summaryrefslogtreecommitdiff
path: root/source4/ldap_server
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r13812: fix compiler warningStefan Metzmacher1-1/+1
metze (This used to be commit 1340cb1f3bdbde4d3759d77b28631611c4e150bb)
2007-10-10r13786: [merge] Add registration functions for LDB modulesJelmer Vernooij1-0/+2
Applications that use LDB modules will now have to run ldb_global_init() before they can use LDB. The next step will be adding support for loading LDB modules from .so files. This will also allow us to use one LDB without difference between the standalone and the Samba-specific build (This used to be commit 52a235650514039bf8ffee99a784bbc1b6ae6b92)
2007-10-10r13609: Get in the initial work on making ldb asyncSimo Sorce1-47/+2
Currently only ldb_ildap is async, the plan is to first make all backend support the async calls, and then remove the sync functions from backends and keep the only in the API. Modules will need to be transformed along the way. Simo (This used to be commit 1e2c13b2d52de7c534493dd79a2c0596a3e8c1f5)
2007-10-10r13606: An attempt to fix #3525.Andrew Bartlett1-12/+8
The problem was that the supportedControls were being stolen into the result sent to the client, then talloc_free()ed. This caused them to be invalid on the next rootDSE query. This also tries to avoid attaching the result to the long-term samdb context, and avoids an extra loop in the result processing (pointed out by tridge). Andrew BARtlett (This used to be commit d0b8957f38fda4d84a318d6121ad87ba53a9ddb3)
2007-10-10r13508: some ASN.1 element in LDAP are optional,Stefan Metzmacher2-11/+25
make it possible to code the difference between a zero length and a NULL DATA_BLOB... metze (This used to be commit 54f0b19c55df8ad3882f31a114e2ea0e4cf940ae)
2007-10-10r13357: more docsSimo Sorce2-0/+674
(This used to be commit 5af9086deafc88aa1f9256cc0090592ecbd62203)
2007-10-10r13339: Propogate more error infomation into the error packet and reformat theAndrew Bartlett1-38/+49
code a little. This also fixes a segfault when we didn't fill in the error message. Andrew Bartlett (This used to be commit 3be01a4ac7efe8d161910e8339bfe42584c0db86)
2007-10-10r13307: docsSimo Sorce1-0/+787
(This used to be commit e56630d1f8688ff3ff334893a4bc49dff8e36fe2)
2007-10-10r12917: fix decoding of ldap controlsSimo Sorce2-1/+25
some more work on timeouts (This used to be commit a7e2fe3cb33be2effff7eb764047567f2da3cd55)
2007-10-10r12905: add some ldap policiesSimo Sorce1-7/+99
not yet enforced except for the initial connection timeout (This used to be commit fa1ae9a44b0321b8e458bcb7fd1dcc9475b9bad3)
2007-10-10r12880: Remove ldap partitions useless now and probably weSimo Sorce6-785/+604
will not use it anyway as we plan to support partitions in ldb directly like with rootdse Merge ldap_simple_ldb into ldap_backend, it is not simple anymore and makes no sense to have it separated now that ldap partitions are gone Initial attempt at working to some limit to avoid DOSs for the ldap server. Simo. (This used to be commit 97bff3e049eba48019f2b0f3eb5a19e32fef2e23)
2007-10-10r12804: This patch reworks the Samba4 sockets layer to use a socket_addressAndrew Bartlett1-1/+8
structure that is more generic than just 'IP/port'. It now passes make test, and has been reviewed and updated by metze. (Thankyou *very* much). This passes 'make test' as well as kerberos use (not currently in the testsuite). The original purpose of this patch was to have Samba able to pass a socket address stucture from the BSD layer into the kerberos routines and back again. It also removes nbt_peer_addr, which was being used for a similar purpose. It is a large change, but worthwhile I feel. Andrew Bartlett (This used to be commit 88198c4881d8620a37086f80e4da5a5b71c5bbb2)
2007-10-10r12792: fix compiler warningStefan Metzmacher1-1/+0
metze (This used to be commit 1eca5f46c60d09fccbef5e605c06b1b3e3b65feb)
2007-10-10r12733: Merge ldap/ldb controls into main treeSimo Sorce4-28/+80
There's still lot of work to do but the patch is stable enough to be pushed into the main samba4 tree. Simo. (This used to be commit 77125feaff252cab44d26593093a9c211c846ce8)
2007-10-10r12694: Move some headers to the directory of the subsystem they belong to.Jelmer Vernooij1-1/+1
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
2007-10-10r12686: Push the real SASL list into the rootdse.Andrew Bartlett4-16/+25
Get this out of the server credentials, and push it down to ldb via an opaque pointer. Andrew Bartlett (This used to be commit 61700252e05e0be6b4ffa72ffc24a95c665597e3)
2007-10-10r12608: Remove some unused #include lines.Jelmer Vernooij3-5/+0
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
2007-10-10r12595: There was no comment on the mailing list, so kill the 'ldapsrv:samdb'Andrew Bartlett1-16/+0
parameter. It isn't useful with so many other things in the ldap server opening the database directly. Best to run this as a seperate process, and change the global options. Andrew Bartlett (This used to be commit 34d6220cec763eefa9313f5a39ce7a73b238f7f0)
2007-10-10r12542: Move some more prototypes out to seperate headersJelmer Vernooij2-0/+2
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
2007-10-10r12498: Eliminate INIT_OBJ_FILES and ADD_OBJ_FILES. We were not usingJelmer Vernooij1-1/+1
the difference between these at all, and in the future the fact that INIT_OBJ_FILES include smb_build.h will be sufficient to have recompiles at the right time. (This used to be commit b24f2583edee38abafa58578d8b5c4b43e517def)
2007-10-10r12360: Add simple bind support into our LDAP server.Andrew Bartlett1-2/+42
Needs changes to our client code for automated testing. Andrew Bartlett (This used to be commit e751d814149d847ff1699542a4fa81eb8ca129ec)
2007-10-10r12227: I realised that I wasn't yet seeing authenticated LDAP for the ldbAndrew Bartlett1-5/+2
backend. The idea is that every time we open an LDB, we can provide a session_info and/or credentials. This would allow any ldb to be remote to LDAP. We should also support provisioning to a authenticated ldap server. (They are separate so we can say authenticate as foo for remote, but here we just want a token of SYSTEM). Andrew Bartlett (This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)
2007-10-10r12148: add the docs for the paged results controlSimo Sorce1-0/+395
(This used to be commit 9fab4ab2724d8276765cb42f5e8e177c4ef1ca20)
2007-10-10r12126: get rid of the local ->terminate hacks, we do that genericly nowStefan Metzmacher2-39/+10
metze (This used to be commit a7baf165c10c00096265b790d5362905c527806a)
2007-10-10r11958: - fixed memory leaks in the ldb_result handling in ldb operationsAndrew Tridgell1-2/+2
- removed an unnecessary level of pointer in ldb_search structure (This used to be commit b8d4afb14a18dfd8bac79882a035e74d3ed312bd)
2007-10-10r11955: got rid of the old rootDSE code in the ldap server.Andrew Tridgell5-394/+0
The partitioning logic is still there, but we only have one partition. If we need partitioning in the future it might be better to remove this partitioning code and use a partitioning module instead (This used to be commit f4685e7dc9bdc3b9e240c9f5891b9da9251f82e5)
2007-10-10r11713: separate out the setting of the fde in the packet context from theAndrew Tridgell1-1/+2
enabling of packet serialisation (This used to be commit 6a47cd65a8b588f9ddd375c57caaba08281e7cbb)
2007-10-10r11622: convert the ldap server to the generic packet codeAndrew Tridgell2-178/+103
(This used to be commit 6ef4ba0c81002c9960dc5fe4fbfd0622957d492a)
2007-10-10r11567: Ldb API change patch.Simo Sorce2-76/+88
This patch changes the way lsb_search is called and the meaning of the returned integer. The last argument of ldb_search is changed from struct ldb_message to struct ldb_result which contains a pointer to a struct ldb_message list and a count of the number of messages. The return is not the count of messages anymore but instead it is an ldb error value. I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good amount of places. I also tried to double check all my changes being sure that the calling functions would still behave as before. But this patch is big enough that I fear some bug may have been introduced anyway even if it passes the test suite. So if you are currently working on any file being touched please give it a deep look and blame me for any error. Simo. (This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
2007-10-10r11447: fixed a problem with the ldap server spinning using CPU timeAndrew Tridgell1-10/+22
(This used to be commit c913f466cd27030f8c696ab60b1a4a2eb2ac260c)
2007-10-10r11408: fixed the mapping of ldb errors to ldap errors in the ldap serverAndrew Tridgell1-41/+20
(This used to be commit 647cb90360d1a790c8da34d48c46737762046e1b)
2007-10-10r11244: Relative path names in .mk filesJelmer Vernooij1-5/+5
(This used to be commit 24e10300906c380919d2d631bfb3b8fd6b3f54ba)
2007-10-10r11225: Remove pointless goto.Andrew Bartlett1-2/+0
Andrew Bartlett (This used to be commit 30f4ece4d2e55d2d50061f74a491d3f77551a6ae)
2007-10-10r11214: Remove scons files (see ↵Jelmer Vernooij1-4/+0
http://lists.samba.org/archive/samba-technical/2005-October/043443.html) (This used to be commit 7fffc5c9178158249be632ac0ca179c13bd1f98f)
2007-10-10r11200: Reposition the creation of the kerberos keytab for GSSAPI and Krb5Andrew Bartlett1-0/+18
authentication. This pulls the creating of the keytab back to the credentials code, and removes the special case of 'use keberos keytab = yes' for now. This allows (and requires) the callers to specify the credentials for the server credentails to GENSEC. This allows kpasswdd (soon to be added) to use a different set of kerberos credentials. The 'use kerberos keytab' code will be moved into the credentials layer, as the layers below now expect a keytab. We also now allow for the old secret to be stored into the credentials, allowing service password changes. Andrew Bartlett (This used to be commit 205f77c579ac8680c85f713a76de5767189c627b)
2007-10-10r11112: listen on the global catalog ldap server port as well if we are aAndrew Tridgell1-0/+11
PDC. I suspect we should behave slightly differently on the two ports, but this is a lot closer than not listening at all. When creating a user with mmc the global catalog port is used to check for an existing user (This used to be commit f8430c3f41313d0a71cea23e1a2ef98f088aff44)
2007-10-10r10914: moved the ldap time string functions into ldb so they can be used byAndrew Tridgell1-2/+2
the time attribute handling functions (This used to be commit 93c296d52718e77f8b702e1721b548eaadc56c76)
2007-10-10r10832: free the old session infoStefan Metzmacher1-0/+5
metze (This used to be commit 16b2569788348ee3654557cf714ea3b204375c3c)
2007-10-10r10820: Use talloc_get_type as suggested by tridge.Andrew Bartlett2-7/+7
Andrew Bartlett (This used to be commit 9c511a16f829df5f177b94c7234875d4ec8afe52)
2007-10-10r10810: This adds the hooks required to communicate the current user from theAndrew Bartlett8-1103/+141
authenticated session down into LDB. This associates a session info structure with the open LDB, allowing a future ldb_ntacl module to allow/deny operations on that basis. Along the way, I cleaned up a few things, and added new helper functions to assist. In particular the LSA pipe uses simpler queries for some of the setup. In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't been worked on (other than making it continue to compile) since January, and I think the features of this module are being put into ldb anyway. I have also changed the partitions in ldap_server to be initialised after the connection, with the private pointer used to associate the ldb with the incoming session. Andrew Bartlett (This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
2007-10-10r10709: fixed a crash bug rather similar to the one volker found in the dcerpcAndrew Tridgell2-5/+25
code, where a stream_terminate_connection() while processing a request can cause a later defererence of the connection structure to die. (This used to be commit efbcb0f74176058a74d7134dae4658b891fc6f16)
2007-10-10r10586: Add MergedObject() builder. Default to Library() ratherJelmer Vernooij1-1/+1
then StaticLibrary() (This used to be commit b53313dc517986c69a4e4cb8fe3885b696f8faa1)
2007-10-10r10353: Fix typoVolker Lendecke1-1/+1
(This used to be commit b871ecbc2cf5ef2222e498f7819a06aa9082e155)
2007-10-10r10348: Add scons scripts for remaining subsystems. Most subsystems build now,Jelmer Vernooij1-1/+0
but final linking still fails (as does generating files asn1, et, idl and proto files) (This used to be commit 4f0d7f75b99c7f4388d8acb0838577d86baf68b5)
2007-10-10r10336: Add sconscript for a couple more subsystems.Jelmer Vernooij1-0/+5
(This used to be commit 59d4450453c25f5cce9b67b808ff0c4433c1d194)
2007-10-10r10315: Remove use of fstring and pstring in dynconfig.cJelmer Vernooij2-2/+0
Remove unused includes of dynconfig.h (This used to be commit 59083b7ba60d518ddb59646c4fd69938afd079b3)
2007-10-10r10252: a recent checkin from simo changed the handling of BASE and SUBTREEAndrew Tridgell1-1/+2
searches in ldb to be more ldap compliant, but broke the wins server and the ejs ldb code. This fixes those up so 'make test' passes again. (This used to be commit dff660c23c97114d0c1be705f4d6a9c114b60456)
2007-10-10r10237: fix parameter, how have I missed this...?Stefan Metzmacher1-1/+1
metze (This used to be commit d02e1aa049f29590fbb5e08a32ee54177baa71a7)
2007-10-10r10213: fixed a memory leak in the ldap client and server code spotted by KarlAndrew Tridgell1-1/+3
Melcher. ldap_encode() now takes a memory context to use for the data blob (This used to be commit 09948a59336a7f02bf2b4605f2d4d886e65b85f2)
2007-10-10r10078: - add a 'struct data_blob_list_item'Stefan Metzmacher2-23/+23
- use this for the send_queue's of the different stream_servers to not redefine the same struct so often, and it maybe will be used in other places too metze (This used to be commit b6694f067ab7aff0ee303dbfe8a6e7fad801e7e9)