summaryrefslogtreecommitdiffstats
path: root/source3/libads/ldap.c
Commit message (Collapse)AuthorAgeFilesLines
* Add comment explaining the previous fix.Jeremy Allison2009-04-281-0/+6
| | | | | Jeremy. (cherry picked from commit 0b0bb2c7eb44b403e6fd50cf480ed8b2fb24a7d5)
* Fix bug #6279 - winbindd crash. Cope with LDAP libraries returning ↵Jeremy Allison2009-04-281-0/+4
| | | | | | | LDAP_SUCCESS but not returning a result. Jeremy (cherry picked from commit 9ebc15bed8c05d0729066d97d3bfaade9fcbacb7)
* s3-libads: avoid NULL talloc context with ads_get_dn().Günther Deschner2009-04-151-8/+8
| | | | | | Guenther (cherry picked from commit d71dec9259366e99beca69fcd9397bd38ed82c71) (cherry picked from commit 4e32c424a00bc29e63176af9773f9ffa7aa09bc2)
* s3:libads Make ads_get_dn() take a talloc contextAndrew Bartlett2009-04-151-40/+29
| | | | | | | | | | | | | | Also remove ads_memfree(), which was only ever a wrapper around SAFE_FREE, used only to free the DN from ads_get_ds(). This actually makes libgpo more consistant, as it mixed a talloc and a malloc based string on the same element. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 20501876735fc4656083747ba8aa0de9da8fb820) (cherry picked from commit 6673ad24d48ad44fa76497f0327b13e82721d0a1)
* s3/libads: Change "ldap ssl:ads" parameter to "ldap ssl ads".Karolin Seeger2009-02-051-1/+1
| | | | Karolin
* s3: fix bug #6073: prevent ads_connect() from using SSL unless explicitly ↵Michael Adam2009-01-291-3/+5
| | | | | | | | | | | requested This fixes "net ads join". It copes with the changed default "ldap ssl = start tls". A new boolean option "ldap ssl : ads" is added to allow for explicitly requesting ssl with ads. Michael
* ads_connect: Return immediately on a failed GC connection.Gerald (Jerry) Carter2009-01-161-3/+14
| | | | | | | | | | | ads_connect_gc() feeds an explicit server to ads_connect(). However, if the resulting connection fails, the latter function was attempting to find a DC on its own and continuing the connection. This resulting in GC searches being sent over a connection using port 389 which would fail when using the base search suffix outside of the domain naming context. The fix is to fail immediately in ads_connect() since the GC lookup ordering is handled already in ads_connect_gc().
* Fix more asprintf errors and error code paths.Jeremy Allison2008-12-231-5/+9
| | | | Jeremy.
* s3:libads/ldap.c: store the dc name in the saf cache as in all other placesStefan Metzmacher2008-12-131-3/+2
| | | | | | | | metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit 543fa85a711337e979c7b631bda5db95d109ef59)
* s3:libads/ldap.c: if the client belongs to no site at all any dc is the closestStefan Metzmacher2008-12-131-0/+5
| | | | | | | | metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit f86ef9b53a903485deba94febf90dd4e657cc02b)
* s3:libads/ldap.c: pass the real workgroup name to get_dc_name()Stefan Metzmacher2008-12-131-1/+10
| | | | | | | | metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit c2d4a84abe1b6cbf68d6e9f1bb1f8974d0b628fc)
* s3: libads: use get_dc_name() instead of get_sorted_dc_list() in the LDAP caseStefan Metzmacher2008-12-131-1/+25
| | | | | | | | | | | | | We use get_dc_name() for LDAP because it generates the selfwritten krb5.conf with the correct kdc addresses and sets KRB5_CONFIG. For CLDAP we need to use get_sorted_dc_list() to avoid recursion. metze Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Günther Deschner <gd@samba.org> (cherry picked from commit d2f7f81f4d61bae9c4be65cbc1bf962b6c24a31f)
* s3:libads/ldap.c: return an error instead of crashing when no realm is givenStefan Metzmacher2008-11-241-4/+4
| | | | | | | | | The bug was triggered by "net ads info -S 127.8.7.6" (where 127.8.7.6 doesn't ex and "disable netbios = yes". metze Signed-off-by: Michael Adam <obnox@samba.org>
* Fix extended DN parse error when AD object does not have a SID.Steven Danneman2008-11-181-24/+38
| | | | | | | | | | | Some AD objects, like Exchange Public Folders, can be members of Security Groups but do not have a SID attribute. This patch adds more granular return errors to ads_get_sid_from_extended_dn(). Callers can now determine if a parse error occured because of bad input, or the DN was valid but contained no SID. I updated all callers to ignore SIDless objects when appropriate. Also did some cleanup to the out paths of lookup_usergroups_memberof()
* Whitespace and >80 column cleanups.Steven Danneman2008-11-181-12/+12
|
* Use GUID_string rather than smb_uuid_string().Jelmer Vernooij2008-10-141-2/+2
|
* fix build warnings.Günther Deschner2008-10-131-1/+1
| | | | Guenther
* Use common strlist implementation in Samba 3 and Samba 4.Jelmer Vernooij2008-10-121-2/+2
|
* Fix an uninitialized variable found by the IBM CheckerVolker Lendecke2008-10-041-0/+1
|
* s3-nbt: use the new generated nbt.Günther Deschner2008-09-241-1/+1
| | | | Guenther
* libads: remove unused vars.Günther Deschner2008-08-201-3/+0
| | | | | Guenther (This used to be commit ea9fc3bea31b11e715d9524defc18b75e5943842)
* libads: Add API call to connect to a global catalog server.Gerald W. Carter2008-06-271-5/+140
| | | | | | | Extends ads_connect() to a new call ads_connect_gc() which connects on port 3268 rather than port 389. Also makes ads_try_connect() static and only used internally to ldap.c (This used to be commit f4c37dbe2c986fb7bfe510cdff3b4a9fbc06d079)
* libads: add ads_connect_user_creds() that won't overwrite given user creds.Günther Deschner2008-06-241-0/+12
| | | | | Guenther (This used to be commit 026018c9f1ed0680b3ca5b26dd6b8dc466e27e0d)
* libads: add ads_get_machine_kvno() to make ads_get_kvno() a bit more generic.Günther Deschner2008-06-171-7/+29
| | | | | Guenther (This used to be commit cb7ace209c2051ae02647188715fa6ee324c2bf6)
* libads: fix logic error in ads_get_kvno().Günther Deschner2008-06-171-1/+1
| | | | | Guenther (This used to be commit 132b038581a1a91b4e70c7c44f97f52866609812)
* Revert "Fix a memleak in ads_find_dc() in case get_sorted_dc_list() fails"Volker Lendecke2008-06-171-1/+0
| | | | | This reverts commit df8d089bc63c2a52cbdf3504cded8df620a59902. (This used to be commit 342f8858200ed7c446516c270e1b4284d92010d8)
* Fix a memleak in ads_find_dc() in case get_sorted_dc_list() failsVolker Lendecke2008-06-051-0/+1
| | | | | | This is really not a proper place to fix this, but as get_gc_list() and friends are about to be replaced anyway, just work around the broken existing API (This used to be commit df8d089bc63c2a52cbdf3504cded8df620a59902)
* Cleanup size_t return values in callers of convert_string_allocateTim Prouty2008-05-201-20/+43
| | | | | | This patch is the second iteration of an inside-out conversion to cleanup functions in charcnv.c returning size_t == -1 to indicate failure. (This used to be commit 6b189dabc562d86dcaa685419d0cb6ea276f100d)
* libads/cldap: store client sitename also keyed by dns domain name.Günther Deschner2008-05-151-0/+1
| | | | | Guenther (This used to be commit 0388b2f0cc4d14b005c5b42f2c17ddcbc8bef12a)
* Fix Bug #5465 (joining with createcomputer=ou1/ou2/ou3).Günther Deschner2008-05-141-5/+5
| | | | | Guenther (This used to be commit f3251ba03a69c2fd0335861177159a32b2bc9477)
* cldap: let ads_cldap_netlogon() return all possible cldap replies.Günther Deschner2008-05-091-1/+1
| | | | | Guenther (This used to be commit 6f9d5e1cc94bc90685b54c04622b8f3357bd2f69)
* Fix bug 5419: memory leak in ads_do_search_all_args() when enumerating 1000s ↵Steven Danneman2008-04-261-2/+24
| | | | | | | | | | | | | | | | | | | | of entries The ads_do_search_all_args() function attempts to string together several LDAPMessage structures, returned across several paged ldap requests, into a single LDAPMessage structure. It does this by pulling entries off the second LDAPMessage structure and appending them to the first via the OpenLDAP specific ldap_add_result_entry() call. The problem with this approach is it skips non-entry messages such as the result, and controls. These messages are leaked. The short term solution as suggested by Volker is to replace the ads_*_entry() calls with ads_*_message() calls so we don't leak any messages. This fixes the leak but doesn't remove the dependence on the OpenLDAP specific implementation of ldap_add_result_entry(). (This used to be commit f1a5405409c396df394611e2a234522572d2860a)
* cldap: avoid duplicate definitions so remove ads_cldap.h.Günther Deschner2008-04-211-4/+4
| | | | | Guenther (This used to be commit 538eefe22ad69540b9f73ffaa613d6be045de199)
* cldap: add talloc context to ads_cldap_netlogon().Günther Deschner2008-04-211-10/+21
| | | | | Guenther (This used to be commit 4cee7b1bd5cd97c414b73d6f39238958480cdcf3)
* libads: Use libnbt for CLDAP reply parsing.Günther Deschner2008-04-211-12/+12
| | | | | Guenther (This used to be commit 751f3064a508341c0ebae45e8de9f5311d915d70)
* Add ads_check_ou_dn().Günther Deschner2008-03-281-0/+47
| | | | | Guenther (This used to be commit 380e9d26db5341d10807ccbfb413d0f53d3ffc71)
* Fix Coverity ID 487Volker Lendecke2008-03-231-0/+1
| | | | (This used to be commit 22cee9c1afbc33b4920b72bc81569d79642172af)
* Coverity fixesMarc VanHeyningen2008-03-171-1/+4
| | | | (This used to be commit 3fc85d22590550f0539215d020e4411bf5b14363)
* str_list_free is not needed anymoreVolker Lendecke2008-02-041-2/+2
| | | | (This used to be commit feddc1447d585fd108d22a36bccc576fa81197ef)
* Always pass a TALLOC_CTX to str_list_make and str_list_copyVolker Lendecke2008-02-041-2/+2
| | | | (This used to be commit e2c9fc4cf5f0ff725330fa44f53782db65fca37e)
* When running with debug level > 10, dump ads_struct in ads_connect().Günther Deschner2008-01-311-9/+33
| | | | | Guenther (This used to be commit 2dd7c64fa8845fe502789068b877f5eaf060afc7)
* Do not ignore provided machine_name in ads_get_upn().Günther Deschner2008-01-081-5/+5
| | | | | Guenther (This used to be commit ddc1307844379f99b3dde48fc351d0326d22a7ce)
* Re-Indent function ldap_open_with_timeout().Michael Adam2008-01-041-1/+1
| | | | | | | | | | | This reverts commit #cafda34783f0961c9b463803c19cfcb69f836e3f . I just learned (the hard way) that these indeted functions are not indented by accident but that the intention of this is to not include the prototype into proto.h. Michael (This used to be commit 2e5d01b2146bb9e057b2779d9fe7691ed46d9f45)
* Add a debug message (when the LDAP server has really been connected).Michael Adam2008-01-041-0/+1
| | | | | Michael (This used to be commit 7d9d2de39072b3291b95ac3965df0d19f83792b9)
* Untangle assignment and result check.Michael Adam2008-01-041-3/+3
| | | | | Michael (This used to be commit 465a3b356cffb855e26569d3752f15cac07208c0)
* Enhance DEBUG-verbosity of ldap_open_with_timeout().Michael Adam2008-01-041-1/+7
| | | | | Michael (This used to be commit 9e70d1f24dd304c363a1bde97b5af618b46edc49)
* Unindent function header.Michael Adam2008-01-041-1/+1
| | | | | Michael (This used to be commit cafda34783f0961c9b463803c19cfcb69f836e3f)
* Fix a misleading DEBUG message.Michael Adam2008-01-041-1/+1
| | | | | | | | | At this stage, the (tcp) connection to the LDAP server has not been established, this is what is about to be attempted. What has been succesfully done, is a CLDAP netlogon query. Michael (This used to be commit 71c3c8ad4c92c5f6267b84ee1d207e5e49e9a4ec)
* Add ads_get_joinable_ous().Günther Deschner2008-01-031-0/+60
| | | | | Guenther (This used to be commit 5bbceac88159ef6ff83d9cc62c77c7af2116967d)
* Make use of [un]marshall_sec_descVolker Lendecke2007-12-291-9/+11
| | | | (This used to be commit 54576733d6c0511dc7379f964b1cb035913b7c8d)
generated by cgit (git 2.34.1) at 2025-08-29 06:39:35 +0000