Age | Commit message (Collapse) | Author | Files | Lines |
|
Guenther
|
|
metze
|
|
address
E.g. this helps for DNS CNAME and SRV results.
metze
|
|
metze
|
|
metze
|
|
That means we now return all ip addresses instead of just the first one.
metze
|
|
This "dns_ex" module provides flexible lookup methods
for dns lookups.
The getaddrinfo() part looks at /etc/hosts and dns.
As it handles CNAME replies badly we fallback
to use dns_lookup(name, "A").
The dns_lookup() makes DNS SRV lookups possible.
This module is not a real resolve module, it's just
a generic helper as the nbtlist.c code is.
The next step will be that the "host" module will
use the dns_ex.c code.
metze
|
|
headers too
metze
|
|
remote server
metze
|
|
metze
|
|
metze
|
|
Reported by naga_kishore_kommuri@yahoo.com
Derrel, please check!
Thanks,
Volker
(cherry picked from commit 3356b95f72e26ede4ab16a12c334be90b8b1a639)
|
|
PAM_AUTHTOK_RECOVERY_ERR is not defined by older Linux versions (SUSE
Linux Enterprise 9 and RedHat Enterprise 4).
Patch suggested by Philipp Thomas <pth at suse dot de>.
|
|
Karolin
|
|
LDAP_SSL_ON is not defined at all.
Ldaps can be used by specifying an ldaps URL using the "passdb backend"
parameter.
Karolin
|
|
Remove non-existent value "on".
Change default value to "no".
Add hint about ldaps.
Karolin
|
|
LDAP_SSL_ON is not defined at all. That's why the actual default value
was "" for a long time. Set a more sensible default value without chnging the
default behaviour.
-----8<------------------snip--------------8<--------------
user@host:/data/git/samba/v3-0-test/source> git grep LDAP_SSL_ON | cat
include/smb.h:enum ldap_ssl_types {LDAP_SSL_ON, LDAP_SSL_OFF,
LDAP_SSL_START_TLS};
param/loadparm.c: Globals.ldap_ssl = LDAP_SSL_ON;
----->8------------------snap-------------->8--------------
It's the same in 3.2 and 3.3 series.
Karolin
|
|
Karolin
|
|
This should fix the OpenChange build
metze
|
|
metze
|
|
metze
|
|
This commit will not compile on its own.
metze
|
|
This adds a lua command line interpreter with some sample code how to build
your own data types based on our internal data types.
Not meant as the final word, but as a playground for experiments for people.
Might be removed later when we find this turns out to be too awkward.
|
|
|
|
Available under the MIT license.
Adding it to see how the build farm likes it. They claim to be 100% pure
ANSI C and compile everywhere. Lets see. If it breaks badly, we can remove
it again.
|
|
We should only include events.h where we really need it
and prefer forward declarations of 'struct event_context'
metze
|
|
This fixes bug #5968.
Thanks to Christian Perrier <bubulle@debian.org> for reporting!
Karolin
|
|
A build warning uncovered a bug where a pointer was being passed in
instead of the dereferenced value of the pointer.
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
The extended_dn_out module provides the functionality now.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
depending on the backend
This just changes the existing stratagy of loading different modules
for the OpenLDAP backend to also include extended_dn_out_*
When we provision the OpenLDAP backend, we make sure to include the
'deref' overlay (which must be made available by the OpenLDAP build)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
extended_dn_store.
By splitting the module, the extended_dn_in and extended_dn_store
moudles can use extended_dn_out to actually get the extended DN. This
avoids code duplication.
The extended_dn_out module also contains a client implementation of
the OpenLDAP dereference control (draft-masarati-ldap-deref-00).
This also introduces a new control
'DSDB_CONTROL_DN_STORAGE_FORMAT_OID' to ask the extended_dn_out module
to return whatever the 'storage format' is. This allows us to work
with both OpenLDAP (which performs a dereference at run time) and LDB
(which stores the GUID and SID on disk).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This means that linked attributes will always have the same case form
as the actaul entry, as we search for that entry. We then also use
the GUID and SID found on that entry to fill in the extended DN on disk.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
These tests are for both the new extended DN functionality (and were
vital in finding bugs during implementation) and for the normal DN
parsing and comparison routines.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This uses an early peek at the extended_dn_control (in the request) to see what output
format to use.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This provides the two extended DN handlers for the GUID and SID types,
and makes the parsing more strict (where possible, it uses
ndr_pull_struct_blob_all(), to cause an error if trailing data is
found).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
When things go wrong with LDB, this routine seems to be particularly
sensitive to it. This extra debugging should help the next poor soul who
breaks LDB.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This fixes a bug in the ldb.i python wrapper, that showed up under valgrind.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This allows searches with the extended DN control to still print the
extended DN in ldif output (it would otherwise be parsed and hidden in
the structure).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Encode and decode the OpenLDAP dereference control (draft-masarati-ldap-deref-00)
At this time, the ldb_controls infrustructure does not handle request
and reply controls having different formats, so this is purely the
client implementation (ie, there is no decode of the client->server
packet, and no encode of the server->client packet).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
The OpenLDAP dereference control (draft-masarati-ldap-deref-00) uses
an attribute list, as found in the search reply, but without one
enclosing ASN1_SEQUENCE(0)
This allows the dereference control parsing code to use this as a
helper function.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Whenever we pass a DN to the LDAP server, we now use
ldb_dn_get_extended_linearized(). This allows us to send the extended
DN if set, and therefore allows searches of the form
'<GUID=aaa45ea0-94cd-45e9-8753-abe455d9a8f1>'.
We actually use the '0' format (GUID=aaa45ea094cd45e98753abe455d9a8f1)
because it is more widely supported (by Win2k in particular).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This introduces a new set of pluggable syntax, for use on the
extended DN, and uses them when parsing the DN.
If the DN appears to be in the extended form, we no longer return the
full DN 'as is', but only return the normal part from
ldb_dn_get_linearized().
When validating/parsing the DN we validate not only the format of the
DN, but also the contents of the GUID or SID (to ensure they are
plausable).
We also have functions to set and get the extended components on the DN.
For now, extended_dn_get_linearized() returns a newly constructed and
allocated string each time.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|