Kurt Zeilenga [Mon, 14 Feb 2000 20:57:34 +0000 (20:57 +0000)]
Another round of changes behind -DSLAPD_SCHEMA_NOT_COMPAT
plus these changes unhidden changes:
remove now meaning --enable-discreteaci configure option
fix ITS#451, slapd filters
Add ber_bvecadd() to support above
constify ldap_pvt_find_wildcard() and misc slapd routines
renamed some slap.h macros
likely broken something
Kurt Zeilenga [Sat, 5 Feb 2000 05:01:41 +0000 (05:01 +0000)]
Another round of SLAPD_SCHEMA_NOT_COMPAT changes including
basic structures for handing language tags and binary option
(but less actual code to actually support them). Provided
for reference only. Will not even compile.
Kurt Zeilenga [Mon, 31 Jan 2000 17:59:10 +0000 (17:59 +0000)]
Put type;option trimming codes behind SLAPD_SCHEMA_COMPAT.
Attribute subtyping, especially that using attribute description
options, will have to reengineered.
Kurt Zeilenga [Mon, 31 Jan 2000 01:49:44 +0000 (01:49 +0000)]
Add SLAP_SYNTAX_BINARY flag to indicate binary storage is used for
attributes of the syntax. Such attribute values be transferred
using binary syntax unless ber2str/str2ber routines are provided.
Used in conjunction with ";binary" attribute description option
and/or the Binary syntax.
Kurt Zeilenga [Thu, 27 Jan 2000 18:35:36 +0000 (18:35 +0000)]
Don't exclude no-user-modification attributes from ACL checks
unless access requested is WRITE. This allows you to apply
an ACL to limit search/reading of no-user-modification attributes.
Writes, of course, are always prohibited (by do_add, do_modify).
Kurt Zeilenga [Thu, 27 Jan 2000 01:43:12 +0000 (01:43 +0000)]
Last commit was a bit premature. This fixes up compiler
bugs and adds temporary code to glue things until we sort
out unicode UTF-8 vs UCS-4 vs UCS-2 issues.
Kurt Zeilenga [Tue, 25 Jan 2000 21:13:31 +0000 (21:13 +0000)]
Second round of schema changes
Revert normalization to matching rule per discussions with Julio.
May need separate normalization routines for stored value and asserted
value. Currently rely on passed in syntax/mr to allow "special" behavior.
Reworked filters to pass struct berval * instead of char *. (needs work)
Validation, normalization and matching needed.
Kurt Zeilenga [Mon, 24 Jan 2000 23:31:26 +0000 (23:31 +0000)]
Modify slapd syntax struct to have both a validation and normalization
routine. Could be combined into one routine.
Modify slapd matching rule struct to only have match function.
Modify old attribute such that 'bin' implies octetString, not 'binary'.
Add compatibility for IA5 strings. Only directoryStrings were handled
before.
Treat attribute types without syntax as incomplete, not default.
Add OctetStringValidate (always returns okay).
Add {UTF8,IA5}StringValidate/Normalize (IA5 based loosely on
case_exact_normalize). Need case{Exact,Ignore}UTFMatch, using IA5 versions
for now.
Removed default of syntax/mr handlders, should just skip
registration of syntax/mr's without handlers.
Added comments to slap.h about types versus descriptions.
Kurt Zeilenga [Thu, 20 Jan 2000 05:48:18 +0000 (05:48 +0000)]
Remove SASL/TLS integration projects from TODO as basic
code has been committed.
Add item to implement SASL/TLS to clients.
(This is not to imply that the code is complete)
Howard Chu [Sat, 15 Jan 2000 19:03:16 +0000 (19:03 +0000)]
In ldap_pvt_tls_init() treat subsequent invocations as no-ops, not error.
In tls_verify_cb() use CRYPTO_free instead of free (necessary on NT due to
use of different heaps).
Changed update_flags to use SSL_get_error() to check success/status. This
fixes the problem of sb->sb_trans_needs_read getting set on dead sockets.
Kurt Zeilenga [Sat, 8 Jan 2000 19:23:26 +0000 (19:23 +0000)]
--disable-kbind --disable-kpasswd should imply --without-kerberos
under "auto" selection. If not auto, just warn.
Rebuild configure using appropriate tools.