| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
this allows a ldb module to force an element as single valued
|
|
this is used to mark a ldb child request trusted, if the caller has
validated all inputs. This will be used when creating new child
requests with trusted inputs.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
Autobuild-User: Jelmer Vernooij <jelmer@samba.org>
Autobuild-Date: Sat Dec 18 01:33:24 CET 2010 on sn-devel-104
|
|
|
|
|
|
Autobuild-User: Nadezhda Ivanova <nivanova@samba.org>
Autobuild-Date: Wed Dec 8 13:31:48 CET 2010 on sn-devel-104
|
|
|
|
LDB_DEBUG_FATAL
We end up calling ldb_error_at() which expects an LDB error,
but LDB_DEBUG_FATAL is not such code. It is actually equal to LDB_SUCCESS.
Thus the effect is that we report a *fatal* error, but return
LDB_SUCCESS in many places.
Autobuild-User: Kamen Mazdrashki <kamenim@samba.org>
Autobuild-Date: Thu Nov 4 12:57:33 UTC 2010 on sn-devel-104
|
|
this disables the single value checking for one attribute. It is much
more specific than a general RELAX control, and also more efficient. I
think we should try to have more precise overrides like this, rather
than using RELAX as a general purpose override
|
|
this exposes enough functions for s4 to not need ldb_private.h any
more.
|
|
|
|
this allows a ldb module to register a hook function called at various
stages of processing. It will be initially used for ldb command line
hooks, but should work generally.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this gets rid of some particularly obscure cpp macros for module lists
|
|
this supports module loading in ldb which uses the approach of "load
all modules in a directory". This is much more flexible than the
current module loading, as it will allow us to load modules for
command line parsing and authentication.
Modules are loaded from a colon separated path, in the environment
variable LDB_MODULES_PATH. If unset, it defaults to LDB_MODULESDIR.
Within each directory modules are loaded recursively (traversing down
the directory tree). The device/inode number of each module is
remembered to prevent us loading a module twice.
Each module is checked for a ldb_init_module() function with
dlsym(). If found, it is called with the ldb module version as an
argument.
|
|
these will be used to determine if a ldb request comes from an
untrusted source. We want requests over ldap:// to be marked untrusted
so we can reject unregistered controls
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this gives better error checking
|
|
When this flag is set on an element in an add/modify request then the
normal validate_ldb() call that checks the element against schema
constraints is disabled
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
These will be used to help avoid the problem we have with hundreds of
places that do "return LDB_ERR_OPERATIONS_ERROR" without an
explanation. It is very difficult to track down ldb errors which don't
have any explanation.
By replacing "return LDB_ERR_OPERATIONS_ERROR;" with "return ldb_operr(ldb);"
we at least get a file:line message in the ldb error string. It isn't
an ideal error message, but it is much better than just "operations
error"
This change also makes ldb_oom() return the error code
(LDB_ERR_OPERATIONS_ERROR) so you can do:
return ldb_oom(ldb);
instead of:
ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
|
|
This is needed to support DSDB_FLAG_OWN_MODULE
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
(as objectClass will always be a case insensitive ascii string, we can
make a much simpler match function here than for the general case).
Andrew Bartlett
|
|
This will help simplify boilerplate comparison functions where we
don't have a shortcut way to compare.
Andrew Bartlett
|
|
|
|
This I hope will be useful for removing controls from the ldb_reply
Andrew Bartlett
|
|
|
|
This adds ldb_debug_add() and ldb_debug_end() to format multiline
messages
|
|
This add --show-binary to ldbsearch. When this flag is set, binary
blobs will be shown as-is, instead of base64 encoded. This is useful
for some XML encoded attributes, and will also be used as part of some
NDR print formatting for attributes like repsTo.
|
|
The reason we need this is to make multi-tdb transactions safe, with
the partition module. The linked_attributes and repl_meta_data modules
now do extra processing when the transaction ends, and that processing
can fail. When it fails we need to cancel the transaction, which we
can only do if the hook is on the prepare commit instead of the end
transaction call. Otherwise the partition module cannot ensure that no
commit has been done on another partition.
|
|
It seems quite reasonable to allow modules to re-initialise the set of
cached DNs on the ldb context.
Andrew Bartlett
|
|
This is all working towards supporting the full WSPP schema without a
major performance penalty.
We now use binary searches when looking up classes and attributes. We
also avoid the loop loading the attributes into ldb, by adding a hook
to override the ldb attribute search function in a module. The
attributes can thus be loaded once, and then saved as part of the
global schema.
Also added support for a few more key attribute syntaxes, as needed
for the full schema.
|
|
This op will be used by the partition module to give us good
transaction semantics across the 4 partitions that sam.ldb uses.
|
|
|
|
Separate again the public from the private headers.
Add a new header specific for modules.
Also add service function for modules as now ldb_context and ldb_module are
opaque structures for them.
|
