]>
git.sur5r.net Git - openldap/log
Howard Chu [Thu, 5 Sep 2002 11:01:12 +0000 (11:01 +0000)]
Replace HACK in slap_sasl_canonicalize with safer test.
Kurt Zeilenga [Thu, 5 Sep 2002 02:37:10 +0000 (02:37 +0000)]
back_attribute() should use ACL_AUTH not ACL_READ (at
least for current callers, may need to pass it the
permission level)
Kurt Zeilenga [Wed, 4 Sep 2002 21:00:11 +0000 (21:00 +0000)]
Add reference to ldap.conf(5)
Kurt Zeilenga [Wed, 4 Sep 2002 20:59:57 +0000 (20:59 +0000)]
More LDAPNOINIT statement to top of DESCRIPTION
Howard Chu [Wed, 4 Sep 2002 10:58:25 +0000 (10:58 +0000)]
ITS#2065 omit libbackends.a when no static backends configured.
Also fixed dependencies for dynamic backends and tools.
Howard Chu [Wed, 4 Sep 2002 07:17:31 +0000 (07:17 +0000)]
Set SSL session cache context ID
Kurt Zeilenga [Wed, 4 Sep 2002 02:46:24 +0000 (02:46 +0000)]
Use registered 666 numbers for LCUP controls
Howard Chu [Wed, 4 Sep 2002 02:28:42 +0000 (02:28 +0000)]
Fix previous commit - still need X509_free for peer cert.
Just not for local/my cert.
Kurt Zeilenga [Wed, 4 Sep 2002 02:14:12 +0000 (02:14 +0000)]
Move ldap_control_dup() to ldap_pvt.h
Jong Hyuk Choi [Wed, 4 Sep 2002 02:00:42 +0000 (02:00 +0000)]
LDAP Client Update Protocol - non-persistent update (TODO: response control ...)
Howard Chu [Wed, 4 Sep 2002 01:56:09 +0000 (01:56 +0000)]
Don't call X509_free after SSL_get_certificate, it's not a duplicate.
Pierangelo Masarati [Tue, 3 Sep 2002 15:12:36 +0000 (15:12 +0000)]
optimize duplicate detection based on mods and existing values count
Kurt Zeilenga [Tue, 3 Sep 2002 07:28:57 +0000 (07:28 +0000)]
Extend checks to substrings rules. Need to kludge around
LDAP's kludged builtin substrings rules.
Kurt Zeilenga [Tue, 3 Sep 2002 07:01:09 +0000 (07:01 +0000)]
Add appropriate matching rule checks.
Clean up syntax error reporting.
Howard Chu [Mon, 2 Sep 2002 22:25:26 +0000 (22:25 +0000)]
Don't use sasl_set_alloc on Cyrus 2, it manages all of its memory
internally and we don't want to get in the way.
Kurt Zeilenga [Mon, 2 Sep 2002 22:18:49 +0000 (22:18 +0000)]
Add ldapsasl
Kurt Zeilenga [Mon, 2 Sep 2002 22:07:23 +0000 (22:07 +0000)]
Update comment
Pierangelo Masarati [Mon, 2 Sep 2002 19:41:03 +0000 (19:41 +0000)]
/*
* The original code performs ( n ) normalizations
* and ( n * ( n - 1 ) / 2 ) matches, which hide
* the same number of normalizations. The new code
* performs the same number of normalizations ( n )
* and ( n * ( n - 1 ) / 2 ) mem compares, far less
* expensive than an entire match, if a match is
* equivalent to a normalization and a mem compare ...
*
* This is far more memory expensive than the previous,
* but it can heavily improve performances when big
* chunks of data are added (typical example is a group
* with thousands of DN-syntax members; on my system:
* for members of 5-RDN DNs,
members orig bvmatch (dirty) new
1000 0m38.456s 0m0.553s 0m0.608s
2000 2m33.341s 0m0.851s 0m1.003s
* Moreover, 100 groups with 10000 members each were
* added in 37m27.933s (an analogous LDIF file was
* loaded into Active Directory in 38m28.682s, BTW).
*
* Maybe we could switch to the new algorithm when
* the number of values overcomes a given threshold?
*/
Pierangelo Masarati [Mon, 2 Sep 2002 19:39:31 +0000 (19:39 +0000)]
various fixes and improvements
Pierangelo Masarati [Mon, 2 Sep 2002 19:39:06 +0000 (19:39 +0000)]
use bvmatch() instead of ber_bvcmp() when testing for match without ordering
Kurt Zeilenga [Mon, 2 Sep 2002 19:25:10 +0000 (19:25 +0000)]
Document -R
Kurt Zeilenga [Mon, 2 Sep 2002 17:38:17 +0000 (17:38 +0000)]
Add NOOP search support.
Howard Chu [Mon, 2 Sep 2002 13:46:56 +0000 (13:46 +0000)]
Fix ldap_X509dn2bv, OpenSSL gives us DN attributeTypes in EBCDIC
Howard Chu [Sun, 1 Sep 2002 11:39:08 +0000 (11:39 +0000)]
Fix slapd startup ldapsearch loop
Kurt Zeilenga [Sun, 1 Sep 2002 02:54:56 +0000 (02:54 +0000)]
Clarify that rootpw is not needed when rootdn is not within database
Kurt Zeilenga [Sun, 1 Sep 2002 01:49:25 +0000 (01:49 +0000)]
Format tweaks
Kurt Zeilenga [Sun, 1 Sep 2002 01:47:59 +0000 (01:47 +0000)]
Reflect latest contributions
Kurt Zeilenga [Sun, 1 Sep 2002 00:33:20 +0000 (00:33 +0000)]
unifdef -DSLAP_X_MRA_MATCH_DNATTRS
Kurt Zeilenga [Sat, 31 Aug 2002 22:24:41 +0000 (22:24 +0000)]
Forced commit: added comments not whitespace in last commit
Kurt Zeilenga [Sat, 31 Aug 2002 22:24:05 +0000 (22:24 +0000)]
Add in extra white space
Kurt Zeilenga [Sat, 31 Aug 2002 21:39:42 +0000 (21:39 +0000)]
have get_mra use mr_usable_with_at() as well
Kurt Zeilenga [Sat, 31 Aug 2002 21:23:45 +0000 (21:23 +0000)]
Add mr_usable_with_at() routine. Use both in generation
of rule uses, but also in test_filter_mra()
Kurt Zeilenga [Sat, 31 Aug 2002 20:49:50 +0000 (20:49 +0000)]
Make sure we don't expose hidden attribute types in rule uses
Kurt Zeilenga [Sat, 31 Aug 2002 20:42:25 +0000 (20:42 +0000)]
Add matching rule use support where assertion syntax != value syntax
Kurt Zeilenga [Sat, 31 Aug 2002 19:25:41 +0000 (19:25 +0000)]
List approximates as well in rule uses.
Don't yet list ordering rules yet, these require special attention (and
hence are not marked MR_EXT yet)
Kurt Zeilenga [Sat, 31 Aug 2002 19:17:54 +0000 (19:17 +0000)]
Fix last commit.
Also add uses where mr is the attribute's equality rule.
Kurt Zeilenga [Sat, 31 Aug 2002 19:05:36 +0000 (19:05 +0000)]
MR_EXT rules can be used with any type whose syntax is same as
the syntax's assertion syntax.
Kurt Zeilenga [Sat, 31 Aug 2002 18:41:21 +0000 (18:41 +0000)]
Don't hide matchingRuleUse's description (now implemented)
Use attribute's cname not oid in matching rule uses
Pierangelo Masarati [Sat, 31 Aug 2002 17:03:42 +0000 (17:03 +0000)]
definitely fix NOOP in back-bdb
Pierangelo Masarati [Sat, 31 Aug 2002 12:02:39 +0000 (12:02 +0000)]
add ldif control support (ITS#2060, patch from David Steck <dsteck@novell.com>)
Pierangelo Masarati [Sat, 31 Aug 2002 12:00:39 +0000 (12:00 +0000)]
improved support for NOOP; add is fine, the other write funcs still need work
Pierangelo Masarati [Sat, 31 Aug 2002 11:14:15 +0000 (11:14 +0000)]
use ldap_charray_add instead of dedicated helper; get rid of dependency from ldap-int.h
Pierangelo Masarati [Sat, 31 Aug 2002 10:56:27 +0000 (10:56 +0000)]
fix bitwise matching (courtesy of Luke Howard)
Pierangelo Masarati [Sat, 31 Aug 2002 10:54:58 +0000 (10:54 +0000)]
silence warnings
Pierangelo Masarati [Sat, 31 Aug 2002 10:49:03 +0000 (10:49 +0000)]
add {create,modify}Timestamp to subschema subentry (SHOULD per RFC2251; use server startup time to be conservative)
Pierangelo Masarati [Sat, 31 Aug 2002 10:48:02 +0000 (10:48 +0000)]
define macros for appropriate sizing of lutil buffers
Pierangelo Masarati [Sat, 31 Aug 2002 10:45:22 +0000 (10:45 +0000)]
add matchingRuleUse to schema; use a berval instead of _oidlen in syntax and matching rule
Pierangelo Masarati [Sat, 31 Aug 2002 10:41:49 +0000 (10:41 +0000)]
cleanup comments
Pierangelo Masarati [Sat, 31 Aug 2002 10:41:11 +0000 (10:41 +0000)]
silence debug check
Pierangelo Masarati [Sat, 31 Aug 2002 10:39:23 +0000 (10:39 +0000)]
fix extendedMatch and approx hfilter andling; get rid of subtree_cond (argh, need to trim it from config and docs ...)
Pierangelo Masarati [Sat, 31 Aug 2002 10:38:29 +0000 (10:38 +0000)]
better handling of children_cond
Pierangelo Masarati [Sat, 31 Aug 2002 10:37:42 +0000 (10:37 +0000)]
trace illegal condition in backsql_strfcat
Pierangelo Masarati [Sat, 31 Aug 2002 10:36:16 +0000 (10:36 +0000)]
add 'children_cond' config statement
Pierangelo Masarati [Sat, 31 Aug 2002 10:35:23 +0000 (10:35 +0000)]
added referral support to back-{ldap,meta}; need to allow send_serch_reference() handle NULL entry pointer
Pierangelo Masarati [Sat, 31 Aug 2002 10:29:03 +0000 (10:29 +0000)]
fix extendedMatch values return filter control
Pierangelo Masarati [Sat, 31 Aug 2002 10:27:49 +0000 (10:27 +0000)]
document another (optional) config directive
Howard Chu [Sat, 31 Aug 2002 06:23:46 +0000 (06:23 +0000)]
Fix previous commit
Howard Chu [Sat, 31 Aug 2002 05:14:43 +0000 (05:14 +0000)]
OS/390 EBCDIC support
Kurt Zeilenga [Fri, 30 Aug 2002 19:30:58 +0000 (19:30 +0000)]
We don't support substrings matching via extensibleMatch
Howard Chu [Fri, 30 Aug 2002 14:28:45 +0000 (14:28 +0000)]
Fix debug statement
Howard Chu [Fri, 30 Aug 2002 12:38:50 +0000 (12:38 +0000)]
Fix crash in mra_free, freeing ber-private value.
Howard Chu [Fri, 30 Aug 2002 11:48:47 +0000 (11:48 +0000)]
Fix unindent commit
Howard Chu [Fri, 30 Aug 2002 11:37:43 +0000 (11:37 +0000)]
Use DB_NODUPDATA when adding IDs. Silence log for DB_NOTFOUND in delete_key,
let caller log it if they care.
Howard Chu [Fri, 30 Aug 2002 11:21:20 +0000 (11:21 +0000)]
Unindented a level. Fixed logging of keys.
Howard Chu [Fri, 30 Aug 2002 10:41:46 +0000 (10:41 +0000)]
Don't mask DB_KEYEXIST errors in bdb_idl_insert_key, let dn2id see them.
Ignore DB_KEYEXIST and DB_NOTFOUND errors in key_change.
Howard Chu [Fri, 30 Aug 2002 10:11:54 +0000 (10:11 +0000)]
Fix large SASL reads. Use EAGAIN instead of EWOULDBLOCK (was right the
first time after all. see read(2) and write(2)...)
Kurt Zeilenga [Fri, 30 Aug 2002 07:43:47 +0000 (07:43 +0000)]
Generate subentries control
Kurt Zeilenga [Fri, 30 Aug 2002 07:05:12 +0000 (07:05 +0000)]
Add client-side subentries control support.
Make sure client controls are not specified multiple times.
NT port updates.
Kurt Zeilenga [Fri, 30 Aug 2002 06:25:51 +0000 (06:25 +0000)]
Close comment
Kurt Zeilenga [Fri, 30 Aug 2002 06:17:25 +0000 (06:17 +0000)]
Fix #ifdefs (DUPENT should be behind the 0)
Kurt Zeilenga [Fri, 30 Aug 2002 05:43:47 +0000 (05:43 +0000)]
Remove those #ifdefs NOOP just added.
Kurt Zeilenga [Fri, 30 Aug 2002 05:32:51 +0000 (05:32 +0000)]
Assign NOOP its published OID. I-D to follow.
Kurt Zeilenga [Fri, 30 Aug 2002 05:10:41 +0000 (05:10 +0000)]
More noop #ifdef'ing
Kurt Zeilenga [Fri, 30 Aug 2002 05:02:20 +0000 (05:02 +0000)]
Place NOOP behind #ifdef
Kurt Zeilenga [Fri, 30 Aug 2002 04:22:22 +0000 (04:22 +0000)]
Print information about control used.
Kurt Zeilenga [Fri, 30 Aug 2002 04:14:26 +0000 (04:14 +0000)]
Allow generation of no-op control
Kurt Zeilenga [Thu, 29 Aug 2002 21:52:45 +0000 (21:52 +0000)]
Add manageDsaIt/NOOP control support to every tool.
Update NT build.
Kurt Zeilenga [Thu, 29 Aug 2002 21:48:00 +0000 (21:48 +0000)]
Add to NT build
Kurt Zeilenga [Thu, 29 Aug 2002 21:36:36 +0000 (21:36 +0000)]
Rework client control parsing... need to implement
common controls across all tools.
Kurt Zeilenga [Thu, 29 Aug 2002 19:54:17 +0000 (19:54 +0000)]
Yet another bug fix... this one from Luke.
Pierangelo Masarati [Thu, 29 Aug 2002 19:44:02 +0000 (19:44 +0000)]
reworking of threads in session handling
Pierangelo Masarati [Thu, 29 Aug 2002 19:43:29 +0000 (19:43 +0000)]
cleaner handling of unchecked limit support
Pierangelo Masarati [Thu, 29 Aug 2002 19:31:02 +0000 (19:31 +0000)]
test extended filter and values return filter
Kurt Zeilenga [Thu, 29 Aug 2002 18:05:49 +0000 (18:05 +0000)]
Fix objectSubClassIndexer bug
Pierangelo Masarati [Thu, 29 Aug 2002 17:45:12 +0000 (17:45 +0000)]
allow different solutions to debug sasl shutdown
Pierangelo Masarati [Thu, 29 Aug 2002 16:03:38 +0000 (16:03 +0000)]
when shutting down a server with open connections (back-{ldap,meta}),
the backend attempts a ldap_unbind() that results in calling
ldap_pvt_sasl_mutex_lock() with a NULL argument, causing a SIGSEGV.
I added a few assert() to catch this (I wonder if this might
be related to ITS#1982 "kill -INT corrupts database").
Pierangelo Masarati [Thu, 29 Aug 2002 15:07:18 +0000 (15:07 +0000)]
fix server-size controls handling in back-{ldap,meta}
Pierangelo Masarati [Thu, 29 Aug 2002 14:39:31 +0000 (14:39 +0000)]
add server side controls to back-ldap and back-meta
Howard Chu [Thu, 29 Aug 2002 13:38:36 +0000 (13:38 +0000)]
Fix previous commit - use EWOULDBLOCK instead of EAGAIN
Pierangelo Masarati [Thu, 29 Aug 2002 13:32:28 +0000 (13:32 +0000)]
avoid zero size ch_malloc() when no attributes are present in vrFilter
Pierangelo Masarati [Thu, 29 Aug 2002 12:41:07 +0000 (12:41 +0000)]
trim unused var
Pierangelo Masarati [Thu, 29 Aug 2002 12:17:28 +0000 (12:17 +0000)]
this test is useless, since noop is masked SLAP_CTRL_UPDATE
Howard Chu [Thu, 29 Aug 2002 12:12:36 +0000 (12:12 +0000)]
Fix ITS#1983, handle writing of large requests. Only one pending request is
allowed per LDAP* handle. It works, but needs review.
Howard Chu [Thu, 29 Aug 2002 11:53:37 +0000 (11:53 +0000)]
Use sockbuf_max_incoming_auth after successful Bind
Pierangelo Masarati [Thu, 29 Aug 2002 10:55:48 +0000 (10:55 +0000)]
- added the capability to filter based on hasSubordinate attribute
to back-bdb, back-ldbm and back-sql (the latter with limitations);
- added handling of ":dn" attributes to extended rfc2254 filters
and to matched value filter
- altered the behavior of get_mra() when a matching rule is given:
now it checks whether it is compatible with the attribute syntax
and, in case it is, the given mr is used. In case of no type,
the check is delayed when filtering
Pierangelo Masarati [Thu, 29 Aug 2002 10:50:53 +0000 (10:50 +0000)]
add bdb_hasSubordinates() helper
Pierangelo Masarati [Thu, 29 Aug 2002 10:50:12 +0000 (10:50 +0000)]
cleanup
Pierangelo Masarati [Thu, 29 Aug 2002 10:49:41 +0000 (10:49 +0000)]
cleanup hasSubordinate operational attr merge
Pierangelo Masarati [Thu, 29 Aug 2002 10:49:11 +0000 (10:49 +0000)]
optimize subschema attribute merge
Pierangelo Masarati [Thu, 29 Aug 2002 10:45:48 +0000 (10:45 +0000)]
use appropriate attr list when matching value of operational attrs