sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-04 17:47:26 +03:00
Code
4,985 Commits 60 Branches 1,146 Tags
Commit Graph

4985 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jelmer Vernooij
5122b9f608 r7729: Small fixes to the charset stuff. 2007-10-10 13:18:27 -05:00
Andrew Tridgell
57132344b4 r7728: handle 64 bit integers in INTEGER match 2007-10-10 13:18:27 -05:00
Andrew Tridgell
941509ee58 r7727: we need to mark some attributes as INTEGER, so that the standard searches 
that w2k does work. For example, w2k asks for sAMAccountType=805306369 which
will only match if we know its an integer
 2007-10-10 13:18:27 -05:00
Andrew Tridgell
8698a20fcc r7726: - removed some unused variables 
- handle ldb_errstring() calls on failed connect
 2007-10-10 13:18:27 -05:00
Andrew Tridgell
0f22306a9c r7725: fixed a bug with partial asn1 frames in the ldap client 2007-10-10 13:18:26 -05:00
Andrew Tridgell
82b1feeafe r7724: added encoding of LDB_OP_NOT search components 2007-10-10 13:18:26 -05:00
Andrew Tridgell
25d500b6e5 r7723: - fix a mismatched asn1 push/pop on bind 
- add error checking to ldap_encode()

- fixed the asn1 codes for extended search

- use asn1 context macros
 2007-10-10 13:18:26 -05:00
Andrew Tridgell
0603235304 r7722: when we get a zero read, the connection is dead 2007-10-10 13:18:26 -05:00
Andrew Tridgell
73a21737ce r7721: solve a problem with null arguments to testit() 2007-10-10 13:18:26 -05:00
Andrew Tridgell
09060994c1 r7720: - simplify the asn1 decode of ldap_search() a lot, taking advantage of 
the fact that the ldap data structures now use ldb_message_element.

- fixed null termination of elements in ildap
 2007-10-10 13:18:26 -05:00
Andrew Tridgell
f6c2c51907 r7719: make the ildap ldb backend use the defaultNamingContext if the basedn 
is not specified, so:

  ldbsearch ldap://hostname '(objectclass=user)'

works without knowing the domain name
 2007-10-10 13:18:26 -05:00
Andrew Tridgell
fc8feee560 r7717: fixed some typos 2007-10-10 13:18:25 -05:00
Andrew Tridgell
de5f265b6c r7716: a single wrapped ldap blob can contain multiple ldap messages 2007-10-10 13:18:25 -05:00
Andrew Tridgell
dc419fc899 r7715: ensure we don't print null strings in ldap_errstr() 2007-10-10 13:18:25 -05:00
Andrew Tridgell
6277c3923e r7714: enable samba credentials handling in ldb tools. So you can now do a 
encrypted ldbedit against w2k3
 2007-10-10 13:18:25 -05:00
Andrew Tridgell
abc9f4bd89 r7713: fixed error display in ildap_search() 2007-10-10 13:18:25 -05:00
Andrew Tridgell
aec0544962 r7712: ldb/common/util.c is gone 2007-10-10 13:18:25 -05:00
Andrew Tridgell
f852661463 r7711: update callers of ldb_connect() for new syntax 2007-10-10 13:18:24 -05:00
Andrew Tridgell
5e8db1c9b3 r7710: new command line handling code for ldb 2007-10-10 13:18:24 -05:00
Andrew Tridgell
f648fdf187 r7709: - convert ldb to use popt, so that it can interact with the samba 
cmdline credentials code (which will be done soon)

- added a ldb_init() call, and changed ldb_connect() to take a ldb
  context. This allows for much better error handling in
  ldb_connect(), and also made the popt conversion easier

- fixed up all the existing backends with the new syntax

- improved error handling in *_connect()

- fixed a crash bug in the new case_fold_required() code

- ensured that ltdb_rename() and all ltdb_search() paths get the read lock

- added a ldb_oom() macro to make it easier to report out of memory
  situations in ldb code
 2007-10-10 13:18:24 -05:00
Jelmer Vernooij
72efb69529 r7706: Move ParseExpr() to util. 2007-10-10 13:18:24 -05:00
Andrew Tridgell
0163d7fe99 r7705: prevent SIGPIPE. this is what causes BASE-NEGNOWAIT to sometimes fail 2007-10-10 13:18:24 -05:00
Andrew Tridgell
1011b1bf51 r7704: - fixed open_nbt_connection() to return NULL when the connection failed 
- got rid of smbcli_shutdown() and use talloc_free() instead.
 2007-10-10 13:18:23 -05:00
Jelmer Vernooij
7012e10bb6 r7702: Implement [charset()] attribute. 2007-10-10 13:18:23 -05:00
Jelmer Vernooij
a73a35cfc7 r7695: Add support for the [string] attribute that works in the traditional sense. Not 
used anywhere yet.
 2007-10-10 13:18:23 -05:00
Andrew Bartlett
00b8588c68 r7690: Move the NT hash generation into the credentials system, rather than 
in all the callers.  This also allows us to be more flexible in the
type of password we store.

Andrew Bartlett
 2007-10-10 13:18:23 -05:00
Andrew Bartlett
fbec0ed13b r7689: Add new file from previous commit (seperate file for session key test). 2007-10-10 13:18:23 -05:00
Andrew Bartlett
337cb20ac4 r7688: Fix the internal heimdal build - push one #define back to 
heimdal_build/config.h

Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
898f72d196 r7687: Some more tests that must be done only when krb5_config is absent. 
Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
7520879bb0 r7686: Check for a type of invalid account name. 
Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
a32066a9ec r7685: Simply the test for session key logic, so we pass against NT4. 
Now, to try and figure out why this logic failed for jra...

Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
47f433708b r7684: Add a test aimed at checking we have agreement between client and 
server as to the CIFS session key.

JRA had pain with this being wrong against NT4 (without spnego), hence
this specific test.

Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
31f7ec38e6 r7683: The other file from the last commit. And it's include/system/kerberos.h that I'm putting the #defines in... 
Andrew Bartlett
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
3f473a9377 r7682: Move the properties of our heimdal build from heimdal_build/config.h 
(which gets included by heimdal, or shoudl be) into
auth/kerberos/kerberos.h (which is used by Samba, but not by the
Heimdal code).

Andrew Barteltt
 2007-10-10 13:18:22 -05:00
Andrew Bartlett
2a22f413c9 r7681: This #define is unused. 
Andrew Bartlett
 2007-10-10 13:18:21 -05:00
Andrew Bartlett
fb83465dbc r7680: Move to using our own private enum for the principal type inside the 
hdb-ldb module.  This removes the need for the KRBTGT case to exist in
the broader heimdal code.

Andrew Bartlett
 2007-10-10 13:18:21 -05:00
Stefan Metzmacher
6ad7ffab04 r7679: update the documentation of security_description_create() 
metze
 2007-10-10 13:18:21 -05:00
Andrew Tridgell
df29f25140 r7678: fixed typo 2007-10-10 13:18:21 -05:00
Andrew Tridgell
f6abed5660 r7677: fixed ldap server to honor 'private path' 2007-10-10 13:18:21 -05:00
Andrew Bartlett
eb1d37c5a9 r7676: Make VUID and TID choice random, as this gives us protection against 
replay attacks under SMB signing, where the session key is a fixed
derivitive of the user's password.

This removes the VID offset, but I'm not worried about random client
bytes mattering here, given the space (and the fact that it applies to
very, very old clients).

Andrew Bartlett
 2007-10-10 13:18:21 -05:00
Andrew Bartlett
36dc2491d7 r7675: Use correct memory context for anonymous session setup auth context 
(no need for it to hang around forever).

Add test for this behaviour.

Andrew Bartlett
 2007-10-10 13:18:21 -05:00
Andrew Bartlett
4c254754d2 r7674: Fix the printf() attribute suggestion by correctly prototyping, then 
declaring the static function.  The attribute only works on the
prototype, not the function.

Andrew Bartlett
 2007-10-10 13:18:20 -05:00
Andrew Bartlett
005e2c0cfe r7673: With current Heimdal we don't need this (correct) fix. 
This will however still be useful when we have crypt() based
authentication.

Andrew Bartlett
 2007-10-10 13:18:20 -05:00
Andrew Tridgell
3fe00b6114 r7672: this should fix the crypt dependency problem (I hope!) 2007-10-10 13:18:20 -05:00
Andrew Tridgell
dcdf44024a r7671: added ldap testing to the set of standard tests 2007-10-10 13:18:20 -05:00
Andrew Tridgell
0981a375cf r7670: fixed rootDSE search in ldap server 2007-10-10 13:18:20 -05:00
Andrew Tridgell
844d2a2083 r7669: removed ldap from our configure tests 
This takes our link dependencies from this:

tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch
        libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000)
        libldap_r.so.2 => /usr/lib/libldap_r.so.2 (0xb7f92000)
        liblber.so.2 => /usr/local/lib/liblber.so.2 (0xb7f85000)
        libpam.so.0 => /lib/libpam.so.0 (0xb7f7d000)
        libc.so.6 => /lib/tls/libc.so.6 (0xb7e48000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000)
        libresolv.so.2 => /lib/tls/libresolv.so.2 (0xb7e36000)
        libcrypt.so.1 => /lib/tls/libcrypt.so.1 (0xb7e09000)
        libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7df3000)
        libgnutls.so.11 => /usr/lib/libgnutls.so.11 (0xb7d8c000)
        libpthread.so.0 => /lib/tls/libpthread.so.0 (0xb7d7d000)
        libtasn1.so.2 => /usr/lib/libtasn1.so.2 (0xb7d6d000)
        libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7d20000)
        libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7d1c000)
        libz.so.1 => /usr/lib/libz.so.1 (0xb7d09000)
        libnsl.so.1 => /lib/tls/libnsl.so.1 (0xb7cf5000)

to this:

tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch
        libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000)
        libpam.so.0 => /lib/libpam.so.0 (0xb7fc0000)
        libc.so.6 => /lib/tls/libc.so.6 (0xb7e8b000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000)

this finally gets rid of the implicit dependency on pthreads! Yay!
 2007-10-10 13:18:20 -05:00
Andrew Tridgell
3f77b879a0 r7668: - setup HAVE_ILDAP to enable the ildap backend in ldb 
- fixed a bug in socket_connect_ev()
 2007-10-10 13:18:20 -05:00
Andrew Tridgell
74841dbb2a r7667: added a ldb ildap backend, using our internal ldap client library. Next step is to 
remove the check for the ldap libraries in configure
 2007-10-10 13:18:19 -05:00
Andrew Tridgell
ac3f33c615 r7666: fixed a memory leak in the ldap ldb backend 2007-10-10 13:18:19 -05:00