From: Howard Chu Date: Tue, 24 Nov 2009 03:35:48 +0000 (+0000) Subject: ITS#6399, fix RFC4511 references, other references X-Git-Tag: ACLCHECK_0~57 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=21b817dc8308fc648dfcc0bf42d9105b9fb74981;p=openldap ITS#6399, fix RFC4511 references, other references --- diff --git a/doc/guide/admin/appendix-ldap-result-codes.sdf b/doc/guide/admin/appendix-ldap-result-codes.sdf index 1eea12bcd6..19edc0df5c 100644 --- a/doc/guide/admin/appendix-ldap-result-codes.sdf +++ b/doc/guide/admin/appendix-ldap-result-codes.sdf @@ -5,13 +5,13 @@ H1: LDAP Result Codes For the purposes of this guide, we have incorporated the standard LDAP result -codes from {{Appendix A. LDAP Result Codes}} of rfc4511, a copy of which can +codes from {{Appendix A. LDAP Result Codes}} of {{REF:RFC4511}}, a copy of which can be found in {{F:doc/rfc}} of the OpenLDAP source code. We have expanded the description of each error in relation to the OpenLDAP toolsets. LDAP extensions may introduce extension-specific result codes, which are not part -of rfc4511. +of RFC4511. OpenLDAP returns the result codes related to extensions it implements. Their meaning is documented in the extension they are related to. @@ -37,23 +37,23 @@ H2: Result Codes Existing LDAP result codes are described as follows: -H2: {{success (0)}} +H2: success (0) Indicates the successful completion of an operation. Note: this code is not used with the Compare operation. See {{SECT:compareFalse (5)}} and {{SECT:compareTrue (6)}}. -H2: {{operationsError (1)}} +H2: operationsError (1) Indicates that the operation is not properly sequenced with relation to other operations (of same or different type). For example, this code is returned if the client attempts to -StartTLS [RFC4346] while there are other uncompleted operations +StartTLS ({{REF:RFC4511}} Section 4.14) while there are other uncompleted operations or if a TLS layer was already installed. -H2: {{protocolError (2)}} +H2: protocolError (2) Indicates the server received data that is not well-formed. @@ -71,33 +71,33 @@ be used to indicate that the server cannot ignore the order of the controls as specified, or that the combination of the specified controls is invalid or unspecified. -H2: {{timeLimitExceeded (3)}} +H2: timeLimitExceeded (3) Indicates that the time limit specified by the client was exceeded before the operation could be completed. -H2: {{sizeLimitExceeded (4)}} +H2: sizeLimitExceeded (4) Indicates that the size limit specified by the client was exceeded before the operation could be completed. -H2: {{compareFalse (5)}} +H2: compareFalse (5) Indicates that the Compare operation has successfully completed and the assertion has evaluated to FALSE or Undefined. -H2: {{compareTrue (6)}} +H2: compareTrue (6) Indicates that the Compare operation has successfully completed and the assertion has evaluated to TRUE. -H2: {{authMethodNotSupported (7)}} +H2: authMethodNotSupported (7) Indicates that the authentication method or mechanism is not supported. -H2: {{strongerAuthRequired (8)}} +H2: strongerAuthRequired (8) Indicates the server requires strong(er) authentication in order to complete the operation. @@ -107,47 +107,47 @@ code indicates that the server has detected that an established security association between the client and server has unexpectedly failed or been compromised. -H2: {{referral (10)}} +H2: referral (10) Indicates that a referral needs to be chased to complete the -operation (see Section 4.1.10). +operation (see {{REF:RFC4511}} Section 4.1.10). -H2: {{adminLimitExceeded (11)}} +H2: adminLimitExceeded (11) Indicates that an administrative limit has been exceeded. -H2: {{unavailableCriticalExtension (12)}} +H2: unavailableCriticalExtension (12) -Indicates a critical control is unrecognized (see Section +Indicates a critical control is unrecognized (see {{REF:RFC4511}} Section 4.1.11). -H2: {{confidentialityRequired (13)}} +H2: confidentialityRequired (13) Indicates that data confidentiality protections are required. -H2: {{saslBindInProgress (14)}} +H2: saslBindInProgress (14) Indicates the server requires the client to send a new bind request, with the same SASL mechanism, to continue the -authentication process (see Section 4.2). +authentication process (see {{REF:RFC4511}} Section 4.2). -H2: {{noSuchAttribute (16)}} +H2: noSuchAttribute (16) Indicates that the named entry does not contain the specified attribute or attribute value. -H2: {{undefinedAttributeType (17)}} +H2: undefinedAttributeType (17) Indicates that a request field contains an unrecognized attribute description. -H2: {{inappropriateMatching (18)}} +H2: inappropriateMatching (18) Indicates that an attempt was made (e.g., in an assertion) to use a matching rule not defined for the attribute type concerned. -H2: {{constraintViolation (19)}} +H2: constraintViolation (19) Indicates that the client supplied an attribute value that does not conform to the constraints placed upon it by the @@ -156,28 +156,28 @@ data model. For example, this code is returned when multiple values are supplied to an attribute that has a SINGLE-VALUE constraint. -H2: {{attributeOrValueExists (20)}} +H2: attributeOrValueExists (20) Indicates that the client supplied an attribute or value to be added to an entry, but the attribute or value already exists. -H2: {{invalidAttributeSyntax (21)}} +H2: invalidAttributeSyntax (21) Indicates that a purported attribute value does not conform to the syntax of the attribute. -H2: {{noSuchObject (32)}} +H2: noSuchObject (32) Indicates that the object does not exist in the DIT. -H2: {{aliasProblem (33)}} +H2: aliasProblem (33) Indicates that an alias problem has occurred. For example, the code may used to indicate an alias has been dereferenced that names no object. -H2: {{invalidDNSyntax (34)}} +H2: invalidDNSyntax (34) Indicates that an LDAPDN or RelativeLDAPDN field (e.g., search base, target entry, ModifyDN newrdn, etc.) of a request does @@ -185,73 +185,73 @@ not conform to the required syntax or contains attribute values that do not conform to the syntax of the attribute's type. -H2: {{aliasDereferencingProblem (36)}} +H2: aliasDereferencingProblem (36) Indicates that a problem occurred while dereferencing an alias. Typically, an alias was encountered in a situation where it was not allowed or where access was denied. -H2: {{inappropriateAuthentication (48)}} +H2: inappropriateAuthentication (48) Indicates the server requires the client that had attempted to bind anonymously or without supplying credentials to provide some form of credentials. -H2: {{invalidCredentials (49)}} +H2: invalidCredentials (49) Indicates that the provided credentials (e.g., the user's name and password) are invalid. -H2: {{insufficientAccessRights (50)}} +H2: insufficientAccessRights (50) Indicates that the client does not have sufficient access rights to perform the operation. -H2: {{busy (51)}} +H2: busy (51) Indicates that the server is too busy to service the operation. -H2: {{unavailable (52)}} +H2: unavailable (52) Indicates that the server is shutting down or a subsystem necessary to complete the operation is offline. -H2: {{unwillingToPerform (53)}} +H2: unwillingToPerform (53) Indicates that the server is unwilling to perform the operation. -H2: {{loopDetect (54)}} +H2: loopDetect (54) Indicates that the server has detected an internal loop (e.g., while dereferencing aliases or chaining an operation). -H2: {{namingViolation (64)}} +H2: namingViolation (64) Indicates that the entry's name violates naming restrictions. -H2: {{objectClassViolation (65)}} +H2: objectClassViolation (65) Indicates that the entry violates object class restrictions. -H2: {{notAllowedOnNonLeaf (66)}} +H2: notAllowedOnNonLeaf (66) Indicates that the operation is inappropriately acting upon a non-leaf entry. -H2: {{notAllowedOnRDN (67)}} +H2: notAllowedOnRDN (67) Indicates that the operation is inappropriately attempting to remove a value that forms the entry's relative distinguished name. -H2: {{entryAlreadyExists (68)}} +H2: entryAlreadyExists (68) Indicates that the request cannot be fulfilled (added, moved, or renamed) as the target entry already exists. -H2: {{objectClassModsProhibited (69)}} +H2: objectClassModsProhibited (69) Indicates that an attempt to modify the object class(es) of an entry's 'objectClass' attribute is prohibited. @@ -259,11 +259,11 @@ an entry's 'objectClass' attribute is prohibited. For example, this code is returned when a client attempts to modify the structural object class of an entry. -H2: {{affectsMultipleDSAs (71)}} +H2: affectsMultipleDSAs (71) Indicates that the operation cannot be performed as it would affect multiple servers (DSAs). -H2: {{other (80)}} +H2: other (80) Indicates the server has encountered an internal error. diff --git a/doc/guide/preamble.sdf b/doc/guide/preamble.sdf index 707719b284..1f4c803bf7 100644 --- a/doc/guide/preamble.sdf +++ b/doc/guide/preamble.sdf @@ -296,7 +296,7 @@ RFC4013|PS|SASLprep: Stringprep Profile for User Names and Passwords|http://www. RFC4346|PS|The Transport Layer Security (TLS) Protocol, Version 1.1|http://www.rfc-editor.org/rfc/rfc4346.txt RFC4422|PS|Simple Authentication and Security Layer (SASL)|http://www.rfc-editor.org/rfc/rfc4422.txt RFC4510|PS|Lightweight Directory Access Protocol (LDAP): Technical Specification Roadmap|http://www.rfc-editor.org/rfc/rfc4510.txt -RFC4511|PS|Lightweight Directory Access Protocol (LDAP): The Protocol|http://www.rfc-editor.org/rfc/rfc4512.txt +RFC4511|PS|Lightweight Directory Access Protocol (LDAP): The Protocol|http://www.rfc-editor.org/rfc/rfc4511.txt RFC4512|PS|Lightweight Directory Access Protocol (LDAP): Directory Information Models|http://www.rfc-editor.org/rfc/rfc4512.txt RFC4513|PS|Lightweight Directory Access Protocol (LDAP): Authentication Methods and Security Mechanisms|http://www.rfc-editor.org/rfc/rfc4513.txt RFC4514|PS|Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names|http://www.rfc-editor.org/rfc/rfc4514.txt