Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Suggested by Tridge
|
|
The size for an additional "struct ldb_control" shouldn't hurt and so
the excluded control can also be NULL.
Added an ending "talloc_realloc" to resize the chunk to the
effective needed size (requested by tridge).
|
|
Reviewed by: Tridge
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Mar 4 22:51:57 CET 2011 on sn-devel-104
|
|
This is a much better solution than we had before - so all important DN
checks are enforced for each type of LDB database (and not limited to DSDB).
Many "ldb_dn_validate" checks will now become obsolete.
Reviewed by: Tridge
|
|
Add a function to marshall a control to a string
Refactor the code of ldb_control_parse_strings to allow to extract the
core code into ldb_control_parse_from_string so that this function can
be called for just 1 string
|
|
values, helps to avoid bugs
|
|
defined in ldb.h
Allow to have less magic value in the control code and will allow not to
duplicate names when doing a function that marshal a control to it's
string representation
|
|
when user requires binary data to be displayed
using samba user-friendly ldif handlers
Found using following test search:
bin/ldbsearch -H st/dc/private/sam.ldb -b "CN=Deleted Objects,DC=samba,DC=example,DC=com" \
"(objectGUID=97b52eac-6d89-434d-b935-1e5f2e086ffc)" replPropertyMetaData --show-deleted --show-binary
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Tue Jan 18 00:40:01 CET 2011 on sn-devel-104
|
|
LDB_FLG_SHOW_BINARY is data representation flag and should
not modify behavior of data checking functions.
This lead to a bug in lib/ldb/ldb_tdb/ldb_index.c as ltdb_index_key()
function relies on ldb_should_b64_encode function to determine
how to process index keys.
Found using following test search:
bin/ldbsearch -H st/dc/private/sam.ldb -b "CN=Deleted Objects,DC=samba,DC=example,DC=com" \
"(objectGUID=97b52eac-6d89-434d-b935-1e5f2e086ffc)" replPropertyMetaData --show-deleted --show-binary
|
|
this is used to mark a ldb child request trusted, if the caller has
validated all inputs. This will be used when creating new child
requests with trusted inputs.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Fri Jan 14 10:43:29 CET 2011 on sn-devel-104
|
|
this removes any extraneous components from a DN. For an extended DN,
this means removing the string DN and all but the first extended
component.
This is needed as AD returns "invalid syntax" if you don't use
a minimal DN as the base DN for a search. A non-minimal DN also
doesn't ever match in a search expression.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this returns the number of extended components. We need this to
validate a DN in the extended_dn_in module
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Dec 18 01:33:24 CET 2010 on sn-devel-104
|
|
|
|
this allows us to avoid issues with ldb using heimdal while an
application using ldb using MIT kerberos
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
|
|
A value array allocation should belong to "msg->elements" not "msg" directly
|
|
when LDB_WARN_UNINDEXED is set, we produce warnings about unindexed
searches. This makes it easier to find performance problems caused by
unindexed searches.
|
|
We shouldn't proceed without all required modules, it could cause damage to the
ldb if operations are performed w/o the needed modules.
Autobuild-User: Simo Sorce <idra@samba.org>
Autobuild-Date: Thu Nov 18 14:02:34 UTC 2010 on sn-devel-104
|
|
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Nov 17 08:45:53 UTC 2010 on sn-devel-104
|
|
this can happen when both the build and install paths are used to load
ldb modules
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov 8 05:28:14 UTC 2010 on sn-devel-104
|
|
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Nov 6 21:04:58 UTC 2010 on sn-devel-104
|
|
|
|
this prevents samba dying if you do a 'make install' while it is
running. Otherwise the make install changes the inode numbers of the
modules in the modules directory, causing them to reload, which causes
multiple modules of the same name to try and load
|
|
this should also fix a valgrind error on freebsd
thanks to Matthieu for spotting this
|
|
when a backend or module can't be found, give a hint about
the LDB_MODULES_PATH environment variable
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Tue Nov 2 21:28:22 UTC 2010 on sn-devel-104
|
|
this exposes enough functions for s4 to not need ldb_private.h any
more.
|
|
this allows ldb_wrap to enable s4 modules in a standalone ldb install
without any additional installation
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov 1 13:47:33 UTC 2010 on sn-devel-104
|
|
this allows a ldb module to register a hook function called at various
stages of processing. It will be initially used for ldb command line
hooks, but should work generally.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this will be used to allow a system ldb build with an ldb backend to
have its ldap handler overridden by the s4 one
|
|
|
|
this gets rid of some particularly obscure cpp macros for module lists
|
|
this supports module loading in ldb which uses the approach of "load
all modules in a directory". This is much more flexible than the
current module loading, as it will allow us to load modules for
command line parsing and authentication.
Modules are loaded from a colon separated path, in the environment
variable LDB_MODULES_PATH. If unset, it defaults to LDB_MODULESDIR.
Within each directory modules are loaded recursively (traversing down
the directory tree). The device/inode number of each module is
remembered to prevent us loading a module twice.
Each module is checked for a ldb_init_module() function with
dlsym(). If found, it is called with the ldb module version as an
argument.
|
|
This control is exactly thought for the actions which previously were performed
using the RELAX one.
We agreed that the RELAX control will only remain for interactions with OpenLDAP.
|
|
LDB_CONTROL_BYPASS_OPERATIONAL_OID
It's nicer to have this consistent with "BYPASS_PASSWORD_HASH".
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Oct 21 09:28:19 UTC 2010 on sn-devel-104
|
|
we need to make this symbol public to allow for -Wl,-no-undefined, as
otherwise the pyldb module can't find the symbol when it creates the
module
|
|
please close the handle
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Oct 21 07:52:44 UTC 2010 on sn-devel-104
|
|
range
Commit 8556602b048e825b35df314d6865f997823ec2bb wasn't quite right - it only
restored the functionality on the positive integer range.
This one however should now really support the whole unsigned range.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Tue Oct 19 10:52:08 UTC 2010 on sn-devel-104
|
|
the ldap server will mark a control with a NULL oid in order to remove
it. This prevents a O(n^2) cost in control handling.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
these will be used to determine if a ldb request comes from an
untrusted source. We want requests over ldap:// to be marked untrusted
so we can reject unregistered controls
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Use the signed counter for the binary search but use an unsigned one for
accessing the entry.
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Mon Oct 18 19:01:31 UTC 2010 on sn-devel-104
|
|
Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Sat Oct 16 13:54:13 UTC 2010 on sn-devel-104
|
|
|