]>
git.sur5r.net Git - openldap/log
Howard Chu [Tue, 7 May 2002 23:56:59 +0000 (23:56 +0000)]
Require 2.1.3 or higher for Cyrus SASL 2
Howard Chu [Tue, 7 May 2002 23:29:19 +0000 (23:29 +0000)]
Delete unused CANON_BUF_SIZE #define
Howard Chu [Tue, 7 May 2002 23:08:23 +0000 (23:08 +0000)]
Cyrus 2 support now requires Cyrus 2.1.3. Adds support for in-directory
SASL secrets. (Only works with plaintext userpassword tho.)
Howard Chu [Tue, 7 May 2002 22:35:01 +0000 (22:35 +0000)]
Turn these functions on again. Need backend_attribute for SASLauthz stuff.
Fix to work with NULL op.
Howard Chu [Tue, 7 May 2002 18:46:32 +0000 (18:46 +0000)]
Fixes for slap_sasl_regexp parsing and normalization
Howard Chu [Tue, 7 May 2002 02:17:34 +0000 (02:17 +0000)]
Added comment for future reference re: in-directory secrets
Howard Chu [Mon, 6 May 2002 23:56:35 +0000 (23:56 +0000)]
ITS#1806, Cyrus 1 doesn't give back our callbacks pointer, must stash it
ourselves.
Howard Chu [Mon, 6 May 2002 16:51:00 +0000 (16:51 +0000)]
ITS#1803, bogus free() of lber-private memory.
Howard Chu [Sun, 5 May 2002 19:15:29 +0000 (19:15 +0000)]
Fix in 1.50 applies to Cyrus 1 as well as Cyrus 2.
Kurt Zeilenga [Sat, 4 May 2002 23:13:51 +0000 (23:13 +0000)]
Patch: incomplete 'make clean' in liblunicode (ITS#1791)
In liblunicode, 'make clean' and 'make distclean' do not remove
the symlinks ucdata.h and ure.h.
from Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>
Pierangelo Masarati [Sat, 4 May 2002 11:07:28 +0000 (11:07 +0000)]
fix formats
Pierangelo Masarati [Sat, 4 May 2002 11:07:04 +0000 (11:07 +0000)]
remove unused variables
Howard Chu [Sat, 4 May 2002 10:52:05 +0000 (10:52 +0000)]
ITS#1797 silence uninit'd var warnings
Howard Chu [Sat, 4 May 2002 10:50:24 +0000 (10:50 +0000)]
ITS#1797 err used unit'd in Debug statement. (removed)
Kurt Zeilenga [Sat, 4 May 2002 04:35:41 +0000 (04:35 +0000)]
Fix typos
Kurt Zeilenga [Sat, 4 May 2002 04:34:58 +0000 (04:34 +0000)]
Basic dnssrv man page
Howard Chu [Sat, 4 May 2002 01:32:41 +0000 (01:32 +0000)]
Initialize authid in case ldap_pvt_tls_get_my_dn fails
Howard Chu [Sat, 4 May 2002 01:28:56 +0000 (01:28 +0000)]
ITS#1795 authid is uninit'd if tls_get_cert fails
Howard Chu [Sat, 4 May 2002 00:07:12 +0000 (00:07 +0000)]
Set tls_opt_require_cert to default to NEVER. libldap defaults to DEMAND
due to client needs, we change it back here.
Howard Chu [Sat, 4 May 2002 00:05:48 +0000 (00:05 +0000)]
Changed default tls_opt_require_cert value to LDAP_OPT_X_TLS_DEMAND; force
a fatal error when TLS server cert verification fails.
Changed ldap_pvt_tls_check_hostname to return LDAP_SUCCESS when no cert is
found: this can now only occur if tls_opt_require_cert was explicitly set
to NEVER or ALLOW.
In tls_verify_cb, added a text translation of the verification error code
to the debug message.
Kurt Zeilenga [Fri, 3 May 2002 19:00:52 +0000 (19:00 +0000)]
fix uninitialized counter in matched values
Howard Chu [Fri, 3 May 2002 14:47:29 +0000 (14:47 +0000)]
Fix DN freeing in BDB_HIER case. (BDB_HIER is still broken, seems to have
a bad interaction with the entry cache.)
Howard Chu [Fri, 3 May 2002 14:42:14 +0000 (14:42 +0000)]
Fix dependency typo from 1.99
Howard Chu [Fri, 3 May 2002 14:23:55 +0000 (14:23 +0000)]
Use specific msg id instead of ANY to retrieve search results
Howard Chu [Fri, 3 May 2002 13:07:42 +0000 (13:07 +0000)]
Fix previous commit, wrong if condition
Howard Chu [Fri, 3 May 2002 13:04:55 +0000 (13:04 +0000)]
Break up large SASL writes into units of SASL maxoutbuf size.
Howard Chu [Fri, 3 May 2002 12:10:47 +0000 (12:10 +0000)]
For Cyrus 2, cannot free session_callbacks in ldap_int_sasl_open, must
wait until ldap_int_sasl_close because SASL doesn't copy our structure,
it uses it directly.
Pierangelo Masarati [Fri, 3 May 2002 10:27:37 +0000 (10:27 +0000)]
s/LDAP_UNWILLING_TO_PERFORM/LDAP_ADMINLIMIT_EXCEEDED/ when search candidates exceed unckecked limit
Kurt Zeilenga [Thu, 2 May 2002 18:56:56 +0000 (18:56 +0000)]
Matched Values implementation (ITS#1776) based upon submission
form Mikhail Sahalaev <M.Sahalayev@pgr.salford.ac.uk>.
Further work needed:
add testxxx-matchedvalues
rework ldapsearch(1) portion of patch to generalize use of options
---
Copyright 2001, Mikhail Sahalaev, All rights reserved.
This software is not subject to any license of University Of
Salford.
Redistribution and use in source and binary forms are permitted
without restriction or fee of any kind as long as this notice
is preserved.
Pierangelo Masarati [Thu, 2 May 2002 16:49:47 +0000 (16:49 +0000)]
clarifications
Pierangelo Masarati [Thu, 2 May 2002 16:35:16 +0000 (16:35 +0000)]
3rd step at updating docs by hallvard Furuseth (with minor changes in slapd-meta.5)
Howard Chu [Thu, 2 May 2002 12:08:19 +0000 (12:08 +0000)]
Fix previous commit, only zero out v3 refer_cnt if we got a SEARCH_RESULT.
If we got a SEARCH_REFERENCE, we need to keep going...
Pierangelo Masarati [Thu, 2 May 2002 11:42:11 +0000 (11:42 +0000)]
broken berval after successful rewrite
Pierangelo Masarati [Thu, 2 May 2002 09:06:12 +0000 (09:06 +0000)]
back-meta needs librewrite and back-ldap; automatically enable them
Pierangelo Masarati [Thu, 2 May 2002 08:48:14 +0000 (08:48 +0000)]
Fixes ITS#1786: dynamically growing number of tokens in config line
for both slapd and slurpd
Copyright 2002, John Morrissey (jwm at horde dot net), All rights reserved.
This is free software; you can redistribute and use it under the same terms
as OpenLDAP itself.
Applied with changes
Randy Kunkee [Thu, 2 May 2002 08:14:01 +0000 (08:14 +0000)]
Remove debugging fluff.
Randy Kunkee [Thu, 2 May 2002 08:11:41 +0000 (08:11 +0000)]
Generate ldaptclerr.h correctly.
Howard Chu [Wed, 1 May 2002 20:24:56 +0000 (20:24 +0000)]
Added config keyword descriptions from ITS#966. Minor cleanup.
Pierangelo Masarati [Wed, 1 May 2002 19:36:24 +0000 (19:36 +0000)]
couple of fixes
Kurt Zeilenga [Wed, 1 May 2002 19:22:32 +0000 (19:22 +0000)]
Error if ar(1) is missing. (ITS#1772)
Howard Chu [Wed, 1 May 2002 19:21:21 +0000 (19:21 +0000)]
From Hallvard, with slight changes
Howard Chu [Wed, 1 May 2002 19:05:09 +0000 (19:05 +0000)]
More cleanups for suffixmassage DNs
Howard Chu [Wed, 1 May 2002 18:50:14 +0000 (18:50 +0000)]
Changed be_[n]suffix, be_[n]suffixAlias to BerVarray. No more bvec's anywhere.
Kurt Zeilenga [Wed, 1 May 2002 18:10:14 +0000 (18:10 +0000)]
Patch: Perl backend sends bind result twice (ITS#1783)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
perl_back_bind() should not send LDAP_SUCCESS, the frontend does that.
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
Pierangelo Masarati [Wed, 1 May 2002 17:53:32 +0000 (17:53 +0000)]
massage dn-valued attributes also when compiled without --enable-rewrite
Pierangelo Masarati [Wed, 1 May 2002 17:45:03 +0000 (17:45 +0000)]
use BerVarray for suffix_massaging stuff
Pierangelo Masarati [Wed, 1 May 2002 16:38:30 +0000 (16:38 +0000)]
second round at ITS#1749
Pierangelo Masarati [Wed, 1 May 2002 11:41:57 +0000 (11:41 +0000)]
- trim check for real naming context already defined as suffix
- improve automatic massaging (prettify once)
- add (optimistic) automatic filter massaging
- cleanup of massaging stuff
Howard Chu [Wed, 1 May 2002 06:34:49 +0000 (06:34 +0000)]
Added RFC 2459 PKCS9 emailAddress
Kurt Zeilenga [Wed, 1 May 2002 04:40:26 +0000 (04:40 +0000)]
add an RFC 2849 check... but behind #if 0 as I'm now thinking this
is not appropriate.
Kurt Zeilenga [Wed, 1 May 2002 04:23:59 +0000 (04:23 +0000)]
cleanup before working on changes
Kurt Zeilenga [Wed, 1 May 2002 01:04:57 +0000 (01:04 +0000)]
Reworking backend_check_restrictions for extensions
Should resolve ITS#1781.
Howard Chu [Tue, 30 Apr 2002 14:43:05 +0000 (14:43 +0000)]
Fix previous commit - must fully init newAVA
Howard Chu [Tue, 30 Apr 2002 13:57:24 +0000 (13:57 +0000)]
Added ldap_ucs_to_utf8s to convert ASN.1 T61STRING, BMPSTRING, and
UNIVERSALSTRING to UTF-8 format.
Howard Chu [Tue, 30 Apr 2002 13:57:01 +0000 (13:57 +0000)]
Added ldap_ucs_to_utf8s to convert ASN.1 T61STRING, BMPSTRING, and
UNIVERSALSTRING to UTF-8 format.
Rewrote ldap_X509dn2bv to check ASN.1 types and use above function.
Howard Chu [Tue, 30 Apr 2002 13:52:49 +0000 (13:52 +0000)]
Changed ldap_pvt_tls_get_my_dn and ldap_pvt_tls_get_peer_dn to store result
in dn parameter and return a result code.
Changed dnX509peerNormalize as above. Added debug message on failure to
retrieve client DN.
Howard Chu [Tue, 30 Apr 2002 13:50:56 +0000 (13:50 +0000)]
Changed ldap_pvt_tls_get_my_dn and ldap_pvt_tls_get_peer_dn to store result
in dn parameter and return a result code.
Pierangelo Masarati [Mon, 29 Apr 2002 20:36:04 +0000 (20:36 +0000)]
couple of fixes
Pierangelo Masarati [Mon, 29 Apr 2002 20:24:29 +0000 (20:24 +0000)]
First commit of Hallvard's backend documentation effort
Backend documentation patch, version 1
================
Most of this text is taken from OpenLDAP. The work of rewriting it
to manual pages is done by by Hallvard B. Furuseth and placed into
the public domain. This software is not subject to any license of
the University of Oslo.
================
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, April 2002.
Pierangelo Masarati [Mon, 29 Apr 2002 19:14:42 +0000 (19:14 +0000)]
handle trivial cases
Jong Hyuk Choi [Mon, 29 Apr 2002 16:42:41 +0000 (16:42 +0000)]
pointer initialization
Pierangelo Masarati [Mon, 29 Apr 2002 10:12:50 +0000 (10:12 +0000)]
honor limits if below soft limit
Howard Chu [Sat, 27 Apr 2002 03:44:23 +0000 (03:44 +0000)]
Fix check for "anonymous" in sasl_getdn
Julius Enarusai [Thu, 25 Apr 2002 22:12:44 +0000 (22:12 +0000)]
ITS#1730: Misc typos in NEW_LOGGING code from Hallvard
Pierangelo Masarati [Thu, 25 Apr 2002 19:23:37 +0000 (19:23 +0000)]
fix off-by-one bug; use s/sprintf/snprintf/
Howard Chu [Thu, 25 Apr 2002 05:16:15 +0000 (05:16 +0000)]
Fix ITS#1774, BDB keys need ulen and flags to be initialized because BDB
tries to retrieve both the key and the data.
Howard Chu [Thu, 25 Apr 2002 02:05:34 +0000 (02:05 +0000)]
Added rebind-as-user option; saves bind credentials and sets a rebind_proc
to allow chasing referrals using the same user's credentials.
Ralf Haferkamp [Tue, 23 Apr 2002 15:28:11 +0000 (15:28 +0000)]
- some code cleanups
- fix for the client caching code (cache is flushed after modifications
rather than removing only the changed entry)
The code was submitted by Jeff Costlow <j.costlow@f5.com> under the
following terms:
Copyright 2002, F5 Networks, Inc, All rights reserved.
This software is not subject to any license of F5 Networks.
This is free software; you can redistribute and use it
under the same terms as OpenLDAP itself.
Kurt Zeilenga [Mon, 22 Apr 2002 23:03:33 +0000 (23:03 +0000)]
Remove lint.
Kurt Zeilenga [Mon, 22 Apr 2002 17:40:34 +0000 (17:40 +0000)]
Update configure
Kurt Zeilenga [Mon, 22 Apr 2002 17:31:16 +0000 (17:31 +0000)]
Re: PRIVATE: Patch: Passwords (ITS#1740)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
Howard Chu [Sat, 20 Apr 2002 10:24:24 +0000 (10:24 +0000)]
ITS#1749 added some descriptions for fetch, rewrite, rlookups, modules,
ldbm api/types
Howard Chu [Sat, 20 Apr 2002 10:06:23 +0000 (10:06 +0000)]
ITS#1749 added maxderefdepth, suffiaxalias, TLSCACertificatePath,
ucdata-path, moduleload, modulepath. sasl-external-x509dn-convert has
been deleted from the code.
Howard Chu [Sat, 20 Apr 2002 09:23:19 +0000 (09:23 +0000)]
Comment out "logfile", its code is behind #ifdef NEW_LOGGING in config.c.
Howard Chu [Sat, 20 Apr 2002 09:07:24 +0000 (09:07 +0000)]
ITS#1749 added "debug" description, commented out because it has no effect
without NEW_LOGGING. Added logfile.
Howard Chu [Sat, 20 Apr 2002 08:12:03 +0000 (08:12 +0000)]
ITS#1749 added BDB options
Howard Chu [Sat, 20 Apr 2002 07:44:02 +0000 (07:44 +0000)]
DN consistency, lowercase, etc.
Howard Chu [Sat, 20 Apr 2002 07:24:14 +0000 (07:24 +0000)]
Typos, slight rearrangement
Howard Chu [Sat, 20 Apr 2002 06:33:22 +0000 (06:33 +0000)]
ITS#1438 typos
Howard Chu [Sat, 20 Apr 2002 06:18:55 +0000 (06:18 +0000)]
ITS#1271 typos
Jong Hyuk Choi [Fri, 19 Apr 2002 21:41:32 +0000 (21:41 +0000)]
Patch for ITS# 1643
Stig Venaas [Fri, 19 Apr 2002 12:59:57 +0000 (12:59 +0000)]
Adding support for compatibility decomposition to ucdata lib, and switch
from NFC to NFKC in UTF8bvnormalize() and UTF8bvnormcmp()
Howard Chu [Fri, 19 Apr 2002 04:35:16 +0000 (04:35 +0000)]
In ldap_int_tls_start, authid is very temporary, not const.
Howard Chu [Fri, 19 Apr 2002 01:25:15 +0000 (01:25 +0000)]
Put dnX509 normalizers behind #ifdef HAVE_TLS
Kurt Zeilenga [Thu, 18 Apr 2002 19:28:26 +0000 (19:28 +0000)]
Blind commit:
Re: Untested patch: back-tcl used wrong types (ITS#1719)
================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================
> I turned it into an automatic variable.
...and used a variable-length array. That's a gcc extension, it is not
in ANSI C89. (It is in C99 though.) You seem to be compiling without
-pedantic:-) Anyway, here is a patch to turn it back into ch_malloc(),
plus some README fixes
Howard Chu [Thu, 18 Apr 2002 16:02:02 +0000 (16:02 +0000)]
Fix memory leak in previous commit
Howard Chu [Thu, 18 Apr 2002 15:55:05 +0000 (15:55 +0000)]
Fix memory leak in previous commit
Howard Chu [Thu, 18 Apr 2002 12:29:30 +0000 (12:29 +0000)]
Added ldap_X509dn2bv()
deleted ldap_pvt_tls_get_peer()
changed ldap_pvt_tls_get_peer_dn() to use ldap_X509dn2bv()
added ldap_pvt_tls_get_my_dn()
Howard Chu [Thu, 18 Apr 2002 12:26:36 +0000 (12:26 +0000)]
deleted sasl_external_x509dn_convert; X509 DNs are always converted to
normalized LDAP DNs now.
Changed dnDCEnormalize to dnX509normalize, added dnX509peerNormalize,
based on new ldap_X509dn2bv() etc.
Howard Chu [Thu, 18 Apr 2002 12:21:33 +0000 (12:21 +0000)]
Fix slap_bv2ad initializing with wrong bv_len
Howard Chu [Thu, 18 Apr 2002 12:20:55 +0000 (12:20 +0000)]
Fix warnings from sasl_errdetail
Howard Chu [Thu, 18 Apr 2002 00:48:36 +0000 (00:48 +0000)]
Additional error reporting for Cyrus SASL 2. Attempt to get SASL-EXTERNAL
working ifor Cyrus 2. (Both GSSAPI and EXTERNAL are broken at the moment.)
Howard Chu [Wed, 17 Apr 2002 19:47:34 +0000 (19:47 +0000)]
Delete more unused code, no need to fetch REALM in slap_sasl_bind
Kurt Zeilenga [Wed, 17 Apr 2002 19:03:01 +0000 (19:03 +0000)]
Need to include <ldap_schema.h>.
Kurt Zeilenga [Wed, 17 Apr 2002 17:56:30 +0000 (17:56 +0000)]
Fix ssf declaration
Kurt Zeilenga [Wed, 17 Apr 2002 17:54:52 +0000 (17:54 +0000)]
NEW_LOGGING bugs (ITS#1730)
Here a patch for another: A spurious `"' in back-ldbm.
From Hallvard.
Howard Chu [Wed, 17 Apr 2002 07:56:46 +0000 (07:56 +0000)]
More SASL DN simplification. No more "dn:" prefix used anywhere internally.
Julius Enarusai [Tue, 16 Apr 2002 20:11:09 +0000 (20:11 +0000)]
Added LDAP_LOG Messages
Julius Enarusai [Tue, 16 Apr 2002 19:23:49 +0000 (19:23 +0000)]
Added LDAP_LOG Messages
Jong Hyuk Choi [Tue, 16 Apr 2002 14:03:13 +0000 (14:03 +0000)]
Hallvard B. Furuseth's patch for cache lock and mutex