summaryrefslogtreecommitdiff
path: root/source4/ldap_server/ldap_backend.c
AgeCommit message (Collapse)AuthorFilesLines
2010-07-02s4-dsdb: fixed use after free of sasl mechanisms opaqueAndrew Tridgell1-0/+6
the supportedSASLMechanisms opaque must live for at least as long as the ldb, or we can crash when the first connection is torn down Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-07-02s4-dsdb: fixed spelling of supportedSASLMechanismsAndrew Tridgell1-1/+1
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2010-06-20s4:ldap_backend.c - now also the LDAP server supports controls on delete ↵Matthias Dieter Wallnöfer1-5/+7
operations
2010-06-20s4:ldap_backend.c - move function "ldb_mod_req_with_controls" to a better ↵Matthias Dieter Wallnöfer1-51/+52
place in the code Under the "add" and over the "delete" function.
2010-06-20s4:ldap_backend.c - add some newlines to make logs easier to readMatthias Dieter Wallnöfer1-5/+5
2010-06-19s4:ldap_backend.c - more customisations to match Windows Server error ↵Matthias Dieter Wallnöfer1-13/+16
behaviour on renames
2010-06-18s4:ldap_backend.c - fix crash bugs when we got in error situations with ↵Matthias Dieter Wallnöfer1-5/+4
"res" still set to "NULL"
2010-06-18s4:ldap_backend.c - fix a small error (use "ModifyResponse" rather than ↵Matthias Dieter Wallnöfer1-1/+1
"AddResponse")
2010-06-16s4:lib: merge LDB_WRAP and LDBSAMBA and make LDBSAMBA a library.Stefan Metzmacher1-1/+1
This is needed to remove samba specifc symbols from the bundled ldb, in order to get the ABI right. metze Signed-off-by: Andreas Schneider <asn@samba.org>
2010-06-06s4:ldap_server/ldap_backend.c - send back also the extended error message if ↵Matthias Dieter Wallnöfer1-18/+39
it exists This message often contains suggestions how to fix issues.
2010-05-21s4:libcli/ldap Rename ldap.h to libcli_ldap.hAndrew Bartlett1-1/+0
It is a problem if a samba header is called ldap.h if we also want to use OpenLDAP's ldap.h Andrew Bartlett
2010-05-04s4/rodc: Support read-only databaseAnatoliy Atanasov1-20/+174
Check on modify if we are RODC and return referral. On the ldap backend side now we pass context and ldb_modify_default_callback to propagate the referral error to the client.
2010-02-25s4:ldap_server - make it "signed-safe"Matthias Dieter Wallnöfer1-5/+5
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2010-02-25s4:LDAP server - Enable support for returning referrals through itMatthias Dieter Wallnöfer1-0/+22
This is needed for my work regarding the referrals when the domain scope control isn't specified. Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-12-18Added freeing a successful req so it doesnt croud the ldb contextNadezhda Ivanova1-2/+4
2009-12-15Removed ldb_modify_ctrl from ldb, implemented as a static in ldap_backend.Nadezhda Ivanova1-1/+43
2009-11-20Some changes to allow processing of ldap controls on modify requests.Nadezhda Ivanova1-1/+1
ldap_backend used to filter out ldap controls on modify. Also, modified python binding for ldap_modify to allow writing tests for such controls.
2009-10-23s4-dsdb: add a static samdb_credentialsAndrew Tridgell1-2/+2
Similarly to system_session(), this creates a static samdb_credentials()
2009-10-08s4:ldap server - remove unused error handlingsMatthias Dieter Wallnöfer1-35/+0
Those error cases should be handled by LDB itself to be available on all connection methods and not only over LDAP.
2009-10-02s4:LDB/LDAP - Re-allow renamesMatthias Dieter Wallnöfer1-1/+1
The main problem is that the "rdn_name" module launches on a rename request also a modification one with the "special attributes" which can't be changed directly. An introduced flag helps to bypass the restriction.
2009-10-02s4:ldap_server Ensure we don't segfault when sent a NULL new RDNAndrew Bartlett1-4/+7
The Microsoft testsuite tried to rename cn=administrator,cn=users,... into "",cn=users... which didn't go so well. Andrew Bartlett
2009-09-28s4-ldap: fixed spellingAndrew Tridgell1-1/+1
2009-09-26gensec: Avoid exposing lp_ctx on the API level.Jelmer Vernooij1-1/+1
2009-08-14s4:ldap_server Correct removal of talloc_steal()Andrew Bartlett1-1/+0
This corrects commit 7a82aed71b74af8bc2a8a4381541adbb22452d20. The steal did not set ent->attributes, so it was incorrect to assign to ent->attributes. Andrew Bartlett
2009-08-14s4:ldap_server Remove another talloc_steal (with references)Andrew Bartlett1-1/+1
This talloc_steal also conflicts with the ldb_map code, and like the previous commit, is rudundent given the talloc_steal of the whole msg above. Andrew Bartlett
2009-08-14s4:ldap_server Don't talloc_steal (with references) in ldap_backendAndrew Bartlett1-1/+1
There may or may not be a need to take a reference to the 'name' in the ldb_map code, but given we seal the whole msg just above here, it makes no senst to steal the name, but not the values. Andrew Bartlett
2009-08-04s4-ldap_server: fix generated error string in map_ldb_error().Günther Deschner1-1/+1
Guenther
2009-07-31s4: Enhances the LDAP server to display error messages like Windows ServerMatthias Dieter Wallnöfer1-27/+178
Those error messages also include the WERROR code of the failed operation(s) in this manner: <error code eight chars in HEX>: <further error message> This also addresses bug #4949
2009-07-01use a talloc_unlink() as ops may have a referenceAndrew Tridgell1-1/+1
2008-12-17s4:ldap_server: return the extended dn to the LDAP client if availableAndrew Bartlett1-1/+16
This uses an early peek at the extended_dn_control (in the request) to see what output format to use. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-11-17Remove restrictions on number of DN components in LDAP serverAndrew Bartlett1-13/+9
There is no reason for these restrictions to be in the LDAP server - they belong in the LDB layer. When accepting 'extended' or 'alternate' DNs we can't tell anyway. Andrew Bartlett
2008-11-02Remove use of global_loadparm for disabled gensec backends.Jelmer Vernooij1-0/+3
2008-10-11Fix include paths to new location of libutil.Jelmer Vernooij1-1/+1
2008-09-29LDB ASYNC: misc changesSimo Sorce1-19/+16
2008-09-23Merge ldb_search() and ldb_search_exp_fmt() into a simgle function.Simo Sorce1-2/+2
The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful.
2008-07-15Use secrets.ldb to store credentials to contact LDAP backend.Andrew Bartlett1-4/+5
This makes Samba4 behave much like Samba3 did, and use a single set of administrative credentials for it's connection to LDAP. Andrew Bartlett (This used to be commit e396a59788d77aa2fbf3b523c3773fe0e5c976c0)
2008-07-02ldap_server: allow modifies to the root dse record and pass them to the ldb ↵Stefan Metzmacher1-1/+1
layer metze (This used to be commit 3da6f7f95d7c04cff49fa2312f94c059686d11e4)
2008-04-17Specify event_context to ldb_wrap_connect explicitly.Jelmer Vernooij1-0/+2
(This used to be commit b4e1ae07a284c044704322446c94351c2decff91)
2008-03-29Fix more valgrind issues.Andrew Bartlett1-0/+5
This passes down the timeout more consistantly, and ensures that no matter how the modules screw up, we don't free() the memory we are going to write into the ASN1 packet until we actually write it out. Andrew Bartlett (This used to be commit eefd46289b90967ce6b4cd385fb1f7e1d6f9b343)
2008-03-29Fix some valgrind issues.Andrew Bartlett1-3/+3
These small changes seem to fix some of the early issues in 'make valgrindtest' Previously, the subtree_delete code didn't pass on the timeout, leaving it uninitialised. The ldap_server/ldap_backend.c change tidies up the talloc hierarchy a bit. Andrew Bartlett (This used to be commit 95314f29a9cf83db71d37e68728bfb5009fce60d)
2007-12-21r26266: Remove more global_loadparm uses.Jelmer Vernooij1-2/+3
(This used to be commit 99113075c4a96679bcec4f4d6bba4acb3dee4245)
2007-12-21r26193: In the LDAP server, use the new 'controls_decoded' element toAndrew Bartlett1-0/+12
determine if this (possibly critical) control has been decoded. This allows us to return an error, rather than just dropping the socket. Andrew Bartlett (This used to be commit 230a60c1910f95ce5139c174d6d79786fca08433)
2007-12-21r26003: Split up DB_WRAP, as first step in an attempt to sanitize dependencies.Jelmer Vernooij1-1/+1
(This used to be commit 56dfcb4f2f8e74c9d8b2fe3a0df043781188a555)
2007-12-21r25960: Enable checks on the validity of the search base on sam.ldb in Samba4.Andrew Bartlett1-4/+0
Remove bogus check to return NO_SUCH_ENTRY in ldap_backend.c, as this error is now correctly emited from ldb. Andrew Bartlett (This used to be commit ed57862b90812e5a38ca81935b131338112fb19f)
2007-10-10r25446: Merge some changes I made on the way home from SFO:Jelmer Vernooij1-1/+3
2007-09-29 More higher-level passing around of lp_ctx. 2007-09-29 Fix warning. 2007-09-29 Pass loadparm contexts on a higher level. 2007-09-29 Avoid using global loadparm context. (This used to be commit 3468952e771ab31f90b6c374ade01c5550810f42)
2007-10-10r25428: forward declarations of enums are not portable,Stefan Metzmacher1-3/+1
so pass struct cli_credentials *cred instead of enum credentials_use_kerberos use_kerberos. metze (This used to be commit b945aaa9dadc4c0595340d35725b49bac8e5778e)
2007-10-10r25398: Parse loadparm context to all lp_*() functions.Jelmer Vernooij1-1/+1
(This used to be commit 3fcc960839c6e5ca4de2c3c042f12f369ac5f238)
2007-10-10r25026: Move param/param.h out of includes.hJelmer Vernooij1-0/+1
(This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-10-10r23849: ldap_server: Provide more info in debug tracesAndrew Bartlett1-7/+8
blackbox tests: increase test coverage by running more options. Andrew Bartlett (This used to be commit 46abf82675ea0ce06a162be5d733da0c236880c2)
2007-10-10r23816: A little more static, but leave the dead code testjoin.c as ↵Andrew Bartlett1-1/+1
documentation. Andrew Bartlett (This used to be commit 6679003c0553804333f0090a91e1fe53837ceb47)