| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This is a partial fix towards bugs due to us walking past the end of
what we think are strings in ldb. There is much more work to do in
this area.
Andrew Bartlett
(This used to be commit 5805a9a8f35fd90fa4f718f73534817fa3bbdfd2)
|
|
an attribute with ';' in the name.
Andrew Bartlett
(This used to be commit f4023b176eabfb3282fe9b999eac8db55a095ab0)
|
|
(This used to be commit f42690a90c2f76e7fc130ebbdbd0f93fefacfad6)
|
|
is that when we all ldb_msg_add_empty(), we might realloc() the
msg->elements array. We need to ensure the source pointer (when
copying an element from the same msg) is still valid, or the data
copied.
Andrew Bartlett
(This used to be commit 0fbea30577233d00e7c6cdd4faaece0f99fc57b1)
|
|
(This used to be commit 40c0919aaa9c1b14bbaebb95ecce53eb0380fdbb)
|
|
(This used to be commit 84b468b2f8f2dffda89593f816e8bc6a8b6d42ac)
|
|
patch).
- samba3sam.js: rework the samba3sam test to not use objectCategory,
as it's has special rules (dnsName a simple match)
- ldap.js: Test the ordering of the objectClass attributes for the baseDN
- schema_init.c: Load the mayContain and mustContain (and system...) attributes when
reading the schema from ldb
- To make the schema load not suck in terms of performance, write the
schema into a static global variable
- ldif_handlers.c: Match objectCategory for equality and canonicolisation
based on the loaded schema, not simple tring manipuation
- ldb_msg.c: don't duplicate attributes when adding attributes to a list
- kludge_acl.c: return allowedAttributesEffective based on schema results
and privilages
Andrew Bartlett
(This used to be commit dcff83ebe463bc7391841f55856d7915c204d000)
|
|
(This used to be commit 1093875d59f1ea9b8bd82277d4f9d8366e584952)
|
|
only in one place
metze
(This used to be commit dfdfdd6cefeac2974a4b3425a49e3dd93ad7e952)
|
|
metze
(This used to be commit 49c7da812c290e23bb65b98a2710fb90c4a0ece2)
|
|
metze
(This used to be commit d20d1872d5ed1176928b85ef9811c6a5177d0148)
|
|
(This used to be commit 67b88e49b896f1d783619b8f96554adaeabe80df)
|
|
- ldb_dn_get_linearized
returns a const string
- ldb_dn_alloc_linearized
allocs astring with the linearized dn
(This used to be commit 3929c086d5d0b3f08b1c4f2f3f9602c3f4a9a4bd)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
attributes to backend (remote) attributes.
We can't do a reverse mapping safely where the remote attribute may be
a source for multiple local attributes. (We end up with the wrong
attributes returned).
In doing this, I've modified the samba3sam.js test to be more
realistic, and fixed some failures in the handling of primaryGroupID.
I've added a new (private) helper function ldb_msg_remove_element() to
avoid a double lookup of the element name.
I've also re-formatted many of the function headers, to fit into
standard editor widths.
Andrew Bartlett
(This used to be commit 186766e3095e71ba716c69e681592e217a3bc420)
|
|
(This used to be commit abdc4edbb8f8b8234bad1be05fa92b3f3bc8876c)
|
|
argument.
This is a pointer to an element pointer. If it is not null it will be
filled with the pointer of the manipulated element.
Will avoid double searches on the elements list in some cases.
(This used to be commit 0fa5d4bc225b83e9f63ac6d75bffc4c08eb6b620)
|
|
fix compiler warnings
metze
(This used to be commit dc139d8715f58b27363266f1426da451907845eb)
|
|
string is zero length. This allows callers to not have to worry about
creating an invalid ldap attribute.
See extensive discussion on samba-technical list :-)
(This used to be commit 7a1db8c2a432b9ab59b29ee1bfce6c8fe8e981a2)
|
|
to manipulate rootDSE we use ldb_dn_new() as base and that has 0 elements.
(This used to be commit 3e131177dae3536c07632fe09e7ebe877bcd9332)
|
|
(This used to be commit 5b4fc48c49bada2711e356c557ba5f45e34396f6)
|
|
metze
(This used to be commit cea06e105a28e12989cd6fdf6d91d86347b8ffc4)
|
|
Add attribute syntax mapping to the existing OpenLDAP -> AD tool.
Andrew Bartlett
(This used to be commit ba1c652bae700a82acde166e70035d61c320e233)
|
|
to do
(This used to be commit ad75cf869550af66119d0293503024d41d834e02)
|
|
helper function to set them.
(This used to be commit 260868bae56194fcb98d55afc22fc66d96a303df)
|
|
(This used to be commit 8c6efd7b55e4ad45e1bd10519a1b91285a4e0347)
|
|
the end.
Andrew Bartlett
(This used to be commit 2a87ed1111f4ed72798372d6005a88a929c39de6)
|
|
easier to chase down what modules or application code gets wrong.
Ensure not to leave memory allocated on failure in ldb_search()
Andrew Bartlett
(This used to be commit 0828739951ed879640f8ed6e4700d8ca6b8221b8)
|
|
Testing various async paths and uncovering bugs
(This used to be commit 099d873ea596ece18efe63b06bc64e7f97a96f82)
|
|
tree fro long
(This used to be commit 7c050b541e98cd442a0c9ed0ddadb3e573cd1304)
|
|
(This used to be commit 4257fd91ceca34dd868a9168efc28b6cb63f0357)
|
|
ldb_msg_add_steal_value().
These try to maintain the talloc heirachy, which must be correct
otherwise talloc_steal operations of entire attribute lists fails.
This fixes the currentTime value, found by using Microsoft's dcdiag
tool (before this commit, it pointed to invalid memory, due to the
changes in -r 13606)
Andrew Bartlett
(This used to be commit 424df1bb369fddcfd358cf26dd0da9d3851d181e)
|
|
Also add a way to provide utf8 compliant functions
by registering them with ldb_set_utf8_fns()
Next comes code to register samba internal utf8 functions.
Simo.
(This used to be commit ac9b8a41ffca8e06c5e849d544d3203a665b8e0d)
|
|
this helps in getting symbol -fvisibility=hidden (GCC 4 feature) working later.
metze
(This used to be commit 380938e97f31c7860aed1e73cc0110c6e17b472e)
|
|
This should be replaced with real ACLs, which tridge is working on.
In the meantime, the rules are very simple:
- SYSTEM and Administrators can read all.
- Users and anonymous cannot read passwords, can read everything else
- list of 'password' attributes is hard-coded
Most of the difficult work in this was fighting with the C/js
interface to add a system_session() all, as it still doesn't get on
with me :-)
Andrew Bartlett
(This used to be commit be9d0cae8989429ef47a713d8f0a82f12966fc78)
|
|
set of results
(This used to be commit 2be62eb2dde9250f8bfe3a3272851e152a1d6b68)
|
|
dn->canonicalName function abartlet just committed
(This used to be commit 197e8a27f0557869eacd17b74e1b14e0665883b1)
|
|
- added note about allowedAttributesEffective (will be needed for mmc)
- fixed some more ldb warnings
(This used to be commit e9e4d81b6976549db8a7668572a5da466fbec4a9)
|
|
ldb_msg_copy_attr() to ensure
that callers (like the ldap server) can talloc_steal the name
(This used to be commit 9c914542cc346758c82f89990c80eb096a9c0959)
|
|
- removed the timestamps module, replacing it with the operational module
- added a ldb_msg_copy_shallow() function which should be used when a module
wants to add new elements to a message on add/modify. This is needed
because the caller might be using a constant structure, or may want to
re-use the structure again
- enabled the UTC time attribute syntaxes in the operational module
(This used to be commit 61e8b010223ac6a0573185008f3719ba29574688)
|
|
the time attribute handling functions
(This used to be commit 93c296d52718e77f8b702e1721b548eaadc56c76)
|
|
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
|
|
do not autostart transactions on ldb operations if a transaction is already in place
test transactions on winsdb
all my tests passes so far
tridge please confirm this is ok for you
(This used to be commit c2bb2a36bdbe0ec7519697a9a9ba7526a0defac2)
|
|
metze
(This used to be commit 3309a0f4d90f01e1f6182b797e2bfe3f8380e59c)
|
|
LDB_ERR_ value
(This used to be commit 610f5646f0816820ac9342e81d46d139e26cc918)
|
|
- Don't silently drop records with empty attributes
tridge/simo: Could you please verify this patch is correct?
(This used to be commit 505c9b1d3d39475da141d3b3c156a7e5ba06790c)
|
|
distinguished names
Provide more functions to handle DNs in this form
(This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
|
|
(This used to be commit ce9966e091d36f66d409ac6f7b5e462c9dc37325)
|
|
instead of a search expression. This allows our ldap server to pass
its ASN.1 parsed search expressions straight to ldb, instead of going
via strings.
- updated all the ldb modules code to handle the new interface
- got rid of the separate ldb_parse.h now that the ldb_parse
structures are exposed externally
- moved to C99 structure initialisation in ldb
- switched ldap server to using ldb_search_bytree()
(This used to be commit 96620ab2ee5d440bbbc51c1bc0cad9977770f897)
|
|
messages from ldbedit,
so other progs can use it.
(This used to be commit fa4f33558af3c65ff31424c01db16cb9d427503d)
|
