Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Previos implementation from ldb_msg_canonicalize()
was moved into this function and now ldb_msg_canonicalize()
is based on ldb_msg_normalize()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Previous implementation was 'leaking' attribute name
string, that is allocated by ldb_msg_add_empty()
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
It just adds another element, nothing more.
Caller is responsible to fill-in the added element and
determine how to handle data allocation contexts.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
from client
Old implementation from ldb_msg_diff() was moved into
this this function but with changed interface
so that a memory context may be passed.
ldb_msg_diff() function is now based on ldb_msg_difference(),
which fixes a hidden leak - internal ldb_msg object
(returned from ldb_msg_canonicalize) wasn't freed
and stays attached to ldb_context for the connection lifetime.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Since the parent DN is a duplication of the passed DN parameter.
|
|
|
|
These will be used to help avoid the problem we have with hundreds of
places that do "return LDB_ERR_OPERATIONS_ERROR" without an
explanation. It is very difficult to track down ldb errors which don't
have any explanation.
By replacing "return LDB_ERR_OPERATIONS_ERROR;" with "return ldb_operr(ldb);"
we at least get a file:line message in the ldb error string. It isn't
an ideal error message, but it is much better than just "operations
error"
This change also makes ldb_oom() return the error code
(LDB_ERR_OPERATIONS_ERROR) so you can do:
return ldb_oom(ldb);
instead of:
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
|
|
ldb_options_find() allows backends to find options in the options[]
array passed to the connect operation.
This will be used by the ldb_ldap bind code
|
|
|
|
Use "LDB_FREE" for such free operations and in addition wipe also the casefolded
DN out.
|
|
when the components change
|
|
Cosmetic
|
|
upwards and use "LDB_FREE" for freeing "dn->components"
Mostly cosmetic - no behaviour change
|
|
|
|
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
|
|
It's meaningless and could end in DNs as "cn=child,".
|
|
|
|
We can have some special (bad) messages which contain multiple message elements
for the same attribute. The AD password change ones are such an example.
|
|
|
|
with length 0
|
|
--controls=local_oid:1.3.6.1.4.1.7165.4.3.7:1
To specify the DSDB_CONTROL_PASSWORD_HASH_VALUES_OID control as critical.
metze
|
|
|
|
This could if the 'base' dn is special for example.
|
|
Check on modify if we are RODC and return referral.
On the ldap backend side now we pass context and ldb_modify_default_callback
to propagate the referral error to the client.
|
|
when one of the strings was not valid UTF8, we would try to
dereference NULL
|
|
|
|
sscanf can return also on short reads, in this case an invalid escape
sequence like '\1k' would be accepted, returning 1 as value and swallowing the
'k'. Use an auxiliar function to validate and convert hex escapes.
|
|
To count LDB objects use variables of type "unsigned (int)" or "long long int"
on binary or downto searches.
To count characters in strings use "size_t".
To calculate differences between pointers use "ptrdiff_t".
|
|
|
|
metze
|
|
metze
|
|
metze
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
|
|
It's not fully clear what this ":dn" part means for us. What we know is that
older AD implementations (Windows Server 2000, 2003) need it to have extended
matches working in the expected way.
To be able to interoperate with s3's winbind and other tools I and gd decided
to transform this into a warning until we know what to do.
This should fix bug #6511.
|
|
LDAP only knowns about signed integers, so let
ldb_msg_find_attr_as_uint() and ldb_msg_find_attr_as_uint64() cope
with it.
metze
|
|
metze
|
|
It has been a common bug to get the first two arguments the wrong way
around
|
|
|
|
The samldb module overrides the error code for some returns when
handling primaryGroupID. We need to take the error from the async
callback to allow this to work reliably
|
|
|
|
This is intended as a replacement for ldb_string_to_time() for ldb_val
inputs. This ensures it is length limited and includes additional
validity checks
|
|
This is needed to support DSDB_FLAG_OWN_MODULE
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This is used to udpate just the DN components of a ldb_dn, leaving the
other extended fields alone. It is needed to prevent linked attribute
updates from removing other extended components.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
This canonicalise avoids a problem with an add that has multiple
elements with the same el->name. That is allowed by MS servers, and by
ldb, but it breaks things like the tdb backend and the repl_meta_data
RPMD handling.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|