Commit Graph

187 Commits

Author SHA1 Message Date
Kurt Zeilenga
231f8464d1 cleanup 2003-04-29 21:14:12 +00:00
Kurt Zeilenga
5cd994ed21 remove dnNormalize2
replace calls to dnNormalize2 with calls to dnNormalize
2003-04-29 18:28:14 +00:00
Luke Howard
86a18c2ea2 Don't pollute op->o_bd in access_allowed() 2003-04-18 04:57:15 +00:00
Pierangelo Masarati
194528d689 fix ACI per-thread memory management 2003-04-12 17:42:51 +00:00
Howard Chu
280fc819cf Memory context tweaks for Bind 2003-04-12 06:56:42 +00:00
Howard Chu
ece7452b05 More memory context tweaks 2003-04-11 01:29:28 +00:00
Kurt Zeilenga
c75be97ae9 #ifdef -DSLAP_NVALUES 2003-04-05 03:35:16 +00:00
Pierangelo Masarati
df29552130 fix new API leftover 2003-04-03 21:17:44 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
2003-03-30 09:03:54 +00:00
Howard Chu
5ad51b6150 SLAP_NVALUES tweaks - after input, a_nvals is always populated. If there is
no normalizer, a_nvals = a_vals.
2003-03-24 01:56:56 +00:00
Howard Chu
3f48cabdde Fix typo 2003-03-23 15:45:06 +00:00
Kurt Zeilenga
8873006105 SLAP_NVALUES changes
and misc cleanup
2003-03-16 18:10:16 +00:00
Kurt Zeilenga
c0477e1532 Fix test006-acls 2003-03-15 23:02:55 +00:00
Kurt Zeilenga
3972e13fc3 NVALUES: fix a couple of value_find_ex() calls 2003-03-15 22:47:17 +00:00
Pierangelo Masarati
bfe6d806d9 (ultimately?) fix ITS#2361 2003-03-11 12:23:20 +00:00
Howard Chu
5c3909f567 ITS#2361, skip sockname, peername, peerdomain, sockurl ACLs if the
corresponding conn->field is NULL. (overwrites previous commit.)
2003-03-10 22:28:35 +00:00
Pierangelo Masarati
11c225d40c check conn->c_listener before use (hack to fix ITS#2361; need to review this part of slapi) 2003-03-10 22:19:32 +00:00
Howard Chu
40454ccec8 Added op->o_is_auth_check; use ACL_AUTH instead of ACL_SEARCH/ACL_READ
in access_allowed() if flag is set. Set in sasl/saslauth searches.
2003-03-10 22:07:21 +00:00
Kurt Zeilenga
152829be87 SLAP_NVALUES:
schema engine updated (but not schema routines so things don't run yet)
	nvalues mostly populated, enough for tests 0-2 to pass
	schema routines needs lots of work
	modify/mods codes needs lots of work
2003-02-27 01:54:43 +00:00
Pierangelo Masarati
937475efbf blind fix 2003-02-26 21:45:56 +00:00
Kurt Zeilenga
25886d989a Change MR flag names and add comments as to what they mean to slap.h 2003-02-26 02:55:28 +00:00
Howard Chu
cbf7b063e3 ITS#2285 string_expand for acl set 2003-01-30 20:59:47 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Pierangelo Masarati
8e74ed4dfc fix initialization size and silence warning 2002-12-05 11:47:44 +00:00
Howard Chu
b1798f9160 Fix typo in prev commit value_find/_ex 2002-12-04 23:20:22 +00:00
Howard Chu
09679eb715 Added SLAP_MR_VALUE_NORMALIZED_MATCH, avoid redundant normalize when
calling value_find with already-normalized DNs
2002-12-04 18:19:46 +00:00
Howard Chu
827ea96e16 ITS#1523 enhanced ACL caching 2002-12-04 02:35:00 +00:00
Kurt Zeilenga
33248a02e1 Code cleanup (no functional changes) 2002-10-01 04:07:55 +00:00
Pierangelo Masarati
857d08ea21 use bvmatch() instead of ber_bvcmp() when testing for match without ordering 2002-09-02 19:39:06 +00:00
Howard Chu
1d7ee4471f Pass Operation to backend_attribute - should have been doing this all along. 2002-08-24 07:31:14 +00:00
Kurt Zeilenga
f10699865e consistently reduce string_expand bv_len by 1 2002-08-11 20:26:01 +00:00
Kurt Zeilenga
526d010635 Patch: add OpenLDAPaci #public# access (ITS#2005)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

I couldn't find a way for an OpenLDAPaci to grant public access to an
entry, so I added a dnType #public# for that.  It is in the position
of subjectDn in the draft, which seems kind of stupid, so I put it
in the position of dnType instead.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.
2002-08-05 17:53:39 +00:00
Kurt Zeilenga
f8c0481dd4 Patch: ACL #access-id#<invalid-DN> granted access to everyone (ITS#2006)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

There is a bug in OpenLDAPaci's "access-id":  If the specified DN is
invalid so dnNormalize2() fails, everyone gets access.
This means that e.g. "#access-id#[all]" gives public access, so it
might be considered a feature, but I fixed it anyway:-)  I guess that
means the change should be documented in the release notes, though.

See also ITS#2005 (add OpenLDAPaci #public# access).

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002.
2002-08-05 17:52:16 +00:00
Kurt Zeilenga
182dcf27e2 clean up curly matching 2002-07-28 07:37:46 +00:00
Kurt Zeilenga
8a3d02bf6b misc cleanup 2002-07-23 18:35:12 +00:00
Julius Enarusai
6107ba67d2 Coverted LDAP_LOG macro to use subsystem ID int values instead of string values 2002-07-11 20:33:24 +00:00
Kurt Zeilenga
98a2e41911 Fix ACL to dn="" bug 2002-07-11 01:35:37 +00:00
Pierangelo Masarati
bf449f33bd small cleanup 2002-06-15 18:20:41 +00:00
Pierangelo Masarati
d75249abfe define and normalize static bervals alltogether 2002-06-15 17:01:35 +00:00
Kurt Zeilenga
3e3911247b Remove lint. 2002-04-22 23:03:33 +00:00
Pierangelo Masarati
4b9fa66188 use BVC() macro (changed in BER_BVC) to initialize constant bervals 2002-04-08 18:37:37 +00:00
Pierangelo Masarati
4ca97f4118 uniform temporary buf sizes; use automatic buffers instead of heap 2002-04-08 11:09:34 +00:00
Pierangelo Masarati
440637dde7 various acl improvements/cleanups/speedups (need to be documented, though) 2002-04-03 15:42:19 +00:00
Pierangelo Masarati
ab6ad34692 the logic of this check was completely reversed; in case '*' is used, on't test the regula expression 2002-04-02 08:18:30 +00:00
Pierangelo Masarati
1658aa0893 fix counting twice the substitution length (caused berval to have wrong length, rejected by subsequent dnNormalize) 2002-03-30 15:44:30 +00:00
Pierangelo Masarati
49f324a1fa fix ITS#1671 and more 2002-03-23 16:53:44 +00:00
Howard Chu
6b0fb09e0d Fix ITS#1607, longstanding bug in group and dnattr acls, gave access
to anonymous connections.
2002-03-20 13:11:37 +00:00
Kurt Zeilenga
d50eb2e959 C translator portability changes (ITS#1609) 2002-02-23 23:47:37 +00:00
Pierangelo Masarati
33d5f0f8f8 honor the ber_len field to allow to exploit ldap_bv2[r]dn to handle DNs embedded in longer strings ... 2002-02-13 12:09:36 +00:00
Kurt Zeilenga
32fb8b0bff Add ACL state recording to avoid multiple evaluation of
value-independent access controls.
2002-02-09 05:14:17 +00:00