Age | Commit message (Collapse) | Author | Files | Lines |
|
They use talloc_tos() internally: hoist that up to the callers, some
of whom don't want to us talloc_tos().
A simple patch, but hits a lot of files.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
|
|
In order to support other bind methods, introduce a generic bind callback.
When smbldap_state.bind_callback is set, it means there is an alternative
way to perform LDAP bind to ldap_simple_bind_s() so call it instead.
The call is wrapped in become_root()/unbecome_root() to allow proper permissions
in smbd to access needed resources in the callback, for example, credential caches.
When run outside smbd, become_root()/unbecome_root() are no-op.
The API expectation is similar to ldap_simple_bind_s().
A caller of smbldap API can pass additional information to the callback by setting
smbldap_state.bind_callback_data pointer.
Both callback and the data pointer elements of smbldap_state structure get
cleaned up if someone sets proper credentials on smbldap_state with
smbldap_set_creds() so if you are interested in using smbldap_state.bind_dn
with the callback, make sure to set callback after credentials are set.
|
|
The performance of these is minimal (these days) and they can return
invalid results when used as part of applications that do not use
sys_fork().
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 24 21:55:41 CET 2012 on sn-devel-104
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Guenther
|
|
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Aug 20 20:09:37 CEST 2011 on sn-devel-104
|
|
get_cached_ldap_connect(), which much better describes it's function.
Now we always break at the right places in the loop, we can replace
the while (another_ldap_try(ldap_state, &rc, &attempts, abs_endtime))
construct with simply while (1).
|
|
|
|
early out of the loop on success.
|
|
functions that bracket the another_ldap_try() loop. We now never leave a
dangling alarm pending on success.
|
|
lp_ldap_timeout() == 0.
|
|
the LDAP timeout is zero.
|
|
|
|
|
|
|
|
do the alarm termination of the the ldap search a bit delayed so the LDAP
server has a chance to tell us that the time limit was reached and the
search was abandoned. If the search is terminated this way we also get
the correct LDAP return code in the logs. If alarm() stops the search the ldap
search routine will report that the LDAP server is down which would trigger us
to rebind to the server needlessly which we also want to avoid.
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jul 1 12:37:50 CEST 2011 on sn-devel-104
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
ensure the event is canceled if the smbldap_state gets freed
this fixes a panic of winbindd if verify_idpool fails
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_P isn't standard talloc.
|
|
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
|
|
strcasecmp_m() never needs to call to talloc, and via next_codepoint()
still has an ASCII fast-path bypassing iconv() calls.
Andrew Bartlett
|
|
|
|
|
|
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
|
|
Makes these interfaces much harder to misuse and easier to ensure error
checking.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 30 23:59:37 CEST 2011 on sn-devel-104
|
|
convert_string*()
we shouldn't accept bad multi-byte strings, it just hides problems
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
|
|
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.
This includes (along with other security headers) dom_sid.h and
security_token.h
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
|
|
|
|
tevent would need monotonic clock features to make also smbldap's idle handling
aware of backward clock jumps. Other areas in smbldap are clock jump save now.
|
|
Guenther
|
|
Guenther
|
|
|
|
|
|
metze
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit c992127f8a96c37940a6d298c7c6859c47f83d9b)
|
|
Thanks to Dan Cox for initial patch for 3.0. This closes #2350.
|
|
This parameter will be introduced with Samba 3.5.0.
Karolin
|
|
Jeremy.
|
|
Fix bug #6717.
|
|
Karolin
|
|
|
|
|
|
|