Age | Commit message (Collapse) | Author | Files | Lines |
|
- 'make doxygen' generated the api documentation under apidocs/
Many thanks to Brad Hards <bradh@frogmouth.net> for the patches!
metze
(This used to be commit e98d483174c555366e62dd27600e6b242cab7a7f)
|
|
metze
(This used to be commit 552e12c05d10ddad55bfc0997303096055ddecdd)
|
|
metze
(This used to be commit 4d32d50ccd8bd0bfb3e2d6f5aee23bce38abbc03)
|
|
metze
(This used to be commit bf6065b11fd84454f8bc881ff96fb1846a59405b)
|
|
metze
(This used to be commit 5d0ae1d2aef3fc7ddb4cb9269bb028beeaee6dfb)
|
|
metze
(This used to be commit bb68f2e602dbcc94c05b2dd764c163be1e5a583d)
|
|
now the three supported controls (paged_results,
server_sort, extended_dn) are fully functional
and the infrastructure to add more is in place.
valgrind is happy too :)
Simo.
(This used to be commit bd8e2629378700198e16287823970f52d1150a86)
|
|
metze
(This used to be commit 1876e245c49d521e89674dc1662a61e8f4cdc9b5)
|
|
this helps in getting symbol -fvisibility=hidden (GCC 4 feature) working later.
metze
(This used to be commit 380938e97f31c7860aed1e73cc0110c6e17b472e)
|
|
(This used to be commit ad189553f420d70c4a726cf118e1273ea053f4d6)
|
|
Thank to Andrew Bartlet for finding out a test case that showed it up.
Simo.
(This used to be commit 72a86d74a95c2b38d25159027f612075c50a1f3c)
|
|
(This used to be commit 300d48bc9daa13e1475c10eaa1ec0717c822a7f7)
|
|
metze
(This used to be commit c65ebc8b5574f9bd05270964dee9d4882e2d1828)
|
|
metze
(This used to be commit 7e702939faf70d0c02fa71b315043795bc4a1d84)
|
|
(This used to be commit d4454287cf14cfdf1ceeb090da40492314703fb9)
|
|
allow escaped separation chars as part of the attr value
of an RDN
(This used to be commit 7ba341d6c3745cd99c4c79933f9bd54f41e12a9c)
|
|
This should be replaced with real ACLs, which tridge is working on.
In the meantime, the rules are very simple:
- SYSTEM and Administrators can read all.
- Users and anonymous cannot read passwords, can read everything else
- list of 'password' attributes is hard-coded
Most of the difficult work in this was fighting with the C/js
interface to add a system_session() all, as it still doesn't get on
with me :-)
Andrew Bartlett
(This used to be commit be9d0cae8989429ef47a713d8f0a82f12966fc78)
|
|
command line to ldbsearch. Very rough work, no checks are
done on the input yet (will segfault if you make it wrong).
Controls are passed via the --controls switch an are comma
separated (no escaping yet).
General syntax is <ctrl_name>:<criticality>
<ctrl_name> is a string
<criticality> is 1 or 0
Current semi-parsed controls are:
server_sort
syntax: server_sort:1:0:attributename
1st parm: criticality
2nd parm: reversed
3rd parm: attribute name to be used for sorting
todo: still missing suport for multiple sorting
attributes and ordering rule
no check on result code
paged_results
syntax: paged_results:1:100
1st parm: criticality
2nd parm: number of results to be returned
todo: ldbsearch will return only the first batch
(missing code to cycle over conditionally)
no check on result code
extended_dn
syntax: extended_dn:1:0
1st parm: criticality
2nd parm: type, see MS docs on meaning
Simo.
(This used to be commit 4c685ac0d1638a1d5392dfe733baf0db77e84858)
|
|
a second_stage_init private function for modules that need a second stage init.
Simo.
(This used to be commit 5e8b365fa2d93801a5de1d9ea76ce9d5546bd248)
|
|
(This used to be commit df1ccca3499015d68a6f9f86286d9f66b6c0476c)
|
|
There's still lot of work to do but the patch is stable
enough to be pushed into the main samba4 tree.
Simo.
(This used to be commit 77125feaff252cab44d26593093a9c211c846ce8)
|
|
Also fix up all the current issues with the skel module.
Andrew Bartlett
(This used to be commit d0a0a8de3fa73d8f06a801203e00b90ed8359b98)
|
|
be a valid talloc() pointer, as other modules may rely on this.
Andrew Bartlett
(This used to be commit 356c8c56090a7c4254609c0cc138c994b618fa55)
|
|
Re-introduce and use the OUTPUT_TYPE property for MODULEs to force
specific modules to always be included
(This used to be commit f9eede3d40098eddc3618ee48f9253cdddb94a6f)
|
|
(This used to be commit c297c93faf3b748de68679f5a4be50845ebe25fe)
|
|
thanks Brad
(This used to be commit 2f213b9580cb9e84f1c44393cac521e5c1af817b)
|
|
Andrew Bartlett
(This used to be commit 44b107d3150135ee4381c1ba4eac23bfd9cb16b9)
|
|
subsystems.
This allows Samba libraries to be used by other projects (and parts of
Samba to be built as shared libraries).
(This used to be commit 44f0aba715bfedc7e1ee3d07e9a101a91dbd84b3)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
(This used to be commit 874f16e055ec30bf2ee52a33464b4810a8f8cd89)
|
|
(This used to be commit 6198006ee466c6398f6a3da352d236034693ffb7)
|
|
Should we somehow link these, or just use the version in ldb?
Andrew Bartlett
(This used to be commit e98d14668e3fdee01b103adb5aec733790eee96d)
|
|
module is perhaps not the most efficient, but I think it is
reasonable.
This should restore operation of MMC against Samba4 (broken by the
templating fixes).
Andrew Bartlett
(This used to be commit 41948c4bdbfca1160a01a92994324f9e22422afe)
|
|
using pre-calculated passwords for all kerberos key types.
(Previously we could only use these for the NT# type).
The module handles all of the hash/string2key tasks for all parts of
Samba, which was previously in the rpc_server/samr/samr_password.c
code. We also update the msDS-KeyVersionNumber, and the password
history. This new module can be called at provision time, which
ensures we start with a database that is consistent in this respect.
By ensuring that the krb5key attribute is the only one we need to
retrieve, this also simplifies the run-time KDC logic. (Each value of
the multi-valued attribute is encoded as a 'Key' in ASN.1, using the
definition from Heimdal's HDB. This simplfies the KDC code.).
It is hoped that this will speed up the KDC enough that it can again
operate under valgrind.
(This used to be commit e9022743210b59f19f370d772e532e0f08bfebd9)
|
|
(This used to be commit ca8db1a0cd77682ac2c6dc4718f5d753a4fcc4db)
|
|
have to think about exactly what the right context to hang it of is.
Andrew Bartlett
(This used to be commit b1c8adcfe16c72252b0312e65676edcdbe472f09)
|
|
(This used to be commit 0aca5fd5130d980d07398f3291d294202aefe3c2)
|
|
Andrew Bartlett
(This used to be commit 31f65e510cdd46b1962cf06b3d51f152b1cecf37)
|
|
Andrew Bartlett
(This used to be commit 2f54d7f774434f2a8b89ae01e993c4a1d16ce861)
|
|
(This used to be commit c92ace494f92084ddf178626cdf392d151043bc7)
|
|
the difference between these at all, and in the future the
fact that INIT_OBJ_FILES include smb_build.h will be sufficient to
have recompiles at the right time.
(This used to be commit b24f2583edee38abafa58578d8b5c4b43e517def)
|
|
(This used to be commit 7ca00cd918760dccc51e56234126ead8535a22ef)
|
|
don't store it on disk, as this would cause confusing results
metze
(This used to be commit c3d3309ba1567a4363c7c0235842833b5e2b6771)
|
|
This is for use on user-supplied arguments to printf style format
strings which will become ldb filters. I have used it on LSA, SAMR
and the auth/ code so far.
Also add comments to cracknames code.
Andrew Bartlett
(This used to be commit 8308cf6e0472790c1c9d521d19322557907f4418)
|
|
command line processing system.
This is a little ugly at the moment, but works. What I cannot manage
to get to work is the extraction and propogation of command line
credentials into the js interface to ldb.
Andrew Bartlett
(This used to be commit f34ede763e7f80507d06224d114cf6b5ac7c8f7d)
|
|
installed.
Install pkg-config files.
(This used to be commit a86abe84e2cae7c6188c094a92c6b62aace02fdf)
|
|
backend.
The idea is that every time we open an LDB, we can provide a
session_info and/or credentials. This would allow any ldb to be remote
to LDAP. We should also support provisioning to a authenticated ldap
server.
(They are separate so we can say authenticate as foo for remote, but
here we just want a token of SYSTEM).
Andrew Bartlett
(This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)
|
|
(This used to be commit 754e51b19d2d1fd6be8e01d62b6ec892688f934c)
|
|
displaying security descriptors in ldbsearch or ldbedit you can see
the SDDL version.
This also allows us to specify security descriptors in our
setup/*.ldif files in SDDL format, which is much more convenient than
the NDR binary format!
(This used to be commit 8185731c1846412c1b3366824cdb3d05b2d50b73)
|
|
set of results
(This used to be commit 2be62eb2dde9250f8bfe3a3272851e152a1d6b68)
|