summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r7862: Updates to the Kerberos notes, based on recent changes and discoveries.Andrew Bartlett1-19/+90
Andrew Bartlett (This used to be commit 7d791d13bcd70288467bf3574d0394d34f973f18)
2007-10-10r7861: Nicer output, remove some false warnings.Jelmer Vernooij1-8/+10
(This used to be commit f5587fe5671fb28bcfb7b71acec0748e0e506993)
2007-10-10r7860: switch our ldb storage format to use a NDR encoded objectSid. This isAndrew Tridgell15-355/+303
quite a large change as we had lots of code that assumed that objectSid was a string in S- format. metze and simo tried to convince me to use NDR format months ago, but I didn't listen, so its fair that I have the pain of fixing all the code now :-) This builds on the ldb_register_samba_handlers() and ldif handlers code I did earlier this week. There are still three parts of this conversion I have not finished: - the ltdb index records need to use the string form of the objectSid (to keep the DNs sane). Until that it done I have disabled indexing on objectSid, which is a big performance hit, but allows us to pass all our tests while I rejig the indexing system to use a externally supplied conversion function - I haven't yet put in place the code that allows client to use the "S-xxx-yyy" form for objectSid in ldap search expressions. w2k3 supports this, presumably by looking for the "S-" prefix to determine what type of objectSid form is being used by the client. I have been working on ways to handle this, but am not happy with them yet so they aren't part of this patch - I need to change pidl to generate push functions that take a "const void *" instead of a "void*" for the data pointer. That will fix the couple of new warnings this code generates. Luckily it many places the conversion to NDR formatted records actually simplified the code, as it means we no longer need as many calls to dom_sid_parse_talloc(). In some places it got more complex, but not many. (This used to be commit d40bc2fa8ddd43560315688eebdbe98bdd02756c)
2007-10-10r7859: Merge a few scripts to one script that checks for the following unusedJelmer Vernooij7-108/+121
(used in configure.in, but their output is never used) autoconf macros: - AC_DEFINE - AC_CHECK_FUNC - AC_CHECK_FUNCS - AC_CHECK_HEADER - AC_CHECK_HEADERS (This used to be commit 897d7b7d390815778adea1adf5e73b94f75a3048)
2007-10-10r7858: removed some unused variablesAndrew Tridgell1-3/+0
(This used to be commit 8d43eb5b9790a6b24c792919386cac5c0b8ea7ac)
2007-10-10r7857: improved the handling of end-of-file on sockets in the smb serverAndrew Tridgell1-2/+8
(This used to be commit 6ee98c5f6505824826955f9d60a7964471fa6c26)
2007-10-10r7856: fixed warning of 'methods' shadowed variableAndrew Tridgell1-4/+4
(This used to be commit c435843c66a5dcc003d157374529c3c5ac733e36)
2007-10-10r7855: fixed a typoAndrew Tridgell1-1/+1
(This used to be commit a1155651e722e28496be02b729c950afae5db9a9)
2007-10-10r7854: only enable wrapping in the ldap server if it was negotiated by gensecAndrew Tridgell1-2/+4
(This used to be commit 355983493bc87b9e812152ef81773dccb23e03d5)
2007-10-10r7851: We are case preserving let the DN be returned the same the user put ↵Simo Sorce2-78/+83
it into. sss (This used to be commit 5b41e3202456549250e6e5b1c63bd45ea7500fa3)
2007-10-10r7850: Support mkdir() with just one parameter. Patch fromJelmer Vernooij10-1/+32
Steven Edwards <steven_ed4153@yahoo.com>. I've moved the Win32-specific tests to win32.m4 so it does not make any of the POSIX configure stuff more complicated. (This used to be commit bf85fdd01552f75b745fdf3159a7a87cd6521ed2)
2007-10-10r7845: remove unused filesStefan Metzmacher3-579/+6
and remove all generated files with make distclean and make realdistclean metze (This used to be commit f964e228c9ceeb3dc4d0afd1b6b092734e06e372)
2007-10-10r7844: eliminate superfluous attribute tablesDerrell Lipman1-382/+91
(This used to be commit 863beef35b769c5a531819c974754aea2a790921)
2007-10-10r7843: Use the new Heimdal gsskrb_acquire_creds API. This has the rightAndrew Bartlett2-31/+27
lifetime constraints, and works with the in-memory keytab. Move initialize_krb5_error_table() into our kerberos startup code, rather than in the GSSAPI code explitly. (Hmm, we probably don't need this at all..) Andrew Bartlett (This used to be commit bedf92da5c81066405c87c9e588842d3ca5ba945)
2007-10-10r7837: use some more 'make' featuresStefan Metzmacher1-4/+2
(I just commit this to see how portable it is) I have a patch that remove the need of the recursiv make and also fixes the HEIMDAL_EXTERNAL stuff cleanly metze (This used to be commit 21d930cfc3706fec9e0421a799668f022d8aef7c)
2007-10-10r7834: added comment about the "((" search testAndrew Tridgell1-0/+4
(This used to be commit 42c42f6611fa295ca60782661781d023c4fdaf8b)
2007-10-10r7833: changed ldbsearch and ldbedit to have command line syntax closer toAndrew Tridgell3-19/+19
ldapsearch. They look for an '=' in the first argument to see if it is a search expression, and if not then it does an 'all records' search (This used to be commit 91cc009fedefa7b263b345dfa511800e0f4f66a8)
2007-10-10r7832: missed oneAndrew Tridgell1-1/+1
(This used to be commit 20c84f5c5219c6f306888771b56e0dfdeb8fd774)
2007-10-10r7831: use cn=TEST as base of test DNs so we don't interfere with ↵Andrew Tridgell6-66/+66
potentially real records (This used to be commit 2a426f654db668f4bfc899771dd11598e295b774)
2007-10-10r7828: Although there is still plenty to do, ldb_sqlite3 now passes the set ↵Derrell Lipman8-364/+1156
of tests in tests/test-sqlite3.sh (tests/test-generic.sh). There are lots of optimizations still TBD, and some things are REALLY slow right now (e.g. each add() operation takes 1/3 - 1/2 second) but it's ready for interested parties to poke it and prod it and see how (un)reasonable it is. Play away. Still to be implemented or improved: - tdb specials (@MODULES, @SUBCLASSES, etc.) - all DNs are case-folded in their entirty right now (since doing otherwise would require @ATTRIBUTES to be implemented) - speed improvements and optimizations. I am quite confident that the excessively slow add() operation can be much improved, and other areas can be somewhat improved. (This used to be commit 1dd865005594671e7effe06fb088fa97fa08de0b)
2007-10-10r7827: Add in-memory keytab to Samba4, using the new MEMORY_WILDCARD keytabAndrew Bartlett13-231/+322
support in Heimdal. This removes the 'ext_keytab' step from my Samba4/WinXP client howto. In doing this work, I realised that the replay cache in Heimdal is currently a no-op, so I have removed the calls to it, and therefore the mutex calls from passdb/secrets.c. This patch also includes a replacement 'magic' mechanism detection, that does not issue extra error messages from deep inside the GSSAPI code. Andrew Bartlett (This used to be commit c19d5706f4fa760415b727b970bc99e7f1abd064)
2007-10-10r7816: Implementation of "shortcut" function for those (probably many) whoRafal Szczesniak3-4/+126
don't like to bother with netbios type names when looking for common types: hosts (servers) and domain controllers. Also, apropriate tests rafal (This used to be commit 50cd94be0f876a3463aa58b7e0898e6b3340c4c2)
2007-10-10r7814: Propagate the change in resolve_name_send function.Rafal Szczesniak1-1/+1
(This used to be commit 7abd634701e2f07ad0497cdbb41467b8911369c7)
2007-10-10r7813: Make async request independent from config file routines.Rafal Szczesniak1-11/+3
rafal (This used to be commit 84315cdf0d535ed0fe43bfc7cc4c83bc405c2cfb)
2007-10-10r7810: don't give errors when the ldap server sends us reference repliesAndrew Tridgell1-1/+2
(This used to be commit f2b2d2626f5eb4fbd7d7c5cdcde486d00fc19447)
2007-10-10r7808: fixed the build of ldb after the binary file support in ldif was addedAndrew Tridgell1-1/+3
(This used to be commit 0a8c722c8017e20635223b2c5dfc58759478312c)
2007-10-10r7806: add test for binary files as attribute valuesSimo Sorce3-0/+8
(This used to be commit 2b2675055e5113eccb0b876799b226d480335495)
2007-10-10r7805: add support to read binary files into attributes data like ldap tools ↵Simo Sorce1-3/+73
does (This used to be commit 38a14396262eeb279d67c2f0da06bfa0706a3be4)
2007-10-10r7804: added the samba specific ldif handlers into the tree, but don't enableAndrew Tridgell6-5/+146
them just yet. I have tested them, and they work fine, but enabling them will break code in rpc_server/ and samdb, so we need to fix that first (This used to be commit 07d459406b4c63e49141e0e533e1274b4052abf9)
2007-10-10r7803: added support in ldb for callers to setup ldif read/write functions,Andrew Tridgell3-10/+86
so that ldbedit, ldbsearch etc can display nice human readable ldif, while storing the data as binary blobs. This will be used for storing NDR encoded objectSid and similar attributes, while making the command line interface sane (This used to be commit 37e283089a846fc0608fef3981a3447300e33728)
2007-10-10r7802: Remove a junk file.Tim Potter1-71/+0
(This used to be commit a2d60dd878671d7ec4dbe631e8138d2279a2c6a4)
2007-10-10r7801: the ldap server needs this logic tooAndrew Tridgell2-0/+12
(This used to be commit 1dbb5bf2c1c6e11b3467b6eb1a2206c6299bc25b)
2007-10-10r7800: added the same request serialisation logic to our socket based rpcAndrew Tridgell3-0/+12
servers as I added to the smb server yesterday. This means rpc server code can assume it runs serially unless it explicitly sets the async flag on the request and returns (This used to be commit 8546adb56aa4dda608a176409c243b074aeca77d)
2007-10-10r7795: use a share specific allocation roundingAndrew Tridgell1-1/+2
(This used to be commit 9adacb0d1620d4cfadd515239b853977cf03a719)
2007-10-10r7793: allow integers in smb.conf to be specified in octal or hexAndrew Tridgell1-2/+2
(This used to be commit ce6257b316bc66a3fc554487099976a853d25ddd)
2007-10-10r7792: make the allocation size rounding in pvfs configurableAndrew Tridgell3-3/+8
(This used to be commit 1f35642bed1129d0834906b3e94e8868992d6eb9)
2007-10-10r7790: Allow remembering more configure-level data (andJelmer Vernooij4-6/+12
remember --enable-develop for now). (This used to be commit f385753a5224282dd2c228115622a6eb80624a5a)
2007-10-10r7784: give an error in ldb_tdb for invalid modify flags. The "whenChanged"Andrew Tridgell1-0/+3
bug was being silently ignored with the tdb backend because of this bug. A case where the ldap backend was right, and the tdb backend was wrong! (This used to be commit ddb26db763c314049043d80d27113226c0f2e656)
2007-10-10r7783: the whenChanged attribute is now handled by the timestamps module, andAndrew Tridgell1-3/+0
should not be handled here as well. I had to remove it from here as it was buggy anyway (it wasn't setting the modify flags, this making an invalid ldb_modify() request) (This used to be commit f267e9d5b7b40c9c8bf1aa67a00f42e2d3bb3bc5)
2007-10-10r7782: fixed an ordering problem with smb requests. I found this when I had ↵Andrew Tridgell2-0/+16
"sam database" set to the internal ldap server over loopback. The following happened: - DCERPC_AUTH3 request - auth requests calls ldb - ldb calls ldap - ldap calls our internal ldap server, triggering events - samrConnect from client - connect refused - SMBclose from client - causes dcerpc_pipe to be destroyed - AUTH3 continues - dies on freed pipe I chose this solution as it provides a guarantee that backends only have to think about async issues when they mark a request async. When they don't, this code guarantees that a second request won't happen on the same connection while processing the first one (This used to be commit 45487e8a1402c64d1c314befe8bd9f65587fd0d6)
2007-10-10r7781: finding the parent of a talloc ptr is trickier than it looks due to ↵Andrew Tridgell2-7/+27
the two-way tree nature of the data structure. I think I've finally got it right also added talloc_show_parents() for debugging (This used to be commit 5760ed20eed509b0b6e09e78c942dd0f70350fa9)
2007-10-10r7780: fixed a bug in talloc_find_parent_byname()Andrew Tridgell1-1/+1
(This used to be commit ee3fe42fb16821eedd564201d953042190f7826f)
2007-10-10r7779: use the parent event context in ldb_wrap_connect(). See the comment inAndrew Tridgell1-0/+10
the previous commit for the method. (This used to be commit b0ad505510b9df8e7f05fb646046114eb6b997ed)
2007-10-10r7778: added talloc_find_parent_bytype() and talloc_find_parent_byname()Andrew Tridgell3-0/+40
These provide a way to find a parent of a ptr that is of a given type. I will be using this to find the event context in smbd, relying on the fact that everything is a child of the top level event context. I did look at the alternatives, and found that passing the event context to just about every call in smbd was getting way too complex (we need to get it to anything that can do a ldb operation, as that can invoke ldap). So this method avoids a global, and seems to work nicely (This used to be commit bdb55c7a10a516b75652065e14f5acd09d24ab35)
2007-10-10r7777: allow for overriding the location of the sam databasein the ldap ↵Andrew Tridgell3-13/+27
server, using ldapsrv:samdb option. This allows the following: sam database=ldap://localhost ldapsrv:samdb=tdb:///home/tridge/samba/samba4/prefix/private/sam.ldb which allows us to test putting the sam on an ldap server using our own ldap server. This is a great stress test for the ldap code. (This used to be commit 40948ba3848e2cfd69ee5ef77031170a652e389b)
2007-10-10r7776: add a method for getting arbitrary opaque data into a ldb context, ↵Andrew Tridgell4-2/+45
for use by backends. Currently only EventContext is used in this way. (This used to be commit 9fa21b245843371f7777682ee4e5b98e2925b4d0)
2007-10-10r7775: solaris uses 'lo0' for loopback network, so by using lo* we should ↵Andrew Tridgell1-1/+1
cover both (This used to be commit 1a80ac6aa84ea547a64557f879a47556f477432d)
2007-10-10r7774: put $CONFIGURATION in one more placeAndrew Tridgell1-1/+1
(This used to be commit 5e35c7a5512363a6f6028beb387dd4c9d94965c8)
2007-10-10r7773: fixed the tls code for the non-GNUTLS caseAndrew Tridgell1-1/+1
(This used to be commit bc6bc84ef4ad3434c6cb8d94a8d7a105ad2fd8c2)
2007-10-10r7772: actually give the auth options to ldbsearch ....Andrew Tridgell1-5/+5
(This used to be commit 29edfb93829f1b940b741d001551e70e4380c830)