| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Authentiction for gold services should only be possible for
gold accounts.
|
|
|
|
|
| |
This is not really working, because the base_dn of the service
accounts is missing. This will be added later.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
If a service wants to get the user information by searching for the user DN
explicitly (maybe with a BASE search scope), we need to drop the virtual
prefix for the service (the virtual entry might not even exists or does not
have the requested user infromation). The pre_search plugin method is
executed before all searches and modifies the TARGET_DN if required.
|
|
|
|
|
|
| |
slapu_pblock_set copies the DN into the pblock, because it first has to do a
normalization. So we do not need to create a copy of the supplied value and
have to free the supplied string afterwards.
|
|
|
|
| |
We cannot use auth_method, because we cannot set it (denied by openldap).
|
|
|
|
|
|
| |
If a connection is bind against a virtual service password entry, we need to
rewrite the user entries, too. A service might search for the user entry after
authorizing to get the userdata.
|
| |
|
|
|
|
|
| |
The new signature allows to call is_service, without the requirement to
free the pointer to the service name, if the service name is not required.
|
|
|
|
|
| |
The function dn_contains_uid was used to check, if an entry is an user
account. This check uses the objectClass now.
|
|
|
|
| |
All service accounts now have to have the serviceAccount object class.
|
| |
|
| |
|
|
|
|
|
|
| |
If using "slapi_entry_dup" it will create two internal copies of the old
DN, that could not be free'd without reference to internal data structures.
So now we create a new Slapi_Entry, copy all attributes and set the new DN.
|
|
|
|
|
|
| |
Add entry_set_dn to set a new DN and free the memory of the both copies
inside the Slapi_Entry. This currently uses an ugly hack and makes
assumptions about internal data structures.
|
|
|
|
|
|
| |
slapi_attr_get_valueset returns a pointer from the Slapi_Attr* argument. If you free
the Slapi_ValueSet and the Slapi_Attr structures the valuesset is freed twice and
this causes memory corruption and segfaults later.
|
| |
|
| |
|
|
|
|
| |
Add doxygen compatible comments to most functions.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
The function could be used in more cases, if it checks if the supplied DN
contains a uid and does not generate the parent_dn. The parent_dn is
generated before calling the function.
|
| |
|
|
|
|
| |
Add pre_bind function for service password fallback.
|
| |
|
|
|