The old monitoring stuff has been removed; the new backend is
enabled by using --enable-monitor at configure time and requires
database monitor
in slapd.conf to be activated. At present it implements a subset
of the old monitoring options, and it should be extendable to
a number of different subsystems. The search operation has been
implementd; it does not honor abandon or size/time limits, though.
The compare and the abandon operations are planned.
Copyright Pierangelo Masarati <ando@sys-net.it>; the code is provided
AS IS with NO GUARANTEE. It can be used and distributed under the
conditions stated by the OpenLDAP Public License.
- librewrite, for string rewriting; it may be used in back-ldap
by configuring with '--enable-rewrite'. It must be used in
back-meta. There's a text file, 'libraries/librewrite/RATIONALE',
that explains the usage and the features. More comprehensive
documentation will follow.
- enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137)
including dn rewriting, a fix to group acl matching and so
- back-meta: a new backend that proxies a set of remote servers
by spawning queries. It uses portions of back-ldap and the rewrite
capabilities of librewrite. It can be compiled by configuring
with `--enable-ldap --enable-rewrite --enable-meta'.
There's a text file, 'servers/slapd/back-meta/Documentation', that
describes the main features and config statements.
Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as
my autoconf version must be different: my configures contain a number
of differences and I didn't feel comfortable in adding them :)
Copyright 2000, Caldera Systems, Inc All rights reserved.
This software is not subject to any license of Caldera Systems, Inc
This is free software; you can redistribute and use it
under the same terms as OpenLDAP itself
(I previously said I'd only do this in re20 but its easier to do
here... and no big deal for those wanting to work on it to
define the macro via the environment)
configure.in: check for AIX security library, set in AUTH_LIBS macro
top.mk: add AUTH_LIBS macro to SECURITY_LIBS
portable.h.in: added HAVE_AIX_SECURITY macro (via autoheader)
passwd.c: use AIX getuserpw in chk_unix. Also fix logic in chk_unix:
getpwnam must always succeed for the given user. It is not a
fatal error if getspnam returns no result for the user: On
systems that support /etc/shadow, its usage is optional. The
same logic applies for AIX, SCO/HP SecureWare, etc.
plus these changes unhidden changes:
remove now meaning --enable-discreteaci configure option
fix ITS#451, slapd filters
Add ber_bvecadd() to support above
constify ldap_pvt_find_wildcard() and misc slapd routines
renamed some slap.h macros
likely broken something
simple bind via:
{KERBEROS}principal
Code is disabled by default (for security reasons). Use
--enable-kpasswd to enable. Behind SLAPD_KPASSWD.
Reworked Kerberos detection and split out KBIND as independent
feature (--disable-kbind) (LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND).
KBIND depends upon detection of KRB4 (or KRB425) support. Detection,
building with eBones (as distributed with FreeBSD 3.4) okay, but
wasn't able to test as I don't have a K4 KDC handy.
--with-kerberos has a number of detection options... most likely
don't work properly.
support for DCE slash-delimited, left-to-right DNs;
support for a domain socket transport (enable with
--enable-ldapi); and extensions to URL parsing to
support the latter transport.
manual push bytes about. Allows ber_*_t to be any 32-bit or
larger type. Reworked AC_{HTON,NTOH}{L,S} macros to care only
about 32-bit (netlong) and 16-bit (netshort) reordering as
needed for BSD socket interface.
