summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-10-19s4-dsdb Reset the error string after 'expected' errors.Andrew Bartlett1-0/+1
This helps ensure that we don't get confusing error strings in the logs on other error cases. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 19 12:16:07 UTC 2010 on sn-devel-104
2010-10-19s4-dsdb Add module to send only 'simple' DNs to OpenLDAP backendsAndrew Bartlett3-2/+83
If we send the full extended DN, then we risk standards-complient LDAP servers rejecting it as invalid. Only the DN portion is needed to resolve the record in any case, and any SID or GUID componenets have already been evaluated into the DN. Andrew Bartlett
2010-10-19s4-dsdb Allow LDB_ERR_INVALID_DN_SYNTAX in dsdb_load_partition_usnAndrew Bartlett1-1/+1
This will happen on an OpenLDAP backend, because @ records are invalid in LDAP. We don't have these sequence numbers in this case. Andrew Bartlett
2010-10-19s4-auth Add DEBUG() for invalid DNs and errors expanding user groups.Andrew Bartlett1-0/+5
Against the OpenLDAP backend, I currently get failures. This makes it possible to debug those failures. Andrew Bartlett
2010-10-19ldb:"ldb_schema_attribute_by_name_internal" - support the whole unsigned int ↵Matthias Dieter Wallnöfer1-7/+5
range Commit 8556602b048e825b35df314d6865f997823ec2bb wasn't quite right - it only restored the functionality on the positive integer range. This one however should now really support the whole unsigned range. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Oct 19 10:52:08 UTC 2010 on sn-devel-104
2010-10-19s4:dsdb/schema/schema_init.c - remove a duplicated "talloc_free"Matthias Dieter Wallnöfer1-1/+0
2010-10-19s4:samdb.py - remove a pointless commentMatthias Dieter Wallnöfer1-1/+0
We are only looking for the default DN - but the method name already tells us this. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Oct 19 10:03:12 UTC 2010 on sn-devel-104
2010-10-19s4:samdb.py - use a more standard way to get to the domain realm/dns nameMatthias Dieter Wallnöfer1-1/+2
We do always use the canonical name as a base if we don't have it around yet.
2010-10-19Addition of userPrincipalName attribute when new account is createdLukasz Zalewski1-0/+2
2010-10-19s4-gensec Don't give more to sasl_encode() than it will permitAndrew Bartlett1-3/+10
We need to ask the library how much data to pass in at any time. Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 19 08:37:45 UTC 2010 on sn-devel-104
2010-10-19s4-gensec Don't upgrade all DIGEST-MD5 connections to sealAndrew Bartlett1-12/+21
The issue here is that when props.max_ssf = UINT_MAX was always set, as was the maxbufsize, and the connection would always be upgraded, regardless of the callers wishes. Andrew Bartlett
2010-10-19s4-provisionbackend Allow a fixed URI to be specified for LDAP backendAndrew Bartlett3-54/+72
This is added to make the 'existing' LDAP backend class more useful, and to allow debuging of our OpenLDAP backend class with wireshark, by forcing the traffic over loopback TCP, which is much easier to sniff. Andrew Bartlett
2010-10-19s4-provision Remove serverdn parameter from Schema()Andrew Bartlett4-14/+7
We don't need to know the server DN here any more, and it makes no sense for many callers. Andrew Bartlett
2010-10-19s4-dsdb: register the DCPROMO_OID control with the rootdseAndrew Tridgell1-0/+7
this is needed to allow it over ldap Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Oct 19 04:44:23 UTC 2010 on sn-devel-104
2010-10-19selftest: terminate selftest if we can't setup the environmentAndrew Tridgell1-2/+3
2010-10-19s4-ldb: increase minor version for 2 new functionsAndrew Tridgell2-1/+229
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Tue Oct 19 01:27:44 UTC 2010 on sn-devel-104
2010-10-19s4-ldap: mark all ldap:// requests as untrustedAndrew Tridgell1-0/+21
this allows the rootdse module to filter unregistered controls Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-19s4-dsdb: filter unregistered controls in the rootdse moduleAndrew Tridgell1-19/+84
if we get an unregistered control in the rootdse module, and the request comes from an untrusted source (eg. ldap://) then we need to: 1) filter the control out if it is marked non-critical 2) give an error if it is marked critical Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-19s4-ldb: cope with NULL oid in controlsAndrew Tridgell2-9/+11
the ldap server will mark a control with a NULL oid in order to remove it. This prevents a O(n^2) cost in control handling. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-19s4-ldb: added --relax cmdline optionAndrew Tridgell1-0/+9
this adds the relax control
2010-10-19s4-ldb: added ldb_req_mark_untrusted() and ldb_req_is_untrusted()Andrew Tridgell3-0/+30
these will be used to determine if a ldb request comes from an untrusted source. We want requests over ldap:// to be marked untrusted so we can reject unregistered controls Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-10-19waf: put -Wl,-no-undefined only in the linker flags, not when compiling CAndrew Tridgell3-6/+31
2010-10-19waf: don't save deps on installAndrew Tridgell1-1/+2
this prevents an install triggering a new check of the project rules on the next build
2010-10-19waf: automap shared library names from .so to the right extensionAndrew Tridgell4-11/+58
this should help with MacOSX .dylib libraries
2010-10-19readline: fixed the test for history_list()Andrew Tridgell1-1/+1
2010-10-19replace: cope with systems that have fdatasync(), but don't have the prototypeAndrew Tridgell3-1/+7
this is needed for MacOSX 10.4.1
2010-10-18s4:ldap_server - use error code constantMatthias Dieter Wallnöfer1-1/+1
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Oct 18 20:32:40 UTC 2010 on sn-devel-104
2010-10-18ldb: always return PROTOCOL_ERROR if an operation is unsupportedMatthias Dieter Wallnöfer4-4/+4
That's exactly the behaviour of various LDAP servers.
2010-10-18selftest: use full path for selftest.pl instead of relative pathsMatthieu Patou1-1/+2
FindBin on solaris8 with perl 5.04 has problem to get the path of the called script if the script is called with a relative path. Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Mon Oct 18 19:50:03 UTC 2010 on sn-devel-104
2010-10-18selftest: correct the import of Time::HighResMatthieu Patou1-2/+3
The "use" is always evaluated first even if enclosed into a if. So on plateform without Time::Hires (ie. sun8 in the build farm). This leads to an error. Instead we use the synthax require Module + Module->import("function")
2010-10-18ldb:"ldb_schema_attribute_by_name_internal" - switch back to 32bit countersMatthias Dieter Wallnöfer1-4/+5
Use the signed counter for the binary search but use an unsigned one for accessing the entry. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Oct 18 19:01:31 UTC 2010 on sn-devel-104
2010-10-18ldb:ldb_tdb.c - fix up counter variablesMatthias Dieter Wallnöfer1-5/+8
"find_element" returns an "int" since there is also the possibility that a certain element doesn't exist - then "-1" is returned. But beside this exception treat all other return values as unsigned.
2010-10-18ldb:ldb_tdb.c - improve the error outputsMatthias Dieter Wallnöfer1-13/+25
- Fix indentation - Include always the failing DN - Reorder the outputs to make them consistent
2010-10-18s4:"util_ldb" - remove some really unused dependanciesMatthias Dieter Wallnöfer11-11/+4
2010-10-18libcli/nbt: we don't need LIBCLI_COMPOSITE anymoreStefan Metzmacher1-1/+1
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Mon Oct 18 16:18:32 UTC 2010 on sn-devel-104
2010-10-18libcli/nbt: convert nbt_name_register_bcast_send/recv to tevent_reqStefan Metzmacher3-93/+114
metze
2010-10-18libcli/nbt: s/name_register_bcast_handler/nbt_name_register_bcast_handlerStefan Metzmacher1-4/+4
metze
2010-10-18libcli/nbt: s/register_bcast_state/nbt_name_register_bcast_state/Stefan Metzmacher1-4/+4
metze
2010-10-18libcli/nbt: move nbt_name_register_bcast_send to the top of ↵Stefan Metzmacher1-49/+51
nbt_name_register_bcast_* metze
2010-10-18s4:nbt_server/register: add a nbtd_register_name_stateStefan Metzmacher1-21/+36
metze
2010-10-18libcli/nbt: convert nbt_name_register_wins_send/recv to tevent_reqStefan Metzmacher3-111/+165
metze
2010-10-18libcli/nbt: s/name_register_wins_handler/nbt_name_register_wins_handlerStefan Metzmacher1-5/+5
metze
2010-10-18libcli/nbt: s/register_wins_state/nbt_name_register_wins_stateStefan Metzmacher1-7/+7
metze
2010-10-18libcli/nbt: move nbt_name_register_wins_send() to the top of all ↵Stefan Metzmacher1-59/+60
nbt_name_register_wins_* related code metze
2010-10-18s4:nbt_server/winsclient: add a nbtd_wins_register_stateStefan Metzmacher1-34/+48
We now keep the nbtd_wins_register_state around between nbt_name_register_wins_send() and nbt_name_register_wins_recv() metze
2010-10-18libcli/nbt: convert nbt_name_refresh_wins_send/recv to tevent_reqStefan Metzmacher4-102/+151
metze
2010-10-18libcli/nbt: s/name_refresh_wins_handler/nbt_name_refresh_wins_handlerStefan Metzmacher1-5/+5
metze
2010-10-18libcli/nbt: s/refresh_wins_state/nbt_name_refresh_wins_stateStefan Metzmacher1-7/+7
metze
2010-10-18libcli/nbt: move nbt_name_refresh_wins_send() to the top of all ↵Stefan Metzmacher1-57/+59
nbt_name_refresh_wins_* related code metze
2010-10-18s4:nbt_server/winsclient: add a nbtd_wins_refresh_stateStefan Metzmacher1-42/+50
We now keep the nbtd_wins_refresh_state around between nbt_name_refresh_wins_send() and nbt_name_refresh_wins_recv() metze