upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-01-24 07:43:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
23408 commits 38 branches 309 tags 75 MiB
Commit graph

12666 commits

Author SHA1 Message Date
Ondřej Kuzník
11f474385a Exop support 
At the moment, no exops are processed internally, all are passed on
unchanged.
 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
7cd531c069 Improve spec conformance, logging 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
c60ef73984 Rework upstream conn setup 2020-11-17 17:58:13 +00:00
Ondřej Kuzník
0b3531066d Refactor operation_send_reject 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
d22db36cea lload_libevent_init can fail and wants to log 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
8d93e0baa0 Unify connection locking and I/O 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
cfeb4d82a3 Set binding state after we have dropped all ops 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
5fcef01d62 Switch from a global mutex 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
96b7619afc Do not unlock client unless we are destroying it 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
362d550328 Do not crash when closing both client and upstream 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
532fc1bf98 Shorten time operation_mutex is locked 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
e03c9e6fb4 Stop processing if we freed the client 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
f7cf34e69c Reset connection state on abandon 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
6140cdf6f8 Handle a client connection disconnected from op 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
d4225924bc CLOSING is another potential state we could be in 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
0ad91e0546 Do not back off until we get a failure 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
cda8411c48 Close up the race 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
31074213f7 TENTATIVE: communicate more for op destroy race 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
622b87d5e8 Make ready only when still alive 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
16010e5e16 More logging improvements 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
7b7f9724c4 Avoid a deadlock with client 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
7b413f9ed4 Update docs and defaults 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
7046444327 Do not read on the last iteration. 
When the pdu processing limit is hit, we still attempt to read another
PDU. If we succeed, the ber_get_next call in the read callback will
abort since a full PDU is already present.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
65def94380 More logging improvements 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
1740f36bfc Fix emfile handling 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
30e538e836 Realign logging levels. 
Stats now logs all operations, stats2 additionally intermediate messages
(search entries).
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
1dd0e5131a Only one bind at a time 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
33a993553d Unblock the client when we can't find an upstream 
If we can't find an upstream, we keep the client around, so it needs to
be unblocked.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
95df8a1ec8 Adjust backend operation counting 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
baf1feab82 Handle asynchronous connect properly 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
46fe014378 Make sure operation stays alive when we process it 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
0ff462b619 Fix issues in bind response handling 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
545198c70d Simplify abandon processing 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
88390159a1 On connection shutdown, free op from the correct side 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
37cff37305 Manage connection refcnt better 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
af7ce80c85 Remember and clear bind status correctly 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
05f2ac2583 Unify logging output 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
873d6fa3e1 Handle backend unsolicited response properly 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
961b600a42 Rework proxyauthz handling 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
6ee21f1181 Split bind configuration from backends 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
0e7792e8f3 Borrow liblber code to get abandon processing to work 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
7eeb5bb801 Forward controls correctly in the face of proxyauth 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
5b1ad43178 Handle upstream connection shutdown properly 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
c228bd1160 Be consistent with bind responses on no upstream 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
a8a0fe26b0 Documentation updates 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
495dfa69a2 Split client/upstream PDU size limits 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
3fa8a0cdf2 Rename listener-threads to reflect the option 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
1082486874 Only enable verifycredentials if libldap does 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
1dfeca3539 Another attempt at operation/connection destroy interaction. 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
26f721510a Improve logging 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
3f5dee0b79 Keep a list of active clients for shutdown purposes. 
Potentially for timeout detection purposes in the future.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
e0b8bd5fc9 Free all pending operations on shutdown 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
cf05722b6c Lookup operations by saved connid. 
We reset the connection pointer on a destruction attempt, avoid the
spurious asserts.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
f4afc06920 Tweak connection error logging. 
Do not log when receiving the last bytes on a connection. Log failed
writes.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
d020897f5b Initialise listeners after all workers have been 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
37a474b508 Fix error handling wrt. its callers 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
ee288cfc2d Fix refcounting for all code paths 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
53015aa4cb Round robin for backends. 
Several threads calling backend_select might reset current_backend to a
different place, there are two options to deal with that:
- just let the last rotation win (the current approach)
- detect whether first == current_backend and only replace then

Not sure which one is more useful, going with the simpler.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
e65cd38787 Round-robin for upstream connections 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
58a880bc7b Convert backend and upstream management to use CIRCLEQ. 
This alone doesn't make the server do a round robin.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
643194e79e Revert connection/operation mutex order. 
There was still a race where the connection could be freed as the
operation was still being used.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
9ebe5acb62 Clean up events properly 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
8eb7f3fbca Stop the read callback on a dead connection. 
The connection might be ready to read (close) but if we can't destroy it
yet, we don't want the callback to trigger all the time or process new
data.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
6899d0123d Do not bother to write to a dying connection 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
77f2c57132 Reset c_*ber after freeing and check c_pendingber race 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
07b5744c2a Retain a reference around for handle_responses 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
c5584fd32a Do not leak responses to abandoned ops 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
7a29fabd09 Destroy the unbind operation when acted upon 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
9d66c26be5 Operation reference counting 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
ea7e40b8e7 Shutdown handling 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
837a6068e0 Rework client_read_cb along the lines of upstream 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
028f28690f On a failed bind, stop the callback from firing again 
Not a problem but causes a slew of calls to upstream_bind_cb that will
all fail in the same way.
 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
cddc96322d Do not clear c_pendingber on short write 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
fba4bed6e2 connection reference counting 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
c0d254a4ce Do not leak BerElements 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
6c8b2acce0 Do not leak addrinfos 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
8f5bae921e Pending operation tracking and limiting 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
e5fcf17506 Save connection ids on operation for logging purposes 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
54cd3a27f0 Reject operations when binding 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
50f5c4bea7 Report initial bind errors to client 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
2e2c86664a There might be errors before we save the operation in c_ops 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
b6b3f35aac Fix proxyauthz handling 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
8b1703d2a7 Implement backend retry timeouts 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
463bcdd2c4 Update backend progress tracking 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
dc5e2538ec Configuration part for retry timeouts 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
673513a017 Maintain the configured amount of connections per backend 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
798e215ea6 Add connection number config 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
94ee62a4f4 Switch bindkey to use Backend instead of bindconf 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
59291ba4de Proxyauthz support 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
9309bc9402 Make features global 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
639c5912f5 Client authentication 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
e5f68bcf7c Option for response handling 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
4ad8ecd45e Logging improvements 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
f37e7757b1 Response handling, exploit optional bervals 2020-11-17 17:55:45 +00:00
Ondřej Kuzník
2fbc8ca473 Rename backend mutex 2020-11-17 17:42:44 +00:00
Ondřej Kuzník
3d1ea4693e Authenticate the upstream connection if configured 2020-11-17 17:42:44 +00:00
Ondřej Kuzník
5bdb4e1570 Update maximum number or parameters for backend 2020-11-17 17:42:44 +00:00
Ondřej Kuzník
fd5b9cdb91 This is a proxy now 2020-11-17 17:42:44 +00:00
Ondřej Kuzník
93fe1d2bab Operation parsing 2020-11-17 17:42:44 +00:00
Ondřej Kuzník
b49932d637 Connection write support 2020-11-17 17:42:43 +00:00
Ondřej Kuzník
79f7e79f15 Set up connections in the worker threads 2020-11-17 17:15:40 +00:00
Ondřej Kuzník
bf66b48fe3 Upstream connection setup 2020-11-17 17:15:40 +00:00
Ondřej Kuzník
1a45249054 Update connection init 2020-11-17 17:15:40 +00:00
Ondřej Kuzník
8e0a6119fa Startup adjustment 2020-11-17 17:15:40 +00:00
Ondřej Kuzník
c596b797ed Backend configuration 2020-11-17 17:15:40 +00:00
Ondřej Kuzník
46ddb4039c lloadd ahoy 2020-11-17 17:15:40 +00:00
Howard Chu
a87ae275e1 ITS#9394 syncprov: ignore duplicate sessionlog entries 2020-11-17 00:31:56 +00:00
Quanah Gibson-Mount
6492012e00 Remove various unused variables 2020-11-12 18:05:59 +00:00
Howard Chu
9eb948529b ITS#9391 remove asserts in UUIDNormalize() 2020-11-11 18:25:31 +00:00
Ondřej Kuzník
ee49c83976 Cleanup use of *alloc() in daemon.c 2020-11-09 16:57:21 +00:00
Ondřej Kuzník
727ec3ae14 ITS#9386 State change issues are still ignored, but at least log them 2020-11-09 11:51:20 +00:00
Ondřej Kuzník
123001c89d ITS#9386 Address compiler warnings 2020-11-09 11:50:37 +00:00
Howard Chu
6b0fc9e034 ITS#9121 fix filtered memberOf 
Broken in 2c0499ae4e adding nesting
 2020-11-03 01:18:32 +00:00
Howard Chu
c0eeb2b9b8 ITS#9384 remove assert in obsolete csnNormalize23() 2020-11-02 16:01:14 +00:00
Howard Chu
265d362f27 ITS#9383 remove assert in certificateListValidate 2020-11-02 13:12:10 +00:00
Howard Chu
87158469eb ITS#9121 fix dynlist_filter_dup for substring filter 2020-10-30 23:30:28 +00:00
Quanah Gibson-Mount
2f0883d161 ITS#9380 - Fix return type for connection_write_resume 2020-10-29 19:55:37 +00:00
Howard Chu
db46f88853 ITS#9379 reject listener URLs with non-empty DNs 2020-10-28 16:50:23 +00:00
Ondřej Kuzník
98a0029dae ITS#9366 Check ldap_install_tls return and remove connection if failed 2020-10-23 20:38:21 +00:00
Howard Chu
6abfd60078 ITS#9370 revert previous commit, alternate fix 
Just skip normalization if there's no equality rule. We accept
DNs without equality rules already.
 2020-10-19 14:14:54 +01:00
Howard Chu
a08a2db406 ITS#9370 check for equality rule on old_rdn 
We should probably just check in dnNormalize instead, and catch
this everywhere DNs are received. It might make us reject some
DNs that are already in use, though (e.g. received from other
directory servers that don't do schema checking).
 2020-10-19 14:03:41 +01:00
Howard Chu
c1912fb7af ITS#9121 don't process nested memberOf if memberOf wasn't requested 2020-10-13 22:11:44 +01:00
Howard Chu
fb587d3d58 ITS#9361 prevent CSN from being generated for purge deletes 2020-10-02 13:25:52 +01:00
Howard Chu
56860fc405 ITS#9342 delta-syncL ignore add of already existing entry 
if the entryCSN is older. Previous patch breaks if writes are
received out of order, e.g. during a refresh.
 2020-10-01 14:27:24 +01:00
Ondřej Kuzník
efc23cddc3 ITS#9295 Do not replace 'op' 2020-09-30 18:55:34 +00:00
Ondřej Kuzník
20024d5ba8 ITS#9359 Do not create an empty add 2020-09-30 19:25:56 +01:00
Howard Chu
ed949bf287 ITS#9342 delta-sync: ignore add if entryCSN is too old 
This check is only needed for ops received without a CSN in their cookie.
This only occurs when the ops completed out of order on the provider.
 2020-09-30 15:45:04 +00:00
Howard Chu
80a545b5ed Partially Revert "ITS#8486 use kbtree for sessionlog" 
This mostly reverts commit 1915cb968a.
Too many concurrency issues. Retains the improvement to
syncprov_sessionlog_cmp
 2020-09-30 15:11:31 +00:00
Howard Chu
2bbb51e20b ITS#9358 Fix reqStart normalizer 
Don't truncate trailing zeroes in reqStart/reqEnd timestamps
 2020-09-29 09:43:37 +01:00
Ondřej Kuzník
67d005ee65 ITS#9348 Stop using plain strerror() 2020-09-25 12:47:46 +01:00
Quanah Gibson-Mount
f3e86d3d93 ITS#8636 - Fix DESC for deltaCRL attribute 2020-09-25 04:29:59 +00:00
Quanah Gibson-Mount
fe3636df9d ITS#8341 - Add matching rule to the namingContexts attr 2020-09-25 02:05:55 +00:00
Howard Chu
1915cb968a ITS#8486 use kbtree for sessionlog 
Saves about 20% CPU time and RAM
 2020-09-25 00:07:50 +00:00
Ondřej Kuzník
98d5c5c6ce ITS#8486 Protect tavl_* calls in play_sessionlog 2020-09-25 00:07:50 +00:00
Howard Chu
8f8774c0b1 ITS#8486 Minor play_sessionlog cleanup 
Fix logmsg uuidstr.
Shortcut finding start of playback.
Allow dup CSNs in log, but with different UUIDs. All
non-present deletes in a refresh use the same CSN.
 2020-09-25 00:07:50 +00:00
Ondřej Kuzník
d2036cec90 ITS#8486 Switch sessionlog to use TAVL 2020-09-25 00:07:50 +00:00
Ondřej Kuzník
3f5293e145 ITS#5422 Save errno before passing it to Debug() 2020-09-24 23:34:36 +00:00
Howard Chu
c3131eb5a3 ITS#9348 replace all uses of STRERROR with AC_STRERROR_R 
Avoid using sys_errlist unless there's no other choice
 2020-09-24 23:34:36 +00:00
Ondřej Kuzník
1b8e6b944b ITS#9355 Propagate errors from overlay_entry_get_ov 2020-09-23 11:10:29 +01:00
Howard Chu
62ecd38bc4 ITS#8102 syncrepl: only use trylock on the cn=config DB 2020-09-22 21:27:15 +01:00
Quanah Gibson-Mount
a3f186880c ITS#9351 - Always build back-monitor as a static backend 2020-09-21 16:52:33 +00:00
Howard Chu
dd82fa5393 ITS#9353 fix monitor_back_register_database for empty suffix DB 
Use the correct database entry instead of the frontendDB entry
 2020-09-20 16:29:38 +01:00
Quanah Gibson-Mount
bc021bb244 ITS#6749 - Change configure monitor warning to DEBUG CONFIG instead of DEBUG ANY 2020-09-18 14:56:43 +00:00
Howard Chu
331e587754 ITS#9352 syncrepl: fix syncrepl_op_modify on entry with no entryCSN 2020-09-17 20:18:20 +01:00
Gabriel Buades
984ecd113a ITS#9349 slapd-mdb: optimize index delete 
Performance improvement for indexed attributes removal
 2020-09-17 18:21:53 +01:00
Howard Chu
2b512ea79c ITS#9339 Fix syncrepl_monitor_init for dynamic monitor backend 
Calling from backend.c only works if back-monitor is a static backend
 2020-09-17 15:22:01 +01:00
Howard Chu
3e181b8453 Silence stupid warnings 2020-09-16 23:27:45 +01:00
Quanah Gibson-Mount
947b8ed9d6 Fix code indentation for recent changes 2020-09-16 21:13:28 +00:00
Howard Chu
d63287e2f4 ITS#9345 fix for cmdline cookie 
Previous commit could cause cmdline cookie to be ignored
 2020-09-15 15:00:57 +00:00
Howard Chu
afc970b11d ITS#9015 syncprov: fix for zero-length suffix 
If the "" glue entry exists and lacks a contextCSN, must perform
an additional search to be sure the DB is otherwise empty. If so,
skip creating the contextCSN.
 2020-09-15 12:08:22 +01:00
Howard Chu
9a3e63ba00 ITS#9338 alternate fix 
Don't resume pending ops unless there are no other threads
waiting to write
 2020-09-13 08:05:31 +00:00
Howard Chu
57643b4347 ITS#9345 syncrepl: call check_syncprov on freshly started consumer 2020-09-12 21:44:31 +01:00
Howard Chu
ef2b505b20 ITS#9043 Fix new log msg crashes 
Solaris stdio hates NULL pointers
 2020-09-11 23:36:41 +00:00
Howard Chu
fdf6ee5059 ITS#8054 fix etime calculation 
Was overlooked in a0cc1d9655
 2020-09-11 23:01:16 +00:00
Howard Chu
72bfa9d488 ITS#9339 fix connection address handling 
valgrind didn't like accesses to si->si_connaddr
Also fix an array bounds check in ITS#9282 merge_state
 2020-09-10 17:03:32 +00:00
Howard Chu
490273fb97 ITS#8102, #9330 partially revert 
Fix a regression in delta-sync, was returning error on old
CSNs instead of ignoring them
 2020-09-10 16:17:13 +00:00
Ondřej Kuzník
eb5f138650 ITS#9043 Only print sessionlog entries we think will apply 2020-09-10 11:04:29 +01:00
Ondřej Kuzník
fdbeb69fd8 ITS#9043 Nul-terminate csn string 2020-09-10 11:03:37 +01:00
Howard Chu
1748ec59a6 ITS#9339 Add syncrepl status to cn=monitor 
Shows connection address, refresh/persist state, time of last
connect attempt and received data, and last sent and
received cookies per consumer.
 2020-09-10 02:29:19 +00:00
Howard Chu
d1283f8161 ITS#9339 slapd-monitor: Add schema arc for overlays 
Not directly related to syncrepl, but adds a necessary schema arc.
Also add a convenience function for obtaining an entry with known ndn.
Also fix to ignore outbound connections.
 2020-09-10 02:29:19 +00:00
Howard Chu
bf40306581 ITS#9043 tweak syncprov play_sessionlog logging 
Don't log cookiecsn at top, it was already logged on receipt.
Only log the "control csn" and "too old" message once for each sid.
 2020-09-09 18:02:49 +01:00
Howard Chu
e02b1d94ca ITS#8102 serialize plain syncrepl 
Using cs_pmutex. Reverts the addition of cs_modmutex in ITS#9330,
use cs_pmutex for both delta and plain writes.

Note that plain syncrepl already used cs_pmutex when a cookie CSN
was present in the op. Now it is used for all writes, regardless
of presence of cookie.
 2020-09-09 15:35:59 +00:00
Howard Chu
8bd2d1fee8 ITS#9342 delta-sync: ignore error if deleting an already deleted entry 2020-09-09 00:19:35 +01:00
Howard Chu
95c5a1698b ITS#9338 Make sure connection gets rescheduled after write blockage clears up 2020-09-04 18:22:40 +01:00
Howard Chu
0b20b92ec1 ITS#9338 syncrepl: Don't reuse existing connection on Refresh fallback 2020-09-04 18:22:32 +01:00
Howard Chu
ed356c55d9 ITS#9334 slapo-ppolicy re-fix ITS#9302 
The mutex_lock was being skipped in the lockout case,
but still calling mutex_unlock at the end.
 2020-09-03 21:30:35 +01:00
Howard Chu
b24ca75993 ITS#9201 fix LDAP_THREAD_DEBUG 
Add missing defs to ldap_thr_debug.h.
slap tools must init libldap so internal mutexes get inited.
 2020-09-03 12:37:32 +01:00
Quanah Gibson-Mount
b51faa5cf0 Revert "Tweak prev commit for RE24 style debug" 
This reverts commit d224e576a9.

Revert, wrong branch
 2020-09-02 19:33:03 +00:00
Quanah Gibson-Mount
d224e576a9 Tweak prev commit for RE24 style debug 2020-09-02 19:31:59 +00:00
Howard Chu
4c7787303c ITS#9121 fix for URLs with no filter 2020-09-02 01:34:07 +01:00
Howard Chu
41396248a2 ITS#9282 more for merge_state 
Don't assume si_cookieState is always newer
 2020-08-31 20:09:52 +01:00
Howard Chu
8699e5f32e ITS#9282 fix crash in nonpresent_callback 
In a standard Refresh present phase, the provider sends no cookie
since it is only listing the entries that existed as of the time
in the cookie the consumer sent. In this case the consumer only
needs to check entryCSNs against its last sent cookie.
 2020-08-31 19:36:10 +01:00
Howard Chu
0ce83b26af ITS#9330 Fully serialize delta-sync 
Don't depend on accesslog overlay's serialization
 2020-08-29 01:13:04 +00:00
Howard Chu
edc94862b7 ITS#7639 fix crash in config_delete 
Additional fix to 41352ea34d
The overlay must be deleted from the backend before the
callback can execute. In particular, it must be done before
the threadpool is unpaused.
 2020-08-29 00:13:19 +00:00
Howard Chu
f883a57593 ITS#8427 don't set tls_ctx if TLS wasn't requested 
Also, set any remaining TLS options that weren't carried along
in the TLS ctx.
 2020-08-28 18:44:35 +01:00
Quanah Gibson-Mount
8d31219647 More for ITS#8845, skip cleanup on async op with extended operations 2020-08-26 21:55:39 +00:00
Howard Chu
9900794af1 ITS#9329 Re-fix merge_state 
A bit uglier but more straightforward.
 2020-08-26 21:00:00 +01:00
Quanah Gibson-Mount
c1411b8199 ITS#9323 - Limit to OpenSSL 1.0.2 or later 2020-08-25 21:52:04 +00:00
Howard Chu
9666306d86 ITS#9329 syncrepl: fix regression from ITS#9282 2020-08-25 21:13:22 +00:00
Fabrice Fontaine
8df03b435e ITS#9327 - Fix stripping when cross-compiling 
Probably-Signed-off-by: Dave Bender <bender@benegon.com>
[yann.morin.1998@free.fr: patch was made by Dave, but he
 forgot his SoB line, so I added it]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Retrieved from:
https://git.buildroot.net/buildroot/tree/package/openldap/0001-fix_cross_strip.patch]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 2020-08-25 19:54:59 +00:00
Howard Chu
5aa7e0f69b ITS#9324 syncrepl: don't wait forever in Refresh mode 
Just poll for available data, same as Persist mode.
Clarify retry/return states from do_syncrep2
 2020-08-24 15:12:24 +00:00
Howard Chu
88e569d857 ITS#9249 librewrite: fix malloc/free corruption 
If substitution parsing fails, would attempt to free a mapping
that hadn't been allocated yet.

Also, on failure, caller in saslauthz would attempt to free a
rwinfo struct that hadn't been allocated.
 2020-08-23 19:32:51 +00:00
Fredrik Roubert
8a521c17aa ITS#9232 - Implement caseIgnoreListSubstringsMatch. 2020-08-21 21:45:19 +00:00
Quanah Gibson-Mount
aa78299346 ITS#9311 - Correctly mark overlays as singular 2020-08-21 19:34:27 +00:00
Howard Chu
650b1404c2 ITS#9054, #9318 add new TLS options to slapd bindconf 
For use with back-ldap/back-meta/syncrepl/etc
 2020-08-21 20:06:56 +01:00
Howard Chu
12e11c9b84 ITS#9121 slapo-dynlist, -memberof: define memberOf if needed 
Ignore if it's defined already. Make it no-user-mod.
 2020-08-18 23:49:26 +00:00
Howard Chu
9d2f15307d ITS#7926 dynamic changes to olcListenerThreads 
Reallocates sockets from old to new listener threads
 2020-08-18 22:37:50 +01:00
Howard Chu
2f94318f06 ITS#7926 support multiple config cleanup functions per op 
Prep for main changes
 2020-08-18 22:00:58 +01:00
Howard Chu
b0d7308371 ITS#9135 fix index error on collapsed range 2020-08-13 18:18:45 +01:00
Quanah Gibson-Mount
00b14b1e28 ITS#9133 - Fix syncprov to be singular. 2020-08-10 23:41:07 +00:00
Howard Chu
633d40b0ac For ITS#9309 fix check for duplicate overlays 
and pass error message back to frontend
 2020-08-10 16:40:54 +01:00
Howard Chu
c8c39b8468 ITS#9309 don't allow ppolicy to be configured more than once on a backend 2020-08-10 16:07:39 +01:00
Howard Chu
8849d83f75 ITS#9279 fix Netscape password_expired control 2020-08-04 22:04:14 +00:00
Howard Chu
138c492696 ITS#9302 fix pwdFailireTime mutex scope 2020-07-30 17:53:25 +01:00
Arvid Requate
0e675be7ef ITS#9302 ppolicy: avoid pwdFailureTime race condition 2020-07-30 17:32:32 +01:00
Howard Chu
4cf90e84de ITS#9295 use replace on single-valued attrs 
For delta-sync as well as regular sync
 2020-07-29 16:15:42 +01:00
Ondřej Kuzník
917fcc03ee ITS#9279 Send Netscape expired control as a bare string 2020-07-27 14:22:24 +02:00
Ondřej Kuzník
43ebfa8fb4 ITS#6467 Make accesslog a possible sessionlog source 2020-07-22 22:25:10 +01:00
Ondřej Kuzník
66a743f119 ITS#6467 Record minCSN in audit container 2020-07-22 22:25:10 +01:00
Ondřej Kuzník
4b62f3b8d2 ITS#8645 Check for all syncrepl errors 2020-07-22 20:22:50 +00:00