IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This will allow us to detect from the smb.conf if this is a Samba4 AD
DC which will allow smarter handling of (for example) accidentially
starting smbd rather than samba.
To cope with upgrades from existing Samba4 installs, 'domain
controller' is a synonym of 'active directory domain controller' and
new parameters 'classic primary domain controller' and 'classic backup
domain controller' are added.
Andrew Bartlett
The iface_count, iface_n_bcast, and load_interfaces functions
conflicted with functions of the same name in source3, so the source4
functions were renamed. Hopefully we can actually wrap one around the
other in future.
Andrew Bartlett
If we immediately afterwards perform an LDB base operation then we don't
need an explicit "ldb_dn_validate" check anymore (only OOM makes sense).
Reviewed by: Tridge
thi ensures we are using the header corresponding to the version of
ldb we're linking against. Otherwise we could use the system ldb for
link and the in-tree one for include
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
the parent of this session_info is either the stream_connection, or
its a system_session(). In either case reparenting it on the
ldapsrv_connection doesn't achieve anything that I can see.
The move was causing a steal on reference error because the
session_info often has multiple references.
Thanks to Metze for spotting this.
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Dec 1 22:10:42 CET 2010 on sn-devel-104
We previously allocated sockets as direct children of the event
context. That led to crashes if a service called
task_server_terminate(), as it left the socket open and handling
events for a dead protocol.
Making them a child of the task allows the task to terminate and take
all its sockets with it.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
this also removes the event_context parameter from process model
initialisation. It isn't needed, and is confusing when a process model
init can be called from more than one place, possibly with different
event contexts.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
This should make our sasl and tls handling much more robust
against partial sent pdus.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Oct 8 11:55:26 UTC 2010 on sn-devel-104
This reverts commit b53fbc75ac.
There are problems with problems with broken gnutls versions.
We can readd this once we have the needed configure checks to
detect the bug in gnutls. See https://bugzilla.samba.org/show_bug.cgi?id=7218.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Thu Oct 7 10:31:18 UTC 2010 on sn-devel-104
This ensures that two ldap server operations cannot happen in parallel
by using packet_recv_disable() and packet_recv_enable() to disable
other interfaces during ldap calls.
This prevents problems caused by parallel ldap operations where
transactions could overlap.
this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This should always return a simple structure with no need to consult a
DB, so remove the event context, and simplfy to call helper functions
that don't look at privilages.
Andrew Bartlett
This allows us to reuse a ldb context if it is open twice, instead
of going through the expensive process of a full ldb open. We can
reuse it if all of the parameters are the same.
The change relies on callers using talloc_unlink() or free of a parent
to close a ldb context.
This patch adds a system_session cache, preventing us from having to
recreate it on every ldb open, and allowing us to detect when the same
session is being used in ldb_wrap
It seems that the samba4 part of the merged build does not pick up the
DEVELOPER flag from the s3 configure.
Jelmer, can you fix that properly?
Thanks,
Volker
This makes it clear to our users that this particular implementation
isn't final (all parties are agreed that an EXTERNAL bind is the right
way to do this, but it has not been implemented yet).
Andrew Bartlett
This patch creates ldap_priv/ as a subdirectory under the private dir with the
appropriate permissions to only allow the same access as the privileged winbind
socket allows. Connecting to ldap_priv/ldapi gives SYSTEM access to the ldap
database.
Our packet layer relies on the event system reliably telling us when a
packet is available. When we are using a socket layer like TLS then
things get a bit trickier, as there may be bytes in the encryption
buffer which could be read even if there are no bytes at the socket
level. The GNUTLS library is supposed to prevent this happening by
always leaving some data at the socket level when there is data to be
processed in its buffers, but it seems that this is not always
reliable.
To work around this I have added a new packet option
packet_set_unreliable_select() which tells the packet layer to not
assume that the socket layer has a reliable select, and to instead
keep trying to read from the socket until it gets back no data. This
option is set for the ldap client and server when TLS is negotiated.
This seems to fix the problems with the ldaps tests.
