summaryrefslogtreecommitdiff
path: root/source4/lib/ldb/ldb_ildap
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r12310: Link simple bind support in our internal LDAP libs to LDB and theAndrew Bartlett1-5/+16
command line processing system. This is a little ugly at the moment, but works. What I cannot manage to get to work is the extraction and propogation of command line credentials into the js interface to ldb. Andrew Bartlett (This used to be commit f34ede763e7f80507d06224d114cf6b5ac7c8f7d)
2007-10-10r12227: I realised that I wasn't yet seeing authenticated LDAP for the ldbAndrew Bartlett1-4/+2
backend. The idea is that every time we open an LDB, we can provide a session_info and/or credentials. This would allow any ldb to be remote to LDAP. We should also support provisioning to a authenticated ldap server. (They are separate so we can say authenticate as foo for remote, but here we just want a token of SYSTEM). Andrew Bartlett (This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)
2007-10-10r11958: - fixed memory leaks in the ldb_result handling in ldb operationsAndrew Tridgell1-1/+1
- removed an unnecessary level of pointer in ldb_search structure (This used to be commit b8d4afb14a18dfd8bac79882a035e74d3ed312bd)
2007-10-10r11567: Ldb API change patch.Simo Sorce1-29/+70
This patch changes the way lsb_search is called and the meaning of the returned integer. The last argument of ldb_search is changed from struct ldb_message to struct ldb_result which contains a pointer to a struct ldb_message list and a count of the number of messages. The return is not the count of messages anymore but instead it is an ldb error value. I tryed to keep the patch as tiny as possible bu as you can guess I had to change a good amount of places. I also tried to double check all my changes being sure that the calling functions would still behave as before. But this patch is big enough that I fear some bug may have been introduced anyway even if it passes the test suite. So if you are currently working on any file being touched please give it a deep look and blame me for any error. Simo. (This used to be commit 22c8c97e6fb466b41859e090e959d7f1134be780)
2007-10-10r11522: Add support for delegated credentials and machine account credentialsAndrew Bartlett1-2/+8
to ldb, based on the sessionInfo we now pass around. Andrew Bartlett (This used to be commit 84e16e4ea7240409f15efd9f64344f9e0cec8111)
2007-10-10r11403: improved the error handling in the ildap ldb backend. Now passesAndrew Tridgell1-37/+53
through all ldap errors except on search. Search errors are only available via ldb_errstring() until we decide how to fix ldb_search(). (This used to be commit c192bcb79dda44b5b7a3bc257ba92addf769c8d9)
2007-10-10r10753: don't require every ldb module to implement both a search_bytree() andAndrew Tridgell1-26/+3
a search() function, instead each module now only implements the bytree method, and the expression based search is handled generically by the modules code. This makes for more consistency and less code duplication. fixed the tdb backend to handle BASE searches much more efficiently. They now always only lookup one record, regardless of the search expression (This used to be commit 7e44f9153c5578624e2fca04cdc0a00af0fd9eb4)
2007-10-10r10708: a bit more error checking in the idap ldb backendAndrew Tridgell1-0/+5
(This used to be commit 63ebaad393e38b28c8f97f33e2b22f2445733405)
2007-10-10r10666: - reverse the ildap ldb backend so tree based searches go throughAndrew Tridgell1-22/+28
directly, and expression based searches are converted to trees. This makes for less conversions. - allow the caller to supply a set of credentials via the ldb opaque name 'credentials'. I will be using this in my ldb proxy module. (This used to be commit af24f3d7faac6ef74feef73a23345d8c484da07c)
2007-10-10r10641: fixed the error handling on search errors in the ildap backendAndrew Tridgell1-0/+1
(This used to be commit e80d42933fe3cbc18cb229e47fffb9ca8068aca5)
2007-10-10r10477: expose transactions outside ldb and change the API once moreSimo Sorce1-3/+11
do not autostart transactions on ldb operations if a transaction is already in place test transactions on winsdb all my tests passes so far tridge please confirm this is ok for you (This used to be commit c2bb2a36bdbe0ec7519697a9a9ba7526a0defac2)
2007-10-10r10305: start implementing better error handlingSimo Sorce1-16/+5
changed the prioivate modules API error string are now not spread over all modules but are kept in a single place. This allows a better control of memory and error reporting. (This used to be commit 3fc676ac1d6f59d08bedbbd9377986154cf84ce4)
2007-10-10r10299: remove the public (un)lock functions and introduce a transaction basedSimo Sorce1-27/+15
private ldb API ldb_sqlite3 is already working with this model and ldb_tdb will do as soon as tridge finishes the tdb transaction code. currently the transactions are always implicit and wrap any single ldb API call except searching, the transaction functions are currently not made public on purpose. Simo. (This used to be commit 1da4ac2cdcb7e54076f85242a93784260dced918)
2007-10-10r9728: A *major* update to the credentials system, to incorporate theAndrew Bartlett1-2/+1
Kerberos CCACHE into the system. This again allows the use of the system ccache when no username is specified, and brings more code in common between gensec_krb5 and gensec_gssapi. It also has a side-effect that may (or may not) be expected: If there is a ccache, even if it is not used (perhaps the remote server didn't want kerberos), it will change the default username. Andrew Bartlett (This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
2007-10-10r9391: Convert all the code to use struct ldb_dn to ohandle ldap like ↵Simo Sorce1-29/+82
distinguished names Provide more functions to handle DNs in this form (This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
2007-10-10r7776: add a method for getting arbitrary opaque data into a ldb context, ↵Andrew Tridgell1-2/+3
for use by backends. Currently only EventContext is used in this way. (This used to be commit 9fa21b245843371f7777682ee4e5b98e2925b4d0)
2007-10-10r7749: some bug fixes from testing with socket:testnonblockAndrew Tridgell1-0/+2
- fixed some infinite loops in asn1.c - ensure asn1 callers know if an error is end of buffer or bad data - handle npending 0 in ldap server (This used to be commit f22c3b84c8912ccd36e676a782b58f1841be8875)
2007-10-10r7726: - removed some unused variablesAndrew Tridgell1-1/+8
- handle ldb_errstring() calls on failed connect (This used to be commit 8698a20fcc6a04ccbe533afd742e7a5df94423ee)
2007-10-10r7719: make the ildap ldb backend use the defaultNamingContext if the basednAndrew Tridgell1-2/+28
is not specified, so: ldbsearch ldap://hostname '(objectclass=user)' works without knowing the domain name (This used to be commit f6c2c5190737ca11f55a147f5295ccca505fb58b)
2007-10-10r7714: enable samba credentials handling in ldb tools. So you can now do aAndrew Tridgell1-0/+14
encrypted ldbedit against w2k3 (This used to be commit 6277c3923e7d9c26753424b1e77ac62f8e0729a4)
2007-10-10r7709: - convert ldb to use popt, so that it can interact with the sambaAndrew Tridgell1-18/+10
cmdline credentials code (which will be done soon) - added a ldb_init() call, and changed ldb_connect() to take a ldb context. This allows for much better error handling in ldb_connect(), and also made the popt conversion easier - fixed up all the existing backends with the new syntax - improved error handling in *_connect() - fixed a crash bug in the new case_fold_required() code - ensured that ltdb_rename() and all ltdb_search() paths get the read lock - added a ldb_oom() macro to make it easier to report out of memory situations in ldb code (This used to be commit f648fdf187669d6d87d01dd4e786b03cd420f220)
2007-10-10r7667: added a ldb ildap backend, using our internal ldap client library. ↵Andrew Tridgell1-0/+401
Next step is to remove the check for the ldap libraries in configure (This used to be commit 74841dbb2a86bb1c584b5c26c4cd24a818a65a34)