upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-24 00:29:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
21846 commits 38 branches 309 tags 68 MiB
Commit graph

800 commits

Author SHA1 Message Date
Howard Chu
4a4bf0bf39 Cleanup error messages 2011-02-28 11:38:19 +00:00
Howard Chu
a60c82b3ba ITS#6837 olcChainDatabase inherits from olcLDAPConfig 2011-02-19 02:49:18 +00:00
Pierangelo Masarati
5d9baf3e85 use (noncritical) whoami extop during SASL bind (ITS#6817) 2011-02-03 23:35:56 +00:00
Pierangelo Masarati
ddbcb565d4 use (noncritical) authzid control during SASL bind (ITS#6817) 2011-02-03 23:20:15 +00:00
Howard Chu
e72c093a55 ITS#6711 minimal tweaks for aclbind/idassertbind for privileged connection 
in dobind_int().
 2011-02-02 20:56:58 +00:00
Howard Chu
d626977848 Cleanup priv/idassert choice: check for configured bind method, not authcDN 2011-02-02 20:32:48 +00:00
Howard Chu
aec5adac17 ITS#6711 use idassert TLS conf for priv connection if aclbind not set 2011-02-02 20:06:28 +00:00
Pierangelo Masarati
293b5e51a5 first cut at SASL bind issues in idassert (related to ITS#6817) 2011-01-31 22:07:04 +00:00
Hallvard Furuseth
4064e3c15d Re-fix ITS#6793 (back-ldap bad free of matchedDN). 
Previous fix opened for a ITS#6758-style double free if the
caller was broken.  Using REP_MATCHED_MUSTBEFREED is more robust.
 2011-01-31 05:30:05 +00:00
Pierangelo Masarati
36d0a161ab also handle RFC 4526 t-f filters in back-ldap (more about ITS#6814) 2011-01-29 14:23:53 +00:00
Pierangelo Masarati
b996c17eb2 handle undefined filters in back-ldap (more about ITS#6814) 2011-01-29 12:29:20 +00:00
Pierangelo Masarati
8fcc9b058b handle undefined objectClass values in search filters (ITS#6814) 2011-01-29 10:30:17 +00:00
Howard Chu
d3b09ef2a9 ITS#5421 drop ldap-int.h 2011-01-19 21:27:16 +00:00
Hallvard Furuseth
3866da50f5 ITS#6793 Fix back-ldap bad free on matchedDN change 2011-01-17 10:55:41 +00:00
Kurt Zeilenga
966cef8c9a Happy New Year 2011-01-05 00:42:37 +00:00
Pierangelo Masarati
b672d8535d make sure initialization is only tried once; improve error messages 2011-01-02 15:06:11 +00:00
Pierangelo Masarati
f2df9f0cf5 add some logging (under TRACE) 2011-01-02 12:29:19 +00:00
Hallvard Furuseth
bdb078a778 ITS#6758 Reset dangerous REP_ENTRY_* flags. 
If SlapReply.sr_un cannot contain an entry but does or soon may
contain another member than sru_search: Ensure nothing will see
leftover REP_ENTRY_* flags and try to clean up the "entry" there.
 2010-12-31 20:53:17 +00:00
Hallvard Furuseth
15aa7c472a noop commit: cleanup 0 -> REP_RESULT in SlapReply 2010-12-31 14:08:34 +00:00
Hallvard Furuseth
d2b024be4a ITS#6758 Reset some SlapReply flags & data. 
Reset data more consistenlty.  When resetting sr_entry after sending
data, reset sr_flag as well.  Reset rs_attrs and Extended Operation
oid/data after setting and sending them.
 2010-12-30 23:55:07 +00:00
Hallvard Furuseth
cd6e9156e7 Remove lint (unused vars/labels/funcs/default:s) 2010-12-30 23:34:55 +00:00
Hallvard Furuseth
c9e85af35c ITS#6759: assert;Debug -> Debug;assert 2010-12-30 23:19:02 +00:00
Hallvard Furuseth
4484781b0d ITS#6721: Fix uninitialized tv_usec from ITS#6282 2010-11-23 10:10:45 +00:00
Hallvard Furuseth
e1469fff44 For ITS#5421: Also LBER_FREE() -> ber_memfree() 2010-11-22 13:14:29 +00:00
Hallvard Furuseth
b39e9d151d For ITS#5421: Remove ldap-int.h dependencies. 
LDAP_FREE() -> ber_memfree(), msg->lm_ber -> ldap_get_message_ber(msg).
 2010-11-22 12:51:44 +00:00
Pierangelo Masarati
001b30ebc6 fix slapo-chain startup issue when using back-config, related to ITS#6540 2010-11-14 23:53:54 +00:00
Howard Chu
1e18b823a0 ITS#6699 search references must turn onelevel scope to base 2010-11-12 04:35:49 +00:00
Pierangelo Masarati
50a21d512f cleanup related to ITS#6565 (also plugs a leak) 2010-09-10 22:19:41 +00:00
Pierangelo Masarati
aa63f21e4f cleanup previous commit 2010-09-09 00:57:04 +00:00
Pierangelo Masarati
65b042b4fb if required by the bindconf configuration, force TLS (partially addresses ITS#6642) 2010-09-09 00:12:01 +00:00
Pierangelo Masarati
22e5e49f26 use request/referral DN, scope, filter according to RFC4511 (related to ITS#6565) 2010-07-22 19:17:20 +00:00
Ralf Haferkamp
c4f0c2cc2b unregister controls when removing syncprov, ppolicy, valsort, chain or 
sssvlv overlay
 2010-07-01 11:51:43 +00:00
Pierangelo Masarati
1242443553 don't risk leaving around client library error codes 2010-06-22 23:10:48 +00:00
Pierangelo Masarati
3a28608f0d allow successful binds to return control responses (ITS#6530) 2010-04-22 18:18:15 +00:00
Pierangelo Masarati
467a1da79f add support for don't use copy in SASL auxprops lookup/store (ITS#6475; TODO: document new directives) 2010-04-15 18:13:53 +00:00
Pierangelo Masarati
9d2e03f052 allow to specify a per-database list of attributes that need to be always collected, even if not explicitly requested by clients (addresses ITS#6513) 2010-04-15 05:26:21 +00:00
Pierangelo Masarati
bbe7272c7f allow strict adherence to RFC4370 wrt/ control criticality (ITS#6523) 2010-04-14 21:37:03 +00:00
Kurt Zeilenga
3dadeb3efe happy belated New Year 2010-04-13 22:17:29 +00:00
Pierangelo Masarati
9702081201 handle ordered values as appropriate (ITS#6516) 2010-04-12 18:01:37 +00:00
Pierangelo Masarati
f57a216f1c use slab allocation 2010-04-12 07:44:56 +00:00
Pierangelo Masarati
32048a5128 fix previous commit 2010-04-12 02:28:40 +00:00
Pierangelo Masarati
2355fb516a backout unintended commit commit 2010-04-12 00:08:11 +00:00
Pierangelo Masarati
0dc3a13c01 fix previous commit 2010-04-12 00:06:45 +00:00
Pierangelo Masarati
f75825881a honor X-ORDERED in olcDbIdAssertAuthzFrom; add olcDbIdAssertPassthru (ITS#6456); note: breaks binary compatibility with module back-meta.la 2010-04-09 22:47:55 +00:00
Howard Chu
32feda4478 Add pbind proxybind overlay. Just intercepts Bind requests on a regular DB 
and proxies them to a remote server.
 2010-02-04 01:59:58 +00:00
Howard Chu
66a58ae93a ConnTTL, NetworkTimeout, and ProtocolVersion were missing from the 
config OC, thus inaccessible from cn=config
 2010-02-04 01:02:51 +00:00
Pierangelo Masarati
2047a0d784 plug one-time leaks 2009-12-18 19:07:16 +00:00
Pierangelo Masarati
48b8970dad issue a useful error message 2009-12-08 19:49:15 +00:00
Pierangelo Masarati
5118f06b13 plug leak/logical error (ITS#6326) 2009-10-07 22:46:35 +00:00
Pierangelo Masarati
1815ad4cb6 register authz cookie (ITS#6296) 2009-09-17 21:16:04 +00:00
Pierangelo Masarati
393612b8e1 by now, make sure no timeout is used (ITS#6282) 2009-09-08 07:56:43 +00:00
Howard Chu
fffb1fab4e Include "lutil.h" - fixes warnings in RE24 2009-09-01 00:35:22 +00:00
Pierangelo Masarati
20359f2020 fix previous commit (ITS#6267) 2009-08-24 00:41:12 +00:00
Hallvard Furuseth
c0e0a64799 Silence warning (missing braces ininitializer) 2009-08-19 18:58:28 +00:00
Pierangelo Masarati
69878f43c8 refactor connection handling 2009-08-19 16:45:15 +00:00
Pierangelo Masarati
bdec7702d7 better logging of privileged connections (more to come; might be unstable for a bit) 2009-08-19 15:00:59 +00:00
Pierangelo Masarati
148cc2f2fc silence warnings 2009-08-19 13:20:11 +00:00
Pierangelo Masarati
c39815ee28 don't deadlock when a TLS uri is not responding (ITS#6167) 2009-06-11 06:51:01 +00:00
Howard Chu
6f8323590e More explicit for prev commit 2009-03-06 04:00:38 +00:00
Howard Chu
4fc4cb7995 ITS#6003, #5916 fix ldap_back_entry_get_rw, no deref here 2009-03-06 03:57:35 +00:00
Howard Chu
1f5937f993 More for prev 2009-02-27 06:57:09 +00:00
Howard Chu
bfdb727446 Fix potential double-free of filter on abandon 2009-02-27 06:39:43 +00:00
Howard Chu
e6eff03373 ITS#5977 fix typo 2009-02-27 01:58:09 +00:00
Pierangelo Masarati
7fe91339df fix ITS#5959 fix 2009-02-27 01:45:20 +00:00
Howard Chu
7549abb063 Better fix for prev 2009-02-27 01:31:31 +00:00
Howard Chu
6345812f49 More for prev commit 2009-02-27 01:28:22 +00:00
Howard Chu
62eeafa1d9 ITS#5977 strip duplicates out of sorted attrs 2009-02-27 01:11:33 +00:00
Howard Chu
2024d5af85 ITS#5959 drop illegal values, only drop attr if it's left empty 2009-02-20 02:02:17 +00:00
Pierangelo Masarati
a5924e3092 more on ITS#5931: handle intermediate responses and support syncrepl also in back-ldap 2009-02-10 14:27:28 +00:00
Pierangelo Masarati
911b5fd42e do not assert when receiving intermediate response (partial fix to ITS#5931) 2009-02-09 14:55:56 +00:00
Pierangelo Masarati
bdb121c967 discard attribute values if attribute name cannot be parsed (ITS#5927) 2009-02-07 15:09:18 +00:00
Howard Chu
2b08e96b53 ITS#5916 - externally callable functions are ldap_pvt, not ldap_int. 2009-02-02 21:14:34 +00:00
Pierangelo Masarati
0ded1f16d5 Allow alias dereferencing in search C API; use new API in proxy backends (ITS#5916) 2009-01-31 10:27:07 +00:00
Pierangelo Masarati
4572e7d721 proxy RFC4525 increment; bail out in case of unsupported extension (ITS#5912) 2009-01-29 20:30:19 +00:00
Kurt Zeilenga
4af9eb9715 Update copyright notices 2009-01-22 00:40:04 +00:00
Pierangelo Masarati
fb9128cdc8 check validity of idassert-bind line (ITS#5863) 2008-12-20 22:34:00 +00:00
Pierangelo Masarati
5a50733e39 don't send error when going to retry (alternative fix to ITS#5854) 2008-12-12 09:29:51 +00:00
Pierangelo Masarati
2f32c29e4a don't bailout in case of insufficientAccess (ITS#5816) 2008-11-18 01:29:34 +00:00
Hallvard Furuseth
7cd654253e ITS#4467: Fix snprintf buffer overflow test for olcDbQuarantine output. 
Overrides previous patch which partly fixed it: it was a no-op test before.
 2008-10-18 23:49:28 +00:00
Hallvard Furuseth
670ec4f938 Warning cleanup: signed meets unsigned. 2008-10-17 18:05:00 +00:00
Hallvard Furuseth
05bbe7833b Fix typo in assertion: j1 + j1 -> j1 + j2. (Not a crasher, just wrong test.) 
Warning cleanup: signed meets unsigned.
 2008-10-17 18:02:09 +00:00
Pierangelo Masarati
23f78d1bba leave rs struct untouched (ITS#5742) 2008-10-17 00:06:12 +00:00
Pierangelo Masarati
1421d522ad fix overlays with private instances of databases (ITS#5736) 2008-10-12 20:20:46 +00:00
Pierangelo Masarati
dc414747a7 silence warnings 2008-09-16 14:44:24 +00:00
Pierangelo Masarati
969a0aef0e canonicalize undef objectClass names (much like attributes; ITS#5681) 2008-09-04 08:05:17 +00:00
Pierangelo Masarati
adc358f664 free filter before overlays' cleanup callback 2008-07-15 12:31:08 +00:00
Pierangelo Masarati
d0dd945882 fix potential leak in previous commit 2008-07-15 08:54:41 +00:00
Pierangelo Masarati
5c53e3ad72 improve previous commit (ITS#5614) 2008-07-14 22:44:01 +00:00
Pierangelo Masarati
30ffa33d7e do not propagate undefined or otherwise broken search filters (ITS#5614) 2008-07-14 22:14:49 +00:00
Pierangelo Masarati
c6f12694fc allow proxies to filter out search references (ITS#5593) 2008-07-07 21:25:59 +00:00
Howard Chu
010295e9e7 More symbols for ITS#5355 2008-06-29 21:13:03 +00:00
Pierangelo Masarati
20e8da9ba7 lookup entries as LDAP_REQ_SEARCH (ITS#5513) 2008-05-17 11:36:44 +00:00
Pierangelo Masarati
14c425b922 s/leave/func_leave/ (ITS#5411) 2008-03-15 18:16:21 +00:00
Pierangelo Masarati
ec8466ec83 invalidate connection handler when ldap_sasl_interactive_bind_s() for internal error (ITS#5404); fix response tag 2008-03-08 15:41:17 +00:00
Pierangelo Masarati
b23e4f15a9 make sure orr_newrdn is passed correctly to libldap (ITS#5397) 2008-02-28 16:22:23 +00:00
Hallvard Furuseth
5b526d2544 ITS#5328 - cosmetic cleanup (0 -> LDAP_SUCCESS) 2008-02-11 21:07:25 +00:00
Howard Chu
f481ffef9c ITS#5355 use bi_extra instead of calling directly into back-ldap 2008-02-08 02:01:17 +00:00
Kurt Zeilenga
c890c96d13 Happy New Year (belated) 2008-01-08 00:19:56 +00:00
Pierangelo Masarati
c2bbd6d5e7 fix typing warnings 2007-10-05 10:06:20 +00:00
Howard Chu
c428a16332 coverity - init i 2007-09-26 20:21:53 +00:00