summaryrefslogtreecommitdiff
path: root/source4/lib
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r7860: switch our ldb storage format to use a NDR encoded objectSid. This isAndrew Tridgell3-8/+11
quite a large change as we had lots of code that assumed that objectSid was a string in S- format. metze and simo tried to convince me to use NDR format months ago, but I didn't listen, so its fair that I have the pain of fixing all the code now :-) This builds on the ldb_register_samba_handlers() and ldif handlers code I did earlier this week. There are still three parts of this conversion I have not finished: - the ltdb index records need to use the string form of the objectSid (to keep the DNs sane). Until that it done I have disabled indexing on objectSid, which is a big performance hit, but allows us to pass all our tests while I rejig the indexing system to use a externally supplied conversion function - I haven't yet put in place the code that allows client to use the "S-xxx-yyy" form for objectSid in ldap search expressions. w2k3 supports this, presumably by looking for the "S-" prefix to determine what type of objectSid form is being used by the client. I have been working on ways to handle this, but am not happy with them yet so they aren't part of this patch - I need to change pidl to generate push functions that take a "const void *" instead of a "void*" for the data pointer. That will fix the couple of new warnings this code generates. Luckily it many places the conversion to NDR formatted records actually simplified the code, as it means we no longer need as many calls to dom_sid_parse_talloc(). In some places it got more complex, but not many. (This used to be commit d40bc2fa8ddd43560315688eebdbe98bdd02756c)
2007-10-10r7851: We are case preserving let the DN be returned the same the user put ↵Simo Sorce2-78/+83
it into. sss (This used to be commit 5b41e3202456549250e6e5b1c63bd45ea7500fa3)
2007-10-10r7850: Support mkdir() with just one parameter. Patch fromJelmer Vernooij3-1/+23
Steven Edwards <steven_ed4153@yahoo.com>. I've moved the Win32-specific tests to win32.m4 so it does not make any of the POSIX configure stuff more complicated. (This used to be commit bf85fdd01552f75b745fdf3159a7a87cd6521ed2)
2007-10-10r7844: eliminate superfluous attribute tablesDerrell Lipman1-382/+91
(This used to be commit 863beef35b769c5a531819c974754aea2a790921)
2007-10-10r7834: added comment about the "((" search testAndrew Tridgell1-0/+4
(This used to be commit 42c42f6611fa295ca60782661781d023c4fdaf8b)
2007-10-10r7833: changed ldbsearch and ldbedit to have command line syntax closer toAndrew Tridgell3-19/+19
ldapsearch. They look for an '=' in the first argument to see if it is a search expression, and if not then it does an 'all records' search (This used to be commit 91cc009fedefa7b263b345dfa511800e0f4f66a8)
2007-10-10r7832: missed oneAndrew Tridgell1-1/+1
(This used to be commit 20c84f5c5219c6f306888771b56e0dfdeb8fd774)
2007-10-10r7831: use cn=TEST as base of test DNs so we don't interfere with ↵Andrew Tridgell6-66/+66
potentially real records (This used to be commit 2a426f654db668f4bfc899771dd11598e295b774)
2007-10-10r7828: Although there is still plenty to do, ldb_sqlite3 now passes the set ↵Derrell Lipman8-364/+1156
of tests in tests/test-sqlite3.sh (tests/test-generic.sh). There are lots of optimizations still TBD, and some things are REALLY slow right now (e.g. each add() operation takes 1/3 - 1/2 second) but it's ready for interested parties to poke it and prod it and see how (un)reasonable it is. Play away. Still to be implemented or improved: - tdb specials (@MODULES, @SUBCLASSES, etc.) - all DNs are case-folded in their entirty right now (since doing otherwise would require @ATTRIBUTES to be implemented) - speed improvements and optimizations. I am quite confident that the excessively slow add() operation can be much improved, and other areas can be somewhat improved. (This used to be commit 1dd865005594671e7effe06fb088fa97fa08de0b)
2007-10-10r7827: Add in-memory keytab to Samba4, using the new MEMORY_WILDCARD keytabAndrew Bartlett2-59/+0
support in Heimdal. This removes the 'ext_keytab' step from my Samba4/WinXP client howto. In doing this work, I realised that the replay cache in Heimdal is currently a no-op, so I have removed the calls to it, and therefore the mutex calls from passdb/secrets.c. This patch also includes a replacement 'magic' mechanism detection, that does not issue extra error messages from deep inside the GSSAPI code. Andrew Bartlett (This used to be commit c19d5706f4fa760415b727b970bc99e7f1abd064)
2007-10-10r7808: fixed the build of ldb after the binary file support in ldif was addedAndrew Tridgell1-1/+3
(This used to be commit 0a8c722c8017e20635223b2c5dfc58759478312c)
2007-10-10r7806: add test for binary files as attribute valuesSimo Sorce3-0/+8
(This used to be commit 2b2675055e5113eccb0b876799b226d480335495)
2007-10-10r7805: add support to read binary files into attributes data like ldap tools ↵Simo Sorce1-3/+73
does (This used to be commit 38a14396262eeb279d67c2f0da06bfa0706a3be4)
2007-10-10r7804: added the samba specific ldif handlers into the tree, but don't enableAndrew Tridgell6-5/+146
them just yet. I have tested them, and they work fine, but enabling them will break code in rpc_server/ and samdb, so we need to fix that first (This used to be commit 07d459406b4c63e49141e0e533e1274b4052abf9)
2007-10-10r7803: added support in ldb for callers to setup ldif read/write functions,Andrew Tridgell3-10/+86
so that ldbedit, ldbsearch etc can display nice human readable ldif, while storing the data as binary blobs. This will be used for storing NDR encoded objectSid and similar attributes, while making the command line interface sane (This used to be commit 37e283089a846fc0608fef3981a3447300e33728)
2007-10-10r7784: give an error in ldb_tdb for invalid modify flags. The "whenChanged"Andrew Tridgell1-0/+3
bug was being silently ignored with the tdb backend because of this bug. A case where the ldap backend was right, and the tdb backend was wrong! (This used to be commit ddb26db763c314049043d80d27113226c0f2e656)
2007-10-10r7781: finding the parent of a talloc ptr is trickier than it looks due to ↵Andrew Tridgell2-7/+27
the two-way tree nature of the data structure. I think I've finally got it right also added talloc_show_parents() for debugging (This used to be commit 5760ed20eed509b0b6e09e78c942dd0f70350fa9)
2007-10-10r7780: fixed a bug in talloc_find_parent_byname()Andrew Tridgell1-1/+1
(This used to be commit ee3fe42fb16821eedd564201d953042190f7826f)
2007-10-10r7779: use the parent event context in ldb_wrap_connect(). See the comment inAndrew Tridgell1-0/+10
the previous commit for the method. (This used to be commit b0ad505510b9df8e7f05fb646046114eb6b997ed)
2007-10-10r7778: added talloc_find_parent_bytype() and talloc_find_parent_byname()Andrew Tridgell3-0/+40
These provide a way to find a parent of a ptr that is of a given type. I will be using this to find the event context in smbd, relying on the fact that everything is a child of the top level event context. I did look at the alternatives, and found that passing the event context to just about every call in smbd was getting way too complex (we need to get it to anything that can do a ldb operation, as that can invoke ldap). So this method avoids a global, and seems to work nicely (This used to be commit bdb55c7a10a516b75652065e14f5acd09d24ab35)
2007-10-10r7776: add a method for getting arbitrary opaque data into a ldb context, ↵Andrew Tridgell4-2/+45
for use by backends. Currently only EventContext is used in this way. (This used to be commit 9fa21b245843371f7777682ee4e5b98e2925b4d0)
2007-10-10r7773: fixed the tls code for the non-GNUTLS caseAndrew Tridgell1-1/+1
(This used to be commit bc6bc84ef4ad3434c6cb8d94a8d7a105ad2fd8c2)
2007-10-10r7769: added client support in the tls library apiAndrew Tridgell2-12/+126
(This used to be commit 71ee6a1df542b95c61217de71e6f56b8ce9d81b5)
2007-10-10r7767: fixed ldb dependenciesAndrew Tridgell1-1/+1
(This used to be commit 97e4ba84fb4cf4b95270c5d49b6bb8a9a92feaac)
2007-10-10r7759: allow ldb_errstring() to be used when not connectedAndrew Tridgell1-0/+3
(This used to be commit 818ae965afad37216d804aa630359d875794612e)
2007-10-10r7754: fixed the local port of accepted sockets in socket_wrapper. This fixesAndrew Tridgell1-4/+3
the problem with the ldap tests in 'make test' (This used to be commit 56fe27623ce31015a5a14f176f1445f51d57b0b8)
2007-10-10r7751: only enable tls on the ldaps port in ldap server, and reject non-tlsAndrew Tridgell2-5/+7
connections on that port (This used to be commit 30da6a1cc41308a16a486111887f45bcf598f064)
2007-10-10r7750: handle STATUS_MORE_ENTRIES on send in tlsAndrew Tridgell1-0/+4
(This used to be commit 135c3367ff737246ea40030d3c852769666ff522)
2007-10-10r7749: some bug fixes from testing with socket:testnonblockAndrew Tridgell1-0/+2
- fixed some infinite loops in asn1.c - ensure asn1 callers know if an error is end of buffer or bad data - handle npending 0 in ldap server (This used to be commit f22c3b84c8912ccd36e676a782b58f1841be8875)
2007-10-10r7747: - simplified the ldap server buffer handlingAndrew Tridgell2-1/+25
- got rid of the special cases for sasl buffers - added a tls_socket_pending() call to determine how much data is waiting on a tls connection - removed the attempt at async handling of ldap calls. The buffers/sockets are all async, but the calls themselves are sync. (This used to be commit 73cb4aad229d08e17e22d5792580bd43a61b142a)
2007-10-10r7745: better handling of recv errors in tls libraryAndrew Tridgell1-1/+10
(This used to be commit 42d8a1a222430bd64962da7cc4ac0193b5c003f7)
2007-10-10r7743: be consistent in how stdin is supported for ldbadd and ldbmodifyAndrew Tridgell1-18/+10
(This used to be commit 3d60b3a8eea5ac6c35cf2e579ae12cef3dc1794e)
2007-10-10r7742: abstracted out the tls code from the web server, so that our other ↵Andrew Tridgell4-0/+646
servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2007-10-10r7741: fixed the verbose option in ldbeditAndrew Tridgell1-12/+11
(This used to be commit a440133140a6adb5ea62d37690b9c4ae74dc6be0)
2007-10-10r7740: get rid of our duplicate base64 routinesAndrew Tridgell4-82/+15
(This used to be commit cf17f90a83cf04815544c5408eb56d00546b3e88)
2007-10-10r7739: fixed an off by one bug in the base64 decoder for ldb ldifAndrew Tridgell1-0/+3
(This used to be commit fe2b77af2352f1964402a4286105916e990dc36f)
2007-10-10r7728: handle 64 bit integers in INTEGER matchAndrew Tridgell1-3/+3
(This used to be commit 57132344b4e39a670e683b3db00665e5f7a899fd)
2007-10-10r7726: - removed some unused variablesAndrew Tridgell3-3/+9
- handle ldb_errstring() calls on failed connect (This used to be commit 8698a20fcc6a04ccbe533afd742e7a5df94423ee)
2007-10-10r7719: make the ildap ldb backend use the defaultNamingContext if the basednAndrew Tridgell1-2/+28
is not specified, so: ldbsearch ldap://hostname '(objectclass=user)' works without knowing the domain name (This used to be commit f6c2c5190737ca11f55a147f5295ccca505fb58b)
2007-10-10r7714: enable samba credentials handling in ldb tools. So you can now do aAndrew Tridgell10-58/+38
encrypted ldbedit against w2k3 (This used to be commit 6277c3923e7d9c26753424b1e77ac62f8e0729a4)
2007-10-10r7712: ldb/common/util.c is goneAndrew Tridgell1-1/+0
(This used to be commit aec0544962483b3cd8507b2de6d1552691e72932)
2007-10-10r7711: update callers of ldb_connect() for new syntaxAndrew Tridgell1-4/+11
(This used to be commit f852661463624714ad8e7adc0547b2f07b8f9f6d)
2007-10-10r7710: new command line handling code for ldbAndrew Tridgell3-0/+189
(This used to be commit 5e8db1c9b3bb6c5196652a7af877b4204148c305)
2007-10-10r7709: - convert ldb to use popt, so that it can interact with the sambaAndrew Tridgell23-689/+343
cmdline credentials code (which will be done soon) - added a ldb_init() call, and changed ldb_connect() to take a ldb context. This allows for much better error handling in ldb_connect(), and also made the popt conversion easier - fixed up all the existing backends with the new syntax - improved error handling in *_connect() - fixed a crash bug in the new case_fold_required() code - ensured that ltdb_rename() and all ltdb_search() paths get the read lock - added a ldb_oom() macro to make it easier to report out of memory situations in ldb code (This used to be commit f648fdf187669d6d87d01dd4e786b03cd420f220)
2007-10-10r7690: Move the NT hash generation into the credentials system, rather thanAndrew Bartlett1-11/+69
in all the callers. This also allows us to be more flexible in the type of password we store. Andrew Bartlett (This used to be commit 00b8588c68526e1d86fda0bd81c0b86f690b62c3)
2007-10-10r7669: removed ldap from our configure testsAndrew Tridgell2-17/+0
This takes our link dependencies from this: tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000) libldap_r.so.2 => /usr/lib/libldap_r.so.2 (0xb7f92000) liblber.so.2 => /usr/local/lib/liblber.so.2 (0xb7f85000) libpam.so.0 => /lib/libpam.so.0 (0xb7f7d000) libc.so.6 => /lib/tls/libc.so.6 (0xb7e48000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000) libresolv.so.2 => /lib/tls/libresolv.so.2 (0xb7e36000) libcrypt.so.1 => /lib/tls/libcrypt.so.1 (0xb7e09000) libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7df3000) libgnutls.so.11 => /usr/lib/libgnutls.so.11 (0xb7d8c000) libpthread.so.0 => /lib/tls/libpthread.so.0 (0xb7d7d000) libtasn1.so.2 => /usr/lib/libtasn1.so.2 (0xb7d6d000) libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7d20000) libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7d1c000) libz.so.1 => /usr/lib/libz.so.1 (0xb7d09000) libnsl.so.1 => /lib/tls/libnsl.so.1 (0xb7cf5000) to this: tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000) libpam.so.0 => /lib/libpam.so.0 (0xb7fc0000) libc.so.6 => /lib/tls/libc.so.6 (0xb7e8b000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000) this finally gets rid of the implicit dependency on pthreads! Yay! (This used to be commit 844d2a20830a4666b6c38f6a58305be64b6b76fa)
2007-10-10r7668: - setup HAVE_ILDAP to enable the ildap backend in ldbAndrew Tridgell1-1/+2
- fixed a bug in socket_connect_ev() (This used to be commit 3f77b879a035929a843e02b798d54eba6625bde7)
2007-10-10r7667: added a ldb ildap backend, using our internal ldap client library. ↵Andrew Tridgell4-1/+421
Next step is to remove the check for the ldap libraries in configure (This used to be commit 74841dbb2a86bb1c584b5c26c4cd24a818a65a34)
2007-10-10r7666: fixed a memory leak in the ldap ldb backendAndrew Tridgell1-3/+2
(This used to be commit ac3f33c61555a2afa30fe446676013564982e257)
2007-10-10r7660: improved error handling in socket_connect_ev() (it matters when nameAndrew Tridgell1-0/+3
resolution fails) (This used to be commit 4013c2ddea0cd03f875e2acf40d2a34344017d05)