IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Encode and decode the OpenLDAP dereference control (draft-masarati-ldap-deref-00)
At this time, the ldb_controls infrustructure does not handle request
and reply controls having different formats, so this is purely the
client implementation (ie, there is no decode of the client->server
packet, and no encode of the server->client packet).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
The OpenLDAP dereference control (draft-masarati-ldap-deref-00) uses
an attribute list, as found in the search reply, but without one
enclosing ASN1_SEQUENCE(0)
This allows the dereference control parsing code to use this as a
helper function.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
dom_sid.sub_auths rather than a dynamically allocated one.
This makes it possible to use the same DCE/RPC object code for Samba 3
and Samba 4's DCE/RPC parsers and allows copying sids more easily
(since they no longer contain any pointers). The cost of having additional
manual marshalling code is limited (~35 additional lines of C code).
This broke ldbedit against a LDAP server,
as the editor is called by "system()" which relies
on getting something useful out of waitpid().
TODO: we should create a generic infrastructure to
handle temporary forks and integrate the signal
handling with signal events there.
metze
Eventually, we should move some of these parameters into a separate
struct (perhaps into smb_transport_options?), to avoid the long lists of
parameters.
This uses a virtual attribute 'clearTextPassword' (name chosen to
match references in MS-SAMR) that contains the length-limited blob
containing an allegidly UTF16 password. This ensures we do no
validation or filtering of the password before we get a chance to MD4
it. We can then do the required munging into UTF8, and in future
implement the rules Microsoft has provided us with for invalid inputs.
All layers in the process now deal with the strings as length-limited
inputs, incluing the krb5 string2key calls.
This commit also includes a small change to samdb_result_passwords()
to ensure that LM passwords are not returned to the application logic
if LM authentication is disabled.
The objectClass module has been modified to allow the
clearTextPassword attribute to pass down the stack.
Andrew Bartlett