mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity
23,185 Commits 38 Branches 307 Tags 74 MiB
cfeb4d82a3
Commit Graph

12510 Commits

Author SHA1 Message Date
Ondřej Kuzník
eb5f138650 ITS#9043 Only print sessionlog entries we think will apply 2020-09-10 11:04:29 +01:00
Ondřej Kuzník
fdbeb69fd8 ITS#9043 Nul-terminate csn string 2020-09-10 11:03:37 +01:00
Howard Chu
1748ec59a6 ITS#9339 Add syncrepl status to cn=monitor 
Shows connection address, refresh/persist state, time of last
connect attempt and received data, and last sent and
received cookies per consumer.
 2020-09-10 02:29:19 +00:00
Howard Chu
d1283f8161 ITS#9339 slapd-monitor: Add schema arc for overlays 
Not directly related to syncrepl, but adds a necessary schema arc.
Also add a convenience function for obtaining an entry with known ndn.
Also fix to ignore outbound connections.
 2020-09-10 02:29:19 +00:00
Howard Chu
bf40306581 ITS#9043 tweak syncprov play_sessionlog logging 
Don't log cookiecsn at top, it was already logged on receipt.
Only log the "control csn" and "too old" message once for each sid.
 2020-09-09 18:02:49 +01:00
Howard Chu
e02b1d94ca ITS#8102 serialize plain syncrepl 
Using cs_pmutex. Reverts the addition of cs_modmutex in ITS#9330,
use cs_pmutex for both delta and plain writes.

Note that plain syncrepl already used cs_pmutex when a cookie CSN
was present in the op. Now it is used for all writes, regardless
of presence of cookie.
 2020-09-09 15:35:59 +00:00
Howard Chu
8bd2d1fee8 ITS#9342 delta-sync: ignore error if deleting an already deleted entry 2020-09-09 00:19:35 +01:00
Howard Chu
95c5a1698b ITS#9338 Make sure connection gets rescheduled after write blockage clears up 2020-09-04 18:22:40 +01:00
Howard Chu
0b20b92ec1 ITS#9338 syncrepl: Don't reuse existing connection on Refresh fallback 2020-09-04 18:22:32 +01:00
Howard Chu
ed356c55d9 ITS#9334 slapo-ppolicy re-fix ITS#9302 
The mutex_lock was being skipped in the lockout case,
but still calling mutex_unlock at the end.
 2020-09-03 21:30:35 +01:00
Howard Chu
b24ca75993 ITS#9201 fix LDAP_THREAD_DEBUG 
Add missing defs to ldap_thr_debug.h.
slap tools must init libldap so internal mutexes get inited.
 2020-09-03 12:37:32 +01:00
Quanah Gibson-Mount
b51faa5cf0 Revert "Tweak prev commit for RE24 style debug" 
This reverts commit d224e576a9.

Revert, wrong branch
 2020-09-02 19:33:03 +00:00
Quanah Gibson-Mount
d224e576a9 Tweak prev commit for RE24 style debug 2020-09-02 19:31:59 +00:00
Howard Chu
4c7787303c ITS#9121 fix for URLs with no filter 2020-09-02 01:34:07 +01:00
Howard Chu
41396248a2 ITS#9282 more for merge_state 
Don't assume si_cookieState is always newer
 2020-08-31 20:09:52 +01:00
Howard Chu
8699e5f32e ITS#9282 fix crash in nonpresent_callback 
In a standard Refresh present phase, the provider sends no cookie
since it is only listing the entries that existed as of the time
in the cookie the consumer sent. In this case the consumer only
needs to check entryCSNs against its last sent cookie.
 2020-08-31 19:36:10 +01:00
Howard Chu
0ce83b26af ITS#9330 Fully serialize delta-sync 
Don't depend on accesslog overlay's serialization
 2020-08-29 01:13:04 +00:00
Howard Chu
edc94862b7 ITS#7639 fix crash in config_delete 
Additional fix to 41352ea34d
The overlay must be deleted from the backend before the
callback can execute. In particular, it must be done before
the threadpool is unpaused.
 2020-08-29 00:13:19 +00:00
Howard Chu
f883a57593 ITS#8427 don't set tls_ctx if TLS wasn't requested 
Also, set any remaining TLS options that weren't carried along
in the TLS ctx.
 2020-08-28 18:44:35 +01:00
Quanah Gibson-Mount
8d31219647 More for ITS#8845, skip cleanup on async op with extended operations 2020-08-26 21:55:39 +00:00
Howard Chu
9900794af1 ITS#9329 Re-fix merge_state 
A bit uglier but more straightforward.
 2020-08-26 21:00:00 +01:00
Quanah Gibson-Mount
c1411b8199 ITS#9323 - Limit to OpenSSL 1.0.2 or later 2020-08-25 21:52:04 +00:00
Howard Chu
9666306d86 ITS#9329 syncrepl: fix regression from ITS#9282 2020-08-25 21:13:22 +00:00
Fabrice Fontaine
8df03b435e ITS#9327 - Fix stripping when cross-compiling 
Probably-Signed-off-by: Dave Bender <bender@benegon.com>
[yann.morin.1998@free.fr: patch was made by Dave, but he
 forgot his SoB line, so I added it]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/openldap/0001-fix_cross_strip.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 2020-08-25 19:54:59 +00:00
Howard Chu
5aa7e0f69b ITS#9324 syncrepl: don't wait forever in Refresh mode 
Just poll for available data, same as Persist mode.
Clarify retry/return states from do_syncrep2
 2020-08-24 15:12:24 +00:00
Howard Chu
88e569d857 ITS#9249 librewrite: fix malloc/free corruption 
If substitution parsing fails, would attempt to free a mapping
that hadn't been allocated yet.

Also, on failure, caller in saslauthz would attempt to free a
rwinfo struct that hadn't been allocated.
 2020-08-23 19:32:51 +00:00
Fredrik Roubert
8a521c17aa ITS#9232 - Implement caseIgnoreListSubstringsMatch. 2020-08-21 21:45:19 +00:00
Quanah Gibson-Mount
aa78299346 ITS#9311 - Correctly mark overlays as singular 2020-08-21 19:34:27 +00:00
Howard Chu
650b1404c2 ITS#9054, #9318 add new TLS options to slapd bindconf 
For use with back-ldap/back-meta/syncrepl/etc
 2020-08-21 20:06:56 +01:00
Howard Chu
12e11c9b84 ITS#9121 slapo-dynlist, -memberof: define memberOf if needed 
Ignore if it's defined already. Make it no-user-mod.
 2020-08-18 23:49:26 +00:00
Howard Chu
9d2f15307d ITS#7926 dynamic changes to olcListenerThreads 
Reallocates sockets from old to new listener threads
 2020-08-18 22:37:50 +01:00
Howard Chu
2f94318f06 ITS#7926 support multiple config cleanup functions per op 
Prep for main changes
 2020-08-18 22:00:58 +01:00
Howard Chu
b0d7308371 ITS#9135 fix index error on collapsed range 2020-08-13 18:18:45 +01:00
Quanah Gibson-Mount
00b14b1e28 ITS#9133 - Fix syncprov to be singular. 2020-08-10 23:41:07 +00:00
Howard Chu
633d40b0ac For ITS#9309 fix check for duplicate overlays 
and pass error message back to frontend
 2020-08-10 16:40:54 +01:00
Howard Chu
c8c39b8468 ITS#9309 don't allow ppolicy to be configured more than once on a backend 2020-08-10 16:07:39 +01:00
Howard Chu
8849d83f75 ITS#9279 fix Netscape password_expired control 2020-08-04 22:04:14 +00:00
Howard Chu
138c492696 ITS#9302 fix pwdFailireTime mutex scope 2020-07-30 17:53:25 +01:00
Arvid Requate
0e675be7ef ITS#9302 ppolicy: avoid pwdFailureTime race condition 2020-07-30 17:32:32 +01:00
Howard Chu
4cf90e84de ITS#9295 use replace on single-valued attrs 
For delta-sync as well as regular sync
 2020-07-29 16:15:42 +01:00
Ondřej Kuzník
917fcc03ee ITS#9279 Send Netscape expired control as a bare string 2020-07-27 14:22:24 +02:00
Ondřej Kuzník
43ebfa8fb4 ITS#6467 Make accesslog a possible sessionlog source 2020-07-22 22:25:10 +01:00
Ondřej Kuzník
66a743f119 ITS#6467 Record minCSN in audit container 2020-07-22 22:25:10 +01:00
Ondřej Kuzník
4b62f3b8d2 ITS#8645 Check for all syncrepl errors 2020-07-22 20:22:50 +00:00
Quanah Gibson-Mount
3716245fec Issue#8511 - Update documentation and configs to correctly use multiprovider 2020-07-22 19:32:49 +00:00
Ondřej Kuzník
a49b553676 ITS#9279 Implement Netscape password policy controls in ppolicy 2020-07-22 18:57:38 +00:00
Ondřej Kuzník
521b8bbe4b ITS#9282 Check entries are covered by new contextCSN before deletion 2020-07-22 18:24:52 +00:00
Ondřej Kuzník
5bbcf38c78 ITS#9282 Build a complete cookie for the search 2020-07-22 18:24:51 +00:00
Howard Chu
2c0499ae4e ITS#9121 support nested groups 2020-07-22 15:11:24 +00:00
Howard Chu
9210ed1618 ITS#9121 add dynamic memberOf support for static groups 2020-07-22 15:11:24 +00:00
Quanah Gibson-Mount
21eef84a49 ITS#9275 -- Update wording to remove slave and master terms, consolidate on provider/consumer 2020-07-18 16:27:04 +00:00
Ondřej Kuzník
947bbfbf5a ITS#9280 Add olcPPolicyDisableWrite to the objectclass 2020-07-08 14:47:03 +01:00
Ondřej Kuzník
31423439c5 ITS#9043 Make sure uuidstr is initialised on use 2020-07-08 12:54:08 +01:00
Howard Chu
4fab675560 ITS#9285 don't hide ppolicy control 2020-07-07 21:01:32 +01:00
Ondřej Kuzník
bdc9dbc511 ITS#8701 Implement account usability in ppolicy 2020-07-07 16:43:37 +01:00
Quanah Gibson-Mount
c06ac436e2 ITS#9235 Merge libldap_r into libldap 2020-07-03 17:23:14 -07:00
Ondřej Kuzník
e05c09b919 ITS#8762 Clear pwdFailureTime on unlock 2020-07-03 20:42:14 +00:00
Ondřej Kuzník
376d5d65cb ITS#7084 ACL of 'manage' gives pasword administrator access 
Password administrators can bypass safeModify, password quality checks
and trigger reset if policy instructs the server to.
 2020-07-03 20:42:14 +00:00
Ondřej Kuzník
a030aacc39 ITS#7788 Allow pwdFailureTime tracking be disabled in policy 2020-07-03 20:42:14 +00:00
Ondřej Kuzník
0b6ac3fd76 ITS#7788 Skip lockout processing if no policy applies 2020-07-03 20:42:14 +00:00
Ondřej Kuzník
3ec005a097 ITS#7788 Report if there is a policy that applies 2020-07-03 20:42:14 +00:00
Ondřej Kuzník
3e0447f4a6 ITS#7089 Skip lockout checks/modifications if password attribute missing 2020-07-03 20:42:14 +00:00
Ondřej Kuzník
49504c16d2 Fix whitespace in ppolicy.c 2020-07-03 20:42:14 +00:00
Ondřej Kuzník
e24a6bf5c1 ITS#8768 Do not update main CSN during delete phase 2020-06-23 16:06:09 +00:00
Ondřej Kuzník
182ec30a6b ITS#8768 Accept delcsn from the server 2020-06-23 16:06:09 +00:00
Ondřej Kuzník
d1e874c605 ITS#8768 Introduce delcsn into our syncrepl cookies 2020-06-23 16:06:09 +00:00
Ondřej Kuzník
eae2dfde04 ITS#9280 Add ppolicy_disable_write 2020-06-23 15:29:26 +00:00
Quanah Gibson-Mount
58c978825c Issue#9020 - Use consistent namespaces for overlays 2020-06-22 20:44:12 +00:00
Ondřej Kuzník
3e5490f467 ITS#9043 More descriptive logs for syncrepl traffic and decisions 2020-06-22 18:20:22 +00:00
Ondřej Kuzník
799607231d ITS#7796 Move 'not indexed' messages to loglevel filter 2020-06-22 09:28:26 +01:00
Ondřej Kuzník
71560032f4 ITS#8949 Check eblock exists before freeing 
cn=config changes might cause slapi_plugins_used transition from 0
during the lifetime of operation (cn=config change or syncrepl) or
a connection and we should be able to deal with that.
 2020-06-21 22:53:14 +00:00
Ondřej Kuzník
6b46232ab8 ITS#8473 Implement ordering stable (de)registration 2020-06-21 22:53:14 +00:00
Ondřej Kuzník
e5105e706e ITS#8473 Mark olcPlugin as ordered 2020-06-21 22:53:14 +00:00
Quanah Gibson-Mount
0d0d50724a ITS#8140 - Update bind operations to note bind_ssf vs overall connection ssf 2020-06-21 22:04:46 +00:00
Ondřej Kuzník
57b0ed909c ITS#8434 Allow cleanup at the end of a failed back-config add 2020-06-21 18:55:09 +00:00
Howard Chu
2346dfd2a0 ITS#9262 check referral 2020-06-21 00:45:45 +01:00
Quanah Gibson-Mount
4e8f91304e Issue#9239 - Fix case where e->e_dn may be NULL causing a segfault on some platforms 2020-05-27 19:51:16 +00:00
Quanah Gibson-Mount
f926e66723 ITS#8873 - Delete obsolete configuration options from back-ldap, back-meta, and back-asyncmeta 2020-05-26 19:59:56 +00:00
Howard Chu
c70e2e0869 ITS#9264 more for unique locking 2020-05-25 22:38:30 +01:00
Ondřej Kuzník
f3952d947b ITS#9059 Document why we do FIND_CSN 2020-05-22 16:57:53 +00:00
Ondřej Kuzník
709d805f84 ITS#9059 Skip mincsn check if sessionlog replay was successful 2020-05-22 16:57:53 +00:00
Howard Chu
9183abe62c ITS#9264 add an optional lock to slapo-unique 2020-05-22 15:08:20 +01:00
Quanah Gibson-Mount
c91bbe6eea ITS#8614 - slapd must be built threaded 2020-05-14 16:30:17 +00:00
Ryan Tandy
fc8a7b25b8 ITS#9258 More for ITS#6937, don't free user/group 2020-05-10 08:47:54 -07:00
Howard Chu
f5ff1dad7e ITS#9227 fix attr / opattr detection in prev commit 2020-05-08 18:50:58 +01:00
Howard Chu
5462fc26b5 ITS#9227 syncrepl: don't delete non-replicated attrs 2020-05-08 16:23:44 +01:00
Howard Chu
d38d48fc8f ITS#9202 limit depth of nested filters 
Using a hardcoded limit for now; no reasonable apps
should ever run into it.
 2020-04-28 13:58:15 +00:00
Ryan Tandy
8f174209e1 ITS#7573 Fix back-perl dynamic config with threaded slapd 2020-04-27 16:21:12 +00:00
Isaac Boukris
3cd50fa8b3 ITS#9189 rework sasl-cbinding support 
Add LDAP_OPT_X_SASL_CBINDING option to define the binding type to use,
defaults to "none".

Add "tls-endpoint" binding type implementing "tls-server-end-point" from
RCF 5929, which is compatible with Windows.

Fix "tls-unique" to include the prefix in the bindings as per RFC 5056.
 2020-04-23 21:00:39 +02:00
Quanah Gibson-Mount
96fedda628 ITS#5573 - Expose contextCSN, entryCSN in subschema entry 2020-04-22 18:59:38 +00:00
Quanah Gibson-Mount
bc9a92866a ITS#6740 - Always enable rewrite 2020-04-22 14:49:10 +00:00
Howard Chu
bcb0af6262 ITS#6745 slapd daemon: use separate emfile mutex 2020-04-17 02:46:10 +01:00
Ondřej Kuzník
550476b5ad ITS#9112 Silence warnings 2020-04-16 16:41:35 +00:00
Ondřej Kuzník
8f01fdec36 ITS#8731 Remove unused arguments 2020-04-16 16:41:35 +00:00
Ondřej Kuzník
65d0936811 ITS#8245 Silence warning 2020-04-16 16:41:35 +00:00
Quanah Gibson-Mount
a97eed06f0 ITS#6937 - Remove unused proctitle bits 2020-04-15 19:32:28 +00:00
grapvar
a5e17673a6 ITS#9214 slapd-mdb: plug cursor leak in dnSuperiorMatch filter 2020-04-15 00:14:37 +01:00
Ryan Tandy
38f9dd2fb8 ITS#7878 Replace uint32_t with unsigned in back-mdb 
init.c: align mi_dbenv_flags and flags with mdb_dbi_open, which declares
flags as unsigned int.

search.c: align mi_rtxn_size with ARG_UINT; adjust ww_ctx.nentries to
silence a warning about signed/unsigned comparison.

config.c: parse checkpoint config more carefully. Reject negative or
unreasonably large values for kbytes and minutes. Ensure both values are
parsed successfully before making any changes.

Fixes a compilation failure under MinGW, where stdint.h types are not
implicitly pulled in by other headers.
 2020-04-14 10:04:33 -07:00
Ondřej Kuzník
f6d9fdc4f1 ITS#9043 Improve replication loggging 2020-04-14 09:58:03 +01:00
Ryan Tandy
bbe20cbf4c ITS#8731 cleanup unused logbuf 2020-04-13 18:57:50 +00:00
Ryan Tandy
e18764465f ITS#9212 Restore snprintf to caller-provided buffer 
76df74dbea removed some snprintfs to
buffers that are actually returned to the client. Restore these.
 2020-04-13 18:57:50 +00:00
Howard Chu
5bfd8d8888 ITS#9121 Fix MatchingRuleAssertion init 2020-04-07 16:26:35 +01:00
Ondřej Kuzník
6d6a330057 ITS#8245 Use Relax control to avoid uniqueness checks 
Still needs to retrieve the entry for ACL resolution until we can
restrict controls with ACLs.
 2020-04-06 20:44:09 +00:00
Howard Chu
0debad5830 ITS#9121 memberOf shortcut 
Don't try to generate it if it wasn't requested
 2020-04-04 03:48:14 +01:00
Howard Chu
15a922a5a3 ITS#9121 memberof fix 
Fix for groupURI with no filter
 2020-04-03 21:38:41 +01:00
Howard Chu
8180326ffe ITS#9121 typos 2020-04-03 21:29:25 +01:00
Howard Chu
5d82ba4905 ITS#9121 fix typo 2020-04-03 21:27:48 +01:00
Howard Chu
906cab755d ITS#9121 fix memberOf filtering 
Replace (memberOf=<groupDN>) filter with expansion of group's URI
 2020-04-03 21:25:58 +01:00
Howard Chu
015eae8fde ITS#9121 optimize dyngroup membership checking 
parse dyngroup URLs in advance, don't use the ACL engine's
evaluator any more
 2020-04-03 21:25:43 +01:00
Howard Chu
c9ff501e6d ITS#9121 memberof counting 
Keep track of number of uses of memberOf in config, to
allow bypassing code if not in use.
 2020-04-03 21:25:34 +01:00
Ryan Tandy
1d562a7a52 ITS#6035 olcAuthIDRewrite insert/delete support 2020-04-02 09:10:51 -07:00
Ryan Tandy
c4db906107 ITS#6035 olcAuthzRegexp insert/delete support 2020-04-02 09:10:51 -07:00
Ryan Tandy
822ed8c11d ITS#6035 saslauthz cleanups (no functional change) 
- give authid-rewrite's argument a name
- tidy saslauthz.c whitespace (mixed spaces/tabs)
- always declare slap_sasl_regexp_destroy: fixes an implicit declaration
  warning when configured without librewrite
- delete dead code: ENABLE_REWRITE implies SLAP_AUTH_REWRITE, so this
  code is never compiled
- make slap_sasl_regexp_rewrite_config static
- omit sasl_regexp unused fields when built with librewrite
 2020-04-02 09:10:51 -07:00
Emily Backes
f4bfb5e0a5 ITS#7074 - change olcDatabaseDummy initialization for windows 2020-03-20 19:08:22 +00:00
Howard Chu
2d87a1c7b5 ITS#9182 pcache: fix private DB init 2020-03-11 19:17:10 +00:00
Howard Chu
1c05dce379 ITS#9121 fix filter error message 
Filters use parentheses, not brackets.
 2020-03-06 17:29:44 +00:00
Howard Chu
2c6fccb49b ITS#9121 plug entry leak 2020-02-25 18:06:15 +00:00
Ondřej Kuzník
a2a859fd0b Correct cyrus-sasl version verison check 2020-02-21 10:44:59 +00:00
Ondřej Kuzník
140b676bc1 ITS#9171 Insert callback in the right place 2020-02-21 10:44:59 +00:00
Howard Chu
299fb490a2 ITS#9121 fix prev commit 
Only flush entry if dynlist_prepare_entry altered it
 2020-02-14 22:32:03 +00:00
Ondřej Kuzník
47e0e3fdb5 ITS#9160 OOM handling in back-asyncmeta 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
7336827769 ITS#9160 OOM handling in back-meta 2020-02-07 09:46:52 +00:00
Ondřej Kuzník
816d94b221 ITS#9160 OOM handling in slapd 2020-02-07 09:46:52 +00:00
Howard Chu
02eb0b6fe8 ITS#9121 fix filtering of dyngroups with memberof 2020-02-04 16:36:42 +00:00
Quanah Gibson-Mount
165c632249 Move CONFIG_DELETE out from behind LDAP_DEVEL 2020-02-03 16:55:34 +00:00
Quanah Gibson-Mount
7244a7b6d8 ITS#8040 - Move LAZY_COMMIT to be active outside of LDAP_DEVEL 2020-02-02 19:02:18 +00:00
Quanah Gibson-Mount
0dbbe8c012 ITS#8040 - Fix missing ifdefs for LAZY_COMMIT 2020-02-02 19:00:34 +00:00
Quanah Gibson-Mount
707d2a9211 ITS#8966 - Remove DO_DSEE ifdef Remove ifdef for DO_DSEE as it's required to be defined for syncrepl.c to compile 2020-02-02 19:00:31 +00:00
Quanah Gibson-Mount
4d2fa65969 Remove LDAP_FEATURE_X_CANCHAINOPS from behind LDAP_DEVEL 2020-01-30 18:54:36 +00:00
Ondřej Kuzník
76c43165ea Remove LDAP_X_TXN and rename accordingly 2020-01-28 12:09:09 +00:00
Ondřej Kuzník
0cf2b12154 ITS#9156 Fix leftover typo 2020-01-27 14:11:59 +00:00
Ondřej Kuzník
16793977ff ITS#9156 Add pwdCheckModuleArg to ppolicy 2020-01-23 23:47:04 +00:00
Ondřej Kuzník
419b9ad202 ITS#9156 Implement pwdMaxIdle 2020-01-23 23:46:58 +00:00
Ondřej Kuzník
8c10b0481a ITS#9156 Implement pwdMinDelay and pwdMaxDelay 2020-01-23 23:46:54 +00:00
Ondřej Kuzník
c0ae078afd ITS#9156 Implement pwdStartTime and pwdEndTime 2020-01-23 23:46:50 +00:00
Ondřej Kuzník
9ce2d2f9d2 ITS#9156 Implement pwdMaxLength 2020-01-23 23:46:43 +00:00
Ondřej Kuzník
f60e41bc14 ITS#9156 Implement pwdGraceExpiry 2020-01-23 23:46:38 +00:00
Ondřej Kuzník
79728709e9 ITS#9156 Keep module info around for longer 2020-01-23 23:46:28 +00:00
Ondřej Kuzník
4bc54d104a ITS#9156 Update ppolicy schema to the latest draft 2020-01-23 23:46:16 +00:00
Ondřej Kuzník
44191183be ITS#9156 Move ppolicy schema into the module 2020-01-23 23:45:41 +00:00
Ondřej Kuzník
254b62b803 ITS#9126 Add a missed normalised copy of pwdChangedTime 2020-01-23 23:15:09 +00:00
Howard Chu
f860fff714 ITS#9121 more memberof tweaks 2020-01-21 23:36:56 +00:00
Howard Chu
8e2291275a ITS#9121 dynlist: fix not filters 2020-01-21 11:27:21 +00:00
Howard Chu
c06807ec45 ITS#9120 fix tm2time compat breakage 
Add lutil_tm2gtime for Proleptic Gregorian calendar,
revert lutil_tm2time to previous behavior using Unix epoch
 2020-01-19 19:05:04 +00:00
Howard Chu
e7538fa462 ITS#9154 back-mdb add number of entries to cn=monitor 2020-01-18 12:53:07 +00:00
Howard Chu
cb42a6e91a ITS#9121 fix memberOf eval 
Must disable ACL group caching when checking membership
 2020-01-17 14:49:58 +00:00
Howard Chu
9a8d7f305b ITS#9150 fix nosync FALSE config 2020-01-11 04:24:54 +00:00
Quanah Gibson-Mount
f6ad222e41 Happy New Year! 2020-01-09 16:50:21 +00:00
Howard Chu
57dbe995b8 ITS#9146 syncprov: fix sessionlog init 2020-01-08 22:22:14 +00:00
Ondřej Kuzník
8550e91fcc ITS#9124 BerElement sits on the stack 2020-01-03 11:49:17 +00:00
Howard Chu
14d4215bc1 ITS#9121 more for dynamic memmber/memberOf 2019-12-18 20:37:58 +00:00
Howard Chu
62ec3d99c0 ITS#9121 schema update for prev commit 2019-12-18 20:34:50 +00:00
Howard Chu
c458744e32 ITS#9121 cleanup 
Delete unused code, add comments
 2019-12-16 18:42:57 +00:00
Howard Chu
90b0abd894 ITS#9121 dynlist enhancements 
1) allow filtering on dynamic attribute values
2) populate an optionally configured memberOf attribute

test044 script still needs to be extended to test these
enhancements. We need to define an interim attributeType
for testing memberOf functionality.
 2019-12-16 18:31:12 +00:00
Arvid Requate
44a7b4632e ITS#9128 fix bus error in strchrlen 2019-12-04 20:50:44 +00:00
Ondřej Kuzník
b71235ac45 ITS#8629 Make sure pwcons is around for slapauth 
Long term, overlay callbacks should not be running in tool mode at all.
 2019-12-02 13:28:10 +00:00
Howard Chu
1a0ab3d269 ITS#9125 check HAVE_TLS 2019-12-01 19:04:27 +00:00
Ondřej Kuzník
1dbf0e9441 ITS#9124 Check we have data to process in Cancel Exop 2019-11-29 10:04:08 +00:00
Howard Chu
63922b076c ITS#9119 fix global operation counter reporting 2019-11-15 16:26:14 +00:00
Howard Chu
4d7be1c161 ITS#9112 cleaner error handling during connection setup 
And additional debug code for tracking errant close()s
 2019-10-28 23:01:08 +00:00
Howard Chu
230b469669 ITS#9100 relax domainScope check for absent value 2019-10-28 19:01:36 +00:00
Howard Chu
379f138098 ITS#9091 drop attr mappings added in an aborted txn 
If a txn is aborted in id2entry_put, attribute index mappings
added during that txn must also be dropped from memory.
 2019-10-14 18:34:07 +01:00
Howard Chu
4bc333c5e7 ITS#9095 insert missing commit at end of slapindex processing 2019-10-11 20:48:51 +01:00
Ondřej Kuzník
81025cc8bf ITS#9077 Let the loop finish 2019-09-23 16:37:38 +01:00
Ondřej Kuzník
dc3e450104 ITS#8731 Remove extra args 2019-09-10 19:00:24 +01:00
Ondřej Kuzník
a14fb731ac ITS#9076 Set oldctrls correctly 2019-09-10 19:00:24 +01:00
Julia Bremer
8514f2a771 ITS#9067 fix syntax evaluation of preferredDeliveryMethod 2019-08-26 17:14:25 +01:00
Howard Chu
92b03e82e0 ITS#7657 honor unchecked limit 2019-07-17 10:17:43 +01:00
Howard Chu
e90e8c7d3c ITS#7657 back-mdb improve alias deref 
Don't search for scopes of entries with no children
 2019-07-15 16:47:18 +01:00
Ondřej Kuzník
230b853488 ITS#8427 Take late TLS configuration into account 2019-07-15 17:01:08 +02:00
Howard Chu
5fec7b777f ITS#8977 don't use any stack allocated IDLs 
Trying again, fixed previous attempt
 2019-07-11 15:47:03 +01:00
Howard Chu
0fa0f8ff07 ITS#9052 zero out sasl_ssf in connection_init 2019-07-10 21:29:39 +01:00
Howard Chu
f6766f1a1f Revert "ITS#8977 don't use any stack allocated IDLs" 
This reverts commit bfe9152c4c.
 2019-07-03 17:20:34 +01:00
Howard Chu
bfe9152c4c ITS#8977 don't use any stack allocated IDLs 2019-07-03 16:59:53 +01:00
Howard Chu
ec411582d6 ITS#8977 make sure olcBackend entry is created 2019-06-27 15:33:09 +01:00
Ondřej Kuzník
c06dc95cf9 ITS#8799 Let the common backend be configured through cn=config 2019-06-20 17:03:27 +02:00
Ondřej Kuzník
747679256c Resolve conflict between ITS#7492 and ITS#7520 2019-06-20 17:03:27 +02:00
Ondřej Kuzník
75e0eba1f7 ITS#9000 memberof: noop a noop rename 2019-06-20 16:55:13 +02:00
Howard Chu
fbe5611e60 ITS#9038 restrict rootDN proxyauthz to its own DBs. 
Treat as normal user for any other DB.
 2019-06-19 12:40:19 +01:00
Quanah Gibson-Mount
bc61773904 ITS#8286 - Add missing matching rules 
Add missing matching rules for the cn=config schema elements for:

slapd-null
slapd-relay
slapo-chain
 2019-06-18 17:31:55 +00:00
Quanah Gibson-Mount
85ccf7bbac ITS#8997 - Fix segfault by setting return code value 
Fix case with back-ldap where an entry was returned but didn't match the filter being applied by setting the return code value before dropping to cleanup.
 2019-06-17 17:15:00 +00:00
Ondřej Kuzník
be55ce8087 ITS#8637 Reject multiple chain URIs just like slapd.conf 2019-06-17 16:05:44 +00:00
HAMANO Tsukasa
77119a1f6f ITS#8349 - Fix ppolicy behavior when pwdInHistory is changed 2019-06-17 15:55:15 +00:00
Ondřej Kuzník
d40b357f5d ITS#8964 Do not free original filter 2019-06-17 12:49:25 +02:00
Ondřej Kuzník
02df0b485a ITS#8427 Only do StartTLS if configured 2019-06-13 12:12:54 +02:00
Ondřej Kuzník
1273a38eda ITS#8427 Set up TLS settings on each reconnection 2019-06-12 16:40:04 +02:00
Quanah Gibson-Mount
ec2cb12e68 ITS#9010 - Delete back-bdb/back-hdb 
This commits deletes all references and code for back-bdb and back-hdb.
There is some follow up work still necessary to flush out the admin
guide for back-mdb.
 2019-05-13 17:20:28 +00:00
Ondřej Kuzník
5957cbb660 ITS#8743 Initialise the metafilter we allocate 2019-05-13 13:07:11 +01:00
Ondřej Kuzník
7ca538ff87 ITS#9015 Treat an empty cookie from a FALLBACK search as a success 2019-05-08 15:42:12 +01:00
Ondřej Kuzník
abcf0e8f23 ITS#9015 Don't generate contextCSN on empty DB 2019-05-08 15:42:12 +01:00
Ondřej Kuzník
1df2b85c32 ITS#9015 Generate contextCSN unless we're a pure replica. 
Essentially reverts part of cd8ff37629 to
make sure there is always a contextCSN if the server is in charge of its
own serverID.
 2019-05-08 15:42:12 +01:00
Howard Chu
c42c996966 ITS#9012 one more Win64 fix 
Was omitted from dda779d83e
 2019-04-21 22:10:03 +01:00
Ondřej Kuzník
3bda24173d Do not leak memory in slappasswd 2019-03-27 10:54:42 +00:00
Howard Chu
8b7f21c7aa ITS#8999 more for prev commit 2019-03-26 13:12:26 +00:00
Howard Chu
d8c90a2fee ITS#8999 fix telephoneNumberNormalize, cert DN validation 2019-03-26 11:18:55 +00:00
Howard Chu
47102fcced Add persist support 2019-03-20 08:47:48 -07:00
Howard Chu
4534528fe1 ITS#8990 pickup SLAP_MOD_SOFT modops 2019-03-11 18:52:26 +00:00
Howard Chu
c825edf67e ITS#8989 fix bitshift integer overflow 2019-03-10 14:26:08 +00:00
Quanah Gibson-Mount
a32cab8b72 write waiter handling cleanup 
Follow on to commit 88d22a1ca3

Remove dead code
 2019-03-07 23:31:44 +00:00
Nadezhda Ivanova
ea1eb19303 Use LDAP_OPT_KEEPCONN to prevent the target connection from being freed 
On error, the ldap connection was freed and under some circumstances the fd was being reused,
which caused an assertion error in connection_init.
 2019-02-28 17:28:04 +00:00