Age | Commit message (Collapse) | Author | Files | Lines |
|
Also add a way to provide utf8 compliant functions
by registering them with ldb_set_utf8_fns()
Next comes code to register samba internal utf8 functions.
Simo.
(This used to be commit ac9b8a41ffca8e06c5e849d544d3203a665b8e0d)
|
|
(This used to be commit 6ec71ffbc141df398aff3e11c45e35e15192c66f)
|
|
want to see what it does ?
do aq make test and try:
./bin/ldbsearch -H st/private/sam.ldb --controls=asq:1:member -s base -b 'CN=Administrators,CN=Builtin,DC=samba,DC=example,DC=com' 'objectclass=*'
have fun.
simo.
(This used to be commit 900f4fd3435aacc3351f30afb77d3488d2cb4804)
|
|
it currently doesn't do much, but it's later
prevent adding corrupted records via ldbedit,
and will take care of the versionID counter
metze
(This used to be commit a6f279bc43c74cf4dc116cb6ba99f1aed13a4de9)
|
|
metze
(This used to be commit 1876e245c49d521e89674dc1662a61e8f4cdc9b5)
|
|
this helps in getting symbol -fvisibility=hidden (GCC 4 feature) working later.
metze
(This used to be commit 380938e97f31c7860aed1e73cc0110c6e17b472e)
|
|
Thank to Andrew Bartlet for finding out a test case that showed it up.
Simo.
(This used to be commit 72a86d74a95c2b38d25159027f612075c50a1f3c)
|
|
(This used to be commit d4454287cf14cfdf1ceeb090da40492314703fb9)
|
|
allow escaped separation chars as part of the attr value
of an RDN
(This used to be commit 7ba341d6c3745cd99c4c79933f9bd54f41e12a9c)
|
|
This should be replaced with real ACLs, which tridge is working on.
In the meantime, the rules are very simple:
- SYSTEM and Administrators can read all.
- Users and anonymous cannot read passwords, can read everything else
- list of 'password' attributes is hard-coded
Most of the difficult work in this was fighting with the C/js
interface to add a system_session() all, as it still doesn't get on
with me :-)
Andrew Bartlett
(This used to be commit be9d0cae8989429ef47a713d8f0a82f12966fc78)
|
|
a second_stage_init private function for modules that need a second stage init.
Simo.
(This used to be commit 5e8b365fa2d93801a5de1d9ea76ce9d5546bd248)
|
|
(This used to be commit df1ccca3499015d68a6f9f86286d9f66b6c0476c)
|
|
There's still lot of work to do but the patch is stable
enough to be pushed into the main samba4 tree.
Simo.
(This used to be commit 77125feaff252cab44d26593093a9c211c846ce8)
|
|
module is perhaps not the most efficient, but I think it is
reasonable.
This should restore operation of MMC against Samba4 (broken by the
templating fixes).
Andrew Bartlett
(This used to be commit 41948c4bdbfca1160a01a92994324f9e22422afe)
|
|
using pre-calculated passwords for all kerberos key types.
(Previously we could only use these for the NT# type).
The module handles all of the hash/string2key tasks for all parts of
Samba, which was previously in the rpc_server/samr/samr_password.c
code. We also update the msDS-KeyVersionNumber, and the password
history. This new module can be called at provision time, which
ensures we start with a database that is consistent in this respect.
By ensuring that the krb5key attribute is the only one we need to
retrieve, this also simplifies the run-time KDC logic. (Each value of
the multi-valued attribute is encoded as a 'Key' in ASN.1, using the
definition from Heimdal's HDB. This simplfies the KDC code.).
It is hoped that this will speed up the KDC enough that it can again
operate under valgrind.
(This used to be commit e9022743210b59f19f370d772e532e0f08bfebd9)
|
|
have to think about exactly what the right context to hang it of is.
Andrew Bartlett
(This used to be commit b1c8adcfe16c72252b0312e65676edcdbe472f09)
|
|
Andrew Bartlett
(This used to be commit 2f54d7f774434f2a8b89ae01e993c4a1d16ce861)
|
|
This is for use on user-supplied arguments to printf style format
strings which will become ldb filters. I have used it on LSA, SAMR
and the auth/ code so far.
Also add comments to cracknames code.
Andrew Bartlett
(This used to be commit 8308cf6e0472790c1c9d521d19322557907f4418)
|
|
set of results
(This used to be commit 2be62eb2dde9250f8bfe3a3272851e152a1d6b68)
|
|
- removed an unnecessary level of pointer in ldb_search structure
(This used to be commit b8d4afb14a18dfd8bac79882a035e74d3ed312bd)
|
|
(This used to be commit 7d8b11174c97a3797673254c351c94436aa716b7)
|
|
ldb_result code coud rely on that)
(This used to be commit cd567bcb24125827c746c1c0902631b0e7c2cea5)
|
|
This patch changes the way lsb_search is called and the meaning of the returned integer.
The last argument of ldb_search is changed from struct ldb_message to struct ldb_result
which contains a pointer to a struct ldb_message list and a count of the number of messages.
The return is not the count of messages anymore but instead it is an ldb error value.
I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good
amount of places. I also tried to double check all my changes being sure that the calling
functions would still behave as before. But this patch is big enough that I fear some bug
may have been introduced anyway even if it passes the test suite. So if you are currently
working on any file being touched please give it a deep look and blame me for any error.
Simo.
(This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
|
|
was a
simple cut&paste error, but you might recheck this.
Volker
(This used to be commit 55b5b100e9ef7e04832d5ba4c10c45916be3513e)
|
|
"dn" or "distinguishedName". This makes us a bit more consistent
(This used to be commit b41b374b55f9a056c47ffa2ff88aa5272dbc42fc)
|
|
(This used to be commit 896704f5c139c8bce30dfc898bb3a12be10035ed)
|
|
ldb_transaction_cancel() broke it)
(This used to be commit dc41994ea72c7c7f571efa009930cf36d7a9897a)
|
|
Andrew Bartlett
(This used to be commit 2b1c88f628b27ffda08de3f4ac83c1f3b052a078)
|
|
metze
(This used to be commit 9a9311fa6b4bbb2a385413c056c8be57cdb9eb59)
|
|
(This used to be commit d379fb5f101155edd5f266ae9aaae4e7ac7bd76b)
|
|
Andrew Bartlett
(This used to be commit c0d6126effdf31e0a107c06a400973c731e0e263)
|
|
dn->canonicalName function abartlet just committed
(This used to be commit 197e8a27f0557869eacd17b74e1b14e0665883b1)
|
|
Use this new function in the client and server for the CrackNames
case, where we particularly need it.
Andrew Bartlett
(This used to be commit 380037ee09ef8293bdb288d6c015e7c80f180a30)
|
|
- added note about allowedAttributesEffective (will be needed for mmc)
- fixed some more ldb warnings
(This used to be commit e9e4d81b6976549db8a7668572a5da466fbec4a9)
|
|
ldb_msg_copy_attr() to ensure
that callers (like the ldap server) can talloc_steal the name
(This used to be commit 9c914542cc346758c82f89990c80eb096a9c0959)
|
|
- removed the timestamps module, replacing it with the operational module
- added a ldb_msg_copy_shallow() function which should be used when a module
wants to add new elements to a message on add/modify. This is needed
because the caller might be using a constant structure, or may want to
re-use the structure again
- enabled the UTC time attribute syntaxes in the operational module
(This used to be commit 61e8b010223ac6a0573185008f3719ba29574688)
|
|
(This used to be commit efd7dd1a775c06f21924f35760f7768b4e8db449)
|
|
the time attribute handling functions
(This used to be commit 93c296d52718e77f8b702e1721b548eaadc56c76)
|
|
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
|
|
mmc management support
(This used to be commit 99a5b088810e8e2f4e28b99a4a0e5e7dc9301594)
|
|
but they are so very useful for things like dn=@MODULES that I think
its worth supporting them
(This used to be commit e2e3193a98b0f81c7bdb02c98db375ca0449022a)
|
|
ldap. Also ensure we put a objectclass on our private ldb's, so they
have some chance of being stored in ldap if you want to
(This used to be commit 1af2cc067f70f6654d08387fc28def67229bb06a)
|
|
spotting this)
(This used to be commit ef13569ca94da00cc410318e61505e70f3606674)
|
|
functions they care about, instead of all functions. This also makes
it more likely that future changes to ldb will not break existing
modules
(This used to be commit 45f0c967b58e7c1b2e900a4d74cfde2a2c527dfa)
|
|
(This used to be commit 3c5f3032fcb092545580b986e0ce58bb49e4d9cb)
|
|
SUBSTRING searches. This time fix multi-part substring searches.
(This used to be commit bf5cef6f00466fc1dc3c2864a109f1ccd92681b0)
|
|
searches
(This used to be commit 71c06778d4a3ac1ca4198071ae3351acdc0656d9)
|
|
a search() function, instead each module now only implements the
bytree method, and the expression based search is handled generically
by the modules code. This makes for more consistency and less code
duplication.
fixed the tdb backend to handle BASE searches much more
efficiently. They now always only lookup one record, regardless of the
search expression
(This used to be commit 7e44f9153c5578624e2fca04cdc0a00af0fd9eb4)
|
|
in the expression parsing code
(This used to be commit 0d4a900ce5705856d61c6dd4ccb8fdbd049d22b7)
|
|
(This used to be commit 8e7c4c98a7b4fd814f298fba1b6b686cb58339f8)
|