| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
this will be used to allow a system ldb build with an ldb backend to
have its ldap handler overridden by the s4 one
|
|
|
|
It is saver than a manual "talloc".
|
|
That's exactly the behaviour of various LDAP servers.
|
|
"find_element" returns an "int" since there is also the possibility that a
certain element doesn't exist - then "-1" is returned. But beside this
exception treat all other return values as unsigned.
|
|
- Fix indentation
- Include always the failing DN
- Reorder the outputs to make them consistent
|
|
this function takes the operator being invoked, which will allow
schema functions to provide more fine grained control over
comparisons.
The key bug this was introduced to fix is the incorrect handling of
the LDB_OP_PRESENT test for deleted linked attributes. The backends
are unaware of the deleted state of these links, so they cannot do a
LDB_OP_PRESENT test on their own.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
this is expected for non-sam LDBs
|
|
into this module
It seems to me more consistent (and also to keep the same behaviour on all
backends).
Also the DRS hack should therefore not be needed anymore since the
"repl_meta_data" module launches requests behind "objectclass_attrs".
|
|
In my eyes it fits better here than in the TDB backend code.
|
|
conversions
|
|
|
|
|
|
Signed-off-by: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
|
|
|
|
|
|
|
|
When we get an indexing failure we want a clear error message
|
|
When using w2k3 linked attributes we are allowed to have multiple
values on a single valued attribute. This happens when the other
values are deleted.
Setting the RELAX control tell the ldb-tdb backend to not check for
this on replace, which means the caller has to check for single valued
violations.
|
|
It isn't very useful just saying that a control is not supported,
without saying which one is the problem
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
|
|
We need to keep a search count in ltdb to allow for nesting
of searches inside a module
Signed-off-by: Andrew Tridgell <tridge@samba.org>
|
|
- The outside API contains "DN" string arguments: Bad. Since in this way we
fully rely on the outside calls regarding the right DN format. Solution: Use
always a "struct ldb_dn" entry. Since this one is interchangeable and we can
handle it in our preferred way.
|
|
When we rename or modify a record, we need to update the indexes at
the same time. It is important that we use the DN of the actual
message that is stored in the database to do this, not the DN that was
passed in by the user. If the two differ in case then the index
records needs to use the 'real' record DN, as index handling is
currently case sensitive.
|
|
"msg_delete_attribute" doesn't return an LDB result constant.
|
|
I think this is better since "ldb_backend_connect" and "ldb_connect" which
propagate those values should return only LDB constants. Therefore a conversion
(especially for "-1") would be needed.
|
|
|
|
These will be used by ldb_index.c
|
|
This gets rid of the @IDXPTR approach to in-transaction indexing,
instead using an in-memory tdb to hold index values during a
transaction. This also cleans up a lot of the internal indexing logic,
hopefully making it easier to understand.
One of the big changes is in memory management, with a lot more use
made of talloc tricks to avoid copying dn lists, and shortcuts used to
avoid high intersection and union calculation costs.
The overall result is that a re-provision on my laptop goes from 48s
to a bit over 10s.
|
|
This helps track the memory better, as we can then place it under the partition
hirarchy.
Andrew Bartlett
|
|
I hope that this makes abartlet & simo happy again (consider mailing list).
|
|
They are not stored, so we can ignore them (makes copying records much
easier)
Andrew Bartlett
|
|
(Otherwise setting the check base on search option is not applied
until after a reload).
Andrew Bartlett
|
|
- Unify the error handling method with "done" mark in all longer functions
- Fix up result codes to match more the real MS AD
- Some cosmetic fixups
|
|
When you try to add a 2nd value to a single valued attribute you get
LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS. w2k8-r2 join to s4 relies on this
error, doing a replace after it sees the error
|
|
|
|
|
|
This reverts commit 14c9070322d089dd96b389e8087c4f4bf1a6c7cc.
|
|
|
|
|
|
This is currently only triggered via Samba4's schema code.
|
|
|
|
With unique indexes, any rename of a record that has an attribute that
is uniquely indexed needs to be done as a delete followed by an add,
otherwse you'll get an error that the attribute value already exists.
|
|
This op will be used by the partition module to give us good
transaction semantics across the 4 partitions that sam.ldb uses.
|
|
Extended operations return was not going thorugh the same patch as others
leaving the ctx around. Plus we were neutralizing the spy too early so that it
didn't set the request_terminated flag as it should have.
This should hopefully fix the failures in the build farm.
|
|
In some code paths ltdb_context was still referenced even after we were returned
an error by one of the callbacks. Because the interface assumes that once an
error is returned the ldb_request may be freed, and because the ltdb_context was
allocated as a child of the request, this might cause access to freed memory.
Allocate the ltdb_context on ldb, and keep track of what's going on with the
request by adding a spy children on it. This way even if the request is freed
before the ltdb_callback is called, we will safely free the ctx and just quietly
return.
|
|
behavior anyway, and given we can only have one transaction active per
ldb context this is the only sane model we can support.
Fix ldb_tdb transactions, we could return back with an error with neither
committing nor canceling the actual tdb transaction in some error paths
within the ltdb commit and cancel transaction paths.
Added also some debugging to trace what was going on.
|
|
Separate again the public from the private headers.
Add a new header specific for modules.
Also add service function for modules as now ldb_context and ldb_module are
opaque structures for them.
|
|
metze
|
|
list=""
list="$list event_context:tevent_context"
list="$list fd_event:tevent_fd"
list="$list timed_event:tevent_timer"
for s in $list; do
o=`echo $s | cut -d ':' -f1`
n=`echo $s | cut -d ':' -f2`
r=`git grep "struct $o" |cut -d ':' -f1 |sort -u`
files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4`
for f in $files; do
cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp
mv $f.tmp $f
done
done
metze
|
|
ldb indexing can cause huge files, and huge memory usage. This
experiment allows us to keep indexes in memory during a transaction,
then to write the indexes to disk when the transaction completes. The
result is that the db is much smaller (we have seen improvements of
about 100x in file size) and memory usage during large transactions is
also greatly reduced
Note that this patch uses the unusual strategy of putting pointers
into a ldb (and thus into a tdb). This works because the pointers are
only there during a transaction, so the pointers are not exposed to
any other users of the database. The pointers allow us to avoid some
really bad allocation problems with tdb record allocation during the
re-indexing.
|
