| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
this exposes enough functions for s4 to not need ldb_private.h any
more.
|
|
it causes problems with the openchange build as it is not installed
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov 1 21:49:47 UTC 2010 on sn-devel-104
|
|
this allows ldb_wrap to enable s4 modules in a standalone ldb install
without any additional installation
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Mon Nov 1 13:47:33 UTC 2010 on sn-devel-104
|
|
ldb modules can now add hooks to the command line processing for ldb
tools
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
these will be used to determine if a ldb request comes from an
untrusted source. We want requests over ldap:// to be marked untrusted
so we can reject unregistered controls
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this is used to help debug async ldb requests. The ldb request handle
now contains a location string and the parent request pointer. This
allows us to print a backtrace of ldb requests in the dsdb modules.
|
|
|
|
ldb_options_find() allows backends to find options in the options[]
array passed to the connect operation.
This will be used by the ldb_ldap bind code
|
|
|
|
This adds ldb_debug_add() and ldb_debug_end() to format multiline
messages
|
|
It is useful to be able to control the 2 phase commit from application
code (s4 replication uses it)
|
|
This module is now part of Samba 4's dsdb subsystem rather than
standalone ldb.
|
|
When a top level method in a module returns an error, it is supposed
to call ldb_module_done(). We ran across a case where this wasn't
done, and then found that in fact that are hundreds of similar cases
in our modules. It took Andrew and I a full day to work out that this
was the cause of a subtle segv in another part of the code.
To try to prevent this happening again, this patch changes
ldb_next_request() to catch the error by checking if a module
returning an error has called ldb_module_done(). If it hasn't then the
call is made on behalf of the module.
|
|
It seems quite reasonable to allow modules to re-initialise the set of
cached DNs on the ldb context.
Andrew Bartlett
|
|
This is all working towards supporting the full WSPP schema without a
major performance penalty.
We now use binary searches when looking up classes and attributes. We
also avoid the loop loading the attributes into ldb, by adding a hook
to override the ldb attribute search function in a module. The
attributes can thus be loaded once, and then saved as part of the
global schema.
Also added support for a few more key attribute syntaxes, as needed
for the full schema.
|
|
do not reference it from ldb.h
|
|
|
|
The only 2 modules escaping the rule so far are rootdse and partitions
|
|
Some public functions were mistakenly put into ldb_private.h
Revert all modules to only include ldb_module.h
|
|
Separate again the public from the private headers.
Add a new header specific for modules.
Also add service function for modules as now ldb_context and ldb_module are
opaque structures for them.
|
|
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
This introduces a new set of pluggable syntax, for use on the
extended DN, and uses them when parsing the DN.
If the DN appears to be in the extended form, we no longer return the
full DN 'as is', but only return the normal part from
ldb_dn_get_linearized().
When validating/parsing the DN we validate not only the format of the
DN, but also the contents of the GUID or SID (to ensure they are
plausable).
We also have functions to set and get the extended components on the DN.
For now, extended_dn_get_linearized() returns a newly constructed and
allocated string each time.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
|
|
remove some unused functions.
|
|
|
|
|
|
The core ldb code for string matching assumed NULL terminated strings,
whereas the anr module used data_blob_const() to effectively truncate
a ldb_val by changing its length. The ldb code is supposed to be based
around length limited blobs, not NULL terminated strings, so the
correct fix was to change the string comparison functions to be length
limited
(This used to be commit 26c6aa5a80ffaf06fc33f30a6533f8f16ef538bc)
|
|
(This used to be commit ed19d0abea5b206d186a51fa11dc0c04197e6ee2)
|
|
(This used to be commit 3b8eec7ca334528cad3cdcd5e3fc5ee555d8d0e0)
|
|
(This used to be commit 977dbdeaf363c8905ed9fd0570eba4be80582833)
|
|
metze
(This used to be commit 91b49365abed6f67e2b3c18b0090b4e6ff1df935)
|
|
(This used to be commit ef00f6b5817107738dc44367838095896af4e77d)
|
|
(This used to be commit ca510136d2c4cae8f520c76df6aaadb5d412bea1)
|
|
(This used to be commit b1a7810f3e70f9a831d9b8e85d531e448072adaf)
|
|
modules to provide an ops table directly rather than an initialization function.
(This used to be commit a71419a73a869c24121005ccbbcb4396f888888b)
|
|
(This used to be commit 9d73becbb24fbde2e319e18e84af35d9efaeefda)
|
|
modulesdir setting. Samba always sets this to lp_modulesdir()/ldb
(This used to be commit e672380d2156cf0421108a9c34f04f096c2afeed)
|
|
(This used to be commit 40c0919aaa9c1b14bbaebb95ecce53eb0380fdbb)
|
|
(This used to be commit 84b468b2f8f2dffda89593f816e8bc6a8b6d42ac)
|
|
(This used to be commit 7c5529729b95f170508b9fe4f04bd33d6f000b1e)
|
|
'phantom_root' flag in the search_options control
- Add in support for LDB controls to the js layer
- Test the behaviour
- Implement support for the 'phantom_root' flag in the partitions module
- Make the LDAP server set the 'phantom_root' flag in the search_options control
- This replaces the global_catalog flag passed down as an opaque pointer
- Rework the string-format control parsing function into
ldb_parse_control_strings(), returning errors by ldb_errorstring()
method, rather than with printf to stderr
- Rework some of the ldb_control handling logic
Andrew Bartlett
(This used to be commit 2b3df7f38d7790358dbb4de1b8609bf794a351fb)
|
|
metze
(This used to be commit 224a31cdbf12a555b8c46786c9f83fec8e839c5a)
|
|
to a ldb_schema_syntax struct.
the default attribute handler is now registered dynamicly as "*"
attribute, instead of having its own code path.
ldb_schema_attribute's can be added to the ldb_schema given a
ldb_schema_syntax struct or the syntax name
we may also need to introduce a ldb_schema_matching_rule,
and add a pointer to a default ldb_schema_matching_rule
in the ldb_schema_syntax.
metze
(This used to be commit b97b8f5dcbce006f005e53ca79df3330e62f117b)
|
|
metze
(This used to be commit 8dda4342f648aa71878ac9eeb7941710e2813aee)
|
|
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
|
|
attributes to backend (remote) attributes.
We can't do a reverse mapping safely where the remote attribute may be
a source for multiple local attributes. (We end up with the wrong
attributes returned).
In doing this, I've modified the samba3sam.js test to be more
realistic, and fixed some failures in the handling of primaryGroupID.
I've added a new (private) helper function ldb_msg_remove_element() to
avoid a double lookup of the element name.
I've also re-formatted many of the function headers, to fit into
standard editor widths.
Andrew Bartlett
(This used to be commit 186766e3095e71ba716c69e681592e217a3bc420)
|
|
(This used to be commit 2b770885cd234027f92ba543706df5d55f16f739)
|
|
ldb_set_umask() (which is what we had discussed) as it doesn't
actually set the umask (in effect it sets the inverse of the umask -
the perms to be used for the file)
(This used to be commit 7e2ec875908c112d5c3b0f6d18f9a8bbacf33539)
|
|
This moves these attributes from objectguid into an optional backend
(objectguid), used by ltdb. For OpenLDAP, the entryUUID module
converts entryCSN into usnChanged.
This also changes the sequence number API, and uses 'time based'
sequence numbers, when an LDAP or similar backend is detected.
To assist this, we also store the last modified time in the TDB,
whenever we change a value.
Andrew Bartlett
(This used to be commit 72858f859483c0c532dddb2c146d6bd7b9be5072)
|
