1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

168 Commits

Author SHA1 Message Date
Alexander Bokovoy
332b179143 smbldap: expose bind callback via API and increase smbldap ABI version
Until we fully migrate to use gensec in smbldap, we need to continue
exposing bind callback to allow FreeIPA to integrate with smbldap.

Since smbldap API is now lacking direct access to 'struct
smbldap_state' and new API functions were added to give access to
individual members of this structure, it makes sense to increase ABI
version too.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Tue Jul  4 11:14:49 CEST 2017 on sn-devel-144
2017-07-04 11:14:49 +02:00
Volker Lendecke
e4d013caa2 smbldap: Privatize struct smbldap_state
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2017-04-20 10:13:25 +02:00
Volker Lendecke
848067abbc smbldap: Introduce "smbldap_get_paged_results"
This should be hidden inside smbldap.c, but this is a quick way to
get smbldap_state private to smbldap.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2017-04-20 10:13:25 +02:00
Volker Lendecke
84b7125b99 smbldap: Introduce "smbldap_get_paged_results"
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2017-04-20 10:13:25 +02:00
Volker Lendecke
46968fc60f smbldap: Introduce "smbldap_get_ldap"
This is a pretty big boiler-plate change. I've renamed the struct member
temporarily to find all accessors. Not sure where this leads in the end, but
the goal is to make struct smbldap_struct private to smbldap.c

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2017-04-20 10:13:25 +02:00
Chris Lamb
c4feed0b8c Correct "doesnt" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-02-22 08:26:21 +01:00
Jeremy Allison
b5f1ce892a s3: lib: ldap: Use struct sockaddr_storage to cope with IPv6.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Uri Simchoni <uri@samba.org>
2016-05-29 05:37:12 +02:00
Michael Adam
476672b647 dlist: remove unneeded type argument from DLIST_ADD_END()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-02-06 21:48:17 +01:00
Mathieu Parent
c315fce17e Fix various spelling errors
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Nov  6 13:43:45 CET 2015 on sn-devel-104
2015-11-06 13:43:45 +01:00
Volker Lendecke
4a442e2eb7 lib: Make sid_parse take a uint8_t
sid_parse takes a binary blob, uint8_t reflects this a bit
better than char * does

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-08-26 21:41:12 +02:00
Björn Baumbach
fae7e5d771 lib-util: rename memdup to smb_memdup and fix all callers
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
2014-04-16 20:39:08 +02:00
Stefan Metzmacher
59b8f803d7 s3:lib: s/struct timed_event/struct tevent_timer
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-19 23:47:58 +01:00
Alexander Bokovoy
edfe0c0d13 s3-smbldap: use smbldap_ prefix for all functions 2012-09-07 12:31:42 +02:00
Andrew Bartlett
f3562424b6 lib/param: Move all enum declarations to lib/param
This is in preperation for the parameter table being made common.

Andrew Bartlett

Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
2012-07-24 11:01:17 +02:00
Rusty Russell
fe72740e82 loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.
They use talloc_tos() internally: hoist that up to the callers, some
of whom don't want to us talloc_tos().

A simple patch, but hits a lot of files.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-07-18 15:07:23 +09:30
Andreas Schneider
02c239c6d3 s3-passdb: Remove obsolte ldapsam_compat support. 2012-07-03 21:56:49 +02:00
Alexander Bokovoy
72029d5547 s3-smbldap: Add API for external callback to perform LDAP bind in smbldap
In order to support other bind methods, introduce a generic bind callback.
When smbldap_state.bind_callback is set, it means there is an alternative
way to perform LDAP bind to ldap_simple_bind_s() so call it instead.
The call is wrapped in become_root()/unbecome_root() to allow proper permissions
in smbd to access needed resources in the callback, for example, credential caches.
When run outside smbd, become_root()/unbecome_root() are no-op.

The API expectation is similar to ldap_simple_bind_s().

A caller of smbldap API can pass additional information to the callback by setting
smbldap_state.bind_callback_data pointer.

Both callback and the data pointer elements of smbldap_state structure get
cleaned up if someone sets proper credentials on smbldap_state with
smbldap_set_creds() so if you are interested in using smbldap_state.bind_dn
with the callback, make sure to set callback after credentials are set.
2012-05-24 16:21:26 +02:00
Jelmer Vernooij
c0288e0612 lib/util: Remove obsolete sys_getpid() and sys_fork().
The performance of these is minimal (these days) and they can return
invalid results when used as part of applications that do not use
sys_fork().

Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Mar 24 21:55:41 CET 2012 on sn-devel-104
2012-03-24 21:55:40 +01:00
Günther Deschner
e81d5505f4 s3-smbldap: remove dependency to secrets subsystem.
Guenther
2011-11-16 12:26:26 +01:00
Günther Deschner
65e2944c67 s3-smbldap: extend smbldap_init() with binddn/bindsecret arguments.
Guenther
2011-11-16 12:26:26 +01:00
Günther Deschner
8312ee1367 s3-passdb: split out passdb/pdb_ldap_schema.c
Guenther
2011-11-16 12:26:26 +01:00
Günther Deschner
0b6ced6209 s3-smbldap: use tevent_context in smbldap.
Guenther
2011-10-28 11:35:28 +02:00
Jeremy Allison
e25345a7a6 Ensure we never wait past absolute entime to do a get_cached_ldap_connect().
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Aug 20 20:09:37 CEST 2011 on sn-devel-104
2011-08-20 20:09:37 +02:00
Jeremy Allison
6c3779c80b Remove the tortured logic in another_ldap_try() and turn it into
get_cached_ldap_connect(), which much better describes it's function.

Now we always break at the right places in the loop, we can replace
the while (another_ldap_try(ldap_state, &rc, &attempts, abs_endtime))
construct with simply while (1).
2011-08-19 21:40:54 -07:00
Jeremy Allison
ce8a1a29ad Factor out the ldap_get_option calls into a function. 2011-08-19 21:30:04 -07:00
Jeremy Allison
832dce1a0a Simplify the logic on the another_ldap_try() loops by breaking
early out of the loop on success.
2011-08-19 21:27:18 -07:00
Jeremy Allison
03bdb26c5b Move the alarm setup/teardown out of another_ldap_try() and into separate
functions that bracket the another_ldap_try() loop. We now never leave a
dangling alarm pending on success.
2011-08-19 21:19:28 -07:00
Jeremy Allison
a357d044d4 Allow the timeout pointer to ldap_search_ext_s() to be NULL if lp_ldap_timeout() == 0. 2011-08-19 21:08:10 -07:00
Jeremy Allison
da89f7e24c Make it clear the time here is an absolute endtime. Don't set the alarm if the LDAP timeout is zero. 2011-08-19 21:01:49 -07:00
Jeremy Allison
f00c6c8561 Always remove the alarm before changing the handler, not the other way around. 2011-08-19 20:55:41 -07:00
Jeremy Allison
ec07aca7d5 Remove old_handler as alarms can't be nested. Use SIG_IGN instead. 2011-08-19 20:54:41 -07:00
Jeremy Allison
7cbcbee484 Change got_alarm from bool to the correct type of SIG_ATOMIC_T. 2011-08-19 20:53:49 -07:00
Björn Jacke
fd06cf379d s3/ldap: delay the ldap search alarm termination a bit
do the alarm termination of the the ldap search a bit delayed so the LDAP
server has a chance to tell us that the time limit was reached and the
search was abandoned. If the search is terminated this way we also get
the correct LDAP return code in the logs. If alarm() stops the search the ldap
search routine will report that the LDAP server is down which would trigger us
to rebind to the server needlessly which we also want to avoid.
2011-08-05 11:32:09 +02:00
Gregor Beck
1765833481 s3:smbldap: make smbldap_connect_system self contained
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Jul  1 12:37:50 CEST 2011 on sn-devel-104
2011-07-01 12:37:50 +02:00
Gregor Beck
6aff8b19fc s3:smbldap: add a destructor to smbldap_state, just in case
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-01 11:23:56 +02:00
Gregor Beck
796c7ab282 s3:smbldap: let smbldap_free_struct do what it claims to
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-01 11:23:49 +02:00
Gregor Beck
7eb9c70342 s3:smbldap: free the idle event scheduled in smbldap_open in smbldap_close
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-01 11:23:43 +02:00
Gregor Beck
343ef46b9b s3:smbldap: use smbldap_state as memory context for idle event
ensure the event is canceled if the smbldap_state gets freed
this fixes a panic of winbindd if verify_idpool fails

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2011-07-01 11:22:56 +02:00
Andrew Bartlett
ad0a07c531 s3-talloc Change TALLOC_ZERO_P() to talloc_zero()
Using the standard macro makes it easier to move code into common, as
TALLOC_ZERO_P isn't standard talloc.
2011-06-09 12:40:08 +02:00
Andrew Bartlett
d5e6a47f06 s3-talloc Change TALLOC_P() to talloc()
Using the standard macro makes it easier to move code into common, as
TALLOC_P isn't standard talloc.
2011-06-09 12:40:08 +02:00
Andrew Bartlett
3d15137653 s3-talloc Change TALLOC_ARRAY() to talloc_array()
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
2011-06-09 12:40:08 +02:00
Andrew Bartlett
c615ebed6e s3-lib Replace StrCaseCmp() with strcasecmp_m()
strcasecmp_m() never needs to call to talloc, and via next_codepoint()
still has an ASCII fast-path bypassing iconv() calls.

Andrew Bartlett
2011-05-18 16:12:08 +02:00
Jeremy Allison
7d6ebe0de7 More const fixes. Remove CONST_DISCARD. 2011-05-06 01:44:07 +02:00
Jeremy Allison
e131c94ac1 More const fixes for compiler warnings from the waf build. 2011-05-05 23:56:07 +02:00
Sumit Bose
f3b1a68f5f s3-smbldap: make octet_strings/DATA_BLOBs const.
Signed-off-by: Günther Deschner <gd@samba.org>
2011-04-06 11:53:56 +02:00
Günther Deschner
c4974eec01 s3-smbldap: support storing octet_strings/DATA_BLOBs.
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
2011-04-06 11:53:56 +02:00
Jeremy Allison
c109a70531 Fix convert_string() to take a *converted_size arg. and return a bool.
Makes these interfaces much harder to misuse and easier to ensure error
checking.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 30 23:59:37 CEST 2011 on sn-devel-104
2011-03-30 23:59:37 +02:00
Andrew Tridgell
15e84a9a09 charcnv: removed the allow_badcharcnv and allow_bad_conv options to convert_string*()
we shouldn't accept bad multi-byte strings, it just hides problems

Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Mar 24 01:47:26 CET 2011 on sn-devel-104
2011-03-24 01:47:26 +01:00
Andrew Bartlett
f768b32e37 libcli/security Provide a common, top level libcli/security/security.h
This will reduce the noise from merges of the rest of the
libcli/security code, without this commit changing what code
is actually used.

This includes (along with other security headers) dom_sid.h and
security_token.h

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-10-12 05:54:10 +00:00
Jeremy Allison
0ee8aa5c5d Fix warnings caused by double ";;" at the end of the time_mono() fixes. 2010-09-08 15:13:45 -07:00