diff options
author | Andrew Tridgell <tridge@samba.org> | 2005-09-30 23:46:41 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:39:16 -0500 |
commit | a788d01b871a7e5813ac3934bcb0ba33fe711aa2 (patch) | |
tree | 3bc9080afbf1878800d327234e8283f12fdc0824 /source4/lib/ldb | |
parent | b1ee0c2fa4c4e0a044694a03002dbe320ec8977e (diff) | |
download | samba-a788d01b871a7e5813ac3934bcb0ba33fe711aa2.tar.gz samba-a788d01b871a7e5813ac3934bcb0ba33fe711aa2.tar.bz2 samba-a788d01b871a7e5813ac3934bcb0ba33fe711aa2.zip |
r10666: - reverse the ildap ldb backend so tree based searches go through
directly, and expression based searches are converted to trees. This
makes for less conversions.
- allow the caller to supply a set of credentials via the ldb opaque
name 'credentials'. I will be using this in my ldb proxy module.
(This used to be commit af24f3d7faac6ef74feef73a23345d8c484da07c)
Diffstat (limited to 'source4/lib/ldb')
-rw-r--r-- | source4/lib/ldb/ldb_ildap/ldb_ildap.c | 50 |
1 files changed, 28 insertions, 22 deletions
diff --git a/source4/lib/ldb/ldb_ildap/ldb_ildap.c b/source4/lib/ldb/ldb_ildap/ldb_ildap.c index 499ce054d0..5ea49a8216 100644 --- a/source4/lib/ldb/ldb_ildap/ldb_ildap.c +++ b/source4/lib/ldb/ldb_ildap/ldb_ildap.c @@ -125,11 +125,11 @@ static int ildb_delete(struct ldb_module *module, const struct ldb_dn *dn) static void ildb_rootdse(struct ldb_module *module); /* - search for matching records + search for matching records using a ldb_parse_tree */ -static int ildb_search(struct ldb_module *module, const struct ldb_dn *base, - enum ldb_scope scope, const char *expression, - const char * const *attrs, struct ldb_message ***res) +static int ildb_search_bytree(struct ldb_module *module, const struct ldb_dn *base, + enum ldb_scope scope, struct ldb_parse_tree *tree, + const char * const *attrs, struct ldb_message ***res) { struct ildb_private *ildb = module->private_data; int count, i; @@ -158,12 +158,8 @@ static int ildb_search(struct ldb_module *module, const struct ldb_dn *base, return -1; } - if (expression == NULL || expression[0] == '\0') { - expression = "objectClass=*"; - } - - ildb->last_rc = ildap_search(ildb->ldap, search_base, scope, expression, attrs, - 0, &ldapres); + ildb->last_rc = ildap_search_bytree(ildb->ldap, search_base, scope, tree, attrs, + 0, &ldapres); talloc_free(search_base); if (!NT_STATUS_IS_OK(ildb->last_rc)) { ldb_set_errstring(module, talloc_strdup(module, ldap_errstr(ildb->ldap, ildb->last_rc))); @@ -217,22 +213,25 @@ failed: /* - search for matching records using a ldb_parse_tree + search for matching records */ -static int ildb_search_bytree(struct ldb_module *module, const struct ldb_dn *base, - enum ldb_scope scope, struct ldb_parse_tree *tree, - const char * const *attrs, struct ldb_message ***res) +static int ildb_search(struct ldb_module *module, const struct ldb_dn *base, + enum ldb_scope scope, const char *expression, + const char * const *attrs, struct ldb_message ***res) { struct ildb_private *ildb = module->private_data; - char *expression; int ret; + struct ldb_parse_tree *tree; - expression = ldb_filter_from_tree(ildb, tree); - if (expression == NULL) { - return -1; + if (expression == NULL || expression[0] == '\0') { + expression = "objectClass=*"; } - ret = ildb_search(module, base, scope, expression, attrs, res); - talloc_free(expression); + + tree = ldb_parse_tree(ildb, expression); + + ret = ildb_search_bytree(module, base, scope, tree, attrs, res); + + talloc_free(tree); return ret; } @@ -428,6 +427,7 @@ int ildb_connect(struct ldb_context *ldb, const char *url, { struct ildb_private *ildb = NULL; NTSTATUS status; + struct cli_credentials *creds; ildb = talloc(ldb, struct ildb_private); if (!ildb) { @@ -460,8 +460,14 @@ int ildb_connect(struct ldb_context *ldb, const char *url, ldb->modules->private_data = ildb; ldb->modules->ops = &ildb_ops; - if (cmdline_credentials != NULL && cli_credentials_authentication_requested(cmdline_credentials)) { - status = ldap_bind_sasl(ildb->ldap, cmdline_credentials); + /* caller can optionally setup credentials using the opaque token 'credentials' */ + creds = ldb_get_opaque(ldb, "credentials"); + if (creds == NULL) { + creds = cmdline_credentials; + } + + if (creds != NULL && cli_credentials_authentication_requested(creds)) { + status = ldap_bind_sasl(ildb->ldap, creds); if (!NT_STATUS_IS_OK(status)) { ldb_debug(ldb, LDB_DEBUG_ERROR, "Failed to bind - %s\n", ldap_errstr(ildb->ldap, status)); |