Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
In Samba we my store a deleted DN for a linked attribute. We must
ensure that we can't match on it, or else searches for member= will
still reveal it.
Andrew Bartlett
|
|
|
|
This allows it to be specified in either binary or as a string.
Andrew Bartlett
|
|
metze
|
|
|
|
|
|
|
|
This choses an appropriate talloc context to attach the schema too,
long enough lived to ensure it does not go away before the operation
compleates.
Andrew Bartlett
|
|
|
|
I changed "uint32_t" to "unsigned int" since the LDB specification prescrives
"unsigned (int)" for counter variables (number of attributes,
number of values...).
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Current implementation mask NDR_ errors implicitly.
Thus the caller has no opportunity handle such an error.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This makes it much easier to compare SDs
|
|
|
|
This allows for more flags in the future
|
|
The ldap.py test suite could trigger a read past the end of the struct
ldb_val buffer
|
|
We need a separate RMD_LOCAL_USN to allow us to tell what attributes
need to be sent in a getncchanges request. Thanks to Metze for
pointing this out.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
These will store linked attribute replication meta data
|
|
|
|
|
|
|
|
This converts the code from using the binary DN code in ldb_dn to
using a special Samba-specfic wrapper around ldb_dn.
We also use the dsdb_dn code for DN+Binary and DN+String comparisons
(changed from treating them as Binary blobs)
Andrew Bartlett
|
|
|
|
Rather than have a repeat of the bugs we found at the plugfest where
hexidecimal strings must be in upper or lower case in particular
places, ensure that each caller chooses which case they want.
This reverts most of the callers back to upper case, as things were
before tridge's patch. The critical call in the extended DN code is
of course handled in lower case.
Andrew Bartlett
|
|
|
|
The biggest change is that 'oid' field is transmited in binary format.
Also the field name is changed to 'binary_oid' so that
field format to be clear for callers.
After those changes, Samba4 should work the way it works before -
i.e. no added value here but we should not fail when
partial-oid is part of prefixMap transmited from Win server.
Also, thre is a bug in this patch - partial-binary-OIDs are
not handled correctly. Partial-binary-OIDs received during
replication will be encoded, but not handled correctly.
|
|
|
|
This reverts commit 38f87f40bfd7892043d49009067ae28431279580.
|
|
We would use the mem_ctx for internal work, but previously we did not
clean it up on exit.
Andrew Bartlett
|
|
|
|
|
|
print replUpToDateVector and replPropertyMetaData using NDR format if
--show-binary is given.
|
|
|
|
print security descriptors in NDR format if --show-binary is
given. This is easier to read than sddl format.
|
|
In normal usage this makes no difference, but if you add --show-binary
then you can see the NDR printed out in the usual ndr_print_*() format
|
|
|
|
Should finally fix bug #6136 ("groupType", "sAMAccountType" ... attributes).
|
|
|
|
Also allow a SDDL security descriptor, using the domain SID attached
to the session (it will search for it during the LDIF parse if need
be).
Andrew Bartlett
|
|
This job is not complete (the partition module remains a unfinished
task), but now we do use the private ldb headers much less.
Andrew Bartlett
|
|
- LDB handles now all 32-bit integer attributes correctly (also with overflows)
according to the schema
- LDAP backends handle the attributes "groupType", "userAccountControl" and
"sAMAccountType" correctly. This handling doesn't yet use the schema but
the conversion file "simple_ldap.map.c" which contains them hardcoded.
Did also a refactoring of the conversion function there.
- Bug #6136 should be gone
|
|
|
|
This is all working towards supporting the full WSPP schema without a
major performance penalty.
We now use binary searches when looking up classes and attributes. We
also avoid the loop loading the attributes into ldb, by adding a hook
to override the ldb attribute search function in a module. The
attributes can thus be loaded once, and then saved as part of the
global schema.
Also added support for a few more key attribute syntaxes, as needed
for the full schema.
|
|
metze
|
|
|
|
Separate again the public from the private headers.
Add a new header specific for modules.
Also add service function for modules as now ldb_context and ldb_module are
opaque structures for them.
|
|
This provides the two extended DN handlers for the GUID and SID types,
and makes the parsing more strict (where possible, it uses
ndr_pull_struct_blob_all(), to cause an error if trailing data is
found).
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|