summaryrefslogtreecommitdiff
path: root/source4/ldap_server/ldap_extended.c
AgeCommit message (Collapse)AuthorFilesLines
2010-10-08s4:ldap_server: rewrite to socket layer to use tstreamStefan Metzmacher1-22/+83
This should make our sasl and tls handling much more robust against partial sent pdus. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Oct 8 11:55:26 UTC 2010 on sn-devel-104
2010-10-07Revert "s4:ldap_server: rewrite to socket layer to use tstream"Stefan Metzmacher1-83/+22
This reverts commit b53fbc75acc525f2e2450370e704a62791271788. There are problems with problems with broken gnutls versions. We can readd this once we have the needed configure checks to detect the bug in gnutls. See https://bugzilla.samba.org/show_bug.cgi?id=7218. metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Thu Oct 7 10:31:18 UTC 2010 on sn-devel-104
2010-10-04s4:ldap_server: rewrite to socket layer to use tstreamStefan Metzmacher1-22/+83
This should make our sasl and tls handling much more robust against partial sent pdus. metze
2010-05-21s4:libcli/ldap Rename ldap.h to libcli_ldap.hAndrew Bartlett1-1/+0
It is a problem if a samba header is called ldap.h if we also want to use OpenLDAP's ldap.h Andrew Bartlett
2010-02-25s4:ldap_server - make it "signed-safe"Matthias Dieter Wallnöfer1-1/+1
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-07-31s4:ldap_server: the tls code steals the original socket on its own nowStefan Metzmacher1-1/+0
metze
2009-02-18Worked around a problem with select/poll/epoll and gnutls Andrew Tridgell1-0/+1
Our packet layer relies on the event system reliably telling us when a packet is available. When we are using a socket layer like TLS then things get a bit trickier, as there may be bytes in the encryption buffer which could be read even if there are no bytes at the socket level. The GNUTLS library is supposed to prevent this happening by always leaving some data at the socket level when there is data to be processed in its buffers, but it seems that this is not always reliable. To work around this I have added a new packet option packet_set_unreliable_select() which tells the packet layer to not assume that the socket layer has a reliable select, and to instead keep trying to read from the socket until it gets back no data. This option is set for the ldap client and server when TLS is negotiated. This seems to fix the problems with the ldaps tests.
2009-02-02s4:ldap_server: s/private/private_dataStefan Metzmacher1-2/+2
metze
2008-10-11Fix include paths to new location of libutil.Jelmer Vernooij1-1/+1
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r17930: Merge noinclude branch:Jelmer Vernooij1-1/+1
* Move dlinklist.h, smb.h to subsystem-specific directories * Clean up ads.h and move what is left of it to dsdb/ (only place where it's used) (This used to be commit f7afa1cb77f3cfa7020b57de12e6003db7cfcc42)
2007-10-10r17251: - split out the starttls into its own functionStefan Metzmacher1-42/+96
- give an operations error when tls is already on the socket metze (This used to be commit 9190d134c9be774c53f6dae52b7c4cdcc053d00f)
2007-10-10r17240: move extended operations to a new fileStefan Metzmacher1-0/+96
metze (This used to be commit 0b16350fa2da39a66c4479dbf74182b06f7ed91a)