summaryrefslogtreecommitdiff
path: root/source4/libcli/ldap/ldap.c
AgeCommit message (Collapse)AuthorFilesLines
2009-02-24s4:libcli: split out LIBCLI_LDAP_MESSAGE subsystemStefan Metzmacher1-1411/+0
metze
2008-12-17s4:libcli/ldap: split out a ldap_decode_attribs_bare() functionAndrew Bartlett1-8/+18
The OpenLDAP dereference control (draft-masarati-ldap-deref-00) uses an attribute list, as found in the search reply, but without one enclosing ASN1_SEQUENCE(0) This allows the dereference control parsing code to use this as a helper function. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2008-10-11Fix include paths to new location of libutil.Jelmer Vernooij1-1/+1
2008-04-02Install public header files again and include required prototypes.Jelmer Vernooij1-2/+3
(This used to be commit 47ffbbf67435904754469544390b67d34c958343)
2008-01-15util: Move asn1 to lib/util to trim down the number of subsystems.Jelmer Vernooij1-1/+1
(This used to be commit 44e1cfd2d0ef62e4ee541cec00581a7151d951b3)
2007-12-27r26613: Add a function to write a DATA_BLOB into an LDAPString.Andrew Bartlett1-3/+3
This respects the length set in the DATA_BLOB, rather than hoping to see NULL termination of the data pointer. (found testing the Ambigious Name Resolution code against OpenLDAP). Andrew Bartlett (This used to be commit bc0022e8c7357b126dc91a945f0e53e4e4108e7d)
2007-12-21r26192: Handle, test and implement the style of extended_dn requiest that ↵Andrew Bartlett1-1/+12
MMC uses. It appears that the control value is optional, implying type 0 responses. Failing to parse this was causing LDAP disconnects with 'unavailable critical extension'. Andrew Bartlett (This used to be commit 833dfc2f2af84c45f954e428c9ea6babf100ba92)
2007-10-10r25554: Convert last instances of BOOL, True and False to the standard types.Jelmer Vernooij1-15/+15
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
2007-10-10r25000: Fix some more C++ compatibility warnings.Jelmer Vernooij1-4/+4
(This used to be commit 08bb1ef643ab906f1645cf6f32763dc73b1884e4)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r23036: error checking on asn1_init() failureAndrew Tridgell1-0/+2
(This used to be commit 26cf8494084c0106ef0e1c9b6ef40eeadf945ef2)
2007-10-10r23030: finally fixed up our asn1 code to use better memory allocation. ThisAndrew Tridgell1-149/+148
should allow us to fix some long standing memory leaks. (This used to be commit 3db49c2ec9968221c1361785b94061046ecd159d)
2007-10-10r21806: I've been working over the last week to fix up the LDAP backend forAndrew Bartlett1-29/+46
Samba4. This only broke on global catalog queries, which turned out to be due to changes in the partitions module that metze needed for his DRSUAPI work. I've reworked partitions.c to always include the 'problematic' control, and therefore demonstrated that this is the issue. This ensures consistency, and should help with finding issues like this in future. As this control (DSDB_CONTROL_CURRENT_PARTITION_OID) is not intended to be linearised, I've added logic to allow it to be skipped when creating network packets. I've likewise make our LDAP server skip unknown controls, when marked 'not critical' on it's input, rather than just dropping the entire request. I need some help to generate a correct error packet when it is marked critical. Further work could perhaps be to have the ldap_encode routine return a textual description of what failed to encode, as that would have saved me a lot of time... Andrew Bartlett (This used to be commit eef710668f91d1bbaa2d834d9e653e11c8aac817)
2007-10-10r21511: this seems to be the nicer fix for the problem withStefan Metzmacher1-4/+0
the windows 2000 LDAP client metze (This used to be commit d40465470fa09827ea529e1f2c80bca9efc152a8)
2007-10-10r21501: ugly but the windows 2000 mmc deturns decoding error without thisStefan Metzmacher1-0/+4
metze (This used to be commit f17da75754f8cc79b60e04b54a4bc99191e71ff3)
2007-10-10r18989: Fixes found by these two LDAP testsuites:Andrew Bartlett1-4/+21
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/ - http://gleg.net/protover_ldap_sample.shtml Also fixes found by a subsequent audit of the code for similar issues. (This used to be commit 441a4f6262459dabfefd9bb12622ada9c007a60c)
2007-10-10r16073: On an incoming wildcard search, it is critical that the size beAndrew Bartlett1-2/+2
correct, or we try and do a memcmp on the trailing '\0'. This happens because we now use memcmp for the prefix matching. I just wish I had a test other than a particular invocation of the OSX client. (I've tried and failed so far) Andrew Bartlett (This used to be commit 36aa8390807581442c68ac3ee9dd6eb05d89b86d)
2007-10-10r15573: Fix build of systems that have iconv headers in non-standard locationsJelmer Vernooij1-1/+0
Split of system/locale.h header from system/iconv.h Previously, iconv wasn't being used on these systems (This used to be commit aa6d66fda69779d1c2948a1aca85dbd5208f1cba)
2007-10-10r14423: don't die on no controlsAndrew Tridgell1-1/+3
(This used to be commit 9787fb8e917c22ffe910062630dc4f32473a9fab)
2007-10-10r13609: Get in the initial work on making ldb asyncSimo Sorce1-4/+4
Currently only ldb_ildap is async, the plan is to first make all backend support the async calls, and then remove the sync functions from backends and keep the only in the API. Modules will need to be transformed along the way. Simo (This used to be commit 1e2c13b2d52de7c534493dd79a2c0596a3e8c1f5)
2007-10-10r13508: some ASN.1 element in LDAP are optional,Stefan Metzmacher1-33/+69
make it possible to code the difference between a zero length and a NULL DATA_BLOB... metze (This used to be commit 54f0b19c55df8ad3882f31a114e2ea0e4cf940ae)
2007-10-10r13344: Trust SASL to have subtle distinctions between NULL and zero-lengthAndrew Bartlett1-3/+17
responses... Also trust OpenLDAP to be pedantic about it, breaking connections to AD. In any case, we now get this 'right' (by nasty overloading hacks, but hey), and we can now use system-supplied OpenLDAP libs and SASL/GSSAPI to talk to Samba4. Andrew Bartlett (This used to be commit 0cbe18211a95f811b51865bc0e8729e9a302ad25)
2007-10-10r12917: fix decoding of ldap controlsSimo Sorce1-1/+1
some more work on timeouts (This used to be commit a7e2fe3cb33be2effff7eb764047567f2da3cd55)
2007-10-10r12733: Merge ldap/ldb controls into main treeSimo Sorce1-17/+22
There's still lot of work to do but the patch is stable enough to be pushed into the main samba4 tree. Simo. (This used to be commit 77125feaff252cab44d26593093a9c211c846ce8)
2007-10-10r12694: Move some headers to the directory of the subsystem they belong to.Jelmer Vernooij1-1/+1
(This used to be commit c722f665c90103f3ed57621c460e32ad33e7a8a3)
2007-10-10r11620: switch the ldap client code over to using the generic packet codeAndrew Tridgell1-0/+8
(This used to be commit 1d29ad2a27d89454e5e3c4a3cf05cc5edde0208c)
2007-10-10r11523: Working towards having Samba3 join Samba4, this allows the SASLAndrew Bartlett1-3/+7
credentials to be NULL, where the client is requesting a CIFS style server-first negTokenInit. Andrew Bartlett (This used to be commit eba652ecc89766304fdad14463072dc311693701)
2007-10-10r10913: This patch isn't as big as it looks ...Andrew Tridgell1-6/+5
most of the changes are fixes to make all the ldb code compile without warnings on gcc4. Unfortunately That required a lot of casts :-( I have also added the start of an 'operational' module, which will replace the timestamp module, plus add support for some other operational attributes In ldb_msg_*() I added some new utility functions to make the operational module sane, and remove the 'ldb' argument from the ldb_msg_add_*() functions. That argument was only needed back in the early days of ldb when we didn't use the hierarchical talloc and thus needed a place to get the allocation function from. Now its just a pain to pass around everywhere. Also added a ldb_debug_set() function that calls ldb_debug() plus sets the result using ldb_set_errstring(). That saves on some awkward coding in a few places. (This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
2007-10-10r10213: fixed a memory leak in the ldap client and server code spotted by KarlAndrew Tridgell1-2/+2
Melcher. ldap_encode() now takes a memory context to use for the data blob (This used to be commit 09948a59336a7f02bf2b4605f2d4d886e65b85f2)
2007-10-10r8917: Better support for extended ldap search operationsSimo Sorce1-17/+49
Try to follow the RFC where possible and adapt to openLdap and AD way of handling this structure (This used to be commit d844d45d87b4114bc1b9af2e40f8c27ba3e219de)
2007-10-10r8585: add to ldb and ldap comparison functionalitySimo Sorce1-9/+96
better pares filters Approx is currently only a stub need to dig more info to understand what it really means and how it works exactly (This used to be commit a9e8cd0bad27ed2b3c6a12302e787ba3c9a70a3c)
2007-10-10r8530: Now our ldap server is able to fullfill present and substring searchesSimo Sorce1-36/+184
(This used to be commit a910671bd8c6d2d8d5b6ff30fc07ead244e696f1)
2007-10-10r8414: Some C++ friendlyness fixes - 'not' is apparently a keyword in C++.Tim Potter1-3/+3
(This used to be commit bcfb3a45e4a5962fe763f8071d4458f4bd11605b)
2007-10-10r7749: some bug fixes from testing with socket:testnonblockAndrew Tridgell1-2/+3
- fixed some infinite loops in asn1.c - ensure asn1 callers know if an error is end of buffer or bad data - handle npending 0 in ldap server (This used to be commit f22c3b84c8912ccd36e676a782b58f1841be8875)
2007-10-10r7724: added encoding of LDB_OP_NOT search componentsAndrew Tridgell1-1/+6
(This used to be commit 82b1feeafea57ca1b8d7bf79f777eebcc703769c)
2007-10-10r7723: - fix a mismatched asn1 push/pop on bindAndrew Tridgell1-29/+26
- add error checking to ldap_encode() - fixed the asn1 codes for extended search - use asn1 context macros (This used to be commit 25d500b6e559b9a530ae65a21046cfde0f8c41af)
2007-10-10r7720: - simplify the asn1 decode of ldap_search() a lot, taking advantage ofAndrew Tridgell1-1/+3
the fact that the ldap data structures now use ldb_message_element. - fixed null termination of elements in ildap (This used to be commit 09060994c1ed12073ae6e1131d7074db8fdc523c)
2007-10-10r7626: a new ldap client library. Main features are:Andrew Tridgell1-40/+0
- hooked into events system, so requests can be truly async and won't interfere with other processing happening at the same time - uses NTSTATUS codes for errors (previously errors were mostly ignored). In a similar fashion to the DOS error handling, I have reserved a range of the NTSTATUS code 32 bit space for LDAP error codes, so a function can return a LDAP error code in a NTSTATUS - much cleaner packet handling (This used to be commit 2e3c660b2fc20e046d82bf1cc296422b6e7dfad0)
2007-10-10r7598: take advantage of struct data_blob and struct ldb_val being the sameAndrew Tridgell1-4/+1
structure in a couple of places (This used to be commit bcd4671acae2be51958cbae23a0ab2dd2b194a5e)
2007-10-10r7596: next step in ldap cleanup. I'm aiming to get rid of the cut&pastedAndrew Tridgell1-6/+6
ldif parsing code in libcli/ldap/ldap_ldif.c, and instead use the ldb ldif code. To do that I have changed the ldap code to use 'struct ldb_message_element' instead of 'struct ldap_attribute'. They are essentially the same structure anyway, so by making them really the same it will be much easier to use the ldb code in libcli/ldap/ I have also made 'struct ldb_val' the same as a DATA_BLOB, which will simplify data handling in quite a few places (I haven't yet removed all the code that maps between these two, that will come later) (This used to be commit 87fc3073392236221a3a6b933284e9e477c24ae5)
2007-10-10r7593: simplified the memory management in the ldap code. Having a mem_ctxAndrew Tridgell1-36/+36
element in a structure is not necessary any more. (This used to be commit 912d0427f52eac811b27bf7e385b0642f7dc7f53)
2007-10-10r7567: added wire parsing of NOT and extended ldap search requests. ThisAndrew Tridgell1-37/+97
allows us to parse and handle the complex queries we are getting from w2k, such as (|(|(&(!(groupType:1.2.840.113556.1.4.803=1))(groupType:1.2.840.113556.1.4.803=2147483648)(groupType:1.2.840.113556.1.4.804=6))(samAccountType=805306368))(samAccountType=805306369)) (This used to be commit 041bce591306a0fb26bd31fe371e30021ea5c0c1)
2007-10-10r7527: - added a ldb_search_bytree() interface, which takes a ldb_parse_treeAndrew Tridgell1-32/+9
instead of a search expression. This allows our ldap server to pass its ASN.1 parsed search expressions straight to ldb, instead of going via strings. - updated all the ldb modules code to handle the new interface - got rid of the separate ldb_parse.h now that the ldb_parse structures are exposed externally - moved to C99 structure initialisation in ldb - switched ldap server to using ldb_search_bytree() (This used to be commit 96620ab2ee5d440bbbc51c1bc0cad9977770f897)
2007-10-10r7524: make the ldap ASN.1 filter parse code go via a structAndrew Tridgell1-77/+107
ldb_parse_tree. This also fixes the error handling. next step will be to pass the parse tree straight into ldb, avoiding the string encoding completely. (This used to be commit 235cf625e20767c8d5d30c5955ae45e1fdf88bf2)
2007-10-10r7519: rip the copy of the ldap expression parser out of libcli/ldap/ and useAndrew Tridgell1-375/+17
the original one in lib/ldb/ instead. Having two copies of this code is silly. (This used to be commit 0e9f18c44858b692c724c004f362de9e3dc15db5)
2007-10-10r6817: - fixed empty ldap search elements in filtersAndrew Tridgell1-1/+1
- added support for guids in cldap netlogon searches. the cldap server now passes the LDAP-CLDAP torture test (This used to be commit eb7979d9def389942fa1c54693d2dfcb8828f544)
2007-10-10r6763: added functions in libcli/ldap/ to binary encode some NDR structures intoAndrew Tridgell1-1/+4
ldap friendly filter strings (This used to be commit 8890dd3ac331cffe83226a356c52df89c917c2b0)
2007-10-10r6745: - escape spaces in binary ldap blobsAndrew Tridgell1-3/+13
- expose the ldap filter string parsing outside of ldap.c (This used to be commit b644ff6fe164fbe359c47e4d34f5ad490ff61d5b)
2007-10-10r6726: support binary search elements in ldap_decode()Andrew Tridgell1-6/+42
(This used to be commit 2b36f1dfdd6cf3ab89f63b541ae4cd905fb03c8d)
2007-10-10r6689: minor ldap client library workAndrew Tridgell1-20/+59
- added support for binary encoded search filters - fixed some const handling - changed the message type to an enum, to help debugging (This used to be commit d5353b63428698d1ce95c50e2626f1841fa637e3)
generated by cgit (git 2.34.1) at 2024-07-07 02:09:53 +0000