Some fixes to make it compile.
Please, someone look for SYNTAX_DN in the file, read my comment there
and try to explain what was the code doing there. I don't understand
the purpose of that. And I need it to know what to do about it.
Fix to deal with the new functions in matching rules.
Lots to do here. Possibly move matching rules to a separate file, since
new code and pieces that have been removed from here would have to come
here.
Explain better what each matching rule function means.
We need to indexing routines per matching rule. One (cindex) is used to
create the indexes. The other (sindex) is used to search. This is
necessary because the syntax of the value assertion may be different
from the syntax of the attributes the matching rules is used with.
They may be the same function, however, and will be the same in most
cases.
Revert the definition of the f_un_sub choice in the filter for the time
being. Really, this should be done, but it makes too great a mess,
so we will leave it for later.
Delete all sat_syntax_compat crud.
Change at_canonical_name to start from an AttributeType instead
of a character string. This routine could be inlined cleanly.
First step in third stage of new schema support.
The backend compiles, but it is incomplete. The rest of slapd is broken,
so don't even think about trying it.
Kurt Zeilenga [Sun, 4 Jul 1999 18:46:24 +0000 (18:46 +0000)]
HEADS UP: connections are forced to "anonymous" status upon receiving
of a bind request and, upon failure, are left "anonymous."
Rework ACL code to hide access testing within macros to facilate additions
and eventual redesign.
Addition of #ifdef SLAPD_ACLAUTH to conditional include EXPERIMENTAL
"auth" access controls. Adds ACL_AUTH "auth" access level (above none,
below "compare"). bind requires anonymous access at this level or above access
to "entry"/"userPassword"/"krbName". This allows administrators to restrict
which entries can be bound to. (This will likely become default behavior
after testing has completed).
Kurt Zeilenga [Fri, 2 Jul 1999 19:48:07 +0000 (19:48 +0000)]
More bind changes to support SASL/DIGEST.
Added configuration support for "digest-realm <realm>" configure directive.
Added connection state and bind_in_progress fields to cn=monitor connection
attribute.
Removed numerous memory leaks detected by Mark Meredith.
Make sure the token_val argument to get_token is always initialized
to something, either newly allocated memory or NULL.
Kurt Zeilenga [Thu, 1 Jul 1999 21:20:45 +0000 (21:20 +0000)]
Add macros to support testing of error categories to ldap.h
Modify ldap_result to assert returned error is not an one reserved
for API use.
Modify frontend LDAP operation routines to return an error code.
The returned value will be used to determine if an unsolicited notification
should be sent to the client.
Need to review returned error codes. Namely some LDAP_PROTOCOL_ERROR
will like need to be changed (as they will cause unsolicited notifications).
Kurt Zeilenga [Tue, 29 Jun 1999 22:24:53 +0000 (22:24 +0000)]
Modify lutil_passwd to accept a third argument char** methods to
specific which methods may be used. This will facilate development
of a slapd config directive "passwordMethod ..." to specify which
methods should be allowed.
Kurt Zeilenga [Tue, 29 Jun 1999 04:52:55 +0000 (04:52 +0000)]
expose oc_check_operational from schema.c
Use everywhere.
Apply search ACLs to operational attributes.
Only provide operational attributes when explicitly requested.
Kurt Zeilenga [Sat, 26 Jun 1999 20:52:59 +0000 (20:52 +0000)]
Added support for "userPassword: {UNIX}uid". getpwnam("uid") is
used to fetch the pw_passwd which is than passwd to crypt().
getspnam() is used instead of getpwnam() when available.
Added configration detection of pw_passwd, shadow.h, getpwnam()
and getspnam().
Bastiaan Bakker [Wed, 23 Jun 1999 12:31:35 +0000 (12:31 +0000)]
Added connection initialisation and destruction notification. Now backends can register functions in backend_info.bi_connection_init and backend_info.bi_connection_destroy that will be called when a connection is initialized or destroyed.