]>
git.ipfire.org Git - thirdparty/openldap.git/log
Howard Chu [Fri, 12 Aug 2011 11:47:00 +0000 (04:47 -0700)]
Better defs for locker structures
Howard Chu [Fri, 12 Aug 2011 11:11:14 +0000 (04:11 -0700)]
Silence stupid warning
Howard Chu [Fri, 12 Aug 2011 06:20:16 +0000 (23:20 -0700)]
Add mdb_version()
Howard Chu [Fri, 12 Aug 2011 04:14:29 +0000 (21:14 -0700)]
Rationalize mdbenv namespace
Howard Chu [Fri, 12 Aug 2011 03:23:39 +0000 (20:23 -0700)]
Move MDB_VERSION to mdb.h, use major/minor/patch
Howard Chu [Fri, 12 Aug 2011 03:16:10 +0000 (20:16 -0700)]
Tweak MDB_val to match struct berval
Howard Chu [Fri, 12 Aug 2011 00:33:28 +0000 (17:33 -0700)]
Rename idl to midl
Howard Chu [Thu, 11 Aug 2011 22:03:33 +0000 (15:03 -0700)]
Add another FIXME comment
Howard Chu [Thu, 11 Aug 2011 21:56:54 +0000 (14:56 -0700)]
Add mtest2 and 3
Howard Chu [Thu, 11 Aug 2011 21:55:58 +0000 (14:55 -0700)]
Portability tweak
Howard Chu [Thu, 11 Aug 2011 21:35:52 +0000 (14:35 -0700)]
Make a shared library too
Howard Chu [Thu, 11 Aug 2011 21:23:01 +0000 (14:23 -0700)]
Start using as a library
Howard Chu [Thu, 11 Aug 2011 20:43:01 +0000 (13:43 -0700)]
Sorted dup fixes
Howard Chu [Thu, 11 Aug 2011 18:35:39 +0000 (11:35 -0700)]
Add MDB_INTEGERKEY db flag
Howard Chu [Thu, 11 Aug 2011 12:04:49 +0000 (05:04 -0700)]
Allow setting DB flags on main DB
Howard Chu [Thu, 11 Aug 2011 11:46:14 +0000 (04:46 -0700)]
Cleanup, add mdb_cursor_count()
Howard Chu [Thu, 11 Aug 2011 11:00:19 +0000 (04:00 -0700)]
More DB checks
Howard Chu [Thu, 11 Aug 2011 10:48:26 +0000 (03:48 -0700)]
Consolidate stat functions
Howard Chu [Thu, 11 Aug 2011 10:30:00 +0000 (03:30 -0700)]
Header cleanup
Howard Chu [Thu, 11 Aug 2011 10:23:22 +0000 (03:23 -0700)]
More subDB fixes
Howard Chu [Thu, 11 Aug 2011 08:36:12 +0000 (01:36 -0700)]
Parameter cleanup
Howard Chu [Thu, 11 Aug 2011 08:08:16 +0000 (01:08 -0700)]
Valgrind complaints
Howard Chu [Thu, 11 Aug 2011 07:33:27 +0000 (00:33 -0700)]
More subDB stuff
Howard Chu [Thu, 11 Aug 2011 06:38:50 +0000 (23:38 -0700)]
Make sure subDB info is saved after writes
Howard Chu [Thu, 11 Aug 2011 06:21:36 +0000 (23:21 -0700)]
Sorted dups basically completed, needs testing
Howard Chu [Thu, 11 Aug 2011 05:50:34 +0000 (22:50 -0700)]
Added cursor_get for sorted dups
Howard Chu [Thu, 11 Aug 2011 03:17:06 +0000 (20:17 -0700)]
Add mdb_get for sorted dups
Howard Chu [Thu, 11 Aug 2011 03:00:13 +0000 (20:00 -0700)]
Add mdb_del for sorted dups
Howard Chu [Thu, 11 Aug 2011 02:26:06 +0000 (19:26 -0700)]
Add mdb_put for sorted dups
Howard Chu [Wed, 10 Aug 2011 23:09:29 +0000 (16:09 -0700)]
Fix reader txn locking
Howard Chu [Wed, 10 Aug 2011 22:48:58 +0000 (15:48 -0700)]
Don't malloc the free_pgs list every time
Howard Chu [Wed, 10 Aug 2011 02:54:15 +0000 (19:54 -0700)]
Setup context for sorted dups
Howard Chu [Wed, 10 Aug 2011 01:56:08 +0000 (18:56 -0700)]
Add explicit md_dirty flag to dbxs
Howard Chu [Tue, 9 Aug 2011 10:26:45 +0000 (03:26 -0700)]
Add cursor_prev
Howard Chu [Tue, 9 Aug 2011 09:22:28 +0000 (02:22 -0700)]
Use BDB cursor terminology
Howard Chu [Tue, 9 Aug 2011 08:13:55 +0000 (01:13 -0700)]
Add some legalese
Note derived from Martin Hedenfalk's btree.c; the code
is significantly reworked but owes a lot to the original.
Howard Chu [Tue, 9 Aug 2011 00:15:02 +0000 (17:15 -0700)]
Additional debug, fixes
Fixed order of mdb_del0 operations
Drop in-memory free list from env on txn_abort
Howard Chu [Mon, 8 Aug 2011 12:41:50 +0000 (05:41 -0700)]
Save free-list in DB
Howard Chu [Mon, 8 Aug 2011 05:37:45 +0000 (22:37 -0700)]
More sub-db stuff
Howard Chu [Wed, 3 Aug 2011 22:09:45 +0000 (15:09 -0700)]
Use STAILQ instead of SIMPLEQ
For compat with ancient BSD. Will probably just copy <ldap_queue.h> instead.
Howard Chu [Wed, 3 Aug 2011 22:04:20 +0000 (15:04 -0700)]
More subdb stuff, add cursor_last()
Howard Chu [Wed, 3 Aug 2011 18:51:36 +0000 (11:51 -0700)]
Tweak mt_dbxs array
Howard Chu [Wed, 3 Aug 2011 10:29:15 +0000 (03:29 -0700)]
Fix free page re-use
Howard Chu [Wed, 3 Aug 2011 10:21:07 +0000 (03:21 -0700)]
Fixup metapage writes
Howard Chu [Wed, 3 Aug 2011 09:23:16 +0000 (02:23 -0700)]
Tweaks to txn handling
Howard Chu [Wed, 3 Aug 2011 08:41:54 +0000 (01:41 -0700)]
More subDBs, compiles now
Howard Chu [Wed, 3 Aug 2011 00:59:37 +0000 (17:59 -0700)]
Start DB restructuring
Howard Chu [Sun, 31 Jul 2011 09:38:34 +0000 (02:38 -0700)]
Replace ulong with ULONG macro
Howard Chu [Sun, 3 Jul 2011 11:22:10 +0000 (04:22 -0700)]
More prep for subdatabases
Howard Chu [Sun, 3 Jul 2011 03:44:24 +0000 (20:44 -0700)]
Tweak comment about overflow allocations
Howard Chu [Sun, 3 Jul 2011 03:15:54 +0000 (20:15 -0700)]
Use an environment directory
Go back to using an mmap'd lock file
Howard Chu [Fri, 1 Jul 2011 13:37:51 +0000 (06:37 -0700)]
No longer need -lssl
Howard Chu [Fri, 1 Jul 2011 13:25:36 +0000 (06:25 -0700)]
Fix db_stat stuff
Howard Chu [Fri, 1 Jul 2011 12:45:56 +0000 (05:45 -0700)]
More fixes for seeking
Howard Chu [Fri, 1 Jul 2011 10:56:09 +0000 (03:56 -0700)]
Re-use old pages
Hallvard Furuseth [Thu, 1 Sep 2011 11:43:55 +0000 (13:43 +0200)]
tests/data/: #bdb,hdb# -> #maindb/indexdb#.
Done for keywords index,limits. (Also do 'mode' if there were any cases.)
Change generated by: perl -i -pw0777e '
INIT { $q=qr/\#(?:[bh]|index|main)db\#/im; $k=qr/(?:index|limits|mode)\b/ }
0 while s/^$q($k.*\n)((?:$q.*\n)*?)\n?$q\1/\#maindb\#$1$2/imo;
s/^\#maindb\#index/\#indexdb\#index/igm;
' tests/data/*.* tests/data/regressions/*/*.*
Hallvard Furuseth [Thu, 1 Sep 2011 11:08:06 +0000 (13:08 +0200)]
tests: Add $MAINDB, $INDEXDB for [bhn]db tests.
Simplifies tests for the DB storage backends.
Adds indexing etc to ndb in some cases, to match bdb/hdb.
This also fixes some broken back-null/back-ldif settings.
Howard Chu [Thu, 1 Sep 2011 00:35:06 +0000 (17:35 -0700)]
Also track skipped (non-executable) tests
Howard Chu [Wed, 31 Aug 2011 22:15:39 +0000 (15:15 -0700)]
Add NOEXIT envvar to run all tests and tally failures
Howard Chu [Wed, 31 Aug 2011 02:14:56 +0000 (19:14 -0700)]
For test063
add hex timestamp to lutil_debug() output
Fix LASTMOD race condition in accesslog.c
Set refreshInterval even if using refreshAndPersist, since
fallbacks will use refresh params
Howard Chu [Sat, 27 Aug 2011 21:35:31 +0000 (14:35 -0700)]
Relax entry_header, zero-length entries are valid.
Howard Chu [Fri, 26 Aug 2011 23:56:18 +0000 (16:56 -0700)]
ITS#7029,#7031 More for prev commit
Howard Chu [Fri, 26 Aug 2011 21:31:35 +0000 (14:31 -0700)]
Fix moduleload path
Howard Chu [Fri, 26 Aug 2011 03:51:30 +0000 (20:51 -0700)]
ITS#7030 fix overlay_insert() with specific index
Howard Chu [Thu, 25 Aug 2011 21:47:23 +0000 (14:47 -0700)]
ITS#6983 fix duplicate entry in HDB subtree IDL
Howard Chu [Wed, 24 Aug 2011 23:09:37 +0000 (16:09 -0700)]
ITS#7029 fix uninit'd nvalue
Jan Vcelak [Wed, 24 Aug 2011 17:21:35 +0000 (19:21 +0200)]
ITS#7028 man: ldap_sync(3) ldap_sync_destroy type
Jan Vcelak [Wed, 24 Aug 2011 17:19:09 +0000 (19:19 +0200)]
ITS#7028 man: slapo-unique(5) quoting keywords
Francis Swasey [Thu, 18 Aug 2011 16:01:35 +0000 (12:01 -0400)]
ITS#7023 document TLSCACertificateFile in the man page as it is in the Admin Guide
Howard Chu [Wed, 24 Aug 2011 22:37:52 +0000 (15:37 -0700)]
ITS#7022 cleanup prev commit
Rich Megginson [Tue, 16 Aug 2011 18:01:16 +0000 (12:01 -0600)]
ITS#7022 NSS_Init* functions are not thread safe
The NSS_InitContext et. al, and their corresponding shutdown functions,
are not thread safe. There can only be one thread at a time calling
these functions. Protect the calls with a mutex. Create the mutex
using a PR_CallOnce to ensure that the mutex is only created once and
not used before created. Move the registration of the nss shutdown
callback to also use a PR_CallOnce. Removed the call to
SSL_ClearSessionCache() because it is always called at shutdown, and we must
not call it more than once.
Jan Vcelak [Tue, 9 Aug 2011 13:21:34 +0000 (15:21 +0200)]
ITS#7014 TLS: don't check hostname if reqcert is 'allow'
If server certificate hostname does not match the server hostname,
connection is closed even if client has set TLS_REQCERT to 'allow'. This
is wrong - the documentation says, that bad certificates are being
ignored when TLS_REQCERT is set to 'allow'.
Howard Chu [Wed, 24 Aug 2011 21:57:36 +0000 (14:57 -0700)]
More abandon paranoia
Howard Chu [Tue, 23 Aug 2011 20:48:59 +0000 (13:48 -0700)]
ITS#7025 handle Abandon in backglue
Howard Chu [Mon, 22 Aug 2011 21:05:58 +0000 (14:05 -0700)]
Don't replicate refint repair ops
Pierangelo Masarati [Mon, 22 Aug 2011 17:23:01 +0000 (11:23 -0600)]
release mutex only *after* backend connection initialization (ITS#6993)
Pierangelo Masarati [Mon, 22 Aug 2011 17:18:07 +0000 (11:18 -0600)]
further cleanup of ldapsearch response
Pierangelo Masarati [Mon, 22 Aug 2011 15:07:54 +0000 (09:07 -0600)]
referral is a legitimate result
Pierangelo Masarati [Mon, 22 Aug 2011 15:02:02 +0000 (09:02 -0600)]
make sure size limits are passed to ldapsearch
Pierangelo Masarati [Mon, 22 Aug 2011 14:43:21 +0000 (08:43 -0600)]
error messages from ldapsearch changed
Pierangelo Masarati [Sun, 21 Aug 2011 01:02:06 +0000 (19:02 -0600)]
add notes about pwdAllowUserChange (more about ITS#7021)
Pierangelo Masarati [Sun, 21 Aug 2011 00:50:33 +0000 (18:50 -0600)]
according to draft-behera, this attribute only affects password modifies by self (ITS#7021)
Howard Chu [Thu, 18 Aug 2011 08:52:52 +0000 (01:52 -0700)]
Pierangelo Masarati [Wed, 17 Aug 2011 18:56:55 +0000 (12:56 -0600)]
fix TTL tolerance (ITS#7017, patch by jvcelak@redhat.com)
Pierangelo Masarati [Wed, 17 Aug 2011 04:17:43 +0000 (22:17 -0600)]
make sure frontend gets the {-1} (ITS#7016)
Howard Chu [Tue, 16 Aug 2011 20:51:10 +0000 (13:51 -0700)]
hack for #6982 - keep o_abandon set in op_free
Howard Chu [Tue, 16 Aug 2011 20:49:27 +0000 (13:49 -0700)]
Revert "More for ITS#6892"
This reverts commit
3cb2ca8bbd1ec8da8f27a608deefc7a2d45aa538 .
Patch has no benefit
Howard Chu [Mon, 15 Aug 2011 22:40:46 +0000 (15:40 -0700)]
More for ITS#6892
Pierangelo Masarati [Sat, 13 Aug 2011 21:33:19 +0000 (23:33 +0200)]
host part of unique URI must be empty (ITS#7018)
Pierangelo Masarati [Thu, 11 Aug 2011 15:33:08 +0000 (17:33 +0200)]
cleanup slapd.ldif; install it (ITS#7015)
Pierangelo Masarati [Thu, 11 Aug 2011 15:02:25 +0000 (17:02 +0200)]
typo in comment
Pierangelo Masarati [Thu, 11 Aug 2011 10:16:01 +0000 (12:16 +0200)]
use ldap_search_ext(timelimit) instead of ldap_set_option(LDAP_OPT_TIMELIMIT) (related to ITS#7009)
Pierangelo Masarati [Wed, 10 Aug 2011 20:39:16 +0000 (22:39 +0200)]
honor TIMEOUT when appropriate (ITS#7009); also honor timelimit (was broken)
Pierangelo Masarati [Wed, 10 Aug 2011 18:22:33 +0000 (20:22 +0200)]
make sure 2-arg statements have exactly 2 args (related to ITS#7012)
Pierangelo Masarati [Wed, 10 Aug 2011 17:40:20 +0000 (19:40 +0200)]
TLS config statements always need an argument (related to ITS#7012)
Howard Chu [Fri, 29 Jul 2011 20:05:45 +0000 (13:05 -0700)]
ITS#6999 fix syncrepl timeout in refreshAndPersist
Rich Megginson [Thu, 28 Jul 2011 21:08:37 +0000 (14:08 -0700)]
ITS#7002 MozNSS: fix VerifyCert allow/try behavior
If the olcTLSVerifyClient is set to a value other than "never", the server
should request that the client send a client certificate for possible use
with client cert auth (e.g. SASL/EXTERNAL).
If set to "allow", if the client sends a cert, and there are problems with
it, the server will warn about problems, but will allow the SSL session to
proceed without a client cert.
If set to "try", if the client sends a cert, and there are problems with
it, the server will warn about those problems, and shutdown the SSL session.
If set to "demand" or "hard", the client must send a cert, and the server
will shutdown the SSL session if there are problems.
I added a new member of the tlsm context structure - tc_warn_only - if this
is set, tlsm_verify_cert will only warn about errors, and only if TRACE
level debug is set. This allows the server to warn but allow bad certs
if "allow" is set, and warn and fail if "try" is set.
Rich Megginson [Tue, 26 Jul 2011 02:27:59 +0000 (20:27 -0600)]
ITS#7001 MozNSS: free the return of tlsm_find_and_verify_cert_key
If tlsm_find_and_verify_cert_key finds the cert and/or key, and it fails
to verify them, it will leave them allocated for the caller to dispose of.
There were a couple of places that were not disposing of the cert and key
upon error.
Howard Chu [Thu, 28 Jul 2011 20:52:47 +0000 (13:52 -0700)]
ITS#7000 fix bad patch in ITS#6472
Howard Chu [Thu, 28 Jul 2011 20:48:08 +0000 (13:48 -0700)]
ITS#7003 fix typo