summaryrefslogtreecommitdiff
path: root/source3/libads
AgeCommit message (Collapse)AuthorFilesLines
2008-04-26Fix bug 5419: memory leak in ads_do_search_all_args() when enumerating 1000s ↵Steven Danneman1-2/+24
of entries The ads_do_search_all_args() function attempts to string together several LDAPMessage structures, returned across several paged ldap requests, into a single LDAPMessage structure. It does this by pulling entries off the second LDAPMessage structure and appending them to the first via the OpenLDAP specific ldap_add_result_entry() call. The problem with this approach is it skips non-entry messages such as the result, and controls. These messages are leaked. The short term solution as suggested by Volker is to replace the ads_*_entry() calls with ads_*_message() calls so we don't leak any messages. This fixes the leak but doesn't remove the dependence on the OpenLDAP specific implementation of ldap_add_result_entry(). (This used to be commit f1a5405409c396df394611e2a234522572d2860a)
2008-04-25Move user/domain from rpc_pipe_client to cli_pipe_auth_dataVolker Lendecke1-1/+2
(This used to be commit 42de50d2cd43e760d776694f7b5f003ba51d7f84)
2008-04-21cldap: avoid duplicate definitions so remove ads_cldap.h.Günther Deschner1-4/+4
Guenther (This used to be commit 538eefe22ad69540b9f73ffaa613d6be045de199)
2008-04-21cldap: add talloc context to ads_cldap_netlogon().Günther Deschner2-14/+30
Guenther (This used to be commit 4cee7b1bd5cd97c414b73d6f39238958480cdcf3)
2008-04-21libads: Use libnbt for CLDAP reply parsing.Günther Deschner2-105/+24
Guenther (This used to be commit 751f3064a508341c0ebae45e8de9f5311d915d70)
2008-04-20Use rpc_pipe_client->user_name instead of rpc_pipe_client->cli->user_nameVolker Lendecke1-1/+1
Also make sure that rpc_pipe_client->user_name is always talloced. (This used to be commit 3f6c5b99664a75a6f490ee3b6980b89cacf7f579)
2008-04-20Fix two "ignoring asprintf result" warningsVolker Lendecke1-3/+2
(This used to be commit 1d261e78b38e8080ca7122037d33c8ef913a4558)
2008-04-20Add "desthost" to rpc_pipe_clientVolker Lendecke1-1/+1
This reduces the dependency on cli_state (This used to be commit 783afab9c891dd7bcb78895b2a639b6f3a0edf5b)
2008-04-10Fix typo.Karolin Seeger1-1/+1
Karolin (This used to be commit 42fbbeb1caf93e4e17bb62f31ff90a853bd169fb)
2008-04-09Fix typos.Karolin Seeger1-1/+1
Karolin (This used to be commit 6cee34703503fbf3629057345fe221b866560648)
2008-03-28Add ads_check_ou_dn().Günther Deschner1-0/+47
Guenther (This used to be commit 380e9d26db5341d10807ccbfb413d0f53d3ffc71)
2008-03-23Fix Coverity ID 488Volker Lendecke1-0/+2
"status" was used uninitialized on success -- metze, please check (This used to be commit a0859529c853ffb756b1deee946923b6fff6136e)
2008-03-23Fix Coverity ID 487Volker Lendecke1-0/+1
(This used to be commit 22cee9c1afbc33b4920b72bc81569d79642172af)
2008-03-17Coverity fixesMarc VanHeyningen3-6/+22
(This used to be commit 3fc85d22590550f0539215d020e4411bf5b14363)
2008-03-10Use a separate tdb for mutexesVolker Lendecke1-9/+6
Another preparation to convert secrets.c to dbwrap: The dbwrap API does not provide a sane tdb_lock_with_timeout abstraction. In the clustered case the DC mutex is needed per-node anyway, so it is perfectly fine to use a local mutex only. (This used to be commit f94a63cd8f94490780ad9331da229c0bcb2ca5d6)
2008-03-08Fix Coverity ID 551Volker Lendecke1-0/+2
Correctly return if we can't create the temporary krb5.conf Jeremy, please check! (This used to be commit c2401811aa3d02a9e27969687b9ea035407000c3)
2008-02-27Add my copyright.Günther Deschner1-1/+1
Guenther (This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
2008-02-25Fix some warningsVolker Lendecke1-7/+15
warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result (This used to be commit ad37b7b0aee265a3e4d8b7552610f4b9a105434d)
2008-02-17Fix some more callers of PAC_DATA.Günther Deschner1-1/+1
Guenther (This used to be commit ea609d1b0e82d7c366dd73013228003136264b64)
2008-02-17Some more cleanup in authdata.c.Günther Deschner1-621/+7
Guenther (This used to be commit 5483f5fb44bb2138a1348c05845a2b8f3588697a)
2008-02-17Align our krb5 PAC decoding routines to the samba4 ones.Günther Deschner1-234/+224
(while keeping all the trans krb5 lib support) Guenther (This used to be commit c06e507737bb07ff995876e49341de3f60b0da35)
2008-02-04str_list_free is not needed anymoreVolker Lendecke1-2/+2
(This used to be commit feddc1447d585fd108d22a36bccc576fa81197ef)
2008-02-04Always pass a TALLOC_CTX to str_list_make and str_list_copyVolker Lendecke1-2/+2
(This used to be commit e2c9fc4cf5f0ff725330fa44f53782db65fca37e)
2008-01-31When running with debug level > 10, dump ads_struct in ads_connect().Günther Deschner1-9/+33
Guenther (This used to be commit 2dd7c64fa8845fe502789068b877f5eaf060afc7)
2008-01-29Fix the build. Avoid unrequired ndr_print_ads_struct dependencies.Günther Deschner1-0/+118
Guenther (This used to be commit c832882e49ff0dac6a717819dda24ab814253b2f)
2008-01-28Restrict the enctypes in the generated krb5.conf files to Win2003 types.Gerald W. Carter1-4/+8
This fixes the failure observed on FC8 when joining a Windows 2008 RC1 domain. We currently do not handle user session keys correctly when the KDC uses AES in the ticket replies. (This used to be commit 8039a2518caae54bc876368c73ec493f3cd4eb73)
2008-01-23strtok -> strtok_rVolker Lendecke1-3/+4
(This used to be commit fd34ce437057bb34cdc37f4b066e424000d36789)
2008-01-17Finally enable pidl generated SAMR & NETLOGON headers and clients.Günther Deschner1-6/+6
Guenther (This used to be commit f7100156a7df7ac3ae84e45a47153b38d9375215)
2008-01-16Tidy up code and debug for non-default krb5 IPv6 port.Jeremy Allison1-9/+15
Jeremy. (This used to be commit 79b7972de4c2a8c71e37642ddf7e5bbed53dd58a)
2008-01-16Fix IPv6 bug #5204, which caused krb5 DNS lookupsJeremy Allison1-13/+56
for a name '[<ipv6 addr>'. Jeremy. (This used to be commit f2aa921505e49f894bfed4e5e2f9fc01918b1bb0)
2008-01-16Fix memleak in ads_build_path().Günther Deschner1-5/+11
Guenther (This used to be commit b7a06b54e0a58c4cd6c5351b1e4a0a2c253cfea1)
2008-01-14Print principal in debug statement in kerberos_kinit_password() as well.Günther Deschner1-1/+2
Guenther (This used to be commit 44d67e84625a2a1a93baecef0e418b48e982443b)
2008-01-11Fix CID 476. Ensure a valid pac_data pointer is always passed toJeremy Allison1-2/+1
ads_verify_ticket as it's always derefed. Jeremy. (This used to be commit 0599d57efff0f417f75510e8b08c3cb7b4bcfcd8)
2008-01-11Coverity 512, uninitialized var.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 1b7cc80c61ccbf766801080f5a3f0260f40ccc17)
2008-01-08Do not ignore provided machine_name in ads_get_upn().Günther Deschner1-5/+5
Guenther (This used to be commit ddc1307844379f99b3dde48fc351d0326d22a7ce)
2008-01-04Re-Indent function ldap_open_with_timeout().Michael Adam1-1/+1
This reverts commit #cafda34783f0961c9b463803c19cfcb69f836e3f . I just learned (the hard way) that these indeted functions are not indented by accident but that the intention of this is to not include the prototype into proto.h. Michael (This used to be commit 2e5d01b2146bb9e057b2779d9fe7691ed46d9f45)
2008-01-04Add a debug message (when the LDAP server has really been connected).Michael Adam1-0/+1
Michael (This used to be commit 7d9d2de39072b3291b95ac3965df0d19f83792b9)
2008-01-04Untangle assignment and result check.Michael Adam1-3/+3
Michael (This used to be commit 465a3b356cffb855e26569d3752f15cac07208c0)
2008-01-04Enhance DEBUG-verbosity of ldap_open_with_timeout().Michael Adam1-1/+7
Michael (This used to be commit 9e70d1f24dd304c363a1bde97b5af618b46edc49)
2008-01-04Unindent function header.Michael Adam1-1/+1
Michael (This used to be commit cafda34783f0961c9b463803c19cfcb69f836e3f)
2008-01-04Fix a misleading DEBUG message.Michael Adam1-1/+1
At this stage, the (tcp) connection to the LDAP server has not been established, this is what is about to be attempted. What has been succesfully done, is a CLDAP netlogon query. Michael (This used to be commit 71c3c8ad4c92c5f6267b84ee1d207e5e49e9a4ec)
2008-01-03Add ads_get_joinable_ous().Günther Deschner1-0/+60
Guenther (This used to be commit 5bbceac88159ef6ff83d9cc62c77c7af2116967d)
2007-12-29Make use of [un]marshall_sec_descVolker Lendecke1-9/+11
(This used to be commit 54576733d6c0511dc7379f964b1cb035913b7c8d)
2007-12-26Add SMB encryption. Still fixing client decrypt butJeremy Allison1-0/+9
negotiation works. Jeremy. (This used to be commit d78045601af787731f0737b8627450018902b104)
2007-12-17While 'data' is usually 0 terminated, nothing in the spec requires that. The ↵Simo Sorce1-1/+4
correct way is to copy only 'length' bytes. Simo. (This used to be commit 814c1b0e0034fb67c7718760dfcf913904f3e7fa)
2007-12-16make use of unmarshall_sec_descVolker Lendecke1-19/+12
(This used to be commit ced0c42f055a672f6b4ab6ba809b0f63c83b431e)
2007-12-15Doh, fix typo in error exit.Jeremy Allison1-2/+2
Jeremy. (This used to be commit 44918f39c0598eec681eb9e5c65452f04809c375)
2007-12-15Added patch originally by Andreas Schneider <anschneider@suse.de>Jeremy Allison1-0/+52
to cause us to behave like Vista when looking for remote machine principal. Modified by me. Jeremy. (This used to be commit d0e33840fb4cfc85990d3ee327428b0854a22722)
2007-12-15s/sid_to_string/sid_to_fstring/Volker Lendecke1-1/+1
least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-15Replace sid_string_static with sid_to_stringVolker Lendecke1-1/+2
This adds 28 fstrings on the stack, but I think an fstring on the stack is still far better than a static one. (This used to be commit c7c885078be8fd3024c186044ac28275d7609679)