upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-22 07:39:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
19245 commits 38 branches 309 tags 68 MiB
Commit graph

261 commits

Author SHA1 Message Date
Pierangelo Masarati
3e427ad75a support a separate cached connection for binds when using (liberal) idassert flagged with "override" (ITS#4781) 2006-12-17 22:11:40 +00:00
Pierangelo Masarati
09abc9f8ae fix leak in case of retry 2006-11-24 01:44:11 +00:00
Pierangelo Masarati
71bcd4a4b6 s/ldap_int_discard/ldap_pvt_discard/ 2006-10-28 18:13:12 +00:00
Pierangelo Masarati
45156c6d7a need ldap-int.h for ldap_int_discard() declaration (ITS#4717) 2006-10-28 16:19:53 +00:00
Pierangelo Masarati
6416d83372 add ldap_int_discard(); use it in proxies (ITS#4717) 2006-10-22 20:31:41 +00:00
Howard Chu
6f13331f4f Drop extraneous test from copy/paste (1.200) (coverity) 2006-10-08 00:37:18 +00:00
Pierangelo Masarati
f8d1a61866 more on clarification of special proxy identities and resilience to connection failure 2006-10-07 18:07:56 +00:00
Pierangelo Masarati
5714f8565f fix rebind with idassert when a connection expires; also, fix override 2006-09-30 01:11:19 +00:00
Pierangelo Masarati
55b5685425 ldap_back_dobind_int() may need to free a connection 2006-09-11 22:45:19 +00:00
Pierangelo Masarati
1ab4c624ed rearrange error handling 2006-09-11 21:04:25 +00:00
Pierangelo Masarati
150a4f106c improve timeout support (ITS#4157, ITS#4663); manpage cleanup 2006-09-04 08:24:05 +00:00
Pierangelo Masarati
00c2498543 back-ldap should only touch the connection timestamp when activity actually occurred (i.e. ldap_result() returned a positive value), otherwise if "the network cable is removed after the connection is established" ldap_result() keeps returning 0 forever... 2006-09-03 11:02:15 +00:00
Pierangelo Masarati
8a71ac3740 don't leak identity 2006-08-31 16:21:54 +00:00
Howard Chu
ca262ee8e6 Fix test045, test048 use acl-bind credentials on retry if they were set. 2006-08-25 02:16:57 +00:00
Pierangelo Masarati
e4d24ecce8 don't leave dangling conns in the AVL tree 2006-08-18 17:11:41 +00:00
Pierangelo Masarati
5b317f5b85 the conn may not be bound yet even if the bound DN is set... 2006-08-18 15:22:26 +00:00
Kurt Zeilenga
4ba9bc1c2d Use LDAP_OTHER to indicate internal error 2006-08-12 21:46:29 +00:00
Pierangelo Masarati
34af916e3f fix response sending while rebinding (ITS#4597) 2006-06-24 16:58:49 +00:00
Pierangelo Masarati
aec9afc4e3 move retry into response handling (fix ITS#4594; partially addresses ITS#4591 as well) 2006-06-17 12:37:45 +00:00
Pierangelo Masarati
3ebb40c4dd port identity assertion to back-meta; share as much code as possible with back-ldap; misc cleanup 2006-06-15 23:12:38 +00:00
Pierangelo Masarati
31a004840d cleanup identity assertion; ready for porting to back-meta 2006-06-10 16:33:26 +00:00
Pierangelo Masarati
50c6a95a62 make sure heavy concurrency doesn't cause quarantine loops 2006-06-10 01:08:45 +00:00
Pierangelo Masarati
942ca17669 cleanup resource release 2006-06-08 23:41:02 +00:00
Pierangelo Masarati
740f196548 rework quarantine locking and so 2006-06-07 23:25:38 +00:00
Pierangelo Masarati
186813daed rearrange quarantine handling during proxyAuthz bind; bind anonymously if no bindmethod is defined 2006-05-30 01:20:32 +00:00
Pierangelo Masarati
f5fcd2c169 cleanup previous commit 2006-05-30 00:12:23 +00:00
Pierangelo Masarati
a6406de871 make room for plugins that deal with quarantine end 2006-05-29 21:43:20 +00:00
Pierangelo Masarati
795841b5a4 implement proxy quarantine (ITS#4569) 2006-05-27 19:54:27 +00:00
Pierangelo Masarati
e5c173691d add cancel strategies (ITS#4560) 2006-05-20 14:29:01 +00:00
Pierangelo Masarati
fcbc1f484d fix referrals return for ops other than search (ITS#4557); use slab memory for temporaries in returning referrals 2006-05-18 22:28:22 +00:00
Pierangelo Masarati
073f14ceac lc_bound_ndn is occasionally saved to keep track of who bound; don't use it to bind unless credentials are present as well 2006-05-16 02:56:59 +00:00
Pierangelo Masarati
9c9b6f7353 idassert: setup rebind stuff when binding for proxyAuthz, so that referral chasing tries to rebind with the correct identity (partially address ITS#3526) 2006-05-16 01:10:51 +00:00
Pierangelo Masarati
3b7084c170 reset the conn field in the cached connection if the bound DN is privileged (ITS#4547) 2006-05-15 01:42:05 +00:00
Pierangelo Masarati
26d1fc8c48 more cleanup of previous commits 2006-05-14 18:09:56 +00:00
Pierangelo Masarati
f87e6270d4 improve previous commit 2006-05-14 17:53:40 +00:00
Pierangelo Masarati
0c33c17bb5 "single-conn" forces flushing of existing conns during rebind on same conn (ITS#4546) 2006-05-14 17:32:15 +00:00
Pierangelo Masarati
3393b15594 cleanup resource release 2006-05-14 15:11:53 +00:00
Pierangelo Masarati
373ded8d24 add URI list resorting feature (ITS#4524) 2006-05-06 16:15:25 +00:00
Pierangelo Masarati
401b211d98 touch idle-timeout HAVE_TLS odds; silence warning #ifndef HAVE_TLS 2006-05-06 10:50:13 +00:00
Pierangelo Masarati
3b5d411af2 fix idassert "override" 2006-05-01 22:54:07 +00:00
Pierangelo Masarati
4d894c7d24 don't idassert if proxyAuthz == boundDN (ITS#4497) 2006-04-21 21:07:31 +00:00
Pierangelo Masarati
e01743193d more coverity issues 2006-04-14 00:17:27 +00:00
Hallvard Furuseth
7a19d8855d Remove useless assert: unsigned lc->lc_refcnt >= 0 2006-04-13 22:20:55 +00:00
Pierangelo Masarati
bd8514fb1e address protocol version issues (ITS#4488) 2006-04-13 16:20:00 +00:00
Pierangelo Masarati
666e0677ca re-fix previous commit 2006-04-08 15:59:59 +00:00
Pierangelo Masarati
cc8109db06 fix previous commit 2006-04-08 14:45:19 +00:00
Pierangelo Masarati
0500576056 add support for old proxyAuthz encoding; allow to workaround buggy implementations of the new version (now RFC4370) 2006-04-08 11:12:30 +00:00
Pierangelo Masarati
6a293c65b3 line up network-timeout with back-meta 2006-04-07 09:08:37 +00:00
Pierangelo Masarati
8c1b8d3f7b actually, if a connection is already in the AVL tree, use it if not binding; otherwise use a tainted one; taint connections that must be freed when refcnt goes to zero 2006-04-07 01:28:56 +00:00
Kurt Zeilenga
45d0479d37 Reverse last commit. Wrong tree. 2006-04-05 00:40:53 +00:00
Kurt Zeilenga
31d64d4642 No LogTest in re23 2006-04-05 00:39:46 +00:00
Pierangelo Masarati
02966c3d1c fix handling of expired connections (ITS#4429; need to look at back-meta as well) 2006-03-29 01:26:42 +00:00
Pierangelo Masarati
bacd1f170f leave existing controls in place if proxyAuthz is not required by idassert (ITS#4457) 2006-03-28 21:45:54 +00:00
Pierangelo Masarati
1418b2c5b1 fix previous commit: actually free the connection in case of failed bind 2006-03-25 01:12:27 +00:00
Pierangelo Masarati
fd5208c18f destroy bind connection after failed bind (ITS#4428) 2006-03-25 00:33:42 +00:00
Pierangelo Masarati
3160c03dab cleanup previous commit 2006-03-23 23:01:14 +00:00
Pierangelo Masarati
3437406a0b honor "chase-referrals no" (ITS#4447) 2006-03-23 21:01:19 +00:00
Pierangelo Masarati
3861c47316 queue implicit binds (ITS#4409) 2006-03-03 16:27:00 +00:00
Kurt Zeilenga
cbc11c9233 unifdef -DLDAP_NULL_IS_NULL 2006-02-14 23:18:12 +00:00
Pierangelo Masarati
f4c578cb31 delete all conns cached for a single client->proxy connection (partially addresses ITS#4387) 2006-02-06 21:39:56 +00:00
Pierangelo Masarati
f0d6ac3e0b debug cleanup 2006-02-04 15:50:22 +00:00
Pierangelo Masarati
54aefe30f7 implement proxy long-lived connection TTL 2006-02-01 23:10:12 +00:00
Pierangelo Masarati
7038044c91 in abnormal cases, error may be sent twice 2006-01-11 15:32:34 +00:00
Pierangelo Masarati
0dce854ce4 complete fix to back-ldap (ITS#4315?); not sure dobind should actually be treated as a bind... 2006-01-11 12:11:59 +00:00
Pierangelo Masarati
7368ffb77a don't idassert anon2anon (ITS#4321) 2006-01-10 13:17:31 +00:00
Pierangelo Masarati
f3c2c7ba48 use slab memory for proxyauthz 2006-01-09 20:00:51 +00:00
Pierangelo Masarati
6995603a3d refine fix to ITS#4315; apply it to back-meta as well 2006-01-09 14:20:37 +00:00
Howard Chu
8538223def TS#4315 fix prev commit, spinning in ldap_back_dobind 2006-01-09 09:37:52 +00:00
Howard Chu
2b39a26150 ITS#4315 fix bind concurrency issue 2006-01-09 09:14:53 +00:00
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Pierangelo Masarati
8c2ceeb605 don't idassert anonymous unless explicitly configured (ITS#4272) 2005-12-20 20:43:14 +00:00
Pierangelo Masarati
4538422dc9 better handling of internal operations 2005-12-15 13:47:25 +00:00
Pierangelo Masarati
430aff35bb assume operations with version set to 0 are internal, and use LDAPv3 2005-12-15 11:39:46 +00:00
Pierangelo Masarati
fcda57e90f use macros instead of numbers... 2005-12-13 20:11:26 +00:00
Pierangelo Masarati
1b42fde372 implement (per-target) per-conn proxy-side idle-timeout (ITS#4115); revitalize (per-target) network-timeout in back-meta; fix issue with connection initialization error in ldap_back_retry(); cleanup configuration of back-ldap 2005-12-07 17:35:02 +00:00
Pierangelo Masarati
2ea72234aa return more appropriate error code 2005-12-06 20:04:52 +00:00
Pierangelo Masarati
4852bf8a58 don't care about empty matched/text #ifdef LDAP_NULL_IS_NULL 2005-11-20 01:59:26 +00:00
Pierangelo Masarati
7fa4b159bf fix dangling resources issue in slapd-ldap; completely rework slapo-chain to fix the resource leak/concurrency issue; add support for multiple well-known URIs to set credentials for, and deal with unknown URIs anonymously; similar reworking and cleanup for slapd-meta 2005-11-19 15:00:50 +00:00
Pierangelo Masarati
78bd3bf6a3 handle LDAPv2 when returning timelimit; silence warning 2005-11-11 09:54:07 +00:00
Pierangelo Masarati
93abd4c616 cannot happen... 2005-11-09 12:58:57 +00:00
Pierangelo Masarati
4cab386d13 backport write operation timeouts from back-meta to back-ldap; minor cleanup & silence warnings 2005-11-06 23:29:10 +00:00
Pierangelo Masarati
4744733638 don't copy o_ndn into lc_bound_ndn, otherwise we end up in a bind with DN but no password\! 2005-10-14 23:25:57 +00:00
Pierangelo Masarati
112be0118e cleanup states/timeout handling in back-ldap/meta; add connection pooling and defer of pseudoroot bind to back-meta 2005-09-24 18:39:26 +00:00
Pierangelo Masarati
fb3fc81c7e improved authz_backend detection for internal databases (ITS#4018) 2005-09-10 09:56:29 +00:00
Pierangelo Masarati
866148810e release resources (ITS#4016) 2005-09-09 02:37:38 +00:00
Pierangelo Masarati
075220dd7e need some minimal timeout otherwise strange issues occur 2005-08-22 18:14:41 +00:00
Pierangelo Masarati
15d1b4d5dd cleanup locking 2005-08-20 19:00:56 +00:00
Pierangelo Masarati
5873048347 fix return code (prevents clean usage of back-ldap for internal searchs) 2005-08-17 19:38:36 +00:00
Hallvard Furuseth
a0b5f5138b Remove unused label "error_return" 2005-08-16 19:45:50 +00:00
Pierangelo Masarati
7b9173d0bb should compile also when #undef HAVE_TLS 2005-08-12 10:51:39 +00:00
Pierangelo Masarati
a23466f64a should compile also when #undef HAVE_TLS 2005-08-12 10:49:55 +00:00
Pierangelo Masarati
c6e2a69f27 fix tls propagation, including rebind 2005-08-11 16:01:24 +00:00
Pierangelo Masarati
fa27310d77 use trylock only where necessary 2005-08-07 00:35:11 +00:00
Pierangelo Masarati
4ed743cc84 remove unrequired member; address ITS#3913 2005-08-02 22:48:30 +00:00
Pierangelo Masarati
4148ddc31f save 1 function call... 2005-08-02 08:13:16 +00:00
Pierangelo Masarati
a91ebfac79 plug leaks 2005-07-25 20:47:39 +00:00
Pierangelo Masarati
3e84f692aa there might definitely be concurrency issues, but it's not pooled connections' fault 2005-07-23 22:03:35 +00:00
Pierangelo Masarati
e810105f87 (mostly) reverting previous commit (overconservative) 2005-07-23 22:02:12 +00:00
Pierangelo Masarati
796316bc84 strengthen concurrency protection 2005-07-23 19:39:51 +00:00
Pierangelo Masarati
6adfb5dd2f note an issue 2005-07-22 03:23:26 +00:00