upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-22 07:39:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
19245 commits 38 branches 309 tags 68 MiB
Commit graph

171 commits

Author SHA1 Message Date
Pierangelo Masarati
e01743193d more coverity issues 2006-04-14 00:17:27 +00:00
Pierangelo Masarati
bd8514fb1e address protocol version issues (ITS#4488) 2006-04-13 16:20:00 +00:00
Kurt Zeilenga
eb9a3c1876 unifdef -DSLAP_ACL_HONOR_DISCLOSE 
unifdef -DSLAP_ACL_HONOR_MANAGE
unifdef -DSLAP_OVERLAY_ACCESS
unifdef -DSLAP_ORDERED_PRETTYNORM
unifdef -DSLAP_AUTHZ_SYNTAX
Move LDAP_COLLECTIVE_ATTRIBUTES, LDAP_COMP_MATCH, and LDAP_SYNC_TIMESTAMP
back behind LDAP_DEVEL (as these either too experimental or not yet
implemented).
 2006-04-12 05:53:26 +00:00
Pierangelo Masarati
3d13b08a44 fix network-timeout commit 2006-04-08 14:45:45 +00:00
Pierangelo Masarati
0500576056 add support for old proxyAuthz encoding; allow to workaround buggy implementations of the new version (now RFC4370) 2006-04-08 11:12:30 +00:00
Pierangelo Masarati
6a293c65b3 line up network-timeout with back-meta 2006-04-07 09:08:37 +00:00
Howard Chu
fc61aab12b plug leak 2006-04-04 10:31:01 +00:00
Hallvard Furuseth
581c1ff6c7 Cast ctype.h char arguments to unsigned char 2006-04-01 23:44:42 +00:00
Pierangelo Masarati
00073c8cac fix operational attrs return with chain overlay (ITS#4431); misc cleanup 2006-03-24 22:49:51 +00:00
Pierangelo Masarati
fa72882808 fix error message 2006-02-16 01:10:45 +00:00
Pierangelo Masarati
54aefe30f7 implement proxy long-lived connection TTL 2006-02-01 23:10:12 +00:00
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Pierangelo Masarati
fcda57e90f use macros instead of numbers... 2005-12-13 20:11:26 +00:00
Pierangelo Masarati
1b42fde372 implement (per-target) per-conn proxy-side idle-timeout (ITS#4115); revitalize (per-target) network-timeout in back-meta; fix issue with connection initialization error in ldap_back_retry(); cleanup configuration of back-ldap 2005-12-07 17:35:02 +00:00
Pierangelo Masarati
26a83119fd cleanup 2005-11-27 23:19:17 +00:00
Pierangelo Masarati
d34fffcaf9 use lutil_ato*() whenever appropriate 2005-11-24 01:10:05 +00:00
Pierangelo Masarati
d71a3add92 fix typo in write timeouts argnumbers 2005-11-19 23:23:18 +00:00
Pierangelo Masarati
39d721504a plug one-time leaks 2005-11-19 18:44:54 +00:00
Pierangelo Masarati
6d7689b7e3 check we don't exceed userland with config param bits 2005-11-19 18:01:28 +00:00
Pierangelo Masarati
3e7fd464dc streamline back-ldap/slapo-chain configuration; add the possibility to cache non-configured, anonymous referral URIs 2005-11-19 17:48:33 +00:00
Pierangelo Masarati
7fa4b159bf fix dangling resources issue in slapd-ldap; completely rework slapo-chain to fix the resource leak/concurrency issue; add support for multiple well-known URIs to set credentials for, and deal with unknown URIs anonymously; similar reworking and cleanup for slapd-meta 2005-11-19 15:00:50 +00:00
Pierangelo Masarati
4cab386d13 backport write operation timeouts from back-meta to back-ldap; minor cleanup & silence warnings 2005-11-06 23:29:10 +00:00
Hallvard Furuseth
9873eb7ab0 Add missing Statslog() statements (loglevel stats/stats2): 
"ABANDON", "STARTTLS", "CANCEL", "WHOAMI", "PASSMOD", "EXT", "INTERM",
  "TLS established", SASL and Extended Response "RESULT".
In Statslog output "conn=xx fd=yy closed", append the reason in
  "()" unless client or server closed the connection after Unbind.
Still missing Statslog output from a number of failed requests.
 2005-08-14 00:14:58 +00:00
Pierangelo Masarati
d10250d9f6 add authzSyntax for authzTo/authzFrom attributes; add X-ORDERED 'VALUES' if support for ordered_value_{validate,pretty,normalize} is present; exploit normalization in slap_parseURI (only #ifdef LDAP_DEVEL) 2005-08-11 23:52:17 +00:00
Pierangelo Masarati
468e03a655 plug more leaks 2005-08-07 12:55:15 +00:00
Pierangelo Masarati
9da3dbf3c8 more fixes to parsing of (deprecated) config directives (ITS#3915) 2005-08-02 22:21:44 +00:00
Pierangelo Masarati
c8a5fd2df2 fix various leaks 2005-08-01 23:32:14 +00:00
Pierangelo Masarati
aace773cb6 more table-driven config cleanup 2005-07-29 01:00:48 +00:00
Pierangelo Masarati
111f5fdc5c more fixes to back-ldap runtime configuration (ITS#3895) 2005-07-26 00:11:11 +00:00
Pierangelo Masarati
a91ebfac79 plug leaks 2005-07-25 20:47:39 +00:00
Hallvard Furuseth
4a57978a4b '#if 0' out variables used only in #if 0. Fix '#if 0'-ed out counting loops. 2005-07-22 13:21:10 +00:00
Pierangelo Masarati
4be9f57b29 more on leaks & small fixes to unparsing 2005-07-22 03:23:58 +00:00
Pierangelo Masarati
1ac6bf4d1d fix back-ldap unparsing 2005-07-22 02:29:49 +00:00
Pierangelo Masarati
982981d465 fix potential deadlock; improve idassert in case of authzFrom rules (new flag values); rootdn can always idassert 2005-07-03 23:27:56 +00:00
Pierangelo Masarati
9e811df052 seems to definitely fix issues related to ITS#3808 2005-06-29 16:38:09 +00:00
Pierangelo Masarati
47daec07d5 fix previous commit :) 2005-05-25 12:05:39 +00:00
Pierangelo Masarati
1b9c9577c2 invalidate cached connections if URI changed 2005-05-25 11:54:19 +00:00
Pierangelo Masarati
672c39024e further fixing of back-ldap config; added enum_to_verb call to ease mapping enumerations to strings... 2005-05-23 14:14:34 +00:00
Pierangelo Masarati
a7f44159c1 complete back-config support, including chain overlay; passes all tests; HEADS-UP: few syntax changes (essentially backwards compatible) 2005-05-23 07:25:00 +00:00
Pierangelo Masarati
da2a26d19f first round of back-config support; need to #define LDAP_BACK_BCONFIG; no support for rewrite and so, still stuff to fix. Doesn't pass most of the tests 2005-05-21 19:07:14 +00:00
Pierangelo Masarati
c80eb34888 honor T-F filters (ITS#3706) and some cleanup 2005-05-05 00:07:17 +00:00
Pierangelo Masarati
5affbfa428 add SASL bind for acl-authc; use slap_bindconf 2005-04-10 23:44:06 +00:00
Pierangelo Masarati
43138aa500 use asynchronous Start TLS exop; allow propagating TLS if used in the original connection; minor cleanup 2005-02-05 15:55:02 +00:00
Pierangelo Masarati
cfc77f0a0a make referrals chasing optional (default is to chase them) 2005-01-30 22:56:59 +00:00
Pierangelo Masarati
c6b6d2a5ec StartTLS (ITS#3507) + chain overlay fixes and improvements 2005-01-24 09:38:11 +00:00
Pierangelo Masarati
ae0f47b063 improve parsing of acl-authcDN/acl-passwd 2005-01-22 18:48:03 +00:00
Pierangelo Masarati
1d919d35a5 remove #ifdef's for identity assertion 2005-01-20 09:04:37 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
fefa59059d minor cleanup 2004-12-08 19:11:27 +00:00
Pierangelo Masarati
6b1c641bc1 warn users of the need to use the rwm overlay 2004-11-29 12:40:36 +00:00
Pierangelo Masarati
6eec000889 improve diagnostics 2004-11-17 17:55:44 +00:00
Pierangelo Masarati
ee4c10d5d0 allow backends to automatically install overlays; issue warnings in case of duplicates (fixes ITS#3395 for cases (1.a), (1.b) and (2) simultaneously) 2004-11-15 10:28:33 +00:00
Pierangelo Masarati
db4f223c66 improve overlay helpers 2004-11-13 17:20:24 +00:00
Pierangelo Masarati
f176935a58 remove rewrite stuff -- now delegted to rwm overlay 2004-11-13 14:43:30 +00:00
Howard Chu
bbe986b94e Add a retry for failed connections 2004-10-01 12:00:41 +00:00
Kurt Zeilenga
d611a4b49a unifdef -UNEW_LOGGING 2004-09-04 04:54:28 +00:00
Pierangelo Masarati
cc60b5ce76 cleanup previous fix; maybe the advanced url parsing funcs should go in some ldap_pvt.h header? 2004-07-26 08:31:01 +00:00
Pierangelo Masarati
cd7540feee cleanup URI parsing/checking (fixes ITS#3253) 2004-07-24 11:17:03 +00:00
Hallvard Furuseth
af5ab4f196 Add missing format argument for 'unhandled idassert-method' error message. 2004-07-18 07:16:34 +00:00
Pierangelo Masarati
277d921945 clear shared connections when ldap_result fails with -1 (typically, remote server is down); fixes ITS#3217 2004-07-04 23:35:18 +00:00
Pierangelo Masarati
5bfb9fd590 make authz mode selection fully manual, plus more cleanup 2004-06-20 22:42:36 +00:00
Pierangelo Masarati
5d843b2b13 detect mechs that are known to perform native authz 2004-06-19 18:32:55 +00:00
Pierangelo Masarati
f34b11760a allow a hidden parameter to instruct the proxy that the SASL mech can do native authz; will disappear as soon as I can detect it automnatically 2004-06-19 18:18:26 +00:00
Pierangelo Masarati
a18e199e0d more on identity assertion 2004-05-22 17:26:02 +00:00
Pierangelo Masarati
cdebc4d376 more on idassert: SASL bind/authz 2004-05-15 10:11:10 +00:00
Pierangelo Masarati
8b954144d6 reflect Kurt's comments on ID assertion 2004-05-14 10:01:22 +00:00
Pierangelo Masarati
3b38676dd3 complete idassert options 2004-05-13 22:12:46 +00:00
Pierangelo Masarati
66ddf62922 add idassert code (undocumented yet) 2004-05-13 20:25:53 +00:00
Pierangelo Masarati
6a1dd9a1cd exploit new frontend API 2 protocol error mapping; use urldesc... 2004-04-05 17:36:53 +00:00
Pierangelo Masarati
66ee9b2d73 carefully check the URI 2004-03-17 22:36:47 +00:00
Pierangelo Masarati
65b49dd312 add "searchFilterAttrDN" rewrite context, and allow filterstring rewrite 2004-03-10 21:11:14 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Pierangelo Masarati
529a03df53 use dedicated admin identity to proxyAuthz 2003-12-13 10:57:42 +00:00
Kurt Zeilenga
fbba83b20f notices and acknowledgements 2003-12-08 17:41:40 +00:00
Howard Chu
0690f79a5a Cleanup unknown config directive handling. 2003-12-07 07:07:00 +00:00
Kurt Zeilenga
a3d8cda201 notices and acknowledges 2003-11-27 06:35:14 +00:00
Kurt Zeilenga
16af7fdd4c Hide experimental controls and extended operations 2003-05-31 20:19:02 +00:00
Hallvard Furuseth
c5d60fc043 ctrls[] was initialized with which non-constants. 2003-05-02 13:26:25 +00:00
Howard Chu
ece7452b05 More memory context tweaks 2003-04-11 01:29:28 +00:00
Pierangelo Masarati
b4dbfb570a cleanup 2003-04-08 13:22:12 +00:00
Howard Chu
cd76391078 Fix !ENABLE_REWRITE 2003-04-07 19:48:10 +00:00
Pierangelo Masarati
96e1632d4a default remapping from target to server aliases searchResult 2003-04-07 16:59:56 +00:00
Pierangelo Masarati
93abccdee3 group rewrite/map stuff in one structure and optimize more function calls 2003-04-07 16:52:59 +00:00
Pierangelo Masarati
1bae6d28e5 silence warnings 2003-04-05 16:58:36 +00:00
Pierangelo Masarati
ab3ab80ecd more args elimination + allow specific messages when mapping client API errors to LDAP_OTHER 2003-04-04 22:20:49 +00:00
Pierangelo Masarati
ebe0bb0b52 trim unnecessary args 2003-04-03 23:23:56 +00:00
Pierangelo Masarati
17e46d8468 cleanup and fixes 2003-04-03 21:35:27 +00:00
Howard Chu
e8c58b4e7f Major API change - (SLAP_OP_BLOCKS) All request parameters are 
consolidated into the Operation structure. All reply parameters
are consolidated into the new SlapReply structure. Most operations
now have identical call signatures... Changes are not #ifdef'd,
revert to -r NO_SLAP_OP_BLOCKS if necessary to back out.
 2003-03-30 09:03:54 +00:00
Pierangelo Masarati
bf35f8e37f improved filter mapping/rewrite; improved result rewriting; improved attribute/objectclass mapping configuration 2003-03-01 11:08:53 +00:00
Howard Chu
187f1d2ad4 Added proxy-whoami keyword for forwarding whoami requests. 2003-02-16 11:21:15 +00:00
Hallvard Furuseth
6a51371fc5 Silence gcc warnings (signed vs. unsigned, implicit declarations, unused vars). 2003-01-19 15:03:25 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Pierangelo Masarati
85a74efc71 remove dependency from LDAP_FILT_MAXSIZ (and handle arbitrary size filters) 2002-08-09 13:51:35 +00:00
Howard Chu
e14f471a27 Add #include "lutil.h" for lutil_str* functions 2002-08-06 02:36:34 +00:00
Howard Chu
5a01db28e3 Moved slap_strcopy, slap_strncopy to lutil_strcopy, lutil_strncopy 2002-07-27 00:24:02 +00:00
Kurt Zeilenga
b5e7208cb8 Date: Thu, 2 May 2002 08:54:59 GMT 
From: h.b.furuseth@usit.uio.no
To: openldap-its@OpenLDAP.org
Subject: Patch: Bugs with back-ldap/meta mappings

Full_Name: Hallvard B. Furuseth
Version: HEAD
OS: Linux
URL: http://folk.uio.no/hbf/OpenLDAP/back-ldap.txt
Submission from: (NULL) (158.36.148.34)


The source claims the 'map' attribute has syntax
map {objectclass | attribute}   {<source> | *}      [<dest> | *]
while it actually has syntax
map {objectclass | attribute} [<local name> | *] {<foreign name> |
*}
except that the code is confused about it.  Removed attributes are
put in both the maps for local and foreign names:
	# Remove description and present title as description instead
	map attribute	description
	map attribute	description title
-->
	slapd.conf: line 10: duplicate mapping found (ignored)

Also, map.c:ldap_back_map_attrs() loops forever on removed attributes
(ie. if one asks ldapsearch for an attribute which has been removed).
 2002-06-12 16:39:05 +00:00
Howard Chu
b3d0ab87aa More cleanups for suffixmassage DNs 2002-05-01 19:05:09 +00:00
Pierangelo Masarati
c1edf76e20 use BerVarray for suffix_massaging stuff 2002-05-01 17:45:03 +00:00
Pierangelo Masarati
6feec86e5d - trim check for real naming context already defined as suffix 
- improve automatic massaging (prettify once)
- add (optimistic) automatic filter massaging
- cleanup of massaging stuff
 2002-05-01 11:41:57 +00:00
Howard Chu
c7262c7599 Added rebind-as-user option; saves bind credentials and sets a rebind_proc 
to allow chasing referrals using the same user's credentials.
 2002-04-25 02:05:34 +00:00