Age | Commit message (Collapse) | Author | Files | Lines |
|
(disabled by default, set parametric option: gensec:gssapi=yes to enable).
This module backs directly onto GSSAPI, and allows us to sign and seal
GSSAPI/Krb5 connections in particular. This avoids me reinventing the
entire GSSAPI wheel.
Currently a lot of things are left as default - we will soon start
specifiying OIDs as well as passwords (it uses the keytab only at the
moment). Tested with our LDAP-* torture tests against Win2k3.
My hope is to use this module to access the new SPNEGO implementation
in Heimdal, to avoid having to standards-verify our own.
Andrew Bartlett
(This used to be commit 14b650c85db14a9bf97e24682b2643b63c51ff35)
|
|
Andrew Bartlett
(This used to be commit 13aa88ed65a8914000cccbecf80929db3df65037)
|
|
Andrew Bartlett
(This used to be commit 722f59c7c8d09f548d9325c6051d6687d7aa16c2)
|
|
the backend what is actually in use
metze
(This used to be commit 6f3eb7bc03609108b9e0ea5676fca3d04140e737)
|
|
(This used to be commit eec698254f67365f27b4b7569fa982e22472aca1)
|
|
(This used to be commit 80d15fa3402a9d1183467463f6b21c0b674bc442)
|
|
- Use .mk files directly (no need for a SMB_*_MK() macro when adding a new SUBSYSTEM, MODULE or BINARY). This allows addition of new modules and subsystems without running configure
- Add support for generating .dot files with the Samba4 dependency tree (as used by the graphviz and springgraph utilities)
(This used to be commit 64826da834e26ee0488674e27a0eae36491ee179)
|
|
metze
(This used to be commit 9701abfa3a5f6351c8c7bced6adb751be9f5ff31)
|
|
metze
(This used to be commit 4868f1ea857e94f60dbde83bfb54def8a5ee728f)
|
|
(vl: we should only sync the parsing code with trunk)
- use hierachical talloc in the ldap client code
metze
(This used to be commit 1e9c0b68ca9ddb28877d45fc1b47653b13a7446d)
|
|
(This used to be commit a7e5bde6befa8da8fc7447b295d9177126f74964)
|
|
ioctl.h)
(This used to be commit b97e395c814762024336c1cf4d7c25be8da5813a)
|
|
- tidied up some of the system includes
- moved a few more structures back from misc.idl to netlogon.idl and samr.idl now that pidl
knows about inter-IDL dependencies
(This used to be commit 7b7477ac42d96faac1b0ff361525d2c63cedfc64)
|
|
the ldb part isn't ideal, I will have to think of a better solution
(This used to be commit 6b1f86aea8427a8e957b1aeb0ec2f507297f07cb)
|
|
I have created the include/system/ directory, which will contain the
wrappers for the system includes for logical subsystems. So far I have
created include/system/kerberos.h and include/system/network.h, which
contain all the system includes for kerberos code and networking code.
These are the included in subsystems that need kerberos or networking
respectively.
Note that this method avoids the mess of #ifdef HAVE_XXX_H in every C
file, instead each C module includes the include/system/XXX.h file for
the logical system support it needs, and the details are kept isolated
in include/system/
This patch also creates a "struct ipv4_addr" which replaces "struct
in_addr" in our code. That avoids every C file needing to import all
the system networking headers.
(This used to be commit 2e25c71853f8996f73755277e448e7d670810349)
|
|
metze
(This used to be commit c730d7d638875c239f0b67c1d4b25eb1fb01c5ff)
|
|
metze
(This used to be commit f1d8f4bc5df5b4f284739096684c9dbc76352511)
|
|
Andrew Bartlett
(This used to be commit 9c911b361c4dbb058eb48150c113c2e95b8053da)
|
|
metze
(This used to be commit e23dcb18870450be4252a0dba3e427f73291da25)
|
|
and some minor changes
- make ldap_encode/decode_response maore usable
metze
(This used to be commit cc77baf729a56499e19a50dcb1a404a4777b36d5)
|
|
try a sasl sealed CompareRequest
abartlet: we need to check how SINGING only can work,
it failed for me:-(
metze
(This used to be commit 1dabd04e265bbc1e8335f816708c2639746d9afd)
|
|
check the result of ldap_receive()
metze
(This used to be commit 778cf6d92bc3c50add43b573652c2aefef65026c)
|
|
metze
(This used to be commit 4233067921d386d4bf02218b479083cdbe2bd3c1)
|
|
en/decode CompareRequest/Response correct
metze
(This used to be commit 72dfea2b07aea83d0965a585f6e388eb88a7c6d1)
|
|
(This used to be commit ddd74dae8efe4e04b5a56ee9ecd9d4f87f99d104)
|
|
(This used to be commit 3d587a7141908362657afc2dfd0c78d73a5fed07)
|
|
Add delete functionality to ldb simple lda server backend
add some const in ldap.h
(This used to be commit 5ed9a6eb184f34eb572dd81202237042518ec7cd)
|
|
taking a context (so when you pass a NULL pointer you end up with
memory in a top level context). Fixed it by changing the API to take a
context. The context is only used if the pointer you are reallocing is
NULL.
(This used to be commit 8dc23821c9f54b2f13049b5e608a0cafb81aa540)
|
|
by making our gensec structures a talloc child of the open connection
we can be sure that it will be destroyed when the connection is
dropped.
(This used to be commit f12ee2f241aab1549bc1d9ca4c35a35a1ca0d09d)
|
|
- fail when we got a wrong tag in ldap_decode()
metze
(This used to be commit e942f414c5f9130c7ac9996612caaefd29f5eeca)
|
|
btw, the reason I want to use strncasecmp() instead of StrnCaseCmp()
is that the Samba internal functions are built to deal with
multi-byte, whereas in the cases I am converting we know we are
dealing with solely ascii string constants, so going via the slow
conversion libraries is pointless.
(This used to be commit cef08d5789277bdaa25d5bf0e7cfca8615230f1b)
|
|
metze
(This used to be commit 492a00d909d6f3ff8305f102551f60d91d988ccd)
|
|
Volker
(This used to be commit 53f58c053b643c8b45d2f9394faf8cfdd5005f6d)
|
|
This version does the following:
1) talloc_free(), talloc_realloc() and talloc_steal() lose their
(redundent) first arguments
2) you can use _any_ talloc pointer as a talloc context to allocate
more memory. This allows you to create complex data structures
where the top level structure is the logical parent of the next
level down, and those are the parents of the level below
that. Then destroy either the lot with a single talloc_free() or
destroy any sub-part with a talloc_free() of that part
3) you can name any pointer. Use talloc_named() which is just like
talloc() but takes the printf style name argument as well as the
parent context and the size.
The whole thing ends up being a very simple piece of code, although
some of the pointer walking gets hairy.
So far, I'm just using the new talloc() like the old one. The next
step is to actually take advantage of the new interface
properly. Expect some new commits soon that simplify some common
coding styles in samba4 by using the new talloc().
(This used to be commit e35bb094c52e550b3105dd1638d8d90de71d854f)
|
|
(This used to be commit 8be31e5c854e4462163b97b897ff41de95f181c4)
|
|
metze
(This used to be commit 4c6c4d6bc8927b93f29beecf44aef5c228533a43)
|
|
metze
(This used to be commit 11c866d602fb4daefc1dced349606bd8ccd38ef2)
|
|
- merge some stuff from trunk
metze
(This used to be commit 267edf1c0bb1ed73f1ba19148e6412b9a1c41979)
|
|
metze
(This used to be commit a2cd725681fa7b10a5cca337554be17f628465c0)
|
|
metze
(This used to be commit d0278c6bef622feeda8da7a120e3d1abce4a74e5)
|
|
metze
(This used to be commit f6c44201073df37881191509ffb7badee3baac71)
|
|
does not work yet but we are close currently we send the right data
on wire and fail to decode the answer
(This used to be commit 10baf585821bf1f10a3786045a0965000cdffd12)
|
|
metze
(This used to be commit a1bfc94ab35c426b75efedea0df21acec7d1eeed)
|
|
(This used to be commit d9f8f97c9eaa8078f411adf0a8db607365082197)
|
|
(This used to be commit 44083e317855f6d8a0b4a81002a3376e8775df28)
|
|
Thanks to Metze and Volker for their unvaluable support :)
(This used to be commit e6a6c0737ab94d58930c0d4e1ef0bb4d99510833)
|
|
all ldb functions has been renamed to ldap_ as we don't
really want to include ldb functions here, let's keep ldap
and ldb separate.
(This used to be commit f9d7b731c910b530a0a6c0f0c09c809f3e7b4167)
|
|
ldap server code
it's not compiled in yet...
metze
(This used to be commit 48939adca1332ff90f9287311c0e9ff3e2e5917a)
|