parent's "children" attribute. Write lock parent to prevent
multiple clients making conflicting operations concurrently.
If parent doesn't exist (ie: is backend root), acquire a writer
lock (a simple mutex) on the "root."
Use -DSLAPD_CHILD_MODIFICATION_WITH_ENTRY_ACL to use the child's
"entry" acl for modrdn/delete operations.
- slapd's pid/args file names are based on the servers binary file names,
providing for multiple servers beeing run on one host.
- slapd supports the -l command line parameter for selection of a
syslog LOCAL user (-lLOCAL0 .. -lLOCAL7)
- db_appinit() is called during first ldbm_open() in DB 2.x to initialize
DB debugging features (good to find bugs in the DB code :-)
- a patch for a non-initialized variable in DB's 2.x db_open is provided.
Resolved deadlock by passing target entry to be_group and using
this if dn same as bdn. It might actually be safer to check
entry ids instead of dns.
Resolved bogus add to cache after failed acl check by deferring
cache add until after parent/acl checks have successful been
completed.
Eliminated race condition caused by concurrent adds
of same dn by adding 'li_add_mutex' around the critical section
of code (most of ldbm_back_add).
This code is preliminary and still needs significant testing.
struct friendly (Friendly) changed to ldap_friendly (LDAPFriendly)
ldap_friendly friend prefix changed to 'lf_' from 'f_'
removed mod_next field from LDAPMod (struct ldapmod)
modified slapd to use new LDAPModList (struct ldapmodlist) struct.
Added LDAPv3 result codes to ldap.h
"Check that the entry has no writers before removing it from the
cache" sounds more sensible to me than "check that it *has* writers"
before removing it.
I've also changed the default cachesize for tests to 4. This
should help discover such problems.
Remove MD5 and SHA1 options (both are now always on). Rename
functions to be lutil_ instead of ldap_.
Create --enable-cleartext option. Default is currently 'on'.
This could cause problems on odd systems. The generic
headers should be extended as needed to include necessary
system headers or, if necessary, make explicit declarations.
Extended ac/string.h header to look for string.h/strings.h if
STDC_HEADERS is not defined. Also provide basic declarations for
str*() functions. This could cause problems on odd systems.
Extended ac/unistd.h header to define basic declaration for misc
functions that might be missing from headers. This includes
externs for getenv(), getopt(), mktemp(), tempname().
Protect fax500.h from multiple inclusion. Moved includes of
system/generic headers back to source files.
Made mail500 helper functions static.
Fixed includes of ctype.h, signal.h, etc. to use generics.
lutil/tempname.c: was including stdlib.h twice, one should stdio.h.
Wrapped <sys/resource.h> with HAVE_SYS_RESOURCE_H.
lber/io.c/ber_get_next(): Changed noctets back to signed.
Used with BerRead which expects signed int as second arg and
returns signed int.
Most function and variable definitions are now preceded by its extern
definition, for error checking. Retyped a number of functions, usually
to return void. Fixed a number of printf format errors.
API changes (in ldap/include):
Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.
A number of `extern' declarations are left (some added by protoize), to
be cleaned away later. Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
#include <stdlib.h> to get malloc & co various places,
#include <ac/string.h> to get strlen & co in (liblutil/setproctitle.c),
declare ch_malloc & co (slurp.h), avl_find_lin (avl.h), Malloc (ud/edit.c).
Also changed ch_malloc & co from char* to void* functions.
SHA1 support is contributed by Daniel J. Gregor <dj@gregor.com>
MD5 support is contributed by me <kurt@OpenLDAP.org>
Uses public domain MD5 routines
Uses ISC/IBM freely redistributable Base64 routines
SHA1 support requires external SHA1 routines
adds POSIX RegEx (and removes BSD re_comp/re_exec) support.
* POSIX RegEx is not currently included in the distribution, however
we will probably add Henry Spencer's REGEX library soon.
* ACL Group functionality is also included in this merge!