summaryrefslogtreecommitdiff
path: root/usr.sbin/ldapd/ldapd.h
AgeCommit message (Collapse)Author
2015-01-16change to <limits.h> universe. The only changes in the binary are dueTheo de Raadt
to the heavy use of assert. ok millert
2012-06-16Protect against fd exhaustion when reopening database files. Only acceptJonathan Matthew
client or control connections when there are at least 8 fds available, and close a connection before calling imsg_read if it would be unable to accept an fd from the parent process. ok gilles@
2012-04-11rate limiting of accept() in various cases. Testing by jmatthew. thereTheo de Raadt
maybe still be a corner case where it needs one more file descriptor beyond the limit..
2010-11-10Make -dvv flags produce debug traces of decoded BER messages on stderr.Martin Hedenfal
Also shows a hexdump of the input buffer if BER decoding fails. Useful when debugging protocol issues.
2010-11-03Evaluate filters according to the three-valued logic of X.511, as requiredMartin Hedenfal
by RFC 4511. A filter term can now be evaluated as undefined if the attribute description is not recognized, the attribute type doesn't define the appropriate matching rule, or the filtering is not implemented. This also implements the NOT filter in the query planner.
2010-10-19Remember the bind DN after BSD authentication. This makes access controlMartin Hedenfal
work for SASL and BSDAUTH binds as it does for simple binds.
2010-09-01Move generic imsg/libevent glue to a separate file.Martin Hedenfal
with eric@ at c2k10
2010-07-10Retry requests when the btree is busy. Without this, clients will just hangMartin Hedenfal
waiting for a response if the btree was being reopened when the request was received.
2010-07-01Implement the LDAP compare operation.Martin Hedenfal
2010-06-30Add a global root user that is allowed to read/write entries in all localMartin Hedenfal
namespaces. Useful for dump/restore of all namespaces.
2010-06-29Add support for referrals. Referrals are configured in the config file,Martin Hedenfal
either in the global context or in a namespace. The latter can be used to delegate requests to different servers for specific parts of the DIT. The former is a global catch-all referral.
2010-06-29Remember on what listener a connection got from, and return protocol errorMartin Hedenfal
if trying to use starttls without a configured certificate, instead of just blocking the client.
2010-06-29Rewrite the schema parser, as it's not a context-free grammar.Martin Hedenfal
This also brings the config parser more in line with other parse.y in the tree. The new schema parser also supports symbolic OID names. You need to update your /etc/ldapd.conf. Schema files are no longer included with the 'include' keyword, you have to use 'schema' for that. Moves schema-related structures to a separate include file to ease reuse.
2010-06-27return value unused, found by lintMartin Hedenfal
2010-06-27Remove unused code.Martin Hedenfal
2010-06-27remove an unused typedefMartin Hedenfal
2010-06-23remove leftovers from old compaction codeMartin Hedenfal
2010-06-23Remove compaction and indexing from ldapd. It is better done by a separateMartin Hedenfal
process now that the btree can pick up the changes automatically.
2010-06-15Move around some functions to ease re-use from ldapctl.Martin Hedenfal
2010-06-15Make modify and simple auth requests open their own transactions, as searchMartin Hedenfal
already does. Trigger a reopen imsg request if either the data or index databases are compacted. Queue the failed request and try again when the file is reopened. Compaction can now be done by a separate process, and ldapd will pick up the change and reopen the file.
2010-06-15Implement support in the parent to (re-)open database files on behalf ofMartin Hedenfal
the unprivileged child over imsg. Part of a larger change that will fix database compaction.
2010-06-11Wrap searches in a read-only transaction so it is guaranteed to see aMartin Hedenfal
consistent snapshot of the database. Also fixes a couple of format string errors for long long ints.
2010-06-03Open database files before chrooting, and use an absolute path toMartin Hedenfal
the database files, instead of relying on the chrooted-to path. This breaks compaction as the ldape process can't re-open the database files. This is being worked on. ok gilles@
2010-05-31Initial import of ldapd, a small LDAP daemon. Work in progress.Martin Hedenfal
ok deraadt@ jacekm@ gilles@ back@ henning@ blambert@
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-15 22:09:00 +0000