openldap

mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-23 16:19:35 -05:00

Author	SHA1	Message	Date
Kurt Zeilenga	da6d9eb046	happy new year	2007-01-02 20:00:42 +00:00
Howard Chu	64a2dbf9d4	ITS#4741 fix error check from external password quality module	2006-11-09 04:06:37 +00:00
Howard Chu	e9ecaa5d81	ITS#4692 entries without pwdChangedTime attribute have non-expiring pw	2006-10-03 09:25:54 +00:00
Howard Chu	e04275ca04	Use register_at / register_oc	2006-09-13 13:26:56 +00:00
Pierangelo Masarati	d95b88da21	plug slapo-ppolicy related leaks (ITS#4665)	2006-09-03 10:53:38 +00:00
Pierangelo Masarati	f797bc49a7	minor cleanup	2006-08-31 17:34:01 +00:00
Pierangelo Masarati	5d3121902f	Add single-password constraint; NOTE from ppolicy.c: /* FIXME: there's no easy way to ensure * that add does not cause multiple * userPassword values; one way (that * would be consistent with the single * password constraint) would be to turn * add into replace); another would be * to disallow add. * * Let's check at least that a single value * is being added */	2006-08-28 12:44:39 +00:00
Kurt Zeilenga	d3e288dffe	s/managedit/relax/ #unifdef -DSLAP_RELAX	2006-08-22 23:31:46 +00:00
Howard Chu	11a0ea514a	Tone down default ppolicy msg	2006-08-07 23:33:03 +00:00
Howard Chu	9f75c6a43d	ITS#4634 always init pp->ad	2006-08-07 22:40:51 +00:00
Howard Chu	23a6aa373b	ITS#4596 control can be critical	2006-07-02 02:50:13 +00:00
Pierangelo Masarati	103392b9a3	fix scheme recognition (ITS#4575)	2006-06-13 19:45:11 +00:00
Howard Chu	16448bf347	Fix prev commit	2006-06-05 21:26:23 +00:00
Howard Chu	e1b17653d6	Fix ITS#4576 reset restrict after successful pw mod	2006-06-05 20:13:40 +00:00
Howard Chu	bec0b4ef89	Add dynamic config support for auditlog and ppolicy	2006-05-30 11:49:16 +00:00
Howard Chu	a0ee28698c	ITS#4516 clear restricted status if other Binds have succeeded	2006-05-11 13:39:44 +00:00
Howard Chu	478ae2346e	PPOLICY_ERROR is primitive, not constructed	2006-04-22 00:23:44 +00:00
Howard Chu	449188fb73	Fix EXPIRE/GRACE tags in control value	2006-04-21 23:45:29 +00:00
Howard Chu	c2b660f3d7	ITS#4355 timestamps must be normalized	2006-01-19 22:16:23 +00:00
Kurt Zeilenga	acbb5cf689	Happy new year!	2006-01-03 23:11:52 +00:00
Pierangelo Masarati	98936ee3c4	streamline overlay configuration	2005-11-25 12:43:43 +00:00
Pierangelo Masarati	d34fffcaf9	use lutil_ato*() whenever appropriate	2005-11-24 01:10:05 +00:00
Howard Chu	c5cf54dddf	Fix Add password_hash to not depend on password quality configuration	2005-11-16 18:51:56 +00:00
Pierangelo Masarati	a6453f28f8	silence warnings	2005-11-06 23:27:09 +00:00
Howard Chu	19f6e2d943	ITS#4148 fix replica mods	2005-11-05 08:50:16 +00:00
Howard Chu	e0ec0a21c2	ITS#4134 additional fix	2005-11-03 00:51:57 +00:00
Howard Chu	82db113f32	ITS#4134 delete pwdFailureTime on password reset	2005-11-03 00:35:46 +00:00
Howard Chu	20cb8f49f9	ITS#4025 add pretty/normal for pwdAttribute that recognizes descr's as well as numeric OIDs	2005-09-27 16:15:59 +00:00
Howard Chu	92909f0682	ITS#3980 fix when master doesn't explicitly reset grace/lock attrs	2005-09-04 23:44:04 +00:00
Howard Chu	1e4d973616	ITS#3980, filter out some delete modifications on replicas if target attrs don't exist	2005-09-04 16:22:30 +00:00
Howard Chu	36db408d0e	Add missing return from rev 1.27	2005-09-02 21:27:49 +00:00
Howard Chu	f4637d60c2	per LDAPext discussion, delete pwdAccountLockedTime on password change	2005-09-02 20:38:05 +00:00
Howard Chu	f1561ac4b5	Bypass all add/modify checks on replicas, the master has done them already.	2005-09-02 20:23:32 +00:00
Howard Chu	d7122627fa	Leave pwdPolicySubEntry user-modifiable for now	2005-08-26 00:19:08 +00:00
Howard Chu	ef220ac1ef	Updated for draft 09, allow MANAGE for operational attrs.	2005-08-23 19:37:16 +00:00
Pierangelo Masarati	e066ec210e	merge sml_managing into sml_flags (SLAP_MOD_MANAGING)	2005-08-18 08:48:10 +00:00
Pierangelo Masarati	9487629061	zero out sml_managing any time a Modifications is built (use calloc?)	2005-08-18 08:12:26 +00:00
Howard Chu	315c4a3b72	ITS#3946 reset lockout status at beginning of all Binds	2005-08-18 07:05:56 +00:00
Howard Chu	d247840d6b	ITS#3946 use connection_destroy hook to reset lockouts instead of unbind	2005-08-17 16:42:22 +00:00
Luke Howard	71d76fbeba	slap_mods2entry() should not zero pointers into the modifications list because checking is performed on these, rather than the entry. slap_mods_free() now takes an extra argument indicating whether to free the values or not.	2005-08-01 02:16:02 +00:00
Hallvard Furuseth	81ecb0b153	assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL).	2005-07-18 06:22:33 +00:00
Hallvard Furuseth	7ab3d2c245	Silence warnings	2005-07-14 19:32:21 +00:00
Howard Chu	b131aab00e	Streamline call to lutil_passwd_scheme	2005-07-08 06:05:02 +00:00
Hallvard Furuseth	f841c364eb	Format fixes (%d<->%lu etc)	2005-07-06 05:53:02 +00:00
Howard Chu	b6aa697000	ITS#3779 fix pwdLockoutDuration handling	2005-06-15 21:21:12 +00:00
Howard Chu	60339c7f77	ITS#3777 fix scheme comparison	2005-06-15 03:06:48 +00:00
Howard Chu	21b8be393a	Add slap_timestamp(), use mutex in slap_get_csn()	2005-06-07 04:12:14 +00:00
Howard Chu	8f58409749	Add SLAP_MOD_INTERNAL flag to Modifications, allow internal ops to bypass ACL checks when modifying user-modifiable attributes as non-root user.	2005-06-04 09:44:39 +00:00
Pierangelo Masarati	58abc661f6	"restrict" is a c99 keyword (ITS#3739)	2005-05-21 00:15:16 +00:00
Howard Chu	54eb6f539c	Remove redundant def	2005-05-06 01:45:44 +00:00
Howard Chu	59de8333d0	Fix ppolicy libltdl usage on Win32	2005-04-26 12:54:24 +00:00
Howard Chu	855f7d44e9	pwdReset was not supposed to be NO-USER-MODIFICATION	2005-04-22 18:42:52 +00:00
Howard Chu	5158e46d59	Note draft 8 in comment	2005-04-22 09:10:06 +00:00
Howard Chu	3400b96d71	ITS#3655 patch from Ralf rhafer@suse.de update to draft 8 behavior	2005-04-22 09:09:12 +00:00
Howard Chu	5aed76fe78	ITS#3573, mark pwdChangedTime, pwdGraceUseTime, pwdExpirationWarned, pwdHistory, and pwdReset NO-USER-MODIFICATION	2005-04-12 10:58:50 +00:00
Howard Chu	119cbcaba4	Schema unparsing support	2005-03-21 08:31:48 +00:00
Howard Chu	fba9235d0f	Add HARDCODE schema flags	2005-03-21 00:22:54 +00:00
Pierangelo Masarati	5b193c218f	fix dynamically registered controls check; NOTE: controls registered by global overlays don't work yet; better leave Kurt's kludge in place right now	2005-01-25 19:39:56 +00:00
Kurt Zeilenga	28b5df9a90	Hide "work in progress"	2005-01-25 05:35:54 +00:00
Howard Chu	aa913f1bef	Use be_shadow_update, not be_isupdate	2005-01-13 19:02:08 +00:00
Pierangelo Masarati	f40527ef49	fix ACL value checking for bind (ITS#3446)	2005-01-07 13:57:16 +00:00
Kurt Zeilenga	dc0eacd40b	Happy New Year!	2005-01-01 20:49:32 +00:00
Howard Chu	30a6f4d24d	Better fix for ITS#3365, manage back-bdb's read locks so frontend/etc. don't need to worry about them.	2004-12-05 02:00:19 +00:00
Howard Chu	996354e2dd	Pass entire entry to password_quality check module, not just attrs	2004-12-01 16:01:04 +00:00
Howard Chu	47dd8d8732	Dynamic control management	2004-11-23 13:08:45 +00:00
Howard Chu	e4c231fe0c	Only use libltdl #if SLAPD_MODULES is defined, otherwise ignore external pwdCheckModules.	2004-11-05 08:57:05 +00:00
Howard Chu	1df6d76269	Add ppolicy_hash_cleartext config keyword, hash Adds as well as Modifies. Changed check_pw_quality callback to pass entry's Attributes in final arg.	2004-10-07 04:07:17 +00:00
Howard Chu	7e87f54716	Revert ITS#3353 patch, it needs to be reworked.	2004-10-06 05:51:38 +00:00
Howard Chu	fda3d6260e	ITS#3353 consolidate slapd globals into a single struct	2004-10-01 07:33:16 +00:00
Howard Chu	e014144f98	Move time parsers from ppolicy.c to liblutil; preserve greater precision	2004-09-28 12:23:37 +00:00
Howard Chu	89b03a1c7e	Make ppolicy_add consistent with ppolicy_modify - don't add pwdChangedTime opattr on replicated entries.	2004-09-21 00:14:28 +00:00
Kurt Zeilenga	d611a4b49a	unifdef -UNEW_LOGGING	2004-09-04 04:54:28 +00:00
Howard Chu	77df33a164	Fix crash on modify if userpassword didn't exist yet	2004-08-15 22:23:58 +00:00
Howard Chu	a14bda1df4	strptime is unreliable, just parse time ourselves	2004-07-18 18:28:16 +00:00
Pierangelo Masarati	657e580bbe	fix schema initialization when built as module...	2004-05-13 23:33:14 +00:00
Howard Chu	c0075d57b4	better fix for prev commit	2004-05-13 00:46:52 +00:00
Howard Chu	ee0af2b9d5	ITS#3137 defer schema loading until overlay configuration	2004-05-13 00:38:24 +00:00
Howard Chu	cba00e0025	Fix attributions, add HP info	2004-04-08 02:59:28 +00:00
Kurt Zeilenga	44725e7303	use BER_BVNULL	2004-04-07 04:11:43 +00:00
Pierangelo Masarati	25fce61f70	silence erroneous warning	2004-04-06 12:22:51 +00:00
Pierangelo Masarati	a11dc61e05	rework be_isupdate accordingly to be_isroot	2004-04-06 09:42:40 +00:00
Kurt Zeilenga	c7e89d57be	swap be_isroot and be_isroot_dn symbols	2004-04-06 01:06:20 +00:00
Howard Chu	4b2febb3db	Allow users to change their own password by default, fix history check when SafeModify is false.	2004-04-05 23:09:57 +00:00
Pierangelo Masarati	e516247068	exploit new isroot_dn helper	2004-04-05 17:31:27 +00:00
Howard Chu	939ca7705b	Avoid mktime/gmtime in parse_time(), just compute time_t ourselves.	2004-04-05 13:38:43 +00:00
Howard Chu	65e409817e	Fix prev commit, days at month boundaries	2004-04-04 15:40:14 +00:00
Howard Chu	ebd7bc27e7	Fix parse_time GMT computation for daylight savings time	2004-04-04 13:40:56 +00:00
Howard Chu	e1fc5012bd	Don't manipulate password history if not configured in policy	2004-04-03 06:21:03 +00:00
Howard Chu	ea14637a0d	Fix prev commit	2004-03-18 10:51:18 +00:00
Howard Chu	d1292c1b14	Added ppolicy_use_lockout keyword; Default behavior is not to issue the PP_accountLocked error for locked accounts. (Gives too much information to attackers.)	2004-03-18 10:35:54 +00:00
Howard Chu	def2fab7b5	Added ppolicy_hide_lockout keyword	2004-03-18 10:20:27 +00:00
Howard Chu	dbade4ad8c	Fix account lock check	2004-03-17 09:54:49 +00:00
Howard Chu	b59da518cf	Password policy overlay, implements draft 7. The spec is still in flux; this module should not be used in production.	2004-03-16 10:15:18 +00:00

1 2 3

143 commits