Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
We will have arrays of controls passed to tldap.c. Follow a mantra from the
classic book "Thinking Forth" by Leo Brodie: Favor counts over terminators :-)
This makes the parameter lists to tldap pretty long, but everyone will have
wrapper routines anyway, see for example tldap_search_fmt. And the OpenLDAP
manpages call the non-_ext routines deprecated, probably for a reason.
|
|
The samba4 password_hash module does not allow changing the password fields via
the "delete oldval" -> "add newval" set of modify operations, it requires a
single "replace with newval" operation.
Andrew, Samba3 by default uses that delete/add pair to detect if between
fetching the old value and storing the new one the old value has changed. This
is lost by using the "replace" operation.
Would it make sense to add this to the password_hash module?
Volker
|
|
|
|
|
|
Jeremy.
|
|
always return queue here as the caller will free.
Jeremy.
|
|
Jeremy.
|
|
Jeremy.
|
|
Jeremy.
|
|
This skips the talloctort and tdbtorture tests when the
corresponding binaries are not present.
There might be more clever ways of detecting wether samba
has been linked with internal or external libraries, but
as a first approximation, this seems valid.
Michael
|
|
Fixes the build with the external libtalloc.
And is the reasonable thing to do anyways.
Michael
|
|
This fixes the build when internal libtdb is used.
Michael
|
|
tdbtorture is linked with LIBTDB_LIBS, which is whatever
configure has determined to be (-ltdb or LIBTDB_OBJ ...).
Michael
|
|
Link internal libtalloc statiaclly if extenal libtalloc is not found
or does not have appropriate version.
Michael
|
|
Michael
|
|
"net ads leave" stopped working when "modify properties"
permissions were not granted (meaning you had to be allowed
to disable the account that you were about to delete).
Libnetapi should not delete machine accounts, as this does not
happen on win32. The WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE flag
really means "disable" (both in practice and docs).
However, to keep the functionality in "net ads leave", we
will still try to do the delete. If this fails, we try
to do the disable.
Additionally, it is possible in windows to not disable or
delete the account, but just tell the local machine that it
is no longer in the account. libnet can now do this as well.
|
|
|
|
In copy_internals(), if the !CAN_WRITE(conn) kicks in, we end up
dereferencing a NULL smb_filename.
This adds a simple protection around it.
Tim, please check!
Volker
|
|
This fixes bug #6412.
Thanks to Carsten Dumke <carsten [at] cdumke.de> for reporting!
Karolin
|
|
|
|
|
|
|
|
This adds the ability to attach extended information to a tldap_context. This
will become useful once we start to do automatic reconnects for example, a
callback function might want attach a pointer to credentials so that it can
rebind.
The initial user of this will be a cached rootdse, so that things like the
ability to do paged searches can be cached.
|
|
Patch from William Jojo sent to samba-technical:
This is based on some pain felt when building 32-bit and 64-bit Clustered Samba
on AIX with GPFS support.
Part of the problem lies in AIX only providing 32-bit shared object in
libxdsm.a(shr.o). So without libdmapi.a from gpfs.base, you get no DMAPI
support under 64-bit.
|
|
Guenther
|
|
|
|
This allows us some time to get the EXTERNAL bind working
|
|
|
|
|
|
This keeps the restriction for stream sockets (where the caller will
retry), without creating problems on datagram sockets (CLDAP is not
defined, as far as I know, across multiple UDP packets).
The commit adding this restriction was
47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d
Andrew Bartlett
|
|
This makes it clear to our users that this particular implementation
isn't final (all parties are agreed that an EXTERNAL bind is the right
way to do this, but it has not been implemented yet).
Andrew Bartlett
|
|
|
|
|
|
This keeps the restriction for stream sockets (where the caller will
retry), without creating problems on datagram sockets (CLDAP is not
defined, as far as I know, across multiple UDP packets).
The commit adding this restriction was
47b106c0ae8b91c9cccfc21bf8e4e416b1abfd5d
Andrew Bartlett
|
|
This uses groupType as the example, but this actually applies to all
integer types in AD.
Andrew Bartlett
|
|
This fixes an uninitialised structure. It has been found through valgrind
in the RAW-ACLs test suite (Bug #6397).
|
|
I tried hard to not change the program logic. Should fix bug #6439.
|
|
- LDB handles now all 32-bit integer attributes correctly (also with overflows)
according to the schema
- LDAP backends handle the attributes "groupType", "userAccountControl" and
"sAMAccountType" correctly. This handling doesn't yet use the schema but
the conversion file "simple_ldap.map.c" which contains them hardcoded.
Did also a refactoring of the conversion function there.
- Bug #6136 should be gone
|
|
Based on patch from Blindauer Emmanuel <samba@mooby.net>.
Guenther
|
|
|
|
down from above (as const).
Jeremy.
|
|
Fix a couple more unix_convert uses to filename_convert.
Fix bug in acl_group_override() where an uninitialized
struct could be used. Move unix_convert with wildcard
use in SMBsearch reply to boilerplate code.
Jeremy.
|
|
resolve_dfspath() -> unix_convert() -> get_full_smb_filename() -> check_name()
with a new function filename_convert().
This restores the check_name() calls that had gone missing
since the default create_file was changed. All "standard"
pathname processing now goes through filename_convert().
I'll take a look at the non-standard pathname processing
next. As a benefit, fixed a missing resolve_dfspath()
in the trans2 mkdir call.
Jeremy.
|
|
That function could return emtpy blobs for username and ccache for e.g. cached
logins.
Guenther
|
|
Guenther
|