Kurt Zeilenga
5c878c1bf2
Happy new year (belated)
2014-01-25 05:21:25 -08:00
Pierangelo Masarati
ebf23f8187
add support for 'onerr' (ITS#7492)
2013-01-12 00:13:42 +01:00
Kurt Zeilenga
0fd1bf30b8
Happy New Year
2013-01-02 10:22:57 -08:00
Howard Chu
54de37c0e1
Initial config support for back-meta
...
Currently just a direct replacement of slapd.conf parsing,
no dynamic features yet.
2012-08-17 14:04:48 -07:00
Ondrej Kuznik
979e0f00b9
ITS#7182 Rework monitor registration.
...
Letting back-monitor create the subsystem entries is much more readable
than doing this manually.
Only the database is registered if needed (chain overlay has to be
updated to cope with this), the cn=Connection entry is removed in this
patch to be reinstated in the following one as part of the correct
subsystem.
The owner (overlay mostly) should already know the target subtree DN,
therefore the filter machinery can go away too.
2012-03-29 07:01:04 -07:00
Ondrej Kuznik
7c40b6e904
ITS#7182 Keep connection IDs for monitoring purposes.
2012-03-29 07:00:56 -07:00
Ondrej Kuznik
fb2d235615
ITS#7182 Introduce the variables for operation monitoring.
...
Only completed operations are considered for now, this can be changed
if needed.
2012-03-27 04:28:26 -07:00
Kurt Zeilenga
2bbf9804b9
Happy New Year!
2012-01-01 07:10:53 -08:00
Pierangelo Masarati
293b5e51a5
first cut at SASL bind issues in idassert (related to ITS#6817)
2011-01-31 22:07:04 +00:00
Kurt Zeilenga
966cef8c9a
Happy New Year
2011-01-05 00:42:37 +00:00
Pierangelo Masarati
bbe7272c7f
allow strict adherence to RFC4370 wrt/ control criticality (ITS#6523)
2010-04-14 21:37:03 +00:00
Kurt Zeilenga
3dadeb3efe
happy belated New Year
2010-04-13 22:17:29 +00:00
Pierangelo Masarati
f75825881a
honor X-ORDERED in olcDbIdAssertAuthzFrom; add olcDbIdAssertPassthru (ITS#6456); note: breaks binary compatibility with module back-meta.la
2010-04-09 22:47:55 +00:00
Pierangelo Masarati
20359f2020
fix previous commit (ITS#6267)
2009-08-24 00:41:12 +00:00
Pierangelo Masarati
69878f43c8
refactor connection handling
2009-08-19 16:45:15 +00:00
Pierangelo Masarati
bdec7702d7
better logging of privileged connections (more to come; might be unstable for a bit)
2009-08-19 15:00:59 +00:00
Pierangelo Masarati
c39815ee28
don't deadlock when a TLS uri is not responding (ITS#6167)
2009-06-11 06:51:01 +00:00
Kurt Zeilenga
4af9eb9715
Update copyright notices
2009-01-22 00:40:04 +00:00
Pierangelo Masarati
5a50733e39
don't send error when going to retry (alternative fix to ITS#5854)
2008-12-12 09:29:51 +00:00
Pierangelo Masarati
30ffa33d7e
do not propagate undefined or otherwise broken search filters (ITS#5614)
2008-07-14 22:14:49 +00:00
Pierangelo Masarati
c6f12694fc
allow proxies to filter out search references (ITS#5593)
2008-07-07 21:25:59 +00:00
Howard Chu
010295e9e7
More symbols for ITS#5355
2008-06-29 21:13:03 +00:00
Howard Chu
f481ffef9c
ITS#5355 use bi_extra instead of calling directly into back-ldap
2008-02-08 02:01:17 +00:00
Kurt Zeilenga
c890c96d13
Happy New Year (belated)
2008-01-08 00:19:56 +00:00
Pierangelo Masarati
9a00bbb35f
add support for session tracking (draft-wahl-ldap-sessio) to proxy backends requests
2007-08-22 15:49:35 +00:00
Pierangelo Masarati
e07dc8c757
fix more spurious return stuff; split quarantine in: detection, exploitation, recovery; describe failure reasons
2007-01-28 00:24:10 +00:00
Kurt Zeilenga
3297be046b
silence warnings
2007-01-19 07:31:02 +00:00
Pierangelo Masarati
3042c57ac0
allow forcing abandon of search operations on a connection basis
2007-01-09 12:19:04 +00:00
Pierangelo Masarati
e2d65fb69b
fix previous commit(s)
2007-01-09 00:59:17 +00:00
Howard Chu
a6a8fb514b
Add TLS context configuration
2007-01-08 23:36:24 +00:00
Pierangelo Masarati
d132415e5f
cleanup
2007-01-05 10:34:32 +00:00
Kurt Zeilenga
da6d9eb046
happy new year
2007-01-02 20:00:42 +00:00
Pierangelo Masarati
7e8242d50d
pool privileged connections (ITS#4791)
2006-12-24 18:23:36 +00:00
Pierangelo Masarati
3e427ad75a
support a separate cached connection for binds when using (liberal) idassert flagged with "override" (ITS#4781)
2006-12-17 22:11:40 +00:00
Pierangelo Masarati
f8d1a61866
more on clarification of special proxy identities and resilience to connection failure
2006-10-07 18:07:56 +00:00
Pierangelo Masarati
5714f8565f
fix rebind with idassert when a connection expires; also, fix override
2006-09-30 01:11:19 +00:00
Pierangelo Masarati
6e18cdb5fd
add basic monitoring support to back-ldap/slapo-chain (slapo-chain needs work)
2006-09-14 01:05:48 +00:00
Pierangelo Masarati
150a4f106c
improve timeout support (ITS#4157, ITS#4663); manpage cleanup
2006-09-04 08:24:05 +00:00
Pierangelo Masarati
34af916e3f
fix response sending while rebinding (ITS#4597)
2006-06-24 16:58:49 +00:00
Pierangelo Masarati
3ebb40c4dd
port identity assertion to back-meta; share as much code as possible with back-ldap; misc cleanup
2006-06-15 23:12:38 +00:00
Pierangelo Masarati
740f196548
rework quarantine locking and so
2006-06-07 23:25:38 +00:00
Pierangelo Masarati
85c9a7b4c5
further cleanop of previous commits
2006-05-30 00:40:39 +00:00
Pierangelo Masarati
f5fcd2c169
cleanup previous commit
2006-05-30 00:12:23 +00:00
Pierangelo Masarati
a6406de871
make room for plugins that deal with quarantine end
2006-05-29 21:43:20 +00:00
Pierangelo Masarati
795841b5a4
implement proxy quarantine (ITS#4569)
2006-05-27 19:54:27 +00:00
Pierangelo Masarati
e5c173691d
add cancel strategies (ITS#4560)
2006-05-20 14:29:01 +00:00
Pierangelo Masarati
0c33c17bb5
"single-conn" forces flushing of existing conns during rebind on same conn (ITS#4546)
2006-05-14 17:32:15 +00:00
Pierangelo Masarati
373ded8d24
add URI list resorting feature (ITS#4524)
2006-05-06 16:15:25 +00:00
Pierangelo Masarati
0500576056
add support for old proxyAuthz encoding; allow to workaround buggy implementations of the new version (now RFC4370)
2006-04-08 11:12:30 +00:00
Pierangelo Masarati
8c1b8d3f7b
actually, if a connection is already in the AVL tree, use it if not binding; otherwise use a tainted one; taint connections that must be freed when refcnt goes to zero
2006-04-07 01:28:56 +00:00
