Age | Commit message (Collapse) | Author | Files | Lines |
|
"dn" or "distinguishedName". This makes us a bit more consistent
(This used to be commit b41b374b55f9a056c47ffa2ff88aa5272dbc42fc)
|
|
(This used to be commit 896704f5c139c8bce30dfc898bb3a12be10035ed)
|
|
(This used to be commit e28a334eeb8fa22f686d0c1dc48b2977d85b9e10)
|
|
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
|
|
- ensure we don't add attributes twice, should a user ask for the
attribute twice. Do this in such a way that we don't become O(n^2)
- removed some unused code
(This used to be commit 7684cdb47b4ae516f066afb249d5f88032152ec9)
|
|
part of more complex expressions
(This used to be commit 40d304140b4cf22559d6b55c8cbaf1b984baf62f)
|
|
a search() function, instead each module now only implements the
bytree method, and the expression based search is handled generically
by the modules code. This makes for more consistency and less code
duplication.
fixed the tdb backend to handle BASE searches much more
efficiently. They now always only lookup one record, regardless of the
search expression
(This used to be commit 7e44f9153c5578624e2fca04cdc0a00af0fd9eb4)
|
|
(This used to be commit 26ff53857802ae4a63f2b6e46c9caa7ca2fbbe89)
|
|
do not autostart transactions on ldb operations if a transaction is already in place
test transactions on winsdb
all my tests passes so far
tridge please confirm this is ok for you
(This used to be commit c2bb2a36bdbe0ec7519697a9a9ba7526a0defac2)
|
|
parallel with any transaction
(This used to be commit ddff66298f1a668c5220e24fc47f98d7dfc3068a)
|
|
locking code in the ldb_tdb backend, except for a single read lock
during searches to ensure searches don't cross transaction boundaries
The tdb transactions code would map these extra locks to noops anyway
(as locking makes no sense inside a transaction), but the work in
setting up the locking keys still costs something, and it makes the
code needlessly complex
(This used to be commit 1b8d368a6771360fb0626127c02b3eb95f3eae59)
|
|
transactions are synchronous or not on the command line.
add LDB_FLG_NOSYNC flag to ldb_connect() so we can make our temporary
ldb databases non-synchronous
(This used to be commit dba41164e0c52f1e4351bd9057b16661cee3a822)
|
|
samba-technical posting for more details on the transactions design.
This also adds a number of command line arguments to tdbtorture,
making it more flexible, and fixes some lock deadlock conditions in
the tdbtorture code.
(This used to be commit 06bd8abba942ec9f1e23f5c5d546cbb71ca3a701)
|
|
changed the prioivate modules API
error string are now not spread over all
modules but are kept in a single place.
This allows a better control of memory
and error reporting.
(This used to be commit 3fc676ac1d6f59d08bedbbd9377986154cf84ce4)
|
|
private ldb API
ldb_sqlite3 is already working with this model and ldb_tdb will do
as soon as tridge finishes the tdb transaction code.
currently the transactions are always implicit and wrap any single
ldb API call except searching, the transaction functions are
currently not made public on purpose.
Simo.
(This used to be commit 1da4ac2cdcb7e54076f85242a93784260dced918)
|
|
just involves splitting up the core tdb.c code into separate files on
logical boundaries, but there are some minor functional changes as well:
- move the 'struct tdb_context' into tdb_private.h, hiding it from
users. This was done to allow the structure to change without
breaking code that uses tdb.
- added accessor functions tdb_fd(), tdb_name(), and tdb_log_fn() to
access the elements of struct tdb_context that were used by
external code but are no longer visible
- simplied tdb_append() to use tdb_fetch()/tdb_store(), which is just
as good due to the way tdb locks work
- changed some of the types (such as tdb_off to tdb_off_t) to make
syntax highlighting work better
- removed the old optional spinlock code. It was a bad idea.
- fixed a bug in tdb_reopen_all() that caused tdbtorture to sometimes
fail or report nasty looking errors. This is the only real bug
fixed in this commit. Jeremy/Jerry, you might like to pickup this
change for Samba3, as that could definately affect smbd in
Samba3.
The aim of all of these changes is to make the tdb
transactions/journaling code I am working on easier to write. I
started to write it on top of the existing tdb.c code and it got very
messy. Splitting up the code makes it much easier to follow.
There are more cleanups we could do in tdb, such as using uint32_t
instead of u32 (suggested by metze). I'll leave those for another day.
(This used to be commit 4673cdd0d261614e707b72a7a348bb0e7dbb2482)
|
|
I must say that writing a new module is a very good way
to find lot of subtle bugs laying in the code
We need more tests!
commit oLschema2ldif.c to keep it safe from data losses (rm -fr :-)
update test generic to reflect the fix made on comparsion functions
(This used to be commit 4357a2db5eadb15519ed93b957b2bad25ebf2a7d)
|
|
distinguished names
Provide more functions to handle DNs in this form
(This used to be commit 692e35b7797e39533dd2a1c4b63d9da30f1eb5ba)
|
|
Search by distinguishedName as if searching by dn
(This used to be commit 1d4046136255aead319ab08da229146dbd285b38)
|
|
simo, we need to be careful to cope with this sort of direct dn query efficiently
(This used to be commit 7b37923b726752101062fa8a92d3f96e41d55602)
|
|
Thanks to volker for finding this one too. Keep them coming!
(This used to be commit 756796ad2ea86a9471d1b09e66b1a74c4523f6f4)
|
|
avoid the horrors of posix locking, but it was preventing us having an
ldb open twice with different options. Now each ldb open of the same
file shares the same underlying tdb, but uses a different ldb
structure
(This used to be commit 4e090c66dfa1d2764e4693578d3845be3b8893f6)
|
|
(This used to be commit 64b6586b57de0bf22f8779447d217a918b7024a0)
|
|
better pares filters
Approx is currently only a stub need to dig more info to
understand what it really means and how it works exactly
(This used to be commit a9e8cd0bad27ed2b3c6a12302e787ba3c9a70a3c)
|
|
S390. This is an attempt to avoid the panic we're seeing in the
automatic builds.
The main fixes are:
- assumptions that sizeof(size_t) == sizeof(int), mostly in printf formats
- use of NULL format statements to perform dn searches.
- assumption that sizeof() returns an int
(This used to be commit a58ea6b3854973b694d2b1e22323ed7eb00e3a3f)
|
|
This code applies correct ldap standard wildcard matching code
removes WILDCARD matching from tdb @ATTRIBUTES, that's now handled independently
adds some more tests for wildcard matching
fixes dn comparison code in ldb_match
(This used to be commit 4eb5863042011988d85092d7dde3d809aa15bd59)
|
|
(This used to be commit 2e328e6c2fc2c66b0d0de910cd43ab232049bc90)
|
|
- we do not support multpiple attribute components anymore, makes code a lot easier
they will be readded later if we found out they are really used, so far my tests
show w2k3 do not handle them as well
- fix escaping issues, move component value to be in an ldb_val structure
still need to handle binary values case
- make cononicalize functions leak less memory by giving a specific memory context
- fix tests scripts so that test-ldap can start
- make test not delete databases on completion so that I can inspect them
(This used to be commit 624a73148d125690ce18515f19231d26df207738)
|
|
canonicalisation
- added support for recognising the S- form of objectsid in search
expressions. I thought this could be done with just a comparison
modified comparison function, but it turns out it also needs a
canonicalisation function so that indexing can work
(This used to be commit 7d2bee2c5619f284375ecbed14371c5e8639ed1c)
|
|
- moved the knowledge of attribute types out of ldb_tdb and into the
generic ldb code. This allows the ldb_match() message match logic
to be generic, so it can be used by other backend
- added the generic ability to load attribute handlers, for
canonicalisation, compare, ldif read and ldif write. In the future
this will be used by the schema module to allow us to correctly
obey the attributetype schema elements
- added attribute handlers for some of the core ldap attribute types,
Integer, DirectoryString, DN, ObjectClass etc
- added automatic registration of attribute handlers for well-known
attribute names 'cn', 'dc', 'dn', 'ou' and 'objectClass'
- converted the objectSid special handlers for Samba to the new system
- added more correct handling of indexing in tdb backend based on the
attribute canonicalisation function
- added generic support for subclasses, moving it out of the tdb
backend. This will be used in future by the schema module
- fixed several bugs in the dn_explode code. It still needs more
work, but doesn't corrupt ldb dbs any more.
(This used to be commit 944c5844ab441b96d8e5d7b2d151982139d1fab9)
|
|
(This used to be commit 7ccf21ab4eeb9821e457308a239f2103a106fb12)
|
|
bug was being silently ignored with the tdb backend because of this
bug. A case where the ldap backend was right, and the tdb backend was
wrong!
(This used to be commit ddb26db763c314049043d80d27113226c0f2e656)
|
|
(This used to be commit 57132344b4e39a670e683b3db00665e5f7a899fd)
|
|
cmdline credentials code (which will be done soon)
- added a ldb_init() call, and changed ldb_connect() to take a ldb
context. This allows for much better error handling in
ldb_connect(), and also made the popt conversion easier
- fixed up all the existing backends with the new syntax
- improved error handling in *_connect()
- fixed a crash bug in the new case_fold_required() code
- ensured that ltdb_rename() and all ltdb_search() paths get the read lock
- added a ldb_oom() macro to make it easier to report out of memory
situations in ldb code
(This used to be commit f648fdf187669d6d87d01dd4e786b03cd420f220)
|
|
(This used to be commit ce9966e091d36f66d409ac6f7b5e462c9dc37325)
|
|
(This used to be commit 0a64948152a446b5e127578d49b1ed8a90a1a222)
|
|
Old way was ugly and had a bug, you couldn't add an attribute named
dn or distinguishedName and search for it, tdb would change that search in a dn search.
This makes it also possible to search by dn against an ldap server as the old method was
not supported by ldap syntaxes.
sss
(This used to be commit a614466dec2484a0d39bdfae53da822cfcf80926)
|
|
(This used to be commit 42cbb155c20779c458f727488c8554842b24681b)
|
|
(This used to be commit 0c44a67001b9ae91c1ba7fc52f22d1eafc22dcc7)
|
|
using to perform such things as bitop tests on integers.
So far I have only added support for the 1.2.840.113556.1.4.803 and
1.2.840.113556.1.4.804 rules, which are for bitwise and/or
(This used to be commit 5f773b065f1db959e59c02de68bcf30cef1a6c2c)
|
|
instead of a search expression. This allows our ldap server to pass
its ASN.1 parsed search expressions straight to ldb, instead of going
via strings.
- updated all the ldb modules code to handle the new interface
- got rid of the separate ldb_parse.h now that the ldb_parse
structures are exposed externally
- moved to C99 structure initialisation in ldb
- switched ldap server to using ldb_search_bytree()
(This used to be commit 96620ab2ee5d440bbbc51c1bc0cad9977770f897)
|
|
potentially use
it in our ldap client code, instead of replicating all the code
(This used to be commit 5b3575d9303d54a771e080a670dcd2f444b10c20)
|
|
called from multiple backends. (ldb_sqlite3 needs it too.) Added parameter
for a callback function that determines whether an attribute needs case
folding.
- begin to prepare for sqlite3 in build process
- work-in-progress updates, on ldb_sqlite3
(This used to be commit a80bced0b96ffb655559a43cf7f4d7a34deb5a7d)
|
|
this demonstrates that we need a improved test suite as well
(This used to be commit 959c73e93faa243154288c91a716e5a293d7a51c)
|
|
this object properties are now used as multivalue attributes
now all values inserted are checked against a "valid values table"
eg:
this form is now accepted:
dn: @ATTRIBUTES
uid: CASE_INSENSITIVE
uid: WILDCARD
this form is now rejected:
dn: @ATTRIBUTES
uid: CASE_INSENSITIVE WILDCARD
please update your .ldb files if you make use of @ATTRIBUTES
(sam.ldb heavily uses it)
the code passes all make test tests for both tdb and ldap, it also
passes the new test to check for wrong @ATTRIBUTES attribute values
Simo.
(This used to be commit 1295b891a26c2cb2c34540f90ded83390cf87da2)
|
|
attributes
example:
*: CASE_INSENSITIVE
by placing it in the @ATTRIBUTES object you make all the matching be case insensitive
to make an excepion to the general rule now you just need to create an entry like:
name: CASE_SENSITIVE
the key CASE_SENSITIVE currently does not exist but has the effect of making the code
ignore the wildcard default flag and being ldb case sensitive by default it let the
"name" attribute be case sensitive again
Tridge, can you look at this commit?
Should we introduce a CASE_SENSITVE/BINARY flag and handle it in the code ?
Simo.
(This used to be commit 5f10707e8ac36db03f3aa3e1ee1c40a9d9da2016)
|
|
that ldb_search() sees a single consistent view of the database (by
blocking writes during a ldb_search)
(This used to be commit 917f2a8a073fd501f0626bea4f9deb91b95fdc90)
|
|
Just use talloc_free() to release the memory after an ldb_search().
(This used to be commit 4f0948dab0aa5e8b6a4ce486f3668ca8dfae23db)
|
|
changes:
- ldb_wrap disappears from code and become a private structure of db_wrap.c
thanks to our move to talloc in ldb code, we do not need to expose it anymore
- removal of ldb_close() function form the code
thanks to our move to talloc in ldb code, we do not need it anymore
use talloc_free() to close and free an ldb database
- some minor updates to ldb modules code to cope with the change and fix some
bugs I found out during the process
(This used to be commit d58be9e74b786a11a57e89df36081d55730dfe0a)
|
|
the case sensitive/insensitive flags on sections of a dn. So if a dn
is made up of 4 attributes, and 2 of those are case insensitive and 2
are case sensitive, then all the attribute names are uppercases, but
only the values of the case insensitive attributes are uppercased when
forming the tdb key.
- added code to canonicalise the dn, removing leading and trailing
spaces from attribute names and values
- when the @ATTRIBUTES record changes, fix the dn keys of any records that should now have new
dn keys due to changes in the case sensitivity of the record
I really did this to allow me to make the WINS database properly case
insensitive, but it is also the correct general fix for ldb, as it
matches the LDAP specification (and w2k LDAP server behaviour)
(This used to be commit 0f034dc5636d182a1d9207ad662b3fc8df7ca3e4)
|