Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-11-24 | s4:objectclass LDB module - move one checks into the "objectclass derivation ↵ | Matthias Dieter Wallnöfer | 1 | -11/+17 | |
loop" This denies objects created from possible derivated classes from the prohibited ones. Also small cosmetic improvements for another check. | |||||
2010-11-24 | s4:objectclass LDB module - some more or less cosmetic return value macro ↵ | Matthias Dieter Wallnöfer | 1 | -14/+22 | |
changes Sometimes "ldb_module_oom" fits better than "ldb_operr" or "ldb_oom". | |||||
2010-11-20 | s4:repl_meta_data LDB module - fix a counter type | Matthias Dieter Wallnöfer | 1 | -2/+4 | |
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 20 22:32:06 CET 2010 on sn-devel-104 | |||||
2010-11-20 | s4:repl_meta_data LDB module - move the "objectGUID" checks a bit higher | Matthias Dieter Wallnöfer | 1 | -29/+29 | |
- they don't need the allocated "ac" context - some small code cleanups | |||||
2010-11-20 | s4:objectclass_attrs LDB module - add more delete protected attributes | Matthias Dieter Wallnöfer | 1 | -1/+4 | |
And enhance the testsuite | |||||
2010-11-20 | s4:samldb LDB module - objectclass trigger - reorder template attributes | Matthias Dieter Wallnöfer | 1 | -9/+10 | |
2010-11-20 | s4:acl LDB module - it's more correct to count the password attributes using ↵ | Matthias Dieter Wallnöfer | 1 | -3/+6 | |
"unsigned int" Since these are derived from a LDB result. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 20 11:29:07 CET 2010 on sn-devel-104 | |||||
2010-11-18 | s4/operational: Fix swapped parameters for ldb_msg_copy_attr | Anatoliy Atanasov | 1 | -2/+2 | |
Autobuild-User: Anatoliy Atanasov <anatoliy.atanasov@postpath.com> Autobuild-Date: Thu Nov 18 17:02:07 UTC 2010 on sn-devel-104 | |||||
2010-11-18 | s4:password_hash LDB module - remove unused headers | Matthias Dieter Wallnöfer | 1 | -3/+0 | |
2010-11-18 | s4:repl_meta_data LDB module - allow also special DNs to be renamed correctly | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
Do always escape RDN values - this fixes bug #7794 Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Thu Nov 18 10:43:40 UTC 2010 on sn-devel-104 | |||||
2010-11-17 | s4-repl: save the result of the last replication in repsFrom/repsTo | Andrew Tridgell | 1 | -5/+0 | |
when a replication fails, we should add the failure to repsFrom when a notify fails, we need to save it to repsTo this ensures showrepl always shows the latest status | |||||
2010-11-16 | s4:acl LDB module - use also here "dsdb_find_nc_root" to implement the ↵ | Matthias Dieter Wallnöfer | 1 | -28/+57 | |
NC-specific checks Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Nov 16 15:12:13 UTC 2010 on sn-devel-104 | |||||
2010-11-16 | s4:descriptor LDB module - also "get_default_ag" should make use of ↵ | Matthias Dieter Wallnöfer | 1 | -12/+12 | |
"dsdb_find_nc_root" | |||||
2010-11-16 | s4:descriptor LDB module - handle the NCs in a more generic way by using ↵ | Matthias Dieter Wallnöfer | 1 | -10/+22 | |
"dsdb_find_nc_root" | |||||
2010-11-16 | s4:descriptor LDB module - make more clear that special control entries ↵ | Matthias Dieter Wallnöfer | 1 | -0/+7 | |
never should be handled by modules | |||||
2010-11-16 | s4:objectclass LDB module - the "olddn" is the special DN for rename requests | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-11-16 | s4-schema_load: Don't clean in_transaction flag until transaction is really ↵ | Kamen Mazdrashki | 1 | -7/+6 | |
finished Autobuild-User: Kamen Mazdrashki <kamenim@samba.org> Autobuild-Date: Tue Nov 16 11:00:35 UTC 2010 on sn-devel-104 | |||||
2010-11-16 | s4:subtree_rename LDB module - make use of "dsdb_find_nc_root" | Matthias Dieter Wallnöfer | 1 | -22/+27 | |
This is exactly what's needed there. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Tue Nov 16 08:42:07 UTC 2010 on sn-devel-104 | |||||
2010-11-16 | s4:objectclass LDB module - free "nc_root" after name context comparisons | Matthias Dieter Wallnöfer | 1 | -0/+2 | |
2010-11-15 | s4:objectclass LDB module - improve the default name context checking on ↵ | Matthias Dieter Wallnöfer | 1 | -16/+12 | |
modifications Pointed out by abartlet | |||||
2010-11-15 | s4:objectclass LDB module - implement the "objectClass" change restrictions ↵ | Matthias Dieter Wallnöfer | 1 | -0/+25 | |
on Windows 2000 forest function level Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 15 13:10:05 UTC 2010 on sn-devel-104 | |||||
2010-11-13 | s4:password_hash LDB module - return "ERR_CONSTRAINT_VIOLATION" on password ↵ | Matthias Dieter Wallnöfer | 1 | -6/+9 | |
conversion errors This errors can happen also on a regular basis - then we shouldn't return ERR_OPERATIONS_ERROR (this error code is reserved for very serious failures). Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sat Nov 13 12:37:36 UTC 2010 on sn-devel-104 | |||||
2010-11-13 | s4:objectclass LDB module - multiple "objectClass" change elements are ↵ | Matthias Dieter Wallnöfer | 1 | -161/+169 | |
unfortunately still allowed The test message has been compressed - therefore I've now used "modify_ldif". | |||||
2010-11-12 | samldb: relax groupType modification checks | Matthieu Patou | 1 | -27/+32 | |
Allow programs with the PROVISION control to bypass groupType checks. This is needed by upgradeprovision for older alpha (11, 10 ...) | |||||
2010-11-12 | s4:objectclass LDB module - we should not simply ignore additional ↵ | Matthias Dieter Wallnöfer | 1 | -2/+16 | |
"objectClass" attribute changes There first one we perform all other tentatives are terminated with ERR_ATTRIBUTE_OR_VALUE_EXISTS (tested against Windows). Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Fri Nov 12 19:39:07 UTC 2010 on sn-devel-104 | |||||
2010-11-12 | s4:repl_meta_data LDB module - convert two debug messages into error messages | Matthias Dieter Wallnöfer | 1 | -4/+4 | |
These regarding "objectGUID". | |||||
2010-11-12 | s4:samldb/objectclass_attrs LDB modules - move "description" logic from ↵ | Matthias Dieter Wallnöfer | 2 | -43/+81 | |
"objectclass_attrs" into "samldb" This according to an answer from dochelp is SAM specific behaviour. | |||||
2010-11-11 | s4-dsdb Remove incorrectly declared ** variable used as *. | Andrew Bartlett | 1 | -6/+3 | |
The cleartext_utf16_str variable was declared char **, but due to the cast on convert_string_talloc() and the lack of type checking here and on data_blob_const (due to void *) it was able to be used as if it was a char *. The simple solution seems to be to fill in cleartext_utf16 blob directly. Andrew Bartlett | |||||
2010-11-11 | s4-dsdb Convert new krbtgt_xxx password into UTF16 | Andrew Bartlett | 1 | -1/+12 | |
The new stricter test on clearTextPassword values caught out that we did not provide a utf16 password here. Andrew Bartlett | |||||
2010-11-11 | s4-dsdb Return an error if we can't convert UTF16MUNGED -> UTF8 | Andrew Bartlett | 1 | -1/+5 | |
The UTF16MUNGED helper will map all invalid sequences (except odd input length) to valid input sequences, per the rules. Therefore if it fails, we need to bail out, somehing serious is wrong. Andrew Bartlett | |||||
2010-11-11 | s4:dsdb - proof against empty RDN values where expected | Matthias Dieter Wallnöfer | 3 | -2/+23 | |
This should prevent crashes as pointed out on the mailing list. | |||||
2010-11-11 | s4:objectclass LDB module - allow RDNs also to come from superclasses | Matthias Dieter Wallnöfer | 1 | -11/+39 | |
Detected by a testcase written by Zahari Zahariev. | |||||
2010-11-11 | s4:password_hash and acl LDB modules - handle the "userPassword" attribute ↵ | Matthias Dieter Wallnöfer | 4 | -12/+59 | |
according to the "dSHeuristics" | |||||
2010-11-11 | s4:password_hash LDB module - move "samdb_msg_find_old_and_new_ldb_val" into ↵ | Matthias Dieter Wallnöfer | 1 | -16/+77 | |
the password_hash LDB module It's only used there and so I think it doesn't really belong in "dsdb/common/util.c" (I first thought that it could be useful for ACL checking but obviously it wasn't). | |||||
2010-11-11 | s4:local_password LDB module - remove schema checking code and fix some typos | Matthias Dieter Wallnöfer | 1 | -12/+6 | |
This is now done by the "objectclass_attrs" LDB module. | |||||
2010-11-11 | s4:ldb_modules/util.c - "dsHeuristics" -> "dSHeuristics" | Matthias Dieter Wallnöfer | 1 | -2/+2 | |
2010-11-09 | s4:dsdb/operational.c: use DSDB_SECRET_ATTRIBUTES_EX() | Stefan Metzmacher | 1 | -5/+2 | |
metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Nov 9 22:43:44 UTC 2010 on sn-devel-104 | |||||
2010-11-09 | s4:dsdb/local_password: use DSDB_SECRET_ATTRIBUTES | Stefan Metzmacher | 1 | -7/+3 | |
metze | |||||
2010-11-08 | s4:password_hash LDB module - introduce a "userPassword" flag which ↵ | Matthias Dieter Wallnöfer | 1 | -15/+37 | |
enables/disables the two "userPassword" behaviours - Enabled: "userPassword" password change behaviour (will later be linked to the "dSHeuristics") - Disabled: "userPassword" plain attribute behaviour (default) Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 15:28:06 UTC 2010 on sn-devel-104 | |||||
2010-11-08 | s4:password_hash LDB module - deleting password attributes is a little more ↵ | Matthias Dieter Wallnöfer | 1 | -6/+6 | |
complicated | |||||
2010-11-08 | s4:samdb_msg_find_old_and_new_ldb_val - rework | Matthias Dieter Wallnöfer | 1 | -4/+11 | |
- don't crash when no values where specified - return ERR_CONSTRAINT_VIOLATION on malformed messages - only check for flags when we are involved in a LDB modify operation | |||||
2010-11-08 | s4:password_hash LDB module - clear the fact that a delete of password ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
attributes isn't possible | |||||
2010-11-08 | s4:acl LDB module - define the delete passwords special case a bit better | Matthias Dieter Wallnöfer | 1 | -3/+4 | |
2010-11-08 | s4:objectguid/repl_meta_data LDB module - deny "objectGUID" updates | Matthias Dieter Wallnöfer | 2 | -0/+17 | |
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Mon Nov 8 10:36:50 UTC 2010 on sn-devel-104 | |||||
2010-11-08 | s4:objectclass LDB module - no idea why we'd need the "objectGUID" here | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-11-08 | s4:objectguid LDB module - make use of "dsdb_next_callback" | Matthias Dieter Wallnöfer | 2 | -30/+6 | |
2010-11-07 | s4:objectguid LDB module - fix typo in output message | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-11-07 | s4:objectguid LDB module - objectGUIDs cannot be specified on add operations | Matthias Dieter Wallnöfer | 1 | -2/+6 | |
2010-11-07 | s4:descriptor LDB module - make the "nTSecurityDescriptor" attribute fully ↵ | Matthias Dieter Wallnöfer | 1 | -47/+61 | |
behave as in AD - fix crash when provided "nTSecurityDescriptor" attribute is empty - print out the correct error codes if it's provided multi-valued - simplify the "recalculate_sd" control handling | |||||
2010-11-07 | s4:ldb_modules/util.c - "dsdb_get_single_valued_attr" - support the ↵ | Matthias Dieter Wallnöfer | 2 | -10/+20 | |
attribute fetch also on LDB add operations We've to completely ignore the flags in that case. Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org> Autobuild-Date: Sun Nov 7 11:10:23 UTC 2010 on sn-devel-104 |