]> git.sur5r.net Git - openldap/log
openldap
22 years agoAdd initial security chapter (intro only).
Kurt Zeilenga [Tue, 18 Jun 2002 00:11:36 +0000 (00:11 +0000)]
Add initial security chapter (intro only).

22 years agoReorganize chapters
Kurt Zeilenga [Tue, 18 Jun 2002 00:05:23 +0000 (00:05 +0000)]
Reorganize chapters

22 years agoMake it clear that ldap_explode_dn() and friends are deprecated.
Kurt Zeilenga [Mon, 17 Jun 2002 22:45:34 +0000 (22:45 +0000)]
Make it clear that ldap_explode_dn() and friends are deprecated.

22 years agoAdd option to disallow unprotected simple authentication.
Kurt Zeilenga [Mon, 17 Jun 2002 22:18:27 +0000 (22:18 +0000)]
Add option to disallow unprotected simple authentication.
Add protected simple authentication as a "strong" mechanism.

22 years agocheck for -ldb-4 in addition to -ldb4
Kurt Zeilenga [Mon, 17 Jun 2002 22:15:59 +0000 (22:15 +0000)]
check for -ldb-4 in addition to -ldb4

22 years agoFormatting fix
Kurt Zeilenga [Mon, 17 Jun 2002 05:57:09 +0000 (05:57 +0000)]
Formatting fix

22 years agoSome LDBM v BDB cleanup
Kurt Zeilenga [Mon, 17 Jun 2002 05:56:55 +0000 (05:56 +0000)]
Some LDBM v BDB cleanup

22 years agoadd rootpw hash password comments
Kurt Zeilenga [Mon, 17 Jun 2002 05:33:32 +0000 (05:33 +0000)]
add rootpw hash password comments

22 years agoReference slapd-bdb and slapd-ldbm man pages.
Kurt Zeilenga [Sun, 16 Jun 2002 18:59:17 +0000 (18:59 +0000)]
Reference slapd-bdb and slapd-ldbm man pages.
Update index examples

22 years agoAdded CA and PEM terms
Howard Chu [Sun, 16 Jun 2002 12:31:17 +0000 (12:31 +0000)]
Added CA and PEM terms

22 years agoAdded TLS configuration, mostly the same as the man pages but fleshed
Howard Chu [Sun, 16 Jun 2002 12:24:16 +0000 (12:24 +0000)]
Added TLS configuration, mostly the same as the man pages but fleshed
out a little more.

22 years agoNote that TLS_CERT and TLS_KEY are user-only options.
Howard Chu [Sun, 16 Jun 2002 12:10:23 +0000 (12:10 +0000)]
Note that TLS_CERT and TLS_KEY are user-only options.

22 years agoMore minor cleanup
Howard Chu [Sun, 16 Jun 2002 08:46:41 +0000 (08:46 +0000)]
More minor cleanup

22 years agoFix typo in previous commit
Howard Chu [Sun, 16 Jun 2002 07:29:06 +0000 (07:29 +0000)]
Fix typo in previous commit

22 years agoMinor cleanup and reformat, added TLS options.
Howard Chu [Sun, 16 Jun 2002 07:19:31 +0000 (07:19 +0000)]
Minor cleanup and reformat, added TLS options.

22 years agoFix invalid search filter
Kurt Zeilenga [Sun, 16 Jun 2002 06:12:26 +0000 (06:12 +0000)]
Fix invalid search filter

22 years agoAdd SSF access control example.
Kurt Zeilenga [Sun, 16 Jun 2002 00:11:51 +0000 (00:11 +0000)]
Add SSF access control example.

22 years agoReserve digit flags
Kurt Zeilenga [Sat, 15 Jun 2002 22:18:51 +0000 (22:18 +0000)]
Reserve digit flags

22 years agoAdd -4/-6 flags to slapd to force use of IPv4 or IPv6
Kurt Zeilenga [Sat, 15 Jun 2002 22:01:39 +0000 (22:01 +0000)]
Add -4/-6 flags to slapd to force use of IPv4 or IPv6

22 years agosmall cleanup
Pierangelo Masarati [Sat, 15 Jun 2002 18:20:41 +0000 (18:20 +0000)]
small cleanup

22 years agodefine and normalize static bervals alltogether
Pierangelo Masarati [Sat, 15 Jun 2002 17:01:35 +0000 (17:01 +0000)]
define and normalize static bervals alltogether

22 years agoshould compile even without Cyrus SASL
Pierangelo Masarati [Sat, 15 Jun 2002 15:01:17 +0000 (15:01 +0000)]
should compile even without Cyrus SASL

22 years agoForced commit, previous log msg "should" -> "should not".
Howard Chu [Sat, 15 Jun 2002 01:20:04 +0000 (01:20 +0000)]
Forced commit, previous log msg "should" -> "should not".

22 years agoCleanup grammar, etc.
Howard Chu [Sat, 15 Jun 2002 01:00:50 +0000 (01:00 +0000)]
Cleanup grammar, etc.

22 years agoUse host-less LDAP URLs
Kurt Zeilenga [Fri, 14 Jun 2002 22:12:27 +0000 (22:12 +0000)]
Use host-less LDAP URLs

22 years agoChanged "saslRegexp" to "sasl-regexp". (Both are valid, but this is
Howard Chu [Fri, 14 Jun 2002 22:06:23 +0000 (22:06 +0000)]
Changed "saslRegexp" to "sasl-regexp". (Both are valid, but this is
more consistent with the other sasl directives.)

22 years agosaslAuthzTo/From LDUP URLs should have hostnames
Kurt Zeilenga [Fri, 14 Jun 2002 22:03:52 +0000 (22:03 +0000)]
saslAuthzTo/From LDUP URLs should have hostnames

22 years agoTypos - "TCP" backend should be "TCL"
Howard Chu [Fri, 14 Jun 2002 21:59:23 +0000 (21:59 +0000)]
Typos - "TCP" backend should be "TCL"

22 years agoMisc formatting changes
Kurt Zeilenga [Fri, 14 Jun 2002 21:47:09 +0000 (21:47 +0000)]
Misc formatting changes

22 years agoRemove extra BDB define
Kurt Zeilenga [Fri, 14 Jun 2002 21:42:55 +0000 (21:42 +0000)]
Remove extra BDB define

22 years agoLDBM->BDB updates
Kurt Zeilenga [Fri, 14 Jun 2002 21:19:42 +0000 (21:19 +0000)]
LDBM->BDB updates

22 years agoMisc cleanup
Kurt Zeilenga [Fri, 14 Jun 2002 20:53:52 +0000 (20:53 +0000)]
Misc cleanup

22 years agoPatch: Bugs with back-ldap/meta mappings (ITS#1787)
Kurt Zeilenga [Fri, 14 Jun 2002 20:41:40 +0000 (20:41 +0000)]
Patch: Bugs with back-ldap/meta mappings  (ITS#1787)

================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================

manpage patch for ITS#1787.

22 years agoAdded a bit about client and server certificates.
Howard Chu [Fri, 14 Jun 2002 13:35:09 +0000 (13:35 +0000)]
Added a bit about client and server certificates.

22 years agoAnother typo, mistake in previous commit
Howard Chu [Fri, 14 Jun 2002 13:18:15 +0000 (13:18 +0000)]
Another typo, mistake in previous commit

22 years agoFix typos, add a brief mention of Authorization Policy configuration
Howard Chu [Fri, 14 Jun 2002 13:03:20 +0000 (13:03 +0000)]
Fix typos, add a brief mention of Authorization Policy configuration

22 years agoFix EX: typo
Howard Chu [Fri, 14 Jun 2002 13:01:48 +0000 (13:01 +0000)]
Fix EX: typo

22 years agoForced commit, previous had no log entry. Fixed some typos, added a
Howard Chu [Fri, 14 Jun 2002 12:39:59 +0000 (12:39 +0000)]
Forced commit, previous had no log entry. Fixed some typos, added a
couple references to BDB.

22 years ago*** empty log message ***
Howard Chu [Fri, 14 Jun 2002 12:38:32 +0000 (12:38 +0000)]
*** empty log message ***

22 years agoAdded X.509 term
Howard Chu [Fri, 14 Jun 2002 12:32:36 +0000 (12:32 +0000)]
Added X.509 term

22 years agoAdded sasl-authz-policy
Howard Chu [Fri, 14 Jun 2002 11:02:57 +0000 (11:02 +0000)]
Added sasl-authz-policy

22 years agozap unnecessary include
Kurt Zeilenga [Fri, 14 Jun 2002 09:10:02 +0000 (09:10 +0000)]
zap unnecessary include

22 years agoUse experimental OIDs for saslAuth attributes and hide 'em
Kurt Zeilenga [Fri, 14 Jun 2002 08:25:14 +0000 (08:25 +0000)]
Use experimental OIDs for saslAuth attributes and hide 'em
make the usage distributedOperation

22 years agoFix OID clash in previous commit
Howard Chu [Fri, 14 Jun 2002 08:16:06 +0000 (08:16 +0000)]
Fix OID clash in previous commit

22 years agoAdded saslAuthzTo and saslAuthzFrom to system schema.
Howard Chu [Fri, 14 Jun 2002 08:10:14 +0000 (08:10 +0000)]
Added saslAuthzTo and saslAuthzFrom to system schema.
Added sasl-authz-policy config keyword to control proxy authorization.
Moved sasl-related config processing to sasl.c:slap_sasl_config().
Moved other global defs used only in saslauthz.c into saslauthz.c.

22 years agoFinish implementation of get_ca_list()
Howard Chu [Fri, 14 Jun 2002 06:09:24 +0000 (06:09 +0000)]
Finish implementation of get_ca_list()

22 years agoIn ldap_extended_operation_s, check for NULL retoidp and retdatap
Howard Chu [Thu, 13 Jun 2002 16:26:47 +0000 (16:26 +0000)]
In ldap_extended_operation_s, check for NULL retoidp and retdatap
before storing NULL.

22 years agoUpdate I-Ds.
Kurt Zeilenga [Thu, 13 Jun 2002 16:14:10 +0000 (16:14 +0000)]
Update I-Ds.

22 years agoITS#1882: fix typo
Kurt Zeilenga [Thu, 13 Jun 2002 14:50:33 +0000 (14:50 +0000)]
ITS#1882: fix typo

22 years agoGenerate man page date from version.sh
Kurt Zeilenga [Thu, 13 Jun 2002 03:59:10 +0000 (03:59 +0000)]
Generate man page date from version.sh

22 years agoDate: Thu, 2 May 2002 08:54:59 GMT
Kurt Zeilenga [Wed, 12 Jun 2002 16:39:05 +0000 (16:39 +0000)]
Date: Thu, 2 May 2002 08:54:59 GMT
From: h.b.furuseth@usit.uio.no
To: openldap-its@OpenLDAP.org
Subject: Patch: Bugs with back-ldap/meta mappings

Full_Name: Hallvard B. Furuseth
Version: HEAD
OS: Linux
URL: http://folk.uio.no/hbf/OpenLDAP/back-ldap.txt
Submission from: (NULL) (158.36.148.34)

The source claims the 'map' attribute has syntax
map {objectclass | attribute}   {<source> | *}      [<dest> | *]
while it actually has syntax
map {objectclass | attribute} [<local name> | *] {<foreign name> |
*}
except that the code is confused about it.  Removed attributes are
put in both the maps for local and foreign names:
# Remove description and present title as description instead
map attribute description
map attribute description title
-->
slapd.conf: line 10: duplicate mapping found (ignored)

Also, map.c:ldap_back_map_attrs() loops forever on removed attributes
(ie. if one asks ldapsearch for an attribute which has been removed).

22 years agoAdd pointer to JLDAP TODO list
Kurt Zeilenga [Wed, 12 Jun 2002 16:32:29 +0000 (16:32 +0000)]
Add pointer to JLDAP TODO list

22 years agoClarify that client side items refer to client/tools and/or ldap(3) work
Kurt Zeilenga [Wed, 12 Jun 2002 16:28:05 +0000 (16:28 +0000)]
Clarify that client side items refer to client/tools and/or ldap(3) work

22 years agoUpdate to the 'gentle SIGHUP' patch. (ITS#1679)
Kurt Zeilenga [Wed, 12 Jun 2002 15:43:19 +0000 (15:43 +0000)]
Update to the 'gentle SIGHUP' patch.  (ITS#1679)

- Let write operations return unwilling-to-perform after
  'gentle shutdown' has been initiated.
- Change -1 to 2 in slapd_gentle_shutdown and slapd_shutdown, since
  sig_atomic_t can be unsigned (ITS#1736).  The 'gentle SIGHUP' patch
  is older than ITS#1736 but was applied later, so it reintroduced
  the problem.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, June 2002.

22 years agoDeleted Connection->c_cdn. Use conn->c_dn instead...
Howard Chu [Wed, 12 Jun 2002 08:38:59 +0000 (08:38 +0000)]
Deleted Connection->c_cdn. Use conn->c_dn instead...

22 years agoremove --enable-kbind option (can be manually set)
Kurt Zeilenga [Wed, 12 Jun 2002 04:55:30 +0000 (04:55 +0000)]
remove --enable-kbind option (can be manually set)

22 years agoFix typo in previous commit
Howard Chu [Wed, 12 Jun 2002 04:12:51 +0000 (04:12 +0000)]
Fix typo in previous commit

22 years agoFinished slap_sasl_setpass for Cyrus 1.5; Cyrus 2.1 is incomplete.
Howard Chu [Wed, 12 Jun 2002 04:05:48 +0000 (04:05 +0000)]
Finished slap_sasl_setpass for Cyrus 1.5; Cyrus 2.1 is incomplete.
Added conn->c_sasl_dn, streamlined slap_sasl_bind.

22 years agoadd reference to "Software Bugs" issues
Kurt Zeilenga [Wed, 12 Jun 2002 03:42:01 +0000 (03:42 +0000)]
add reference to "Software Bugs" issues

22 years agoRework todo
Kurt Zeilenga [Wed, 12 Jun 2002 03:36:05 +0000 (03:36 +0000)]
Rework todo

22 years agoAdd {CLEARTEXT} to password-hash possibilities
Kurt Zeilenga [Wed, 12 Jun 2002 00:50:28 +0000 (00:50 +0000)]
Add {CLEARTEXT} to password-hash possibilities

22 years agoAdd {CLEARTEXT} password-hash support
Kurt Zeilenga [Wed, 12 Jun 2002 00:43:34 +0000 (00:43 +0000)]
Add {CLEARTEXT} password-hash support

22 years agoAn almost complete slap_sasl_setpass()
Kurt Zeilenga [Wed, 12 Jun 2002 00:13:29 +0000 (00:13 +0000)]
An almost complete slap_sasl_setpass()

22 years agoRework c_authzid_backend in preparation for sasl_setpass() support
Kurt Zeilenga [Tue, 11 Jun 2002 22:56:47 +0000 (22:56 +0000)]
Rework c_authzid_backend in preparation for sasl_setpass() support

22 years agoreturn PROTOCOL_ERROR if reqdata is empty.
Kurt Zeilenga [Mon, 10 Jun 2002 19:56:17 +0000 (19:56 +0000)]
return PROTOCOL_ERROR if reqdata is empty.

22 years agoDB_RMW flag to dn2id and id2entry
Jong Hyuk Choi [Mon, 10 Jun 2002 19:02:25 +0000 (19:02 +0000)]
DB_RMW flag to dn2id and id2entry

22 years agoFix preamble
Kurt Zeilenga [Sun, 9 Jun 2002 19:11:53 +0000 (19:11 +0000)]
Fix preamble

22 years agoMisc updates
Kurt Zeilenga [Sun, 9 Jun 2002 18:57:35 +0000 (18:57 +0000)]
Misc updates

22 years agoVLV clean OPENLDAP_REL_ENG_2_MP
Kurt Zeilenga [Sun, 9 Jun 2002 06:12:24 +0000 (06:12 +0000)]
VLV clean

22 years agoCannot set rootpw when rootdn is not under suffix
Kurt Zeilenga [Sat, 8 Jun 2002 18:49:14 +0000 (18:49 +0000)]
Cannot set rootpw when rootdn is not under suffix

22 years agoUpdate
Kurt Zeilenga [Sat, 8 Jun 2002 18:40:58 +0000 (18:40 +0000)]
Update

22 years agoNote that rootpw can only be set if rootdn is under suffix.
Kurt Zeilenga [Sat, 8 Jun 2002 18:40:36 +0000 (18:40 +0000)]
Note that rootpw can only be set if rootdn is under suffix.

22 years agoBe less forgiving (don't ignore so many configuration errors)
Kurt Zeilenga [Sat, 8 Jun 2002 18:38:52 +0000 (18:38 +0000)]
Be less forgiving (don't ignore so many configuration errors)

22 years agoAdd rootdn check when rootpw is set.
Kurt Zeilenga [Sat, 8 Jun 2002 18:04:43 +0000 (18:04 +0000)]
Add rootdn check when rootpw is set.

22 years agoFix for ITS#1842 (applied blindly)
Kurt Zeilenga [Sat, 8 Jun 2002 06:09:30 +0000 (06:09 +0000)]
Fix for ITS#1842 (applied blindly)

22 years agoFix ITS#1865, (ITS#1764?) cond_broadcast behavior was broken
Howard Chu [Fri, 7 Jun 2002 22:45:22 +0000 (22:45 +0000)]
Fix ITS#1865, (ITS#1764?) cond_broadcast behavior was broken

22 years agouserPassword/authPassword can be safely subtyped (though I wouldn't
Kurt Zeilenga [Fri, 7 Jun 2002 20:32:06 +0000 (20:32 +0000)]
userPassword/authPassword can be safely subtyped (though I wouldn't
recommend it).

22 years agoFix ITS#1843, don't deref NULL string in ldap_pvt_str2upper
Howard Chu [Fri, 7 Jun 2002 13:27:25 +0000 (13:27 +0000)]
Fix ITS#1843, don't deref NULL string in ldap_pvt_str2upper

22 years agoBetter SASL_MAXBUF fix
Howard Chu [Fri, 7 Jun 2002 03:40:16 +0000 (03:40 +0000)]
Better SASL_MAXBUF fix

22 years agoMore I-D.
Kurt Zeilenga [Fri, 7 Jun 2002 01:58:40 +0000 (01:58 +0000)]
More I-D.

22 years agoUpdate VLV I-D and add proxy auth I-D.
Kurt Zeilenga [Fri, 7 Jun 2002 01:44:32 +0000 (01:44 +0000)]
Update VLV I-D and add proxy auth I-D.

22 years agoITS#1837, one-level searches on leaf entries
Howard Chu [Thu, 6 Jun 2002 11:27:52 +0000 (11:27 +0000)]
ITS#1837, one-level searches on leaf entries

22 years agoFix Listeners: handles multiple addresses for a given hostname, copies
Howard Chu [Thu, 6 Jun 2002 10:33:18 +0000 (10:33 +0000)]
Fix Listeners: handles multiple addresses for a given hostname, copies
sockaddr into Listener structure.

22 years agoremove dbenv->lock_put() call from transaction-protected operations
Jong Hyuk Choi [Thu, 6 Jun 2002 10:14:14 +0000 (10:14 +0000)]
remove dbenv->lock_put() call from transaction-protected operations

22 years agoEliminate SASL client session_callbacks. Since proc was always NULL they
Howard Chu [Thu, 6 Jun 2002 01:44:38 +0000 (01:44 +0000)]
Eliminate SASL client session_callbacks. Since proc was always NULL they
never did anything anyway.

22 years agoFull_Name: Norbert Klasen
Kurt Zeilenga [Thu, 6 Jun 2002 00:31:09 +0000 (00:31 +0000)]
Full_Name: Norbert Klasen
Version: head
OS: SuSE Linux 7.3
URL: ftp://ftp.openldap.org/incoming/norbert.klasen.rejects.20020605.patch
Submission from: (NULL) (62.104.216.66)

This patch adds an '-S' option to ldapmodify. If a filename is specified with
this option, records which could not successfully be added/modified/deleted from
the LDAP server will be written to the specified file. Most useful in
conjunction with '-c' option.

22 years agoMore argument handling updates
Kurt Zeilenga [Thu, 6 Jun 2002 00:26:50 +0000 (00:26 +0000)]
More argument handling updates
(don't check what we expect applications to check).

22 years agoFix up abandon merge. Hallvard will holler if I get this wrong. :-)
Kurt Zeilenga [Wed, 5 Jun 2002 16:53:48 +0000 (16:53 +0000)]
Fix up abandon merge.  Hallvard will holler if I get this wrong. :-)

22 years agoPatch: Non-unique msgid for abandon in back-<shell,tcl> (ITS#1793)
Kurt Zeilenga [Wed, 5 Jun 2002 16:40:16 +0000 (16:40 +0000)]
Patch: Non-unique msgid for abandon in back-<shell,tcl>  (ITS#1793)

================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
================

It has just occurred to me - duh - that the process ID of a back-shell
command is a perfectly good unique ID for it, and more useful than
any connection id/message id thingy.  Doesn't need extra arguments
to the shell commands either, except a pid: line to abandon.
And msgid: can still be removed in a future version.
Here is a patch.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.

22 years agoFix typo in last commit
Kurt Zeilenga [Wed, 5 Jun 2002 16:39:15 +0000 (16:39 +0000)]
Fix typo in last commit

22 years agoparam error comment is incorrect
Kurt Zeilenga [Wed, 5 Jun 2002 15:56:55 +0000 (15:56 +0000)]
param error comment is incorrect

22 years agoAdd error handling cleanup
Kurt Zeilenga [Wed, 5 Jun 2002 15:51:42 +0000 (15:51 +0000)]
Add error handling cleanup

22 years agoConsistently don't check for NULL session handle and other pointers.
Kurt Zeilenga [Wed, 5 Jun 2002 15:46:26 +0000 (15:46 +0000)]
Consistently don't check for NULL session handle and other pointers.
Application is responsible for providing valid session pointers.

22 years agoGentile HUP shutdown from Hallvard
Kurt Zeilenga [Mon, 3 Jun 2002 16:47:43 +0000 (16:47 +0000)]
Gentile HUP shutdown from Hallvard

22 years agoVLV updates
Kurt Zeilenga [Mon, 3 Jun 2002 16:45:09 +0000 (16:45 +0000)]
VLV updates

22 years ago/dev/urandom re-read(2) loop
Kurt Zeilenga [Mon, 3 Jun 2002 16:43:57 +0000 (16:43 +0000)]
/dev/urandom re-read(2) loop

22 years agoRemove info@openldap.org address.
Kurt Zeilenga [Sun, 2 Jun 2002 07:28:55 +0000 (07:28 +0000)]
Remove info@openldap.org address.

22 years agodetail table to better indicate reserved/used args
Kurt Zeilenga [Sun, 2 Jun 2002 04:21:59 +0000 (04:21 +0000)]
detail table to better indicate reserved/used args

22 years agoAdd matched values command line support (ITS#1811).
Kurt Zeilenga [Sun, 2 Jun 2002 04:15:38 +0000 (04:15 +0000)]
Add matched values command line support (ITS#1811).
Adapted .Sahalayev@pgr.salford.ac.uk's submission.
Needs to be extended to support comma separated list of options
for other controls and such.

---
Copyright 2002, Mikhail Sahalaev, All rights reserved.
This software is not subject to any license of University Of
Salford.

Redistribution and use in source and binary forms are permitted
without restriction or fee of any kind as long as this notice
is preserved.

22 years agoFix up -f description
Kurt Zeilenga [Sat, 1 Jun 2002 21:41:09 +0000 (21:41 +0000)]
Fix up -f description