upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-24 00:29:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
23352 commits 38 branches 309 tags 68 MiB
Commit graph

1405 commits

Author SHA1 Message Date
Quanah Gibson-Mount
a5b8a41c13 ITS#9003 
Note that with slapd-ldap, the special character "*" actually allows anonymous rather than denies, as is the case with authz-policy
 2020-04-01 19:40:27 +00:00
Ondřej Kuzník
ba290f1c35 ITS#9156 Document ppolicy changes 2020-01-23 23:47:14 +00:00
Ondřej Kuzník
419b9ad202 ITS#9156 Implement pwdMaxIdle 2020-01-23 23:46:58 +00:00
Quanah Gibson-Mount
f6ad222e41 Happy New Year! 2020-01-09 16:50:21 +00:00
Howard Chu
90b0abd894 ITS#9121 dynlist enhancements 
1) allow filtering on dynamic attribute values
2) populate an optionally configured memberOf attribute

test044 script still needs to be extended to test these
enhancements. We need to define an interim attributeType
for testing memberOf functionality.
 2019-12-16 18:31:12 +00:00
Ondřej Kuzník
5b304a3ae6 ITS#9071 Document "tls none" for back-ldap 2019-08-30 14:02:31 +01:00
Quanah Gibson-Mount
efbfc1fe95 ITS#9065 - Document correct attribute pwdGraceAuthnLimit 2019-08-19 15:45:31 +00:00
Quanah Gibson-Mount
7cc34fa722 ITS#9063 -- Fix missing bold tag for tls_reqcert 2019-08-12 23:49:50 +00:00
Quanah Gibson-Mount
c4df431c6c ITS#8977 - Note allowed value range for idlexp 2019-06-26 18:15:32 +00:00
Ondřej Kuzník
17b5b3d7f8 Separate VERSION to its own paragraph 2019-06-21 13:44:06 +02:00
Ondřej Kuzník
6a5e30674b ITS#8671 Expose OpenLDAP specific interfaces in openldap.h 2019-06-14 11:52:35 +02:00
Quanah Gibson-Mount
ec2cb12e68 ITS#9010 - Delete back-bdb/back-hdb 
This commits deletes all references and code for back-bdb and back-hdb.
There is some follow up work still necessary to flush out the admin
guide for back-mdb.
 2019-05-13 17:20:28 +00:00
Ondřej Kuzník
a5ad0e0643 ITS#8693 Tweak previous commit 2019-05-08 15:31:13 +01:00
Ondřej Kuzník
a4e2d5c501 ITS#8693 Document unused but generated starttls parameter 2019-05-08 15:12:08 +01:00
Quanah Gibson-Mount
6d79439630 ITS#8881 - Note MDB is the primary backend 
Update to note that MDB is the primary backend and HDB/BDB are
deprecated.
 2019-04-17 23:52:51 +00:00
Quanah Gibson-Mount
c5ad08c1a4 ITS#8771 - Note back-mdb is recommended 
Commit 279594c22f officially marked
slapd-mdb as being the recommended backend for OpenLDAP, superseding
back-hdb.  This man page was missed during that update.
 2019-04-17 23:49:08 +00:00
Nadezhda Ivanova
f239bbd3c6 Add LDAP_OPT_KEEPCONN option 
This option instructs try_read1msg to not free the connection on read error
or on Notice of disconnections, but leave it to the caller. It is needed,
for example, by back-asyncmeta, who expects to have control on when
its target connections are freed. Must be used with caution.
 2019-02-28 17:27:54 +00:00
Nadezhda Ivanova
bb7e14d201 ITS#8734 Fixes for many back-asyncmeta issues 
Includes all the changes necessary to fix back-asyncmeta issues
discovered during on-site testing since the start of 2016.
These include:
Issues with stability - crashes and assetion failures
Incorrect behavior during unstable network conditions, such as inability to reset connections
or process responses, or "hanging" to wait for a response that would never be received.
Memory leaks and memory management fixes - major redesign of the way back-asyncmeta
works with memory contexts.
Rewrite was replaced with suffix-massage in configuration, and the network-timeout value was changed to milliseconds.
Incorrect behavior when SASL is used to bind to a target.
Many problems caused by race conditions
Fixes for compiler warnings, and tests.
Cleanup of unused code.
 2019-02-28 16:22:11 +00:00
Howard Chu
c8b806b676 ITS#8977 make IDL size configurable 2019-02-15 14:37:51 +00:00
Quanah Gibson-Mount
b45a6a7dc7 Happy New Year! 2019-01-14 18:46:16 +00:00
Howard Chu
52ace4554e More for privateKey tweak 2018-12-18 21:56:18 +00:00
Quanah Gibson-Mount
3add82a3bb ITS#8286 -- Add matching rules for attributes 
Add matching rules for all cases where it was missing.  Cleanup
incorrect types for a few attributes as well.  Fix network-timeout
handling in back-ldap/meta/asyncmeta.
 2018-12-18 19:14:06 +00:00
Quanah Gibson-Mount
9d4a5f64b6 Change backend reference from slapd-bdb to slapd-mdb 2018-11-14 21:28:01 +00:00
Howard Chu
111329a2dc More for back-mdb multival 
Allow configuring thresholds for specific attributes
 2018-08-30 11:24:25 +01:00
Ondřej Kuzník
8a259e3df1 ITS#8573 allow all libldap options in tools -o option 2018-06-14 16:19:10 +01:00
Ondřej Kuzník
18afc2446d Fix quoting example 2018-06-14 16:19:10 +01:00
Quanah Gibson-Mount
59e9ff6243 Happy New Year 2018-03-22 15:35:24 +00:00
Howard Chu
f183b81a68 ITS#8818 SASL_MECH/SASL_REALM are not user-only 
Changed as of ITS#4327 commit 86d10729
 2018-03-13 18:57:53 +00:00
Ondřej Kuzník
4035016796 ITS#6656 Docs for reqEntryUUID 2017-10-26 11:53:50 +01:00
Josh Soref
10566c8be3 ITS#8605 - spelling fixes 
* javascript
* kernel
* ldap
* length
* macros
* maintained
* manager
* matching
* maximum
* mechanism
* memory
* method
* mimic
* minimum
* modifiable
* modifiers
* modifying
* multiple
* necessary
* normalized
* objectclass
* occurrence
* occurring
* offered
* operation
* original
* overridden
* parameter
* permanent
* preemptively
* printable
* protocol
* provider
* really
* redistribution
* referenced
* refresh
* regardless
* registered
* request
* reserved
* resource
* response
* sanity
* separated
* setconcurrency
* should
* specially
* specifies
* structure
* structures
* subordinates
* substitution
* succeed
* successful
* successfully
* sudoers
* sufficient
* superiors
* supported
* synchronization
* terminated
* they're
* through
* traffic
* transparent
* unsigned
* unsupported
* version
* absence
* achieves
* adamson
* additional
* address
* against
* appropriate
* architecture
* associated
* async
* attribute
* authentication
* authorized
* auxiliary
* available
* begin
* beginning
* buffered
* canonical
* certificate
* charray
* check
* class
* compatibility
* compilation
* component
* configurable
* configuration
* configure
* conjunction
* constraints
* constructor
* contained
* containing
* continued
* control
* convenience
* correspond
* credentials
* cyrillic
* database
* definitions
* deloldrdn
* dereferencing
* destroy
* distinguish
* documentation
* emmanuel
* enabled
* entry
* enumerated
* everything
* exhaustive
* existence
* existing
* explicitly
* extract
* fallthru
* fashion
* february
* finally
* function
* generically
* groupname
* happened
* implementation
* including
* initialization
* initializes
* insensitive
* instantiated
* instantiation
* integral
* internal
* iterate
 2017-10-11 14:39:38 -07:00
Nathaniel McCallum
29f6260364 ITS#7532 - Add new function ldap_connect(). 
This function is used to manually establish a connection after
a call to ldap_initialize(). This is primarily so that a file
descriptor can be obtained before any requests are sent for the
purposes of polling for writability.
 2017-10-11 14:31:22 -07:00
Quanah Gibson-Mount
9bef357403 ITS#6475 - Man page updates to slapd.conf/slapd-config for the new olcSaslAuxpropsDontUseCopy and olcSaslAuxpropsDontUseCopyIgnore parameters for use with SASL/OTP 2017-10-11 14:31:01 -07:00
Quanah Gibson-Mount
fba60ab2ed ITS#8121 - Note ldap_sasl_bind and ldap_sasl_bind_s can be used to make simple binds via the LDAP_SASL_SIMPLE mechanism 2017-10-06 10:44:38 -07:00
Ted C. Cheng
e20ac6b539 ITS#7520 - back-ldap omit-unknown-schema changes 2017-10-06 10:44:31 -07:00
Quanah Gibson-Mount
44b9fd1c81 ITS#5048 - index on entryCSN is mandatory 2017-10-06 10:39:43 -07:00
Michael Ströder
b65e0b5731 ITS#8714 Send out EXTENDED operation message from back-sock 2017-09-06 15:32:28 +01:00
Quanah Gibson-Mount
0f80e05eeb ITS#8715 Fix typo with olcTLSCiphersuite 2017-08-21 09:19:12 -07:00
Quanah Gibson-Mount
17cc93d570 ITS#8713 Delete stub man page for LDBM 2017-08-16 08:50:39 -07:00
Quanah Gibson-Mount
cc79503e04 ITS#8123 - Fix wording to match examples 2017-04-26 11:05:35 -07:00
Quanah Gibson-Mount
3eeb562489 Fix slapo-pcache to use mdb as the example backend 2017-04-25 16:09:22 -07:00
Quanah Gibson-Mount
33f5e7122c ITS#8635 - Note that non-zero serverID's are required for MMR, and that serverID 0 is specific to single master replication only 2017-04-24 13:15:56 -07:00
Quanah Gibson-Mount
c4eaa5416d ITS#8613 - Note that slapo-memberOf should not be used in a replicated environment 2017-04-24 11:51:15 -07:00
Howard Chu
dacf15475f autoca manpage updates 2017-04-09 20:48:37 +01:00
Howard Chu
2b920ecaec Add autoca overlay 
Automated certificate authority
 2017-04-08 02:51:08 +01:00
Quanah Gibson-Mount
b1e1904a8c ITS#7177, ITS#6339 - Fix VV option information 2017-03-29 12:36:42 -07:00
Jan Vcelak
54c4df72dd ITS#7177 add SASL_NOCANON option to ldap.conf(5) 2017-03-29 12:35:09 -07:00
Quanah Gibson-Mount
2af41ec852 ITS#8253 - Further clarification around replication information 2017-02-21 15:27:13 -08:00
Howard Chu
6f3c970f47 Document threadqueues option 
Implemented in 34f832faee
 2017-02-06 09:35:05 +00:00
Quanah Gibson-Mount
c01bbc7e3b Tweak examples to use back-mdb 2017-02-02 10:43:01 -08:00
Quanah Gibson-Mount
6e15ccb4dd Fix grammar 2017-01-18 13:32:23 -08:00
Quanah Gibson-Mount
ba59f9859d ITS#8544 - Grammar and escaping fixes 2017-01-18 07:56:59 -08:00
Quanah Gibson-Mount
7b3a853736 ITS#8565 - Clearly document rootdn requirement for the ppolicy overlay 2017-01-18 07:50:23 -08:00
Quanah Gibson-Mount
1df85d3427 Happy New Year! 2017-01-03 12:36:47 -08:00
Quanah Gibson-Mount
cd140c12eb ITS#8538 - Update information on the interval keyword, as it affects refreshAndPersist in very specific circumstances 2016-12-02 13:27:56 -08:00
Ryan Tandy
bbc15ab657 ITS#8185 fix typo in man page 2016-10-11 21:45:32 -07:00
Ryan Tandy
e35deef110 ITS#8099 bindconf ciphersuite setting is 'tls_cipher_suite' 2016-06-24 18:14:17 -07:00
Quanah Gibson-Mount
4d3a54835c Fix minor typo 2016-02-26 18:37:10 -06:00
Nadezhda Ivanova
6cafdfa8d8 ITS#8303 Asynchronous meta back-end for OpenLDAP 2016-02-01 14:35:47 +00:00
Howard Chu
a4c7943d39 Large multivalued attr support 
Store attrs with a large number of values separately from the
main entry blob. Note - we need support for large DUPSORT values
for this to be generally usable.
 2016-01-31 15:35:11 +00:00
Quanah Gibson-Mount
6c4d6c880b Happy New Year! 2016-01-29 13:32:05 -06:00
Ondřej Kuzník
f0f366ef5b ITS#8215 Add slapmodify manpage 2015-10-25 09:00:25 +00:00
Ondřej Kuzník
7a25c7be23 ITS#8215 Manpage fixes 2015-10-25 09:00:01 +00:00
Howard Chu
91ab49c37d ITS#8249 add option to return search entry 2015-09-17 20:43:37 +01:00
Howard Chu
21bf33b0e8 ITS#8226 limit size of read txns in searches 2015-08-30 04:54:22 +01:00
HAMANO Tsukasa
61c95e7669 ITS#8114 OpenLDAP WiredTiger Backend 2015-08-19 18:13:27 +01:00
Howard Chu
af27b7032e ITS#8185 add pwdMaxRecordedFailure 
Limit the number of pwdFailureTime stamps to record, regardless
of lockout settings.
 2015-08-14 15:19:46 +01:00
Jan Synacek
be11563e36 ITS#7769 Fix typo in slapd-meta manpage. 2015-05-21 17:26:57 +01:00
Howard Chu
44f8642c0e ITS#8040 fix 525aa23800 2015-04-08 23:30:35 +01:00
Howard Chu
525aa23800 ITS#8040 document lazycommit 2015-04-08 23:18:03 +01:00
Quanah Gibson-Mount
48d3720d5a ITS#8099 
Update documentation to correctly use tls_cipher_suite
 2015-04-08 15:01:15 -05:00
Quanah Gibson-Mount
1705fa7e55 Happy New Year 2015-02-11 15:36:57 -06:00
Howard Chu
129299a933 ITS#8051 use a regexp 2015-02-04 05:21:46 +00:00
Howard Chu
2fbecdd756 ITS#8051 add DN qualifier 2015-02-04 03:53:13 +00:00
Howard Chu
9b4895561c ITS#8032 document LDAP_OPT_API_INFO/FEATURE_INFO 2015-01-22 01:40:04 +00:00
Howard Chu
d06f5e7c1b ITS#8007 Add maxentrysize config option 2014-12-15 21:35:48 +00:00
Howard Chu
d951a4288b ITS#7860 more for #5366, ldap_ava definition 2014-07-18 11:26:33 -07:00
Howard Chu
71ff674a02 ITS#7871 fix ldif-wrap length 
Doc has been updated to note the default was actually 78.
The off-by-two error is fixed. Note that wrap=1 will still
output 2 columns, otherwise it can't output anything besides
the continuation character.
 2014-06-04 00:52:01 -07:00
Quanah Gibson-Mount
fcdd3a06b1 ITS#7847 
Add exattr bits to slapd.conf(5)
 2014-05-05 11:52:33 -05:00
Howard Chu
279594c22f Recommend mdb, deprecate BDB 2014-03-20 01:29:04 -07:00
Kurt Zeilenga
5c878c1bf2 Happy new year (belated) 2014-01-25 05:21:25 -08:00
Howard Chu
80d8c56afd ITS#7725 add nordahead envflag 2013-10-12 16:25:33 -07:00
Quanah Gibson-Mount
4eecd27729 Update example slapd.conf bits to use mdb instead of bdb 2013-09-19 14:28:12 -07:00
Howard Chu
16f8b0902c ITS#7398 add LDAP_OPT_X_TLS_PEERCERT 
retrieve peer cert for an active TLS session
 2013-09-10 04:31:39 -07:00
Howard Chu
0045e56c34 ITS#7683 more for tls version/cipher info 
Add LDAP_OPT_X_TLS_VERSION / LDAP_OPT_X_TLS_CIPHER for
retrieving from an LDAP session handle. Update ldap_get_option(3).
 2013-09-09 11:52:10 -07:00
Howard Chu
e631ce808e ITS#7595 Add Elliptic Curve support for OpenSSL 2013-09-07 09:47:40 -07:00
Howard Chu
63926362a9 ITS#7506 more doc updates 2013-09-07 06:50:30 -07:00
Jan Synacek
c645a58569 ITS#7680 Fix typos in manpages. 2013-09-03 09:17:54 -07:00
Howard Chu
f39d537e2b ITS#7645 more for TLSProtocolMin 2013-08-07 11:08:09 -07:00
Howard Chu
fbeee4d27f ITS#7645, #5655 TLSProtocolMin docs 2013-07-29 06:50:18 -07:00
Howard Chu
0f4b5bdd88 ITS#5655 cleanup 2013-07-29 06:40:02 -07:00
Philip Guenther
dcf97caf11 ITS#5655 TLS_PROTOCOL_MIN setting 2013-07-29 06:38:27 -07:00
Howard Chu
9649281f7b ITS#7609 add per-target filter patterns 2013-05-26 18:43:46 -07:00
Ted C. Cheng
d3633632e1 ITS#7513 added TCP keepalive support to back-meta 2013-04-24 01:22:17 -07:00
Jan Synacek
ee23a4ca24 ITS#7568 Fix typos in ldap.conf.5 2013-04-10 18:15:49 -07:00
Pierangelo Masarati
27e1614fde no need to mention replog any longer (ITS#7562) 2013-04-06 20:31:40 +02:00
Pierangelo Masarati
83d6a5d56e fix tool name (ITS#7534) 2013-03-01 10:20:57 +01:00
Howard Chu
70892f0b37 ITS#7523 document the valsort control's value syntax 
Not really sure that we like this syntax, but it's been there
for 8 years now so unlikely to change.
 2013-02-19 21:48:59 -08:00
Quanah Gibson-Mount
5b89b47321 ITS#7523 
Document valsort control
 2013-02-11 13:50:02 -08:00
Quanah Gibson-Mount
dd7b1c39b1 Clean up whitespace in previous commit 2013-01-24 11:31:41 -08:00
Ted C. Cheng
d836def019 added tcp keepalive support to back-ldap 2013-01-24 10:53:56 -08:00