]>
git.sur5r.net Git - openldap/log
Howard Chu [Sat, 20 Sep 2003 03:23:10 +0000 (03:23 +0000)]
ITS#2497, implement value-level ACLs:
access to attr=foo val.regex=bar.*
Howard Chu [Sat, 20 Sep 2003 00:33:42 +0000 (00:33 +0000)]
Revert rev 1.90 ITS#2484 patch; Cyrus 1.5 is no longer supported.
Kurt Zeilenga [Fri, 19 Sep 2003 18:41:28 +0000 (18:41 +0000)]
Hide experimental features
Kurt Zeilenga [Fri, 19 Sep 2003 18:38:35 +0000 (18:38 +0000)]
Hide experimental controls
Kurt Zeilenga [Fri, 19 Sep 2003 18:23:37 +0000 (18:23 +0000)]
add "proxy" to "authorization" in a few places
Howard Chu [Fri, 19 Sep 2003 00:49:33 +0000 (00:49 +0000)]
ITS#2729 fix typos
Kurt Zeilenga [Thu, 18 Sep 2003 17:12:27 +0000 (17:12 +0000)]
Fix pre/post attrs init bug (ITS#2728)
Jong Hyuk Choi [Thu, 18 Sep 2003 06:04:28 +0000 (06:04 +0000)]
error behavior fix and TODO
Jong Hyuk Choi [Wed, 17 Sep 2003 23:30:43 +0000 (23:30 +0000)]
correction of binddn= requirement in the example section
Jong Hyuk Choi [Wed, 17 Sep 2003 23:06:57 +0000 (23:06 +0000)]
missing or empty attrs list in a syncrepl specification
is changed to mean attrs="*"
Luke Howard [Wed, 17 Sep 2003 11:05:06 +0000 (11:05 +0000)]
fix typo
Jong Hyuk Choi [Wed, 17 Sep 2003 10:34:10 +0000 (10:34 +0000)]
fix for persistent search termination (ITS#2724)
- the consumer slapd did not terminate when the provider is alive
- use a timeout in ldap_result() of syncrepl.c
Jong Hyuk Choi [Wed, 17 Sep 2003 05:34:47 +0000 (05:34 +0000)]
fix config file processing (ITS#2722)
Howard Chu [Tue, 16 Sep 2003 22:03:26 +0000 (22:03 +0000)]
ITS#2679 don't use cached ACL state from different attribute
Kurt Zeilenga [Tue, 16 Sep 2003 20:17:18 +0000 (20:17 +0000)]
Require Cyrus SASL 2.1
Kurt Zeilenga [Tue, 16 Sep 2003 20:17:07 +0000 (20:17 +0000)]
Require Cyrus SASL 2.1 or better
Kurt Zeilenga [Tue, 16 Sep 2003 18:56:04 +0000 (18:56 +0000)]
Initial support for pre/post read controls.
TODO:
Fix transactional consistency
Add client response control handling
Kurt Zeilenga [Tue, 16 Sep 2003 05:27:20 +0000 (05:27 +0000)]
Update refs
Kurt Zeilenga [Tue, 16 Sep 2003 05:16:33 +0000 (05:16 +0000)]
Initial proxy cache and syncrepl chapters
Kurt Zeilenga [Tue, 16 Sep 2003 04:39:14 +0000 (04:39 +0000)]
s/mech/saslmech/ in sasl directives
Kurt Zeilenga [Mon, 15 Sep 2003 21:53:58 +0000 (21:53 +0000)]
cleanup
Kurt Zeilenga [Mon, 15 Sep 2003 21:50:13 +0000 (21:50 +0000)]
Add dn.subtree="" clause
Kurt Zeilenga [Mon, 15 Sep 2003 21:22:20 +0000 (21:22 +0000)]
Don't pass NULL when string is expected.
Other Cleanup
Luke Howard [Mon, 15 Sep 2003 06:53:54 +0000 (06:53 +0000)]
Modifications must be copied before calling slap_mods_check() because
the pretty function may replace values which are owned by the SLAPI plugin
slapi_entry_dup() optimization - avoid string re-encoding
Fix slapi_add_internal() logic errors (was this ever tested?)
Don't attempt to free entries that have been cached; see new internal
slapi_add_entry_internal_locked() API
Howard Chu [Sun, 14 Sep 2003 10:27:59 +0000 (10:27 +0000)]
More deadlock tweaks.
Howard Chu [Sun, 14 Sep 2003 05:19:45 +0000 (05:19 +0000)]
ITS#2484, set sasl_maxbuf to SASL_MAX_BUFF_SIZE if it was negotiated
as zero.
Howard Chu [Sat, 13 Sep 2003 11:15:23 +0000 (11:15 +0000)]
ITS#2649, never defer Abandon requests
Howard Chu [Sat, 13 Sep 2003 10:20:27 +0000 (10:20 +0000)]
ITS#2691 use putenv() instead of setenv() for portability
Howard Chu [Sat, 13 Sep 2003 09:51:28 +0000 (09:51 +0000)]
Add comment about normalized values in mods vs entry attributes
Jong Hyuk Choi [Sat, 13 Sep 2003 00:36:14 +0000 (00:36 +0000)]
fix in slap_entry2mods()
Jong Hyuk Choi [Fri, 12 Sep 2003 22:49:14 +0000 (22:49 +0000)]
LDAP_SASL_INTERACTIVE -> LDAP_SASL_QUIET
Jong Hyuk Choi [Fri, 12 Sep 2003 21:06:29 +0000 (21:06 +0000)]
fix for Makefile change
Kurt Zeilenga [Fri, 12 Sep 2003 20:10:05 +0000 (20:10 +0000)]
-y should not require -W
Howard Chu [Fri, 12 Sep 2003 19:40:04 +0000 (19:40 +0000)]
Fix prev commit
Howard Chu [Fri, 12 Sep 2003 18:53:59 +0000 (18:53 +0000)]
Fix prev commit
Howard Chu [Fri, 12 Sep 2003 18:52:34 +0000 (18:52 +0000)]
Construct ctxcsn entries directly, plug memory leaks, remove
dependency on slap_mods_check and slap_mods2entry
Howard Chu [Fri, 12 Sep 2003 00:54:21 +0000 (00:54 +0000)]
Clarify/standardize library version mismatch error messages
Luke Howard [Thu, 11 Sep 2003 09:04:03 +0000 (09:04 +0000)]
Fix SLAPI bind pre-operation plugin regression
Jong Hyuk Choi [Wed, 10 Sep 2003 17:03:01 +0000 (17:03 +0000)]
add bdb_get_commit_csn() for use in bdb_search
Kurt Zeilenga [Wed, 10 Sep 2003 02:33:36 +0000 (02:33 +0000)]
ITS#2707: fix 'access to dn.subtree="" by ...' directives
Kurt Zeilenga [Tue, 9 Sep 2003 18:37:31 +0000 (18:37 +0000)]
subtree ACI patch from Ralf
Kurt Zeilenga [Tue, 9 Sep 2003 17:17:21 +0000 (17:17 +0000)]
ITS#2696:
ldappasswd -T and -t options don't work, they try to open the file ldappasswd
instead of the argument passed.
Applied patch provided by Nicolas Schodet.
Jong Hyuk Choi [Tue, 9 Sep 2003 01:25:58 +0000 (01:25 +0000)]
more EntryInfo handling fix code (overriding the prev fix)
Jong Hyuk Choi [Mon, 8 Sep 2003 22:55:04 +0000 (22:55 +0000)]
use of bdb_modify_internal() in bdb_csn_commit()
fix EntryInfo handling in bdb_csn_commit()
Jong Hyuk Choi [Fri, 5 Sep 2003 20:13:10 +0000 (20:13 +0000)]
structrual oc fix
Jong Hyuk Choi [Fri, 5 Sep 2003 18:11:39 +0000 (18:11 +0000)]
It's verified that back-hdb performs as a sync provider as well as a sync consumer.
Jong Hyuk Choi [Thu, 4 Sep 2003 19:48:53 +0000 (19:48 +0000)]
misc cleanup
Jong Hyuk Choi [Wed, 3 Sep 2003 23:47:37 +0000 (23:47 +0000)]
memory mgmt cleanup
Jong Hyuk Choi [Wed, 3 Sep 2003 21:42:52 +0000 (21:42 +0000)]
Schema checking option for LDAP Sync replication
Jong Hyuk Choi [Wed, 3 Sep 2003 16:26:17 +0000 (16:26 +0000)]
manual update for proxy cache (apurva)
Jong Hyuk Choi [Wed, 3 Sep 2003 15:44:22 +0000 (15:44 +0000)]
no schema checking patch for proxy cache (apurva)
Jong Hyuk Choi [Wed, 3 Sep 2003 08:21:51 +0000 (08:21 +0000)]
Patch for ITS#2692
Luke Howard [Mon, 1 Sep 2003 08:49:22 +0000 (08:49 +0000)]
Support per-backend ACL plugins
Luke Howard [Sun, 31 Aug 2003 08:17:21 +0000 (08:17 +0000)]
Support for ACL plugins
Luke Howard [Sun, 31 Aug 2003 08:14:54 +0000 (08:14 +0000)]
Inherit operation pblock for SLAPI
Luke Howard [Sun, 31 Aug 2003 07:51:28 +0000 (07:51 +0000)]
Add ACL plugin definitions
Luke Howard [Sun, 31 Aug 2003 03:11:05 +0000 (03:11 +0000)]
Call SASL bind post-op SLAPI plugin _after_ DN has been set
Luke Howard [Sun, 31 Aug 2003 03:08:06 +0000 (03:08 +0000)]
Call post-op bind functions after SASL bind
Luke Howard [Sat, 30 Aug 2003 17:29:54 +0000 (17:29 +0000)]
SLAPI_X_CONN_SASL_CONTEXT
Luke Howard [Sat, 30 Aug 2003 17:29:14 +0000 (17:29 +0000)]
Expose SASL context to SLAPI plugins (SLAPI_X_CONN_SASL_CONTEXT)
Useful for plugins that may wish to collude with the SASL library to,
for example, retrieve a user's authorization data from a Kerberos ticket
for access control purposes
Jong Hyuk Choi [Sat, 30 Aug 2003 15:19:35 +0000 (15:19 +0000)]
slaptool update for LDAP Sync replication
Jong Hyuk Choi [Fri, 29 Aug 2003 21:24:05 +0000 (21:24 +0000)]
cleanup
Jong Hyuk Choi [Fri, 29 Aug 2003 17:02:53 +0000 (17:02 +0000)]
more patches for ITS#2692 (Thanks Luke!)
Jong Hyuk Choi [Thu, 28 Aug 2003 22:29:55 +0000 (22:29 +0000)]
slapd.conf man page update (LDAP Sync replication configuration)
Jong Hyuk Choi [Thu, 28 Aug 2003 22:29:12 +0000 (22:29 +0000)]
Sync replication config option format change (interval)
Jong Hyuk Choi [Wed, 27 Aug 2003 23:21:17 +0000 (23:21 +0000)]
unifdef LDAP_CACHING
Jong Hyuk Choi [Wed, 27 Aug 2003 22:18:52 +0000 (22:18 +0000)]
cleanup
Jong Hyuk Choi [Wed, 27 Aug 2003 22:16:04 +0000 (22:16 +0000)]
unifdef LDAP_SYNC and LDAP_SYNCREPL
Jong Hyuk Choi [Wed, 27 Aug 2003 20:51:04 +0000 (20:51 +0000)]
cleanup
Jong Hyuk Choi [Wed, 27 Aug 2003 20:26:55 +0000 (20:26 +0000)]
returning LDAP return code
Jong Hyuk Choi [Wed, 27 Aug 2003 16:40:26 +0000 (16:40 +0000)]
NO_SCHEMA_CHECK backend flag
Jong Hyuk Choi [Wed, 27 Aug 2003 16:39:53 +0000 (16:39 +0000)]
cleanup
Jong Hyuk Choi [Tue, 26 Aug 2003 22:49:44 +0000 (22:49 +0000)]
LDAP Sync protocol extension
- do not send updates in state mode when
syncCookie >= contextCSN (or omitCSN if changelog is used)
Jong Hyuk Choi [Tue, 26 Aug 2003 19:04:12 +0000 (19:04 +0000)]
cleanup
Jong Hyuk Choi [Tue, 26 Aug 2003 18:57:09 +0000 (18:57 +0000)]
Context CSN updates for hdb
Jong Hyuk Choi [Tue, 26 Aug 2003 00:35:27 +0000 (00:35 +0000)]
Context CSN Patch (5)
- persistent search patch
- cascading search patch
Jong Hyuk Choi [Mon, 25 Aug 2003 22:23:49 +0000 (22:23 +0000)]
Context CSN Patch (4)
- context csn management for modrdn
- call slap_mods_opattrs() for moved entries as well
Jong Hyuk Choi [Mon, 25 Aug 2003 22:18:33 +0000 (22:18 +0000)]
misc cleanup
Jong Hyuk Choi [Mon, 25 Aug 2003 20:20:26 +0000 (20:20 +0000)]
Context CSN Patch (3)
- context csn management for delete
- a later patch will take care of inconsistencies caused by
interactions between outstanding search and scope-outs
Jong Hyuk Choi [Mon, 25 Aug 2003 19:15:04 +0000 (19:15 +0000)]
Context CSN Patch (2)
- BDB context csn codes moved to a separate function in back-bdb/ctxcsn.c
Jong Hyuk Choi [Mon, 25 Aug 2003 17:10:18 +0000 (17:10 +0000)]
Context CSN patch (1) - cleanup
- serialize search_candidates() with the read of search_context_csn
Luke Howard [Sat, 23 Aug 2003 11:58:33 +0000 (11:58 +0000)]
Fix symbol name collision when LDAP_SYNC && BDB_HIER
Jong Hyuk Choi [Sat, 23 Aug 2003 02:51:33 +0000 (02:51 +0000)]
Context CSN patch (1)
- currenty works for refreshOnly mode of LDAP Sync
- Context CSN for add / modify is implemented
- code for delete / modrdn / refreshAndPersist will be soon committed
Kurt Zeilenga [Fri, 22 Aug 2003 21:42:02 +0000 (21:42 +0000)]
more uniquemember cleanup
Kurt Zeilenga [Fri, 22 Aug 2003 21:29:44 +0000 (21:29 +0000)]
More uniquemember fixes
(we really should be using the same filters as test003 here)
Jong Hyuk Choi [Fri, 22 Aug 2003 21:24:03 +0000 (21:24 +0000)]
Schema definition for contextCSN
Kurt Zeilenga [Fri, 22 Aug 2003 21:19:29 +0000 (21:19 +0000)]
More uniqueMember cleanup
Kurt Zeilenga [Fri, 22 Aug 2003 21:16:16 +0000 (21:16 +0000)]
Add missing assignment in last commit.
Kurt Zeilenga [Fri, 22 Aug 2003 21:03:03 +0000 (21:03 +0000)]
Add nameAndOptionalUID pretty routine... improves uniqueMember handling
Should resolve ITS#2664.
Howard Chu [Tue, 19 Aug 2003 03:22:07 +0000 (03:22 +0000)]
Tweaks to callback processing; callbacks can return SLAP_CB_CONTINUE to
fall into the regular send_ldap_* functionality instead of calling into
those functions explicitly. Nested callbacks still aren't handled as
cleanly as they might be.
Howard Chu [Tue, 19 Aug 2003 03:19:07 +0000 (03:19 +0000)]
Fix tmpmemctx conflicts
Kurt Zeilenga [Thu, 14 Aug 2003 18:38:20 +0000 (18:38 +0000)]
Add clarification about authzDN which don't exist in the DIT
Jong Hyuk Choi [Thu, 14 Aug 2003 16:27:36 +0000 (16:27 +0000)]
LDAP Sync protocol change : state mode (add+present) and log mode (add+delete)
Jong Hyuk Choi [Thu, 14 Aug 2003 02:11:46 +0000 (02:11 +0000)]
Proxy caching update : op->o_caching_on flag removed
Jong Hyuk Choi [Wed, 13 Aug 2003 23:44:56 +0000 (23:44 +0000)]
Proxy cache patch (by Jong, Apurva, & Kurt)
1. Glueing patch for proxy cache
2. test script update to avoid schema checking voilations (attributes set)
3. configuration patch for proxy cache
Jong Hyuk Choi [Wed, 13 Aug 2003 20:27:10 +0000 (20:27 +0000)]
ITS#2681: set rc to LDAP_INVALID_CREDENTIALS or 1
Hallvard Furuseth [Wed, 13 Aug 2003 20:04:59 +0000 (20:04 +0000)]
Handle full syntax of Generalized Time and UTC Time.
No longer accept initial and trailing spaces in these syntaxes.
Luke Howard [Mon, 11 Aug 2003 09:55:45 +0000 (09:55 +0000)]
Do not attempt to map positive error codes returned by plugins to
negative error codes.
Plugins should never return positive error codes except in the case
of bind pre-operation plugins, where they should return SLAPI_BIND_XXX.
This should fix ITS #2616 ...
Kurt Zeilenga [Mon, 11 Aug 2003 02:12:20 +0000 (02:12 +0000)]
ITS#2664: add uniqueMemberMatch
Kurt Zeilenga [Sat, 9 Aug 2003 19:18:28 +0000 (19:18 +0000)]
ITS#2566: apply patch provided by Norbert to fix lmhash problems
- chk_lanman did not free result from hash_lanman
- copied code to generate hash from hash_lanman to chk_lanman,
this skips prepending "{LANMAN}"
- downcase stored password hash to ensure hex characters [a-f]
have the same case