![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / ldapd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.28 / (download) - annotate - [select for diffs], Thu Mar 2 17:09:53 2023 UTC (15 months, 1 week ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
HEAD
Changes since 1.27: +3 -3 lines
Diff to previous 1.27 (colored)
improve the Nd lines such that the format is consistent for the various *d, *conf, *ctl files (where relevant) and simple; also makes "man -k routing" more useful; help from claudio and florian ok claudio florian millert
Revision 1.27 / (download) - annotate - [select for diffs], Wed Jun 24 07:20:47 2020 UTC (3 years, 11 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.26: +12 -2 lines
Diff to previous 1.26 (colored)
Using the "ldaps" or "tls" keywords in ldapd.conf currently enables all protocols and ciphers. So you get a TLS server speaking TLSv1.0 and supporting cipher suites with RC4 and 3DES encryption, all of which should be considered broken. There is no way of disabling TLSv1.0 and TLSv1.1 in ldapd. All this is also not very clearly called out in the documentation. This commit switches the defaults to using the libtls defaults for both protocols and ciphers. If compatibility with the insecure legacy protocols and ciphers is needed, use the "legacy" keyword before "tls" or "ldaps" in ldapd.conf. tested by abieber. inoguchi agrees with the direction. ok beck
Revision 1.26 / (download) - annotate - [select for diffs], Mon Feb 10 13:18:21 2020 UTC (4 years, 3 months ago) by schwarze
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.25: +5 -3 lines
Diff to previous 1.25 (colored)
briefly mention /etc/examples/ in the FILES section of all the manual pages that document the corresponding configuration files; OK jmc@, and general direction discussed with many
Revision 1.25 / (download) - annotate - [select for diffs], Fri May 18 12:36:30 2018 UTC (6 years ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.24: +1 -2 lines
Diff to previous 1.24 (colored)
Add support for attribute filter rules on search/read operations. OK jmatthew@
Revision 1.24 / (download) - annotate - [select for diffs], Mon May 14 11:10:15 2018 UTC (6 years ago) by reyk
Branch: MAIN
Changes since 1.23: +3 -3 lines
Diff to previous 1.23 (colored)
Remove duplicated word ("scope scope").
Pointed out by jmc@
Revision 1.23 / (download) - annotate - [select for diffs], Mon May 14 07:53:47 2018 UTC (6 years ago) by reyk
Branch: MAIN
Changes since 1.22: +8 -1 lines
Diff to previous 1.22 (colored)
Add support to filter on attributes.
This can be used to allow users to change their password (and a few
other things) but not their entire dn. For example:
allow read access to any by self
allow write access to any attribute userPassword by self
This is currently only supported for "write" (modify, add, delete) and
not "read" (search) filter rules.
OK jmatthew@
Revision 1.22 / (download) - annotate - [select for diffs], Mon Oct 17 14:03:17 2016 UTC (7 years, 7 months ago) by jca
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
Tweak /etc/ldap/certs/ FILES entry.
Revision 1.21 / (download) - annotate - [select for diffs], Mon Oct 17 13:49:03 2016 UTC (7 years, 7 months ago) by jca
Branch: MAIN
Changes since 1.20: +4 -4 lines
Diff to previous 1.20 (colored)
In FILES mention /etc/ldapd.conf first, then /etc/ldap/ entries
Revision 1.20 / (download) - annotate - [select for diffs], Mon Oct 17 13:44:03 2016 UTC (7 years, 7 months ago) by jca
Branch: MAIN
Changes since 1.19: +7 -5 lines
Diff to previous 1.19 (colored)
Fix a few mistakes and add a FILES entry for /etc/ldap/certs From Rob Pierce, help & ok jmc@
Revision 1.19 / (download) - annotate - [select for diffs], Wed Jun 11 18:00:40 2014 UTC (10 years ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7,
OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.18: +4 -4 lines
Diff to previous 1.18 (colored)
rfc 4512, not 4712; From: route dylanharris org
Revision 1.18 / (download) - annotate - [select for diffs], Tue Aug 20 10:13:03 2013 UTC (10 years, 9 months ago) by mikeb
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.17: +6 -6 lines
Diff to previous 1.17 (colored)
replace a predefined string with a mdoc macro; ok jmc, schwarze, sobrado
Revision 1.17 / (download) - annotate - [select for diffs], Sat Jun 29 09:08:41 2013 UTC (10 years, 11 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.16: +4 -8 lines
Diff to previous 1.16 (colored)
do not use Sx for sections outwith the page; man4 still to go...
Revision 1.16 / (download) - annotate - [select for diffs], Wed Sep 26 16:19:44 2012 UTC (11 years, 8 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.15: +5 -4 lines
Diff to previous 1.15 (colored)
last stage of rfc changes, using consistent Rs/Re blocks, and moving the references into a STANDARDS section;
Revision 1.15 / (download) - annotate - [select for diffs], Tue Apr 24 14:56:09 2012 UTC (12 years, 1 month ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.14: +7 -4 lines
Diff to previous 1.14 (colored)
take a stab at documenting when arguments need quoted, and valid macro characters; prompted by a diff from robert peichaer org thanks gilles and henning for feedback ok deraadt zinke
Revision 1.14 / (download) - annotate - [select for diffs], Thu Jun 23 20:35:22 2011 UTC (12 years, 11 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.13: +8 -3 lines
Diff to previous 1.13 (colored)
Use a common text explaining how the various configuration parsers using the standard OpenBSD-style parse.y handle continuing lines with backslashes, paying particular attention to how comments are handled (which can cause nasty side-effects if you're not expecting it). Most wording from jmc@, with suggestions from fgsch@, marc@, Richard Toohey, patrick keshishian and Florian Obser, ok jmc@.
Revision 1.13 / (download) - annotate - [select for diffs], Fri Jan 28 09:26:22 2011 UTC (13 years, 4 months ago) by martinh
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.12: +10 -2 lines
Diff to previous 1.12 (colored)
document available authentication types and formats. with tweaks from jmc@
Revision 1.12 / (download) - annotate - [select for diffs], Thu Nov 4 20:22:34 2010 UTC (13 years, 7 months ago) by martinh
Branch: MAIN
Changes since 1.11: +68 -2 lines
Diff to previous 1.11 (colored)
Document the syntax of schema files. Only a brief synopsis of the attribute type and object class syntax is given, the rest is referred to the RFC.
Revision 1.11 / (download) - annotate - [select for diffs], Wed Nov 3 11:21:11 2010 UTC (13 years, 7 months ago) by martinh
Branch: MAIN
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored)
An index can now also be used for a presence filter.
Revision 1.10 / (download) - annotate - [select for diffs], Thu Oct 7 13:23:11 2010 UTC (13 years, 8 months ago) by jmc
Branch: MAIN
Changes since 1.9: +3 -3 lines
Diff to previous 1.9 (colored)
aginst -> against; from Luca Corti
Revision 1.9 / (download) - annotate - [select for diffs], Fri Sep 10 21:21:15 2010 UTC (13 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.8: +3 -3 lines
Diff to previous 1.8 (colored)
RFC2247 -> RFC 2247;
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jul 21 06:32:14 2010 UTC (13 years, 10 months ago) by martinh
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.7: +7 -2 lines
Diff to previous 1.7 (colored)
Add a history section saying that ldapd/ldapctl first appeared in 4.8.
Revision 1.7 / (download) - annotate - [select for diffs], Tue Jul 6 18:59:27 2010 UTC (13 years, 11 months ago) by martinh
Branch: MAIN
Changes since 1.6: +11 -2 lines
Diff to previous 1.6 (colored)
Clarify differences between the 'include' and 'schema' keyword. And stress the 'secure' keyword. Looks fine to jmc@, gilles@
Revision 1.6 / (download) - annotate - [select for diffs], Wed Jun 30 20:36:57 2010 UTC (13 years, 11 months ago) by martinh
Branch: MAIN
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)
Change the example for the 'include' keyword as schema files are no longer included that way. pointed out by william@
Revision 1.5 / (download) - annotate - [select for diffs], Wed Jun 30 19:26:39 2010 UTC (13 years, 11 months ago) by martinh
Branch: MAIN
Changes since 1.4: +8 -1 lines
Diff to previous 1.4 (colored)
Add a global root user that is allowed to read/write entries in all local namespaces. Useful for dump/restore of all namespaces.
Revision 1.4 / (download) - annotate - [select for diffs], Tue Jun 29 22:39:47 2010 UTC (13 years, 11 months ago) by jmc
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)
sort SEE ALSO;
Revision 1.3 / (download) - annotate - [select for diffs], Tue Jun 29 21:54:38 2010 UTC (13 years, 11 months ago) by martinh
Branch: MAIN
Changes since 1.2: +22 -2 lines
Diff to previous 1.2 (colored)
Add support for referrals. Referrals are configured in the config file, either in the global context or in a namespace. The latter can be used to delegate requests to different servers for specific parts of the DIT. The former is a global catch-all referral.
Revision 1.2 / (download) - annotate - [select for diffs], Tue Jun 29 21:23:13 2010 UTC (13 years, 11 months ago) by martinh
Branch: MAIN
Changes since 1.1: +4 -8 lines
Diff to previous 1.1 (colored)
document the 'schema' keyword, and remove the placeholders for schema syntax
Revision 1.1 / (download) - annotate - [select for diffs], Mon May 31 17:36:31 2010 UTC (14 years ago) by martinh
Branch: MAIN
Initial import of ldapd, a small LDAP daemon. Work in progress. ok deraadt@ jacekm@ gilles@ back@ henning@ blambert@