upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-01-30 10:29:28 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
22299 commits 38 branches 313 tags 87 MiB
Commit graph

146 commits

Author SHA1 Message Date
Pierangelo Masarati
abca6f16a6 also improve massaged DN containment check 2007-08-25 10:57:08 +00:00
Pierangelo Masarati
2be301db66 improve URI DN containment check 2007-08-25 10:13:51 +00:00
Pierangelo Masarati
9a00bbb35f add support for session tracking (draft-wahl-ldap-sessio) to proxy backends requests 2007-08-22 15:49:35 +00:00
Howard Chu
88cbe052e0 Fallout from ITS#4986 - remove unused param of select_backend() 2007-07-13 03:18:20 +00:00
Pierangelo Masarati
ff9b674899 cleanup back-meta according to back-ldap 2007-01-28 00:53:11 +00:00
Pierangelo Masarati
cf226fb029 implement search timeout when the remote server does not respond in the specified timeout 2007-01-26 01:39:05 +00:00
Kurt Zeilenga
da6d9eb046 happy new year 2007-01-02 20:00:42 +00:00
Pierangelo Masarati
7e8242d50d pool privileged connections (ITS#4791) 2006-12-24 18:23:36 +00:00
Pierangelo Masarati
4e11af075f - add support for "use-temporary-conn" much like back-ldap 
- fix various connection creation/setup concurrency issues
- use shared connection when always idasserting (similar to ITS#4781)
- reduce the impact of schema mapping when not used (tnx to gprof)
- fix temporary/tainted connection leak in abnormal conditions
 2006-12-17 23:52:23 +00:00
Pierangelo Masarati
8326ac21b1 add "report" to "onerr" modes: continue a search in case one target returns an error, and only propagate the error at the end 2006-11-23 23:50:36 +00:00
Pierangelo Masarati
84d6a04c91 improve timeout support (ITS#4157, ITS#4663) 2006-09-04 08:26:09 +00:00
Pierangelo Masarati
a5b520477c more cleanup for previous commit 2006-06-15 23:43:09 +00:00
Pierangelo Masarati
3ebb40c4dd port identity assertion to back-meta; share as much code as possible with back-ldap; misc cleanup 2006-06-15 23:12:38 +00:00
Pierangelo Masarati
740f196548 rework quarantine locking and so 2006-06-07 23:25:38 +00:00
Pierangelo Masarati
795841b5a4 implement proxy quarantine (ITS#4569) 2006-05-27 19:54:27 +00:00
Pierangelo Masarati
e5c173691d add cancel strategies (ITS#4560) 2006-05-20 14:29:01 +00:00
Pierangelo Masarati
1c16fa382a line up back-meta to ITS#4546 2006-05-14 18:10:23 +00:00
Howard Chu
ed25c75d60 plug leak 2006-05-10 12:53:36 +00:00
Pierangelo Masarati
373ded8d24 add URI list resorting feature (ITS#4524) 2006-05-06 16:15:25 +00:00
Pierangelo Masarati
470fda7744 cleanup version parsing 2006-05-06 10:42:29 +00:00
Hallvard Furuseth
d60b89c148 meta_back_db_config: lutil_atou(version,) -> lutil_atoi 2006-04-13 22:23:03 +00:00
Pierangelo Masarati
bd8514fb1e address protocol version issues (ITS#4488) 2006-04-13 16:20:00 +00:00
Pierangelo Masarati
46cb141185 seems to fix the equivalent of ITS#4429 in back-meta; had to give up per-target conn-ttl and idle-timeout 2006-04-01 18:56:39 +00:00
Pierangelo Masarati
41f963644c be conservative in reading subtree-exclude 2006-02-16 23:37:42 +00:00
Pierangelo Masarati
af0d2b1d2a add support for "subtree-exclude" 2006-02-16 01:26:39 +00:00
Pierangelo Masarati
54aefe30f7 implement proxy long-lived connection TTL 2006-02-01 23:10:12 +00:00
Kurt Zeilenga
f5b9ff7940 unifdef -DSLAPD_CONF_UNKNOWN_BAILOUT -DSLAPD_CONF_UNKNOWN_IGNORED="" 
-DSLAPD_DEBUG_CONFIG_ERROR=LDAP_DEBUG_ANY
 2006-01-24 04:40:01 +00:00
Kurt Zeilenga
acbb5cf689 Happy new year! 2006-01-03 23:11:52 +00:00
Pierangelo Masarati
8346de462b silence warning 2005-12-20 20:36:05 +00:00
Pierangelo Masarati
bd975514de add (and document) customizable bind-timeout 2005-12-12 15:57:58 +00:00
Pierangelo Masarati
1b42fde372 implement (per-target) per-conn proxy-side idle-timeout (ITS#4115); revitalize (per-target) network-timeout in back-meta; fix issue with connection initialization error in ldap_back_retry(); cleanup configuration of back-ldap 2005-12-07 17:35:02 +00:00
Kurt Zeilenga
48cb85865d Remove some unnecessary #ifdefs 2005-11-26 07:38:18 +00:00
Pierangelo Masarati
ce367bcc25 use friendly form for timeouts 2005-11-24 21:21:27 +00:00
Pierangelo Masarati
0fd295a321 first round of number/time parsing fixes 2005-11-23 17:29:16 +00:00
Pierangelo Masarati
e83f0f900b set the berval length\! (ITS#4196) 2005-11-22 12:13:07 +00:00
Pierangelo Masarati
7fa4b159bf fix dangling resources issue in slapd-ldap; completely rework slapo-chain to fix the resource leak/concurrency issue; add support for multiple well-known URIs to set credentials for, and deal with unknown URIs anonymously; similar reworking and cleanup for slapd-meta 2005-11-19 15:00:50 +00:00
Pierangelo Masarati
4cab386d13 backport write operation timeouts from back-meta to back-ldap; minor cleanup & silence warnings 2005-11-06 23:29:10 +00:00
Pierangelo Masarati
0207dcd3f9 import leak plug from slapo-rwm 2005-11-03 15:20:33 +00:00
Pierangelo Masarati
a16521ed4e fix error message for invalid "uri" args 2005-10-15 12:33:04 +00:00
Pierangelo Masarati
97614859be fix ITS#4071 2005-10-08 19:39:56 +00:00
Pierangelo Masarati
112be0118e cleanup states/timeout handling in back-ldap/meta; add connection pooling and defer of pseudoroot bind to back-meta 2005-09-24 18:39:26 +00:00
Pierangelo Masarati
6cb8b14435 allow undefined attrs to be "proxied" (ITS#3959) 2005-08-25 21:14:26 +00:00
Pierangelo Masarati
99ea177e05 implement overlapping targets enhancement (ITS#3711) 2005-08-17 08:34:49 +00:00
Pierangelo Masarati
8fdfe1fcd0 plug yet another one-time leak 2005-08-07 16:45:13 +00:00
Pierangelo Masarati
ac590d6b55 fix previous commit 2005-07-19 18:03:06 +00:00
Pierangelo Masarati
54a0c02c3d implement per-target, per-operation timeouts 2005-07-19 00:43:38 +00:00
Pierangelo Masarati
297c7933b1 add "onerr" flag 2005-06-25 15:13:44 +00:00
Pierangelo Masarati
d23243a507 more on strict config parsing (ITS#3705) 2005-05-06 16:42:03 +00:00
Pierangelo Masarati
4d9750afb5 honor T-F filters (ITS#3706) and lots of cleanup 2005-05-04 23:57:55 +00:00
Pierangelo Masarati
bb21f09d1f use safe(r) default 2005-04-26 20:10:15 +00:00
Pierangelo Masarati
6b035aac3e work around the last issue: some times the result times out while the other party is not willing to send any response; give it a second chance 2005-04-26 10:02:19 +00:00
Pierangelo Masarati
fa49a73fc4 fix retry; add per-target configurable number of retries; addresses ITS#3672, ITS#3676 & ITS#3680 2005-04-25 18:56:56 +00:00
Pierangelo Masarati
41aad6e27f more on error handling reworking; should address ITS#3672 and ITS#3676 2005-04-22 21:43:52 +00:00
Pierangelo Masarati
c1b5e84e2d a) implement a new candidate selection procedure, based on target naming 
context checking and multiple match resolution via an internal search
b) move the candidate listing in a persistent per-thread buffer
c) fix bind procedure
d) minor cleanup

(a) and (b) should address ITS#2935; (b) and (c) should address ITS#3171

A test is also added
 2005-04-16 02:25:41 +00:00
Pierangelo Masarati
73ca57cfef import selected improvements from back-ldap: use asynchronous Start TLS exop; allow propagating TLS if used in the original connection; minor cleanup 2005-02-05 15:55:27 +00:00
Pierangelo Masarati
e3a19bfa32 import referral chaing options from back-ldap 2005-02-05 11:33:32 +00:00
Pierangelo Masarati
74896472de don't add the trailing '??base' to URIs 2005-01-26 09:29:22 +00:00
Pierangelo Masarati
ae0f47b063 improve parsing of acl-authcDN/acl-passwd 2005-01-22 18:48:03 +00:00
Pierangelo Masarati
5422345e55 major namespace cleanup & minor fixes 2005-01-08 09:20:54 +00:00
Kurt Zeilenga
dc0eacd40b Happy New Year! 2005-01-01 20:49:32 +00:00
Pierangelo Masarati
ba6ac023ad works now 2004-12-30 17:45:07 +00:00
Pierangelo Masarati
253266ef07 import stuff removed from back-ldap 2004-11-13 14:45:18 +00:00
Pierangelo Masarati
246fa41c96 "searchFilter" by default must be empty 2004-03-10 21:53:39 +00:00
Kurt Zeilenga
3c598e89fb Happy new year 2004-01-01 19:15:16 +00:00
Kurt Zeilenga
fbba83b20f notices and acknowledgements 2003-12-08 17:41:40 +00:00
Howard Chu
0690f79a5a Cleanup unknown config directive handling. 2003-12-07 07:07:00 +00:00
Howard Chu
066a80bbbb Moved proxy caching to overlay 2003-12-06 11:12:53 +00:00
Kurt Zeilenga
a3d8cda201 notices and acknowledges 2003-11-27 06:35:14 +00:00
Jong Hyuk Choi
9760933c20 unifdef LDAP_CACHING 2003-08-27 23:21:17 +00:00
Pierangelo Masarati
64485f5fe0 remove unused arg from fprintf (ITS#2516) 2003-05-15 12:18:04 +00:00
Pierangelo Masarati
0864531e58 add network timeout (ITS#2413 reworked) 2003-05-03 11:30:38 +00:00
Kurt Zeilenga
5cd994ed21 remove dnNormalize2 
replace calls to dnNormalize2 with calls to dnNormalize
 2003-04-29 18:28:14 +00:00
Luke Howard
7cb946924e Fix compilation errors (caching must still be undefined though) 2003-04-11 04:22:37 +00:00
Pierangelo Masarati
6ef22ccdcb first cut at grouping rewrite/map stuff; needs work 2003-04-07 17:04:14 +00:00
Luke Howard
7e31732cc5 Don't segfault on malformed configuration 2003-04-04 04:06:18 +00:00
Jong Hyuk Choi
6f81235386 Commit of the Proxy Cache contribution (ITS#2062) 
from IBM India Research (Apurva Kumar)
Code review by Pierangelo, Kurt, and Jong.
 2003-03-06 19:44:41 +00:00
Pierangelo Masarati
40622232f7 silence warning 2003-03-03 21:32:08 +00:00
Pierangelo Masarati
bf35f8e37f improved filter mapping/rewrite; improved result rewriting; improved attribute/objectclass mapping configuration 2003-03-01 11:08:53 +00:00
Pierangelo Masarati
f19df0a307 add 'rebind-as-user' according to back-ldap's implementation 2003-02-05 22:04:20 +00:00
Pierangelo Masarati
e5a1418756 improve last commit 2003-02-04 19:27:56 +00:00
Pierangelo Masarati
c432154ad1 allow multiple URIs (need to backport to back-ldap) 2003-02-04 18:49:58 +00:00
Kurt Zeilenga
6939c53170 Happy new year 2003-01-03 20:20:47 +00:00
Kurt Zeilenga
b5e7208cb8 Date: Thu, 2 May 2002 08:54:59 GMT 
From: h.b.furuseth@usit.uio.no
To: openldap-its@OpenLDAP.org
Subject: Patch: Bugs with back-ldap/meta mappings

Full_Name: Hallvard B. Furuseth
Version: HEAD
OS: Linux
URL: http://folk.uio.no/hbf/OpenLDAP/back-ldap.txt
Submission from: (NULL) (158.36.148.34)


The source claims the 'map' attribute has syntax
map {objectclass | attribute}   {<source> | *}      [<dest> | *]
while it actually has syntax
map {objectclass | attribute} [<local name> | *] {<foreign name> |
*}
except that the code is confused about it.  Removed attributes are
put in both the maps for local and foreign names:
	# Remove description and present title as description instead
	map attribute	description
	map attribute	description title
-->
	slapd.conf: line 10: duplicate mapping found (ignored)

Also, map.c:ldap_back_map_attrs() loops forever on removed attributes
(ie. if one asks ldapsearch for an attribute which has been removed).
 2002-06-12 16:39:05 +00:00
Pierangelo Masarati
6feec86e5d - trim check for real naming context already defined as suffix 
- improve automatic massaging (prettify once)
- add (optimistic) automatic filter massaging
- cleanup of massaging stuff
 2002-05-01 11:41:57 +00:00
Pierangelo Masarati
fafce1601e consistently use dn_match macro throughout slapd 2002-01-12 18:17:13 +00:00
Kurt Zeilenga
0e2af54a3f Update copyright statements 2002-01-04 21:17:25 +00:00
Pierangelo Masarati
bd535be5cb hide mapping initialization 2002-01-04 17:51:20 +00:00
Pierangelo Masarati
db71bb1c4d lots of migration to struct berval; unfortunately it seems to be broken 2002-01-03 16:29:38 +00:00
Pierangelo Masarati
3930a390e0 cleanup 2001-12-29 10:30:23 +00:00
Howard Chu
975a5e9a24 Added dnPretty2/dnNormalize2 using preallocated destination berval 2001-12-29 04:48:00 +00:00
Pierangelo Masarati
02153708a0 conversion to berval DN 2001-12-27 12:17:54 +00:00
Howard Chu
ef0b308bea Changed backglue configuration. Added noSubordinates arg to select_backend 
to deal with glued subordinates.
 2001-12-10 12:09:40 +00:00
Pierangelo Masarati
970abe2637 semicolon after colon in goto labels; no C++ style comments; unused vars removed or #ifdef'd 2001-06-03 08:55:17 +00:00
Pierangelo Masarati
c5a9ffa62e pseudo-root dn bind; a couple of minor fixes 2001-05-19 17:02:39 +00:00
Pierangelo Masarati
0b4c7e0181 added new logging to back-meta 2001-05-13 23:44:22 +00:00
Pierangelo Masarati
74fa239a20 This is the commit of: 
- librewrite, for string rewriting; it may be used in back-ldap
    by configuring with '--enable-rewrite'. It must be used in
    back-meta. There's a text file, 'libraries/librewrite/RATIONALE',
    that explains the usage and the features. More comprehensive
    documentation will follow.
  - enhancements of back-ldap (ITS#989,ITS#998,ITS#1002,ITS#1054 and ITS#1137)
    including dn rewriting, a fix to group acl matching and so
  - back-meta: a new backend that proxies a set of remote servers
    by spawning queries. It uses portions of back-ldap and the rewrite
    capabilities of librewrite. It can be compiled by configuring
    with `--enable-ldap --enable-rewrite --enable-meta'.
    There's a text file, 'servers/slapd/back-meta/Documentation', that
    describes the main features and config statements.

Note: someone (Kurt?) should run 'autoconf' and commit 'configure' as
my autoconf version must be different: my configures contain a number
of differences and I didn't feel comfortable in adding them :)
 2001-05-12 00:51:28 +00:00