| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for modern versions of OpenLDAP, avoiding the overhead of the apr-util
implementation.
* modules/ldap/util_ldap.c:
Define USE_APR_LDAP_REBIND if a modern version of OpenSSL is used.
(uldap_rebind_proc): New function.
(uldap_rebind_init, uldap_rebind_add): Define, using either the
callback or the (bad) APR-util versions.
(uldap_connection_unbind): Clear the rebind pool to remove rebind
references prior to destroying the LDAP *.
Omit for !USE_APR_LDAP_REBIND.
(uldap_connection_init): Use new wrappers, only create the rebind
pool if USE_APR_LDAP_REBIND.
* include/util_ldap.h: Don't include apr_ldap_rebind.h here.
PR: 64414
Github: closes #124
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1878890 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1873985 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
No functional change.
PR 59990
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1756038 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
end-of-request time, and only update it after a round-trip with the LDAP
server rather than every time we check back into the pool.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1607960 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Guenter, please verify this still works for you.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1551802 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1500483 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
LDAPConnectionPoolTimeout due to confusion over what "bound" means.
Added some LDAP trace at TRACE5 to track how LDAP connections are
reused and rebound.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1452551 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
codes, so the block is not included
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1408402 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
with non-MS LDAP SDKs; seen with OpenLDAP against Novell eDirectory.
Submitted by: Filip Valder <filip.valder vsb.cz> (via RH bugzilla)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1348036 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Trim trailing whitespace... no func change
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1174748 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
number of retries (LDAPRetries, default 3) and configurable delay between
retries (LDAPRetryDelay, no delay by default).
The LDAP connection is re-initted every other retry, instead of
on the fifth retry -- this was a much more recent addition then
the basic looping behavior.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1156790 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
ensuring that we only include the include files of the APR / APU LDAP API if
we use 1.x. Move stuff that depends on it inside the APR_HAS_LDAP block.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1150559 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
| |
Incorporate the ap_ldap incomplete API, as there is no interest or effort
at APR to make this a complete abstraction, and it was voted 'off the island'
with APR 2.0. This will allow httpd 2.3 to build against either apr-2.0
or apr+util 1.x.
This also reverts part of r1142938, which needs to be re-done.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/revert-ap-ldap@1150172 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Shift declaration logic of LDAP_DECLARE to ap_ldap.h from util_ldap.h
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/revert-ap-ldap@1150169 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
Several fixes for the ap_ldap build logic. This should fix compilation
without --with-ldap.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/revert-ap-ldap@1150165 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Removed define which is now in ap_ldap.h.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/revert-ap-ldap@1150158 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1143225 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
without --with-ldap.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1131393 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1129886 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
at APR to make this a complete abstraction, and it was voted 'off the island'
with APR 2.0. This will allow httpd 2.3 to build against either apr-2.0
or apr+util 1.x.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1129808 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
style guidlines
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1086432 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
remove unnecessary uldap_connection_cleanup (nothing needed between unbind
and remove)
properly remove rebind callback info when credentials change
maintain a separate pool for the rebind callback storage so it can be cleared
when the connection is unbound.
(major bump for util_ldap function removal)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1081005 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@959464 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@947651 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
for this file.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@915923 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
like bind and search.
For operations other than search, the support of the timeout depends on the
LDAP SDK supporting LDAP_OPT_TIMEOUT (e.g. OpenLDAP >= 2.4.4). An exception is
the ldap_simple_bind() in uldap_connection_open(): Here we put some extra
effort into detecting a timeout in a portable way, to catch an idle connection
having been dropped by a firewall.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@898102 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and WatchdogMutexPath with a single Mutex directive. Add APIs to
simplify setup and user customization of APR proc and global mutexes.
(See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer
respected; set DEFAULT_REL_RUNTIMEDIR instead.
Some existing modules, such as mod_ldap and mod_auth_digest gain
configurability for their mutexes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@883540 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
don't seem
to do anything with it, and causes an error on released openldap levels.
Also moves/remove some macros internal to mod_ldap out of the public header for a major bump.
Reported against APR in PR47501, but httpd shouldn't be asking for the option
by default.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@831542 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
tracing in underlying LDAP SDK, where all the interesting tidbits
about all kinds of LDAP errors are hidden.
Unfortunately windows doesn't implement this LDAP_OPT.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@831183 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
(per Ruediger's suggestions). Still looking at the dir merge.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@614747 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
for ldap rebind callback while chasing referrals. This allows direct
searches on LDAP servers (in particular MS Active Directory 2003+)
using referrals without the use of the global catalog.
This addresses PRs 26538, 40268, and 42557
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@614605 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
return code of LDAP_UNAVAILABLE as if it were LDAP_SERVER_DOWN.
With this SDK, LDAP_UNAVAIALBLE is returned when the socket had been closed
between LDAP API calls.
PR 39095
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607766 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
provide a local method to completely remove an LDAP backend connection so
we can someday manage/dispose of extra connections in a reasonable way.
Clarify some commentary around the existing murky close/cleanup API
methods.
Minor bump for new members appended to util_ldap_connection_t, which is not
allocated by consumers of the API.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@599164 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
connection list, it is fully disconnected before it's put back. My previous
commentary did more harm then good.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@593283 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
| |
never called because it's registered against pconf in the child. LDAP
connections are created in the child and not shared between children, so no
action should be required at child exit
Additionally, clarify comments around uldap_connection_cleanup()
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@592764 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
to authorize an authenticated user via a "require ldap-group X" directive
where the user is not in group X, but is in a subgroup contained in X.
PR 42891 [Paul J. Reder]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@560373 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@557772 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
chooses to use shorts for the enum values.
http://www.redbooks.ibm.com/redbooks/SG245992/nn4/SG245992_88.html
Submitted by: David Jones
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@555470 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
whether those keywords are actually necessary. HTML-ify some documentation comments for benefit of Doxygen.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@553013 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
them in C++ code.
PR: 42286
Submitted by: Davi Arnaut <davi haxent.com.br>
Reviewed by: rpluem
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@535169 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@420983 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@395228 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
submited by: Neale Ranns neale ranns.org
reviewed by: Ian Holsman
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@263931 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
verification of a server certificate when establishing an SSL connection
to the LDAP server
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@169705 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
functions so that we can eliminate the load ordering of mod_ldap and mod_authnz_ldap.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@159619 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
warnings: use a long for connectionTimeout since the code expects a
long.
* modules/ldap/util_ldap.c (compare_client_certs): Make static to fix
gcc missing-prototype warning.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@153390 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@151408 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
| |
connection timeout value is configurable.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@126565 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
API for the setting of server and client SSL certificates. Replaced
LDAPTrustedCA directive with LDAPTrustedGlobalCert and
LDAPTrustedClientCert directives to correctly support global certs
(CA certs / Netware client certs) and per connection client certs
as supported by Netware, OpenLDAP and Netscape/Mozilla.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@125645 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
Win32 compiling again.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@124279 13f79535-47bb-0310-9956-ffa450edef68
|