mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-27 03:20:22 +08:00
Code Issues Packages Projects Releases Wiki Activity
11,202 Commits 38 Branches 307 Tags 74 MiB
dca809ff8d
Commit Graph

143 Commits

Author SHA1 Message Date
Kurt Zeilenga
59857824ff Treat access to dn="" as access to dn.base="". Avoid empty regex. 
Note: by dn="" already treated as anonymous.
 2002-02-08 18:32:12 +00:00
Howard Chu
5e522ca882 Changed Access.a_sockurl_pat, Connection.c_listener_url etc. 
to struct bervals
 2002-01-28 11:41:07 +00:00
Kurt Zeilenga
ce2d8ebc7e Misc cleanup, lint removal, and minor optimizations 2002-01-13 05:00:59 +00:00
Howard Chu
8067107ed2 Added an_oc to AttributeName for caching ObjectClass lookups. 
Added error checking to str2anlist; if the attr name doesn't match
any attribute or objectclass the offending attr name is displayed.
 2002-01-10 09:54:14 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
bcdfdb968f Changed AttributeName back into an array instead of a linked list. 
Fixed bug in do_search eating up controls.
 2002-01-03 05:38:26 +00:00
Howard Chu
f52cc9bab5 Change struct berval ** to BVarray 2002-01-02 11:00:36 +00:00
Howard Chu
743c402265 Changed search attrs from struct berval ** to AttributeName * 2001-12-31 11:35:52 +00:00
Pierangelo Masarati
3930a390e0 cleanup 2001-12-29 10:30:23 +00:00
Howard Chu
975a5e9a24 Added dnPretty2/dnNormalize2 using preallocated destination berval 2001-12-29 04:48:00 +00:00
Pierangelo Masarati
04ce28cf48 a couple of comments; will require special DN handling ... 2001-12-28 18:18:16 +00:00
Howard Chu
bbcb0f8a7f Replace strcat with slap_strcopy 2001-12-26 16:25:18 +00:00
Howard Chu
15f630545a Changed ma_rule_text to struct berval. 
Changed get_filter to struct bervals
 2001-12-26 13:47:10 +00:00
Howard Chu
fb3af1ccbd Merged ber_bvstr and ber_bvstrdup into ber_str2bv. 2001-12-26 10:06:19 +00:00
Howard Chu
68b1bbb89d Changed search attrs to struct berval **. 
Use typedefs for all backend functions, to minimize work in future API
updates. (back-*/external.h will never need updating in the future.)
 2001-12-26 08:17:44 +00:00
Howard Chu
b96645af7d More struct berval changes, dnNormalize migration... 2001-12-26 04:17:49 +00:00
Kurt Zeilenga
d047cc854e Require the struct berval **out argument of dnPretty/dnNormalize 
point to a NULL pointer, that is assert( *out == NULL ).
Eventually, we'll allow **out to point to a preallocated
struct berval (to avoid unnecessary allocation).
 2001-12-24 18:38:20 +00:00
Howard Chu
9e0ab3da36 Changed Access->a_set_pat and acl->acl_dn_pat to struct berval to eliminate 
strlen() from acl processing.
 2001-12-24 15:43:27 +00:00
Howard Chu
2f3399265c Changed sai_dn, sai_ndn to struct berval. (Affects op->o_dn,o_ndn, 
conn->c_dn,c_ndn, Access->a_dn_pat)
 2001-12-24 15:11:01 +00:00
Kurt Zeilenga
5c0a8848cf Add abstract object class checks and a bit of structuralObjectClass 
optimization.
 2001-12-20 01:41:44 +00:00
Howard Chu
ff682be26e Added acl_destroy, acl_free. 2001-12-15 12:41:53 +00:00
Pierangelo Masarati
b4e7f0873a trims space after comma in dn.regex acls (prelude to normalization) 2001-11-12 11:29:40 +00:00
Pierangelo Masarati
08ff231888 fixes assertion fault when the <to> clauses's argument does not have a = inside 2001-10-29 08:14:12 +00:00
Howard Chu
0e16f6acf9 Moved AttributeDescription caching into main code: 
Changed AttributeDescription.{ad_cname,ad_lang} to struct berval everywhere
   Deleted ad_free() everywhere
   Added ad_mutex to init.c

The AttributeDescriptions are in a linked list hanging off of the
corresponding AttributeType.
 2001-10-22 13:23:05 +00:00
Kurt Zeilenga
2c9a238571 Allow dn.base="" 2001-09-01 05:01:31 +00:00
Kurt Zeilenga
a5ea7aefd6 Add name and uid support to dnaddr 2001-03-15 04:48:29 +00:00
Julio Sánchez Fernández
6777a3a41a Permit access defined by uniqueMember and not only DN-valued 
attributes.  This allows using groupOfUniqueNames for
access control.
Fix small typo in MRA definition.
 2000-10-09 19:09:22 +00:00
Kurt Zeilenga
63ae1d22e5 Fix ACL SSF reporting 2000-09-05 18:24:24 +00:00
Kurt Zeilenga
bf3df2f7a6 restrictops, requires, disallow knobs; ssf acls; and misc other changes 
man pages to follow...
 2000-08-28 18:38:48 +00:00
Kurt Zeilenga
1c328aa9c7 Minor typedef and other clean ups 2000-08-26 01:14:05 +00:00
Mark Valence
45fdcb7163 Bug fix submitted by Anthony Brock (ITS#637) 2000-07-25 02:16:59 +00:00
Mark Valence
4b1ff75bdd Prepare for Set ACLs and ACIs. 2000-06-29 21:41:54 +00:00
Kurt Zeilenga
d19419392c Use ASCII_*() macros and friends. Should be combined with similiar LDAP_*() 
macros in ldap_pvt.h.
 2000-06-20 17:05:15 +00:00
Kurt Zeilenga
4b58e3b88d Add schema checks. 2000-06-19 16:14:36 +00:00
Mark Valence
1bfcb4b039 Added .regex, .base, .one, .subtree, and .children "style" modifiers. 2000-06-12 01:35:15 +00:00
Kurt Zeilenga
c3f8de76ef Fix up debug statement as suggested by christian.lorenz@suse.de 2000-06-07 14:07:50 +00:00
Kurt Zeilenga
693fb9424a unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT 2000-06-06 19:43:18 +00:00
Kurt Zeilenga
b05d071c3a Fix anonymous mapping 2000-06-03 16:29:34 +00:00
Kurt Zeilenga
3350957674 SLAPD_SCHEMA_NOT_COMPAT: ACI cleanup 2000-05-28 22:17:34 +00:00
Kurt Zeilenga
229e12b69d SLAPD_SCHEMA_NOT_COMPAT: add subtype aware is_at_syntax() 2000-05-28 19:15:37 +00:00
Kurt Zeilenga
c98f0ea02c SLAPD_SCHEMA_NOT_COMPAT: 
Don't depend acl parsing upon slap_schema, it's filled in post-conf
 2000-05-28 18:58:09 +00:00
Kurt Zeilenga
439c0c796d SLAPD_SCHEMA_NOT_COMPAT: Mostly work modify 2000-05-28 16:36:34 +00:00
Kurt Zeilenga
b813a5ba30 SLAPD_SCHEMA_NOT_COMPAT: prelim ACL work 2000-05-27 19:33:08 +00:00
Kurt Zeilenga
60802201e3 Const'ification 
SASL mech removed from backend bind callback (as SASL is managed by frontend)
Changes to some backends are untested (as I don't have all dependent
  software install)
 2000-05-22 03:46:57 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Howard Chu
55f4896cb9 Fix typo with dnattr parsing 2000-05-12 09:10:45 +00:00
Kurt Zeilenga
2f0ec52df9 Fix improperly terminated comment 2000-04-12 01:10:50 +00:00
Kurt Zeilenga
0dbaf87730 Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT 
plus these changes unhidden changes:
	remove now meaning --enable-discreteaci configure option
	fix ITS#451, slapd filters
	Add ber_bvecadd() to support above
	constify ldap_pvt_find_wildcard() and misc slapd routines
	renamed some slap.h macros
	likely broken something
 2000-02-14 20:57:34 +00:00
Kurt Zeilenga
9316c4eace ACI attributes should be of ACI syntax. Need to assign 
OID for experimental syntax.
 2000-02-01 17:53:07 +00:00
Kurt Zeilenga
3a6e906194 Replace -DSLAPD_SCHEMA_COMPAT with -USLAPD_SCHEMA_NOT_COMPAT 2000-01-31 22:14:16 +00:00
Kurt Zeilenga
d8d19d4ff9 Resolve syntax errors created by previous -DSLAPD_SCHEMA_COMPAT work. 2000-01-29 07:00:39 +00:00
Kurt Zeilenga
c5da0c76ce Additional changes to migrate to new schema codes 
Still not usable.
 2000-01-28 20:01:00 +00:00
Howard Chu
0b15c19cdf Fix bug in group spec parsing, was failing to set attributeType if a 
nondefault objectclass was given
 2000-01-15 03:48:37 +00:00
Howard Chu
9f7b1160dd Move str2access and access2str outside #ifdef LDAP_DEBUG clause 1999-11-10 20:28:42 +00:00
Kurt Zeilenga
0ec43c31ba Add more shortcircuits (for $$ cases) 1999-10-26 22:29:47 +00:00
Kurt Zeilenga
3261f219a3 Add support for Root DSE ACLs. 
Add "users" shorthand (dn="^.+$")
Add regex short circuiting for common dn regexs.
 1999-10-26 03:19:41 +00:00
Kurt Zeilenga
06eb390586 Make accessmask2str reentrant. 1999-10-21 23:19:22 +00:00
Kurt Zeilenga
3d765d6108 Additional changes to improve logic and logging. Still buggy. 1999-10-21 20:29:52 +00:00
Kurt Zeilenga
873c8f213b More acl parsing fixes... and print fixes. 1999-10-21 18:44:26 +00:00
Kurt Zeilenga
9c5b7aa29d Fix parsing of descrete attributes. 1999-10-21 18:27:23 +00:00
Kurt Zeilenga
f6829ee903 Initial commit of new ACL engine. Engine supports descrete access 
privs, additive/substractive rules, and rule continuation.  Existing
rules that use 'defaultaccess none' should be 100% compatible.  Rules
that rely other defaultaccess settings will require addition of
explicit clauses granting the access.
Needs additional testing and tuning of logs
 1999-10-21 17:53:56 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers. 
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
 1999-09-08 19:06:24 +00:00
Hallvard Furuseth
33cc7d4cf1 Introduce and use LDAP_GCCATTR() = __attributes__() in gcc 1999-09-03 21:06:33 +00:00
Hallvard Furuseth
ac09c64f5c Fix fprintf format args 1999-08-29 00:26:44 +00:00
Hallvard Furuseth
1a16766b3c Always compile acl_dn_pat when it is set, otherwise acl.c breaks 1999-08-22 03:30:45 +00:00
Kurt Zeilenga
87675a953d ACIs from Mark Valence <kurash@sassafras.com> (ITS#261) 1999-08-20 22:42:04 +00:00
Kurt Zeilenga
2a74677799 const'fication 1999-08-20 19:00:44 +00:00
Kurt Zeilenga
9c3ed0310b Add copyright notices. 1999-08-06 23:07:46 +00:00
Kurt Zeilenga
df8f7cbb9b s/exit(1)/exit(EXIT_FAILURE)/ 
s/exit(0)/exit(EXIT_SUCCESS)/
add <ac/stdlib.h> where needed and other minor header adjustments
 1999-08-03 18:14:24 +00:00
Kurt Zeilenga
5600097ae1 Update ACL field names and usage statement to match -devel post 1999-07-22 00:50:11 +00:00
Kurt Zeilenga
d5b1892ccc Fix acl parse bug 1999-07-21 21:08:05 +00:00
Kurt Zeilenga
933908f72f ACL CHANGES: 
by <who> <access> changed to by <who>+ <access> (joined with AND)
  added peername=<regex> sockname=<regex> url=<regex>
  removed addr=<regex> (use peername instead).
replace dn_upcase with str2upper and str2lower.  Use where needed.
 1999-07-21 20:54:23 +00:00
Kurt Zeilenga
170836751a Namespace changes 
added slap_ and ldbm_ to many structures
  added typedefs to many structures
  used typedefs
New main.c argument parsing with ldap url support (replacing -a address).
New sockaddr_in handling and support for multiple listeners.
 1999-07-19 19:40:33 +00:00
Kurt Zeilenga
73276e84ae Import experimental referral implementation from OPENLDAP_DEVEL_REFERRALS. 
Includes support for update referral for each replicated backend.
	Reworked replication test to use update referral.
Includes major rewrite of response encoding codes (result.c).
Includes reworked alias support and eliminates old suffix alias codes
(can be emulated using named alias).
Includes (untested) support for the Manage DSA IT control.
Works in LDAPv2 world.  Still testing in LDAPv3 world.
Added default referral (test009) test.
 1999-07-16 02:45:46 +00:00
Kurt Zeilenga
51d1c90887 unifdef -DSLAPD_ACLGROUPS -DSLAPD_ACLAUTH 1999-07-05 06:26:26 +00:00
Kurt Zeilenga
549c89f817 Regarding previous commit: 
Fix broken ACL macros.
	Fix o_dn/o_ndn == NULL vs "".
 1999-07-04 19:53:00 +00:00
Kurt Zeilenga
106eef41d8 HEADS UP: connections are forced to "anonymous" status upon receiving 
of a bind request and, upon failure, are left "anonymous."

Rework ACL code to hide access testing within macros to facilate additions
and eventual redesign.

Addition of #ifdef SLAPD_ACLAUTH to conditional include EXPERIMENTAL
"auth" access controls.  Adds ACL_AUTH "auth" access level (above none,
below "compare").  bind requires anonymous access at this level or above access
to "entry"/"userPassword"/"krbName".  This allows administrators to restrict
which entries can be bound to.  (This will likely become default behavior
after testing has completed).
 1999-07-04 18:46:24 +00:00
Kurt Zeilenga
93fa38cd08 Apply fix to "group/group_objectclass/member_atribute" parsing 
suggested by Gerrit Thomson
 1999-04-10 01:34:55 +00:00
Hallvard Furuseth
815a62930c UNDO LAST COMMIT. 1999-04-02 03:45:33 +00:00
Hallvard Furuseth
45118be88e Fix wait4child change: Prefer wait3 over wait. Use SIGNAL instead of signal. 1999-04-02 03:23:20 +00:00
Kurt Zeilenga
ab64c237f7 Use calloc properly... could result in too few bytes being allocated. 
calloc(1, nelem*size) -> calloc(nelem, size)
 1999-03-20 01:25:11 +00:00
Hallvard Furuseth
5ef648a109 Silence warnings: Remove unused variables. Enclose some initializers in in {}. 1999-03-09 07:15:35 +00:00
Hallvard Furuseth
73db912500 Cast char' arguments to ctype.h functions to unsigned char'. 
These functions require their arguments to be in the range of `unsigned char'.
 1999-02-22 17:57:22 +00:00
Kurt Zeilenga
25f2f9dd70 Use charray_free to free alist charray 1998-12-29 23:23:21 +00:00
Kurt Zeilenga
08134c9e16 printf("\tby") belongs on stderr. 1998-12-04 19:29:17 +00:00
Kurt Zeilenga
e2ee741ea8 Replace strdup() with ch_strdup() such that exit() will be called 
if strdup fails.  This is better than not checking, but we should
add orderly shutdown.
 1998-11-27 20:21:54 +00:00
Hallvard Furuseth
7e6ad5100c Protoized, moved extern definitions to .h files, fixed related bugs. 
Most function and variable definitions are now preceded by its extern
definition, for error checking.  Retyped a number of functions, usually
to return void.  Fixed a number of printf format errors.

API changes (in ldap/include):
  Added avl_dup_ok, avl_prefixapply, removed ber_fatten (probably typo
  for ber_flatten), retyped ldap_sort_strcasecmp, grew lutil.h.

A number of `extern' declarations are left (some added by protoize), to
be cleaned away later.  Mostly strdup(), strcasecmp(), mktemp(), optind,
optarg, errno.
 1998-11-15 22:40:11 +00:00
Hallvard Furuseth
83ec12246e Enclose debug variables in #ifdef LDAP_DEBUG 1998-11-05 05:03:12 +00:00
Kurt Zeilenga
d0a843b74d Insert #ifdef SLAPD_ACLGROUPS 1998-10-27 06:34:01 +00:00
Stuart Lynne
7c52060c67 1. extend aclgroup's to be able to specify objectClassValue and groupAttrName 
2. update print_acl() a bit and call it during aclparse if LDAP_DEBUG_ACL
 1998-10-27 02:07:12 +00:00
Kurt Zeilenga
2a869f5a99 merged with autoconf branch 1998-10-25 01:41:42 +00:00
Kurt Zeilenga
2ec25ef881 Merged files from branch REGEX_REMOVAL. Despite name, this merge 
adds POSIX RegEx (and removes BSD re_comp/re_exec) support.
* POSIX RegEx is not currently included in the distribution, however
	we will probably add Henry Spencer's REGEX library soon.
* ACL Group functionality is also included in this merge!
 1998-08-21 06:33:42 +00:00
Kurt Zeilenga
42e0d83cb3 Initial revision 1998-08-09 00:43:13 +00:00