IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
- set better names on talloc structures in ldb modules, making leaks
easier to track down
(This used to be commit 3bf76db42dc6dde5d71083216dba819869b31c75)
In case you haven't noticed, lots of our packages now run the IBM
checker in the build farm on 'snab'
(This used to be commit b39a79f17c9d8729264436bb774e8bd2b88e12f9)
the whole ldb structure.
Because the sequence number was a fn pointer on the main ldb context,
turn it into a full request (currently sync).
Andrew Bartlett
(This used to be commit fbe7d0ca9031e292b2d2fae263233c973982980a)
I was sick of jumping inot each module for each request,
even the ones not handle by that module.
(This used to be commit 7d65105e885a28584e8555453b90232c43a92bf7)
I think I should change the name of this function
to ldb_async_process(), any opinions ?
(This used to be commit 3347322d1327cfa975ee9dccd4f2774e6e14fbcb)
my previous patch added it for modules). This is the next step towards
LDB backends and modules as run-time loadable .so files.
(This used to be commit fb2f70de4f6c4a9b13ad590cb4d3a9c858cede49)
Applications that use LDB modules will now have to run ldb_global_init()
before they can use LDB.
The next step will be adding support for loading LDB modules from .so
files. This will also allow us to use one LDB without difference between the
standalone and the Samba-specific build
(This used to be commit 52a235650514039bf8ffee99a784bbc1b6ae6b92)
Currently only ldb_ildap is async, the plan
is to first make all backend support the async calls,
and then remove the sync functions from backends and
keep the only in the API.
Modules will need to be transformed along the way.
Simo
(This used to be commit 1e2c13b2d52de7c534493dd79a2c0596a3e8c1f5)
want to see what it does ?
do aq make test and try:
./bin/ldbsearch -H st/private/sam.ldb --controls=asq:1:member -s base -b 'CN=Administrators,CN=Builtin,DC=samba,DC=example,DC=com' 'objectclass=*'
have fun.
simo.
(This used to be commit 900f4fd3435aacc3351f30afb77d3488d2cb4804)
it currently doesn't do much, but it's later
prevent adding corrupted records via ldbedit,
and will take care of the versionID counter
metze
(This used to be commit a6f279bc43c74cf4dc116cb6ba99f1aed13a4de9)
this helps in getting symbol -fvisibility=hidden (GCC 4 feature) working later.
metze
(This used to be commit 380938e97f31c7860aed1e73cc0110c6e17b472e)
This should be replaced with real ACLs, which tridge is working on.
In the meantime, the rules are very simple:
- SYSTEM and Administrators can read all.
- Users and anonymous cannot read passwords, can read everything else
- list of 'password' attributes is hard-coded
Most of the difficult work in this was fighting with the C/js
interface to add a system_session() all, as it still doesn't get on
with me :-)
Andrew Bartlett
(This used to be commit be9d0cae8989429ef47a713d8f0a82f12966fc78)
a second_stage_init private function for modules that need a second stage init.
Simo.
(This used to be commit 5e8b365fa2d93801a5de1d9ea76ce9d5546bd248)
There's still lot of work to do but the patch is stable
enough to be pushed into the main samba4 tree.
Simo.
(This used to be commit 77125feaff252cab44d26593093a9c211c846ce8)
module is perhaps not the most efficient, but I think it is
reasonable.
This should restore operation of MMC against Samba4 (broken by the
templating fixes).
Andrew Bartlett
(This used to be commit 41948c4bdbfca1160a01a92994324f9e22422afe)
using pre-calculated passwords for all kerberos key types.
(Previously we could only use these for the NT# type).
The module handles all of the hash/string2key tasks for all parts of
Samba, which was previously in the rpc_server/samr/samr_password.c
code. We also update the msDS-KeyVersionNumber, and the password
history. This new module can be called at provision time, which
ensures we start with a database that is consistent in this respect.
By ensuring that the krb5key attribute is the only one we need to
retrieve, this also simplifies the run-time KDC logic. (Each value of
the multi-valued attribute is encoded as a 'Key' in ASN.1, using the
definition from Heimdal's HDB. This simplfies the KDC code.).
It is hoped that this will speed up the KDC enough that it can again
operate under valgrind.
(This used to be commit e9022743210b59f19f370d772e532e0f08bfebd9)
