samba.git/source4/libcli/ldap/ldap_client.c, branch talloc-2.0.8 Unnamed repository; edit this file 'description' to name the repository. s4:libcli/ldap: fix sending oneway requests 2010-09-27T06:24:36+00:00 Stefan Metzmacher metze@samba.org 2010-09-26T20:34:37+00:00 b65a164f3e05a53c08998dc86eb6a899278f687a metze 
metze
s4/ldap: use time_mono for reconnect timeout 2010-09-10T21:10:26+00:00 Björn Jacke bj@sernet.de 2010-09-10T18:39:20+00:00 d320aa1212ba926f81d37ee0690381f1f287f30d 






s4-loadparm: 2nd half of lp_ to lpcfg_ conversion
2010-07-16T08:24:27+00:00

Andrew Tridgell
tridge@samba.org

2010-07-16T04:32:42+00:00

6b266b85cf34145ac1f03d8f787b81121e4ec92b

this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>





this converts all callers that use the Samba4 loadparm lp_ calling
convention to use the lpcfg_ prefix.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>







s4:libcli/ldap Rename ldap.h to libcli_ldap.h
2010-05-21T07:39:15+00:00

Andrew Bartlett
abartlet@samba.org

2010-05-21T07:39:15+00:00

c8a23147fe12c693fd7944af7bb09b88393789d9

It is a problem if a samba header is called ldap.h if we also want
to use OpenLDAP's ldap.h

Andrew Bartlett





It is a problem if a samba header is called ldap.h if we also want
to use OpenLDAP's ldap.h

Andrew Bartlett







s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where needed
2009-10-14T08:50:43+00:00

Matthias Dieter Wallnöfer
mwallnoefer@yahoo.de

2009-10-12T17:09:18+00:00

e9686985cbf1f5234d9e9731176b1eb4e02911e8

For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.





For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.







s4: fix various warnings (not "const" related ones)
2009-10-02T13:33:48+00:00

Matthias Dieter Wallnöfer
mwallnoefer@yahoo.de

2009-09-29T09:49:50+00:00

44df2488e30da783add33b4fb85d96ce65856484












s4:libcli/ldap Explain why we set a hostname for ldapi:// connections
2009-08-17T01:08:42+00:00

Andrew Bartlett
abartlet@samba.org

2009-08-14T07:50:18+00:00

7496095c1b119c1e4f99d985b6dca6ee68dcb520

It is a pretty odd thing to do, and it's only because of the
restrictions of DIGEST-MD5 in Cyrus SASL that we do it.

Andrew Bartlett





It is a pretty odd thing to do, and it's only because of the
restrictions of DIGEST-MD5 in Cyrus SASL that we do it.

Andrew Bartlett







s4:libcli/ldap: the tls code steals the original socket on its own now
2009-07-31T12:42:05+00:00

Stefan Metzmacher
metze@samba.org

2009-07-30T06:44:21+00:00

a3bcbd177537e5da437974e64bbd07d88c087fa2

metze





metze







libcli/ldap: move generic ldap control encoding code to ldap_message.c
2009-02-24T16:55:41+00:00

Stefan Metzmacher
metze@samba.org

2009-02-24T15:49:26+00:00

f6b0a99cefaedfa7642af31f8fcc4457bacb07a3

As they can we static there, we pass the specific handlers as parameter
where we need to support controls.

metze





As they can we static there, we pass the specific handlers as parameter
where we need to support controls.

metze







Worked around a problem with select/poll/epoll and gnutls 
2009-02-18T06:37:45+00:00

Andrew Tridgell
tridge@samba.org

2009-02-18T06:37:45+00:00

bb7e6f0f51a91e461c18efd392af3e4fc6174c34

Our packet layer relies on the event system reliably telling us when a
packet is available. When we are using a socket layer like TLS then
things get a bit trickier, as there may be bytes in the encryption
buffer which could be read even if there are no bytes at the socket
level. The GNUTLS library is supposed to prevent this happening by
always leaving some data at the socket level when there is data to be
processed in its buffers, but it seems that this is not always
reliable.

To work around this I have added a new packet option
packet_set_unreliable_select() which tells the packet layer to not
assume that the socket layer has a reliable select, and to instead
keep trying to read from the socket until it gets back no data. This
option is set for the ldap client and server when TLS is negotiated.

This seems to fix the problems with the ldaps tests.





Our packet layer relies on the event system reliably telling us when a
packet is available. When we are using a socket layer like TLS then
things get a bit trickier, as there may be bytes in the encryption
buffer which could be read even if there are no bytes at the socket
level. The GNUTLS library is supposed to prevent this happening by
always leaving some data at the socket level when there is data to be
processed in its buffers, but it seems that this is not always
reliable.

To work around this I have added a new packet option
packet_set_unreliable_select() which tells the packet layer to not
assume that the socket layer has a reliable select, and to instead
keep trying to read from the socket until it gets back no data. This
option is set for the ldap client and server when TLS is negotiated.

This seems to fix the problems with the ldaps tests.