IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
GUID_buf_string is supposed to never fail except if the guid passed in
is NULL. Our only current caller already checks
that. dbwrap_purge_bystring() could actually fail, so put the result
into a variable for the debugger.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(state->current_sid == NULL) is true if and only if we could not
assign state->current_sid because num_sids was too small. Make that
more explicit.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Inherit-only flag applies only to the container it was set to and it
shouldn't be automatically propagated to children.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15636
Signed-off-by: Anna Popova <popova.anna235@gmail.com>
Reviewed-by: Noel Power <noel.power@suse.com>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Mon Apr 29 10:56:48 UTC 2024 on atb-devel-224
Direct leak of 885 byte(s) in 1 object(s) allocated from:
#0 0x7f261b8dc03f in malloc (/lib64/libasan.so.8+0xdc03f) (BuildId: 3e1694ad218c99a8b1b69231666a27df63cf19d0)
#1 0x7f261b2c2bc2 in __talloc_with_prefix ../../lib/talloc/talloc.c:783
#2 0x7f261b2c543c in _talloc_pool ../../lib/talloc/talloc.c:838
#3 0x7f261b2c543c in _talloc_pooled_object ../../lib/talloc/talloc.c:906
#4 0x7f261a69cac9 in __tevent_req_create ../../lib/tevent/tevent_req.c:98
#5 0x7f261a75bf55 in cli_full_connection_creds_send ../../source3/libsmb/cliconnect.c:3455
#6 0x7f261a75c4b7 in cli_full_connection_creds ../../source3/libsmb/cliconnect.c:3818
#7 0x7f261b70d39f in libnet_join_connect_dc_ipc ../../source3/libnet/libnet_join.c:1146
#8 0x7f261b715794 in libnet_join_lookup_dc_rpc ../../source3/libnet/libnet_join.c:1188
#9 0x7f261b715794 in libnet_DomainJoin ../../source3/libnet/libnet_join.c:2812
#10 0x7f261b715794 in libnet_Join ../../source3/libnet/libnet_join.c:3040
#11 0x555bd93671ea in net_ads_join ../../source3/utils/net_ads.c:1855
#12 0x555bd9415ca9 in net_join ../../source3/utils/net_join.c:45
#13 0x555bd940b972 in net_run_function ../../source3/utils/net_util.c:464
#14 0x555bd9363129 in main ../../source3/utils/net.c:1372
#15 0x7f2616a281af in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
In order to use SASL authentitation within a TLS connection
we now provide "client ldap sasl wrapping = starttls" or
"client ldap sasl wrapping = ldaps".
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
There's no point in trying to support --with-ads, but only use
plaintext ldap without sign/seal.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Using 'Sockbuf_IO_Desc' in idl implicitly means pidl will use
'struct Sockbuf_IO_Desc', which doesn't exist!
Using 'struct sockbuf_io_desc' which is used in OpenLDAP to
typedef Sockbuf_IO_Desc, we won't need to cast the assign the
'sbiod' pointer.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Every AD DC supports kerberos so we can just use it without
asking the server (in an untrusted way) if kerberos is supported.
So remove another useless roundtrip.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Every AD DC supports 'GSS-SPNEGO' and that's the only one we use anyway,
so remove an unused roundtrip.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Also allow resetting to plain.
We now have ld->active as the currently active
tstream, which will allow us to add tls support
soon.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
We should not use the sync gensec_update() in async code!
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
An LDAP pdu is at least 7 bytes long, so we read at least 7 bytes,
then it's easy to use asn1_peek_full_tag() in order to find out the
whole length of the pdu on one go.
As a side effect it's now possible that wireshark can reassemble
the fragments in a socket_wrapper generated pcap file.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>