 2002-08-31 10:36:16 +00:00
Pierangelo Masarati
b0dfd89e1b added referral support to back-{ldap,meta}; need to allow send_serch_reference() handle NULL entry pointer 2002-08-31 10:35:23 +00:00
Pierangelo Masarati
501cd4c611 fix extendedMatch values return filter control 2002-08-31 10:29:03 +00:00
Kurt Zeilenga
b04483a6a2 We don't support substrings matching via extensibleMatch 2002-08-30 19:30:58 +00:00
Howard Chu
70673417f2 Fix debug statement 2002-08-30 14:28:45 +00:00
Howard Chu
c4f74ac639 Fix crash in mra_free, freeing ber-private value. 2002-08-30 12:38:50 +00:00
Howard Chu
0614b5fdbf Fix unindent commit 2002-08-30 11:48:47 +00:00
Howard Chu
4a3a557827 Use DB_NODUPDATA when adding IDs. Silence log for DB_NOTFOUND in delete_key, 
let caller log it if they care.
 2002-08-30 11:37:43 +00:00
Howard Chu
9d4f5e13e8 Unindented a level. Fixed logging of keys. 2002-08-30 11:21:20 +00:00
Howard Chu
f32803e738 Don't mask DB_KEYEXIST errors in bdb_idl_insert_key, let dn2id see them. 
Ignore DB_KEYEXIST and DB_NOTFOUND errors in key_change.
 2002-08-30 10:41:46 +00:00
Kurt Zeilenga
81420d4f91 Yet another bug fix... this one from Luke. 2002-08-29 19:54:17 +00:00
Pierangelo Masarati
a8bf275221 cleaner handling of unchecked limit support 2002-08-29 19:43:29 +00:00
Kurt Zeilenga
ecfb311f8f Fix objectSubClassIndexer bug 2002-08-29 18:05:49 +00:00
Pierangelo Masarati
58b860a15e fix server-size controls handling in back-{ldap,meta} 2002-08-29 15:07:18 +00:00
Pierangelo Masarati
7e2317c842 add server side controls to back-ldap and back-meta 2002-08-29 14:39:31 +00:00
Pierangelo Masarati
e7d2d0a9f5 avoid zero size ch_malloc() when no attributes are present in vrFilter 2002-08-29 13:32:28 +00:00
Pierangelo Masarati
82cb585d32 trim unused var 2002-08-29 12:41:07 +00:00
Pierangelo Masarati
c38f1a63b0 this test is useless, since noop is masked SLAP_CTRL_UPDATE 2002-08-29 12:17:28 +00:00
Howard Chu
20f6bae612 Use sockbuf_max_incoming_auth after successful Bind 2002-08-29 11:53:37 +00:00
Pierangelo Masarati
fbc11bd16a - added the capability to filter based on hasSubordinate attribute 
to back-bdb, back-ldbm and back-sql (the latter with limitations);
- added handling of ":dn" attributes to extended rfc2254 filters
  and to matched value filter
- altered the behavior of get_mra() when a matching rule is given:
  now it checks whether it is compatible with the attribute syntax
  and, in case it is, the given mr is used.  In case of no type,
  the check is delayed when filtering
 2002-08-29 10:55:48 +00:00
Pierangelo Masarati
f4c5362955 add bdb_hasSubordinates() helper 2002-08-29 10:50:53 +00:00
Pierangelo Masarati
d855f97372 cleanup 2002-08-29 10:50:12 +00:00
Pierangelo Masarati
a32f8c079a cleanup hasSubordinate operational attr merge 2002-08-29 10:49:41 +00:00
Pierangelo Masarati
b16ee02a49 optimize subschema attribute merge 2002-08-29 10:49:11 +00:00
Pierangelo Masarati
f1eb3e39ec use appropriate attr list when matching value of operational attrs 2002-08-29 10:45:48 +00:00
Pierangelo Masarati
24171e1fe2 fix match result bug 2002-08-29 10:45:24 +00:00
Pierangelo Masarati
e53d272b3f cleanup error check logic; don't deref be->controls when it's NULL 2002-08-29 10:43:39 +00:00
Pierangelo Masarati
9ee916bdec fix backend initialization (including ITS#2048) 2002-08-29 10:32:48 +00:00
Howard Chu
7cdb6866cf Two more bervals instead of strings... 2002-08-29 08:47:53 +00:00
Howard Chu
4d36fd5a3e Fix ITS#1991 - referrals with sarch base == target (wasn't sure at first, 
but see diff -r1.6 -r1.7 and it's obvious.)
 2002-08-29 08:43:23 +00:00
Kurt Zeilenga
923d033c99 Finish adding subclassing indexing support 2002-08-29 02:27:15 +00:00
Kurt Zeilenga
1086ffb438 Round one of subclass indexing for objectClass and structualObjectClasss. 
add soc_cname to ObjectClass structure
 2002-08-29 01:12:59 +00:00
Kurt Zeilenga
bfa89d6e15 Include lber_pvt.h 2002-08-28 16:47:04 +00:00
Howard Chu
9c4f89c6f7 Added no-op sasl_client_auth if SASL_VERSION_MAJOR < 2. 2002-08-28 08:33:24 +00:00
Kurt Zeilenga
aa36f5d049 cleanup 2002-08-28 07:30:57 +00:00
Howard Chu
3cb7a09eb0 Added check for Cyrus SASL sasl_version() 2002-08-28 07:12:22 +00:00
Howard Chu
1602bc3aa1 Fix ITS#2047 - link ldbm.lo directly when building back-ldbm as a module 2002-08-28 02:50:30 +00:00
Kurt Zeilenga
288f0f4f6d Add another safety check 2002-08-27 17:51:35 +00:00
Howard Chu
9fa8eded08 ITS#2040 - in bdb_idl_fetch_key() use a large enough buffer to get the 
entire IDL at once, to avoid triggering BDB resource leaks.
 2002-08-27 15:11:04 +00:00
Kurt Zeilenga
aa602e0adc Return other. 2002-08-27 05:51:35 +00:00
Kurt Zeilenga
6ec6115119 Fix bug in last commit 2002-08-27 02:43:00 +00:00
Kurt Zeilenga
433eb54dc7 no structuralObjectClass is not a schema violation, but an 
internal error.  It *should* have been added.
 2002-08-27 02:28:15 +00:00
Kurt Zeilenga
11236eae56 Clean up some structuralObject checks to improve readability. 
Functionality not changed (excepting one error message).
 2002-08-27 01:55:09 +00:00
Kurt Zeilenga
00003ac539 Fix comment 2002-08-27 01:35:43 +00:00
Kurt Zeilenga
522ee4a038 Only add LASTMOD attributes if they don't exist in input. 2002-08-27 01:27:42 +00:00
Howard Chu
9f5b28baf3 Remove c_sasl_bindmutex, Binds are already serialized. 2002-08-26 22:20:30 +00:00
Kurt Zeilenga
2c4cfd7c27 remove lint 2002-08-26 20:11:19 +00:00
Kurt Zeilenga
9be4df6b7c Prevent buffer overflow 2002-08-26 20:10:45 +00:00
Kurt Zeilenga
1c5725010e Add a Connection pointer to the Operation. 2002-08-26 19:29:34 +00:00
Kurt Zeilenga
fb7ac08ada cleanup 2002-08-26 19:13:44 +00:00
Kurt Zeilenga
6f8a3919a1 Fix last commit. 2002-08-26 18:07:58 +00:00
Kurt Zeilenga
af4cb85d8b Prevent unlocking unlocked sasl_bindmutex... 2002-08-26 18:06:55 +00:00
Pierangelo Masarati
d9da0f2bb8 silence annoying warning (BTW: who initializes be?) 2002-08-26 17:37:33 +00:00
Howard Chu
53b194fa32 Fix oc_filter, it could exit early before counting the full depth of the 
filter tree. Also, only give special treatment to objectclass=*.
 2002-08-26 12:04:53 +00:00
Kurt Zeilenga
08059f1633 zap charray 2002-08-25 16:53:20 +00:00
Howard Chu
5ff509f2d3 Fix previous commit, BDB_REUSE_LOCKERS was inside a BDB version #ifdef 
but is not version-dependent.
 2002-08-25 11:06:35 +00:00
Howard Chu
1524f86778 Fix ITS#2044 duplicate search results due to broken bdb_idl_union 2002-08-25 10:18:01 +00:00
Howard Chu
5d9479a3e8 Add debug if bdb_cache_entry_db_lock fails to get a lock 
to assist in diagnosing ITS#1986
 2002-08-24 19:23:30 +00:00
Howard Chu
d6449b1d57 Experimental code that uses one locker ID per thread. Seems to work OK, 
is enabled by default. #undef BDB_REUSE_LOCKERS in back-bdb.h to disable.
Probably needs to be disabled when built with NO_THREADS.
 2002-08-24 08:11:08 +00:00
Howard Chu
925714ceef Experimental cruft to propagate valid Operation to SASL callbacks. 
If you have a better way, jupm on in...
 2002-08-24 07:34:50 +00:00
Howard Chu
1d7ee4471f Pass Operation to backend_attribute - should have been doing this all along. 2002-08-24 07:31:14 +00:00
Howard Chu
8c30114d84 Added thread-pool getkey/setkey functions 2002-08-24 05:39:43 +00:00
Kurt Zeilenga
e259c3c938 Zap 2002-08-24 00:55:56 +00:00
Kurt Zeilenga
23efa07a99 use ldap_charray_*() instead of charray_*() 2002-08-24 00:55:24 +00:00
Kurt Zeilenga
c67781d0ea use ldap_charray_free() instead of slapd's charray_free() 2002-08-24 00:40:25 +00:00
Howard Chu
77783bb4b7 Fix typo in previous commit. (Benign, code was #if'd out anyway.) 2002-08-23 22:29:08 +00:00
Pierangelo Masarati
f11c6b27e7 Final run of changes to back-sql; IBM db2 support has been tested. 
Now related ITSes need be audited and possibly closed.

Enhancements:
  - re-styled code for better readability
  - upgraded backend API to reflect recent changes
  - LDAP schema is checked when loading SQL/LDAP mapping
  - AttributeDescription/ObjectClass pointers used for more efficient
    mapping lookup
  - bervals used where string length is required often
  - atomized write operations by committing at the end of each operation
    and defaulting connection closure to rollback
  - added LDAP access control to write operations
  - fully implemented modrdn (with rdn attrs change, deleteoldrdn,
    access check, parent/children check and more)
  - added parent access control, children control to delete operation
  - added structuralObjectClass operational attribute check and
    value return on search
  - added hasSubordinate operational attribute on demand
  - search limits are appropriately enforced
  - function backsql_strcat() has been made more efficient
  - concat function has been made configurable by means of a pattern
  - added config switches:
      - fail_if_no_mapping	write operations fail if there is no mapping
      - has_ldapinfo_dn_ru	overrides autodetect
      - concat_pattern		a string containing two '?' is used
				(note that "?||?" should be more portable
				than builtin function "CONCAT(?,?)")
      - strcast_func		cast of string constants in "SELECT DISTINCT					statements (needed by PostgreSQL)
      - upper_needs_cast	cast the argument of upper when required
				(basically when building dn substring queries)

Todo:
  - add security checks for SQL statements that can be injected (?)
  - re-test with previously supported RDBMs
  - replace dn_ru and so with normalized dn (no need for upper() and so
    in dn match)
  - implement a backsql_normalize() function to replace the upper()
    conversion routines
  - note that subtree deletion, subtree renaming and so could be easily
    implemented (rollback and consistency checks are available :)
  - implement "lastmod" and other operational stuff (ldap_entries table ?)
 2002-08-23 08:54:08 +00:00
Pierangelo Masarati
7b4b4b34c4 fixed bug in reading size/time limits without style, in the form 'size=number', 'time=number' 2002-08-23 08:50:34 +00:00
Pierangelo Masarati
a038ef68e6 added attr_merge/value_add functions that dela with single attribute; bervals for '*', '+' and '1.1' made available 2002-08-23 08:49:19 +00:00
Pierangelo Masarati
ff4edfa054 added assertions to catch helper function misuse 2002-08-23 08:46:45 +00:00
Howard Chu
b3ddb5734b Fix indexing bug in splitting indirect blocks 2002-08-23 03:07:33 +00:00
Howard Chu
cd60deb4a9 OS/390 EBCDIC support 2002-08-22 04:39:59 +00:00
Howard Chu
3b9f4a82ee Added support for BDB 4.1.17 2002-08-22 04:00:06 +00:00
Kurt Zeilenga
3a15afa057 Fix abstract schema check 2002-08-22 02:27:42 +00:00
Pierangelo Masarati
d4bc79864d fix previous commit 2002-08-21 18:11:30 +00:00
Jong Hyuk Choi
b81122d441 Slapadd is changed to include Operational Attributes (entryUUID, entryCSN, 
creatorsName, modifiersName, createTimestamp, modifyTimestamp) when it adds
from ldif file. Month field in time format in entryCSN is changed to 1~12.
 2002-08-21 00:11:32 +00:00
Kurt Zeilenga
65760c064e ITS#2004 AD lang bug fix 2002-08-20 19:08:18 +00:00
Howard Chu
505a141c75 Use search callbacks in slap_sasl_checkpass and slap_auxprop_lookup, 
use ACL_AUTH for acl checks.
 2002-08-20 05:32:54 +00:00
Kurt Zeilenga
e1536926b7 Quick check of LOCK_ID() return. Likely should retry... but not forever. 2002-08-20 03:10:08 +00:00
Kurt Zeilenga
9fc4a749dc More places where LOCK_ID() calls need to be checked. 2002-08-20 02:57:06 +00:00
Kurt Zeilenga
041c3700e1 fix typo in last commit 2002-08-19 07:08:59 +00:00
Kurt Zeilenga
930ecd3930 Normalized form should be pretty. 2002-08-19 07:07:25 +00:00
Howard Chu
e5091f5926 Updated register_syntax, register_matching_rule for more convenient 
calling from other modules
 2002-08-17 01:29:18 +00:00
Kurt Zeilenga
6e02fe2e8a Remove #if 0 code 2002-08-16 18:58:39 +00:00
Pierangelo Masarati
05348c5fc5 CHANGES: 
- now all write operations appear to work correctly with PostgeSQL 7.0
- all write operations have been made transactional (atomic writes to
  entries are committed separately only in case of complete^1 success
  while all other operations are rolled-back by default)
- more cleanup and handling of exceptional conditions

TODO:
- deen to check with different databases and more up to date versions
  of both unixODBC and PostgreSQL.

^1: attribute add/modify/delete operations silently succeed if the
    appropriate add/delete proc does not exist for each attribute;
    this may be correct to hide undesired/unimplemented correspondence
    between LDAP and SQL databases; however, a more appropriate
    LDAP behavior would be a failure with LDAP_UNAVAILABLE if a
    single write operation cannot be executed for such reason
 2002-08-16 16:45:24 +00:00
Pierangelo Masarati
b95ab4ac64 add function slap_modrdn2mods that prepares modifications list for delete/add old/new rdn values 2002-08-16 16:35:16 +00:00
Pierangelo Masarati
3a26ef5bbb silence warnings 2002-08-16 16:33:22 +00:00
Pierangelo Masarati
a7349c100e fix printableStringValidate return value bug 2002-08-16 16:32:42 +00:00
Pierangelo Masarati
115408986c changes: 
- re-style according to the style giudelines for better readability
- updated to recent frontend/backend API changes
- fixed a few quirks about normalization
- "optimized" a few memory allocation/string handling functions
- fixed a few quirks about add/modify (still have to look ad modrdn)

todo:
- there is still something broken (at least with PostgreSQL and IBM db2,
  the two RDBMS O have at hand) when adding
- move everything to struct bervals and try to save a few strlen
- try some LDAP/SQL syntax relation to use appropriate value bind if possible
- ...
 2002-08-13 17:12:27 +00:00
Pierangelo Masarati
7c2de5721a VERY PRELIMINARY support for PostgreSQL and IBM db2 2002-08-13 17:07:40 +00:00
Pierangelo Masarati
c4a8a3dce5 better error handling when returning results 2002-08-13 17:00:33 +00:00
Kurt Zeilenga
84fe0ad051 Log successful SASL bind (ITS#2017) 2002-08-13 03:49:21 +00:00
Kurt Zeilenga
a500feb4a6 Patch: lutil_progname() and lutil_strcopy() are not declared (ITS#2021) 
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

lutil_progname() and lutil_strcopy() are not declared, which can
be fatal since they do not return int.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.
 2002-08-13 02:33:20 +00:00
Kurt Zeilenga
c5b6a86502 Fix IRIX sc_mask conflict 2002-08-13 02:32:57 +00:00
Kurt Zeilenga
f8f1321760 Add support for response controls 2002-08-12 20:50:20 +00:00
Kurt Zeilenga
1c75a7f25c Fix inverted bvmatch logic in modrdn 2002-08-12 08:45:20 +00:00
Kurt Zeilenga
d250339576 Add back_bdb to modules 2002-08-11 21:06:03 +00:00
Kurt Zeilenga
f10699865e consistently reduce string_expand bv_len by 1 2002-08-11 20:26:01 +00:00
Howard Chu
9fad71dc9b Never use DB_RECOVER flag when opening DB_ENV. Recovery must be done 
manually. Automatic recovery would interfere with gentlehup restarts.
 2002-08-11 00:30:46 +00:00
Pierangelo Masarati
b063a50891 same as for back-meta 2002-08-10 14:25:41 +00:00
Pierangelo Masarati
328046248b initialize struct timeval (fixes ITS#2014); 
also, check for return value of dnNormalize2: if the returned
DN contains undefined attributes, the normalization fails.
 2002-08-10 14:13:46 +00:00
Howard Chu
07ebdca237 ITS#1893, use "schemadn" to configure subschemasubentry DN. (diff was 
inaccessible, this is original code, not contributed.)
 2002-08-10 03:10:52 +00:00
Pierangelo Masarati
1abb8cb339 rework connection pool handling (reduce amount of malloc) 2002-08-09 17:15:10 +00:00
Pierangelo Masarati
85a74efc71 remove dependency from LDAP_FILT_MAXSIZ (and handle arbitrary size filters) 2002-08-09 13:51:35 +00:00
Howard Chu
f7859e9913 ITS#2015 give correct index key back to presence_candidates 2002-08-08 17:27:50 +00:00
Kurt Zeilenga
e69c9067c2 Fix saslregex init bug 2002-08-07 19:17:22 +00:00
Howard Chu
44ac8a3564 Plug config leaks 2002-08-07 08:43:52 +00:00
Howard Chu
554311a4c8 Fix cargv leak in recursive read_config() 2002-08-07 08:22:43 +00:00
Kurt Zeilenga
4a4323e3b7 Move large string comment to just above UTF8StringValidate(). 2002-08-07 08:19:11 +00:00
Howard Chu
50d490be6c Revert previous commit 2002-08-07 06:37:11 +00:00
Howard Chu
13d13baeda In backend_operational don't add subschemaSubentry unless it was 
requested. In send_search_entry don't malloc vrFilter flags unless
a matchedValue filter was given; malloc 1 contiguous block instead
of multiple sub-arrays.
 2002-08-07 05:31:03 +00:00
Howard Chu
6862cfd97c Don't strdup conn->authz into op, just reference directly. (Conn cannot 
be freed until after all associated ops are freed.)
 2002-08-07 05:19:55 +00:00
Kurt Zeilenga
3f2faa1a84 other->invalid 2002-08-06 05:38:49 +00:00
Kurt Zeilenga
a35d5b90fc For IA5, printable, telephone: 
Don't allow empty string values.
Treat string values with only spaces as one space.
DirectoryString needs more work (space handling needs
to be done post normalization).
 2002-08-06 05:35:59 +00:00
Kurt Zeilenga
6fdcdeb816 Add a summary to strings comment 2002-08-06 04:25:54 +00:00
Kurt Zeilenga
48f72b6862 Update string commment with examples. 2002-08-06 04:03:13 +00:00