summaryrefslogtreecommitdiff
path: root/include/util_ldap.h
Commit message (Collapse)AuthorAgeFilesLines
* mod_ldap: Use the LDAP API directly to implement the rebind callbackJoe Orton2020-06-161-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | for modern versions of OpenLDAP, avoiding the overhead of the apr-util implementation. * modules/ldap/util_ldap.c: Define USE_APR_LDAP_REBIND if a modern version of OpenSSL is used. (uldap_rebind_proc): New function. (uldap_rebind_init, uldap_rebind_add): Define, using either the callback or the (bad) APR-util versions. (uldap_connection_unbind): Clear the rebind pool to remove rebind references prior to destroying the LDAP *. Omit for !USE_APR_LDAP_REBIND. (uldap_connection_init): Use new wrappers, only create the rebind pool if USE_APR_LDAP_REBIND. * include/util_ldap.h: Don't include apr_ldap_rebind.h here. PR: 64414 Github: closes #124 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1878890 13f79535-47bb-0310-9956-ffa450edef68
* Fix spelling errors found by codespell. [skip ci]Mike Rumph2020-02-131-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1873985 13f79535-47bb-0310-9956-ffa450edef68
* Fix spelling in comments and text files.Rainer Jung2016-08-111-1/+1
| | | | | | | | No functional change. PR 59990 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1756038 13f79535-47bb-0310-9956-ffa450edef68
* make LDAPConnectionPoolTTL more conservative, use r->request_time rather thanEric Covener2014-07-051-0/+1
| | | | | | | | | end-of-request time, and only update it after a round-trip with the LDAP server rather than every time we check back into the pool. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1607960 13f79535-47bb-0310-9956-ffa450edef68
* change r1500483 to only be enabled when building against the MS LDAP SDK.Eric Covener2013-12-181-1/+1
| | | | | | | | Guenter, please verify this still works for you. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1551802 13f79535-47bb-0310-9956-ffa450edef68
* Fixed some Windows warnings.Guenter Knauf2013-07-071-0/+4
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1500483 13f79535-47bb-0310-9956-ffa450edef68
* PR54587: LDAP connections used for authn were not respecting Eric Covener2013-03-041-0/+2
| | | | | | | | | | | LDAPConnectionPoolTimeout due to confusion over what "bound" means. Added some LDAP trace at TRACE5 to track how LDAP connections are reused and rebound. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1452551 13f79535-47bb-0310-9956-ffa450edef68
* followup to r1348036, MSSDK's WinLdap.h uses an enum for LDAP_* status ↵Eric Covener2012-11-121-1/+1
| | | | | | codes, so the block is not included git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1408402 13f79535-47bb-0310-9956-ffa450edef68
* * include/util_ldap.h: Treat LDAP_UNAVAILABLE as a transient errorJoe Orton2012-06-081-1/+1
| | | | | | | | | with non-MS LDAP SDKs; seen with OpenLDAP against Novell eDirectory. Submitted by: Filip Valder <filip.valder vsb.cz> (via RH bugzilla) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1348036 13f79535-47bb-0310-9956-ffa450edef68
* Cleanup effort in prep for GA push:Jim Jagielski2011-09-231-10/+10
| | | | | | | | Trim trailing whitespace... no func change git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1174748 13f79535-47bb-0310-9956-ffa450edef68
* mod_ldap: remove hard-coded loops of 10 retries w/o delay with a configurableEric Covener2011-08-111-0/+2
| | | | | | | | | | | | | number of retries (LDAPRetries, default 3) and configurable delay between retries (LDAPRetryDelay, no delay by default). The LDAP connection is re-initted every other retry, instead of on the fifth retry -- this was a much more recent addition then the basic looping behavior. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1156790 13f79535-47bb-0310-9956-ffa450edef68
* * Make trunk compile with APR trunk again (without LDAP support of course), byRuediger Pluem2011-07-251-5/+11
| | | | | | | | ensuring that we only include the include files of the APR / APU LDAP API if we use 1.x. Move stuff that depends on it inside the APR_HAS_LDAP block. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1150559 13f79535-47bb-0310-9956-ffa450edef68
* Revert r1129808:Stefan Fritsch2011-07-231-9/+9
| | | | | | | | | | | | Incorporate the ap_ldap incomplete API, as there is no interest or effort at APR to make this a complete abstraction, and it was voted 'off the island' with APR 2.0. This will allow httpd 2.3 to build against either apr-2.0 or apr+util 1.x. This also reverts part of r1142938, which needs to be re-done. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/revert-ap-ldap@1150172 13f79535-47bb-0310-9956-ffa450edef68
* Revert r1129886:Stefan Fritsch2011-07-231-0/+21
| | | | | | | | Shift declaration logic of LDAP_DECLARE to ap_ldap.h from util_ldap.h git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/revert-ap-ldap@1150169 13f79535-47bb-0310-9956-ffa450edef68
* Revert r1131393:Stefan Fritsch2011-07-231-6/+6
| | | | | | | | | Several fixes for the ap_ldap build logic. This should fix compilation without --with-ldap. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/revert-ap-ldap@1150165 13f79535-47bb-0310-9956-ffa450edef68
* Revert r1143225:Stefan Fritsch2011-07-231-0/+6
| | | | | | | | Removed define which is now in ap_ldap.h. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/revert-ap-ldap@1150158 13f79535-47bb-0310-9956-ffa450edef68
* Removed define which is now in ap_ldap.h.Guenter Knauf2011-07-051-6/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1143225 13f79535-47bb-0310-9956-ffa450edef68
* Several fixes for the ap_ldap build logic. This should fix compilationStefan Fritsch2011-06-041-6/+6
| | | | | | | without --with-ldap. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1131393 13f79535-47bb-0310-9956-ffa450edef68
* Shift declaration logic of LDAP_DECLARE to ap_ldap.h from util_ldap.hWilliam A. Rowe Jr2011-05-311-21/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1129886 13f79535-47bb-0310-9956-ffa450edef68
* Incorporate the ap_ldap incomplete API, as there is no interest or effortWilliam A. Rowe Jr2011-05-311-9/+9
| | | | | | | | | | at APR to make this a complete abstraction, and it was voted 'off the island' with APR 2.0. This will allow httpd 2.3 to build against either apr-2.0 or apr+util 1.x. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1129808 13f79535-47bb-0310-9956-ffa450edef68
* fix incorrect type of LDAP connection pool member, fix naming forsEric Covener2011-03-281-1/+1
| | | | | | | | style guidlines git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1086432 13f79535-47bb-0310-9956-ffa450edef68
* Lay some groundwork for improvements to the connection pool.Eric Covener2011-03-121-10/+3
| | | | | | | | | | | | | | | | remove unnecessary uldap_connection_cleanup (nothing needed between unbind and remove) properly remove rebind callback info when credentials change maintain a separate pool for the rebind callback storage so it can be cleared when the connection is unbound. (major bump for util_ldap function removal) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1081005 13f79535-47bb-0310-9956-ffa450edef68
* re-order many struct members for better alignment on 64bitStefan Fritsch2010-06-301-4/+7
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@959464 13f79535-47bb-0310-9956-ffa450edef68
* odd assortment of spelling fixesJeff Trawick2010-05-241-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@947651 13f79535-47bb-0310-9956-ffa450edef68
* missing file from r915660, major MMN bump already in original revisionEric Covener2010-02-241-1/+1
| | | | | | | for this file. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@915923 13f79535-47bb-0310-9956-ffa450edef68
* Introduce new config option LDAPTimeout to set the timeout for operationsStefan Fritsch2010-01-111-0/+1
| | | | | | | | | | | | | like bind and search. For operations other than search, the support of the timeout depends on the LDAP SDK supporting LDAP_OPT_TIMEOUT (e.g. OpenLDAP >= 2.4.4). An exception is the ldap_simple_bind() in uldap_connection_open(): Here we put some extra effort into detecting a timeout in a portable way, to catch an idle connection having been dropped by a firewall. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@898102 13f79535-47bb-0310-9956-ffa450edef68
* Replace AcceptMutex, LockFile, RewriteLock, SSLMutex, SSLStaplingMutex,Jeff Trawick2009-11-231-1/+0
| | | | | | | | | | | | | and WatchdogMutexPath with a single Mutex directive. Add APIs to simplify setup and user customization of APR proc and global mutexes. (See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer respected; set DEFAULT_REL_RUNTIMEDIR instead. Some existing modules, such as mod_ldap and mod_auth_digest gain configurability for their mutexes. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@883540 13f79535-47bb-0310-9956-ffa450edef68
* Stop trying to set the referral HOP limit on each connection since most SDKs ↵Eric Covener2009-10-311-5/+0
| | | | | | | | | | | | | | | don't seem to do anything with it, and causes an error on released openldap levels. Also moves/remove some macros internal to mod_ldap out of the public header for a major bump. Reported against APR in PR47501, but httpd shouldn't be asking for the option by default. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@831542 13f79535-47bb-0310-9956-ffa450edef68
* add LDAPLibraryDebug directive to mod_ldap to turn onEric Covener2009-10-301-0/+1
| | | | | | | | | | tracing in underlying LDAP SDK, where all the interesting tidbits about all kinds of LDAP errors are hidden. Unfortunately windows doesn't implement this LDAP_OPT. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@831183 13f79535-47bb-0310-9956-ffa450edef68
* Reduced the bumpiness (from major to minor) and utilized #defines throughoutPaul J. Reder2008-01-241-2/+8
| | | | | | | | (per Ruediger's suggestions). Still looking at the dir merge. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@614747 13f79535-47bb-0310-9956-ffa450edef68
* This adds Apache support (taking advantage of the new APR capability)Paul J. Reder2008-01-231-0/+8
| | | | | | | | | | | for ldap rebind callback while chasing referrals. This allows direct searches on LDAP servers (in particular MS Active Directory 2003+) using referrals without the use of the global catalog. This addresses PRs 26538, 40268, and 42557 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@614605 13f79535-47bb-0310-9956-ffa450edef68
* When using the MS SDK, re-establish LDAP backend connections on aEric Covener2007-12-311-0/+7
| | | | | | | | | | | | | return code of LDAP_UNAVAILABLE as if it were LDAP_SERVER_DOWN. With this SDK, LDAP_UNAVAIALBLE is returned when the socket had been closed between LDAP API calls. PR 39095 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607766 13f79535-47bb-0310-9956-ffa450edef68
* Perform all per-LDAP-backend related memory allocations in a standalone pool,Eric Covener2007-11-281-0/+2
| | | | | | | | | | | | | | | provide a local method to completely remove an LDAP backend connection so we can someday manage/dispose of extra connections in a reasonable way. Clarify some commentary around the existing murky close/cleanup API methods. Minor bump for new members appended to util_ldap_connection_t, which is not allocated by consumers of the API. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@599164 13f79535-47bb-0310-9956-ffa450edef68
* while technically uldap_connection_cleanup() does leave an entry in theEric Covener2007-11-081-1/+1
| | | | | | | | | | | connection list, it is fully disconnected before it's put back. My previous commentary did more harm then good. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@593283 13f79535-47bb-0310-9956-ffa450edef68
* Stop registering a cleanup on each LDAP connection created, this cleanup wasEric Covener2007-11-071-2/+1
| | | | | | | | | | | | never called because it's registered against pconf in the child. LDAP connections are created in the child and not shared between children, so no action should be required at child exit Additionally, clarify comments around uldap_connection_cleanup() git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@592764 13f79535-47bb-0310-9956-ffa450edef68
* mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the abilityPaul J. Reder2007-07-271-1/+36
| | | | | | | | | | to authorize an authenticated user via a "require ldap-group X" directive where the user is not in group X, but is in a subgroup contained in X. PR 42891 [Paul J. Reder] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@560373 13f79535-47bb-0310-9956-ffa450edef68
* revert revision 555470Eric Covener2007-07-191-3/+3
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@557772 13f79535-47bb-0310-9956-ffa450edef68
* This data is passed in an unsafe way to the LDAP SDK if the compiler Eric Covener2007-07-121-3/+3
| | | | | | | | | | chooses to use shorts for the enum values. http://www.redbooks.ibm.com/redbooks/SG245992/nn4/SG245992_88.html Submitted by: David Jones git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@555470 13f79535-47bb-0310-9956-ffa450edef68
* Use correct Doxygen keywords for functions and variables. TODO: figure out ↵Sander Temme2007-07-031-12/+12
| | | | | | whether those keywords are actually necessary. HTML-ify some documentation comments for benefit of Doxygen. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@553013 13f79535-47bb-0310-9956-ffa450edef68
* * Add extern "C" linkage to several headers to make it easier to useRuediger Pluem2007-05-041-1/+7
| | | | | | | | | | | them in C++ code. PR: 42286 Submitted by: Davi Arnaut <davi haxent.com.br> Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@535169 13f79535-47bb-0310-9956-ffa450edef68
* update license header textRoy T. Fielding2006-07-111-6/+6
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@420983 13f79535-47bb-0310-9956-ffa450edef68
* Update the copyright year in all .c, .h and .xml filesColm MacCarthaigh2006-04-191-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@395228 13f79535-47bb-0310-9956-ffa450edef68
* Doxygen fixup / cleanupIan Holsman2005-08-281-0/+5
| | | | | | | | | submited by: Neale Ranns neale ranns.org reviewed by: Ian Holsman git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@263931 13f79535-47bb-0310-9956-ffa450edef68
* Add the LDAPVerifyServerCert directive to util_ldap to forceBradley Nicholes2005-05-111-0/+1
| | | | | | | | verification of a server certificate when establishing an SSL connection to the LDAP server git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@169705 13f79535-47bb-0310-9956-ffa450edef68
* Implement the exported function from mod_ldap(util_ldap) as optional ↵Bradley Nicholes2005-03-311-17/+17
| | | | | | functions so that we can eliminate the load ordering of mod_ldap and mod_authnz_ldap. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@159619 13f79535-47bb-0310-9956-ffa450edef68
* * include/util_ldap.h (util_ldap_state_t): Fix gcc format stringJoe Orton2005-02-111-1/+1
| | | | | | | | | | | warnings: use a long for connectionTimeout since the code expects a long. * modules/ldap/util_ldap.c (compare_client_certs): Make static to fix gcc missing-prototype warning. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@153390 13f79535-47bb-0310-9956-ffa450edef68
* Update copyright year to 2005 and standardize on current copyright owner line.Justin Erenkrantz2005-02-041-1/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@151408 13f79535-47bb-0310-9956-ffa450edef68
* Added a new LDAPConnectionTimeout directive to util_ldap so that the socket ↵Bradley Nicholes2005-01-271-0/+1
| | | | | | connection timeout value is configurable. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@126565 13f79535-47bb-0310-9956-ffa450edef68
* mod_ldap: Updated to use the new apr-util v1.1 apr_ldap_*_option()Graham Leggett2005-01-191-4/+7
| | | | | | | | | | | API for the setting of server and client SSL certificates. Replaced LDAPTrustedCA directive with LDAPTrustedGlobalCert and LDAPTrustedClientCert directives to correctly support global certs (CA certs / Netware client certs) and per connection client certs as supported by Netware, OpenLDAP and Netscape/Mozilla. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@125645 13f79535-47bb-0310-9956-ffa450edef68
* Correct the order of includes to follow httpd conventions, and getWilliam A. Rowe Jr2005-01-051-14/+14
| | | | | | | Win32 compiling again. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@124279 13f79535-47bb-0310-9956-ffa450edef68
View Lorry Controller Status