upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-18 21:26:29 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
24558 commits 38 branches 309 tags 68 MiB
Commit graph

13240 commits

Author SHA1 Message Date
Ondřej Kuzník
cb6e2e555e ITS#9959 Nul-terminate addresses 
Debug(LDAP_DEBUG_CONNS, ...) gets these passed as %s, reaching just
beyond the allocated buffer.
 2025-12-18 23:27:24 +00:00
Ondřej Kuzník
dcbb48dec7 ITS#9959 Do not read c_auth without lock 2025-12-18 23:27:24 +00:00
Ondřej Kuzník
176680e824 ITS#10414 Do not replace tool's provided buffer 2025-12-16 16:33:10 +00:00
Ondřej Kuzník
1668b5c432 ITS#10414 Remember whether we have a frontend/back-config 2025-12-16 16:33:10 +00:00
Ondřej Kuzník
127b34eb0b ITS#9577 Also exit when started with just -V 2025-12-13 00:22:53 +00:00
Ondřej Kuzník
93d7b9ef7a ITS#7347 Allow subtractive -a/z/i to work as expected 2025-12-11 20:42:19 +00:00
Ondřej Kuzník
b8df689969 ITS#9640 Introduce the increment privilege 2025-12-11 20:42:19 +00:00
Ondřej Kuzník
b7d3e353ec ITS#10413 Prepare cookie just before we actually send it 2025-12-10 19:48:51 +00:00
Ondřej Kuzník
b3821e772a ITS#10358 Retry if entry changed (use assert control to detect this) 2025-12-09 00:59:57 +00:00
Ondřej Kuzník
3d94d11c75 ITS#7441 Consider both parts of an X-ORDERED value 2025-12-08 18:52:59 +00:00
Ondřej Kuzník
9cb8701e3c ITS#10408 Do not assume sop is still in the list 2025-12-04 22:46:36 +00:00
Ondřej Kuzník
aa3e8f34c3 ITS#6151 Regenerate cosine.ldif 2025-12-04 18:26:33 +00:00
Ondřej Kuzník
e6f666a1ac ITS#6151 Update cosine.schema for RFC 4524 
- adds a new substring match omitted previously (uniqueIdentifier)
- removes streetAddress duplication in domain objectclass
- prefers short names for MUST/MAY attributes
- long definitions (for 'co', 'drink', ...) are NOT removed here
- attributes/objectclasses removed by RFC 4524 are NOT removed here

Chooses not to remove DESC tags removed in RFC1274 in the interests of
keeping the diff small.
 2025-12-04 18:26:33 +00:00
Howard Chu
afafeaf407 ITS#10410 WIN32 logging: simplify buffer calculation 2025-12-01 15:09:21 +00:00
Howard Chu
1bc7cd0e2a ITS#10398 slapo-memberof/refint: fix clash on subtree renames 
memberof must ignore modify ops from refint overlay.
 2025-11-18 16:35:59 +00:00
Howard Chu
34813d9cba ITS#10329 slapo-pcache: don't clobber original request DN 
in merge_entry()
 2025-11-04 18:36:40 +00:00
Andrew Elble
9ae2539170 ITS#10329 slapo-pcache: template match must be case insensitive 2025-11-04 18:36:40 +00:00
Andrew Elble
5359362de0 ITS#10329 slapo-pcache: (re)set expiry time if query is pos/neg 2025-11-04 18:36:40 +00:00
Andrew Elble
ba18e87102 ITS#10329 slapo-pcache: in refresh, set q_uuid on query if it changes pos/neg 2025-11-04 18:36:40 +00:00
Andrew Elble
326e088df6 ITS#10329 slapo-pcache: clear out already freed op req DN 2025-11-04 18:36:40 +00:00
Arvid Requate
7929b3ee77 ITS#7901 slapschema: preserve errors in -c mode 2025-10-22 19:25:34 +00:00
Ondřej Kuzník
6a28e8919d ITS#10313 Allow counter mods to be chained 2025-10-21 03:15:43 +00:00
Ondřej Kuzník
e0cca3fcab ITS#10313 Tighten counter tracking modification 
Try to make sure the counter/timer value we used hasn't been used up in
the meantime. Also if the update cannot be committed, do not say whether
the provided OTP was correct, this would open up an oracle for malicious
clients to brute force a token they could use later/elsewhere.
 2025-10-21 03:15:43 +00:00
Ondřej Kuzník
1414325c4d ITS#10379 Use a fresh timestamp for internal mod 2025-10-21 03:15:43 +00:00
Ondřej Kuzník
a480eae05a ITS#10169 Do not leak opattr mods 2025-10-21 03:15:43 +00:00
Howard Chu
78ecd45ff7 Revert "ITS#10398 slapo-memberof/refint: fix clash on subtree renames" 
This reverts commit 1b1b687bd4.
Pushed by mistake
 2025-10-16 20:18:36 +01:00
Howard Chu
e8105816ce ITS#10381 fix logformat for Windows again 
Misplaced line in previous commit.
 2025-10-15 20:17:34 +01:00
Howard Chu
1b1b687bd4 ITS#10398 slapo-memberof/refint: fix clash on subtree renames 
refint must use manageDsaIt control on its repair ops, and
memberof must ignore modify ops with this control set.
 2025-10-07 19:12:12 +01:00
Nadezhda Ivanova
0c69e59f85 ITS#10392 back-ldap does not return a response if incorrect secprops is configured 2025-09-30 16:14:55 +00:00
Howard Chu
0270cdfe8e ITS#10381 fix logformat config 2025-09-23 18:58:39 +00:00
Howard Chu
5fd86869f3 ITS#10191 back-mdb: check for pool pause in search 
Also related, cancel any ops on a DB that is being deleted.
 2025-09-23 17:30:51 +00:00
Ondřej Kuzník
ce9ee22c7a ITS#10385 Set correct rootDN for accesslog replay 2025-09-02 19:20:46 +00:00
Ondřej Kuzník
7c6e35f94b ITS#10369 Merge duplicate attributes properly 2025-09-02 15:27:06 +00:00
Ondřej Kuzník
bb60d30ef5 ITS#10384 Free attributes on error 2025-09-02 15:27:06 +00:00
Howard Chu
75ac8a4145 ITS#10387 lloadd: more for previous commit 2025-09-01 17:22:42 +01:00
Howard Chu
83030cacbc ITS#10387 daemon: fix reverselookup of proxied IPv6 address 2025-09-01 15:05:53 +01:00
Ondřej Kuzník
6d9f99e5f5 ITS#10380 Log server version on logfile change 2025-08-22 14:23:19 +01:00
Ondřej Kuzník
5002604537 ITS#10379 Use a fresh timestamp for lastbind mod 2025-08-05 15:35:34 +00:00
Ondřej Kuzník
0734bc3373 ITS#10254 Do not trigger pwdReset when rehashing 2025-08-05 15:35:34 +00:00
Ondřej Kuzník
06480123b1 ITS#10254 Fix rehashing logic and add tests 2025-08-05 15:35:34 +00:00
Ondřej Kuzník
cadbcc629c ITS#9343 Fix the minimum number of ppolicy_rules arguments check 2025-08-05 15:35:34 +00:00
Howard Chu
053ca6b656 ITS#10304 slapd-mdb: fix spurious error when deleting last child of a branch 2025-08-05 16:26:23 +01:00
Nadezhda Ivanova
add3df9da4 ITS#10363 - Implement a target connection time-to-live in asyncmeta 2025-07-31 19:01:56 +00:00
Nadezhda Ivanova
d1848e54ae ITS#10363 Removed unused arguments and unused code in asyncmeta_getconn and asyncmeta_clear_one_msc 2025-07-31 19:01:56 +00:00
Nadezhda Ivanova
4fbdbf388b ITS#10308 Implement cn=monitor for back-asyncmeta 
Provide some target connection statistics such as target connections
status and target status
 2025-07-31 19:01:56 +00:00
Howard Chu
0ff74659c0 ITS#10374 pcache: fix config emit of noattr attrset 
Support for configuring an empty attrset was added in add25c2f45
for ITS#5074 but code to emit the config wasn't updated accordingly.
 2025-07-31 16:43:31 +01:00
Arran Cudbard-Bell
163da8d217
slapo-auditlog: Add olcAuditlogNonBlocking to avoid blocking when logging to named pipes 
The default behaviour of fopen() when called on a named pipe which does not have any reader, is to block, until a reader opens the pipe.  This blocks slapo-auditlog when it attempts to write output.  Depending on how critical the audit log  is, it may be preferable to discard audit log output and continue processing requests if there's no reader available.

For clarity the call to fopen() is removed and replaced with open()/fdopen(), allowing us to specify O_* flags as opposed to using fopen() or open()/fdopen(). 0666 are the base permissions used by fopen() when files are created.
 2025-07-03 11:18:51 -06:00
Howard Chu
6e559efd85 ITS#10360 delta MPR: internal search should use logDB's rootDN 2025-06-23 22:07:55 +00:00
Ondřej Kuzník
dcd60d1d0a ITS#10254 Let slapo-ppolicy rehash user's password 2025-06-23 16:47:48 +00:00
Ondřej Kuzník
406836540c ITS#10254 Fix password_scheme to return full hash specification 2025-06-23 16:47:48 +00:00