Kurt Zeilenga
32fb8b0bff
Add ACL state recording to avoid multiple evaluation of
...
value-independent access controls.
2002-02-09 05:14:17 +00:00
Howard Chu
f50b75f0c2
Added replica attr=<attribute list> support to filter replog content
2002-02-08 06:44:33 +00:00
Kurt Zeilenga
057dda50d3
remove deadwood, e.g. slap_index2prefix()
2002-01-31 00:11:44 +00:00
Kurt Zeilenga
b6de12f552
revert constification of slap_init_user()
2002-01-29 19:01:15 +00:00
Kurt Zeilenga
0a31400d63
Some misc cleanup
2002-01-29 06:06:20 +00:00
Howard Chu
d937237987
Eliminated dn_normalize. No more migration.
2002-01-26 14:51:45 +00:00
Howard Chu
4191f39037
Changed slap_authz_info.sai_mech to struct berval.
...
Changed sasl_* to use struct bervals.
2002-01-26 13:57:41 +00:00
Howard Chu
6bac96b0bd
Changed dnParent to void instead of int. (It always returned success...)
2002-01-26 08:44:59 +00:00
Kurt Zeilenga
309870fa9c
Remove deprecated routines and a little lint.
2002-01-26 07:32:13 +00:00
Howard Chu
07d0f4e411
Changed be_issuffix and dnParent to take struct bervals.
...
Changed dn_rdnlen, assumes an already pretty/normalized DN.
Added slap_empty_bv, a zero-length non-NULL berval.
2002-01-26 05:27:28 +00:00
Kurt Zeilenga
3d8c269f2e
Update collective attribute schema
2002-01-19 22:33:07 +00:00
Kurt Zeilenga
8eaaa67db0
Move {add,replace,delete}_value() routines to frontend and share.
...
Add error detail reporting.
2002-01-19 19:54:48 +00:00
Pierangelo Masarati
48d40fb6c3
fix ad_cmp
2002-01-19 15:42:59 +00:00
Kurt Zeilenga
2c94c7915a
Modify ad_cmp() macro to support use as an ordering function.
2002-01-19 06:42:59 +00:00
Kurt Zeilenga
b713f42650
Cleanup prototypes
2002-01-19 05:13:14 +00:00
Howard Chu
e040c2dee0
Fix previous commit
2002-01-19 04:32:43 +00:00
Howard Chu
44f0efb44f
Defined some ObjectClass->soc_flags values, changed is_entry_*objectclass
...
macros to use flags
2002-01-19 02:58:00 +00:00
Pierangelo Masarati
1ea0d20e82
publish dnParent()
2002-01-17 17:04:11 +00:00
Kurt Zeilenga
7f0289a390
Move most of the new ber_*cmp routines to lber_pvt.h to keep them private,
...
rework them slightly to avoid computations which might result in underflow.
Rename them for consistency with other berval routines.
Remove some utf8 lint.
2002-01-16 18:16:15 +00:00
Pierangelo Masarati
af54eed042
added ber_[mem|case]cmp() macros for fast berval comparison; extensively used in acl and in dn_match macro at present
2002-01-16 11:36:47 +00:00
Kurt Zeilenga
21c8846e64
Fix last commit
2002-01-16 05:44:21 +00:00
Kurt Zeilenga
20af643fc4
more cleanup
2002-01-16 04:40:41 +00:00
Kurt Zeilenga
d2f5d75885
Remove unused deprecated DN routines.
...
Only dn_validate, dn_normalize, and dn_parent remain (for now).
2002-01-16 00:16:51 +00:00
Kurt Zeilenga
13af7fb073
Misc. cleanup, remove lint, remove unused deprecated functions, etc.
2002-01-15 07:29:15 +00:00
Howard Chu
ac1332cdb8
Renamed BVarray to BerVarray. Moved slapd:bvarray_{add,free} to
...
liblber:ber_bvarray_{add,free}.
2002-01-14 01:43:17 +00:00
Kurt Zeilenga
9a3dcc376c
Zap connection_internal_*
2002-01-13 18:05:16 +00:00
Pierangelo Masarati
3bddc61a2a
clarify macro name: dn_match = 1 if match, 0 otherwise
2002-01-12 17:42:44 +00:00
Pierangelo Masarati
e89d7b1280
some memory handling cleanup: check that memory is freed by who allocated it, or at least put a FIXME where not
2002-01-12 17:35:01 +00:00
Pierangelo Masarati
725e13dade
slap_strncopy function
2002-01-12 16:02:51 +00:00
Kurt Zeilenga
2d09d18de5
Add collective attribute system schema support.
2002-01-11 20:28:05 +00:00
Pierangelo Masarati
619f772459
listener monitor
2002-01-11 11:43:35 +00:00
Pierangelo Masarati
5dfbf93687
need this outside for back monitor ...
2002-01-11 10:46:58 +00:00
Kurt Zeilenga
c3b62aae91
Fix the bits
2002-01-10 22:54:24 +00:00
Kurt Zeilenga
55501e886f
Rework backend (lastmod + glue + system schema) flags
2002-01-10 22:34:11 +00:00
Howard Chu
54dae3d3d3
Fix str2anlist declaration, str is not const. (gets overwritten if
...
there is an error.)
2002-01-10 20:25:23 +00:00
Kurt Zeilenga
c816ebc225
Add Backend argument to entry_schema_check() to support system schema
...
checks (in addition to user application schema checks).
2002-01-10 19:37:03 +00:00
Kurt Zeilenga
6ed15e3350
Another round of operational attribute changes... more to follow.
2002-01-10 01:46:08 +00:00
Kurt Zeilenga
c80d93f2bb
Start of new operational attribute framework
2002-01-10 00:17:21 +00:00
Kurt Zeilenga
74421a28ec
Round 2 of subentry changes
2002-01-09 19:43:15 +00:00
Kurt Zeilenga
9b0585f393
Add very basic subentry search support.
2002-01-09 19:21:07 +00:00
Kurt Zeilenga
bc1cd95149
Rework control infrastructure a bit. Add subentries visibility control.
2002-01-09 06:29:54 +00:00
Kurt Zeilenga
2958cb4dd0
A subentries control framework
2002-01-09 00:05:49 +00:00
Kurt Zeilenga
e9342bc7a9
Don't use 'void *' unnecessarily.
2002-01-07 20:28:02 +00:00
Kurt Zeilenga
eaf3264184
Add some critical control checks.
2002-01-06 00:36:55 +00:00
Kurt Zeilenga
0e2af54a3f
Update copyright statements
2002-01-04 21:17:25 +00:00
Howard Chu
013b3a9f3d
Minor cleanup
2002-01-02 23:26:20 +00:00
Howard Chu
b15eebf50b
Minor cleanup. bvarray_add should return success/fail, like
...
ber_bvecadd does.
2002-01-02 13:03:46 +00:00
Howard Chu
f52cc9bab5
Change struct berval ** to BVarray
2002-01-02 11:00:36 +00:00
Howard Chu
743c402265
Changed search attrs from struct berval ** to AttributeName *
2001-12-31 11:35:52 +00:00
Howard Chu
e6d4c7dbcc
Added oidm_destroy
2001-12-31 04:35:02 +00:00
Howard Chu
185ff129b5
Change struct berval * to struct berval in various structures
2001-12-29 15:01:10 +00:00
Howard Chu
975a5e9a24
Added dnPretty2/dnNormalize2 using preallocated destination berval
2001-12-29 04:48:00 +00:00
Howard Chu
92c6c9c25d
Misc berval stuff.
2001-12-28 11:45:25 +00:00
Howard Chu
65636e0855
Changed dnExtractRdn to use a provided berval instead of allocating one.
...
Use ldap_dn2bv and ldap_rdn2bv instead of the *2str versions.
2001-12-28 10:04:53 +00:00
Howard Chu
d6a37432bd
Changed dn_rdn/dn_rdnlen to struct berval
2001-12-28 08:38:24 +00:00
Howard Chu
292c575c1f
Added dnPrettyNormal, do both Pretty and Normalize at once to save
...
some ldap_str2dn overhead.
2001-12-28 07:27:15 +00:00
Kurt Zeilenga
cefce9c965
dnExtractRDN should take a struct berval DN.
2001-12-27 17:17:01 +00:00
Pierangelo Masarati
70e7d58c7d
small improvement and prototyping
2001-12-27 15:15:30 +00:00
Kurt Zeilenga
cddf7e0e00
More struct berval DN changes
...
decrease dependency on dn_validate/dn_normalize
2001-12-27 07:13:13 +00:00
Kurt Zeilenga
f9c2dc3701
Clean up a few globals
2001-12-27 02:03:57 +00:00
Howard Chu
3e826ae1c7
More struct berval fixes for modrdn
2001-12-27 00:58:14 +00:00
Kurt Zeilenga
ef7a99ff99
Additional struct berval DN changes...
2001-12-26 23:26:55 +00:00
Kurt Zeilenga
21cecb3831
Update referral handling to use struct berval DNs.
2001-12-26 20:59:24 +00:00
Kurt Zeilenga
139e78e35c
Remove lint.
2001-12-26 16:52:26 +00:00
Kurt Zeilenga
21288fbb21
Misc cleanup and dn_normalize() zapping
...
Fix nameAndOptionalIdentifer syntax.
2001-12-26 16:42:35 +00:00
Howard Chu
2a3dc7ab8f
Moved bdb_strcopy to slap_strcopy
2001-12-26 15:52:46 +00:00
Howard Chu
d0add35348
Changed get_limits to struct berval*
2001-12-26 15:28:01 +00:00
Howard Chu
15f630545a
Changed ma_rule_text to struct berval.
...
Changed get_filter to struct bervals
2001-12-26 13:47:10 +00:00
Howard Chu
d474789d0d
First pass at converting bind to struct bervals
2001-12-26 11:41:38 +00:00
Howard Chu
68b1bbb89d
Changed search attrs to struct berval **.
...
Use typedefs for all backend functions, to minimize work in future API
updates. (back-*/external.h will never need updating in the future.)
2001-12-26 08:17:44 +00:00
Howard Chu
b96645af7d
More struct berval changes, dnNormalize migration...
2001-12-26 04:17:49 +00:00
Kurt Zeilenga
2dd27b0786
More struct berval DNs
2001-12-25 19:48:26 +00:00
Kurt Zeilenga
e08a10b853
Have replog() use struct berval DNs
2001-12-25 04:09:09 +00:00
Kurt Zeilenga
3336619c80
More "char *" to struct berval DN changes
2001-12-25 02:30:01 +00:00
Kurt Zeilenga
5ee89d6167
Use struct berval DNs for root DN and update DN
2001-12-25 00:05:26 +00:00
Kurt Zeilenga
f6085d3f82
Every quick mod to use a struct berval for e_dn/e_ndn. No bv_len yet.
2001-12-24 16:53:47 +00:00
Howard Chu
70194f9ad6
Changed suffix_alias() to use struct berval * in-place.
2001-12-24 16:29:18 +00:00
Kurt Zeilenga
883196d348
Clean up some symbol scoping
2001-12-24 06:36:44 +00:00
Kurt Zeilenga
d0abe6f59f
Misc DN cleanup, no functional changes
2001-12-24 06:00:02 +00:00
Kurt Zeilenga
e701812f27
Make note of deprecated DN routines. Need to write
...
"struct berval" versions
2001-12-24 04:39:15 +00:00
Kurt Zeilenga
7a6e80cdcd
Zap dn_match(), cleanup up prototype header
2001-12-23 20:23:15 +00:00
Kurt Zeilenga
0c28b66a75
use dnPretty instead of dn_pretty
2001-12-23 00:43:57 +00:00
Pierangelo Masarati
328d38713a
better handling of on-the-fly operational attrs by means of helpers
2001-12-22 14:24:13 +00:00
Pierangelo Masarati
e36bde9180
added backend-side support for on-the-fly operational attributes; added hasSubordinates to schema and back-ldbm
2001-12-22 11:50:16 +00:00
Kurt Zeilenga
5c0a8848cf
Add abstract object class checks and a bit of structuralObjectClass
...
optimization.
2001-12-20 01:41:44 +00:00
Kurt Zeilenga
1d6c8d8157
Add better error reporting.
...
Handle multiple SUP objectClasses.
2001-12-20 00:34:36 +00:00
Kurt Zeilenga
49d16c4dce
Add structuralObjectClass support and a bit of const'ification
2001-12-19 22:08:24 +00:00
Howard Chu
0b22897f37
Minor cleanup
2001-12-18 00:29:43 +00:00
Howard Chu
3bd8946ca0
from jon@symas.com - minor cleanup
2001-12-17 22:48:29 +00:00
Howard Chu
ff682be26e
Added acl_destroy, acl_free.
2001-12-15 12:41:53 +00:00
Howard Chu
ef0b308bea
Changed backglue configuration. Added noSubordinates arg to select_backend
...
to deal with glued subordinates.
2001-12-10 12:09:40 +00:00
Pierangelo Masarati
95f1740aa6
improvements to monitor backend: added a log entry that lists the current log level and can be modified via protocol at runtime, to change the log level; minor improvements; fixed a problem in dealing with dn normalization
2001-12-10 09:50:06 +00:00
Howard Chu
ebadb3737f
Added dn_issuffixbv() like dn_issuffix, but with bervals.
2001-12-09 03:02:29 +00:00
Howard Chu
acc2500114
Added ndn to replog args, eliminate unnecessary dn_normalize in replog.
2001-12-09 02:47:39 +00:00
Howard Chu
3a8075e9b0
Added new backglue pseudo-backend. Uses callbacks to glue different backends
...
together into a single searchable hierarchy.
2001-12-08 15:58:47 +00:00
Howard Chu
ad9d17d537
Added dn_rdnlen. Fixed rdn leak in limits.c.
2001-12-08 11:08:26 +00:00
Howard Chu
e2c2de11c3
Converted all use of dn_parent to the in-place version. (Fixed a pdn leak
...
in back-sql along the way.)
2001-12-08 10:37:42 +00:00
Howard Chu
3fce8e0e80
Turned dn_parent into dn_parent1, returning in-place pointer. Made
...
dn_parent return ch_strdup of dn_parent1 for compatibility.
2001-12-08 08:41:39 +00:00
Kurt Zeilenga
ea8f7aaab3
Pretty the entry DNs on add but not rename (yet).
2001-12-08 06:57:06 +00:00
Howard Chu
0552b1c53f
NT updates from jon@symas.com.
2001-12-07 04:03:25 +00:00
Pierangelo Masarati
9004262d95
reimplement dn_validate/normalize/(match) using the ldap_str2dn/dn2str stuff; need to #define USE_LDAP_DN_PARSING
2001-12-04 20:22:26 +00:00
Howard Chu
70a900e34e
Rewrote entry_encode/entry_decode again, uses 50% less disk space.
2001-12-03 14:00:19 +00:00
Kurt Zeilenga
2ac7c91cae
Replace existing SLAP_MR_ matching flags with:
...
SLAP_MR_ASSERTION_SYNTAX_MATCH
SLAP_MR_VALUE_SYNTAX_MATCH
SLAP_MR_VALUE_SYNTAX_CONVERTED_MATCH,
add supporting evaluation macros, and update code as needed.
Misc other code cleanup included.
2001-11-27 21:59:56 +00:00
Pierangelo Masarati
aee3600276
minor cleanup
2001-11-17 16:18:07 +00:00
Pierangelo Masarati
d51dc13a0b
moved the empty dn static entry into a global const object
2001-11-16 17:05:32 +00:00
Pierangelo Masarati
b1688462ce
check for update dn
2001-11-16 11:47:15 +00:00
Howard Chu
cc4a51f23c
Changed global ad_mutex into per-attributeType mutex. Added
...
ad_find_lang() to search an AttributeType for a given language variant.
(Will be used in back-bdb/back-ldbm index code...)
2001-11-16 07:39:14 +00:00
Kurt Zeilenga
0f10bed011
rm currenttime_mutex.
...
trival other cleanup.
2001-11-13 18:16:07 +00:00
Howard Chu
5f8058f957
Added schema_destroy() et al to free schema structures on shutdown
2001-11-07 01:03:49 +00:00
Kurt Zeilenga
82fad7d0c8
First stable an implementing latest namedref specification.
...
Includes rewriting of URLs where the DN of the referral object
and the DN of the ref attribute attribute are not the same.
Also, always returns explicit DN and scope.
Currently, back-ldbm only. Needs to be ported to back-bdb.
2001-10-26 02:05:14 +00:00
Pierangelo Masarati
271c323281
Fixes ITS#1385
2001-10-25 15:15:34 +00:00
Kurt Zeilenga
fcd1ce0e28
Use defined Root DSE attributes.
...
Developed by Julius Enarusai/IBM
Copyright IBM Corp. 2001
Use of this source code is subject to the terms of The OpenLDAP
Public License Version 2.7, 7 September 2001. No trademarks of the
IBM Corporation are to be used to identify, endorse or promote any
products derived from this code without the prior written consent
of IBM.
2001-10-23 23:29:41 +00:00
Julio Sánchez Fernández
cb98a604fb
Replacement for value_find and compatibility macro.
...
Now we will be able to fix compares.
2001-10-23 09:43:20 +00:00
Howard Chu
0e16f6acf9
Moved AttributeDescription caching into main code:
...
Changed AttributeDescription.{ad_cname,ad_lang} to struct berval everywhere
Deleted ad_free() everywhere
Added ad_mutex to init.c
The AttributeDescriptions are in a linked list hanging off of the
corresponding AttributeType.
2001-10-22 13:23:05 +00:00
Pierangelo Masarati
8471ef7ed0
add global, per backend and per op_ndn time/size soft, hard and to-be-checked limits (exploited by back-ldbm); see slapd.conf(5) for details
2001-08-01 10:09:04 +00:00
Pierangelo Masarati
4051547dfa
handle regex-based per op_ndn time/size limits
2001-07-28 11:24:22 +00:00
Kurt Zeilenga
5cb6b1ce02
Back out DN changes, needs more work
2001-07-21 22:44:55 +00:00
Pierangelo Masarati
ece9bdb0eb
Added the suffix=<dn> parameter to replica config directive
...
to allow selective replication of subtrees of a single database.
Multiple occurrences allow the same replica to handle different
subtrees
2001-07-21 14:15:23 +00:00
Pierangelo Masarati
5fdba27288
This is the skeleton of back-monitor, the slapd monitoring backend.
...
The old monitoring stuff has been removed; the new backend is
enabled by using --enable-monitor at configure time and requires
database monitor
in slapd.conf to be activated. At present it implements a subset
of the old monitoring options, and it should be extendable to
a number of different subsystems. The search operation has been
implementd; it does not honor abandon or size/time limits, though.
The compare and the abandon operations are planned.
Copyright Pierangelo Masarati <ando@sys-net.it>; the code is provided
AS IS with NO GUARANTEE. It can be used and distributed under the
conditions stated by the OpenLDAP Public License.
2001-07-14 17:34:24 +00:00
Pierangelo Masarati
a453d7eacf
dn_validate/dn_normalize has been rewritten by
...
David A. Cooper <david.cooper@nist.gov> (ITS#1232)
according to draft-ietf-ldapbis-dn-05.txt
A copyright statement follows:
The functions normalize_unicode(), get_hexpair(), write_hex_pair(),
get_next_byte(), get_next_char(), get_ber_length(),
ber_parse_primitive_string(), ber_parse_string(), String_normalize(),
DirectoryString_normalize(), PrintableString_normalize(),
IA5String_normalize(), ber_parse_primitive_bitstring(),
ber_parse_bitstring(), getNext8bits(), bitString_normalize(), match_oid(),
match_key(), get_validated_av_in_dn(), get_validated_rdn_in_dn(),
and get_validated_dn() in this file were developed at the National Institute
of Standards and Technology by employees of the Federal Government in the
course of their official duties. Pursuant to title 17 Section 105 of the
United States Code the code in these functions is not subject to copyright
protection and is in the public domain. The copyright for all other code in
this file is as specified below.
2001-07-13 08:21:14 +00:00
Pierangelo Masarati
bff5608926
protos and declarations for charray and rdn stuff
2001-07-06 12:23:22 +00:00
Randy Kunkee
a9097044ea
Remove global_backendsyncfreq code (code has been pushed down into back-ldbm).
2001-06-28 18:02:46 +00:00
Randy Kunkee
d492880870
Add sync_daemon to daemon.c, enabled by global configuration
...
backendsyncfreq <seconds>. Setting this automatically enables
dbnosync (because the synchronizer takes care of it).
2001-06-22 08:38:58 +00:00
Kurt Zeilenga
67cf14466e
Check schema NAMEs
2001-06-07 22:47:02 +00:00
Kurt Zeilenga
adae86a7db
Add more detailed reporting of schema violations to client.
2001-06-06 00:23:56 +00:00
Kurt Zeilenga
cc6fab319e
Add support for separate max incoming for anonymous and authenticated
...
sessions (defaults: 256K and 16M respectively).
2001-05-29 20:00:55 +00:00
Kurt Zeilenga
0aef7722e6
Add support for obsolete attributes.
...
We don't support collective attributes (yet).
Remove exit() calls from scheme parsers. Need to do same for acl parser.
2001-05-17 07:31:59 +00:00
Kurt Zeilenga
4baa7c47da
Add better modlist2mod error reporting (to client)
2001-05-10 03:41:17 +00:00
Kurt Zeilenga
4055077607
Add simple configure support for sockbuf max incoming
2001-05-05 07:29:21 +00:00
Kurt Zeilenga
8091aedc76
Add security checks to root DSE searches.
...
Fix checking of require statements.
2001-02-03 02:21:37 +00:00
Kurt Zeilenga
28d1dbd8ac
Add "sasl-external-x509dn-convert" configuration option aimed
...
at providing authid TLS/X.509 to LDAP DN mapping. Experimental.
2001-01-19 00:47:32 +00:00
Mark Adamson
2231d5e64e
Make SASL authorization work for NULL, "u:", and "dn:" authz strings.
2000-11-30 22:00:15 +00:00
Stig Venaas
87e58fb031
Changed ucdata loading, all is done in config.c. Tried to make ucdata load
...
when found in config file, or before first call to dn_normalize/dn_validate
2000-11-02 10:10:36 +00:00
Kurt Zeilenga
52402fa752
Fix register_syntax argument names
2000-10-23 18:02:48 +00:00
Kurt Zeilenga
dbdba34972
First-cut at manageDSAit-aware backend selection.
2000-10-21 03:29:02 +00:00
Julio Sánchez Fernández
ff72b73fe3
Protos for extensible matching rules
2000-10-13 20:41:23 +00:00
Kurt Zeilenga
7c96f629ee
Add connection and operation arguments to backend callbacks.
...
Needed for transactions.
2000-09-29 05:25:44 +00:00
Kurt Zeilenga
2b82d4f486
remove lint
...
update bdb codes
2000-09-22 01:40:57 +00:00
Kurt Zeilenga
cf17c168c5
Fix portability issue.
...
Move prototypes to proto-slap.h
2000-09-21 19:12:41 +00:00
Mark Adamson
bf1ee530ea
Implementation of SASL authorization.
2000-09-21 17:32:54 +00:00
Kurt Zeilenga
4617f2e946
Fix SPASSWD merge for real
2000-09-20 17:34:06 +00:00
Kurt Zeilenga
50714d2d48
merge changes from authPassword work which should fix SPASSWD code...
2000-09-20 00:28:57 +00:00
Kurt Zeilenga
fdc16c2f94
Add initial entry_encode() routine for back-sleepy (behind #if)
...
Need to add entry_decode().
2000-09-12 00:28:08 +00:00
Kurt Zeilenga
5852f7188b
Add 'defaultSearchBase' configuration directive to help support
...
brain-damaged LDAPv2 clients.
2000-09-11 21:57:14 +00:00
Kurt Zeilenga
2e13824d0d
Add "allow tls_2_anon" to allow StartTLS to force session to anonymous.
...
Add "disallow tls_authc" to disallow StartTLS when session is authenticated.
Create and use connection2anonymous routine for consistency.
2000-09-08 22:59:01 +00:00
Kurt Zeilenga
cee040a321
Bring UCdata infrastructure.
2000-09-03 23:48:35 +00:00
Kurt Zeilenga
a60438c1ce
Add sasl-host option and treat sasl-realm as global only
...
(ie: not backend specific).
2000-08-30 01:44:39 +00:00
Kurt Zeilenga
bf3df2f7a6
restrictops, requires, disallow knobs; ssf acls; and misc other changes
...
man pages to follow...
2000-08-28 18:38:48 +00:00
Kurt Zeilenga
2d3e998c3c
Remove extended op callback function... doesn't provide necessary locking
2000-08-26 02:13:52 +00:00
Kurt Zeilenga
1c328aa9c7
Minor typedef and other clean ups
2000-08-26 01:14:05 +00:00
Kurt Zeilenga
02f888c563
First cut of LDBM substrings indexing. Needs testing.
2000-08-22 21:26:25 +00:00
Kurt Zeilenga
a50f391bb3
Working SASL security layers!
2000-07-28 00:04:07 +00:00
Kurt Zeilenga
6c41d272cf
Update framework to support registration of approximate matching
...
rules.
2000-07-24 21:29:30 +00:00
Kurt Zeilenga
3a73af57c1
conform schema routines to ldap naming conventions
2000-07-22 17:30:44 +00:00
Kurt Zeilenga
5fc22599e2
Update SASL code to reuse context through life of session.
...
Replace 'negotiated' with 'interactive' bind
Add hooks for SASL/EXTERNAL
Disable SASL security layers
Rework SASL command line and config file parameters
2000-07-13 22:54:38 +00:00
Kurt Zeilenga
b1172dc5ac
Add experimental support for undefined attribute types.
2000-07-02 17:16:18 +00:00
Kurt Zeilenga
3112f21612
Add attribute type/matching rule support for structuralObjectClass attribute
...
type. Add type to core.schema. Not yet populated on add nor checked on modify.
2000-06-26 05:13:41 +00:00
Kurt Zeilenga
317d04a5d9
Modify backend_attribute to return bervals and adjust ACLs
...
(actually, ACL here might be dangerous)
2000-06-26 01:22:32 +00:00
Mark Valence
295f3ba0aa
New backend routine: back_attribute
2000-06-21 17:23:24 +00:00
Kurt Zeilenga
9ef1a740c2
Round one of LDAP_F() macro changes. In this round we rename
...
macros into our namespace and limit use to headers. A subsequent
round will add macros to separately handle forward declarations
of variables from declaration of function prototypes. The last
round will add additional macros for declaring actual variables and
functions.
2000-06-18 19:48:07 +00:00
Kurt Zeilenga
c332df50de
Remove unnecessary arg from front end backend_check_referrals call
2000-06-16 04:07:57 +00:00
Kurt Zeilenga
79ebfbc4fe
Rework referral entry point with DNS SRV implementation (needs testing).
2000-06-16 03:50:02 +00:00
Kurt Zeilenga
6f378341a2
Add backend_check_referrals() framework.
2000-06-16 01:19:30 +00:00
Mark Valence
3cad129608
Removed active_threads count and associated mutex/cond. Replaced with
...
ldap_pvt_thread_pool_backload() as needed. All tests run OK on pthre
ads (linux), cthreads, NT threads, and Pth.
2000-06-10 06:40:03 +00:00
Mark Valence
7ec6a4363f
Use thread pool for operation threads.
2000-06-07 19:27:33 +00:00
Kurt Zeilenga
693fb9424a
unifdef -DSLAPD_SCHEMA_NOT_COMPAT -USLAPD_SCHEMA_COMPAT
2000-06-06 19:43:18 +00:00
Kurt Zeilenga
09806eec40
Use #ifdef, not #if
2000-06-05 16:18:48 +00:00
Kurt Zeilenga
ea069cb7c2
New indexer/filter codes (test suite works) with cheats
...
Updated NT Project files (with Cyrus SASL library depend)
2000-06-04 22:59:38 +00:00
Kurt Zeilenga
eb70b602ee
Rework ACI codes to use OpenLDAPaci. Add needed schema elements.
...
Needs work. Volunteers welcomed.
2000-05-30 21:34:55 +00:00
Kurt Zeilenga
229e12b69d
SLAPD_SCHEMA_NOT_COMPAT: add subtype aware is_at_syntax()
2000-05-28 19:15:37 +00:00
Kurt Zeilenga
439c0c796d
SLAPD_SCHEMA_NOT_COMPAT: Mostly work modify
2000-05-28 16:36:34 +00:00
Kurt Zeilenga
f8dd082b74
SLAPD_SCHEMA_NOT_COMPAT: framework for substring searching
2000-05-27 21:41:04 +00:00
Kurt Zeilenga
b813a5ba30
SLAPD_SCHEMA_NOT_COMPAT: prelim ACL work
2000-05-27 19:33:08 +00:00
Kurt Zeilenga
1ae20e9b0c
Move extern schema_init_done outside of #ifdef SLAPD_SCHEMA_NOT_COMPAT
2000-05-25 02:09:59 +00:00
Kurt Zeilenga
89b09b020d
Split schema_prep() from schema_init.c
2000-05-25 01:49:21 +00:00
Kurt Zeilenga
433d9388be
SLAPD_SCHEMA_NOT_COMPAT:
...
Add syntax normalizer, separate from matching rule normalizer.
with mr normalizer defaulting to syntax normalizer. This allows
for more consistent handling of some syntaxes, such as directoryString
(where all matches should ignore leading, trailing, and other extra
spaces).
2000-05-24 22:20:03 +00:00
Kurt Zeilenga
c1da50a426
SLAPD_SCHEMA_NOT_COMPAT: equality filters
...
(2.5.4.0=2.5.6.0) works! ie: (objectclass=top)
2000-05-24 18:49:30 +00:00
Kurt Zeilenga
60802201e3
Const'ification
...
SASL mech removed from backend bind callback (as SASL is managed by frontend)
Changes to some backends are untested (as I don't have all dependent
software install)
2000-05-22 03:46:57 +00:00
Kurt Zeilenga
b2f56a7318
SLAPD_SCHEMA_NOT_COMPAT: framework for value_match() and value_find()
2000-05-21 22:46:51 +00:00
Kurt Zeilenga
074be5fb5a
SLAPD_SCHEMA_NOT_COMPAT: numerous changes to syntax flags, mostly minor
...
added new value_normalize() code
need LDAPsyntaxes X- field support
2000-05-18 17:21:42 +00:00
Kurt Zeilenga
1f22c52b8a
SLAP_SCHEMA_NOT_COMPAT: add calls to dummy value_normalize()
...
SLAP_SCHEMA_NOT_COMPAT: Need to sort out normalization of substring components
2000-05-17 20:08:13 +00:00
Kurt Zeilenga
8d407bc2a6
Modify ava code to return error text
...
Filter code needs to be updated to properly handle soft errors.
2000-05-16 21:03:18 +00:00
Kurt Zeilenga
a1430fdfdb
Rework root dse and other info entry codes to produce entry
...
to caller (do_search) such that info can be used by other
operations (ie: do_compare).
SLAPD_SCHEMA_NOT_COMPAT: Add additional code to support filters (needs work)
2000-05-16 16:22:52 +00:00
Kurt Zeilenga
40ab90fa9c
SLAPD_SCHEMA_NOT_COMPAT: Rework caching of internal schema
2000-05-15 21:05:25 +00:00
Kurt Zeilenga
7b14e1304a
Relocate schema_init() call to main()
...
Add schema_prep() call to main()
Similiar changes to slapcommon.c
Add schema_prep() impl to schema_init.c
Add slap_ad_entry and slap_ad_children globals.
Add "entry" and "children" to openldap.schema (this likely should
be added to schema via code, not configuration)
2000-05-15 20:04:36 +00:00
Kurt Zeilenga
59aba7711b
SLAPD_SCHEMA_NOT_COMPAT: basic filter parsing
2000-05-15 18:46:03 +00:00
Kurt Zeilenga
4bc786f34b
Y2k copyright update
2000-05-13 02:47:56 +00:00
Bastiaan Bakker
14418bdff3
Avoid C++ keyword 'new' in header files.
2000-04-30 15:26:51 +00:00
Kurt Zeilenga
b872bf3a91
fix -UHAVE_CYRUS_SASL
2000-04-25 19:28:00 +00:00
Kurt Zeilenga
55ae3cffd8
SASL code without backend support. Should work with
...
external store, but not yet tested. [Intent is to support
both in same server... may not be doable]
2000-04-25 16:03:17 +00:00
Kurt Zeilenga
12e253fc66
entry_schema_check rename
2000-04-25 13:20:05 +00:00
Kurt Zeilenga
4710c74605
Rework error handling. Add error descriptions.
...
Don't use LDAP_OPERATIONS_ERROR for internal errors. Use LDAP_OTHER
instead. (more changes needed in this area)
2000-03-03 22:37:06 +00:00
Kurt Zeilenga
e96865c1a8
Reorder error detection based upon precedence
2000-03-01 22:59:34 +00:00
Kurt Zeilenga
4091381660
Yet another round of SLAPD_SCHEMA_NOT_COMPAT changes, including:
...
limited subtype support, modlist handling, filter updates,
lastmod attribute handling.
2000-02-28 21:16:05 +00:00
Kurt Zeilenga
76553ea53f
More -DSLAPD_SCHEMA_NOT_COMPAT changes, including initial
...
impl of slap_modlist2mods() and is_at_subtype().
2000-02-25 19:36:07 +00:00
Kurt Zeilenga
ceb6412e62
More -DSLAPD_SCHEMA_NOT_COMPAT changes
...
Not hidden: "<anonymous>" modifiersname
2000-02-15 18:57:07 +00:00
Kurt Zeilenga
0dbaf87730
Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT
...
plus these changes unhidden changes:
remove now meaning --enable-discreteaci configure option
fix ITS#451, slapd filters
Add ber_bvecadd() to support above
constify ldap_pvt_find_wildcard() and misc slapd routines
renamed some slap.h macros
likely broken something
2000-02-14 20:57:34 +00:00
Kurt Zeilenga
36b0423311
Add Modification/Modifications structures for -DSLAPD_SCHEMA_NOT_COMPAT
2000-02-07 20:37:10 +00:00
Kurt Zeilenga
bc51bd5180
Yet another round of SLAPD_SCHEMA_NOT_COMPAT changes...
...
Changes outside of #ifdef include three value filter processing.
2000-02-06 21:09:44 +00:00
Kurt Zeilenga
f9195f9b6f
Another round of SLAPD_SCHEMA_NOT_COMPAT changes including
...
basic structures for handing language tags and binary option
(but less actual code to actually support them). Provided
for reference only. Will not even compile.
2000-02-05 05:01:41 +00:00
Kurt Zeilenga
3a6e906194
Replace -DSLAPD_SCHEMA_COMPAT with -USLAPD_SCHEMA_NOT_COMPAT
2000-01-31 22:14:16 +00:00
Kurt Zeilenga
d298e35514
Add SLAP_SYNTAX_BINARY flag to indicate binary storage is used for
...
attributes of the syntax. Such attribute values be transferred
using binary syntax unless ber2str/str2ber routines are provided.
Used in conjunction with ";binary" attribute description option
and/or the Binary syntax.
2000-01-31 01:49:44 +00:00
Kurt Zeilenga
49976b5bc1
Constify a few attr_*() routines
2000-01-29 22:03:34 +00:00
Kurt Zeilenga
d4c814ecd9
Move extern to proto header
2000-01-29 20:06:46 +00:00
Kurt Zeilenga
c5da0c76ce
Additional changes to migrate to new schema codes
...
Still not usable.
2000-01-28 20:01:00 +00:00
Kurt Zeilenga
434e7229ac
Add code to handle operational attributes via new schema codes
...
behind -USLAPD_SCHEMA_COMPAT.
2000-01-27 19:02:24 +00:00
Kurt Zeilenga
96ba43c591
Add in hooks for mr conversion routines
2000-01-26 00:12:51 +00:00
Kurt Zeilenga
9fec129997
Second round of schema changes
...
Revert normalization to matching rule per discussions with Julio.
May need separate normalization routines for stored value and asserted
value. Currently rely on passed in syntax/mr to allow "special" behavior.
Reworked filters to pass struct berval * instead of char *. (needs work)
Validation, normalization and matching needed.
2000-01-25 21:13:31 +00:00
Kurt Zeilenga
117a37272d
Modify slapd syntax struct to have both a validation and normalization
...
routine. Could be combined into one routine.
Modify slapd matching rule struct to only have match function.
Modify old attribute such that 'bin' implies octetString, not 'binary'.
Add compatibility for IA5 strings. Only directoryStrings were handled
before.
Treat attribute types without syntax as incomplete, not default.
Add OctetStringValidate (always returns okay).
Add {UTF8,IA5}StringValidate/Normalize (IA5 based loosely on
case_exact_normalize). Need case{Exact,Ignore}UTFMatch, using IA5 versions
for now.
Removed default of syntax/mr handlders, should just skip
registration of syntax/mr's without handlers.
Added comments to slap.h about types versus descriptions.
2000-01-24 23:31:26 +00:00
Kurt Zeilenga
fdcd8465c3
s/case_ignore_normalize/caseIgnoreIA5Normalize/
...
s/case_ignore_compare/caseIgnoreIA5Match/
s/case_exact_normalize/caseExactIA5Normalize/
s/case_exact_compare/caseExactIA5Match/
to make room for UTF-8 and T.61 varients.
2000-01-23 20:53:12 +00:00
Kurt Zeilenga
6437785a82
Initial implementation of Kerberos password verification for
...
simple bind via:
{KERBEROS}principal
Code is disabled by default (for security reasons). Use
--enable-kpasswd to enable. Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support. Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
2000-01-08 18:42:11 +00:00
Luke Howard
9b4e3b2234
Merged in preliminary support for Cyrus SASL library;
...
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
2000-01-02 01:21:25 +00:00
Kurt Zeilenga
da93ca8c5e
Remove DNS_DN experimental code.
1999-12-18 19:54:22 +00:00
Kurt Zeilenga
6253e7c278
Updated sasl response to support returning of referrals.
...
Updates to extended operation framework to support arbitrary
referrals and extended results without OIDs.
Updated passwd extended operation to support returning update_refs
as needed. Needs replog support.
1999-12-15 23:22:47 +00:00
Kurt Zeilenga
7c28aa058c
Add password check and generation check.
...
Modify tests to use -h "ldap://localhost:port/" instead of -p port.
1999-12-12 18:45:06 +00:00
Mark Valence
a76c9f18a9
Start TLS extension: check that TLS was inited successfully, return default referral on failure as appropriate.
1999-12-10 19:18:33 +00:00
Kurt Zeilenga
431dad371c
Fix slapd SASL/ExternalOps encoding
...
Add controls to extended ops API signatures, need impl.
Update password to support optional server side generation of
new password, verification of old password, and changing of
non-bound user's passwords.
1999-12-10 04:52:32 +00:00
Kurt Zeilenga
1b787171fc
Place passwd extended op into builtin list.
1999-12-09 23:05:15 +00:00
Mark Valence
454284f1ea
Adds for Start TLS functionality on slapd and LDAP C API.
1999-12-09 22:33:22 +00:00
Kurt Zeilenga
354d0d5b50
Modify password code such that backend end routine calls into
...
frontend to complete parsing of extended op reqdata.
Modify password extended operation to allow optional id (DN)
entry to change (not tested). Also, provide room to allow
server side password generation (not implemented). Added optional old
password field to support proxying (not implemented).
Need to implement replog() support.
1999-12-09 21:30:32 +00:00
Kurt Zeilenga
26c7d69e8c
Update for new password codes for MSVC5
1999-12-08 06:44:22 +00:00
Kurt Zeilenga
d5edb4bff6
Reengineered ldappasswd(1). Uses extended operation to set
...
user password. Likely to be modified to use bind control
instead. Use of modify deprecated in favor mechanisms that
support passwords stored externally to the directory (such
as in a SASL service).
Modified slapd extended operation infrastructure to support
backend provided extended operations.
1999-12-08 04:37:59 +00:00
Kurt Zeilenga
831bfa760e
reduce slap_passwd_check to simple form
1999-12-06 21:42:10 +00:00
Kurt Zeilenga
a9fb92467e
Add send_ldap_sasl() to facility implementation of SASL bind.
1999-11-29 17:44:14 +00:00
Howard Chu
eaaea51b53
Fixes for NT dynamic linking.
1999-11-27 23:40:08 +00:00
Kurt Zeilenga
3978748e35
Fix prototypes to use ber_int_t consistently.
1999-11-25 17:52:47 +00:00
Kurt Zeilenga
42bb3e2e85
Move userPassord and krbName authentication routines to the frontend.
1999-11-23 19:00:09 +00:00
Mark Valence
0b9f7c8240
Added get_supported_acimech()
1999-11-22 18:40:05 +00:00
Mark Valence
883f9de61d
Added get_supported_extension(), removed extern supportedExtensions[].
1999-11-17 19:17:31 +00:00
Mark Valence
47d4d7fbb0
Added new module_* routines, changed def. of load_extension.
1999-11-09 21:20:23 +00:00
Mark Valence
edc7062f34
In preparation for extensions improvements -- added send_ldap_extended and load_extension.
1999-11-09 03:28:17 +00:00
Kurt Zeilenga
06eb390586
Make accessmask2str reentrant.
1999-10-21 23:19:22 +00:00
Kurt Zeilenga
f6829ee903
Initial commit of new ACL engine. Engine supports descrete access
...
privs, additive/substractive rules, and rule continuation. Existing
rules that use 'defaultaccess none' should be 100% compatible. Rules
that rely other defaultaccess settings will require addition of
explicit clauses granting the access.
Needs additional testing and tuning of logs
1999-10-21 17:53:56 +00:00
Kurt Zeilenga
7a0b0b2bbf
In preparation for adding dn_rewrite()...
...
s/dn_normalize/dn_validate/
s/dn_normalize_case/dn_normalize/
1999-09-24 01:46:37 +00:00
Kurt Zeilenga
403f4479bc
Add OpenLDAP RCSid to *.[ch] in clients, libraries, and servers.
...
Replace old Id as needed (back-tcl).
Leave updating of contribWare to contributors (for now).
1999-09-08 19:06:24 +00:00
Hallvard Furuseth
4a5e2febed
Some constification & lint removal
1999-09-04 21:15:49 +00:00
Hallvard Furuseth
76a94de251
Fix: obey be->be_readonly. Also add & obey global_readonly.
1999-09-02 10:39:51 +00:00
Hallvard Furuseth
c09a2c63e7
Cleanup:
...
Fix printf formats, remove unused variables, add missing prototypes in slapd,
add static/const, add some return types or change to void return type.
1999-09-02 08:05:17 +00:00
Kurt Zeilenga
b509dd4d8c
sockpair cleanup including:
...
provide prototype in lutil.h
use LBER_SOCKET_T instead of int in prototype. (didn't use
ber_socket_t so all of lber.h wouldn't have be dragged in)
rename signal handlers, use RETSIGTYPE, and make SIGHUP wake
rename fd to sd to reflect descriptor must be usable as a socket.
renamed sel_exit_fds to wake_sds to reflect current use
improve readability of sockpeer.c including removing obtuse goto.
1999-08-31 05:18:06 +00:00
Kurt Zeilenga
5c63fd55b5
Implement ldap_dn_normalize and friends. Should be used by clients
...
to validate input dn's BEFORE sending dn's to server.
Also fixed getfilter to use REG_EXTENDED|REG_NOSUB. (and fixed one
case where REG_BASIC was still used).
s/strdup/LDAP_STRDUP/
Added ldap_pvt_str2lower/upper
1999-08-25 06:44:08 +00:00
Kurt Zeilenga
87675a953d
ACIs from Mark Valence <kurash@sassafras.com> (ITS#261)
1999-08-20 22:42:04 +00:00
Kurt Zeilenga
546262acb8
complete this round of constification
1999-08-20 19:50:11 +00:00
Kurt Zeilenga
8ac21b67a1
more const'ification
1999-08-20 19:29:43 +00:00
Kurt Zeilenga
2a74677799
const'fication
1999-08-20 19:00:44 +00:00
Howard Chu
95d9fe1046
Fix warnings from previous OID parse commit
1999-08-19 23:44:53 +00:00
Howard Chu
75c9a1e222
Add OIDmacros for attribute & objectclass numericOIDs. Allow parsing
...
attribute syntaxes using syntax description in addition to syntax OID.
Removed all whitespace from syntax descriptions.
1999-08-19 22:09:33 +00:00
Kurt Zeilenga
c51f35fe0f
Add hacks to allow debugging with CSRI malloc.
...
(test001-populate runs without leak)
Free global entry string buffer on shutdown.
1999-08-19 17:06:28 +00:00
Kurt Zeilenga
e4f6d54877
New dn2id format with base/one/subtree indices (ldbm/bdb2)
...
New id2entry (id-less) format (ldbm/bdb2)
Removed id2children (ldbm/bdb2)
Added nextid database (ldbm)
Broke ldbmtest
Removed ldif2* tools (ldbm/bdb2)
Added slap tools (slapadd, slapcat, slapindex)
1999-08-17 19:00:59 +00:00
Kurt Zeilenga
1ffe5122b7
Implement DN_PARENT_PREFIX and framework for DN_SUBTREE_PREFIX.
1999-08-11 20:59:28 +00:00
Kurt Zeilenga
9ea7a42b99
Add copyright notice and a few comments here and there
1999-08-04 23:59:13 +00:00