]>
git.sur5r.net Git - openldap/log
Kurt Zeilenga [Fri, 19 Dec 2003 02:18:29 +0000 (02:18 +0000)]
Move pid/args files into $(RUNDIR)/run
Move ldapi into $(RUNDIR)/run/openldap
Kurt Zeilenga [Fri, 19 Dec 2003 02:00:10 +0000 (02:00 +0000)]
Add comment
Kurt Zeilenga [Fri, 19 Dec 2003 01:51:02 +0000 (01:51 +0000)]
supportedFeatures and "+" are now RFCs
Kurt Zeilenga [Fri, 19 Dec 2003 01:40:06 +0000 (01:40 +0000)]
Remove cruft
Kurt Zeilenga [Thu, 18 Dec 2003 23:24:49 +0000 (23:24 +0000)]
Print UNDEFINED on compare error
Howard Chu [Thu, 18 Dec 2003 20:26:05 +0000 (20:26 +0000)]
Fix install rule
Kurt Zeilenga [Thu, 18 Dec 2003 20:01:47 +0000 (20:01 +0000)]
Move experimental built-in SASL behind SLAP_BUILTIN_SASL macro
Kurt Zeilenga [Thu, 18 Dec 2003 19:48:40 +0000 (19:48 +0000)]
Cleanup
Kurt Zeilenga [Thu, 18 Dec 2003 19:45:47 +0000 (19:45 +0000)]
Bump the required Cyrus SASL version to 2.1.15+
Kurt Zeilenga [Thu, 18 Dec 2003 19:30:37 +0000 (19:30 +0000)]
Clean error handling
Kurt Zeilenga [Thu, 18 Dec 2003 19:15:57 +0000 (19:15 +0000)]
Use ldap_unbind_ext(3)
Pierangelo Masarati [Thu, 18 Dec 2003 18:32:45 +0000 (18:32 +0000)]
propagate flags to sasl-regexp functions (will need it later)
Pierangelo Masarati [Thu, 18 Dec 2003 18:28:43 +0000 (18:28 +0000)]
allow 'all' vs. 'any' sasl-authz-policy
Kurt Zeilenga [Thu, 18 Dec 2003 17:32:30 +0000 (17:32 +0000)]
clarify default access control policy
Kurt Zeilenga [Thu, 18 Dec 2003 06:52:39 +0000 (06:52 +0000)]
Completely untested built-in EXTERNAL implementation
Needs identity mapping and proxy authorization support
Howard Chu [Thu, 18 Dec 2003 03:54:48 +0000 (03:54 +0000)]
ITS#2884 silence warning. We don't dereference this pointer, we just use
it's value as a unique key.
Howard Chu [Thu, 18 Dec 2003 03:50:09 +0000 (03:50 +0000)]
ITS#2883 initialize rc before running callbacks
Kurt Zeilenga [Thu, 18 Dec 2003 02:12:44 +0000 (02:12 +0000)]
Update index to encourage "proper" use
Kurt Zeilenga [Thu, 18 Dec 2003 01:07:09 +0000 (01:07 +0000)]
Fix tests
Kurt Zeilenga [Thu, 18 Dec 2003 00:44:51 +0000 (00:44 +0000)]
Switch to #if instead of #ifdef LDAP_DEPRECATED
Kurt Zeilenga [Thu, 18 Dec 2003 00:36:45 +0000 (00:36 +0000)]
Latest
Pierangelo Masarati [Thu, 18 Dec 2003 00:27:01 +0000 (00:27 +0000)]
some notes on access required by proxyAuthz control;
note that other controls may need different access
privileges via, e.g., backend_attribute() (syncrepl?)
Kurt Zeilenga [Thu, 18 Dec 2003 00:06:55 +0000 (00:06 +0000)]
More updatedn != rootdn recommendations
Kurt Zeilenga [Wed, 17 Dec 2003 21:42:48 +0000 (21:42 +0000)]
Make modify/increment conditional
Kurt Zeilenga [Wed, 17 Dec 2003 21:29:19 +0000 (21:29 +0000)]
Minor adjust
Kurt Zeilenga [Wed, 17 Dec 2003 21:09:28 +0000 (21:09 +0000)]
Clean up LDAP Sync result codes
Pierangelo Masarati [Wed, 17 Dec 2003 20:55:46 +0000 (20:55 +0000)]
cleanup most of the -pedantic warnings (ITS#2884) and other small fixes
Kurt Zeilenga [Wed, 17 Dec 2003 17:55:27 +0000 (17:55 +0000)]
Sync with HEAD
Kurt Zeilenga [Wed, 17 Dec 2003 17:48:56 +0000 (17:48 +0000)]
Dont mention bare oc in list.
Kurt Zeilenga [Wed, 17 Dec 2003 17:36:41 +0000 (17:36 +0000)]
s/+/@/ in OC attr lists
Howard Chu [Wed, 17 Dec 2003 04:22:40 +0000 (04:22 +0000)]
Some text tweaks
Kurt Zeilenga [Wed, 17 Dec 2003 00:34:37 +0000 (00:34 +0000)]
Remove -C(hasing) option. Doesn't make sense for update operations
(at least not with a secure authentication framework).
Luke Howard [Tue, 16 Dec 2003 15:49:31 +0000 (15:49 +0000)]
First round of SLAPI cleanups - use slapi_int_XXX for internal functions
(slapi_x_XXX is still reserved for exported functions that are not part
of the SLAPI specification)
Pierangelo Masarati [Tue, 16 Dec 2003 14:25:36 +0000 (14:25 +0000)]
fix a couple of (too optimistic) comments...
Pierangelo Masarati [Tue, 16 Dec 2003 11:20:59 +0000 (11:20 +0000)]
more clarifications on dnstyle usage
Luke Howard [Tue, 16 Dec 2003 11:17:54 +0000 (11:17 +0000)]
Honour any controls that are sent by a SLAPI plugin
Pierangelo Masarati [Tue, 16 Dec 2003 11:05:52 +0000 (11:05 +0000)]
line up comments and code
Pierangelo Masarati [Tue, 16 Dec 2003 10:56:21 +0000 (10:56 +0000)]
improve error handling for attr val ACL syntax
Kurt Zeilenga [Tue, 16 Dec 2003 06:52:52 +0000 (06:52 +0000)]
Formating
Luke Howard [Tue, 16 Dec 2003 05:59:50 +0000 (05:59 +0000)]
Don't leak SLAPI_RESCONTROLS when free'ing parameter block - these
are allocated by the plugin
Kurt Zeilenga [Tue, 16 Dec 2003 05:55:52 +0000 (05:55 +0000)]
Deprecate +objectClass in favor of @objectClass per IETF discussions
Kurt Zeilenga [Tue, 16 Dec 2003 03:59:24 +0000 (03:59 +0000)]
Rework for overlay (should be checked by someone who knows this
stuff).
Kurt Zeilenga [Tue, 16 Dec 2003 03:25:32 +0000 (03:25 +0000)]
Requires --with-tls
Kurt Zeilenga [Tue, 16 Dec 2003 01:58:15 +0000 (01:58 +0000)]
minor tweak and rebuild
Kurt Zeilenga [Tue, 16 Dec 2003 01:55:56 +0000 (01:55 +0000)]
Revert last commit
Pierangelo Masarati [Tue, 16 Dec 2003 01:10:33 +0000 (01:10 +0000)]
honor '!' (objectClass negation) when checking attribute presence in list
Pierangelo Masarati [Tue, 16 Dec 2003 00:49:10 +0000 (00:49 +0000)]
add to 'val[.<style>=<value>' ACLs special match styles for DN-valued attributes; add negated objectClass to attribute name lists for ACLs and partial replication
Howard Chu [Tue, 16 Dec 2003 00:39:29 +0000 (00:39 +0000)]
Fix - need to initialize lutil_passwd.
Kurt Zeilenga [Mon, 15 Dec 2003 23:32:52 +0000 (23:32 +0000)]
Rework last commit
Kurt Zeilenga [Mon, 15 Dec 2003 23:27:28 +0000 (23:27 +0000)]
Rev the API version number
Kurt Zeilenga [Mon, 15 Dec 2003 18:41:23 +0000 (18:41 +0000)]
Make a few OPERATIONAL REQUIREMENT clarifications
Clean up formating
Pierangelo Masarati [Mon, 15 Dec 2003 18:19:14 +0000 (18:19 +0000)]
allow 'AUTHZ' mech in proxyAuthz control to allow also the <mech> part of the 'u:' user
Pierangelo Masarati [Mon, 15 Dec 2003 17:55:55 +0000 (17:55 +0000)]
describe detailed access levels required for each operation
Kurt Zeilenga [Sun, 14 Dec 2003 21:00:52 +0000 (21:00 +0000)]
Fix typos
Pierangelo Masarati [Sun, 14 Dec 2003 15:36:46 +0000 (15:36 +0000)]
typo
Pierangelo Masarati [Sun, 14 Dec 2003 14:08:15 +0000 (14:08 +0000)]
fix previous commits
Pierangelo Masarati [Sun, 14 Dec 2003 11:13:25 +0000 (11:13 +0000)]
resolve naming conflicts when compiling rwm overlay as static (will disappear as soon as rwm stuff is removed from back-ldap/back-meta)
Kurt Zeilenga [Sun, 14 Dec 2003 06:46:30 +0000 (06:46 +0000)]
Add support for -DOPENLDAP_FD_SETSIZE=N for use on Linux.
Works on BSD as well (equiv. to -DFD_SETSIZE=N).
Kurt Zeilenga [Sun, 14 Dec 2003 03:15:28 +0000 (03:15 +0000)]
Remove LDAP_DEPRECATED dependency
Kurt Zeilenga [Sun, 14 Dec 2003 02:47:42 +0000 (02:47 +0000)]
Add LDAP_DEPRECATED macro
Need to remove use of deprecated functions.
Kurt Zeilenga [Sat, 13 Dec 2003 23:41:44 +0000 (23:41 +0000)]
Add u: comment
Kurt Zeilenga [Sat, 13 Dec 2003 23:38:05 +0000 (23:38 +0000)]
Forward parse the uauthzid. A realm cannot be specified unless
a mechanism is specified. (Few mechanisms (DIGEST-MD5 only) support
separate realms.)
Pierangelo Masarati [Sat, 13 Dec 2003 23:02:59 +0000 (23:02 +0000)]
saslAuthzTo/From stuff
when comparing IDs to saslAuthzTo/From values, the saslAuthzTo
saslAuthzFrom values can take different forms:
dn[.<style>]:<pattern>
<style> ::= exact ; exact match
children ; children of <pattern> match
subtree ; <pattern> or children of <pattern> match
regex ; <pattern> is regcomp() & regexec()
if no <style>, then exact is assumed
u[.<mech>][/<realm>]:<user>
when parsing a proxyAuthz value, only exact DN is allowed,
and no <mech> can be specified. <user> cannot contain ':'
and <mech> cannot contain '/'.
Howard Chu [Sat, 13 Dec 2003 22:43:01 +0000 (22:43 +0000)]
Use c_authmech when c_sasl_bind_mech is empty
Howard Chu [Sat, 13 Dec 2003 22:16:03 +0000 (22:16 +0000)]
Fix prev commit, use c_authtype
Howard Chu [Sat, 13 Dec 2003 21:39:51 +0000 (21:39 +0000)]
Always set c_authmech
Kurt Zeilenga [Sat, 13 Dec 2003 18:57:00 +0000 (18:57 +0000)]
cleanup
Kurt Zeilenga [Sat, 13 Dec 2003 17:25:59 +0000 (17:25 +0000)]
Look for the '@' in userid@realm in reverse so that a@b@c results
in userid of a@b and realm of c.
Pierangelo Masarati [Sat, 13 Dec 2003 17:21:17 +0000 (17:21 +0000)]
note a potential problem
Pierangelo Masarati [Sat, 13 Dec 2003 15:29:49 +0000 (15:29 +0000)]
conn must be non-null
Pierangelo Masarati [Sat, 13 Dec 2003 12:23:56 +0000 (12:23 +0000)]
add subtree/children styles to saslAuthzTo/From; 'dn:' now defaults to exact
Pierangelo Masarati [Sat, 13 Dec 2003 10:58:31 +0000 (10:58 +0000)]
cleanup saslauthz code
Pierangelo Masarati [Sat, 13 Dec 2003 10:57:42 +0000 (10:57 +0000)]
use dedicated admin identity to proxyAuthz
Pierangelo Masarati [Sat, 13 Dec 2003 10:57:13 +0000 (10:57 +0000)]
declare overlays_init()
Howard Chu [Sat, 13 Dec 2003 02:35:27 +0000 (02:35 +0000)]
Fix URI to work with either back-ldap or back-meta
Howard Chu [Sat, 13 Dec 2003 02:00:07 +0000 (02:00 +0000)]
Clean up entry initialization
Howard Chu [Thu, 11 Dec 2003 13:24:06 +0000 (13:24 +0000)]
ITS#2869 fix decode length checks again
Kurt Zeilenga [Thu, 11 Dec 2003 07:43:49 +0000 (07:43 +0000)]
More error code tweaks
Kurt Zeilenga [Thu, 11 Dec 2003 07:28:01 +0000 (07:28 +0000)]
Tweak the codes
Kurt Zeilenga [Thu, 11 Dec 2003 05:26:32 +0000 (05:26 +0000)]
Change API error codes to negative numbers so as not to clash
with newly assigned protocol result codes.
Jong Hyuk Choi [Thu, 11 Dec 2003 00:04:52 +0000 (00:04 +0000)]
fix for concurrent persistent searches
Howard Chu [Wed, 10 Dec 2003 08:52:19 +0000 (08:52 +0000)]
Whitespace
Howard Chu [Wed, 10 Dec 2003 08:45:53 +0000 (08:45 +0000)]
Fixup overlay build environment
Pierangelo Masarati [Wed, 10 Dec 2003 00:15:02 +0000 (00:15 +0000)]
make names unique, since back-ldap/back-meta still have/use suffix_massage* routines
Pierangelo Masarati [Tue, 9 Dec 2003 23:50:10 +0000 (23:50 +0000)]
add rwm overlay configure and make stuff (need autoconf/autoheader ...)
Pierangelo Masarati [Tue, 9 Dec 2003 23:49:13 +0000 (23:49 +0000)]
cleanup handling of unknown directives ...
Kurt Zeilenga [Tue, 9 Dec 2003 21:57:34 +0000 (21:57 +0000)]
More blind s/unsigned long/ac_uint4/ changes
Howard Chu [Tue, 9 Dec 2003 20:10:44 +0000 (20:10 +0000)]
ITS#2865 don't try to calloc 0 bytes, log an error and return instead.
Don't crash in slapcat when NULL entry is returned.
Howard Chu [Tue, 9 Dec 2003 19:26:14 +0000 (19:26 +0000)]
ITS#2868 check result from slap_startup
Howard Chu [Tue, 9 Dec 2003 19:09:58 +0000 (19:09 +0000)]
Minor cleanup. Still need to address ITS#2866 point 2
Kurt Zeilenga [Mon, 8 Dec 2003 18:16:07 +0000 (18:16 +0000)]
unifdef -DLDAP_CONTROL_PAGEDRESULTS (as it is always defined)
Kurt Zeilenga [Mon, 8 Dec 2003 18:08:29 +0000 (18:08 +0000)]
s/unsigned long/ac_uint4/
Kurt Zeilenga [Mon, 8 Dec 2003 17:41:40 +0000 (17:41 +0000)]
notices and acknowledgements
Hallvard Furuseth [Sun, 7 Dec 2003 21:58:41 +0000 (21:58 +0000)]
Remove spurious '-a' at end of test statement.
Kurt Zeilenga [Sun, 7 Dec 2003 19:19:18 +0000 (19:19 +0000)]
notices and acknowledgements
Howard Chu [Sun, 7 Dec 2003 12:39:00 +0000 (12:39 +0000)]
ITS#2341 ol_enable_dynamic shouldn't depend on enable_slapd
Howard Chu [Sun, 7 Dec 2003 11:15:22 +0000 (11:15 +0000)]
ITS#2494 sort entries ahead of everything else
Howard Chu [Sun, 7 Dec 2003 08:51:23 +0000 (08:51 +0000)]
Added sc_next and sc_cleanup to slap_callback
Kurt Zeilenga [Sun, 7 Dec 2003 08:29:07 +0000 (08:29 +0000)]
Fix liblunicode issues on systems where sizeof(long) > 4.
Code still lacks portability (alignment/padding, required ac_uint2/4 types)
Should resolve ITS#2632, ITS#2660, ITS#2784
Kurt Zeilenga [Sun, 7 Dec 2003 07:54:38 +0000 (07:54 +0000)]
Clarify