Commit Graph

527 Commits

Author SHA1 Message Date
Kurt Zeilenga
e7523b1496 add si_syn_octetString to keep syntax load checks in one place. 2002-03-30 01:07:20 +00:00
Kurt Zeilenga
0be4d842bc Update control framework
Misc cleanup
NT updates
2002-03-24 02:17:21 +00:00
Pierangelo Masarati
49f324a1fa fix ITS#1671 and more 2002-03-23 16:53:44 +00:00
Kurt Zeilenga
33516fa9eb #ifdef ACI/authpasswd schema 2002-02-18 20:06:50 +00:00
Kurt Zeilenga
32fb8b0bff Add ACL state recording to avoid multiple evaluation of
value-independent access controls.
2002-02-09 05:14:17 +00:00
Howard Chu
f50b75f0c2 Added replica attr=<attribute list> support to filter replog content 2002-02-08 06:44:33 +00:00
Kurt Zeilenga
41e8195c2e Fix binary v lang_range typo 2002-01-31 15:09:55 +00:00
Kurt Zeilenga
057dda50d3 remove deadwood, e.g. slap_index2prefix() 2002-01-31 00:11:44 +00:00
Kurt Zeilenga
0a31400d63 Some misc cleanup 2002-01-29 06:06:20 +00:00
Kurt Zeilenga
14662be692 Add whoami extended operation.
Add no-op control (needs backend implementation)
Updated modify password extended option API
Kludged control infrastructure to support frontend only controls
2002-01-28 20:25:30 +00:00
Howard Chu
5e522ca882 Changed Access.a_sockurl_pat, Connection.c_listener_url etc.
to struct bervals
2002-01-28 11:41:07 +00:00
Kurt Zeilenga
8057b1a0a8 Language Tag and Range Support <draft-zeilenga-ldap-rfc2596-xx.txt>
Based upon code submitted by Steve Omrani <somrani@us.ibm.com> (ITS#1525)
2002-01-26 23:14:51 +00:00
Howard Chu
4191f39037 Changed slap_authz_info.sai_mech to struct berval.
Changed sasl_* to use struct bervals.
2002-01-26 13:57:41 +00:00
Howard Chu
1226d620e0 Added Entry->e_bv for entry_decode 2002-01-25 07:11:52 +00:00
Kurt Zeilenga
3d8c269f2e Update collective attribute schema 2002-01-19 22:33:07 +00:00
Howard Chu
44f0efb44f Defined some ObjectClass->soc_flags values, changed is_entry_*objectclass
macros to use flags
2002-01-19 02:58:00 +00:00
Kurt Zeilenga
7f0289a390 Move most of the new ber_*cmp routines to lber_pvt.h to keep them private,
rework them slightly to avoid computations which might result in underflow.
Rename them for consistency with other berval routines.
Remove some utf8 lint.
2002-01-16 18:16:15 +00:00
Kurt Zeilenga
20af643fc4 more cleanup 2002-01-16 04:40:41 +00:00
Kurt Zeilenga
13af7fb073 Misc. cleanup, remove lint, remove unused deprecated functions, etc. 2002-01-15 07:29:15 +00:00
Howard Chu
d70498f0f2 Revert previous commit again. autosubtypes are gone for good. 2002-01-15 01:49:53 +00:00
Howard Chu
1180279104 Revert previous commit 2002-01-14 20:13:25 +00:00
Howard Chu
2e8a98e3a1 Fix subtype indexing. Really really made it the default. 2002-01-14 10:37:08 +00:00
Howard Chu
ac1332cdb8 Renamed BVarray to BerVarray. Moved slapd:bvarray_{add,free} to
liblber:ber_bvarray_{add,free}.
2002-01-14 01:43:17 +00:00
Howard Chu
92481f7057 Modify performance patch from Gertjan van Wingerde <gwingerde@home.nl> 2002-01-13 23:23:23 +00:00
Kurt Zeilenga
ff23cd0f7f Clean up last patch 2002-01-13 20:06:53 +00:00
Kurt Zeilenga
64619bed94 Install system schema checks 2002-01-13 19:38:12 +00:00
Howard Chu
af862f8c6b Reworked callback layout, added send_search_entry callback 2002-01-13 16:40:37 +00:00
Kurt Zeilenga
ce2d8ebc7e Misc cleanup, lint removal, and minor optimizations 2002-01-13 05:00:59 +00:00
Pierangelo Masarati
f8fb4aca76 error message from be_entry_put tool backend function 2002-01-12 16:00:51 +00:00
Pierangelo Masarati
ea86a19460 monitor objectclass definition 2002-01-12 11:36:23 +00:00
Kurt Zeilenga
19f2925ab1 Add some basic system schema checks. 2002-01-11 18:56:01 +00:00
Kurt Zeilenga
f57057ee01 Add system schema flags to backends supporting system schema. 2002-01-11 18:26:17 +00:00
Kurt Zeilenga
f402762f9a Remove lint. 2002-01-11 18:03:28 +00:00
Kurt Zeilenga
20dd3c1273 Add Backend to system schema check routines 2002-01-11 18:00:22 +00:00
Pierangelo Masarati
5dfbf93687 need this outside for back monitor ... 2002-01-11 10:46:58 +00:00
Kurt Zeilenga
504404725a Flip some bits in the backend flags mask 2002-01-11 02:31:47 +00:00
Kurt Zeilenga
c3b62aae91 Fix the bits 2002-01-10 22:54:24 +00:00
Kurt Zeilenga
55501e886f Rework backend (lastmod + glue + system schema) flags 2002-01-10 22:34:11 +00:00
Howard Chu
8067107ed2 Added an_oc to AttributeName for caching ObjectClass lookups.
Added error checking to str2anlist; if the attr name doesn't match
any attribute or objectclass the offending attr name is displayed.
2002-01-10 09:54:14 +00:00
Kurt Zeilenga
bf5b4405fe More clean up of system schema changes 2002-01-10 06:58:57 +00:00
Kurt Zeilenga
cadecfaae1 Finish building in operational attributes 2002-01-10 04:10:54 +00:00
Kurt Zeilenga
f4336c8953 More builtin operational attributes 2002-01-10 03:31:11 +00:00
Kurt Zeilenga
6ed15e3350 Another round of operational attribute changes... more to follow. 2002-01-10 01:46:08 +00:00
Kurt Zeilenga
91644affd9 Minor cleanup 2002-01-10 00:54:31 +00:00
Kurt Zeilenga
c80d93f2bb Start of new operational attribute framework 2002-01-10 00:17:21 +00:00
Kurt Zeilenga
9b0585f393 Add very basic subentry search support. 2002-01-09 19:21:07 +00:00
Kurt Zeilenga
bc1cd95149 Rework control infrastructure a bit. Add subentries visibility control. 2002-01-09 06:29:54 +00:00
Kurt Zeilenga
645ae7a22f Hide select matching rules from published schema 2002-01-06 05:29:04 +00:00
Howard Chu
ce7d8d26f2 Changed conn->c_cdn to struct berval. 2002-01-06 03:26:09 +00:00
Kurt Zeilenga
d218a5ed5c Add SLAP_MALLOC() and friends.
Intended to be used instead of ch_malloc() and friends.
See comment.
2002-01-06 01:34:53 +00:00
Pierangelo Masarati
d0261ee534 leftover ber_bvdup eliminated; rewritten ber_bvdup in terms of ber_dupbv; eliminated wrapper macro; other ber_* improvements 2002-01-05 17:49:59 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Howard Chu
bcdfdb968f Changed AttributeName back into an array instead of a linked list.
Fixed bug in do_search eating up controls.
2002-01-03 05:38:26 +00:00
Howard Chu
029306a5be Use ldap_queue.h instead of <ac/queue.h> 2002-01-03 00:12:46 +00:00
Howard Chu
f52cc9bab5 Change struct berval ** to BVarray 2002-01-02 11:00:36 +00:00
Howard Chu
743c402265 Changed search attrs from struct berval ** to AttributeName * 2001-12-31 11:35:52 +00:00
Howard Chu
10961151ef Use queue-compat for Connection->c_ops,c_pending_ops 2001-12-31 04:08:29 +00:00
Howard Chu
185ff129b5 Change struct berval * to struct berval in various structures 2001-12-29 15:01:10 +00:00
Howard Chu
975a5e9a24 Added dnPretty2/dnNormalize2 using preallocated destination berval 2001-12-29 04:48:00 +00:00
Kurt Zeilenga
cddf7e0e00 More struct berval DN changes
decrease dependency on dn_validate/dn_normalize
2001-12-27 07:13:13 +00:00
Kurt Zeilenga
a553a03586 More struct berval DNs changes 2001-12-26 23:43:28 +00:00
Howard Chu
e8fa25a215 Changed Filter.f_dn to struct berval* 2001-12-26 23:37:59 +00:00
Kurt Zeilenga
bd0135ccb4 Move search, modify, and modrdn APIs to struct berval DNs.
Much clean up is needed.
2001-12-26 19:50:40 +00:00
Kurt Zeilenga
24a4d888dc move compare and delete to struct berval DNs 2001-12-26 19:05:26 +00:00
Kurt Zeilenga
d64ec6ee0d modify be_referral to use struct berval DNs. 2001-12-26 17:40:34 +00:00
Howard Chu
3da3be8128 Precompute syn_oidlen and mr_oidlen 2001-12-26 14:36:02 +00:00
Howard Chu
15f630545a Changed ma_rule_text to struct berval.
Changed get_filter to struct bervals
2001-12-26 13:47:10 +00:00
Howard Chu
d474789d0d First pass at converting bind to struct bervals 2001-12-26 11:41:38 +00:00
Howard Chu
68b1bbb89d Changed search attrs to struct berval **.
Use typedefs for all backend functions, to minimize work in future API
updates. (back-*/external.h will never need updating in the future.)
2001-12-26 08:17:44 +00:00
Howard Chu
b96645af7d More struct berval changes, dnNormalize migration... 2001-12-26 04:17:49 +00:00
Kurt Zeilenga
2dd27b0786 More struct berval DNs 2001-12-25 19:48:26 +00:00
Kurt Zeilenga
3336619c80 More "char *" to struct berval DN changes 2001-12-25 02:30:01 +00:00
Kurt Zeilenga
5ee89d6167 Use struct berval DNs for root DN and update DN 2001-12-25 00:05:26 +00:00
Howard Chu
3df5c17881 Fix typo in e_ndn macro 2001-12-24 20:03:54 +00:00
Kurt Zeilenga
f6085d3f82 Every quick mod to use a struct berval for e_dn/e_ndn. No bv_len yet. 2001-12-24 16:53:47 +00:00
Howard Chu
9e0ab3da36 Changed Access->a_set_pat and acl->acl_dn_pat to struct berval to eliminate
strlen() from acl processing.
2001-12-24 15:43:27 +00:00
Howard Chu
2f3399265c Changed sai_dn, sai_ndn to struct berval. (Affects op->o_dn,o_ndn,
conn->c_dn,c_ndn, Access->a_dn_pat)
2001-12-24 15:11:01 +00:00
Kurt Zeilenga
0c28b66a75 use dnPretty instead of dn_pretty 2001-12-23 00:43:57 +00:00
Pierangelo Masarati
e36bde9180 added backend-side support for on-the-fly operational attributes; added hasSubordinates to schema and back-ldbm 2001-12-22 11:50:16 +00:00
Kurt Zeilenga
d23313a068 LDAPv2 disallow and other flag changes
Fix compile errors
2001-12-21 04:44:34 +00:00
Howard Chu
ef0b308bea Changed backglue configuration. Added noSubordinates arg to select_backend
to deal with glued subordinates.
2001-12-10 12:09:40 +00:00
Howard Chu
fd7e23c188 Converted suffixAlias to struct bervals. 2001-12-09 14:57:42 +00:00
Howard Chu
45aadbbbba Eliminate unnecessary per-operation dn_normalize(o_ndn); it's already
done in do_bind() and there's space in the connection structure for c_ndn
already, just copy it.
2001-12-09 14:46:29 +00:00
Howard Chu
b0169858d1 Don't include glued databases in namingContexts 2001-12-09 02:01:58 +00:00
Howard Chu
584d58e8d1 Added callbacks for send_ldap_response and send_search_result. 2001-12-08 15:21:20 +00:00
Howard Chu
55a217d9ae Changed be_nsuffix from char ** to struct berval ** to eliminate strlen's 2001-12-08 05:15:58 +00:00
Howard Chu
0552b1c53f NT updates from jon@symas.com. 2001-12-07 04:03:25 +00:00
Kurt Zeilenga
575c9469d9 Rework dnNormalize/dnPretty to share LDAP_rewrite
Add flag to matching rules to indicate if DN folding is needed.
Don't specify dnPretty as pretty function for DN attribute types as
this works too well (it breaks tests).
2001-12-06 03:24:31 +00:00
Kurt Zeilenga
86f79b85d8 Add experimental UUID/CSN support (needed for LCUP). 2001-12-05 07:25:25 +00:00
Kurt Zeilenga
493b415255 Rework indexing code, removing "autolang" and making
"subtypes" and "lang" default behavior.
2001-12-05 00:06:03 +00:00
Pierangelo Masarati
0f64b72a00 paranoid check for escaped dn separators when naively checking for rdn boundary 2001-12-01 16:28:21 +00:00
Pierangelo Masarati
bdb3edefd5 added pattern="anonymous","users","dn.{base|one|subtree|children}" to limit enforcement 2001-12-01 14:17:14 +00:00
Kurt Zeilenga
2ac7c91cae Replace existing SLAP_MR_ matching flags with:
SLAP_MR_ASSERTION_SYNTAX_MATCH
	SLAP_MR_VALUE_SYNTAX_MATCH
	SLAP_MR_VALUE_SYNTAX_CONVERTED_MATCH,
add supporting evaluation macros, and update code as needed.
Misc other code cleanup included.
2001-11-27 21:59:56 +00:00
Mark Adamson
bd091ce276 Allow size and time limits in slapd.conf for anonymous bound search operations 2001-11-21 20:28:15 +00:00
Pierangelo Masarati
d262aae706 fix misinitialized UNDEFINED attribute type; reordered members of AttributeType because I don't know a portable way to statically initialize a mutex :) 2001-11-17 14:09:38 +00:00
Howard Chu
0bfaa8b4ae Changed AttributeType.sat_cname from char * to struct berval.
(will fix up back-bdb next.)
2001-11-16 07:45:37 +00:00
Howard Chu
cc4a51f23c Changed global ad_mutex into per-attributeType mutex. Added
ad_find_lang() to search an AttributeType for a given language variant.
(Will be used in back-bdb/back-ldbm index code...)
2001-11-16 07:39:14 +00:00
Howard Chu
48623df1a8 Added backend_group result caching. 2001-11-12 19:37:48 +00:00
Howard Chu
5f8058f957 Added schema_destroy() et al to free schema structures on shutdown 2001-11-07 01:03:49 +00:00
Julio Sánchez Fernández
5dbf4bddae Add a flag to help the value_* functions know whether they are seeing
a full value (in attribute type syntax) or a value in the syntax of
the matching rule (as happens in filters).
2001-10-22 19:57:23 +00:00
Howard Chu
0e16f6acf9 Moved AttributeDescription caching into main code:
Changed AttributeDescription.{ad_cname,ad_lang} to struct berval everywhere
   Deleted ad_free() everywhere
   Added ad_mutex to init.c

The AttributeDescriptions are in a linked list hanging off of the
corresponding AttributeType.
2001-10-22 13:23:05 +00:00
Julio Sánchez Fernández
4d0ab0215b First cut at certificateExactMatch, completely untested and without
indexing.
2001-10-20 10:15:09 +00:00
Howard Chu
647b5f84ee Resurrection/rewrite of CLDAP (RFC1798 Connectionless LDAP).
Compile with -DLDAP_CONNECTIONLESS to use this code.
For slapd, use "-h cldap://" to listen on UDP.
For ldapsearch, use "-H cldap://" to query on UDP.
Client-side support is very minimal:
  no automatic timeout/retries
  no basedn wildcard expansion on results
  no support for specifying multiple servers at once.
2001-09-28 00:18:40 +00:00
Kurt Zeilenga
61de99937f ldif.h include cleanup 2001-09-25 00:03:24 +00:00
Kurt Zeilenga
0a155934ab Add root DSE supportedFeatures support. 2001-09-09 04:01:07 +00:00
Pierangelo Masarati
8471ef7ed0 add global, per backend and per op_ndn time/size soft, hard and to-be-checked limits (exploited by back-ldbm); see slapd.conf(5) for details 2001-08-01 10:09:04 +00:00
Pierangelo Masarati
4051547dfa handle regex-based per op_ndn time/size limits 2001-07-28 11:24:22 +00:00
Kurt Zeilenga
5cb6b1ce02 Back out DN changes, needs more work 2001-07-21 22:44:55 +00:00
Pierangelo Masarati
ece9bdb0eb Added the suffix=<dn> parameter to replica config directive
to allow selective replication of subtrees of a single database.
Multiple occurrences allow the same replica to handle different
subtrees
2001-07-21 14:15:23 +00:00
Pierangelo Masarati
a453d7eacf dn_validate/dn_normalize has been rewritten by
David A. Cooper <david.cooper@nist.gov> (ITS#1232)
according to draft-ietf-ldapbis-dn-05.txt

A copyright statement follows:

  The functions normalize_unicode(), get_hexpair(), write_hex_pair(),
  get_next_byte(), get_next_char(), get_ber_length(),
  ber_parse_primitive_string(), ber_parse_string(), String_normalize(),
  DirectoryString_normalize(), PrintableString_normalize(),
  IA5String_normalize(), ber_parse_primitive_bitstring(),
  ber_parse_bitstring(), getNext8bits(), bitString_normalize(), match_oid(),
  match_key(), get_validated_av_in_dn(), get_validated_rdn_in_dn(),
  and get_validated_dn() in this file were developed at the National Institute
  of Standards and Technology by employees of the Federal Government in the
  course of their official duties. Pursuant to title 17 Section 105 of the
  United States Code the code in these functions is not subject to copyright
  protection and is in the public domain. The copyright for all other code in
  this file is as specified below.
2001-07-13 08:21:14 +00:00
Pierangelo Masarati
bff5608926 protos and declarations for charray and rdn stuff 2001-07-06 12:23:22 +00:00
Randy Kunkee
a9097044ea Remove global_backendsyncfreq code (code has been pushed down into back-ldbm). 2001-06-28 18:02:46 +00:00
Randy Kunkee
d492880870 Add sync_daemon to daemon.c, enabled by global configuration
backendsyncfreq <seconds>.  Setting this automatically enables
dbnosync (because the synchronizer takes care of it).
2001-06-22 08:38:58 +00:00
Kurt Zeilenga
67cf14466e Check schema NAMEs 2001-06-07 22:47:02 +00:00
Kurt Zeilenga
cc6fab319e Add support for separate max incoming for anonymous and authenticated
sessions (defaults: 256K and 16M respectively).
2001-05-29 20:00:55 +00:00
Kurt Zeilenga
0aef7722e6 Add support for obsolete attributes.
We don't support collective attributes (yet).
Remove exit() calls from scheme parsers.  Need to do same for acl parser.
2001-05-17 07:31:59 +00:00
Kurt Zeilenga
1669cd4d7b Add '=' to printableString to be consistent with ASN.1 description
of syntax.  RFC 1778/2252 are wrong and will need to be updated.
2001-05-16 19:20:29 +00:00
Kurt Zeilenga
4baa7c47da Add better modlist2mod error reporting (to client) 2001-05-10 03:41:17 +00:00
Kurt Zeilenga
24ea49810f Clean up some #ifdefs 2001-05-09 23:42:49 +00:00
Kurt Zeilenga
abce5abf34 Quick sb_max_incoming hack, should be configurable (likely
with differing anonymous vs authenticated values).
2001-05-04 21:55:07 +00:00
Kurt Zeilenga
1eb0170482 s/<anonymous>/cn=anonymous/ to avoid syntax issues 2001-04-19 19:29:38 +00:00
Kurt Zeilenga
10730ca226 Add objectClass kind checking
Kludge NADF schema to conform
2001-01-22 08:09:25 +00:00
Kurt Zeilenga
79d9ab38ba Add more restrictive numeric string validate.
Need to rework IA5 matching to support empty strings as they should
be allowed for most string types (excepting directoryString).
2001-01-17 21:02:11 +00:00
Mark Adamson
2231d5e64e Make SASL authorization work for NULL, "u:", and "dn:" authz strings. 2000-11-30 22:00:15 +00:00
Kurt Zeilenga
451146f795 Update validation of printable-like syntaxes 2000-11-04 21:09:23 +00:00
Kurt Zeilenga
17bcb2b3bb Update printableString to restrict characters per RFC1778 not isprint() 2000-11-04 20:31:50 +00:00
Julio Sánchez Fernández
5b52ae5109 Extend MRA. It now has a pointer to a MatchingRule, but a char
pointer is kept for messages and to tell a filter without rule
from one with an unknown rule.  It matters.
2000-10-15 19:10:43 +00:00
Julio Sánchez Fernández
6777a3a41a Permit access defined by uniqueMember and not only DN-valued
attributes.  This allows using groupOfUniqueNames for
access control.
Fix small typo in MRA definition.
2000-10-09 19:09:22 +00:00
Kurt Zeilenga
7c96f629ee Add connection and operation arguments to backend callbacks.
Needed for transactions.
2000-09-29 05:25:44 +00:00
Kurt Zeilenga
ce382475f0 misc cleanup 2000-09-29 02:50:34 +00:00
Mark Adamson
bf1ee530ea Implementation of SASL authorization. 2000-09-21 17:32:54 +00:00
Kurt Zeilenga
3342ea3b49 Add more bind allow/disallow flags 2000-09-11 18:24:24 +00:00
Kurt Zeilenga
2e13824d0d Add "allow tls_2_anon" to allow StartTLS to force session to anonymous.
Add "disallow tls_authc" to disallow StartTLS when session is authenticated.
Create and use connection2anonymous routine for consistency.
2000-09-08 22:59:01 +00:00
Kurt Zeilenga
cee040a321 Bring UCdata infrastructure. 2000-09-03 23:48:35 +00:00
Kurt Zeilenga
bf3df2f7a6 restrictops, requires, disallow knobs; ssf acls; and misc other changes
man pages to follow...
2000-08-28 18:38:48 +00:00
Kurt Zeilenga
1c328aa9c7 Minor typedef and other clean ups 2000-08-26 01:14:05 +00:00
Kurt Zeilenga
a7ec3506cf change "substr" to imply initial, any, final indexing. 2000-08-22 21:33:09 +00:00
Kurt Zeilenga
02f888c563 First cut of LDBM substrings indexing. Needs testing. 2000-08-22 21:26:25 +00:00
Kurt Zeilenga
32c7186b9c Add frontend support for "any" substrings assertions.
Needs to be tied into index mask and backend search code.
2000-08-22 02:23:52 +00:00
Kurt Zeilenga
7800d2d41e Remove cldap cruft 2000-08-18 03:35:19 +00:00
Kurt Zeilenga
a50f391bb3 Working SASL security layers! 2000-07-28 00:04:07 +00:00
Kurt Zeilenga
6c41d272cf Update framework to support registration of approximate matching
rules.
2000-07-24 21:29:30 +00:00
Kurt Zeilenga
3a73af57c1 conform schema routines to ldap naming conventions 2000-07-22 17:30:44 +00:00
Kurt Zeilenga
ce63e21f00 New slapindex framework (no meat) 2000-07-19 02:24:08 +00:00
Kurt Zeilenga
9c5ad6291b Add experimental caseExact/Ignore substrings indexer/filter routines. 2000-07-18 17:46:34 +00:00
Kurt Zeilenga
d2b05a3858 Rework SASL command line arguments. Default is now to authenticate
using best available mechanism.  (authzid prompting to be disabled)
To use simple bind, -x is required (implied if -P 2) with -D/-[Ww]
To use simple "anonymous" bind, just -x will do.
2000-07-15 23:25:46 +00:00
Kurt Zeilenga
5bca08d716 Store sasl callbacks in session handle so that they can properly freed. 2000-07-15 00:01:09 +00:00
Kurt Zeilenga
5fc22599e2 Update SASL code to reuse context through life of session.
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Mark Valence
d4d03e36e5 Added "threads" config to slapd.conf. 2000-07-04 19:24:13 +00:00
Kurt Zeilenga
2eb664f481 Add octetString syntax to undefined attribute type 2000-07-02 17:50:18 +00:00
Kurt Zeilenga
b1172dc5ac Add experimental support for undefined attribute types. 2000-07-02 17:16:18 +00:00
Kurt Zeilenga
b21ba52482 Clarify ad_type usage 2000-07-02 08:06:55 +00:00
Kurt Zeilenga
1566454e6e Add sets to NT build, remove LINT 2000-07-01 04:58:23 +00:00
Mark Valence
4b1ff75bdd Prepare for Set ACLs and ACIs. 2000-06-29 21:41:54 +00:00
Kurt Zeilenga
3112f21612 Add attribute type/matching rule support for structuralObjectClass attribute
type.  Add type to core.schema.  Not yet populated on add nor checked on modify.
2000-06-26 05:13:41 +00:00
Kurt Zeilenga
317d04a5d9 Modify backend_attribute to return bervals and adjust ACLs
(actually, ACL here might be dangerous)
2000-06-26 01:22:32 +00:00
Mark Valence
295f3ba0aa New backend routine: back_attribute 2000-06-21 17:23:24 +00:00
Kurt Zeilenga
d19419392c Use ASCII_*() macros and friends. Should be combined with similiar LDAP_*()
macros in ldap_pvt.h.
2000-06-20 17:05:15 +00:00
Kurt Zeilenga
01f7e78cbb Add experimental objectIdentifierFirstComponentMatch routine 2000-06-20 03:55:40 +00:00
Kurt Zeilenga
665272dca1 Minor adjustments to substrings searching 2000-06-19 20:39:11 +00:00
Kurt Zeilenga
7fec5877a3 Add SLAPD_TOP_OID macro for oc.c 2000-06-19 16:15:33 +00:00
Kurt Zeilenga
9ef1a740c2 Round one of LDAP_F() macro changes. In this round we rename
macros into our namespace and limit use to headers.  A subsequent
round will add macros to separately handle forward declarations
of variables from declaration of function prototypes.  The last
round will add additional macros for declaring actual variables and
functions.
2000-06-18 19:48:07 +00:00
Kurt Zeilenga
79ebfbc4fe Rework referral entry point with DNS SRV implementation (needs testing). 2000-06-16 03:50:02 +00:00
Kurt Zeilenga
6f378341a2 Add backend_check_referrals() framework. 2000-06-16 01:19:30 +00:00
Mark Valence
1bfcb4b039 Added .regex, .base, .one, .subtree, and .children "style" modifiers. 2000-06-12 01:35:15 +00:00
Kurt Zeilenga
a56c161bdb Misc code cleanup. 2000-06-10 22:39:30 +00:00
Kurt Zeilenga
dc1e5a9392 remove IA64 lint 2000-06-09 06:24:10 +00:00
Kurt Zeilenga
693fb9424a unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT 2000-06-06 19:43:18 +00:00
Kurt Zeilenga
ea069cb7c2 New indexer/filter codes (test suite works) with cheats
Updated NT Project files (with Cyrus SASL library depend)
2000-06-04 22:59:38 +00:00
Kurt Zeilenga
7c7fab11d4 Add extensibleObject support 2000-05-31 18:46:13 +00:00
Kurt Zeilenga
eb70b602ee Rework ACI codes to use OpenLDAPaci. Add needed schema elements.
Needs work.  Volunteers welcomed.
2000-05-30 21:34:55 +00:00
Kurt Zeilenga
3350957674 SLAPD_SCHEMA_NOT_COMPAT: ACI cleanup 2000-05-28 22:17:34 +00:00
Kurt Zeilenga
c98f0ea02c SLAPD_SCHEMA_NOT_COMPAT:
Don't depend acl parsing upon slap_schema, it's filled in post-conf
2000-05-28 18:58:09 +00:00
Kurt Zeilenga
439c0c796d SLAPD_SCHEMA_NOT_COMPAT: Mostly work modify 2000-05-28 16:36:34 +00:00
Kurt Zeilenga
1a8f509f9a s/substring/substrings/ 2000-05-27 22:46:37 +00:00
Kurt Zeilenga
2273ae0cb7 SLAPD_SCHEMA_NOT_COMPAT: add f_sub_desc -> f_sub_type for compat 2000-05-27 21:45:52 +00:00
Kurt Zeilenga
b813a5ba30 SLAPD_SCHEMA_NOT_COMPAT: prelim ACL work 2000-05-27 19:33:08 +00:00
Kurt Zeilenga
bd243c07a3 Add hooks for syntax normalizer (used by value_match)
and prettier (to be used by update operations).
2000-05-24 20:21:46 +00:00
Julio Sánchez Fernández
106ff98af0 Revert last change, 2000-05-24 20:11:21 +00:00
Kurt Zeilenga
c1da50a426 SLAPD_SCHEMA_NOT_COMPAT: equality filters
(2.5.4.0=2.5.6.0) works!	ie: (objectclass=top)
2000-05-24 18:49:30 +00:00
Julio Sánchez Fernández
2e0c16b56b Get a couple of extensions into fields easy to use at runtime. 2000-05-24 15:54:21 +00:00
Kurt Zeilenga
bf3a229423 SLAPD_SCHEMA_NOT_COMPAT: cleanup 2000-05-23 17:00:46 +00:00
Julio Sánchez Fernández
34c05b5149 Extend slapd schema structure definitions to reflect the new
extensions field in the contained structures.
2000-05-23 13:56:26 +00:00
Kurt Zeilenga
60802201e3 Const'ification
SASL mech removed from backend bind callback (as SASL is managed by frontend)
Changes to some backends are untested (as I don't have all dependent
  software install)
2000-05-22 03:46:57 +00:00
Kurt Zeilenga
b2f56a7318 SLAPD_SCHEMA_NOT_COMPAT: framework for value_match() and value_find() 2000-05-21 22:46:51 +00:00
Kurt Zeilenga
074be5fb5a SLAPD_SCHEMA_NOT_COMPAT: numerous changes to syntax flags, mostly minor
added new value_normalize() code
	need LDAPsyntaxes X- field support
2000-05-18 17:21:42 +00:00
Kurt Zeilenga
fa9f7a7d8e SLAPD_SCHEMA_NOT_COMPAT: add framework for substr value normalization
Calls value_normalize per substr component (like old code),
	likely should have/call substr_normalize which takes all components
		at once (to allow more sophisticated normalization)
2000-05-17 20:29:26 +00:00
Kurt Zeilenga
40ab90fa9c SLAPD_SCHEMA_NOT_COMPAT: Rework caching of internal schema 2000-05-15 21:05:25 +00:00
Kurt Zeilenga
dc68e41ee9 cleanup old TOOLID macro 2000-05-15 16:33:07 +00:00
Kurt Zeilenga
ae7d89fa1e SLAPD_SCHEMA_NOT_COMPAT addl. filter changes (a work in progress). 2000-05-15 00:41:29 +00:00
Kurt Zeilenga
4bc786f34b Y2k copyright update 2000-05-13 02:47:56 +00:00
Howard Chu
df7ca2c3f3 Remove #undef LDAP_MOD_BVALUES - backends like back-ldap that are also
LDAP clients themselves still need this definition.
2000-05-10 21:22:07 +00:00
Kurt Zeilenga
55ae3cffd8 SASL code without backend support. Should work with
external store, but not yet tested.  [Intent is to support
both in same server... may not be doable]
2000-04-25 16:03:17 +00:00
Kurt Zeilenga
8b09742e5c (slightly) better comments 2000-04-25 13:13:42 +00:00
Kurt Zeilenga
ddb9755ba7 Move handling of operations errors due to submission of
non-bind requests while a multi-step SASL bind process
is under to connection.c.  Return LDAP_OPERATIONS_ERROR,
not LDAP_SASL_BIND_IN_PROGRESS.
2000-03-02 00:59:10 +00:00
Kurt Zeilenga
ac7f6c2e37 Replace do_*() return -1 with return SLAPD_DISCONNECT.
Only return SLAPD_DISCONNECT with a send_ldap_disconnect()
was called.
Add initial code for support predetermined filter results
when filter is undefined (or known to be true or false).
2000-02-29 23:48:01 +00:00
Kurt Zeilenga
4091381660 Yet another round of SLAPD_SCHEMA_NOT_COMPAT changes, including:
limited subtype support, modlist handling, filter updates,
lastmod attribute handling.
2000-02-28 21:16:05 +00:00
Kurt Zeilenga
76553ea53f More -DSLAPD_SCHEMA_NOT_COMPAT changes, including initial
impl of slap_modlist2mods() and is_at_subtype().
2000-02-25 19:36:07 +00:00
Kurt Zeilenga
86bd13846f Additional -DSLAPD_SCHEMA_NOT_COMPAT changes
Not hidden "NULLDN" to "<anonymous>" in modify stats
2000-02-22 19:26:15 +00:00
Kurt Zeilenga
ceb6412e62 More -DSLAPD_SCHEMA_NOT_COMPAT changes
Not hidden: "<anonymous>" modifiersname
2000-02-15 18:57:07 +00:00
Kurt Zeilenga
0dbaf87730 Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT
plus these changes unhidden changes:
	remove now meaning --enable-discreteaci configure option
	fix ITS#451, slapd filters
	Add ber_bvecadd() to support above
	constify ldap_pvt_find_wildcard() and misc slapd routines
	renamed some slap.h macros
	likely broken something
2000-02-14 20:57:34 +00:00
Kurt Zeilenga
36b0423311 Add Modification/Modifications structures for -DSLAPD_SCHEMA_NOT_COMPAT 2000-02-07 20:37:10 +00:00
Kurt Zeilenga
bc51bd5180 Yet another round of SLAPD_SCHEMA_NOT_COMPAT changes...
Changes outside of #ifdef include three value filter processing.
2000-02-06 21:09:44 +00:00
Kurt Zeilenga
f9195f9b6f Another round of SLAPD_SCHEMA_NOT_COMPAT changes including
basic structures for handing language tags and binary option
(but less actual code to actually support them).  Provided
for reference only.  Will not even compile.
2000-02-05 05:01:41 +00:00
Kurt Zeilenga
2e3d9d7737 Use experimental OID for ACI syntax. Likely need to add
additional schema items.
2000-02-01 18:05:49 +00:00
Kurt Zeilenga
9316c4eace ACI attributes should be of ACI syntax. Need to assign
OID for experimental syntax.
2000-02-01 17:53:07 +00:00
Kurt Zeilenga
3a6e906194 Replace -DSLAPD_SCHEMA_COMPAT with -USLAPD_SCHEMA_NOT_COMPAT 2000-01-31 22:14:16 +00:00
Kurt Zeilenga
10fdd7ff7c Put type;option trimming codes behind SLAPD_SCHEMA_COMPAT.
Attribute subtyping, especially that using attribute description
options, will have to reengineered.
2000-01-31 17:59:10 +00:00
Kurt Zeilenga
d298e35514 Add SLAP_SYNTAX_BINARY flag to indicate binary storage is used for
attributes of the syntax.  Such attribute values be transferred
using binary syntax unless ber2str/str2ber routines are provided.
Used in conjunction with ";binary" attribute description option
and/or the Binary syntax.
2000-01-31 01:49:44 +00:00
Kurt Zeilenga
e0f7614a11 Add matching rule function pointers for index generation and use with
filters.
2000-01-29 23:36:42 +00:00
Kurt Zeilenga
49976b5bc1 Constify a few attr_*() routines 2000-01-29 22:03:34 +00:00
Kurt Zeilenga
ad262b3ac6 Fix minor problems with proceeding commit which broken old schema compat 2000-01-28 21:20:28 +00:00
Kurt Zeilenga
cca2bdcb40 Move INDEX_ macros from back-ldbm.h to slap.h and prefix with SLAP_
Move AttrInfo from back-ldbm.h to attr.c
2000-01-28 20:38:00 +00:00
Kurt Zeilenga
c5da0c76ce Additional changes to migrate to new schema codes
Still not usable.
2000-01-28 20:01:00 +00:00
Kurt Zeilenga
e9b1012fb1 Put more old schema code behind SLAPD_SCHEMA_COMPAT (which still
MUST be defined).
2000-01-28 00:33:29 +00:00
Kurt Zeilenga
96ba43c591 Add in hooks for mr conversion routines 2000-01-26 00:12:51 +00:00
Kurt Zeilenga
9fec129997 Second round of schema changes
Revert normalization to matching rule per discussions with Julio.
May need separate normalization routines for stored value and asserted
value. Currently rely on passed in syntax/mr to allow "special" behavior.
Reworked filters to pass struct berval * instead of char *. (needs work)
Validation, normalization and matching needed.
2000-01-25 21:13:31 +00:00
Kurt Zeilenga
7f63755d5d Start putting old code behind the currently defined SLAPD_SCHEMA_COMPAT. 2000-01-25 00:38:48 +00:00
Kurt Zeilenga
117a37272d Modify slapd syntax struct to have both a validation and normalization
routine.  Could be combined into one routine.
Modify slapd matching rule struct to only have match function.
Modify old attribute such that 'bin' implies octetString, not 'binary'.
Add compatibility for IA5 strings.  Only directoryStrings were handled
before.
Treat attribute types without syntax as incomplete, not default.
Add OctetStringValidate (always returns okay).
Add {UTF8,IA5}StringValidate/Normalize  (IA5 based loosely on
case_exact_normalize).  Need case{Exact,Ignore}UTFMatch, using IA5 versions
for now.
Removed default of syntax/mr handlders, should just skip
registration of syntax/mr's without handlers.
Added comments to slap.h about types versus descriptions.
2000-01-24 23:31:26 +00:00
Luke Howard
9b4e3b2234 Merged in preliminary support for Cyrus SASL library;
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
2000-01-02 01:21:25 +00:00
Kurt Zeilenga
da93ca8c5e Remove DNS_DN experimental code. 1999-12-18 19:54:22 +00:00
Kurt Zeilenga
6253e7c278 Updated sasl response to support returning of referrals.
Updates to extended operation framework to support arbitrary
referrals and extended results without OIDs.
Updated passwd extended operation to support returning update_refs
as needed.  Needs replog support.
1999-12-15 23:22:47 +00:00
Kurt Zeilenga
7c28aa058c Add password check and generation check.
Modify tests to use -h "ldap://localhost:port/" instead of -p port.
1999-12-12 18:45:06 +00:00
Kurt Zeilenga
431dad371c Fix slapd SASL/ExternalOps encoding
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
1999-12-10 04:52:32 +00:00
Kurt Zeilenga
5e12c84a6f Add simple password test program.
Rework lutil_passwd routines to use struct berval instead of strings.
1999-12-09 01:11:16 +00:00
Kurt Zeilenga
d5edb4bff6 Reengineered ldappasswd(1). Uses extended operation to set
user password.  Likely to be modified to use bind control
instead.  Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Howard Chu
eaaea51b53 Fixes for NT dynamic linking. 1999-11-27 23:40:08 +00:00
Howard Chu
bacc581531 Removed explicit include of <ac/param.h> because it must be included
after <stdlib.h>, but <stdlib.h> is included in slap.h. Moved <ac/param.h>
include into slap.h.
1999-11-02 19:39:56 +00:00
Kurt Zeilenga
f6829ee903 Initial commit of new ACL engine. Engine supports descrete access
privs, additive/substractive rules, and rule continuation.  Existing
rules that use 'defaultaccess none' should be 100% compatible.  Rules
that rely other defaultaccess settings will require addition of
explicit clauses granting the access.
Needs additional testing and tuning of logs
1999-10-21 17:53:56 +00:00
Howard Chu
f991ef04e6 Added mixed-case as well as up-cased DN argument. The behavior of back-bdb2
and back-ldbm are preserved, they only use the up-cased DNs. back-passwd
uses the mixed-case DN. All others are using mixed-case DN, may need more
fixing.
1999-09-18 23:40:03 +00:00
Kurt Zeilenga
403f4479bc Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Hallvard Furuseth
1cde481298 Move `#include "ldap_defaults.h"' into slap.h, which #ifdefs on it. 1999-09-03 23:10:05 +00:00
Kurt Zeilenga
87675a953d ACIs from Mark Valence <kurash@sassafras.com> (ITS#261) 1999-08-20 22:42:04 +00:00
Kurt Zeilenga
2a74677799 const'fication 1999-08-20 19:00:44 +00:00
Howard Chu
75c9a1e222 Add OIDmacros for attribute & objectclass numericOIDs. Allow parsing
attribute syntaxes using syntax description in addition to syntax OID.
Removed all whitespace from syntax descriptions.
1999-08-19 22:09:33 +00:00
Kurt Zeilenga
e4f6d54877 New dn2id format with base/one/subtree indices (ldbm/bdb2)
New id2entry (id-less) format (ldbm/bdb2)
Removed id2children (ldbm/bdb2)
Added nextid database (ldbm)
Broke ldbmtest
Removed ldif2* tools (ldbm/bdb2)
Added slap tools (slapadd, slapcat, slapindex)
1999-08-17 19:00:59 +00:00
Hallvard Furuseth
3b5b9e1e5f back-ldbm: Kill ldbm_ignore_nextid_file, replace with slapMode==SLAP_TOOL_MODE 1999-08-16 07:09:28 +00:00
Kurt Zeilenga
7015167974 Add DN_INDICES search filter and has_children support. Move id2children
behind -UDN_INDICES.
1999-08-13 00:55:08 +00:00
Kurt Zeilenga
9ea7a42b99 Add copyright notice and a few comments here and there 1999-08-04 23:59:13 +00:00
Kurt Zeilenga
b67eb8e2be Don't have time to finish SASL right now... this is a work in progress
but is safely tucked away behind --with-cyrus-sasl.
1999-08-04 00:11:22 +00:00
Kurt Zeilenga
df8f7cbb9b s/exit(1)/exit(EXIT_FAILURE)/
s/exit(0)/exit(EXIT_SUCCESS)/
add <ac/stdlib.h> where needed and other minor header adjustments
1999-08-03 18:14:24 +00:00
Kurt Zeilenga
17a975b6fb Very crude LDIF changes:
add MODRDN newSuperior support
	add '#' support to ldapmodify (but not slurpd and ldbm tools)
1999-07-29 21:25:39 +00:00
Kurt Zeilenga
c12547cf3b Resurrect suffix aliasing... 1999-07-27 18:43:30 +00:00
Kurt Zeilenga
c9778dd116 Implement better DN checking... make sure attribute type is
an OID or a proper type string (letter followed by 0 or more
alnum/-).
1999-07-22 19:06:56 +00:00
Kurt Zeilenga
68d561a97b Add limited LDAP_INVALID_DN_SYNTAX support. dn_normalize{,_case}() now returns
NULL does not meet basic syntax rules.
1999-07-22 17:14:42 +00:00
Kurt Zeilenga
5600097ae1 Update ACL field names and usage statement to match -devel post 1999-07-22 00:50:11 +00:00
Kurt Zeilenga
933908f72f ACL CHANGES:
by <who> <access> changed to by <who>+ <access> (joined with AND)
  added peername=<regex> sockname=<regex> url=<regex>
  removed addr=<regex> (use peername instead).
replace dn_upcase with str2upper and str2lower.  Use where needed.
1999-07-21 20:54:23 +00:00
Kurt Zeilenga
170836751a Namespace changes
added slap_ and ldbm_ to many structures
  added typedefs to many structures
  used typedefs
New main.c argument parsing with ldap url support (replacing -a address).
New sockaddr_in handling and support for multiple listeners.
1999-07-19 19:40:33 +00:00
Kurt Zeilenga
059ee8c86d (re)introduce o_connid such that STATS doesn't need c_mutex (which it
didn't bother to acquire)...
1999-07-16 22:24:32 +00:00
Julio Sánchez Fernández
a4a675f987 Two new flags in Connection. One to indicate that it is a raw TLS
section (that is, not SASL).  The second to indicate that we need to
do SSL_accept on this connection.
1999-07-16 15:43:47 +00:00