PERFORCE change 108719 for review
Michael Bushkov
bushman at FreeBSD.org
Mon Oct 30 09:46:32 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=108719
Change 108719 by bushman at bushman_nss_ldap_cached on 2006/10/30 09:45:51
IFC
Affected files ...
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/defaults/rc.conf#3 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/network.subr#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/pf.os#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/rc.d/ppp#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/rc.firewall#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/gmon/Makefile.inc#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/net/inet.3#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/resolv/res_send.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/stdio/xprintf.c#3 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/hashtable.h#1 branch
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_group.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_group.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_passwd.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_passwd.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_serv.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_serv.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapconf.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapconf.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapconn.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapsearch.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldapsearch.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldaputil.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldaputil.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/nss_ldap.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/nss_ldap.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/share/mk/bsd.lib.mk#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/config.5#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/config.h#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/config.y#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/main.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/config/mkmakefile.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fdcontrol/fdcontrol.8#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/Makefile#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwcontrol.8#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwcontrol.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwdv.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwmethods.h#1 branch
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/fwcontrol/fwmpegts.c#1 branch
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/smbmsg/smbmsg.8#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/sysinstall/dist.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/sysinstall/install.c#2 integrate
.. //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/usr.sbin/sysinstall/sysinstall.h#2 integrate
Differences ...
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/defaults/rc.conf#3 (text+ko) ====
@@ -15,7 +15,7 @@
# For a more detailed explanation of all the rc.conf variables, please
# refer to the rc.conf(5) manual page.
#
-# $FreeBSD: src/etc/defaults/rc.conf,v 1.300 2006/10/15 15:55:00 ceri Exp $
+# $FreeBSD: src/etc/defaults/rc.conf,v 1.301 2006/10/28 20:08:12 phk Exp $
##############################################################
### Important initial Boot-time options ####################
@@ -104,6 +104,16 @@
firewall_quiet="NO" # Set to YES to suppress rule display
firewall_logging="NO" # Set to YES to enable events logging
firewall_flags="" # Flags passed to ipfw when type is a file
+firewall_myservices="" # List of TCP ports on which this host
+ # offers services
+firewall_allowservices="" # List of IPs which has access to
+ # $firewall_myservices
+firewall_trusted="" # List of IPs which has full access to this host
+firewall_logdeny="NO" # Set to YES to log default denied incoming
+ # packets.
+firewall_nologports="135-139,445 1026,1027 1433,1434" # List of TCP/UDP ports
+ # for which denied incoming packets are not
+ # logged.
ip_portrange_first="NO" # Set first dynamically allocated port
ip_portrange_last="NO" # Set last dynamically allocated port
ike_enable="NO" # Enable IKE daemon (usually racoon or isakmpd)
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/network.subr#2 (text+ko) ====
@@ -22,7 +22,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# $FreeBSD: src/etc/network.subr,v 1.175 2006/10/07 15:45:56 ume Exp $
+# $FreeBSD: src/etc/network.subr,v 1.176 2006/10/29 13:29:49 mlaier Exp $
#
#
@@ -690,7 +690,7 @@
if [ ${rtsol_available} = yes -a ${rtsol_interface} = yes ]
then
case ${i} in
- lo0|gif[0-9]*|stf[0-9]*|faith[0-9]*|lp[0-9]*|sl[0-9]*|tun[0-9]*)
+ lo0|gif[0-9]*|stf[0-9]*|faith[0-9]*|lp[0-9]*|sl[0-9]*|tun[0-9]*|pflog[0-9]*|pfsync[0-9]*)
;;
*)
rtsol_interfaces="${rtsol_interfaces} ${i}"
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/pf.os#2 (text+ko) ====
@@ -1,5 +1,5 @@
-# $FreeBSD: src/etc/pf.os,v 1.3 2004/09/14 00:30:14 mlaier Exp $
-# $OpenBSD: pf.os,v 1.17 2004/04/28 01:01:27 deraadt Exp $
+# $FreeBSD: src/etc/pf.os,v 1.4 2006/10/23 05:09:44 delphij Exp $
+# $OpenBSD: pf.os,v 1.21 2006/07/28 21:51:12 david Exp $
# passive OS fingerprinting
# -------------------------
#
@@ -223,9 +223,10 @@
S4:64:1:60:M1360,S,T,N,W0: Linux:google::Linux (Google crawlbot)
S2:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4 (big boy)
-S3:64:1:60:M*,S,T,N,W0: Linux:2.4:18-21:Linux 2.4.18 and newer
-S4:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4/2.6
-S4:64:1:60:M*,S,T,N,W0: Linux:2.6::Linux 2.4/2.6
+S3:64:1:60:M*,S,T,N,W0: Linux:2.4:.18-21:Linux 2.4.18 and newer
+S4:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4/2.6 <= 2.6.7
+S4:64:1:60:M*,S,T,N,W0: Linux:2.6:.1-7:Linux 2.4/2.6 <= 2.6.7
+S4:64:1:60:M*,S,T,N,W7: Linux:2.6:8:Linux 2.6.8 and newer (?)
S3:64:1:60:M*,S,T,N,W1: Linux:2.5::Linux 2.5 (sometimes 2.4)
S4:64:1:60:M*,S,T,N,W1: Linux:2.5-2.6::Linux 2.5/2.6
@@ -260,27 +261,28 @@
# ----------------- FreeBSD -----------------
-16384:64:1:44:M*: FreeBSD:2.0-2.2::FreeBSD 2.0-4.1
-16384:64:1:44:M*: FreeBSD:3.0-3.5::FreeBSD 2.0-4.1
-16384:64:1:44:M*: FreeBSD:4.0-4.1::FreeBSD 2.0-4.1
+16384:64:1:44:M*: FreeBSD:2.0-2.2::FreeBSD 2.0-4.2
+16384:64:1:44:M*: FreeBSD:3.0-3.5::FreeBSD 2.0-4.2
+16384:64:1:44:M*: FreeBSD:4.0-4.2::FreeBSD 2.0-4.2
16384:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4
1024:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4
57344:64:1:44:M*: FreeBSD:4.6-4.8:noRFC1323:FreeBSD 4.6-4.8 (no RFC1323)
-57344:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.6-4.8::FreeBSD 4.6-4.8
+57344:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.6-4.9::FreeBSD 4.6-4.9
-32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X)
+32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.11::FreeBSD 4.8-5.1 (or MacOS X)
32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:4.7-4.9::FreeBSD 4.7-5.1
-65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.7-5.1
+65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.11::FreeBSD 4.8-5.2 (or MacOS X)
+65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.2::FreeBSD 4.8-5.2 (or MacOS X)
+65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:4.7-4.11::FreeBSD 4.7-5.2
+65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:5.0-5.2::FreeBSD 4.7-5.2
# XXX need quirks support
-# 65535:64:1:60:M*,N,W0,N,N,T:Z:FreeBSD:5.1-current (1)
-# 65535:64:1:60:M*,N,W1,N,N,T:Z:FreeBSD:5.1-current (2)
-# 65535:64:1:60:M*,N,W2,N,N,T:Z:FreeBSD:5.1-current (3)
+# 65535:64:1:60:M*,N,W0,N,N,T:Z:FreeBSD:5.1-5.4::5.1-current (1)
+# 65535:64:1:60:M*,N,W1,N,N,T:Z:FreeBSD:5.1-5.4::5.1-current (2)
+# 65535:64:1:60:M*,N,W2,N,N,T:Z:FreeBSD:5.1-5.4::5.1-current (3)
+# 65535:64:1:44:M*:Z:FreeBSD:5.2::FreeBSD 5.2 (no RFC1323)
# 16384:64:1:60:M*,N,N,N,N,N,N,T:FreeBSD:4.4:noTS:FreeBSD 4.4 (w/o timestamps)
@@ -297,12 +299,12 @@
# ----------------- OpenBSD -----------------
16384:64:0:60:M*,N,W0,N,N,T: OpenBSD:2.6::NetBSD 1.3 (or OpenBSD 2.6)
-16384:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.5::OpenBSD 3.0-3.5
-16384:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.5:no-df:OpenBSD 3.0-3.5 (scrub no-df)
-57344:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.5::OpenBSD 3.3-3.5
-57344:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.5:no-df:OpenBSD 3.3-3.5 (scrub no-df)
+16384:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-4.0::OpenBSD 3.0-4.0
+16384:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-4.0:no-df:OpenBSD 3.0-4.0 (scrub no-df)
+57344:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-4.0::OpenBSD 3.3-4.0
+57344:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-4.0:no-df:OpenBSD 3.3-4.0 (scrub no-df)
-65535:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.5:opera:OpenBSD 3.0-3.5 (Opera)
+65535:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-4.0:opera:OpenBSD 3.0-4.0 (Opera)
# ----------------- Solaris -----------------
@@ -317,7 +319,8 @@
4096:64:0:44:M1460: SunOS:4.1::SunOS 4.1.x
-S34:64:1:52:M*,N,W0,N,N,S: Solaris:10::Solaris 10 (beta)
+S34:64:1:52:M*,N,W0,N,N,S: Solaris:10:beta:Solaris 10 (beta)
+32850:64:1:64:M*,N,N,T,N,W1,N,N,S: Solaris:10::Solaris 10 1203
# ----------------- IRIX --------------------
@@ -329,6 +332,9 @@
61440:64:0:48:M*,N,N,S: IRIX:6.5:12-21:IRIX 6.5.12 - 6.5.21
49152:64:0:48:M*,N,N,S: IRIX:6.5:15-21:IRIX 6.5.15 - 6.5.21
+49152:60:0:64:M*,N,W2,N,N,T,N,N,S: IRIX:6.5:IP27:IRIX 6.5 IP27
+
+
# ----------------- Tru64 -------------------
32768:64:1:48:M*,N,W0: Tru64:4.0::Tru64 4.0 (or OS/2 Warp 4)
@@ -428,6 +434,11 @@
16384:128:1:52:M536,N,W0,N,N,S: Windows:2000:ZoneAlarm:Windows 2000 w/ZoneAlarm?
2048:255:0:40:.: Windows:.NET::Windows .NET Enterprise Server
+44620:64:0:48:M*,N,N,S: Windows:ME::Windows ME no SP (?)
+S6:255:1:48:M536,N,N,S: Windows:95:winsock2:Windows 95 winsock 2
+32768:32:1:52:M1460,N,W0,N,N,S: Windows:2003:AS:Windows 2003 AS
+
+
# No need to be more specific, it passes:
# *:128:1:48:M*,N,N,S:U:-Windows:XP/2000 while downloading (leak!) XXX quirk
# there is an equiv similar generic sig w/o the quirk
@@ -442,7 +453,6 @@
# Whoa. Hardcore WSS.
0:64:0:48:M*,W0,N: HP-UX:B.11.00:A:HP-UX B.11.00 A (RFC1323)
-
# ----------------- RiscOS ------------------
# We don't yet support the ?12 TCP option
@@ -453,6 +463,7 @@
# 4096:64:1:56:M1460,N,N,T:T: RISC OS:3.70:freenet:RISC OS 3.70 freenet 2.00
+
# ----------------- BSD/OS ------------------
# Once again, power of two WSS is also shared by MacOS X with DF set
@@ -466,6 +477,7 @@
# ---------------- NeXTSTEP -----------------
+S4:64:0:44:M1024: NeXTSTEP:3.3::NeXTSTEP 3.3
S8:64:0:44:M512: NeXTSTEP:3.3::NeXTSTEP 3.3
# ------------------ BeOS -------------------
@@ -501,15 +513,18 @@
# ----------------- SCO ------------------
S3:64:1:60:M1460,N,W0,N,N,T: SCO:UnixWare:7.1:SCO UnixWare 7.1
+S17:64:1:60:M1380,N,W0,N,N,T: SCO:UnixWare:7.1:SCO UnixWare 7.1.3 MP3
S23:64:1:44:M1380: SCO:OpenServer:5.0:SCO OpenServer 5.0
# ------------------- DOS -------------------
2048:255:0:44:M536: DOS:WATTCP:1.05:DOS Arachne via WATTCP/1.05
+T2:255:0:44:M984: DOS:WATTCP:1.05Arachne:Arachne via WATTCP/1.05 (eepro)
# ------------------ OS/2 -------------------
S56:64:0:44:M512: OS/2:4::OS/2 4
+28672:64:0:44:M1460: OS/2:4::OS/2 Warp 4.0
# ----------------- TOPS-20 -----------------
@@ -517,6 +532,10 @@
# XXX QUIRK 0:64:0:44:M1460:A:TOPS-20:version 7
0:64:0:44:M1460: TOPS-20:7::TOPS-20 version 7
+# ----------------- FreeMiNT ----------------
+
+S44:255:0:44:M536: FreeMiNT:1:16A:FreeMiNT 1 patch 16A (Atari)
+
# ------------------ AMIGA ------------------
# XXX TCP option 12
@@ -539,7 +558,6 @@
S12:64:1:44:M1460: @Checkpoint:::Checkpoint (unknown 1)
S12:64:1:48:N,N,S,M1460: @Checkpoint:::Checkpoint (unknown 2)
4096:32:0:44:M1460: ExtremeWare:4.x::ExtremeWare 4.x
-60352:64:0:52:M1460,N,W2,N,N,S: Clavister:7::Clavister firewall 7.x
# XXX TCP option 12
# S32:64:0:68:M512,N,W0,N,N,T,N,N,?12:.:Nokia:IPSO w/Checkpoint NG FP3
@@ -549,6 +567,9 @@
8192:64:1:44:M1460: Eagle:::Eagle Secure Gateway
+S52:128:1:48:M1260,N,N,N,N: LinkSys:WRV54G::LinkSys WRV54G VPN router
+
+
# ------- Switches and other stuff ----------
@@ -581,6 +602,10 @@
16384:255:0:40:.: Proxyblocker:::Proxyblocker (what's this?)
+65535:255:0:48:M*,N,N,S: Redline:::Redline T|X 2200
+
+32696:128:0:40:M1460: Spirent:Avalanche::Spirent Web Avalanche HTTP benchmarking engine
+
# ----------- Embedded systems --------------
S9:255:0:44:M536: PalmOS:Tungsten:C:PalmOS Tungsten C
@@ -589,10 +614,15 @@
S4:255:0:44:M536: PalmOS:3:5:PalmOS 3.5
2948:255:0:44:M536: PalmOS:3:5:PalmOS 3.5.3 (Handera)
S29:255:0:44:M536: PalmOS:5::PalmOS 5.0
+16384:255:0:44:M1398: PalmOS:5.2:Clie:PalmOS 5.2 (Clie)
+S14:255:0:44:M1350: PalmOS:5.2:Treo:PalmOS 5.2.1 (Treo)
S23:64:1:64:N,W1,N,N,T,N,N,S,M1460: SymbianOS:7::SymbianOS 7
-8192:255:0:44:M1460: SymbianOS:6048::SymbianOS 6048 (on Nokia 7650?)
-8192:255:0:44:M536: SymbianOS:::SymbianOS (on Nokia 9210?)
+
+8192:255:0:44:M1460: SymbianOS:6048::Symbian OS 6048 (Nokia 7650?)
+8192:255:0:44:M536: SymbianOS:9210::Symbian OS (Nokia 9210?)
+S22:64:1:56:M1460,T,S: SymbianOS:P800::Symbian OS ? (SE P800?)
+S36:64:1:56:M1360,T,S: SymbianOS:6600::Symbian OS 60xx (Nokia 6600?)
# Perhaps S4?
@@ -608,8 +638,8 @@
S12:64:0:44:M1452: AXIS:5600:v5.64:AXIS Printer Server 5600 v5.64
+3100:32:1:44:M1460: Windows:CE:2.0:Windows CE 2.0
-
####################
# Fancy signatures #
####################
@@ -619,11 +649,23 @@
3072:64:0:40:.: *NMAP:syn scan:3:NMAP syn scan (3)
4096:64:0:40:.: *NMAP:syn scan:4:NMAP syn scan (4)
+# Requires quirks support
+# 1024:64:0:40:.:A:*NMAP:TCP sweep probe (1)
+# 2048:64:0:40:.:A:*NMAP:TCP sweep probe (2)
+# 3072:64:0:40:.:A:*NMAP:TCP sweep probe (3)
+# 4096:64:0:40:.:A:*NMAP:TCP sweep probe (4)
+
1024:64:0:60:W10,N,M265,T: *NMAP:OS:1:NMAP OS detection probe (1)
2048:64:0:60:W10,N,M265,T: *NMAP:OS:2:NMAP OS detection probe (2)
3072:64:0:60:W10,N,M265,T: *NMAP:OS:3:NMAP OS detection probe (3)
4096:64:0:60:W10,N,M265,T: *NMAP:OS:4:NMAP OS detection probe (4)
+32767:64:0:40:.: *NAST:::NASTsyn scan
+
+# Requires quirks support
+# 12345:255:0:40:.:A:-p0f:sendsyn utility
+
+
#####################################
# Generic signatures - just in case #
#####################################
@@ -633,6 +675,8 @@
*:128:1:52:M*,N,W0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
*:128:1:52:M*,N,W0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
+*:128:1:52:M*,N,W*,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
+*:128:1:52:M*,N,W*,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323)
*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323)
*:128:1:64:M*,N,W*,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP (RFC1323, w+)
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/rc.d/ppp#2 (text+ko) ====
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $FreeBSD: src/etc/rc.d/ppp,v 1.11 2005/10/29 05:00:25 yar Exp $
+# $FreeBSD: src/etc/rc.d/ppp,v 1.12 2006/10/26 00:29:43 avatar Exp $
#
# PROVIDE: ppp
@@ -40,9 +40,10 @@
ppp_postcmd()
{
- # Re-Sync ipfilter so it picks up any new network interfaces
+ # Re-Sync ipfilter and pf so they pick up any new network interfaces
#
/etc/rc.d/ipfilter resync
+ /etc/rc.d/pf resync
}
load_rc_config $name
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/etc/rc.firewall#2 (text+ko) ====
@@ -23,7 +23,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# $FreeBSD: src/etc/rc.firewall,v 1.48 2005/11/18 02:23:59 ume Exp $
+# $FreeBSD: src/etc/rc.firewall,v 1.49 2006/10/28 20:08:12 phk Exp $
#
#
@@ -42,12 +42,14 @@
############
# Define the firewall type in /etc/rc.conf. Valid values are:
-# open - will allow anyone in
-# client - will try to protect just this machine
-# simple - will try to protect a whole network
-# closed - totally disables IP services except via lo0 interface
-# UNKNOWN - disables the loading of firewall rules.
-# filename - will load the rules in the given filename (full path required)
+# open - will allow anyone in
+# client - will try to protect just this machine
+# simple - will try to protect a whole network
+# closed - totally disables IP services except via lo0 interface
+# workstation - will try to protect just this machine using statefull
+# firewalling. See below for rc.conf variables used
+# UNKNOWN - disables the loading of firewall rules.
+# filename - will load the rules in the given filename (full path required)
#
# For ``client'' and ``simple'' the entries below should be customized
# appropriately.
@@ -107,6 +109,8 @@
#
${fwcmd} -f flush
+setup_loopback
+
############
# Network Address Translation. All packets are passed to natd(8)
# before they encounter your remaining rules. The firewall rules
@@ -140,7 +144,6 @@
#
case ${firewall_type} in
[Oo][Pp][Ee][Nn])
- setup_loopback
${fwcmd} add 65000 pass all from any to any
;;
@@ -155,8 +158,6 @@
mask="255.255.255.0"
ip="192.0.2.1"
- setup_loopback
-
# Allow any traffic to or from my own net.
${fwcmd} add pass all from ${ip} to ${net}:${mask}
${fwcmd} add pass all from ${net}:${mask} to ${ip}
@@ -168,19 +169,19 @@
${fwcmd} add pass all from any to any frag
# Allow setup of incoming email
- ${fwcmd} add pass tcp from any to ${ip} 25 setup
+ ${fwcmd} add pass tcp from any to me 25 setup
# Allow setup of outgoing TCP connections only
- ${fwcmd} add pass tcp from ${ip} to any setup
+ ${fwcmd} add pass tcp from me to any setup
# Disallow setup of all other TCP connections
${fwcmd} add deny tcp from any to any setup
# Allow DNS queries out in the world
- ${fwcmd} add pass udp from ${ip} to any 53 keep-state
+ ${fwcmd} add pass udp from me to any 53 keep-state
# Allow NTP queries out in the world
- ${fwcmd} add pass udp from ${ip} to any 123 keep-state
+ ${fwcmd} add pass udp from me to any 123 keep-state
# Everything else is denied by default, unless the
# IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel
@@ -206,8 +207,6 @@
imask="255.255.255.240"
iip="192.0.2.17"
- setup_loopback
-
# Stop spoofing
${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif}
${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif}
@@ -289,8 +288,100 @@
# config file.
;;
+[Ww][Oo][Rr][Kk][Ss][Tt][Aa][Tt][Ii][Oo][Nn])
+ # Configuration:
+ # firewall_myservices: List of TCP ports on which this host
+ # offers services.
+ # firewall_allowservices: List of IPs which has access to
+ # $firewall_myservices.
+ # firewall_trusted: List of IPs which has full access
+ # to this host. Be very carefull
+ # when setting this. This option can
+ # seriously degrade the level of
+ # protection provided by the firewall.
+ # firewall_logdeny: Boolean (YES/NO) specifying if the
+ # default denied packets should be
+ # logged (in /var/log/security).
+ # firewall_nologports: List of TCP/UDP ports for which
+ # denied incomming packets are not
+ # logged.
+
+ # Allow packets for which a state has been built.
+ ${fwcmd} add check-state
+
+ # For services permitted below.
+ ${fwcmd} add pass tcp from me to any established
+
+ # Allow any connection out, adding state for each.
+ ${fwcmd} add pass tcp from me to any setup keep-state
+ ${fwcmd} add pass udp from me to any keep-state
+ ${fwcmd} add pass icmp from me to any keep-state
+
+ # Allow DHCP.
+ ${fwcmd} add pass udp from 0.0.0.0 68 to 255.255.255.255 67 out
+ ${fwcmd} add pass udp from any 67 to me 68 in
+ ${fwcmd} add pass udp from any 67 to 255.255.255.255 68 in
+ # Some servers will ping the IP while trying to decide if it's
+ # still in use.
+ ${fwcmd} add pass icmp from any to any icmptype 8
+
+ # Allow "mandatory" ICMP in.
+ ${fwcmd} add pass icmp from any to any icmptype 3,4,11
+
+ # Add permits for this workstations published services below
+ # Only IPs and nets in firewall_allowservices is allowed in.
+ # If you really wish to let anyone use services on your
+ # workstation, then set "firewall_allowservices='any'" in /etc/rc.conf
+ #
+ # Note: We don't use keep-state as that would allow DoS of
+ # our statetable.
+ # You can add 'keep-state' to the lines for slightly
+ # better performance if you fell that DoS of your
+ # workstation won't be a problem.
+ #
+ for i in ${firewall_allowservices} ; do
+ for j in ${firewall_myservices} ; do
+ ${fwcmd} add pass tcp from $i to me $j
+ done
+ done
+
+ # Allow all connections from trusted IPs.
+ # Playing with the content of firewall_trusted could seriously
+ # degrade the level of protection provided by the firewall.
+ for i in ${firewall_trusted} ; do
+ ${fwcmd} add pass ip from $i to me
+ done
+
+ ${fwcmd} add 65000 count ip from any to any
+
+ # Drop packets to ports where we don't want logging
+ for i in ${firewall_nologports} ; do
+ ${fwcmd} add deny { tcp or udp } from any to any $i in
+ done
+
+ # Broadcasts and muticasts
+ ${fwcmd} add deny ip from any to 255.255.255.255
+ ${fwcmd} add deny ip from any to 224.0.0.0/24 in # XXX
+
+ # Noise from routers
+ ${fwcmd} add deny udp from any to any 520 in
+
+ # Noise from webbrowsing.
+ # The statefull filter is a bit agressive, and will cause some
+ # connection teardowns to be logged.
+ ${fwcmd} add deny tcp from any 80,443 to any 1024-65535 in
+
+ # Deny and (if wanted) log the rest unconditionally.
+ log=""
+ if [ ${firewall_logdeny:-x} = "YES" -o ${firewall_logdeny:-x} = "yes" ] ; then
+ log="log logamount 500" # The default of 100 is too low.
+ sysctl net.inet.ip.fw.verbose=1 >/dev/null
+ fi
+ ${fwcmd} add deny $log ip from any to any
+ ;;
+
[Cc][Ll][Oo][Ss][Ee][Dd])
- setup_loopback
+ ${fwcmd} add 65000 deny ip from any to any
;;
[Uu][Nn][Kk][Nn][Oo][Ww][Nn])
;;
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/gmon/Makefile.inc#2 (text+ko) ====
@@ -1,5 +1,5 @@
# from @(#)Makefile.inc 8.1 (Berkeley) 6/4/93
-# $FreeBSD: src/lib/libc/gmon/Makefile.inc,v 1.11 2006/03/13 01:14:56 deischen Exp $
+# $FreeBSD: src/lib/libc/gmon/Makefile.inc,v 1.12 2006/10/28 13:34:35 bde Exp $
# gmon sources
.PATH: ${.CURDIR}/gmon
@@ -12,12 +12,6 @@
MLINKS+=moncontrol.3 monstartup.3
-.if ${MACHINE_ARCH} == amd64
-# mcount needs to be compiled with frame pointers and without profiling
-mcount.po: mcount.c
- ${CC} ${CFLAGS} -fno-omit-frame-pointer -c ${.IMPSRC} -o ${.TARGET}
-.else
# mcount cannot be compiled with profiling
mcount.po: mcount.o
cp mcount.o mcount.po
-.endif
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/net/inet.3#2 (text+ko) ====
@@ -30,7 +30,7 @@
.\" SUCH DAMAGE.
.\"
.\" From: @(#)inet.3 8.1 (Berkeley) 6/4/93
-.\" $FreeBSD: src/lib/libc/net/inet.3,v 1.30 2005/02/13 22:25:12 ru Exp $
+.\" $FreeBSD: src/lib/libc/net/inet.3,v 1.31 2006/10/28 13:05:10 ru Exp $
.\"
.Dd June 14, 2004
.Dt INET 3
@@ -299,5 +299,7 @@
.Fn inet_ntoa
resides in a static memory area.
.Pp
-Inet_addr should return a
+The
+.Fn inet_addr
+function should return a
.Fa struct in_addr .
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/resolv/res_send.c#2 (text) ====
@@ -70,10 +70,10 @@
#if defined(LIBC_SCCS) && !defined(lint)
static const char sccsid[] = "@(#)res_send.c 8.1 (Berkeley) 6/4/93";
-static const char rcsid[] = "$Id: res_send.c,v 1.5.2.2.4.7 2005/08/15 02:04:41 marka Exp $";
+static const char rcsid[] = "$Id: res_send.c,v 1.5.2.2.4.8 2006/03/08 04:13:31 marka Exp $";
#endif /* LIBC_SCCS and not lint */
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/lib/libc/resolv/res_send.c,v 1.3 2006/08/04 12:26:07 ume Exp $");
+__FBSDID("$FreeBSD: src/lib/libc/resolv/res_send.c,v 1.4 2006/10/24 14:41:43 ume Exp $");
/*
* Send query to name server and wait for reply.
@@ -145,7 +145,7 @@
int kq,
#endif
const u_char *, int,
- u_char *, int, int *, int,
+ u_char *, int, int *, int, int,
int *, int *);
static void Aerror(const res_state, FILE *, const char *, int,
const struct sockaddr *, int);
@@ -490,7 +490,7 @@
kq,
#endif
buf, buflen, ans, anssiz, &terrno,
- ns, &v_circuit, &gotsomewhere);
+ ns, try, &v_circuit, &gotsomewhere);
if (n < 0)
goto fail;
if (n == 0)
@@ -812,8 +812,9 @@
#ifdef USE_KQUEUE
int kq,
#endif
- const u_char *buf, int buflen, u_char *ans, int anssiz,
- int *terrno, int ns, int *v_circuit, int *gotsomewhere)
+ const u_char *buf, int buflen, u_char *ans,
+ int anssiz, int *terrno, int ns, int try, int *v_circuit,
+ int *gotsomewhere)
{
const HEADER *hp = (const HEADER *) buf;
HEADER *anhp = (HEADER *) ans;
@@ -914,7 +915,7 @@
/*
* Wait for reply.
*/
- seconds = (statp->retrans << ns);
+ seconds = (statp->retrans << try);
if (ns > 0)
seconds /= statp->nscount;
if (seconds <= 0)
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/libc/stdio/xprintf.c#3 (text+ko) ====
@@ -30,7 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/lib/libc/stdio/xprintf.c,v 1.4 2006/10/21 11:49:07 kib Exp $
+ * $FreeBSD: src/lib/libc/stdio/xprintf.c,v 1.5 2006/10/23 07:25:25 kib Exp $
*/
#include <namespace.h>
@@ -261,7 +261,7 @@
static int
-__v2printf(FILE *fp, const char *fmt0, unsigned pct, const va_list ap1)
+__v2printf(FILE *fp, const char *fmt0, unsigned pct, va_list ap)
{
struct printf_info *pi, *pil;
const char *fmt;
@@ -274,9 +274,7 @@
int ret = 0;
int n;
struct __printf_io io;
- va_list ap;
- va_copy(ap, ap1);
__printf_init(&io);
io.fp = fp;
@@ -563,7 +561,6 @@
errx(1, "render[%c] = NULL", *fmt);
}
__printf_flush(&io);
- va_end(ap);
return (ret);
}
==== //depot/projects/soc2006/nss_ldap_cached_no_nss_ldap/src/lib/nss_ldap/ldap_group.c#2 (text+ko) ====
@@ -28,13 +28,15 @@
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
-
+
+#include <sys/param.h>
#include <assert.h>
#include <errno.h>
#include <nsswitch.h>
#include <ldap.h>
#include <grp.h>
#include <stringlist.h>
+#include "hashtable.h"
#include "ldapconn.h"
#include "ldapschema.h"
#include "ldapsearch.h"
@@ -43,9 +45,40 @@
#include "ldapconf.h"
#include "nss_ldap.h"
+#define NSS_LDAP_MAP_GROUP_HASH_ENTRY_INITIAL_SIZE (8)
+#define NSS_LDAP_MAP_GROUP_HASH_SIZE (127)
+#define NSS_LDAP_MAP_GROUP_DN_PROCESS_NESTED_FLAG (1)
+#define NSS_LDAP_MAP_GROUP_DN_USE_CACHE_FLAG (1 << 1)
+#define NSS_LDAP_MAP_GROUP_DN_USE_RDN_FLAG (1 << 2)
+
+struct mapped_group {
+ char *dn;
+};
+
+struct __mg_he {
+ HASHTABLE_ENTRY_HEAD(__mg_he_item, struct mapped_group) data;
+};
+
+struct map_group_dn_request {
+ StringList *next_requests;
+ HASHTABLE_HEAD(__mg_ht, __mg_he) groups;
+ int flags;
+};
+
+static int __mg_ht_item_cmp_func(const void *, const void *);
+static hashtable_index_t __mg_ht_item_hash_func(const void *, size_t);
+HASHTABLE_PROTOTYPE(__mg_ht, __mg_he, struct mapped_group);
+static int nss_ldap_map_group_dn(struct nss_ldap_search_context *,
+ char const *, char **, size_t *, char *, size_t, void *);
+static int nss_ldap_parse_nested_group(struct nss_ldap_search_context *,
+ char const *, struct map_group_dn_request *, char ***, size_t *,
+ size_t *, char *, size_t);
+
static int nss_ldap_parse_group(struct nss_ldap_parse_context *);
-static int ldap_getgrnam_r(const char *, struct group *, char *, size_t,
+//static int ldap_getgrnam_r(const char *, struct group *, char *, size_t,
+// struct group **);
+int ldap_getgrnam_r(const char *, struct group *, char *, size_t,
struct group **);
static int ldap_getgrgid_r(gid_t, struct group *, char *, size_t,
struct group **);
@@ -53,96 +86,404 @@
static void ldap_setgrent();
static int
-nss_ldap_parse_group(struct nss_ldap_parse_context *pctx)
+__mg_ht_item_cmp_func(const void *p1, const void *p2)
+{
+
+ return (strcmp(
+ ((struct mapped_group *)p1)->dn,
+ ((struct mapped_group *)p2)->dn));
+
+}
+
+static hashtable_index_t
+__mg_ht_item_hash_func(const void *p, size_t cache_entries_size)
+{
+ struct mapped_group const *mg;
+ size_t i, len;
+ hashtable_index_t retval;
+
+ mg = p;
+ assert(mg->dn != NULL);
+
+ len = strlen(mg->dn);
+ retval = 0;
+ for (i = 0; i < len; ++i)
+ retval = (127 * retval + (unsigned char)mg->dn[i]) %
+ cache_entries_size;
+
+ return retval;
+}
+
+HASHTABLE_GENERATE(__mg_ht, __mg_he, struct mapped_group, data,
+ __mg_ht_item_hash_func, __mg_ht_item_cmp_func);
+
+static int
+nss_ldap_map_group_dn(struct nss_ldap_search_context *ctx, char const *dn,
+ char **res, size_t *res_size, char *buf, size_t bufsize, void *mdata)
{
- struct nss_ldap_schema *schema;
- struct nss_ldap_search_context *sctx;
- struct group *grp;
- char *buf;
- size_t buflen;
- size_t len, memlen;
+ struct nss_ldap_search_request sreq;
+ struct mapped_group new_mg;
+ struct nss_ldap_search_context *newctx;
+ struct map_group_dn_request *req;
+ char **cp;
+ char const *uid_attr, *gid_attr;
+ struct mapped_group *hash_entry_data;
+ struct __mg_he *hash_entry;
+ hashtable_index_t hash;
int rv;
- assert(pctx != NULL);
+ assert(ctx != NULL);
+ assert(dn != NULL);
+ assert(res != NULL);
+ assert(res_size != NULL);
+ assert(buf != NULL);
+ assert(mdata != NULL);
+
+ //printf("__ %s %d %s\n", __FILE__, __LINE__, dn);
+
+ req = mdata;
+ newctx = NULL;
+
+
+ memset(&new_mg, 0, sizeof(new_mg));
+ new_mg.dn = (char *)dn;
+
+ hash = HASHTABLE_CALCULATE_HASH(__mg_ht, &req->groups, &new_mg);
+ assert(hash > 0);
+ assert(hash < HASHTABLE_ENTRIES_COUNT(&req->groups));
+
+ hash_entry = HASHTABLE_GET_ENTRY(&req->groups, hash);
+ hash_entry_data = HASHTABLE_ENTRY_FIND(__mg_ht, hash_entry,
+ &new_mg);
+ if (hash_entry_data != NULL) {
+ rv = NSS_LDAP_SUCCESS;
+ *res_size = 0;
+ //printf("__ %s %d\n", __FILE__, __LINE__);
+ goto fin;
+ }
+
+ memset(&sreq, 0, sizeof(sreq));
+ sreq.scope = LDAP_SCOPE_BASE;
+ sreq.filter = "(objectClass=*)";
+ sreq.search_base = (char *)dn;
+
+ uid_attr = _ATM(&ctx->conf->schema, PASSWD, uid);
+ gid_attr = _ATM(&ctx->conf->schema, GROUP, gidNumber);
+ sreq.attributes = sl_init();
+ rv = sl_add(sreq.attributes, (char *)uid_attr);
+ if (rv == -1) {
+ rv = NSS_LDAP_MEMORY_ERROR;
+ goto fin;
+ }
+
+ rv = sl_add(sreq.attributes, (char *)gid_attr);
+ if (rv == -1) {
+ rv = NSS_LDAP_MEMORY_ERROR;
+ goto fin;
+ }
+
+ rv = sl_add(sreq.attributes, "objectClass");
+ if (rv == -1) {
+ rv = NSS_LDAP_MEMORY_ERROR;
+ goto fin;
+ }
+
+ rv = sl_add(sreq.attributes, NULL);
+ if (rv == -1) {
+ rv = NSS_LDAP_MEMORY_ERROR;
+ goto fin;
+ }
+
+// printf("__ %s %d\n", __FILE__, __LINE__);
+ newctx = __nss_ldap_start_search(&__nss_ldap_conf->search_method,
+ ctx->conn, ctx->conf, &sreq);
+// printf("__ %s %d\n", __FILE__, __LINE__);
+ sl_free(sreq.attributes, 0);
+ sreq.attributes = NULL; /* just in case */
-/* int start, end;
- int res;
- printf("1\n");
- res = __nss_ldap_parse_range("member;range=1-*", &start, &end);
- printf("res: %d, start: %d, end: %d\n", res, start, end);
+ if (newctx == NULL) {
+ rv = NSS_LDAP_SUCCESS;
+ *res_size = 0;
+ goto fin2;
+ }
- printf("2\n");
- res = __nss_ldap_parse_range("member;range=134-100", &start, &end);
- printf("res: %d, start: %d, end: %d\n", res, start, end);
+ rv = __nss_ldap_search_next(&__nss_ldap_conf->search_method,
+ newctx);
+ if (rv != NSS_LDAP_SUCCESS) {
+ rv = NSS_LDAP_SUCCESS;
+ *res_size = 0;
+ goto fin2;
+ }
+
+ new_mg.dn = strdup(dn);
+ if (new_mg.dn == NULL) {
+ rv = NSS_LDAP_MEMORY_ERROR;
+ goto fin2;
+ }
+
+ if (__nss_ldap_check_oc(newctx, _OC(&ctx->conf->schema, posixGroup)) ==
+ NSS_LDAP_SUCCESS) {
+
+ rv = sl_add(req->next_requests, new_mg.dn);
+ if (rv == -1) {
+ free(new_mg.dn);
+ rv = NSS_LDAP_MEMORY_ERROR;
+ goto fin2;
+ }
- printf("3\n");
- res = __nss_ldap_parse_range("member;range=-*", &start, &end);
- printf("res: %d, start: %d, end: %d\n", res, start, end);
+ rv = NSS_LDAP_SUCCESS;
+ *res_size = 0;
+ } else {
+ rv = __nss_ldap_assign_attr_str(newctx, uid_attr, res,
+ res_size, buf, bufsize);
- printf("4\n");
- res = __nss_ldap_parse_range("member;range=1-", &start, &end);
- printf("res: %d, start: %d, end: %d\n", res, start, end);
+ rv = HASHTABLE_ENTRY_STORE(__mg_ht, hash_entry, &new_mg);
+ if (rv == -1) {
+ free(new_mg.dn);
+ rv = NSS_LDAP_MEMORY_ERROR;
+ } else
+ rv = NSS_LDAP_SUCCESS;
+ }
+
+fin:
+ if (sreq.attributes != NULL)
+ sl_free(sreq.attributes, 0);
+
+fin2:
+ if (newctx != NULL)
+ __nss_ldap_end_search(&__nss_ldap_conf->search_method, newctx);
+
+ return (rv);
+}
- printf("5\n");
- res = __nss_ldap_parse_range("member;range=*-*", &start, &end);
- printf("res: %d, start: %d, end: %d\n", res, start, end);
+static int
+nss_ldap_parse_nested_group(struct nss_ldap_search_context *ctx,
+ char const *dn, struct map_group_dn_request *dnreq, char ***res,
+ size_t *res_size, size_t *len, char *buf, size_t bufsize)
+{
+ struct nss_ldap_search_request sreq;
+ struct nss_ldap_search_context *newctx;
+ int rv;
+
+ //printf("__ %s %d %s\n", __FILE__, __LINE__, dn);
+ memset(&sreq, 0, sizeof(sreq));
+ sreq.scope = LDAP_SCOPE_BASE;
+ sreq.filter = "(objectClass=*)";
+ sreq.search_base = (char *)dn;
+
+ //printf("__ %s %d\n", __FILE__, __LINE__);
+ newctx = __nss_ldap_start_search(&__nss_ldap_conf->search_method,
+ ctx->conn, ctx->conf, &sreq);
+ if (newctx == NULL)
+ return (NSS_LDAP_CONNECTION_ERROR);
+
+ //printf("__ %s %d\n", __FILE__, __LINE__);
+ rv = __nss_ldap_search_next(&__nss_ldap_conf->search_method,
+ newctx);
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the p4-projects
mailing list