summaryrefslogtreecommitdiffstats
path: root/source/lib
Commit message (Collapse)AuthorAgeFilesLines
...
| | * r17304: Improve ldb_tdb error strings a bit more.Andrew Bartlett2006-07-291-2/+23
| | | | | | | | | | | | Andrew Bartlett
| | * r17301: Add a new function to copy a list of attributes, while adding one toAndrew Bartlett2006-07-291-0/+22
| | | | | | | | | | | | | | | | | | the end. Andrew Bartlett
| | * r17300: Try to fix some segfaults in ldb_ildap module, when the remote serverAndrew Bartlett2006-07-291-1/+6
| | | | | | | | | | | | | | | | | | drops the connection. The reconnect code needs to be hooked in here. Andrew Bartlett
| | * r17286: Simply fail the tls_initialise if we don't have TLS compiled in.Andrew Bartlett2006-07-281-5/+2
| | | | | | | | | | | | | | | | | | Adjust the web_server code to cope with this. Andrew Bartlett
| | * r17281: we now have client/server max protolStefan Metzmacher2006-07-271-1/+1
| | | | | | | | | | | | metze
| | * r17264: - remove unused includes from tallocStefan Metzmacher2006-07-262-15/+17
| | | | | | | | | | | | | | | | | | | | | - check explicit check for varargs.h as fallback from stdarg.h and fail the build if both are not present metze
| | * r17263: export talloc_free_children()Stefan Metzmacher2006-07-261-0/+1
| | | | | | | | | | | | metze
| | * r17257: make the size_t is to small error more verboseStefan Metzmacher2006-07-261-0/+4
| | | | | | | | | | | | | | | | | | (hopefully nobody will ever see this:-) metze
| | * r17253: add configure checks for writev/readv to see how portable they'reStefan Metzmacher2006-07-261-0/+3
| | | | | | | | | | | | metze
| | * r17241: substitude @datarootdir@ with old autoconf versions:-)Stefan Metzmacher2006-07-251-0/+1
| | | | | | | | | | | | metze
| | * r17238: Add datarootdir (required for newer autoconf versions)Jelmer Vernooij2006-07-251-0/+1
| | |
| | * r17225: Fix the build by fixing the spelling of START-TLS.Andrew Bartlett2006-07-251-1/+1
| | | | | | | | | | | | Andrew Bartlett
| | * r17222: Change the function prototypes for the GENSEc and TLS socket creationAndrew Bartlett2006-07-252-10/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | routines to return an NTSTATUS. This should help track down errors. Use a bit of talloc_steal and talloc_unlink to get the real socket to be a child of the GENSEC or TLS socket. Always return a new socket, even for the 'pass-though' case. Andrew Bartlett
| | * r17221: Add some integer wrap parinoia to data_blob_append().Andrew Bartlett2006-07-251-5/+18
| | | | | | | | | | | | Andrew Bartlett
| | * r17197: This patch moves the encryption of bulk data on SASL negotiated securityAndrew Bartlett2006-07-235-20/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | contexts from the application layer into the socket layer. This improves a number of correctness aspects, as we now allow LDAP packets to cross multiple SASL packets. It should also make it much easier to write async LDAP tests from windows clients, as they use SASL by default. It is also vital to allowing OpenLDAP clients to use GSSAPI against Samba4, as it negotiates a rather small SASL buffer size. This patch mirrors the earlier work done to move TLS into the socket layer. Unusual in this pstch is the extra read callback argument I take. As SASL is a layer on top of a socket, it is entirely possible for the SASL layer to drain a socket dry, but for the caller not to have read all the decrypted data. This would leave the system without an event to restart the read (as the socket is dry). As such, I re-invoke the read handler from a timed callback, which should trigger on the next running of the event loop. I believe that the TLS code does require a similar callback. In trying to understand why this is required, imagine a SASL-encrypted LDAP packet in the following formation: +-----------------+---------------------+ | SASL Packet #1 | SASL Packet #2 | ----------------------------------------+ | LDAP Packet #1 | LDAP Packet #2 | ----------------------------------------+ In the old code, this was illegal, but it is perfectly standard SASL-encrypted LDAP. Without the callback, we would read and process the first LDAP packet, and the SASL code would have read the second SASL packet (to decrypt enough data for the LDAP packet), and no data would remain on the socket. Without data on the socket, read events stop. That is why I add timed events, until the SASL buffer is drained. Another approach would be to add a hack to the event system, to have it pretend there remained data to read off the network (but that is ugly). In improving the code, to handle more real-world cases, I've been able to remove almost all the special-cases in the testnonblock code. The only special case is that we must use a deterministic partial packet when calling send, rather than a random length. (1 + n/2). This is needed because of the way the SASL and TLS code works, and the 'resend on failure' requirements. Andrew Bartlett
| | * r17195: Start thinking how to implement extended operations.Simo Sorce2006-07-222-0/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | Ad supports three extended operations: - start tls - dynamic objects - fast binds none of these are a priority.
| | * r17186: "async" word abuse clean-up part 2Simo Sorce2006-07-2214-202/+188
| | |
| | * r17185: Oh, I wanted to do this for sooo long time.Simo Sorce2006-07-2217-341/+341
| | | | | | | | | | | | | | | | | | | | | | | | Finally acknowledge that ldb is inherently async and does not have a dual personality anymore Rename all ldb_async_XXX functions to ldb_XXX except for ldb_async_result, it is now ldb_reply to reflect the real function of this structure. Simo.
| | * r17176: remove off_t from talloc. size_t is large enough to holdStefan Metzmacher2006-07-215-13/+11
| | | | | | | | | | | | | | | | | | the max amount of memory of one process metze
| | * r17174: Enable gnutls code, which requires the HAVE_GNUTLS CPP macro.Andrew Bartlett2006-07-211-0/+3
| | | | | | | | | | | | Andrew Bartlett
| | * r17168: Now that TLS (and soon SASL) is below the socket layer, we need toAndrew Bartlett2006-07-214-14/+29
| | | | | | | | | | | | | | | | | | | | | make the testnonblock skip some things. The socket *under* the tls socket is still tested. Andrew Bartlett
| | * r17167: indentAndrew Bartlett2006-07-211-1/+1
| | |
| | * r17157: bail out if sizeof(size_t) < sizeof(void *)Stefan Metzmacher2006-07-201-0/+4
| | | | | | | | | | | | metze
| | * r17156: check for the size of a pointerStefan Metzmacher2006-07-201-0/+1
| | | | | | | | | | | | metze
| | * r17114: print some sizes for debuggingStefan Metzmacher2006-07-181-0/+3
| | | | | | | | | | | | metze
| | * r17113: build tdb and ldb standalone with the same sizes of 'off_t' as from ↵Stefan Metzmacher2006-07-182-0/+2
| | | | | | | | | | | | | | | | | | samba metze
| | * r17112: - fix the build of the ldap ldb backend with newer openldap header ↵Stefan Metzmacher2006-07-181-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | files. - use the correct timeout variable (simo you should do a standalone build before commiting:-) metze
| | * r17109: - use AC_SYS_LARGEFILE so that type sizes are the same when tallocStefan Metzmacher2006-07-182-0/+4
| | | | | | | | | | | | | | | | | | | | | is build standalone and inside samba - add configure checks for the some type sizes for debugging metze
| | * r17062: make correct use of talloc destructors, and make the code much simplerStefan Metzmacher2006-07-151-14/+12
| | | | | | | | | | | | | | | | | | should I merge that aslo to samba3? metze
| | * r17061: - remove the currect talloc chunk from it's parent before freeing ↵Stefan Metzmacher2006-07-152-7/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the children this fixes an endless loop bug! - reenable the test for this should I merge this to samba3? metze
| | * r17031: When I first revived the objectclass sorting module, simo complainedAndrew Bartlett2006-07-141-151/+293
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | that it should handle the add without a search. Now that I'm working on better behaviour with an LDAP backend, I've fixed the module to do just that. For an ADD, and a MODIFY with the REPLACE flag, we do not need the search step. Andrew Bartlett
| | * r16972: Replace the sequence_number function pointer in ldb with the ldb flags.Andrew Bartlett2006-07-123-16/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The function pointer was meant to be unused, this patch fixes partition.c to use ldb_sequence_number(). (No backend provided the pointer any more). Set the flags onto the ldb structure, so that all backends opened by the partitions module inherit the flags. Set the read-ony flag when accessed as the global catalog Modify the LDAP server to track that this query is for the global catalog (by incoming port), and set a opqaue pointer. Next step is to read that opaque pointer in the partitions module. Andrew Bartlett
| | * r16965: Take a better stab at comparison functions between string and binaryAndrew Bartlett2006-07-121-24/+44
| | | | | | | | | | | | | | | | | | forms of the objectGUID and objectSID attributes. Andrew Bartlett
| | * r16938: Fix breakage of TDB on VOS (declaration after statement)Andrew Bartlett2006-07-111-1/+2
| | | | | | | | | | | | Andrew Bartlett
| | * r16937: Add const, to make it clear that it is invalid to talloc_free() the DNAndrew Bartlett2006-07-111-7/+6
| | | | | | | | | | | | | | | | | | at this point. Andrew Bartlett
| | * r16936: Correct comment in this comparison functionAndrew Bartlett2006-07-111-1/+1
| | | | | | | | | | | | Andrew Bartlett
| | * r16932: Consistanly use the macro for these DNs and attributes.Andrew Bartlett2006-07-111-2/+2
| | | | | | | | | | | | Andrew Bartlett
| | * r16923: remove unused substitude codeStefan Metzmacher2006-07-102-171/+0
| | | | | | | | | | | | metze
| | * r16922: move some macros out of talloc.h as the don't belong to tallocStefan Metzmacher2006-07-102-8/+4
| | | | | | | | | | | | metze
| | * r16917: Fix compile errors found by the testing of tdb on the build farm.Andrew Bartlett2006-07-101-3/+9
| | | | | | | | | | | | Andrew Bartlett
| | * r16916: Implement metze's proposed changes to the tdb logging API. Andrew Bartlett2006-07-108-21/+39
| | | | | | | | | | | | | | | | | | | | | This clearly links the log function with its private pointer, and makes the argument list for tdb_open_ex a bit shorter. Andrew Bartlett
| | * r16908: Set an error string if we can't find a backend for an operation.Andrew Bartlett2006-07-101-1/+5
| | | | | | | | | | | | Andrew Bartlett
| | * r16832: I should be more careful (and test!) when trying to make compilers andAndrew Bartlett2006-07-061-1/+3
| | | | | | | | | | | | | | | | | | static checkers happy... Andrew Bartlett
| | * r16829: Fix a number of issues raised by the IBM checker, or gcc warnings.Andrew Bartlett2006-07-061-8/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In particular, this removes one use of the LDB_DN_NULL_FAILED macro, which was being used on more than DNs, had an embedded goto, and confused the IBM checker. In the password_hash code, ensure that sambaAttr is not, before checking the number of values. In GENSEC, note that this switch value can't occour. This seems to be the only way to quiet both the IBM checker and gcc, as well as cope with possibly invalid inputs. Andrew Bartlet
| | * r16825: Make ldb_sainity_check() set an error string. This makes it muchAndrew Bartlett2006-07-064-13/+26
| | | | | | | | | | | | | | | | | | | | | | | | easier to chase down what modules or application code gets wrong. Ensure not to leave memory allocated on failure in ldb_search() Andrew Bartlett
| | * r16784: - make some function in ldb static, they not need to be exported ↵Simo Sorce2006-07-031-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | anywhere - fix a bad segfault Andrew please make test before committing. Simo.
| | * r16776: fix typoStefan Metzmacher2006-07-031-1/+1
| | | | | | | | | | | | metze
| | * r16774: This patch modifies the tdb API to allow the logging function to be usedAndrew Bartlett2006-07-0315-129/+198
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | as part of ldb. This allows tdb failures to be passed all the way up to Samba's DEBUG system, which allowed easier debugging. Unfortunately I had to extend the tdb API, as the logging function didn't have a context pointer. I've worked over the 'debug levels' in TDB. Most of them were 0, which didn't seem right, as some were trace-like messages. We didn't see any of these previously, except when accessing TDB directly. Andrew Bartlett
| | * r16716: patch from Bjoern Jacke to fix compiler warnings on AIXStefan Metzmacher2006-06-301-0/+44
| | | | | | | | | | | | metze
| | * r16571: - make push/pull_ascii()/_ucs() functions static,Stefan Metzmacher2006-06-271-6/+19
| | | | | | | | | | | | | | | | | | | | | | | | callers should use push/pull_string() functions with STR_ASCII or STR_UNICODE - make the push/pull_ascii/ucs2/utf8_talloc() functions complete (they should be reduced to pull/push_string_talloc() later...) metze
generated by cgit (git 2.34.1) at 2025-09-30 12:59:36 +0000