From a560d554bdfade75b81780e427e51cc436d9488a Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 13 Sep 2004 10:36:59 +0000
Subject: r2321: add complately untested LDAP server start based on volker's
 patch

this is compiled by default but not started by default

metze
(This used to be commit 5387bc423d4dc669cbac6626f8dd3a5498a6519d)
---
 source4/ldap_server/ldap_server.h | 43 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 source4/ldap_server/ldap_server.h

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
new file mode 100644
index 0000000000..4c10cb37af
--- /dev/null
+++ b/source4/ldap_server/ldap_server.h
@@ -0,0 +1,43 @@
+/* 
+   Unix SMB/CIFS implementation.
+   LDAP server
+   Copyright (C) Volker Lendecke 2004
+   Copyright (C) Stefan Metzmacher 2004
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+struct ldap_message_queue {
+	struct ldap_message_queue *prev, *next;
+	struct ldap_message *msg;
+};
+
+struct rw_buffer {
+	uint8_t *data;
+	size_t ofs, length;
+};
+
+struct ldapsrv_connection {
+	struct server_connection *connection;
+
+	struct gensec_security *gensec_ctx;
+
+	struct auth_session_info *session_info;
+
+	struct rw_buffer in_buffer;
+	struct rw_buffer out_buffer;
+	struct ldap_message_queue *in_queue;
+	struct ldap_message_queue *out_queue;
+};
-- 
cgit 


From b6d3ba9672642dac9e88e9382b0259d759e48734 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 22 Sep 2004 10:48:32 +0000
Subject: r2509: add a struct ldapsrv_call which is simular to the
 dcesrv_call_state struct and related stuff...

metze
(This used to be commit dc1f8212ff717765c40ea5668e841db50e636748)
---
 source4/ldap_server/ldap_server.h | 40 +++++++++++++++++++++++++++++++--------
 1 file changed, 32 insertions(+), 8 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 4c10cb37af..65b355514c 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -19,25 +19,49 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
-struct ldap_message_queue {
-	struct ldap_message_queue *prev, *next;
-	struct ldap_message *msg;
-};
-
 struct rw_buffer {
 	uint8_t *data;
 	size_t ofs, length;
 };
 
+enum ldapsrv_call_state {
+	LDAPSRV_CALL_STATE_NEW = 0,
+	LDAPSRV_CALL_STATE_BUSY,
+	LDAPSRV_CALL_STATE_ASYNC,
+	LDAPSRV_CALL_STATE_ABORT,
+	LDAPSRV_CALL_STATE_COMPLETE
+};
+
+enum ldapsrv_reply_state {
+	LDAPSRV_REPLY_STATE_NEW = 0,
+	LDAPSRV_REPLY_STATE_SEND
+};
+
+struct ldapsrv_connection;
+
+struct ldapsrv_call {
+	struct ldapsrv_call *prev,*next;
+	enum ldapsrv_call_state state;
+
+	struct ldapsrv_connection *conn;
+
+	struct ldap_message request;
+
+	struct ldapsrv_reply {
+		struct ldapsrv_reply *prev,*next;
+		enum ldapsrv_reply_state state;
+		struct ldap_message msg;
+	} *replies;
+};
+
 struct ldapsrv_connection {
 	struct server_connection *connection;
 
 	struct gensec_security *gensec_ctx;
-
 	struct auth_session_info *session_info;
 
 	struct rw_buffer in_buffer;
 	struct rw_buffer out_buffer;
-	struct ldap_message_queue *in_queue;
-	struct ldap_message_queue *out_queue;
+
+	struct ldapsrv_call *calls;
 };
-- 
cgit 


From 6ad5996ef5e346d042da12874485c16b89536fc2 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 22 Sep 2004 13:01:00 +0000
Subject: r2523: - readd rootDSE reply - add infrastructure start for having
 multiple directory partitions (backends)

metze
(This used to be commit 5103e7fe7873c0309461ad471f0529223d7c38eb)
---
 source4/ldap_server/ldap_server.h | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 65b355514c..960ab519bc 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -54,6 +54,8 @@ struct ldapsrv_call {
 	} *replies;
 };
 
+struct ldapsrv_service;
+
 struct ldapsrv_connection {
 	struct server_connection *connection;
 
@@ -64,4 +66,36 @@ struct ldapsrv_connection {
 	struct rw_buffer out_buffer;
 
 	struct ldapsrv_call *calls;
+
+	struct ldapsrv_service *service;
+};
+
+struct ldapsrv_partition;
+
+struct ldapsrv_partition_ops {
+	NTSTATUS (*Bind)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_BindRequest *r);
+	NTSTATUS (*Unbind)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_UnbindRequest *r);
+	NTSTATUS (*Search)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_SearchRequest *r);
+	NTSTATUS (*Modify)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyRequest *r);
+	NTSTATUS (*Add)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AddRequest *r);
+	NTSTATUS (*Del)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_DelRequest *r);
+	NTSTATUS (*ModifyDN)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyDNRequest *r);
+	NTSTATUS (*Compare)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_CompareRequest *r);
+	NTSTATUS (*Abandon)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AbandonRequest *r);
+	NTSTATUS (*Extended)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ExtendedRequest *r);
+};
+
+struct ldapsrv_partition {
+	struct ldapsrv_partition *prev,*next;
+
+	void *private_data;
+	const struct ldapsrv_partition_ops *ops;
+
+	const char *base_dn;
+};
+
+struct ldapsrv_service {
+	struct ldapsrv_partition *rootDSE;
+	struct ldapsrv_partition *default_partition;
+	struct ldapsrv_partition *partitions;
 };
-- 
cgit 


From 718bb5e8ffb04ab48cb5e9c0a7df848212340a57 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 27 Sep 2004 13:20:59 +0000
Subject: r2688: - fix case where listed attributes are asked - use the return
 code of the functions   and only call ldapsrv_terminate_connection from
 ldapsrv_recv() or ldapsrv_send() - the rootdse is now a normal partition

metze
(This used to be commit af1501a28d700f90cd2243fbfdce6527a0f62961)
---
 source4/ldap_server/ldap_server.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 960ab519bc..6ae9cb42d3 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -45,6 +45,8 @@ struct ldapsrv_call {
 
 	struct ldapsrv_connection *conn;
 
+	const struct auth_session_info *session_info;
+
 	struct ldap_message request;
 
 	struct ldapsrv_reply {
@@ -60,7 +62,7 @@ struct ldapsrv_connection {
 	struct server_connection *connection;
 
 	struct gensec_security *gensec_ctx;
-	struct auth_session_info *session_info;
+	const struct auth_session_info *session_info;
 
 	struct rw_buffer in_buffer;
 	struct rw_buffer out_buffer;
@@ -73,6 +75,8 @@ struct ldapsrv_connection {
 struct ldapsrv_partition;
 
 struct ldapsrv_partition_ops {
+	const char *name;
+	NTSTATUS (*Init)(struct ldapsrv_partition *partition, struct ldapsrv_connection *conn);
 	NTSTATUS (*Bind)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_BindRequest *r);
 	NTSTATUS (*Unbind)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_UnbindRequest *r);
 	NTSTATUS (*Search)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_SearchRequest *r);
-- 
cgit 


From 456e2f82e801cbc26898fad20c273b05248ee0d6 Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Mon, 27 Sep 2004 14:11:11 +0000
Subject: r2689: Use consistent naming Del -> Delete Add delete functionality
 to ldb simple lda server backend add some const in ldap.h (This used to be
 commit 5ed9a6eb184f34eb572dd81202237042518ec7cd)

---
 source4/ldap_server/ldap_server.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 6ae9cb42d3..591aa3affe 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -82,7 +82,7 @@ struct ldapsrv_partition_ops {
 	NTSTATUS (*Search)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_SearchRequest *r);
 	NTSTATUS (*Modify)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyRequest *r);
 	NTSTATUS (*Add)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AddRequest *r);
-	NTSTATUS (*Del)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_DelRequest *r);
+	NTSTATUS (*Delete)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_DeleteRequest *r);
 	NTSTATUS (*ModifyDN)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyDNRequest *r);
 	NTSTATUS (*Compare)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_CompareRequest *r);
 	NTSTATUS (*Abandon)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AbandonRequest *r);
-- 
cgit 


From eac532ee3af95654b62d4db57feea0df6abab345 Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Mon, 27 Sep 2004 15:40:12 +0000
Subject: r2695: revert "Del" renaming (This used to be commit
 ddd74dae8efe4e04b5a56ee9ecd9d4f87f99d104)

---
 source4/ldap_server/ldap_server.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 591aa3affe..6ae9cb42d3 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -82,7 +82,7 @@ struct ldapsrv_partition_ops {
 	NTSTATUS (*Search)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_SearchRequest *r);
 	NTSTATUS (*Modify)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyRequest *r);
 	NTSTATUS (*Add)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AddRequest *r);
-	NTSTATUS (*Delete)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_DeleteRequest *r);
+	NTSTATUS (*Del)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_DelRequest *r);
 	NTSTATUS (*ModifyDN)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyDNRequest *r);
 	NTSTATUS (*Compare)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_CompareRequest *r);
 	NTSTATUS (*Abandon)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AbandonRequest *r);
-- 
cgit 


From 2a1ee36e7f5b4b7ce654887011d9305f017ce08b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 8 Oct 2004 12:19:08 +0000
Subject: r2862: prepare LDAP SASL support for the server

metze
(This used to be commit 9a7505bd74a453b10aa2d40071bb80eb656bc61f)
---
 source4/ldap_server/ldap_server.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 6ae9cb42d3..57d1bba7e5 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -61,9 +61,12 @@ struct ldapsrv_service;
 struct ldapsrv_connection {
 	struct server_connection *connection;
 
-	struct gensec_security *gensec_ctx;
+	struct gensec_security *gensec;
 	const struct auth_session_info *session_info;
 
+	struct rw_buffer sasl_in_buffer;
+	struct rw_buffer sasl_out_buffer;
+
 	struct rw_buffer in_buffer;
 	struct rw_buffer out_buffer;
 
-- 
cgit 


From 4503ddc155402d9a573e09b7e1b99ae244d5468b Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 8 Oct 2004 12:31:13 +0000
Subject: r2864: - Bind and Unbind are no directory partition operations

- move Bind Unbind code to a seperate file

metze
(This used to be commit 3aa1a298970eab563ff6304210bee4696ecec105)
---
 source4/ldap_server/ldap_server.h | 2 --
 1 file changed, 2 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 57d1bba7e5..e88b266b0a 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -80,8 +80,6 @@ struct ldapsrv_partition;
 struct ldapsrv_partition_ops {
 	const char *name;
 	NTSTATUS (*Init)(struct ldapsrv_partition *partition, struct ldapsrv_connection *conn);
-	NTSTATUS (*Bind)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_BindRequest *r);
-	NTSTATUS (*Unbind)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_UnbindRequest *r);
 	NTSTATUS (*Search)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_SearchRequest *r);
 	NTSTATUS (*Modify)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyRequest *r);
 	NTSTATUS (*Add)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AddRequest *r);
-- 
cgit 


From 73e9f435f5e797b7c3b9874b57d081c2714a8bca Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Sat, 9 Oct 2004 22:00:00 +0000
Subject: r2878: add server sasl support (there are a lot of clean ups
 following later, but the LDAP-BASIC test  works :-)

metze
(This used to be commit 34fe29c04a76f2f53f27adcaf9be2dce8d177516)
---
 source4/ldap_server/ldap_server.h | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index e88b266b0a..6d4824bc9d 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -45,8 +45,6 @@ struct ldapsrv_call {
 
 	struct ldapsrv_connection *conn;
 
-	const struct auth_session_info *session_info;
-
 	struct ldap_message request;
 
 	struct ldapsrv_reply {
@@ -62,7 +60,7 @@ struct ldapsrv_connection {
 	struct server_connection *connection;
 
 	struct gensec_security *gensec;
-	const struct auth_session_info *session_info;
+	struct auth_session_info *session_info;
 
 	struct rw_buffer sasl_in_buffer;
 	struct rw_buffer sasl_out_buffer;
-- 
cgit 


From 55d4d36993293fee914a009f1d8f05810e347f2b Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Sun, 30 Jan 2005 00:54:57 +0000
Subject: r5102: This is a major simplification of the logic for controlling
 top level servers in smbd. The old code still contained a fairly bit of
 legacy from the time when smbd was only handling SMB connection. The new code
 gets rid of all of the smb_server specific code in smbd/, and creates a much
 simpler infrastructures for new server code.

Major changes include:

 - simplified the process model code a lot.

 - got rid of the top level server and service structures
   completely. The top level context is now the event_context. This
   got rid of service.h and server.h completely (they were the most
   confusing parts of the old code)

 - added service_stream.[ch] for the helper functions that are
   specific to stream type services (services that handle streams, and
   use a logically separate process per connection)

 - got rid of the builtin idle_handler code in the service logic, as
   none of the servers were using it, and it can easily be handled by
   a server in future by adding its own timed_event to the event
   context.

 - fixed some major memory leaks in the rpc server code.

 - added registration of servers, rather than hard coding our list of
   possible servers. This allows for servers as modules in the future.

 - temporarily disabled the winbind code until I add the helper
   functions for that type of server

 - added error checking on service startup. If a configured server
   fails to startup then smbd doesn't startup.

 - cleaned up the command line handling in smbd, removing unused options
(This used to be commit cf6a46c3cbde7b1eb1b86bd3882b953a2de3a42e)
---
 source4/ldap_server/ldap_server.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 6d4824bc9d..39052a7671 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -57,7 +57,7 @@ struct ldapsrv_call {
 struct ldapsrv_service;
 
 struct ldapsrv_connection {
-	struct server_connection *connection;
+	struct stream_connection *connection;
 
 	struct gensec_security *gensec;
 	struct auth_session_info *session_info;
-- 
cgit 


From 501379431c7fc6c9a78e74eca43b208184debce6 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Thu, 10 Feb 2005 07:08:40 +0000
Subject: r5305: removed libcli/ldap/ldap.h from includes.h (This used to be
 commit 0df3fdd8178085c40f9cd776cc3e1486ca559c8e)

---
 source4/ldap_server/ldap_server.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 39052a7671..0a16394c09 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -19,6 +19,8 @@
    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 */
 
+#include "libcli/ldap/ldap.h"
+
 struct rw_buffer {
 	uint8_t *data;
 	size_t ofs, length;
-- 
cgit 


From c0947b0d7f809f5139fbfcdbd618ed7b0a77d2be Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Wed, 15 Jun 2005 00:27:51 +0000
Subject: r7593: simplified the memory management in the ldap code. Having a
 mem_ctx element in a structure is not necessary any more. (This used to be
 commit 912d0427f52eac811b27bf7e385b0642f7dc7f53)

---
 source4/ldap_server/ldap_server.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 0a16394c09..890e2f3003 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -47,12 +47,12 @@ struct ldapsrv_call {
 
 	struct ldapsrv_connection *conn;
 
-	struct ldap_message request;
+	struct ldap_message *request;
 
 	struct ldapsrv_reply {
 		struct ldapsrv_reply *prev,*next;
 		enum ldapsrv_reply_state state;
-		struct ldap_message msg;
+		struct ldap_message *msg;
 	} *replies;
 };
 
-- 
cgit 


From 68853a1c7be11ffaaef4ad2e3f78a97f0b401b68 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Sun, 19 Jun 2005 07:21:18 +0000
Subject: r7746: - added TLS support to our ldap server

- this involved changing the buffer handling in the ldap server quite a
  lot, as it didn't handle partial packets at all

- removed completely bogus asn1_object_length() function. You can't
  do that with BER/DER
(This used to be commit fed6f4cc6ceaf83aacb581499aeaf6af4ee8ddd2)
---
 source4/ldap_server/ldap_server.h | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 890e2f3003..2427c2b698 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -73,6 +73,8 @@ struct ldapsrv_connection {
 	struct ldapsrv_call *calls;
 
 	struct ldapsrv_service *service;
+
+	struct tls_context *tls;
 };
 
 struct ldapsrv_partition;
@@ -103,4 +105,5 @@ struct ldapsrv_service {
 	struct ldapsrv_partition *rootDSE;
 	struct ldapsrv_partition *default_partition;
 	struct ldapsrv_partition *partitions;
+	struct tls_params *tls_params;
 };
-- 
cgit 


From c7496c6cdb7bdcdd483868c21457350f567ec054 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Sun, 19 Jun 2005 09:31:34 +0000
Subject: r7747: - simplified the ldap server buffer handling

- got rid of the special cases for sasl buffers

- added a tls_socket_pending() call to determine how much data is waiting on a tls connection

- removed the attempt at async handling of ldap calls. The buffers/sockets are all async, but the calls themselves
  are sync.
(This used to be commit 73cb4aad229d08e17e22d5792580bd43a61b142a)
---
 source4/ldap_server/ldap_server.h | 60 +++++++++++----------------------------
 1 file changed, 17 insertions(+), 43 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 2427c2b698..32b2cffe99 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -21,62 +21,36 @@
 
 #include "libcli/ldap/ldap.h"
 
-struct rw_buffer {
-	uint8_t *data;
-	size_t ofs, length;
-};
+struct ldapsrv_connection {
+	struct stream_connection *connection;
+	struct gensec_security *gensec;
+	struct auth_session_info *session_info;
+	struct ldapsrv_service *service;
+	struct tls_context *tls;
 
-enum ldapsrv_call_state {
-	LDAPSRV_CALL_STATE_NEW = 0,
-	LDAPSRV_CALL_STATE_BUSY,
-	LDAPSRV_CALL_STATE_ASYNC,
-	LDAPSRV_CALL_STATE_ABORT,
-	LDAPSRV_CALL_STATE_COMPLETE
-};
+	/* partially received request */
+	DATA_BLOB partial;
 
-enum ldapsrv_reply_state {
-	LDAPSRV_REPLY_STATE_NEW = 0,
-	LDAPSRV_REPLY_STATE_SEND
-};
+	/* are we using gensec wrapping? */
+	BOOL enable_wrap;
 
-struct ldapsrv_connection;
+	/* reply send queue */
+	struct ldapsrv_send {
+		struct ldapsrv_send *next, *prev;
+		DATA_BLOB data;
+	} *send_queue;
+};
 
 struct ldapsrv_call {
-	struct ldapsrv_call *prev,*next;
-	enum ldapsrv_call_state state;
-
 	struct ldapsrv_connection *conn;
-
 	struct ldap_message *request;
-
 	struct ldapsrv_reply {
-		struct ldapsrv_reply *prev,*next;
-		enum ldapsrv_reply_state state;
+		struct ldapsrv_reply *prev, *next;
 		struct ldap_message *msg;
 	} *replies;
 };
 
 struct ldapsrv_service;
-
-struct ldapsrv_connection {
-	struct stream_connection *connection;
-
-	struct gensec_security *gensec;
-	struct auth_session_info *session_info;
-
-	struct rw_buffer sasl_in_buffer;
-	struct rw_buffer sasl_out_buffer;
-
-	struct rw_buffer in_buffer;
-	struct rw_buffer out_buffer;
-
-	struct ldapsrv_call *calls;
-
-	struct ldapsrv_service *service;
-
-	struct tls_context *tls;
-};
-
 struct ldapsrv_partition;
 
 struct ldapsrv_partition_ops {
-- 
cgit 


From a7bbc024edea5dde86aaf77bc0ace39573a9d19a Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 21 Jun 2005 06:08:40 +0000
Subject: r7801: the ldap server needs this logic too (This used to be commit
 1dbb5bf2c1c6e11b3467b6eb1a2206c6299bc25b)

---
 source4/ldap_server/ldap_server.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 32b2cffe99..e3031d0177 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -39,6 +39,8 @@ struct ldapsrv_connection {
 		struct ldapsrv_send *next, *prev;
 		DATA_BLOB data;
 	} *send_queue;
+
+	BOOL processing;
 };
 
 struct ldapsrv_call {
-- 
cgit 


From a8ec371a61d5786f40ebb29f3e79b3ec45c3ffbe Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 8 Sep 2005 11:26:05 +0000
Subject: r10078: - add a 'struct data_blob_list_item' - use this for the
 send_queue's of the different stream_servers   to not redefine the same
 struct so often, and it maybe will be used   in other places too

metze
(This used to be commit b6694f067ab7aff0ee303dbfe8a6e7fad801e7e9)
---
 source4/ldap_server/ldap_server.h | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index e3031d0177..a1981843a6 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -35,10 +35,7 @@ struct ldapsrv_connection {
 	BOOL enable_wrap;
 
 	/* reply send queue */
-	struct ldapsrv_send {
-		struct ldapsrv_send *next, *prev;
-		DATA_BLOB data;
-	} *send_queue;
+	struct data_blob_list_item *send_queue;
 
 	BOOL processing;
 };
-- 
cgit 


From a04f65b1c703e7622ebc1a85170f9980c2b33227 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 4 Oct 2005 10:18:07 +0000
Subject: r10709: fixed a crash bug rather similar to the one volker found in
 the dcerpc code, where a stream_terminate_connection() while processing a
 request can cause a later defererence of the connection structure to die.
 (This used to be commit efbcb0f74176058a74d7134dae4658b891fc6f16)

---
 source4/ldap_server/ldap_server.h | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index a1981843a6..2aa6530f9f 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -38,6 +38,9 @@ struct ldapsrv_connection {
 	struct data_blob_list_item *send_queue;
 
 	BOOL processing;
+
+	/* connection should be terminated if non-null */
+	const char *terminate;
 };
 
 struct ldapsrv_call {
-- 
cgit 


From 1377cca5f4beb43cf67fcc65eed79f14178d6349 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 7 Oct 2005 11:31:45 +0000
Subject: r10810: This adds the hooks required to communicate the current user
 from the authenticated session down into LDB.  This associates a session info
 structure with the open LDB, allowing a future ldb_ntacl module to allow/deny
 operations on that basis.

Along the way, I cleaned up a few things, and added new helper functions
to assist.  In particular the LSA pipe uses simpler queries for some of
the setup.

In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't
been worked on (other than making it continue to compile) since January,
and I think the features of this module are being put into ldb anyway.

I have also changed the partitions in ldap_server to be initialised
after the connection, with the private pointer used to associate the ldb
with the incoming session.

Andrew Bartlett
(This used to be commit fd7203789a2c0929eecea8125b57b833a67fed71)
---
 source4/ldap_server/ldap_server.h | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 2aa6530f9f..8eb02a97db 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -27,6 +27,9 @@ struct ldapsrv_connection {
 	struct auth_session_info *session_info;
 	struct ldapsrv_service *service;
 	struct tls_context *tls;
+	struct ldapsrv_partition *rootDSE;
+	struct ldapsrv_partition *default_partition;
+	struct ldapsrv_partition *partitions;
 
 	/* partially received request */
 	DATA_BLOB partial;
@@ -58,6 +61,7 @@ struct ldapsrv_partition;
 struct ldapsrv_partition_ops {
 	const char *name;
 	NTSTATUS (*Init)(struct ldapsrv_partition *partition, struct ldapsrv_connection *conn);
+	NTSTATUS (*Bind)(struct ldapsrv_partition *partition, struct ldapsrv_connection *conn);
 	NTSTATUS (*Search)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_SearchRequest *r);
 	NTSTATUS (*Modify)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyRequest *r);
 	NTSTATUS (*Add)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AddRequest *r);
@@ -71,15 +75,12 @@ struct ldapsrv_partition_ops {
 struct ldapsrv_partition {
 	struct ldapsrv_partition *prev,*next;
 
-	void *private_data;
+	void *private;
 	const struct ldapsrv_partition_ops *ops;
 
 	const char *base_dn;
 };
 
 struct ldapsrv_service {
-	struct ldapsrv_partition *rootDSE;
-	struct ldapsrv_partition *default_partition;
-	struct ldapsrv_partition *partitions;
 	struct tls_params *tls_params;
 };
-- 
cgit 


From f59c61d41386000cc030511963c42a16dc8a816c Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Thu, 10 Nov 2005 01:41:47 +0000
Subject: r11622: convert the ldap server to the generic packet code (This used
 to be commit 6ef4ba0c81002c9960dc5fe4fbfd0622957d492a)

---
 source4/ldap_server/ldap_server.h | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 8eb02a97db..be555146d8 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -31,19 +31,13 @@ struct ldapsrv_connection {
 	struct ldapsrv_partition *default_partition;
 	struct ldapsrv_partition *partitions;
 
-	/* partially received request */
-	DATA_BLOB partial;
-
 	/* are we using gensec wrapping? */
 	BOOL enable_wrap;
 
-	/* reply send queue */
-	struct data_blob_list_item *send_queue;
-
-	BOOL processing;
-
 	/* connection should be terminated if non-null */
 	const char *terminate;
+
+	struct packet_context *packet;
 };
 
 struct ldapsrv_call {
-- 
cgit 


From 53562f774662eda06563870bb7daf857df01590f Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 29 Nov 2005 08:55:13 +0000
Subject: r11955: got rid of the old rootDSE code in the ldap server.

The partitioning logic is still there, but we only have one
partition. If we need partitioning in the future it might be better to
remove this partitioning code and use a partitioning module instead
(This used to be commit f4685e7dc9bdc3b9e240c9f5891b9da9251f82e5)
---
 source4/ldap_server/ldap_server.h | 1 -
 1 file changed, 1 deletion(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index be555146d8..4e0abb4f06 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -27,7 +27,6 @@ struct ldapsrv_connection {
 	struct auth_session_info *session_info;
 	struct ldapsrv_service *service;
 	struct tls_context *tls;
-	struct ldapsrv_partition *rootDSE;
 	struct ldapsrv_partition *default_partition;
 	struct ldapsrv_partition *partitions;
 
-- 
cgit 


From e246a067515b1fdb725ca1f8e7b406cc84a89e81 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 8 Dec 2005 10:23:56 +0000
Subject: r12126: get rid of the local ->terminate hacks, we do that genericly
 now

metze
(This used to be commit a7baf165c10c00096265b790d5362905c527806a)
---
 source4/ldap_server/ldap_server.h | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 4e0abb4f06..a2039fe7f1 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -33,9 +33,6 @@ struct ldapsrv_connection {
 	/* are we using gensec wrapping? */
 	BOOL enable_wrap;
 
-	/* connection should be terminated if non-null */
-	const char *terminate;
-
 	struct packet_context *packet;
 };
 
-- 
cgit 


From bedfb063268f70e66f16fdd0e9bdd29d176a0634 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 3 Jan 2006 00:10:15 +0000
Subject: r12686: Push the real SASL list into the rootdse.

Get this out of the server credentials, and push it down to ldb via an
opaque pointer.

Andrew Bartlett
(This used to be commit 61700252e05e0be6b4ffa72ffc24a95c665597e3)
---
 source4/ldap_server/ldap_server.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index a2039fe7f1..d25f52bf4e 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -29,6 +29,7 @@ struct ldapsrv_connection {
 	struct tls_context *tls;
 	struct ldapsrv_partition *default_partition;
 	struct ldapsrv_partition *partitions;
+	struct cli_credentials *server_credentials;
 
 	/* are we using gensec wrapping? */
 	BOOL enable_wrap;
-- 
cgit 


From c908d0b2aa111659e57a73efb8c33c413965c846 Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Fri, 6 Jan 2006 04:01:23 +0000
Subject: r12733: Merge ldap/ldb controls into main tree There's still lot of
 work to do but the patch is stable enough to be pushed into the main samba4
 tree.

Simo.
(This used to be commit 77125feaff252cab44d26593093a9c211c846ce8)
---
 source4/ldap_server/ldap_server.h | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index d25f52bf4e..267b6fb9a7 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -53,14 +53,14 @@ struct ldapsrv_partition_ops {
 	const char *name;
 	NTSTATUS (*Init)(struct ldapsrv_partition *partition, struct ldapsrv_connection *conn);
 	NTSTATUS (*Bind)(struct ldapsrv_partition *partition, struct ldapsrv_connection *conn);
-	NTSTATUS (*Search)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_SearchRequest *r);
-	NTSTATUS (*Modify)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyRequest *r);
-	NTSTATUS (*Add)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AddRequest *r);
-	NTSTATUS (*Del)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_DelRequest *r);
-	NTSTATUS (*ModifyDN)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ModifyDNRequest *r);
-	NTSTATUS (*Compare)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_CompareRequest *r);
-	NTSTATUS (*Abandon)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_AbandonRequest *r);
-	NTSTATUS (*Extended)(struct ldapsrv_partition *partition, struct ldapsrv_call *call, struct ldap_ExtendedRequest *r);
+	NTSTATUS (*Search)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
+	NTSTATUS (*Modify)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
+	NTSTATUS (*Add)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
+	NTSTATUS (*Del)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
+	NTSTATUS (*ModifyDN)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
+	NTSTATUS (*Compare)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
+	NTSTATUS (*Abandon)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
+	NTSTATUS (*Extended)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
 };
 
 struct ldapsrv_partition {
-- 
cgit 


From a7a79d2b256c97bd6ffa6e9740d14366ebc7602e Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Fri, 13 Jan 2006 00:38:35 +0000
Subject: r12880: Remove ldap partitions useless now and probably we will not
 use it anyway as we plan to support partitions in ldb directly like with
 rootdse

Merge ldap_simple_ldb into ldap_backend, it is
not simple anymore and makes no sense to have
it separated now that ldap partitions are gone

Initial attempt at working to some limit to avoid DOSs
for the ldap server.

Simo.
(This used to be commit 97bff3e049eba48019f2b0f3eb5a19e32fef2e23)
---
 source4/ldap_server/ldap_server.h | 36 ++++++++++--------------------------
 1 file changed, 10 insertions(+), 26 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 267b6fb9a7..1341b22948 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -27,14 +27,22 @@ struct ldapsrv_connection {
 	struct auth_session_info *session_info;
 	struct ldapsrv_service *service;
 	struct tls_context *tls;
-	struct ldapsrv_partition *default_partition;
-	struct ldapsrv_partition *partitions;
 	struct cli_credentials *server_credentials;
+	struct ldb_context *ldb;
 
 	/* are we using gensec wrapping? */
 	BOOL enable_wrap;
 
 	struct packet_context *packet;
+
+	struct {
+		int initial_timeout;
+		int conn_idle_time;
+		int max_page_size;
+		int search_timeout;
+		
+		struct timed_event *ite;
+	} limits;
 };
 
 struct ldapsrv_call {
@@ -47,30 +55,6 @@ struct ldapsrv_call {
 };
 
 struct ldapsrv_service;
-struct ldapsrv_partition;
-
-struct ldapsrv_partition_ops {
-	const char *name;
-	NTSTATUS (*Init)(struct ldapsrv_partition *partition, struct ldapsrv_connection *conn);
-	NTSTATUS (*Bind)(struct ldapsrv_partition *partition, struct ldapsrv_connection *conn);
-	NTSTATUS (*Search)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
-	NTSTATUS (*Modify)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
-	NTSTATUS (*Add)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
-	NTSTATUS (*Del)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
-	NTSTATUS (*ModifyDN)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
-	NTSTATUS (*Compare)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
-	NTSTATUS (*Abandon)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
-	NTSTATUS (*Extended)(struct ldapsrv_partition *partition, struct ldapsrv_call *call);
-};
-
-struct ldapsrv_partition {
-	struct ldapsrv_partition *prev,*next;
-
-	void *private;
-	const struct ldapsrv_partition_ops *ops;
-
-	const char *base_dn;
-};
 
 struct ldapsrv_service {
 	struct tls_params *tls_params;
-- 
cgit 


From eed0a95128714b93b9ff484780e5d74fc301be6d Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Fri, 13 Jan 2006 22:48:08 +0000
Subject: r12917: fix decoding of ldap controls some more work on timeouts
 (This used to be commit a7e2fe3cb33be2effff7eb764047567f2da3cd55)

---
 source4/ldap_server/ldap_server.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 1341b22948..f71c703088 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -42,6 +42,7 @@ struct ldapsrv_connection {
 		int search_timeout;
 		
 		struct timed_event *ite;
+		struct timed_event *te;
 	} limits;
 };
 
-- 
cgit 


From 4ac2be99588b48b0652a524bf12fb1aa9c3f5fbb Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Tue, 7 Mar 2006 11:07:23 +0000
Subject: r13924: Split more prototypes out of include/proto.h + initial work
 on header file dependencies (This used to be commit
 122835876748a3eaf5e8d31ad1abddab9acb8781)

---
 source4/ldap_server/ldap_server.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index f71c703088..10c93f6610 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -60,3 +60,5 @@ struct ldapsrv_service;
 struct ldapsrv_service {
 	struct tls_params *tls_params;
 };
+
+#include "ldap_server/proto.h"
-- 
cgit 


From 742c110cd67f4995639822981e8bfcb1f652f2c4 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 2 May 2006 20:15:47 +0000
Subject: r15400: Move the TLS code behind the socket interface.

This reduces caller complexity, because the TLS code is now called
just like any other socket.  (A new socket context is returned by the
tls_init_server and tls_init_client routines).

When TLS is not available, the original socket is returned.

Andrew Bartlett
(This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
---
 source4/ldap_server/ldap_server.h | 1 -
 1 file changed, 1 deletion(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 10c93f6610..033f8ef67c 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -26,7 +26,6 @@ struct ldapsrv_connection {
 	struct gensec_security *gensec;
 	struct auth_session_info *session_info;
 	struct ldapsrv_service *service;
-	struct tls_context *tls;
 	struct cli_credentials *server_credentials;
 	struct ldb_context *ldb;
 
-- 
cgit 


From 32ab51876728577375b954a04103f71ddd4d93dc Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 12 Jul 2006 04:59:41 +0000
Subject: r16972: Replace the sequence_number function pointer in ldb with the
 ldb flags.

The function pointer was meant to be unused, this patch fixes
partition.c to use ldb_sequence_number().  (No backend provided the
pointer any more).

Set the flags onto the ldb structure, so that all backends opened by
the partitions module inherit the flags.

Set the read-ony flag when accessed as the global catalog

Modify the LDAP server to track that this query is for the global
catalog (by incoming port), and set a opqaue pointer.

Next step is to read that opaque pointer in the partitions module.

Andrew Bartlett
(This used to be commit a1161cb30e4ffa09657a89e03ca85dd6efd4feba)
---
 source4/ldap_server/ldap_server.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 033f8ef67c..0b0b78ea7f 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -32,6 +32,8 @@ struct ldapsrv_connection {
 	/* are we using gensec wrapping? */
 	BOOL enable_wrap;
 
+	BOOL global_catalog;
+
 	struct packet_context *packet;
 
 	struct {
-- 
cgit 


From ba07fa43d0b0090f5e686d8c1822468049f52416 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sun, 23 Jul 2006 02:50:08 +0000
Subject: r17197: This patch moves the encryption of bulk data on SASL
 negotiated security contexts from the application layer into the socket
 layer.

This improves a number of correctness aspects, as we now allow LDAP
packets to cross multiple SASL packets.  It should also make it much
easier to write async LDAP tests from windows clients, as they use SASL
by default.  It is also vital to allowing OpenLDAP clients to use GSSAPI
against Samba4, as it negotiates a rather small SASL buffer size.

This patch mirrors the earlier work done to move TLS into the socket
layer.

Unusual in this pstch is the extra read callback argument I take.  As
SASL is a layer on top of a socket, it is entirely possible for the
SASL layer to drain a socket dry, but for the caller not to have read
all the decrypted data.  This would leave the system without an event
to restart the read (as the socket is dry).

As such, I re-invoke the read handler from a timed callback, which
should trigger on the next running of the event loop.  I believe that
the TLS code does require a similar callback.

In trying to understand why this is required, imagine a SASL-encrypted
LDAP packet in the following formation:

+-----------------+---------------------+
| SASL  Packet #1 | SASL Packet #2      |
----------------------------------------+
| LDAP Packet #1       | LDAP Packet #2 |
----------------------------------------+

In the old code, this was illegal, but it is perfectly standard
SASL-encrypted LDAP.  Without the callback, we would read and process
the first LDAP packet, and the SASL code would have read the second SASL
packet (to decrypt enough data for the LDAP packet), and no data would
remain on the socket.

Without data on the socket, read events stop.  That is why I add timed
events, until the SASL buffer is drained.

Another approach would be to add a hack to the event system, to have it
pretend there remained data to read off the network (but that is ugly).

In improving the code, to handle more real-world cases, I've been able
to remove almost all the special-cases in the testnonblock code.  The
only special case is that we must use a deterministic partial packet
when calling send, rather than a random length.  (1 + n/2).  This is
needed because of the way the SASL and TLS code works, and the 'resend
on failure' requirements.

Andrew Bartlett
(This used to be commit 5d7c9c12cb2b39673172a357092b80cd814850b0)
---
 source4/ldap_server/ldap_server.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 0b0b78ea7f..c35f62f134 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -20,6 +20,8 @@
 */
 
 #include "libcli/ldap/ldap.h"
+#include "lib/socket/socket.h"
+#include "lib/stream/packet.h"
 
 struct ldapsrv_connection {
 	struct stream_connection *connection;
@@ -29,9 +31,6 @@ struct ldapsrv_connection {
 	struct cli_credentials *server_credentials;
 	struct ldb_context *ldb;
 
-	/* are we using gensec wrapping? */
-	BOOL enable_wrap;
-
 	BOOL global_catalog;
 
 	struct packet_context *packet;
@@ -54,6 +53,8 @@ struct ldapsrv_call {
 		struct ldapsrv_reply *prev, *next;
 		struct ldap_message *msg;
 	} *replies;
+	packet_send_callback_fn_t send_callback;
+	void *send_private;
 };
 
 struct ldapsrv_service;
-- 
cgit 


From 4cdcc1789363907f850a05c4b3349746c710ebf0 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 25 Jul 2006 19:20:04 +0000
Subject: r17237: - keep pointer to the different sockets - we need this to
 later:   - to disallow a StartTLS when TLS is already in use   - to place the
 TLS socket between the raw and sasl socket     when we had a sasl bind before
 the StartTLS   - and rfc4513 says that the server may allow to remove the TLS
 from     the tcp connection again and reuse raw tcp   - and also a 2nd sasl
 bind should replace the old sasl socket

metze
(This used to be commit 10cb9c07ac60b03472f2b0b09c4581cc715002ba)
---
 source4/ldap_server/ldap_server.h | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index c35f62f134..243f5bd559 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -31,6 +31,12 @@ struct ldapsrv_connection {
 	struct cli_credentials *server_credentials;
 	struct ldb_context *ldb;
 
+	struct {
+		struct socket_context *raw;
+		struct socket_context *tls;
+		struct socket_context *sasl;
+	} sockets;
+
 	BOOL global_catalog;
 
 	struct packet_context *packet;
@@ -57,8 +63,6 @@ struct ldapsrv_call {
 	void *send_private;
 };
 
-struct ldapsrv_service;
-
 struct ldapsrv_service {
 	struct tls_params *tls_params;
 };
-- 
cgit 


From 0479a2f1cbae51fcd8dbdc3c148c808421fb4d25 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Tue, 10 Jul 2007 02:07:03 +0000
Subject: r23792: convert Samba4 to GPLv3

There are still a few tidyups of old FSF addresses to come (in both s3
and s4). More commits soon.
(This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
---
 source4/ldap_server/ldap_server.h | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 243f5bd559..bbb285ef4d 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -6,7 +6,7 @@
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
+   the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
    
    This program is distributed in the hope that it will be useful,
@@ -15,8 +15,7 @@
    GNU General Public License for more details.
    
    You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
 #include "libcli/ldap/ldap.h"
-- 
cgit 


From 61ffa08f4c95e29d301de9fbabd6e71c2dbc1056 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Mon, 27 Aug 2007 18:10:19 +0000
Subject: r24712: No longer expose the 'BOOL' data type in any interfaces.
 (This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)

---
 source4/ldap_server/ldap_server.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index bbb285ef4d..df0bb92175 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -36,7 +36,7 @@ struct ldapsrv_connection {
 		struct socket_context *sasl;
 	} sockets;
 
-	BOOL global_catalog;
+	bool global_catalog;
 
 	struct packet_context *packet;
 
-- 
cgit 


From 2f8dc4f48f1802baa3405e7803563f6840e0d1b3 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Mon, 3 Dec 2007 21:25:06 +0100
Subject: r26266: Remove more global_loadparm uses. (This used to be commit
 99113075c4a96679bcec4f4d6bba4acb3dee4245)

---
 source4/ldap_server/ldap_server.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index df0bb92175..88af0fb5fc 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -23,6 +23,7 @@
 #include "lib/stream/packet.h"
 
 struct ldapsrv_connection {
+	struct loadparm_context *lp_ctx;
 	struct stream_connection *connection;
 	struct gensec_security *gensec;
 	struct auth_session_info *session_info;
-- 
cgit 


From 2c8c9a535500e40084c4810da1890df8d9415659 Mon Sep 17 00:00:00 2001
From: Jelmer Vernooij <jelmer@samba.org>
Date: Sat, 5 Jan 2008 15:36:33 -0600
Subject: r26669: Janitorial: Remove uses of global_loadparm. (This used to be
 commit 50c46160d997e0448f51ae09e0f3c79e8519fa41)

---
 source4/ldap_server/ldap_server.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'source4/ldap_server/ldap_server.h')

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 88af0fb5fc..4f7a5b9be9 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -65,6 +65,7 @@ struct ldapsrv_call {
 
 struct ldapsrv_service {
 	struct tls_params *tls_params;
+	struct task_server *task;
 };
 
 #include "ldap_server/proto.h"
-- 
cgit