upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-22 07:39:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
23926 commits 38 branches 309 tags 68 MiB
Commit graph

1041 commits

Author SHA1 Message Date
Quanah Gibson-Mount
7a8f7c6efb ITS#9490 - Fix typo 2021-03-05 15:59:17 +00:00
Quanah Gibson-Mount
932d18fdc1 ITS#8724 - Note that paged results is stripped 2021-03-04 21:44:38 +00:00
Quanah Gibson-Mount
5d5f431868 ITS#9490 - Add keepalive settings to ldap.conf 2021-03-04 17:11:35 +00:00
Quanah Gibson-Mount
fc0cb887c3 Revert "ITS#8977 - Remove documentation for idlexp" 
This reverts commit a40f6bff89.
 2021-03-02 19:56:51 +00:00
Ondřej Kuzník
6bfdb0342d ITS#8215 Some more slapmodify manpage tweaks 2021-03-02 19:08:50 +00:00
Quanah Gibson-Mount
2ec44a11ab ITS#8454 - Add detailed information about auditlog format 2021-02-26 20:13:47 +00:00
Quanah Gibson-Mount
51462ca0ee ITS#8659 - Add missing data on auditlog schema 
Add missing objectClass auditContainer
Add missing attribute reqMod to auditModRDN objectClass
 2021-02-26 17:01:12 +00:00
Ondřej Kuzník
34b95c520e ITS#9438 Add remoteauth overlay 2021-02-25 22:11:39 +00:00
Quanah Gibson-Mount
dc6aab1f7d ITS#8665 - Document limits restrictions for glued databases 2021-02-25 00:48:05 +00:00
Ondřej Kuzník
3925b8e009 ITS#7259 Clarify password length considerations 2021-02-24 13:19:40 +00:00
Quanah Gibson-Mount
a40f6bff89 ITS#8977 - Remove documentation for idlexp 
The idlexp feature depends on additional work that is not yet done. Remove documentation for the feature
 2021-02-18 18:47:40 +00:00
Ondřej Kuzník
e6cf237802 ITS#9180 Mark memberof deprecated 2021-02-18 16:28:12 +00:00
Jan Synacek
c25fa7b0e5 ITS#7744 Fix TLS_REQCERT description 2021-02-18 14:45:51 +00:00
Howard Chu
dfd8515e8e ITS#8861 clarify tls keyword 2021-02-18 14:33:16 +00:00
Howard Chu
70a7f51742 ITS#7795 more detail for "manage" priv 2021-02-18 13:23:47 +00:00
Quanah Gibson-Mount
c9c0e9f05c ITS#8248 - Clarify documentation around logfile directive 2021-02-17 21:00:55 +00:00
Quanah Gibson-Mount
ce2c5173bd ITS#9161 - Fix various typos 
Fix a number of different typos across the code base
 2021-02-17 18:42:46 +00:00
Quanah Gibson-Mount
71213e6938 ITS#8132 - Clarify wording on serverID. 2021-02-17 17:33:48 +00:00
Quanah Gibson-Mount
97ba684c9e Fix typo 2021-02-17 17:28:33 +00:00
Karl O. Pinc
7077dc3138 Better explanation of when access control processing stops 2021-02-17 15:02:33 +00:00
Karl O. Pinc
2b402a5f34 Improve authzFrom and authzTo docs 2021-02-17 15:02:22 +00:00
Ondřej Kuzník
d3fca1364b ITS#9102 Update secprop documentation 2021-02-17 13:24:00 +00:00
Howard Chu
9090dd727b ITS#7584 packets, BER, and parse loglevels 
Note these are only valid for debug output, not syslog
 2021-02-15 18:09:47 +00:00
Howard Chu
0b769a4490 ITS#6694 reorganize unchecked/pagedresults limits descriptions 2021-02-15 13:40:58 +00:00
David Barchiesi
0799f58533 ITS#9442 Add negregex constraint type for not allowing values based on a regex. 2021-01-28 18:54:03 +00:00
Quanah Gibson-Mount
e768dcd062 ITS#6406 - Note accesslog storage requirements 
Update slapo-accesslog(5) man page to note that the database backend storing the data must support an ordered return of results.
 2021-01-26 18:06:05 +00:00
Quanah Gibson-Mount
7d096281ef ITS#8214 - Fix man page to require rwm prefix 2021-01-26 15:59:43 +00:00
Quanah Gibson-Mount
efaf9a4a17 Happy New Year! 2021-01-11 19:25:53 +00:00
Howard Chu
354e678ce9 ITS#9426 dynlist: don't add unexpanded groups at end of search 
if pagedResults is in use
 2020-12-15 22:55:47 +00:00
Ondřej Kuzník
b49f51879f Implement client pending operation limits 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
25a4d684fc Permit lloadd to share slapd TLS context 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
513659c610 Document config behaviour 2020-11-17 17:58:15 +00:00
Nadezhda Ivanova
678fa100f7 Convert the load balancer into a backend 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
0cfd4fca4d Make timeouts common and redo connection read timeouts 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
ccf75c96c4 Update write timeout to timeval 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
7b413f9ed4 Update docs and defaults 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
9d3b998abd Document new bind configuration 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
a8a0fe26b0 Documentation updates 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
495dfa69a2 Split client/upstream PDU size limits 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
3fa8a0cdf2 Rename listener-threads to reflect the option 2020-11-17 17:55:46 +00:00
Ondřej Kuzník
8d85912ab9 lloadd documentation 2020-11-17 17:55:46 +00:00
Quanah Gibson-Mount
4041848587 Add documentation on ACL requirements for psuedo-attribute entryDN 
Also fix up the example for replacing the memberOf overlay
 2020-11-10 23:30:47 +00:00
Quanah Gibson-Mount
e749750a8f ITS#8159 - Add missing "hard" parameter to size.prtotal 2020-09-01 19:40:36 +00:00
Quanah Gibson-Mount
04124c1f70 ITS#8175 - Fix missing descriptions for olcDisallows for proxy_authz_non_critical and dontusecopy_non_critical 2020-09-01 18:04:06 +00:00
Howard Chu
d5ed7c5027 ITS#9054, #9318 document new TLS options in slapd 2020-08-28 11:09:25 +01:00
Howard Chu
608a822349 ITS#9318 add TLS_REQSAN option 
Add an option to specify how subjectAlternativeNames should be
handled when validating the names in a server certificate.
 2020-08-21 18:05:08 +00:00
Howard Chu
2386a11649 ITS#9054 Add support for multiple EECDH curves 
Requires OpenSSL 1.0.2 or newer
 2020-08-21 07:58:07 +01:00
Ondřej Kuzník
43ebfa8fb4 ITS#6467 Make accesslog a possible sessionlog source 2020-07-22 22:25:10 +01:00
Quanah Gibson-Mount
3716245fec Issue#8511 - Update documentation and configs to correctly use multiprovider 2020-07-22 19:32:49 +00:00
Ondřej Kuzník
a49b553676 ITS#9279 Implement Netscape password policy controls in ppolicy 2020-07-22 18:57:38 +00:00
Howard Chu
c470af3749 ITS#9121 add examples to manpage 2020-07-22 15:11:24 +00:00
Howard Chu
2c0499ae4e ITS#9121 support nested groups 2020-07-22 15:11:24 +00:00
Howard Chu
9210ed1618 ITS#9121 add dynamic memberOf support for static groups 2020-07-22 15:11:24 +00:00
Ondřej Kuzník
c7b008eede ITS#8701 Fix documentation 2020-07-21 10:48:47 +01:00
Quanah Gibson-Mount
21eef84a49 ITS#9275 -- Update wording to remove slave and master terms, consolidate on provider/consumer 2020-07-18 16:27:04 +00:00
Quanah Gibson-Mount
b180833da8 ITS#9020 - Fix typo 2020-07-14 15:22:25 +00:00
Ondřej Kuzník
bdc9dbc511 ITS#8701 Implement account usability in ppolicy 2020-07-07 16:43:37 +01:00
Ondřej Kuzník
376d5d65cb ITS#7084 ACL of 'manage' gives pasword administrator access 
Password administrators can bypass safeModify, password quality checks
and trigger reset if policy instructs the server to.
 2020-07-03 20:42:14 +00:00
Quanah Gibson-Mount
58c978825c Issue#9020 - Use consistent namespaces for overlays 2020-06-22 20:44:12 +00:00
Quanah Gibson-Mount
f926e66723 ITS#8873 - Delete obsolete configuration options from back-ldap, back-meta, and back-asyncmeta 2020-05-26 19:59:56 +00:00
Howard Chu
9183abe62c ITS#9264 add an optional lock to slapo-unique 2020-05-22 15:08:20 +01:00
Quanah Gibson-Mount
005c870d68 ITS#8154 - olcTimeLimit and olcSizeLimit are single valued, fix docs 2020-05-18 20:49:25 +00:00
Quanah Gibson-Mount
83217b9842 ITS#8614 - documentation updates 2020-05-18 19:37:47 +00:00
Ryan Tandy
9282e6edea ITS#8155 Support cacertdir with GnuTLS 2020-05-14 07:56:28 -07:00
Isaac Boukris
3cd50fa8b3 ITS#9189 rework sasl-cbinding support 
Add LDAP_OPT_X_SASL_CBINDING option to define the binding type to use,
defaults to "none".

Add "tls-endpoint" binding type implementing "tls-server-end-point" from
RCF 5929, which is compatible with Windows.

Fix "tls-unique" to include the prefix in the bindings as per RFC 5056.
 2020-04-23 21:00:39 +02:00
Quanah Gibson-Mount
a019e7fe1a ITS#9207 - Remove MozNSS code and documentation 2020-04-20 21:38:01 +00:00
Ondřej Kuzník
6d6a330057 ITS#8245 Use Relax control to avoid uniqueness checks 
Still needs to retrieve the entry for ACL resolution until we can
restrict controls with ACLs.
 2020-04-06 20:44:09 +00:00
Quanah Gibson-Mount
a5b8a41c13 ITS#9003 
Note that with slapd-ldap, the special character "*" actually allows anonymous rather than denies, as is the case with authz-policy
 2020-04-01 19:40:27 +00:00
Ondřej Kuzník
ba290f1c35 ITS#9156 Document ppolicy changes 2020-01-23 23:47:14 +00:00
Ondřej Kuzník
419b9ad202 ITS#9156 Implement pwdMaxIdle 2020-01-23 23:46:58 +00:00
Quanah Gibson-Mount
f6ad222e41 Happy New Year! 2020-01-09 16:50:21 +00:00
Howard Chu
90b0abd894 ITS#9121 dynlist enhancements 
1) allow filtering on dynamic attribute values
2) populate an optionally configured memberOf attribute

test044 script still needs to be extended to test these
enhancements. We need to define an interim attributeType
for testing memberOf functionality.
 2019-12-16 18:31:12 +00:00
Ondřej Kuzník
5b304a3ae6 ITS#9071 Document "tls none" for back-ldap 2019-08-30 14:02:31 +01:00
Quanah Gibson-Mount
efbfc1fe95 ITS#9065 - Document correct attribute pwdGraceAuthnLimit 2019-08-19 15:45:31 +00:00
Quanah Gibson-Mount
7cc34fa722 ITS#9063 -- Fix missing bold tag for tls_reqcert 2019-08-12 23:49:50 +00:00
Quanah Gibson-Mount
c4df431c6c ITS#8977 - Note allowed value range for idlexp 2019-06-26 18:15:32 +00:00
Ondřej Kuzník
17b5b3d7f8 Separate VERSION to its own paragraph 2019-06-21 13:44:06 +02:00
Quanah Gibson-Mount
ec2cb12e68 ITS#9010 - Delete back-bdb/back-hdb 
This commits deletes all references and code for back-bdb and back-hdb.
There is some follow up work still necessary to flush out the admin
guide for back-mdb.
 2019-05-13 17:20:28 +00:00
Ondřej Kuzník
a5ad0e0643 ITS#8693 Tweak previous commit 2019-05-08 15:31:13 +01:00
Ondřej Kuzník
a4e2d5c501 ITS#8693 Document unused but generated starttls parameter 2019-05-08 15:12:08 +01:00
Quanah Gibson-Mount
6d79439630 ITS#8881 - Note MDB is the primary backend 
Update to note that MDB is the primary backend and HDB/BDB are
deprecated.
 2019-04-17 23:52:51 +00:00
Quanah Gibson-Mount
c5ad08c1a4 ITS#8771 - Note back-mdb is recommended 
Commit 279594c22f officially marked
slapd-mdb as being the recommended backend for OpenLDAP, superseding
back-hdb.  This man page was missed during that update.
 2019-04-17 23:49:08 +00:00
Nadezhda Ivanova
bb7e14d201 ITS#8734 Fixes for many back-asyncmeta issues 
Includes all the changes necessary to fix back-asyncmeta issues
discovered during on-site testing since the start of 2016.
These include:
Issues with stability - crashes and assetion failures
Incorrect behavior during unstable network conditions, such as inability to reset connections
or process responses, or "hanging" to wait for a response that would never be received.
Memory leaks and memory management fixes - major redesign of the way back-asyncmeta
works with memory contexts.
Rewrite was replaced with suffix-massage in configuration, and the network-timeout value was changed to milliseconds.
Incorrect behavior when SASL is used to bind to a target.
Many problems caused by race conditions
Fixes for compiler warnings, and tests.
Cleanup of unused code.
 2019-02-28 16:22:11 +00:00
Howard Chu
c8b806b676 ITS#8977 make IDL size configurable 2019-02-15 14:37:51 +00:00
Quanah Gibson-Mount
b45a6a7dc7 Happy New Year! 2019-01-14 18:46:16 +00:00
Howard Chu
52ace4554e More for privateKey tweak 2018-12-18 21:56:18 +00:00
Quanah Gibson-Mount
3add82a3bb ITS#8286 -- Add matching rules for attributes 
Add matching rules for all cases where it was missing.  Cleanup
incorrect types for a few attributes as well.  Fix network-timeout
handling in back-ldap/meta/asyncmeta.
 2018-12-18 19:14:06 +00:00
Quanah Gibson-Mount
9d4a5f64b6 Change backend reference from slapd-bdb to slapd-mdb 2018-11-14 21:28:01 +00:00
Howard Chu
111329a2dc More for back-mdb multival 
Allow configuring thresholds for specific attributes
 2018-08-30 11:24:25 +01:00
Ondřej Kuzník
18afc2446d Fix quoting example 2018-06-14 16:19:10 +01:00
Quanah Gibson-Mount
59e9ff6243 Happy New Year 2018-03-22 15:35:24 +00:00
Howard Chu
f183b81a68 ITS#8818 SASL_MECH/SASL_REALM are not user-only 
Changed as of ITS#4327 commit 86d10729
 2018-03-13 18:57:53 +00:00
Ondřej Kuzník
4035016796 ITS#6656 Docs for reqEntryUUID 2017-10-26 11:53:50 +01:00
Josh Soref
10566c8be3 ITS#8605 - spelling fixes 
* javascript
* kernel
* ldap
* length
* macros
* maintained
* manager
* matching
* maximum
* mechanism
* memory
* method
* mimic
* minimum
* modifiable
* modifiers
* modifying
* multiple
* necessary
* normalized
* objectclass
* occurrence
* occurring
* offered
* operation
* original
* overridden
* parameter
* permanent
* preemptively
* printable
* protocol
* provider
* really
* redistribution
* referenced
* refresh
* regardless
* registered
* request
* reserved
* resource
* response
* sanity
* separated
* setconcurrency
* should
* specially
* specifies
* structure
* structures
* subordinates
* substitution
* succeed
* successful
* successfully
* sudoers
* sufficient
* superiors
* supported
* synchronization
* terminated
* they're
* through
* traffic
* transparent
* unsigned
* unsupported
* version
* absence
* achieves
* adamson
* additional
* address
* against
* appropriate
* architecture
* associated
* async
* attribute
* authentication
* authorized
* auxiliary
* available
* begin
* beginning
* buffered
* canonical
* certificate
* charray
* check
* class
* compatibility
* compilation
* component
* configurable
* configuration
* configure
* conjunction
* constraints
* constructor
* contained
* containing
* continued
* control
* convenience
* correspond
* credentials
* cyrillic
* database
* definitions
* deloldrdn
* dereferencing
* destroy
* distinguish
* documentation
* emmanuel
* enabled
* entry
* enumerated
* everything
* exhaustive
* existence
* existing
* explicitly
* extract
* fallthru
* fashion
* february
* finally
* function
* generically
* groupname
* happened
* implementation
* including
* initialization
* initializes
* insensitive
* instantiated
* instantiation
* integral
* internal
* iterate
 2017-10-11 14:39:38 -07:00
Quanah Gibson-Mount
9bef357403 ITS#6475 - Man page updates to slapd.conf/slapd-config for the new olcSaslAuxpropsDontUseCopy and olcSaslAuxpropsDontUseCopyIgnore parameters for use with SASL/OTP 2017-10-11 14:31:01 -07:00
Ted C. Cheng
e20ac6b539 ITS#7520 - back-ldap omit-unknown-schema changes 2017-10-06 10:44:31 -07:00
Quanah Gibson-Mount
44b9fd1c81 ITS#5048 - index on entryCSN is mandatory 2017-10-06 10:39:43 -07:00
Michael Ströder
b65e0b5731 ITS#8714 Send out EXTENDED operation message from back-sock 2017-09-06 15:32:28 +01:00
Quanah Gibson-Mount
0f80e05eeb ITS#8715 Fix typo with olcTLSCiphersuite 2017-08-21 09:19:12 -07:00
Quanah Gibson-Mount
17cc93d570 ITS#8713 Delete stub man page for LDBM 2017-08-16 08:50:39 -07:00