Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit 5e8db1c9b3bb6c5196652a7af877b4204148c305)
|
|
cmdline credentials code (which will be done soon)
- added a ldb_init() call, and changed ldb_connect() to take a ldb
context. This allows for much better error handling in
ldb_connect(), and also made the popt conversion easier
- fixed up all the existing backends with the new syntax
- improved error handling in *_connect()
- fixed a crash bug in the new case_fold_required() code
- ensured that ltdb_rename() and all ltdb_search() paths get the read lock
- added a ldb_oom() macro to make it easier to report out of memory
situations in ldb code
(This used to be commit f648fdf187669d6d87d01dd4e786b03cd420f220)
|
|
in all the callers. This also allows us to be more flexible in the
type of password we store.
Andrew Bartlett
(This used to be commit 00b8588c68526e1d86fda0bd81c0b86f690b62c3)
|
|
This takes our link dependencies from this:
tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch
libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000)
libldap_r.so.2 => /usr/lib/libldap_r.so.2 (0xb7f92000)
liblber.so.2 => /usr/local/lib/liblber.so.2 (0xb7f85000)
libpam.so.0 => /lib/libpam.so.0 (0xb7f7d000)
libc.so.6 => /lib/tls/libc.so.6 (0xb7e48000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000)
libresolv.so.2 => /lib/tls/libresolv.so.2 (0xb7e36000)
libcrypt.so.1 => /lib/tls/libcrypt.so.1 (0xb7e09000)
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7df3000)
libgnutls.so.11 => /usr/lib/libgnutls.so.11 (0xb7d8c000)
libpthread.so.0 => /lib/tls/libpthread.so.0 (0xb7d7d000)
libtasn1.so.2 => /usr/lib/libtasn1.so.2 (0xb7d6d000)
libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7d20000)
libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7d1c000)
libz.so.1 => /usr/lib/libz.so.1 (0xb7d09000)
libnsl.so.1 => /lib/tls/libnsl.so.1 (0xb7cf5000)
to this:
tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch
libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000)
libpam.so.0 => /lib/libpam.so.0 (0xb7fc0000)
libc.so.6 => /lib/tls/libc.so.6 (0xb7e8b000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000)
this finally gets rid of the implicit dependency on pthreads! Yay!
(This used to be commit 844d2a20830a4666b6c38f6a58305be64b6b76fa)
|
|
- fixed a bug in socket_connect_ev()
(This used to be commit 3f77b879a035929a843e02b798d54eba6625bde7)
|
|
Next step is to
remove the check for the ldap libraries in configure
(This used to be commit 74841dbb2a86bb1c584b5c26c4cd24a818a65a34)
|
|
(This used to be commit ac3f33c61555a2afa30fe446676013564982e257)
|
|
resolution fails)
(This used to be commit 4013c2ddea0cd03f875e2acf40d2a34344017d05)
|
|
loops in corrupted tdb files.
Jeremy.
(This used to be commit f9f3037d6855259edd56fd5a23d63dbb37f0a751)
|
|
(This used to be commit 8735188b46d4bb6c3d63d22a8c6f3fad2c82df89)
|
|
event_context for the socket_connect() call, so that when things that
use dcerpc are running alongside anything else it doesn't block the
whole process during a connect.
Then of course I needed to change any code that created a dcerpc
connection (such as the auth code) to also take an event context, and
anything that called that and so on .... thus the size of the patch.
There were 3 places where I punted:
- abartlet wanted me to add a gensec_set_event_context() call
instead of adding it to the gensec init calls. Andrew, my
apologies for not doing this. I didn't do it as adding a new
parameter allowed me to catch all the callers with the
compiler. Now that its done, we could go back and use
gensec_set_event_context()
- the ejs code calls auth initialisation, which means it should pass
in the event context from the web server. I punted on that. Needs fixing.
- I used a NULL event context in dcom_get_pipe(). This is equivalent
to what we did already, but should be fixed to use a callers event
context. Jelmer, can you think of a clean way to do that?
I also cleaned up a couple of things:
- libnet_context_destroy() makes no sense. I removed it.
- removed some unused vars in various places
(This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
|
|
(This used to be commit a4d05988637b4e607c3cdad83bfb1e9cf923b7f0)
|
|
- hooked into events system, so requests can be truly async and won't
interfere with other processing happening at the same time
- uses NTSTATUS codes for errors (previously errors were mostly
ignored). In a similar fashion to the DOS error handling, I have
reserved a range of the NTSTATUS code 32 bit space for LDAP error
codes, so a function can return a LDAP error code in a NTSTATUS
- much cleaner packet handling
(This used to be commit 2e3c660b2fc20e046d82bf1cc296422b6e7dfad0)
|
|
(This used to be commit b38bb63175ae0bdcf833c017e5fbbfc2c0769506)
|
|
(This used to be commit 0218fc678e375a05fbc4da5500706199340918e2)
|
|
(This used to be commit ce9966e091d36f66d409ac6f7b5e462c9dc37325)
|
|
(This used to be commit 0a64948152a446b5e127578d49b1ed8a90a1a222)
|
|
them in the ntlmssp code, which is the only place they are
used. Andrew, please remove them completely once you have some more
reliable way to get this info
they are bogus as gethostname() may give us a short hostname (and does
on lot of systems), so the calls often give totally the wrong result
anyway
(This used to be commit 35ec292f86bf663618b4bd03133d9bbd6e2faf10)
|
|
ldif parsing code in libcli/ldap/ldap_ldif.c, and instead use the ldb
ldif code. To do that I have changed the ldap code to use 'struct
ldb_message_element' instead of 'struct ldap_attribute'. They are
essentially the same structure anyway, so by making them really the
same it will be much easier to use the ldb code in libcli/ldap/
I have also made 'struct ldb_val' the same as a DATA_BLOB, which will
simplify data handling in quite a few places (I haven't yet removed
all the code that maps between these two, that will come later)
(This used to be commit 87fc3073392236221a3a6b933284e9e477c24ae5)
|
|
willingness to operate properly on initial testing
(This used to be commit 86ca8639e0ddc2525f8ed0ca9879d9f98c0cd00e)
|
|
Old way was ugly and had a bug, you couldn't add an attribute named
dn or distinguishedName and search for it, tdb would change that search in a dn search.
This makes it also possible to search by dn against an ldap server as the old method was
not supported by ldap syntaxes.
sss
(This used to be commit a614466dec2484a0d39bdfae53da822cfcf80926)
|
|
(This used to be commit 73d2e5df0ccf4ab1b78a1044058efd8e2479aa1a)
|
|
(This used to be commit 348a86e64392245571204ac5004e73221ac441f5)
|
|
us that triggered this work
(This used to be commit 853b8cd72dbb8c50d527e66aa7b5692060b66d2b)
|
|
(This used to be commit d8a9ce78533639f510b60b48c8f305bd07f3f717)
|
|
(This used to be commit 42cbb155c20779c458f727488c8554842b24681b)
|
|
(This used to be commit 7b58b3a9c53952f606eb75f5e916e0cf994b2d06)
|
|
(This used to be commit 0c44a67001b9ae91c1ba7fc52f22d1eafc22dcc7)
|
|
using to perform such things as bitop tests on integers.
So far I have only added support for the 1.2.840.113556.1.4.803 and
1.2.840.113556.1.4.804 rules, which are for bitwise and/or
(This used to be commit 5f773b065f1db959e59c02de68bcf30cef1a6c2c)
|
|
(This used to be commit 77fc2036a0db7bde9e90f090dbcd75ea70b3e0a0)
|
|
(This used to be commit 6a9ab148a98490e52da81d4ddedf42af2b5bf1a7)
|
|
This always loads all the services, as we now don't have an easy way
to split out smbd.
Andrew Bartlett
(This used to be commit 990e061939c76b559c4f5914c5fc6ca1b13e19dd)
|
|
instead of a search expression. This allows our ldap server to pass
its ASN.1 parsed search expressions straight to ldb, instead of going
via strings.
- updated all the ldb modules code to handle the new interface
- got rid of the separate ldb_parse.h now that the ldb_parse
structures are exposed externally
- moved to C99 structure initialisation in ldb
- switched ldap server to using ldb_search_bytree()
(This used to be commit 96620ab2ee5d440bbbc51c1bc0cad9977770f897)
|
|
(This used to be commit 646953df4c272581211ba30dc77e1052ea1f465e)
|
|
There is now a new --debug-stderr option to enable debug to STDERR.
popt isn't perfect, but the callbacks are used in all the main Samba
binaries, and should be used in the rest. This avoids duplicated
code, and ensures every binary is setup correctly.
This also ensures the setup happens early enough to have -s function,
and have a correct impact on the credentials code. (Fixing a bug that
frustrated tridge earlier today).
The only 'subtle' aspect of all this is that I'm pretty sure that the
SAMBA_COMMON popt code must be above the CREDENTIALS code, in the
popt tables.
Andrew Bartlett
(This used to be commit 50f3c2b3a22971f40e0d3a88127b5120bfc47591)
|
|
and forms a ldab search filter expression. Next step is to make our
ldap server code go from ASN.1 to a ldb_parse_tree, instead of trying
to construct string filters, then add a ldb_search_tree() call to
allow for searches using parse trees.
all of this is being done as I am hitting bitwise '&' ldap search
expressions from w2k, and want to handle them cleanly.
(This used to be commit 04356c1b1ed86d72934bc1b0ed60b767e10a1196)
|
|
modules in the ldap
backend
(This used to be commit 52e4a5b3b0c4c96bf9686ce047ccfc1846dc2c89)
|
|
(This used to be commit 18c96f2b3e4d4c769354d61a4cda5c295f50536f)
|
|
functions on
(This used to be commit 9913ab2550fae465c7a66fe7fa3a36a65b25b358)
|
|
code into the ldb parse code
(This used to be commit 12647e37223847da810c2d4e5f83328b1fcf88cb)
|
|
potentially use
it in our ldap client code, instead of replicating all the code
(This used to be commit 5b3575d9303d54a771e080a670dcd2f444b10c20)
|
|
(This used to be commit 797263330b9eada019e432ff201bf5c872e35b5d)
|
|
inside the per test frame
metze
(This used to be commit 5cf27b4af33fd7e30a59e53e4b08d67ac83ddccd)
|
|
(This used to be commit 633b24345fecad1111f40999efa2897bba521f19)
|
|
(This used to be commit 510e7994da808ab12f51fa7a36c3f5f9244c51ac)
|
|
the connect() stage, we were missing this
(This used to be commit f5102b886c10fead0f6bcdc4460584ae53912ebc)
|
|
This should fix the LOCAL-SOCKET test in the build farm
(This used to be commit 417e967afb457ee505c2302cdc83d7060033b0aa)
|
|
to change this later but that will be pretty easy.
We can use this type to pass around pointers to handles in C. Talloc
allows us to do type checking too.
(This used to be commit b95c0bc9b0a18aeaa89f704e37669f01df2c2ad0)
|
|
(This used to be commit 0e3b872560d82e1a0f7b58fe7d210563d6d29daf)
|
|
(This used to be commit 9a78161b0fdb3406c70b9f5a8009ed8fc5268445)
|