Age | Commit message (Collapse) | Author | Files | Lines |
|
(If they are not, then due to the async code, they will cause a segfault as they reference a reclaimed portion of the stack).
Andrew Bartlett
|
|
|
|
Fixed sd creation not working on LDAP modify.
Fixed incorrect replacement of CO and CG.
Fixed incorrect access check on modify for SD modification.
Fixed failing sec_descriptor test and enabled it.
Fixed failing sd add test in ldap.python
|
|
This missing support found by Microsoft test suite at AD interop event.
Patch by Andrew Bartlett
Enhancements by Matthias Dieter Wallnöfer
|
|
|
|
The bug here was that by assuming all linked attributes were 'normal
DNs', we would miss the binary portion of DN+Binary.
This patch then has us reparse the string to determine it's GUID, for
the GUID lookup, but maintains the binary porition into the on-disk
format.
Andrew Bartlett
|
|
|
|
These changes include reworking the code to call ldb_module_get_ctx()
less often (avoid the function calls, particularly during the step
into a complex function).
Andrew Bartlett
|
|
This converts the code from using the binary DN code in ldb_dn to
using a special Samba-specfic wrapper around ldb_dn.
We also use the dsdb_dn code for DN+Binary and DN+String comparisons
(changed from treating them as Binary blobs)
Andrew Bartlett
|
|
Rather than have a repeat of the bugs we found at the plugfest where
hexidecimal strings must be in upper or lower case in particular
places, ensure that each caller chooses which case they want.
This reverts most of the callers back to upper case, as things were
before tridge's patch. The critical call in the extended DN code is
of course handled in lower case.
Andrew Bartlett
|
|
This size constraint is not correct in it's current form, as windows
does send us rDN values for CN with lengths longer than 64. Once we
know how this constraint really works we can add it back in.
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
At this point, support for checks on LDAP add, delete, rename and modify.
Old kludge_acl is still there to handle the searches.
This module is synchronous as the async version was impossible to debug,
will be converted to async after some user testing.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This allows us to change the escaping function without breaking
existing installs. The new escaping function (used for new databases)
is RFC1738 URI encoding, except for the trivial cases without special
characters.
The new databases are also placed in a subdirectory, sam.ldb.d per an
earlier suggestion by metze.
Andrew Bartlett
|
|
If we get an error ending a transaction on one partition we need to
continue on the other partitions.
|
|
This means we need to create a fake 'module' which only has a 'next'
pointer, so that we can now ldb_next_request() (which incorporates
tracing). The remainaing stub of partition_request() is retained so
that we can indicate which partition an operation is destined for.
Similar tracing is added to the transaction handlers.
Andrew Bartlett
|
|
The schema update now request is now handled above the partitions
module.
Andrew Bartlett
|
|
|
|
|
|
metze
|
|
The async code makes this really easy to mess up...
Andrew Bartlett
|
|
We again need to be careful not to call 'ldb_next_request' based functions in the partitions module.
Or, we need to instead go back to having that work, and ditch the
partition_request stuff...
Andrew Bartlett
|
|
|
|
|
|
(it didn't help that the previous allocation was on the wrong long-term context)
Andrew Bartlett
|
|
By splitting the module this way, we can load the schema at startup, after
the partitions module is operational, but we leave the 'mess with details of
entries in the partitions' module to operate only on the partitions module.
Loading the schema later allows us to set the @ATTRIBUTES correctly on all
the databases.
Andrew Bartlett
|
|
|
|
This makes the namingContext attributes in the rootDSE a little more pretty, by
using the exact same values as used in the database DNs.
Andrew Bartlett
|
|
This is needed because the work to allow existing databases to be loaded now
moves the 'you have an old @PARTITION' record to the presense or absence of
this attribute.
Andrew Bartlett
|
|
On OpenSolaris MAP_RENAME and friends are defined in <sys/mman.h> e.g. mmap and friends. So on these systems MAP_* have a meaning. Cleaned up LDB name space by adding LDB_ in front of MAP_* e.g. MAP_RENAME => LDB_MAP_RENAME
Signed-off-by: Torgeir Lerkerød <torgeir.lerkerod@gmail.com>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This should make upgrades easier
|
|
The previous code would fail if the caller used tdb:// in the URL for the
top-level database.
Andrew Bartlett
|
|
|
|
This ensures that the partition control, needed here for repl_meta_data's
internal work, is not pushed up to other callers.
Andrew Bartlett
|
|
This is a collection of fixes to allow the creation of new partitions,
as well as adding debugging that may be useful in chasing down future
failures.
Andrew Bartlett
|
|
This is no longer required, as the instancetype module is now above
repl_meta_data.
Andrew Bartlett
|
|
The problem here has been avoided in repl_meta_data, and so this is no
longer required.
Andrew Bartlett
|
|
This major rework of repl_meta_data changes it from using a static
list of partitions to a dynamic list created from the controls placed
on returned ldb results.
To process these in one place, the similar but distinct callbacks are
combined into a single replmd_op_callback(), which handles both the
'normal operation' and 'inbound replication' case.
This allows new partitions to be created, and replication events for
these new partitions to be scheduled immediately.
Also in this commit: We no longer specify the target partition for new
or modified objects - instead we allow the partitions module to use
the DN as normal. THis avoids the issue where we would create two
partition head records.
Andrew Bartlett
|
|
|
|
This means we don't return any control for modifications to the
control records in sam.ldb, but do if they modified one of the actual
data LDB files.
Andrew Bartlett
|
|
This allows one instance of LDB to add a partition, and another to use
it without first closing the database.
Andrew Bartlett
|