[Pkg-openldap-devel] r733 - in openldap/trunk-2.3: . build
clients/tools debian doc/man/man1 doc/man/man5 include/ac
libraries/libldap libraries/liblutil libraries/librewrite
servers/slapd servers/slapd/back-bdb servers/slapd/back-ldap
servers/slapd/back-meta servers/slapd/back-monitor
servers/slapd/back-perl servers/slapd/overlays servers/slapd/schema
Matthijs Mohlmann
matthijs at alioth.debian.org
Thu Nov 9 21:58:03 CET 2006
Author: matthijs
Date: 2006-11-09 21:58:01 +0100 (Thu, 09 Nov 2006)
New Revision: 733
Modified:
openldap/trunk-2.3/CHANGES
openldap/trunk-2.3/build/version.var
openldap/trunk-2.3/clients/tools/ldapsearch.c
openldap/trunk-2.3/debian/changelog
openldap/trunk-2.3/doc/man/man1/ldapsearch.1
openldap/trunk-2.3/doc/man/man5/slapd.access.5
openldap/trunk-2.3/doc/man/man5/slapd.conf.5
openldap/trunk-2.3/include/ac/stdlib.h
openldap/trunk-2.3/libraries/libldap/init.c
openldap/trunk-2.3/libraries/libldap/os-ip.c
openldap/trunk-2.3/libraries/liblutil/ldif.c
openldap/trunk-2.3/libraries/librewrite/ldapmap.c
openldap/trunk-2.3/libraries/librewrite/map.c
openldap/trunk-2.3/servers/slapd/aclparse.c
openldap/trunk-2.3/servers/slapd/back-bdb/cache.c
openldap/trunk-2.3/servers/slapd/back-ldap/add.c
openldap/trunk-2.3/servers/slapd/back-ldap/compare.c
openldap/trunk-2.3/servers/slapd/back-ldap/delete.c
openldap/trunk-2.3/servers/slapd/back-ldap/modify.c
openldap/trunk-2.3/servers/slapd/back-ldap/modrdn.c
openldap/trunk-2.3/servers/slapd/back-ldap/search.c
openldap/trunk-2.3/servers/slapd/back-meta/search.c
openldap/trunk-2.3/servers/slapd/back-monitor/search.c
openldap/trunk-2.3/servers/slapd/back-perl/bind.c
openldap/trunk-2.3/servers/slapd/back-perl/init.c
openldap/trunk-2.3/servers/slapd/back-perl/modify.c
openldap/trunk-2.3/servers/slapd/back-perl/proto-perl.h
openldap/trunk-2.3/servers/slapd/backend.c
openldap/trunk-2.3/servers/slapd/bind.c
openldap/trunk-2.3/servers/slapd/config.c
openldap/trunk-2.3/servers/slapd/init.c
openldap/trunk-2.3/servers/slapd/overlays/accesslog.c
openldap/trunk-2.3/servers/slapd/overlays/ppolicy.c
openldap/trunk-2.3/servers/slapd/overlays/translucent.c
openldap/trunk-2.3/servers/slapd/schema/README
openldap/trunk-2.3/servers/slapd/schema_init.c
openldap/trunk-2.3/servers/slapd/syncrepl.c
Log:
* New upstream release.
Modified: openldap/trunk-2.3/CHANGES
===================================================================
--- openldap/trunk-2.3/CHANGES 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/CHANGES 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,30 @@
OpenLDAP 2.3 Change Log
+OpenLDAP 2.3.28 Release
+ Fixed libldap ldap.conf max line length (ITS#4669)
+ Fixed libldap use keepalive for syncrepl (ITS#4708)
+ Fixed liblutil LDIF CR/LF parsing bug (ITS#4635)
+ Fixed librewrite LDAP map parsing bug
+ Fixed librewrite map double free bug
+ Added ldapsearch bad filter pattern check (ITS#4647)
+ Fixed slapd global access controls initialization (ITS#4654)
+ Fixed slapd setting c_sasl_bindop only on SASL binds
+ Fixed slapd max line length issue (ITS#4651)
+ Fixed slapd return code not being propagated (ITS#4565)
+ Fixed slapd integerBitAndMatch (ITS#4672)
+ Fixed slapd syncrepl modrdn new superior (ITS#4695)
+ Fixed slapd-ldap retry with idassert (ITS#4686)
+ Fixed slapd-meta DN massage error code handling (ITS#4711)
+ Fixed slapd-monitor locking with scope "subordinate" (ITS#4668)
+ Fixed slapd-perl deletes (ITS#2612)
+ Fixed slapd-perl backend initialization (ITS#4358)
+ Fixed slapd-perl finding interpreter inside a thread (ITS#4358)
+ Fixed slapo-ppolicy pwdChangedTime behavior (ITS#4692)
+ Fixed slapo-translucent ldapmodify crash (ITS#4673)
+ Documentation
+ Updated ldapsearch(1) options (ITS#4371,4526,4647)
+ Fixed slapd.access(5) non-optional dn= error (ITS#4522)
+
OpenLDAP 2.3.27 Release
Fixed libldap dangling pointer issue (previous fix was broken) (ITS#4405)
Modified: openldap/trunk-2.3/build/version.var
===================================================================
--- openldap/trunk-2.3/build/version.var 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/build/version.var 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
#! /bin/sh
-# $OpenLDAP: pkg/ldap/build/version.var,v 1.7.2.66 2006/08/19 15:09:04 kurt Exp $
+# $OpenLDAP: pkg/ldap/build/version.var,v 1.7.2.69 2006/10/21 16:49:35 kurt Exp $
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2006 The OpenLDAP Foundation.
@@ -15,9 +15,9 @@
ol_package=OpenLDAP
ol_major=2
ol_minor=3
-ol_patch=27
-ol_api_inc=20327
+ol_patch=28
+ol_api_inc=20328
ol_api_current=2
-ol_api_revision=15
+ol_api_revision=16
ol_api_age=2
-ol_release_date="2006/08/19"
+ol_release_date="2006/10/21"
Modified: openldap/trunk-2.3/clients/tools/ldapsearch.c
===================================================================
--- openldap/trunk-2.3/clients/tools/ldapsearch.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/clients/tools/ldapsearch.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* ldapsearch -- a tool for searching LDAP directories */
-/* $OpenLDAP: pkg/ldap/clients/tools/ldapsearch.c,v 1.207.2.9 2006/01/07 18:59:16 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/clients/tools/ldapsearch.c,v 1.207.2.10 2006/08/25 02:51:46 kurt Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -611,12 +611,32 @@
}
if ( infile != NULL ) {
+ int percent = 0;
+
if ( infile[0] == '-' && infile[1] == '\0' ) {
fp = stdin;
} else if (( fp = fopen( infile, "r" )) == NULL ) {
perror( infile );
return EXIT_FAILURE;
}
+
+ for( i=0 ; filtpattern[i] ; i++ ) {
+ if( filtpattern[i] == '%' ) {
+ if( percent ) {
+ fprintf( stderr, _("Bad filter pattern \"%s\"\n"),
+ filtpattern );
+ return EXIT_FAILURE;
+ }
+
+ percent++;
+
+ if( filtpattern[i+1] != 's' ) {
+ fprintf( stderr, _("Bad filter pattern \"%s\"\n"),
+ filtpattern );
+ return EXIT_FAILURE;
+ }
+ }
+ }
}
if ( tmpdir == NULL ) {
Modified: openldap/trunk-2.3/debian/changelog
===================================================================
--- openldap/trunk-2.3/debian/changelog 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/debian/changelog 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,13 +1,14 @@
-openldap2.3 (2.3.27-2) unstable; urgency=low
+openldap2.3 (2.3.28-1) unstable; urgency=low
[ Matthijs Mohlmann ]
+ * New upstream release.
* LSB section added to the init script.
* Added patch to fix a Denial of Service through a certain combination of
LDAP BIND requests. (Fixes CVE-2006-5779) (Closes: #397673)
* Updated README.Debian about running as non-root user (Closes: #389369)
* Updated de translation (Closes: #396096)
- -- Matthijs Mohlmann <matthijs at cacholong.nl> Thu, 9 Nov 2006 21:10:01 +0100
+ -- Matthijs Mohlmann <matthijs at cacholong.nl> Thu, 9 Nov 2006 21:57:37 +0100
openldap2.3 (2.3.27-1) unstable; urgency=low
Modified: openldap/trunk-2.3/doc/man/man1/ldapsearch.1
===================================================================
--- openldap/trunk-2.3/doc/man/man1/ldapsearch.1 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/doc/man/man1/ldapsearch.1 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
.TH LDAPSEARCH 1 "RELEASEDATE" "OpenLDAP LDVERSION"
-.\" $OpenLDAP: pkg/ldap/doc/man/man1/ldapsearch.1,v 1.49.2.7 2006/07/31 18:22:07 quanah Exp $
+.\" $OpenLDAP: pkg/ldap/doc/man/man1/ldapsearch.1,v 1.49.2.9 2006/10/07 19:11:18 hyc Exp $
.\" Copyright 1998-2006 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
@@ -13,18 +13,26 @@
[\c
.BR \-v ]
[\c
-.BR \-t ]
+.BR \-t[t] ]
[\c
+.BI \-T \ path\fR]
+[\c
+.BI \-F \ prefix\fR]
+[\c
.BR \-A ]
[\c
.BR \-L[L[L]] ]
[\c
.BR \-M[M] ]
[\c
+.BI \-S \ attribute\fR]
+[\c
.BI \-d \ debuglevel\fR]
[\c
.BI \-f \ file\fR]
[\c
+.BR \-x ]
+[\c
.BI \-D \ binddn\fR]
[\c
.BR \-W ]
@@ -39,14 +47,18 @@
[\c
.BI \-p \ ldapport\fR]
[\c
-.BI \-P \ 2\fR\||\|\fI3\fR]
-[\c
.BI \-b \ searchbase\fR]
[\c
.BI \-s \ base\fR\||\|\fIone\fR\||\|\fIsub\fR\||\|\fIchildren\fR]
[\c
.BI \-a \ never\fR\||\|\fIalways\fR\||\|\fIsearch\fR\||\|\fIfind\fR]
[\c
+.BI \-P \ 2\fR\||\|\fI3\fR]
+[\c
+.BR \-e \ [!]ext[=extparam]]
+[\c
+.BR \-E \ [!]ext[=extparam]]
+[\c
.BI \-l \ timelimit\fR]
[\c
.BI \-z \ sizelimit\fR]
@@ -61,8 +73,6 @@
[\c
.BI \-R \ realm\fR]
[\c
-.BR \-x ]
-[\c
.BI \-X \ authzid\fR]
[\c
.BI \-Y \ mech\fR]
@@ -74,13 +84,13 @@
.SH DESCRIPTION
.I ldapsearch
is a shell-accessible interface to the
-.BR ldap_search (3)
+.BR ldap_search_ext (3)
library call.
.LP
.B ldapsearch
opens a connection to an LDAP server, binds, and performs a search
using specified parameters. The \fIfilter\fP should conform to
-the string representation for search filters as defined in RFC 2254.
+the string representation for search filters as defined in RFC 4515.
If not provided, the default filter, (objectClass=*), is used.
.LP
If
@@ -103,11 +113,20 @@
.B \-v
Run in verbose mode, with many diagnostics written to standard output.
.TP
-.B \-t
-Write retrieved non-printable values to a set of temporary files. This
-is useful for dealing with values containing non-character data such as
-jpegPhoto or audio.
+.B \-t[t]
+A single -t writes retrieved non-printable values to a set of temporary
+files. This is useful for dealing with values containing non-character
+data such as jpegPhoto or audio. A second -t writes all retrieved values to
+files.
.TP
+.BI \-T \ path
+Write temporary files to directory specified by \fIpath\fP (default:
+/var/tmp/)
+.TP
+.BI \-F \ prefix
+URL prefix for temporary files. Default is file://\fIpath\fP/ where
+\fIpath\fP is /var/tmp/ or specified with -T.
+.TP
.B \-A
Retrieve attributes only (no values). This is useful when you just want to
see if an attribute is present in an entry and are not interested in the
@@ -146,9 +165,13 @@
.BI \-f \ file
Read a series of lines from \fIfile\fP, performing one LDAP search for
each line. In this case, the \fIfilter\fP given on the command line
-is treated as a pattern where the first occurrence of \fB%s\fP is
-replaced with a line from \fIfile\fP. If \fIfile\fP is a single \fI-\fP
-character, then the lines are read from standard input.
+is treated as a pattern where the first and only occurrence of \fB%s\fP
+is replaced with a line from \fIfile\fP. Any other occurence of the
+the \fB%\fP character in the pattern will be regarded as an error.
+Where it is desired that the search filter include a \fB%\fP character,
+the character should be encoded as \fB\\25\fP (see RFC 4515).
+If \fIfile\fP is a single
+\fI-\fP character, then the lines are read from standard input.
.TP
.B \-x
Use simple authentication instead of SASL.
@@ -212,6 +235,35 @@
.BI \-P \ 2\fR\||\|\fI3
Specify the LDAP protocol version to use.
.TP
+.B \-e \fI[!]ext[=extparam]\fP
+.TP
+.B \-E \fI[!]ext[=extparam]\fP
+
+Specify general extensions with -e and search extensions with -E.
+\'!\' indicates criticality.
+
+General extensions:
+.nf
+ [!]assert=<filter> (an RFC 4515 Filter)
+ [!]authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]manageDSAit
+ [!]noop
+ ppolicy
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
+ abandon, cancel (SIGINT sends abandon/cancel; not really controls)
+.fi
+
+Search extensions:
+.nf
+ [!]domainScope (domain scope)
+ [!]mv=<filter> (matched values filter)
+ [!]pr=<size>[/prompt|noprompt] (paged results/prompt)
+ [!]subentries[=true|false] (subentries)
+ [!]sync=ro[/<cookie>] (LDAP Sync refreshOnly)
+ rp[/<cookie>][/<slimit>] (LDAP Sync refreshAndPersist)
+.fi
+.TP
.BI \-l \ timelimit
wait at most \fItimelimit\fP seconds for a search to complete.
A timelimit of
@@ -396,11 +448,9 @@
.BR ldap.conf (5),
.BR ldif (5),
.BR ldap (3),
-.BR ldap_search (3)
+.BR ldap_search_ext (3),
+.BR ldap_sort (3)
.SH AUTHOR
The OpenLDAP Project <http://www.openldap.org/>
.SH ACKNOWLEDGEMENTS
-.B OpenLDAP
-is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
-.B OpenLDAP
-is derived from University of Michigan LDAP 3.3 Release.
+.so ../Project
Modified: openldap/trunk-2.3/doc/man/man5/slapd.access.5
===================================================================
--- openldap/trunk-2.3/doc/man/man5/slapd.access.5 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/doc/man/man5/slapd.access.5 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,7 +1,7 @@
.TH SLAPD.ACCESS 5 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" Copyright 1998-2006 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
-.\" $OpenLDAP: pkg/ldap/doc/man/man5/slapd.access.5,v 1.55.2.8 2006/05/27 08:58:52 hyc Exp $
+.\" $OpenLDAP: pkg/ldap/doc/man/man5/slapd.access.5,v 1.55.2.9 2006/10/10 11:36:55 kurt Exp $
.SH NAME
slapd.access \- access configuration for slapd, the stand-alone LDAP daemon
.SH SYNOPSIS
@@ -67,7 +67,7 @@
.SH THE ACCESS DIRECTIVE
The structure of the access control directives is
.TP
-.B access to <what> "[ by <who> <access> [ <control> ] ]+"
+.B access to <what> "[ by <who> [ <access> ] [ <control> ] ]+"
Grant access (specified by
.BR <access> )
to a set of entries and/or attributes (specified by
@@ -81,7 +81,7 @@
It can have the forms
.LP
.nf
- [dn[.<dnstyle>]=]<dnpattern>
+ dn[.<dnstyle>]=<dnpattern>
filter=<ldapfilter>
attrs=<attrlist>[ val[/matchingRule][.<attrstyle>]=<attrval>]
.fi
@@ -99,9 +99,6 @@
The statement
.B dn=<dnpattern>
selects the entries based on their naming context.
-The
-.B dn=
-part is optional.
The
.B <dnpattern>
is a string representation of the entry's DN.
@@ -113,11 +110,7 @@
.LP
The
.B <dnstyle>
-is also optional; however, it is recommended to specify both the
-.B dn=
-and the
-.B <dnstyle>
-to avoid ambiguities.
+is optional; however, it is recommended to specify it to avoid ambiguities.
.B Base
(synonym of
.BR baseObject ),
Modified: openldap/trunk-2.3/doc/man/man5/slapd.conf.5
===================================================================
--- openldap/trunk-2.3/doc/man/man5/slapd.conf.5 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/doc/man/man5/slapd.conf.5 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,7 +1,7 @@
.TH SLAPD.CONF 5 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" Copyright 1998-2006 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
-.\" $OpenLDAP: pkg/ldap/doc/man/man5/slapd.conf.5,v 1.191.2.22 2006/07/31 23:09:53 quanah Exp $
+.\" $OpenLDAP: pkg/ldap/doc/man/man5/slapd.conf.5,v 1.191.2.23 2006/10/06 00:01:45 quanah Exp $
.SH NAME
slapd.conf \- configuration file for slapd, the stand-alone LDAP daemon
.SH SYNOPSIS
@@ -213,7 +213,7 @@
.I authzTo
describes an
.B identity
-or a set of identities; it can take three forms:
+or a set of identities; it can take five forms:
.RS
.TP
.B ldap:///<base>??[<scope>]?<filter>
Modified: openldap/trunk-2.3/include/ac/stdlib.h
===================================================================
--- openldap/trunk-2.3/include/ac/stdlib.h 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/include/ac/stdlib.h 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* Generic stdlib.h */
-/* $OpenLDAP: pkg/ldap/include/ac/stdlib.h,v 1.17.2.2 2006/01/03 22:16:07 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/include/ac/stdlib.h,v 1.17.2.3 2006/10/20 16:52:46 kurt Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -35,4 +35,14 @@
# define EXIT_FAILURE 1
#endif
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
+
+#if defined(LINE_MAX)
+# define AC_LINE_MAX LINE_MAX
+#else
+# define AC_LINE_MAX 2048 /* POSIX MIN */
+#endif
+
#endif /* _AC_STDLIB_H */
Modified: openldap/trunk-2.3/libraries/libldap/init.c
===================================================================
--- openldap/trunk-2.3/libraries/libldap/init.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/libraries/libldap/init.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/libraries/libldap/init.c,v 1.93.2.9 2006/04/03 19:49:54 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/libldap/init.c,v 1.93.2.11 2006/10/20 16:52:47 kurt Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -116,7 +116,7 @@
static void openldap_ldap_init_w_conf(
const char *file, int userconf )
{
- char linebuf[128];
+ char linebuf[ AC_LINE_MAX ];
FILE *fp;
int i;
char *cmd, *opt;
Modified: openldap/trunk-2.3/libraries/libldap/os-ip.c
===================================================================
--- openldap/trunk-2.3/libraries/libldap/os-ip.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/libraries/libldap/os-ip.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* os-ip.c -- platform-specific TCP & UDP related code */
-/* $OpenLDAP: pkg/ldap/libraries/libldap/os-ip.c,v 1.108.2.10 2006/01/03 22:16:08 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/libldap/os-ip.c,v 1.108.2.11 2006/10/21 04:56:53 kurt Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -123,20 +123,31 @@
static int
ldap_int_prepare_socket(LDAP *ld, int s, int proto )
{
- osip_debug(ld, "ldap_prepare_socket: %d\n", s,0,0);
+ osip_debug( ld, "ldap_prepare_socket: %d\n", s, 0, 0 );
+#if defined( SO_KEEPALIVE ) || defined( TCP_NODELAY )
+ if ( proto == LDAP_PROTO_TCP ) {
+ int dummy = 1;
+#ifdef SO_KEEPALIVE
+ if ( setsockopt( s, SOL_SOCKET, SO_KEEPALIVE,
+ (char*) &dummy, sizeof(dummy) ) == AC_SOCKET_ERROR )
+ {
+ osip_debug( ld, "ldap_prepare_socket: "
+ "setsockopt(%d, SO_KEEPALIVE) failed (ignored).\n",
+ s, 0, 0 );
+ }
+#endif /* SO_KEEPALIVE */
#ifdef TCP_NODELAY
- if( proto == LDAP_PROTO_TCP ) {
- int dummy = 1;
if ( setsockopt( s, IPPROTO_TCP, TCP_NODELAY,
(char*) &dummy, sizeof(dummy) ) == AC_SOCKET_ERROR )
{
- osip_debug(ld, "ldap_prepare_socket: "
+ osip_debug( ld, "ldap_prepare_socket: "
"setsockopt(%d, TCP_NODELAY) failed (ignored).\n",
- s, 0, 0);
+ s, 0, 0 );
}
+#endif /* TCP_NODELAY */
}
-#endif
+#endif /* SO_KEEPALIVE || TCP_NODELAY */
return 0;
}
Modified: openldap/trunk-2.3/libraries/liblutil/ldif.c
===================================================================
--- openldap/trunk-2.3/libraries/liblutil/ldif.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/libraries/liblutil/ldif.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* ldif.c - routines for dealing with LDIF files */
-/* $OpenLDAP: pkg/ldap/libraries/liblutil/ldif.c,v 1.2.2.8 2006/04/03 19:49:55 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/liblutil/ldif.c,v 1.2.2.9 2006/10/07 20:19:22 hyc Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -822,7 +822,8 @@
if ( last_ch == '\n' ) {
(*lno)++;
- if ( line[0] == '\n' ) {
+ if ( line[0] == '\n' ||
+ ( line[0] == '\r' && line[1] == '\n' )) {
if ( !found_entry ) {
lcur = 0;
top_comment = 0;
Modified: openldap/trunk-2.3/libraries/librewrite/ldapmap.c
===================================================================
--- openldap/trunk-2.3/libraries/librewrite/ldapmap.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/libraries/librewrite/ldapmap.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/libraries/librewrite/ldapmap.c,v 1.9.2.3 2006/01/03 22:16:11 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/librewrite/ldapmap.c,v 1.9.2.4 2006/09/23 10:33:42 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2000-2006 The OpenLDAP Foundation.
@@ -155,7 +155,7 @@
data->lm_binddn[ l ] = '\0';
}
} else if ( strncasecmp( argv[ 0 ], "bindpw=", 7 ) == 0 ) {
- data->lm_bindpw = strdup( argv[ 2 ] + 7 );
+ data->lm_bindpw = strdup( argv[ 0 ] + 7 );
if ( data->lm_bindpw == NULL ) {
map_ldap_free( data );
return NULL;
Modified: openldap/trunk-2.3/libraries/librewrite/map.c
===================================================================
--- openldap/trunk-2.3/libraries/librewrite/map.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/libraries/librewrite/map.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/libraries/librewrite/map.c,v 1.18.2.3 2006/01/03 22:16:11 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/librewrite/map.c,v 1.18.2.4 2006/09/23 14:11:06 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2000-2006 The OpenLDAP Foundation.
@@ -354,7 +354,12 @@
( struct rewrite_context * )map->lm_data,
key->bv_val, &val->bv_val );
if ( val->bv_val != NULL ) {
- val->bv_len = strlen( val->bv_val );
+ if ( val->bv_val == key->bv_val ) {
+ val->bv_len = key->bv_len;
+ key->bv_val = NULL;
+ } else {
+ val->bv_len = strlen( val->bv_val );
+ }
}
break;
Modified: openldap/trunk-2.3/servers/slapd/aclparse.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/aclparse.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/aclparse.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* aclparse.c - routines to parse and check acl's */
-/* $OpenLDAP: pkg/ldap/servers/slapd/aclparse.c,v 1.145.2.19 2006/04/05 20:07:02 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/aclparse.c,v 1.145.2.20 2006/10/10 11:36:55 kurt Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -2266,9 +2266,9 @@
{
char *access =
"<access clause> ::= access to <what> "
- "[ by <who> <access> [ <control> ] ]+ \n";
+ "[ by <who> [ <access> ] [ <control> ] ]+ \n";
char *what =
- "<what> ::= * | [dn[.<dnstyle>]=<DN>] [filter=<filter>] [attrs=<attrspec>]\n"
+ "<what> ::= * | dn[.<dnstyle>=<DN>] [filter=<filter>] [attrs=<attrspec>]\n"
"<attrspec> ::= <attrname> [val[/<matchingRule>][.<attrstyle>]=<value>] | <attrlist>\n"
"<attrlist> ::= <attr> [ , <attrlist> ]\n"
"<attr> ::= <attrname> | @<objectClass> | !<objectClass> | entry | children\n";
Modified: openldap/trunk-2.3/servers/slapd/back-bdb/cache.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-bdb/cache.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-bdb/cache.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* cache.c - routines to maintain an in-core cache of entries */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-bdb/cache.c,v 1.88.2.17 2006/07/28 13:01:37 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-bdb/cache.c,v 1.88.2.18 2006/08/26 21:11:48 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2000-2006 The OpenLDAP Foundation.
@@ -707,6 +707,7 @@
&ep->e_nname, eip );
if ( *eip ) islocked = 1;
if ( rc ) {
+ ep->e_private = NULL;
#ifdef SLAP_ZONE_ALLOC
bdb_entry_return( bdb, ep, (*eip)->bei_zseq );
#else
@@ -811,6 +812,7 @@
bdb_cache_entryinfo_unlock( *eip );
}
if ( ep ) {
+ ep->e_private = NULL;
#ifdef SLAP_ZONE_ALLOC
bdb_entry_return( bdb, ep, (*eip)->bei_zseq );
#else
Modified: openldap/trunk-2.3/servers/slapd/back-ldap/add.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-ldap/add.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-ldap/add.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* add.c - ldap backend add function */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/add.c,v 1.53.2.7 2006/01/03 22:16:18 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/add.c,v 1.53.2.8 2006/09/26 12:54:26 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2006 The OpenLDAP Foundation.
@@ -92,6 +92,7 @@
}
attrs[ i ] = NULL;
+retry:
ctrls = op->o_ctrls;
rs->sr_err = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );
if ( rs->sr_err != LDAP_SUCCESS ) {
@@ -99,7 +100,6 @@
goto cleanup;
}
-retry:
rs->sr_err = ldap_add_ext( lc->lc_ld, op->o_req_dn.bv_val, attrs,
ctrls, NULL, &msgid );
rs->sr_err = ldap_back_op_result( lc, op, rs, msgid,
@@ -107,6 +107,8 @@
if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
do_retry = 0;
if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ /* if the identity changed, there might be need to re-authz */
+ (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
goto retry;
}
}
Modified: openldap/trunk-2.3/servers/slapd/back-ldap/compare.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-ldap/compare.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-ldap/compare.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* compare.c - ldap backend compare function */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/compare.c,v 1.52.2.7 2006/04/05 21:53:26 ando Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/compare.c,v 1.52.2.8 2006/09/26 12:54:26 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2003-2006 The OpenLDAP Foundation.
@@ -48,6 +48,7 @@
goto cleanup;
}
+retry:
ctrls = op->o_ctrls;
rc = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );
if ( rc != LDAP_SUCCESS ) {
@@ -55,7 +56,6 @@
goto cleanup;
}
-retry:
rs->sr_err = ldap_compare_ext( lc->lc_ld, op->o_req_dn.bv_val,
op->orc_ava->aa_desc->ad_cname.bv_val,
&op->orc_ava->aa_value,
@@ -64,6 +64,8 @@
if ( rc == LDAP_UNAVAILABLE && do_retry ) {
do_retry = 0;
if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ /* if the identity changed, there might be need to re-authz */
+ (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
goto retry;
}
}
Modified: openldap/trunk-2.3/servers/slapd/back-ldap/delete.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-ldap/delete.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-ldap/delete.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* delete.c - ldap backend delete function */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/delete.c,v 1.37.2.8 2006/04/05 21:53:26 ando Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/delete.c,v 1.37.2.9 2006/09/26 12:54:26 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2003-2006 The OpenLDAP Foundation.
@@ -50,6 +50,7 @@
return rs->sr_err;
}
+retry:
ctrls = op->o_ctrls;
rc = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );
if ( rc != LDAP_SUCCESS ) {
@@ -58,7 +59,6 @@
goto cleanup;
}
-retry:
rs->sr_err = ldap_delete_ext( lc->lc_ld, op->o_req_dn.bv_val,
ctrls, NULL, &msgid );
rc = ldap_back_op_result( lc, op, rs, msgid,
@@ -66,6 +66,8 @@
if ( rs->sr_err == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ /* if the identity changed, there might be need to re-authz */
+ (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
goto retry;
}
}
Modified: openldap/trunk-2.3/servers/slapd/back-ldap/modify.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-ldap/modify.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-ldap/modify.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* modify.c - ldap backend modify function */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/modify.c,v 1.58.2.10 2006/04/05 21:53:26 ando Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/modify.c,v 1.58.2.11 2006/09/26 12:54:26 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2006 The OpenLDAP Foundation.
@@ -98,6 +98,7 @@
}
modv[ i ] = 0;
+retry:;
ctrls = op->o_ctrls;
rc = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );
if ( rc != LDAP_SUCCESS ) {
@@ -106,7 +107,6 @@
goto cleanup;
}
-retry:
rs->sr_err = ldap_modify_ext( lc->lc_ld, op->o_req_dn.bv_val, modv,
ctrls, NULL, &msgid );
rc = ldap_back_op_result( lc, op, rs, msgid,
@@ -114,6 +114,8 @@
if ( rs->sr_err == LDAP_UNAVAILABLE && do_retry ) {
do_retry = 0;
if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ /* if the identity changed, there might be need to re-authz */
+ (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
goto retry;
}
}
Modified: openldap/trunk-2.3/servers/slapd/back-ldap/modrdn.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-ldap/modrdn.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-ldap/modrdn.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* modrdn.c - ldap backend modrdn function */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/modrdn.c,v 1.38.2.9 2006/05/09 20:00:37 ando Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/modrdn.c,v 1.38.2.10 2006/09/26 12:54:26 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2006 The OpenLDAP Foundation.
@@ -73,6 +73,7 @@
newSup = op->orr_newSup->bv_val;
}
+retry:
ctrls = op->o_ctrls;
rc = ldap_back_proxy_authz_ctrl( lc, op, rs, &ctrls );
if ( rc != LDAP_SUCCESS ) {
@@ -81,7 +82,6 @@
goto cleanup;
}
-retry:
rs->sr_err = ldap_rename( lc->lc_ld, op->o_req_dn.bv_val,
op->orr_newrdn.bv_val, newSup,
op->orr_deleteoldrdn, ctrls, NULL, &msgid );
@@ -90,6 +90,8 @@
if ( rs->sr_err == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
if ( ldap_back_retry( &lc, op, rs, LDAP_BACK_SENDERR ) ) {
+ /* if the identity changed, there might be need to re-authz */
+ (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
goto retry;
}
}
Modified: openldap/trunk-2.3/servers/slapd/back-ldap/search.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-ldap/search.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-ldap/search.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* search.c - ldap backend search function */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/search.c,v 1.148.2.30 2006/05/16 20:38:16 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/search.c,v 1.148.2.31 2006/09/26 12:54:26 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2006 The OpenLDAP Foundation.
@@ -765,13 +765,13 @@
*ptr++ = '\0';
}
+retry:
ctrls = op->o_ctrls;
rc = ldap_back_proxy_authz_ctrl( lc, op, &rs, &ctrls );
if ( rc != LDAP_SUCCESS ) {
goto cleanup;
}
-retry:
rc = ldap_search_ext_s( lc->lc_ld, ndn->bv_val, LDAP_SCOPE_BASE, filter,
attrp, 0, ctrls, NULL,
NULL, LDAP_NO_LIMIT, &result );
@@ -779,6 +779,8 @@
if ( rc == LDAP_SERVER_DOWN && do_retry ) {
do_retry = 0;
if ( ldap_back_retry( &lc, op, &rs, LDAP_BACK_DONTSEND ) ) {
+ /* if the identity changed, there might be need to re-authz */
+ (void)ldap_back_proxy_authz_ctrl_free( op, &ctrls );
goto retry;
}
}
Modified: openldap/trunk-2.3/servers/slapd/back-meta/search.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-meta/search.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-meta/search.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-meta/search.c,v 1.84.2.24 2006/04/04 22:55:21 ando Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-meta/search.c,v 1.84.2.25 2006/10/14 07:31:09 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2006 The OpenLDAP Foundation.
@@ -154,16 +154,16 @@
*/
dc->ctx = "searchBase";
switch ( ldap_back_dn_massage( dc, &realbase, &mbase ) ) {
- default:
+ case LDAP_SUCCESS:
break;
- case REWRITE_REGEXEC_UNWILLING:
+ case LDAP_UNWILLING_TO_PERFORM:
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
rs->sr_text = "Operation not allowed";
send_ldap_result( op, rs );
return META_SEARCH_ERR;
- case REWRITE_REGEXEC_ERR:
+ default:
/*
* this target is no longer candidate
Modified: openldap/trunk-2.3/servers/slapd/back-monitor/search.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-monitor/search.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-monitor/search.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* search.c - monitor backend search function */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-monitor/search.c,v 1.32.2.5 2006/01/03 22:16:21 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-monitor/search.c,v 1.32.2.6 2006/09/08 22:15:11 ando Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2001-2006 The OpenLDAP Foundation.
@@ -35,8 +35,7 @@
Operation *op,
SlapReply *rs,
Entry *e_parent,
- int sub
-)
+ int sub )
{
monitor_info_t *mi = ( monitor_info_t * )op->o_bd->be_private;
Entry *e,
@@ -234,7 +233,9 @@
break;
case LDAP_SCOPE_ONELEVEL:
- rc = monitor_send_children( op, rs, e, 0 );
+ case LDAP_SCOPE_SUBORDINATE:
+ rc = monitor_send_children( op, rs, e,
+ op->oq_search.rs_scope == LDAP_SCOPE_SUBORDINATE );
break;
case LDAP_SCOPE_SUBTREE:
@@ -249,6 +250,10 @@
rc = monitor_send_children( op, rs, e, 1 );
break;
+
+ default:
+ rc = LDAP_UNWILLING_TO_PERFORM;
+ monitor_cache_release( mi, e );
}
rs->sr_attrs = NULL;
Modified: openldap/trunk-2.3/servers/slapd/back-perl/bind.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-perl/bind.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-perl/bind.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-perl/bind.c,v 1.22.2.2 2006/01/03 22:16:22 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-perl/bind.c,v 1.22.2.3 2006/09/20 17:47:46 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2006 The OpenLDAP Foundation.
@@ -32,7 +32,7 @@
PerlBackend *perl_back = (PerlBackend *) op->o_bd->be_private;
-#ifdef HAVE_WIN32_ASPERL
+#if defined(HAVE_WIN32_ASPERL) || defined(USE_ITHREADS)
PERL_SET_CONTEXT( PERL_INTERPRETER );
#endif
Modified: openldap/trunk-2.3/servers/slapd/back-perl/init.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-perl/init.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-perl/init.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-perl/init.c,v 1.40.2.3 2006/01/03 22:16:22 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-perl/init.c,v 1.40.2.4 2006/09/20 17:47:46 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2006 The OpenLDAP Foundation.
@@ -35,7 +35,9 @@
BackendInfo *bi
)
{
- bi->bi_open = perl_back_open;
+ char *embedding[] = { "", "-e", "0" };
+
+ bi->bi_open = NULL;
bi->bi_config = 0;
bi->bi_close = perl_back_close;
bi->bi_destroy = 0;
@@ -63,16 +65,7 @@
bi->bi_connection_init = 0;
bi->bi_connection_destroy = 0;
- return 0;
-}
-
-int
-perl_back_open(
- BackendInfo *bi
-)
-{
- char *embedding[] = { "", "-e", "0" };
-
+ /* injecting code from perl_back_open, because using fonction reference (bi->bi_open) is not functional */
Debug( LDAP_DEBUG_TRACE, "perl backend open\n", 0, 0, 0 );
if( PERL_INTERPRETER != NULL ) {
Modified: openldap/trunk-2.3/servers/slapd/back-perl/modify.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-perl/modify.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-perl/modify.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-perl/modify.c,v 1.21.2.2 2006/01/03 22:16:22 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-perl/modify.c,v 1.21.2.3 2006/09/20 17:43:25 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2006 The OpenLDAP Foundation.
@@ -63,6 +63,11 @@
{
XPUSHs(sv_2mortal(newSVpv( mods->sm_values[i].bv_val, 0 )));
}
+
+ /* Fix delete attrib without value. */
+ if ( i == 0) {
+ XPUSHs(sv_newmortal());
+ }
}
PUTBACK;
Modified: openldap/trunk-2.3/servers/slapd/back-perl/proto-perl.h
===================================================================
--- openldap/trunk-2.3/servers/slapd/back-perl/proto-perl.h 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/back-perl/proto-perl.h 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-perl/proto-perl.h,v 1.2.2.3 2006/01/03 22:16:22 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-perl/proto-perl.h,v 1.2.2.4 2006/09/20 17:47:46 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2006 The OpenLDAP Foundation.
@@ -22,7 +22,6 @@
extern BI_init perl_back_initialize;
-extern BI_open perl_back_open;
extern BI_close perl_back_close;
extern BI_db_init perl_back_db_init;
Modified: openldap/trunk-2.3/servers/slapd/backend.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/backend.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/backend.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* backend.c - routines for dealing with back-end databases */
-/* $OpenLDAP: pkg/ldap/servers/slapd/backend.c,v 1.288.2.23 2006/04/04 22:34:42 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/backend.c,v 1.288.2.24 2006/09/20 17:11:57 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -248,7 +248,8 @@
return rc;
}
}
-
+ /* append global access controls */
+ acl_append( &be->be_acl, frontendDB->be_acl, -1 );
return backend_startup_one( be );
}
Modified: openldap/trunk-2.3/servers/slapd/bind.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/bind.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/bind.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* bind.c - decode an ldap bind operation and pass it to a backend db */
-/* $OpenLDAP: pkg/ldap/servers/slapd/bind.c,v 1.189.2.9 2006/07/28 13:01:36 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/bind.c,v 1.189.2.10 2006/09/20 17:21:41 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -233,9 +233,6 @@
goto cleanup;
}
- /* Set the bindop for the benefit of in-directory SASL lookups */
- op->o_conn->c_sasl_bindop = op;
-
if ( op->orb_method == LDAP_AUTH_SASL ) {
if ( op->o_protocol < LDAP_VERSION3 ) {
Debug( LDAP_DEBUG_ANY, "do_bind: sasl with LDAPv%ld\n",
@@ -270,6 +267,10 @@
} else {
ber_dupbv(&op->o_conn->c_sasl_bind_mech, &mech);
}
+
+ /* Set the bindop for the benefit of in-directory SASL lookups */
+ op->o_conn->c_sasl_bindop = op;
+
ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex );
rs->sr_err = slap_sasl_bind( op, rs );
Modified: openldap/trunk-2.3/servers/slapd/config.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/config.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/config.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* config.c - configuration file handling routines */
-/* $OpenLDAP: pkg/ldap/servers/slapd/config.c,v 1.341.2.21 2006/02/13 17:28:42 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/config.c,v 1.341.2.22 2006/10/20 16:52:47 kurt Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -1120,7 +1120,7 @@
int
slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0 )
{
- char buf[BUFSIZ], *ptr;
+ char buf[AC_LINE_MAX], *ptr;
slap_cf_aux_table *tab;
struct berval tmp;
@@ -1307,7 +1307,7 @@
return( tmp );
}
-static char buf[BUFSIZ];
+static char buf[AC_LINE_MAX];
static char *line;
static size_t lmax, lcur;
@@ -1315,7 +1315,7 @@
do { \
size_t len = strlen( buf ); \
while ( lcur + len + 1 > lmax ) { \
- lmax += BUFSIZ; \
+ lmax += AC_LINE_MAX; \
line = (char *) ch_realloc( line, lmax ); \
} \
strcpy( line + lcur, buf ); \
Modified: openldap/trunk-2.3/servers/slapd/init.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/init.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/init.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* init.c - initialize various things */
-/* $OpenLDAP: pkg/ldap/servers/slapd/init.c,v 1.81.2.13 2006/05/09 17:29:12 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/init.c,v 1.81.2.14 2006/10/05 23:31:19 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -171,6 +171,8 @@
if( rc == 0 ) {
rc = backend_init( );
}
+ if ( rc )
+ return rc;
break;
Modified: openldap/trunk-2.3/servers/slapd/overlays/accesslog.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/overlays/accesslog.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/overlays/accesslog.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* accesslog.c - log operations for audit/history purposes */
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/accesslog.c,v 1.2.2.16 2006/08/15 05:20:54 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/accesslog.c,v 1.2.2.18 2006/10/07 19:45:08 hyc Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2005-2006 The OpenLDAP Foundation.
@@ -597,6 +597,14 @@
case SLAP_CONFIG_EMIT:
switch( c->type ) {
case LOG_DB:
+ if ( li->li_db == NULL ) {
+ snprintf( c->msg, sizeof( c->msg ),
+ "accesslog: \"logdb <suffix>\" must be specified" );
+ Debug( LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
+ c->log, c->msg, c->value_dn.bv_val );
+ rc = 1;
+ break;
+ }
value_add( &c->rvalue_vals, li->li_db->be_suffix );
value_add( &c->rvalue_nvals, li->li_db->be_nsuffix );
break;
@@ -626,7 +634,7 @@
case LOG_OLD:
if ( li->li_oldf ) {
filter2bv( li->li_oldf, &agebv );
- value_add_one( &c->rvalue_vals, &agebv );
+ ber_bvarray_add( &c->rvalue_vals, &agebv );
}
else
rc = 1;
@@ -674,7 +682,8 @@
case LOG_DB:
li->li_db = select_backend( &c->value_ndn, 0, 0 );
if ( !li->li_db ) {
- sprintf( c->msg, "<%s> no matching backend found for suffix",
+ snprintf( c->msg, sizeof( c->msg ),
+ "<%s> no matching backend found for suffix",
c->argv[0] );
Debug( LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
c->log, c->msg, c->value_dn.bv_val );
@@ -1318,6 +1327,8 @@
slap_overinst *on = (slap_overinst *)be->bd_info;
log_info *li = on->on_bi.bi_private;
+ if ( li->li_oldf )
+ filter_free( li->li_oldf );
ldap_pvt_thread_mutex_destroy( &li->li_log_mutex );
ldap_pvt_thread_mutex_destroy( &li->li_op_mutex );
free( li );
@@ -1339,6 +1350,13 @@
int rc;
void *thrctx;
+ if ( li->li_db == NULL ) {
+ Debug( LDAP_DEBUG_ANY,
+ "accesslog: \"logdb <suffix>\" must be specified.\n",
+ 0, 0, 0 );
+ return 1;
+ }
+
if ( slapMode & SLAP_TOOL_MODE )
return 0;
Modified: openldap/trunk-2.3/servers/slapd/overlays/ppolicy.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/overlays/ppolicy.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/overlays/ppolicy.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/ppolicy.c,v 1.31.2.24 2006/08/09 01:53:48 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/ppolicy.c,v 1.31.2.25 2006/10/06 16:54:22 hyc Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2004-2006 The OpenLDAP Foundation.
@@ -827,27 +827,13 @@
* we now check whether the password has expired.
*
* We can skip this bit if passwords don't age in
- * the policy.
+ * the policy. Also, if there was no pwdChangedTime
+ * attribute in the entry, the password never expires.
*/
if (ppb->pp.pwdMaxAge == 0) goto grace;
- if (pwtime == (time_t)-1) {
+ if (pwtime != (time_t)-1) {
/*
- * Hmm. No password changed time on the
- * entry. This is odd - it should have
- * been provided when the attribute was added.
- *
- * However, it's possible that it could be
- * missing if the DIT was established via
- * an import process.
- */
- Debug( LDAP_DEBUG_ANY,
- "ppolicy_bind: Entry %s does not have valid pwdChangedTime attribute - assuming password expired\n",
- e->e_name.bv_val, 0, 0);
-
- pwExpired = 1;
- } else {
- /*
* Check: was the last change time of
* the password older than the maximum age
* allowed. (Ignore case 2 from I-D, it's just silly.)
Modified: openldap/trunk-2.3/servers/slapd/overlays/translucent.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/overlays/translucent.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/overlays/translucent.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* translucent.c - translucent proxy module */
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/translucent.c,v 1.1.2.10 2006/05/09 17:43:12 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/translucent.c,v 1.1.2.11 2006/09/14 22:43:55 hyc Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2004-2006 The OpenLDAP Foundation.
@@ -296,11 +296,10 @@
m->sml_desc->ad_cname.bv_val, 0, 0);
for(mm = op->orm_modlist; mm->sml_next != m; mm = mm->sml_next);
mm->sml_next = m->sml_next;
- mm = m;
- m = m->sml_next;
- mm->sml_next = NULL; /* hack */
- slap_mods_free(mm, 1);
- if(m) continue;
+ m->sml_next = NULL;
+ slap_mods_free(m, 1);
+ m = mm;
+ continue;
}
m->sml_op = LDAP_MOD_ADD;
}
@@ -360,7 +359,7 @@
a = ch_calloc(1, sizeof(Attribute));
a->a_desc = m->sml_desc;
a->a_vals = m->sml_values;
- a->a_nvals = m->sml_nvalues;
+ a->a_nvals = m->sml_nvalues ? m->sml_nvalues : a->a_vals;
a->a_next = ax;
ax = a;
}
Modified: openldap/trunk-2.3/servers/slapd/schema/README
===================================================================
--- openldap/trunk-2.3/servers/slapd/schema/README 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/schema/README 2006-11-09 20:58:01 UTC (rev 733)
@@ -3,7 +3,6 @@
File Description
---- -----------
-collective.schema Collective attributes (experimental)
corba.schema Corba Object
core.schema OpenLDAP "core"
cosine.schema COSINE Pilot
@@ -67,4 +66,4 @@
---
-$OpenLDAP: pkg/ldap/servers/slapd/schema/README,v 1.23.2.4 2006/01/03 22:16:25 kurt Exp $
+$OpenLDAP: pkg/ldap/servers/slapd/schema/README,v 1.23.2.5 2006/08/26 15:19:43 kurt Exp $
Modified: openldap/trunk-2.3/servers/slapd/schema_init.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/schema_init.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/schema_init.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* schema_init.c - init builtin schema */
-/* $OpenLDAP: pkg/ldap/servers/slapd/schema_init.c,v 1.360.2.13 2006/01/03 22:16:15 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/schema_init.c,v 1.360.2.14 2006/10/05 23:41:13 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2006 The OpenLDAP Foundation.
@@ -2354,16 +2354,11 @@
* Integer conversion macros that will use the largest available
* type.
*/
-#if defined(HAVE_STRTOLL) && defined(LLONG_MAX) \
- && defined(LLONG_MIN) && defined(HAVE_LONG_LONG)
+#if defined(HAVE_STRTOLL) && defined(HAVE_LONG_LONG)
# define SLAP_STRTOL(n,e,b) strtoll(n,e,b)
-# define SLAP_LONG_MAX LLONG_MAX
-# define SLAP_LONG_MIN LLONG_MIN
# define SLAP_LONG long long
#else
# define SLAP_STRTOL(n,e,b) strtol(n,e,b)
-# define SLAP_LONG_MAX LONG_MAX
-# define SLAP_LONG_MIN LONG_MIN
# define SLAP_LONG long
#endif /* HAVE_STRTOLL ... */
@@ -2378,18 +2373,17 @@
{
SLAP_LONG lValue, lAssertedValue;
+ errno = 0;
/* safe to assume integers are NUL terminated? */
lValue = SLAP_STRTOL(value->bv_val, NULL, 10);
- if(( lValue == SLAP_LONG_MIN || lValue == SLAP_LONG_MAX) &&
- errno == ERANGE )
+ if( errno == ERANGE )
{
return LDAP_CONSTRAINT_VIOLATION;
}
lAssertedValue = SLAP_STRTOL(((struct berval *)assertedValue)->bv_val,
NULL, 10);
- if(( lAssertedValue == SLAP_LONG_MIN || lAssertedValue == SLAP_LONG_MAX ) &&
- errno == ERANGE )
+ if( errno == ERANGE )
{
return LDAP_CONSTRAINT_VIOLATION;
}
@@ -2409,18 +2403,17 @@
{
SLAP_LONG lValue, lAssertedValue;
+ errno = 0;
/* safe to assume integers are NUL terminated? */
lValue = SLAP_STRTOL(value->bv_val, NULL, 10);
- if(( lValue == SLAP_LONG_MIN || lValue == SLAP_LONG_MAX ) &&
- errno == ERANGE )
+ if( errno == ERANGE )
{
return LDAP_CONSTRAINT_VIOLATION;
}
lAssertedValue = SLAP_STRTOL( ((struct berval *)assertedValue)->bv_val,
NULL, 10);
- if(( lAssertedValue == SLAP_LONG_MIN || lAssertedValue == SLAP_LONG_MAX ) &&
- errno == ERANGE )
+ if( errno == ERANGE )
{
return LDAP_CONSTRAINT_VIOLATION;
}
Modified: openldap/trunk-2.3/servers/slapd/syncrepl.c
===================================================================
--- openldap/trunk-2.3/servers/slapd/syncrepl.c 2006-11-09 20:54:28 UTC (rev 732)
+++ openldap/trunk-2.3/servers/slapd/syncrepl.c 2006-11-09 20:58:01 UTC (rev 733)
@@ -1,5 +1,5 @@
/* syncrepl.c -- Replication Engine which uses the LDAP Sync protocol */
-/* $OpenLDAP: pkg/ldap/servers/slapd/syncrepl.c,v 1.168.2.36 2006/07/28 22:35:50 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/syncrepl.c,v 1.168.2.37 2006/10/06 00:01:06 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2003-2006 The OpenLDAP Foundation.
@@ -1389,6 +1389,9 @@
goto done;
op->orr_newSup = &psup;
op->orr_nnewSup = ⊅
+ } else {
+ op->orr_newSup = NULL;
+ op->orr_nnewSup = NULL;
}
op->orr_newrdn = prdn;
op->orr_nnewrdn = nrdn;
@@ -1868,6 +1871,9 @@
dnParent( &entry->e_name, &newp );
op->orr_newSup = &newp;
op->orr_nnewSup = &nnewp;
+ } else {
+ op->orr_newSup = NULL;
+ op->orr_nnewSup = NULL;
}
op->orr_deleteoldrdn = 0;
rc = be->be_modrdn( op, &rs_modify );
More information about the Pkg-openldap-devel
mailing list