Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 8340ab26dd61d90242283d4e6a0db10f6f6467e2)
|
|
(This used to be commit cf7ad707578ee4dbd5dbf3c83f1f4ede42de3835)
|
|
my previous patch added it for modules). This is the next step towards
LDB backends and modules as run-time loadable .so files.
(This used to be commit fb2f70de4f6c4a9b13ad590cb4d3a9c858cede49)
|
|
(This used to be commit b4202cf030d5f154f0f94f5f501ecd648ba5c48f)
|
|
(This used to be commit 4257fd91ceca34dd868a9168efc28b6cb63f0357)
|
|
Applications that use LDB modules will now have to run ldb_global_init()
before they can use LDB.
The next step will be adding support for loading LDB modules from .so
files. This will also allow us to use one LDB without difference between the
standalone and the Samba-specific build
(This used to be commit 52a235650514039bf8ffee99a784bbc1b6ae6b92)
|
|
ldb_msg_add_steal_value().
These try to maintain the talloc heirachy, which must be correct
otherwise talloc_steal operations of entire attribute lists fails.
This fixes the currentTime value, found by using Microsoft's dcdiag
tool (before this commit, it pointed to invalid memory, due to the
changes in -r 13606)
Andrew Bartlett
(This used to be commit 424df1bb369fddcfd358cf26dd0da9d3851d181e)
|
|
The module was just used to get to the ldb so it was meningless.
Also add LDB_WAIT_ONCE e relative code in ldb_ildap.c
(This used to be commit d5b467b7c132b0bd4d23918ba7bf3370b1afcce8)
|
|
Currently only ldb_ildap is async, the plan
is to first make all backend support the async calls,
and then remove the sync functions from backends and
keep the only in the API.
Modules will need to be transformed along the way.
Simo
(This used to be commit 1e2c13b2d52de7c534493dd79a2c0596a3e8c1f5)
|
|
metze
(This used to be commit 24c6e2f73175befa33f9758634e3ee183916e387)
|
|
in attrib_handler.c functions
remove it again
Simo
(This used to be commit 513ff499071e6cb5e608a82430718021f72997bd)
|
|
safe function if the user provides an utf8
compliant casefold function to ldb.
- Fix toupper_m and tolower_m to not crash if
the case tables are not found
- Let load_case_table() search into the correct
directory in the search tree for the case
tables so that we can test utf8
Simo
(This used to be commit e12f070958eb3c144beb81c5cb878db122249021)
|
|
based on ldb_casefold
(This used to be commit 6104f900863c688707809d42c5429a42d654d5fb)
|
|
to correctly support utf8 comparisons
add an ldb_attr_Casefold function for attribute names and use it
instead of casefold in the right places
(This used to be commit 3b4eb2413bbce059dde69f35c03cdc3cc2ba85c5)
|
|
was used just in one places and by mistake, as there we should have
been using ldb_attr_cmp()
Remove ldb_caseless_cmp() ... going on with the cleanup and utf8 compliance
effort.
Simo.
(This used to be commit afda68d7bf655a9145648856d29e6e64b9f21aa3)
|
|
Also add a way to provide utf8 compliant functions
by registering them with ldb_set_utf8_fns()
Next comes code to register samba internal utf8 functions.
Simo.
(This used to be commit ac9b8a41ffca8e06c5e849d544d3203a665b8e0d)
|
|
(This used to be commit 6ec71ffbc141df398aff3e11c45e35e15192c66f)
|
|
want to see what it does ?
do aq make test and try:
./bin/ldbsearch -H st/private/sam.ldb --controls=asq:1:member -s base -b 'CN=Administrators,CN=Builtin,DC=samba,DC=example,DC=com' 'objectclass=*'
have fun.
simo.
(This used to be commit 900f4fd3435aacc3351f30afb77d3488d2cb4804)
|
|
it currently doesn't do much, but it's later
prevent adding corrupted records via ldbedit,
and will take care of the versionID counter
metze
(This used to be commit a6f279bc43c74cf4dc116cb6ba99f1aed13a4de9)
|
|
metze
(This used to be commit 1876e245c49d521e89674dc1662a61e8f4cdc9b5)
|
|
this helps in getting symbol -fvisibility=hidden (GCC 4 feature) working later.
metze
(This used to be commit 380938e97f31c7860aed1e73cc0110c6e17b472e)
|
|
Thank to Andrew Bartlet for finding out a test case that showed it up.
Simo.
(This used to be commit 72a86d74a95c2b38d25159027f612075c50a1f3c)
|
|
(This used to be commit d4454287cf14cfdf1ceeb090da40492314703fb9)
|
|
allow escaped separation chars as part of the attr value
of an RDN
(This used to be commit 7ba341d6c3745cd99c4c79933f9bd54f41e12a9c)
|
|
This should be replaced with real ACLs, which tridge is working on.
In the meantime, the rules are very simple:
- SYSTEM and Administrators can read all.
- Users and anonymous cannot read passwords, can read everything else
- list of 'password' attributes is hard-coded
Most of the difficult work in this was fighting with the C/js
interface to add a system_session() all, as it still doesn't get on
with me :-)
Andrew Bartlett
(This used to be commit be9d0cae8989429ef47a713d8f0a82f12966fc78)
|
|
a second_stage_init private function for modules that need a second stage init.
Simo.
(This used to be commit 5e8b365fa2d93801a5de1d9ea76ce9d5546bd248)
|
|
(This used to be commit df1ccca3499015d68a6f9f86286d9f66b6c0476c)
|
|
There's still lot of work to do but the patch is stable
enough to be pushed into the main samba4 tree.
Simo.
(This used to be commit 77125feaff252cab44d26593093a9c211c846ce8)
|
|
module is perhaps not the most efficient, but I think it is
reasonable.
This should restore operation of MMC against Samba4 (broken by the
templating fixes).
Andrew Bartlett
(This used to be commit 41948c4bdbfca1160a01a92994324f9e22422afe)
|
|
using pre-calculated passwords for all kerberos key types.
(Previously we could only use these for the NT# type).
The module handles all of the hash/string2key tasks for all parts of
Samba, which was previously in the rpc_server/samr/samr_password.c
code. We also update the msDS-KeyVersionNumber, and the password
history. This new module can be called at provision time, which
ensures we start with a database that is consistent in this respect.
By ensuring that the krb5key attribute is the only one we need to
retrieve, this also simplifies the run-time KDC logic. (Each value of
the multi-valued attribute is encoded as a 'Key' in ASN.1, using the
definition from Heimdal's HDB. This simplfies the KDC code.).
It is hoped that this will speed up the KDC enough that it can again
operate under valgrind.
(This used to be commit e9022743210b59f19f370d772e532e0f08bfebd9)
|
|
have to think about exactly what the right context to hang it of is.
Andrew Bartlett
(This used to be commit b1c8adcfe16c72252b0312e65676edcdbe472f09)
|
|
Andrew Bartlett
(This used to be commit 2f54d7f774434f2a8b89ae01e993c4a1d16ce861)
|
|
This is for use on user-supplied arguments to printf style format
strings which will become ldb filters. I have used it on LSA, SAMR
and the auth/ code so far.
Also add comments to cracknames code.
Andrew Bartlett
(This used to be commit 8308cf6e0472790c1c9d521d19322557907f4418)
|
|
set of results
(This used to be commit 2be62eb2dde9250f8bfe3a3272851e152a1d6b68)
|
|
- removed an unnecessary level of pointer in ldb_search structure
(This used to be commit b8d4afb14a18dfd8bac79882a035e74d3ed312bd)
|
|
(This used to be commit 7d8b11174c97a3797673254c351c94436aa716b7)
|
|
ldb_result code coud rely on that)
(This used to be commit cd567bcb24125827c746c1c0902631b0e7c2cea5)
|
|
This patch changes the way lsb_search is called and the meaning of the returned integer.
The last argument of ldb_search is changed from struct ldb_message to struct ldb_result
which contains a pointer to a struct ldb_message list and a count of the number of messages.
The return is not the count of messages anymore but instead it is an ldb error value.
I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good
amount of places. I also tried to double check all my changes being sure that the calling
functions would still behave as before. But this patch is big enough that I fear some bug
may have been introduced anyway even if it passes the test suite. So if you are currently
working on any file being touched please give it a deep look and blame me for any error.
Simo.
(This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
|
|
was a
simple cut&paste error, but you might recheck this.
Volker
(This used to be commit 55b5b100e9ef7e04832d5ba4c10c45916be3513e)
|
|
"dn" or "distinguishedName". This makes us a bit more consistent
(This used to be commit b41b374b55f9a056c47ffa2ff88aa5272dbc42fc)
|
|
(This used to be commit 896704f5c139c8bce30dfc898bb3a12be10035ed)
|
|
ldb_transaction_cancel() broke it)
(This used to be commit dc41994ea72c7c7f571efa009930cf36d7a9897a)
|
|
Andrew Bartlett
(This used to be commit 2b1c88f628b27ffda08de3f4ac83c1f3b052a078)
|
|
metze
(This used to be commit 9a9311fa6b4bbb2a385413c056c8be57cdb9eb59)
|
|
(This used to be commit d379fb5f101155edd5f266ae9aaae4e7ac7bd76b)
|
|
Andrew Bartlett
(This used to be commit c0d6126effdf31e0a107c06a400973c731e0e263)
|
|
dn->canonicalName function abartlet just committed
(This used to be commit 197e8a27f0557869eacd17b74e1b14e0665883b1)
|
|
Use this new function in the client and server for the CrackNames
case, where we particularly need it.
Andrew Bartlett
(This used to be commit 380037ee09ef8293bdb288d6c015e7c80f180a30)
|
|
- added note about allowedAttributesEffective (will be needed for mmc)
- fixed some more ldb warnings
(This used to be commit e9e4d81b6976549db8a7668572a5da466fbec4a9)
|
|
ldb_msg_copy_attr() to ensure
that callers (like the ldap server) can talloc_steal the name
(This used to be commit 9c914542cc346758c82f89990c80eb096a9c0959)
|