Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 4f07542143ddf5066f0360d965f26a8470504047)
|
|
- ldb_dn_get_linearized
returns a const string
- ldb_dn_alloc_linearized
allocs astring with the linearized dn
(This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
Break up auth/auth.h not to include the world.
Add credentials_krb5.h with the kerberos dependent prototypes.
Andrew Bartlett
(This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9)
|
|
records.
Andrew Bartlett
(This used to be commit 163f75372792b0afa72f48d64d78d82b72d8eda5)
|
|
argument.
This is a pointer to an element pointer. If it is not null it will be
filled with the pointer of the manipulated element.
Will avoid double searches on the elements list in some cases.
(This used to be commit 0fa5d4bc225b83e9f63ac6d75bffc4c08eb6b620)
|
|
(This used to be commit 6fad80bb09113a60689061a2de67711c9924708b)
|
|
to do
(This used to be commit ad75cf869550af66119d0293503024d41d834e02)
|
|
(This used to be commit c4b3c2b18c6df43c8a4808fab72bc45439ba9421)
|
|
file dependencies
(This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781)
|
|
credentials.
Consistantly rename these elements in the IDL to computer_name.
Fix the server-side code to always lookup by this name.
Add new, even nastier tests to RPC-SCHANNEL to prove this.
Andrew Bartlett
(This used to be commit 341a0abeb4a9f88d64ffd4681249cb1f643a7a5a)
|
|
The new RPC-SCHANNEL test shows that the full credentials state must
be kept in some shared memory, for some length of time. In
particular, clients will reconnect with SCHANNEL (after loosing all
connections) and expect that the credentials chain will remain in the
same place.
To achive this, we do the server-side crypto in a transaction,
including the fetch/store of the shared state.
Andrew Bartlett
(This used to be commit 982a6aa871c9fce17410a9712cd9fa726025ff90)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
|
|
Andrew Bartlett
(This used to be commit 949137e3122a3163a9fc923a418633a791364afe)
|
|
backend.
The idea is that every time we open an LDB, we can provide a
session_info and/or credentials. This would allow any ldb to be remote
to LDAP. We should also support provisioning to a authenticated ldap
server.
(They are separate so we can say authenticate as foo for remote, but
here we just want a token of SYSTEM).
Andrew Bartlett
(This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)
|
|
This patch changes the way lsb_search is called and the meaning of the returned integer.
The last argument of ldb_search is changed from struct ldb_message to struct ldb_result
which contains a pointer to a struct ldb_message list and a count of the number of messages.
The return is not the count of messages anymore but instead it is an ldb error value.
I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good
amount of places. I also tried to double check all my changes being sure that the calling
functions would still behave as before. But this patch is big enough that I fear some bug
may have been introduced anyway even if it passes the test suite. So if you are currently
working on any file being touched please give it a deep look and blame me for any error.
Simo.
(This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
|
|
header.
Andrew Bartlett
(This used to be commit a665b56085cbf89c6deaeef0deaed31fcbc07458)
|
|
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
|
|
ldap. Also ensure we put a objectclass on our private ldb's, so they
have some chance of being stored in ldap if you want to
(This used to be commit 1af2cc067f70f6654d08387fc28def67229bb06a)
|
|
safe) as it is removed on smbd restart
(This used to be commit 0951db6a89d15792ee1ea6b9f37c45486958ad57)
|
|
distinguished names
Provide more functions to handle DNs in this form
(This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
|
|
should allow us to ditch the local static storage for OIDs, as well as
fix the build on non-heimdal platforms.
Andrew Bartlett
(This used to be commit a7e2ecfac9aaacd673e3583b62139e4f4e114429)
|
|
error cases.
Andrew Bartlett
(This used to be commit 24f98f32aae3b8c45283715b27fa67b1d2e5c0f2)
|
|
some ldif
- init the schannel.ldb with some CASE_INSENSITIVE attributes
(This used to be commit e6376b24303dc513e15c7e640c8c1c8d8ca11091)
|
|
auth/gensec and auth/kerberos.
This also pulls the kerberos configure code out of libads (which is
otherwise dead), and into auth/kerberos/kerberos.m4
Andrew Bartlett
(This used to be commit e074d63f3dcf4f84239a10879112ebaf1cfa6c4f)
|