Age | Commit message (Collapse) | Author | Files | Lines |
|
This is needed because we don't (want) to specify an explicit
local address. And the socket family (ipv4 vs. ipv6) needs to
be autodetected based on the remote address before the
socket() syscall.
Otherwise we would try to connect to a ipv4 address through an
ipv6only socket.
metze
|
|
This reduces compile time somewhat.
|
|
Consider for description the post on the technical mailing list. I hope that this
satisfies abartlet again.
|
|
|
|
|
|
Update to use the new DS_DNS_FOREST_ROOT name, which makes it clearer
what this bit means (according to MS-ADTS doc)
|
|
- Insert a check after the "tsocket" library call to make sure that the call
terminated correctly
- Add a comment to explain why on further calls of "cldap_socket_init" the
destination address hasn't to be specified
|
|
metze
|
|
metze
|
|
Guenther
|
|
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
(This used to be commit a484334fb4dafd1df514d1bf88f7e0c4f07dff86)
|
|
(This used to be commit 3b8eec7ca334528cad3cdcd5e3fc5ee555d8d0e0)
|
|
This now handles checking if the user exists, including validating the
ACB mask on the user.
This would be a nasty security hole, if Kerberos did not already
expose this information anonymously...
Andrew Bartlett
(This used to be commit 441b286c00f9a7743cdefeb243545bdbd2c94c5e)
|
|
This fixes up some compiled in constants and checks a couple more NT
versions.
Andrew Bartlett
(This used to be commit ca1b3fe3add06dc22361d5a5fe7e63a6abb1697c)
|
|
This now matches section 7.3.3 of the MS-ATDS specification, and all
our current tests pass against windows. There is still more testing
to do, and the server implementation to complete.
Andrew Bartlett
(This used to be commit 431d0c03965cbee85691cd0dc1e2a509c1a2b717)
|
|
the code.
Make sure we pass around the event_context where we need it instead.
All test but a few python ones fail. Jelmer promised to fix them.
(This used to be commit 3045d391626fba169aa26be52174883e18d323e9)
|
|
(This used to be commit e01c1e87c0fe9709df7eb5b863f7ce85564174cd)
|
|
Andrew Bartlett
(This used to be commit 341929c615e5573887889cf22950a25b536c6fc1)
|
|
Andrew Bartlett
(This used to be commit df17c4a9e84f4a4087c4a4a8ad44a82d4acb522e)
|
|
(This used to be commit e9875fcd56de0748ed78d7e3c9cdb4919cd96d3c)
|
|
uses of global_loadparm.
(This used to be commit a33a5530545086b81a3b205aa109dff11c546926)
|
|
(This used to be commit 152e2b1a283675b53affb8f7225644925f171dbd)
|
|
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
|
|
number in more places.
(This used to be commit df9cebcb97e20564359097148665bd519f31bc6f)
|
|
There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
|
|
metze
(This used to be commit dd9ef6e5ab471665d019fbda87c90f5c95bd57ea)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
- don't ignore CLDAP rootdse errors anymore
metze
(This used to be commit 712577d9e284445e9257b691aefb719511d6a57c)
|
|
(This used to be commit b28860978fe29c5b10abfb8c59d7182864e21dd6)
|
|
(This used to be commit efb7e39e512eb71deaeef1315bc88a902e5cd848)
|
|
has found that w2k3 does respond to rootDSE cldap requests. This test
shows that it does indeed work, but the expression handling is not
what you would expect
(This used to be commit 388e98e77cfd1603156ea431877e40ac886d9c08)
|
|
(This used to be commit 3c7a5ce29108dd82210dc3e1f00414f545949e1d)
|
|
try to include just the BASENAME.h files (containing only structs)
(This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd)
|
|
(This used to be commit 2b603d3ecf2f3108942422bda864e41c8addbf60)
|
|
(This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981)
|
|
call ndr_print for each call
metze
(This used to be commit 0a07e4ef8d869d35ceb0761495e367077f2361ba)
|
|
also name the struct like the nt_version number
metze
(This used to be commit 1e3af5cc1f68b7fa54b8ba77ed9836a619a69436)
|
|
- send a username when scanning to make structure elements clearer
(This used to be commit 7d19eb9433b615fdf789cb07aeb331df92b05abd)
|
|
correctly - it gets the realm from an initial no-attribute search
(This used to be commit 52d10c8d99521f9dd02891a30688472d96860aef)
|
|
my best guess now is that w2k3 converts the & in the cldap query to an |
for the ldap search. at least it behaves roughly like that.
(This used to be commit 1d6ab9aaefee71e3d0f87c1afae8ccdbae1f0e04)
|
|
AAC, and User attributes in cldap netlogon queries
interestingly, while WinXP generated cldap filters with these set, the
w2k3 cldap server seems to completely ignore them, so I didn't need to
alter our cldap server at all to pass the test :-)
(This used to be commit 177c8becd2051c9d1f261358baf4b85ca89700d8)
|
|
response.
To work around the fact that the type of the returned data is not
encoded in the packet, this required adding ndr_pull_union_blob()
which allows us to pull a blob into a union with a specified switch
value, in this case the switch value comes from the calling NtVer field.
(This used to be commit bd27e626c27be72913d1a1569ee6e2e2711df84e)
|
|
interestingly, w2k3 seems to have 4 different varients of the netlogon
cldap response. We decode two of them so far. The other two are tricky
as they aren't distinguished by a command code, they use the same
command codes (0x13 and 0x17) but have quite a different format. Very
strange!
(This used to be commit 58f1c39282e281450fe94ceab7ca0a53ec7172e1)
|