Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2010-10-04 | s4:ldap_server: rewrite to socket layer to use tstream | Stefan Metzmacher | 4 | -308/+697 | |
This should make our sasl and tls handling much more robust against partial sent pdus. metze | |||||
2010-09-26 | s4-ldap: Added a control to apply the access checks on read via LDAP | Nadezhda Ivanova | 1 | -0/+1 | |
2010-09-07 | s4-ldapserver: serialise ldap server operations | Andrew Tridgell | 2 | -0/+60 | |
This ensures that two ldap server operations cannot happen in parallel by using packet_recv_disable() and packet_recv_enable() to disable other interfaces during ldap calls. This prevents problems caused by parallel ldap operations where transactions could overlap. | |||||
2010-08-18 | s4:ldap_server use talloc_unlink() to avoid talloc_free() with references | Andrew Bartlett | 1 | -4/+4 | |
Both the session_info and the ldb can have references. Andrew Bartlett | |||||
2010-08-17 | s4-ldapserver: support controls on ldap add and rename | Andrew Tridgell | 1 | -10/+12 | |
we need to pass the controls down to the add and rename ldb operations Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-08-15 | s4:ldap_backend.c - Windows returns WERROR codes in majuscule HEX format | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-08-15 | s4:ldap_backend.c - map error codes - add a change which allows custom ↵ | Matthias Dieter Wallnöfer | 1 | -0/+13 | |
WERROR codes This is strictly needed by my recent passwords work, since I want to remove most of the password change stuff in "samr_password.c". Since AD gives us CONSTRAINT_VIOLATION on all change problems I cannot distinguish on the SAMR level which the real cause was about. Therefore I need the extended WERROR codes here. | |||||
2010-08-14 | s4:ldap_backend.c - fix a DS error code after WERROR change | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
2010-07-16 | s4-loadparm: 2nd half of lp_ to lpcfg_ conversion | Andrew Tridgell | 2 | -15/+15 | |
this converts all callers that use the Samba4 loadparm lp_ calling convention to use the lpcfg_ prefix. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-dsdb: fixed use after free of sasl mechanisms opaque | Andrew Tridgell | 1 | -0/+6 | |
the supportedSASLMechanisms opaque must live for at least as long as the ldb, or we can crash when the first connection is torn down Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-07-02 | s4-dsdb: fixed spelling of supportedSASLMechanisms | Andrew Tridgell | 1 | -1/+1 | |
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> | |||||
2010-06-28 | s4:ldap_server: don't start if we can't bind to port 389 | Stefan Metzmacher | 1 | -1/+4 | |
metze | |||||
2010-06-20 | s4:ldap_backend.c - now also the LDAP server supports controls on delete ↵ | Matthias Dieter Wallnöfer | 1 | -5/+7 | |
operations | |||||
2010-06-20 | s4:ldap_backend.c - move function "ldb_mod_req_with_controls" to a better ↵ | Matthias Dieter Wallnöfer | 1 | -51/+52 | |
place in the code Under the "add" and over the "delete" function. | |||||
2010-06-20 | s4:ldap_backend.c - add some newlines to make logs easier to read | Matthias Dieter Wallnöfer | 1 | -5/+5 | |
2010-06-19 | s4:ldap_backend.c - more customisations to match Windows Server error ↵ | Matthias Dieter Wallnöfer | 1 | -13/+16 | |
behaviour on renames | |||||
2010-06-18 | s4:ldap_backend.c - fix crash bugs when we got in error situations with ↵ | Matthias Dieter Wallnöfer | 1 | -5/+4 | |
"res" still set to "NULL" | |||||
2010-06-18 | s4:ldap_backend.c - fix a small error (use "ModifyResponse" rather than ↵ | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
"AddResponse") | |||||
2010-06-16 | s4:lib: merge LDB_WRAP and LDBSAMBA and make LDBSAMBA a library. | Stefan Metzmacher | 1 | -1/+1 | |
This is needed to remove samba specifc symbols from the bundled ldb, in order to get the ABI right. metze Signed-off-by: Andreas Schneider <asn@samba.org> | |||||
2010-06-06 | s4:ldap_server/ldap_backend.c - send back also the extended error message if ↵ | Matthias Dieter Wallnöfer | 1 | -18/+39 | |
it exists This message often contains suggestions how to fix issues. | |||||
2010-05-21 | s4:libcli/ldap Rename ldap.h to libcli_ldap.h | Andrew Bartlett | 5 | -5/+1 | |
It is a problem if a samba header is called ldap.h if we also want to use OpenLDAP's ldap.h Andrew Bartlett | |||||
2010-05-04 | s4/rodc: Support read-only database | Anatoliy Atanasov | 1 | -20/+174 | |
Check on modify if we are RODC and return referral. On the ldap backend side now we pass context and ldb_modify_default_callback to propagate the referral error to the client. | |||||
2010-04-11 | s4:auth Remove event context from anonymous_session() | Andrew Bartlett | 1 | -1/+1 | |
This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett | |||||
2010-04-06 | s4-waf: removed the AUTOGENERATED markers | Andrew Tridgell | 1 | -3/+0 | |
we won't be using the mk -> wscript generator again | |||||
2010-04-06 | s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵ | Andrew Tridgell | 1 | -0/+2 | |
them | |||||
2010-04-06 | build: commit all the waf build files in the tree | Andrew Tridgell | 1 | -0/+12 | |
2010-02-25 | s4:ldap_server - make it "signed-safe" | Matthias Dieter Wallnöfer | 3 | -7/+8 | |
Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2010-02-25 | s4:LDAP server - Enable support for returning referrals through it | Matthias Dieter Wallnöfer | 1 | -0/+22 | |
This is needed for my work regarding the referrals when the domain scope control isn't specified. Signed-off-by: Andrew Bartlett <abartlet@samba.org> | |||||
2009-12-18 | Added freeing a successful req so it doesnt croud the ldb context | Nadezhda Ivanova | 1 | -2/+4 | |
2009-12-15 | Removed ldb_modify_ctrl from ldb, implemented as a static in ldap_backend. | Nadezhda Ivanova | 1 | -1/+43 | |
2009-11-20 | Some changes to allow processing of ldap controls on modify requests. | Nadezhda Ivanova | 1 | -1/+1 | |
ldap_backend used to filter out ldap controls on modify. Also, modified python binding for ldap_modify to allow writing tests for such controls. | |||||
2009-10-25 | s4-samdb: reduce the number of samdb opens at startup | Andrew Tridgell | 1 | -4/+2 | |
Using common parameters means that the ldb_wrap code can return a reference rather than a new database | |||||
2009-10-23 | s4-ldbwrap: added re-use of ldb contexts in ldb_wrap_connect() | Andrew Tridgell | 1 | -1/+1 | |
This allows us to reuse a ldb context if it is open twice, instead of going through the expensive process of a full ldb open. We can reuse it if all of the parameters are the same. The change relies on callers using talloc_unlink() or free of a parent to close a ldb context. | |||||
2009-10-23 | s4-dsdb: add a static samdb_credentials | Andrew Tridgell | 1 | -2/+2 | |
Similarly to system_session(), this creates a static samdb_credentials() | |||||
2009-10-23 | s4-dsdb: create a static system_session context | Andrew Tridgell | 1 | -1/+1 | |
This patch adds a system_session cache, preventing us from having to recreate it on every ldb open, and allowing us to detect when the same session is being used in ldb_wrap | |||||
2009-10-08 | s4:ldap server - remove unused error handlings | Matthias Dieter Wallnöfer | 1 | -35/+0 | |
Those error cases should be handled by LDB itself to be available on all connection methods and not only over LDAP. | |||||
2009-10-02 | s4:LDB/LDAP - Re-allow renames | Matthias Dieter Wallnöfer | 1 | -1/+1 | |
The main problem is that the "rdn_name" module launches on a rename request also a modification one with the "special attributes" which can't be changed directly. An introduced flag helps to bypass the restriction. | |||||
2009-10-02 | s4:ldap_server Ensure we don't segfault when sent a NULL new RDN | Andrew Bartlett | 1 | -4/+7 | |
The Microsoft testsuite tried to rename cn=administrator,cn=users,... into "",cn=users... which didn't go so well. Andrew Bartlett | |||||
2009-09-28 | s4-ldap: fixed spelling | Andrew Tridgell | 1 | -1/+1 | |
2009-09-26 | gensec: Avoid exposing lp_ctx on the API level. | Jelmer Vernooij | 1 | -1/+1 | |
2009-09-18 | s4-server: kill main daemon if a task fails to initialise | Andrew Tridgell | 1 | -4/+6 | |
When one of our core tasks fails to initialise it can now ask for the server as a whole to die, rather than limping along in a degraded state. | |||||
2009-08-14 | s4:ldap_server Correct removal of talloc_steal() | Andrew Bartlett | 1 | -1/+0 | |
This corrects commit 7a82aed71b74af8bc2a8a4381541adbb22452d20. The steal did not set ent->attributes, so it was incorrect to assign to ent->attributes. Andrew Bartlett | |||||
2009-08-14 | s4:ldap_server Remove another talloc_steal (with references) | Andrew Bartlett | 1 | -1/+1 | |
This talloc_steal also conflicts with the ldb_map code, and like the previous commit, is rudundent given the talloc_steal of the whole msg above. Andrew Bartlett | |||||
2009-08-14 | s4:ldap_server Don't talloc_steal (with references) in ldap_backend | Andrew Bartlett | 1 | -1/+1 | |
There may or may not be a need to take a reference to the 'name' in the ldb_map code, but given we seal the whole msg just above here, it makes no senst to steal the name, but not the values. Andrew Bartlett | |||||
2009-08-05 | s4:ldap_server: make sure we shutdown the tls socket before ↵ | Stefan Metzmacher | 1 | -0/+1 | |
stream_terminate_connection() removes the fd event This fixes a crash bug where tls_destructor() relies on the fd event still being there. metze | |||||
2009-08-04 | s4-ldap_server: fix generated error string in map_ldb_error(). | Günther Deschner | 1 | -1/+1 | |
Guenther | |||||
2009-07-31 | s4: Enhances the LDAP server to display error messages like Windows Server | Matthias Dieter Wallnöfer | 1 | -27/+178 | |
Those error messages also include the WERROR code of the failed operation(s) in this manner: <error code eight chars in HEX>: <further error message> This also addresses bug #4949 | |||||
2009-07-31 | s4:ldap_server: the tls code steals the original socket on its own now | Stefan Metzmacher | 2 | -2/+2 | |
metze | |||||
2009-07-01 | use a talloc_unlink() as ops may have a reference | Andrew Tridgell | 1 | -1/+1 | |
2009-06-24 | Reenable the LDAPI socket for the merged build | Volker Lendecke | 1 | -2/+0 | |
It seems that the samba4 part of the merged build does not pick up the DEVELOPER flag from the s3 configure. Jelmer, can you fix that properly? Thanks, Volker |