openldap

mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-21 03:10:25 +08:00

Author	SHA1	Message	Date
Kurt Zeilenga	3c598e89fb	Happy new year	2004-01-01 19:15:16 +00:00
Pierangelo Masarati	42d7d6d743	propagate flags to sasl-regexp functions (will need it later)	2003-12-18 18:32:45 +00:00
Pierangelo Masarati	113727ba53	allow 'all' vs. 'any' sasl-authz-policy	2003-12-18 18:28:43 +00:00
Pierangelo Masarati	f2a9089e4d	cleanup most of the -pedantic warnings (ITS#2884) and other small fixes	2003-12-17 20:55:46 +00:00
Kurt Zeilenga	271fff13de	Sync with HEAD	2003-12-17 17:55:27 +00:00
Pierangelo Masarati	bc972e0656	allow 'AUTHZ' mech in proxyAuthz control to allow also the <mech> part of the 'u:' user	2003-12-15 18:19:14 +00:00
Pierangelo Masarati	b4629f1e79	fix previous commits	2003-12-14 14:08:15 +00:00
Kurt Zeilenga	5b0236f4ae	Add u: comment	2003-12-13 23:41:44 +00:00
Kurt Zeilenga	1fadacaa31	Forward parse the uauthzid. A realm cannot be specified unless a mechanism is specified. (Few mechanisms (DIGEST-MD5 only) support separate realms.)	2003-12-13 23:38:05 +00:00
Pierangelo Masarati	4602c935f7	saslAuthzTo/From stuff when comparing IDs to saslAuthzTo/From values, the saslAuthzTo saslAuthzFrom values can take different forms: dn[.<style>]:<pattern> <style> ::= exact ; exact match children ; children of <pattern> match subtree ; <pattern> or children of <pattern> match regex ; <pattern> is regcomp() & regexec() if no <style>, then exact is assumed u[.<mech>][/<realm>]:<user> when parsing a proxyAuthz value, only exact DN is allowed, and no <mech> can be specified. <user> cannot contain ':' and <mech> cannot contain '/'.	2003-12-13 23:02:59 +00:00
Pierangelo Masarati	d6bc071dd9	add subtree/children styles to saslAuthzTo/From; 'dn:' now defaults to exact	2003-12-13 12:23:56 +00:00
Pierangelo Masarati	43db7cf4bf	cleanup saslauthz code	2003-12-13 10:58:31 +00:00
Howard Chu	be1a728c5b	Added sc_next and sc_cleanup to slap_callback	2003-12-07 08:51:23 +00:00
Luke Howard	369b1515db	Ensure exact DNs are normalized in slap_parseURI.	2003-12-06 02:16:39 +00:00
Kurt Zeilenga	20c8ea8a44	Update Mark's notice (with permission)	2003-12-04 21:12:17 +00:00
Pierangelo Masarati	93d0c25c45	syntax improvement (ITS#2852)	2003-12-03 00:29:29 +00:00
Pierangelo Masarati	ff919168fb	if rule is an URI, must have a filter field	2003-12-01 07:50:27 +00:00
Kurt Zeilenga	4e15a84452	Updated notices	2003-11-27 01:17:14 +00:00
Howard Chu	f4649fbde3	ITS#2825 fix SASL internal searches	2003-11-13 21:42:28 +00:00
Howard Chu	bb13266a15	Plug memleak in slap_parseURI	2003-09-20 05:55:48 +00:00
Luke Howard	d649ae0808	Inherit operation pblock for SLAPI	2003-08-31 08:14:54 +00:00
Kurt Zeilenga	009191da73	delete incorrect URI description. RFC 2255 should be used.	2003-07-31 08:41:11 +00:00
Kurt Zeilenga	46122fa688	Fix ITS#2578	2003-06-15 05:52:51 +00:00
Kurt Zeilenga	7ca24a8591	Another round of minor copyright updates	2003-05-25 03:56:57 +00:00
Howard Chu	9dace23dec	Change slap_sasl_authorized to take an Operation instead of a Connection, for compatibility with proxyAuthz control	2003-05-24 02:44:46 +00:00
Howard Chu	83f0acc1d8	ITS#2533 backend_attribute uses tmpmemctx, must free accordingly	2003-05-24 02:06:18 +00:00
Howard Chu	b6ef8c1876	ITS#2505 - make sr_strings per-op instead of static	2003-05-12 23:57:19 +00:00
Kurt Zeilenga	5cd994ed21	remove dnNormalize2 replace calls to dnNormalize2 with calls to dnNormalize	2003-04-29 18:28:14 +00:00
Hallvard Furuseth	778a38f49c	Reduce warnings: Add missing 0 or NULL initializers for struct members.	2003-04-29 16:36:19 +00:00
Howard Chu	280fc819cf	Memory context tweaks for Bind	2003-04-12 06:56:42 +00:00
Howard Chu	ece7452b05	More memory context tweaks	2003-04-11 01:29:28 +00:00
Howard Chu	f897519d11	Minor cleanups	2003-04-09 23:37:00 +00:00
Howard Chu	813d5c8ed8	First cut at thread-local malloc. Only used by search() for now... Needs work in normalizers, etc.	2003-04-09 16:52:03 +00:00
Howard Chu	9355dca9af	Consolidated slap_callbacks into one function. Removed send_search_result.	2003-04-01 04:12:18 +00:00
Howard Chu	e8c58b4e7f	Major API change - (SLAP_OP_BLOCKS) All request parameters are consolidated into the Operation structure. All reply parameters are consolidated into the new SlapReply structure. Most operations now have identical call signatures... Changes are not #ifdef'd, revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.	2003-03-30 09:03:54 +00:00
Howard Chu	40454ccec8	Added op->o_is_auth_check; use ACL_AUTH instead of ACL_SEARCH/ACL_READ in access_allowed() if flag is set. Set in sasl/saslauth searches.	2003-03-10 22:07:21 +00:00
Howard Chu	9beaa08d79	Fix slap_sasl_authorized, c_authz_backend may be NULL	2003-03-02 00:21:24 +00:00
Howard Chu	979e5073cf	Revert previous kludge in controls.c, use ldap_pvt_thread_pool_context instead if c_sasl_bindop is NULL.	2003-02-16 19:34:29 +00:00
Kurt Zeilenga	8f82e9f772	ITS#2117: remove suffixalias support until someone fixes it	2003-02-09 07:20:03 +00:00
Kurt Zeilenga	5192938964	code cleanup	2003-02-07 19:05:45 +00:00
Luke Howard	dfc7d338a6	Add sendreference callback	2003-02-01 07:04:13 +00:00
Kurt Zeilenga	6939c53170	Happy new year	2003-01-03 20:20:47 +00:00
Howard Chu	4e4818771c	Plug memory leak	2002-12-18 22:44:13 +00:00
Kurt Zeilenga	7be4d566d7	cleanup	2002-12-13 00:18:54 +00:00
Luke Howard	6730080081	Allow the root DN to switch to any authorization identity.	2002-12-05 12:25:16 +00:00
Howard Chu	574090d184	Fix slap_sasl2dn(), performing internal search with wrong op.o_ndn.	2002-12-04 22:37:51 +00:00
Kurt Zeilenga	da76c1951e	First-cut proxy authorization support.	2002-12-03 06:11:32 +00:00
Kurt Zeilenga	ab80b03057	back_attribute() should use ACL_AUTH not ACL_READ (at least for current callers, may need to pass it the permission level)	2002-09-05 02:37:10 +00:00
Howard Chu	70673417f2	Fix debug statement	2002-08-30 14:28:45 +00:00
Howard Chu	925714ceef	Experimental cruft to propagate valid Operation to SASL callbacks. If you have a better way, jupm on in...	2002-08-24 07:34:50 +00:00

1 2 3

110 Commits