Age | Commit message (Collapse) | Author | Files | Lines |
|
This code applies correct ldap standard wildcard matching code
removes WILDCARD matching from tdb @ATTRIBUTES, that's now handled independently
adds some more tests for wildcard matching
fixes dn comparison code in ldb_match
(This used to be commit 4eb5863042011988d85092d7dde3d809aa15bd59)
|
|
(This used to be commit 2e328e6c2fc2c66b0d0de910cd43ab232049bc90)
|
|
- we do not support multpiple attribute components anymore, makes code a lot easier
they will be readded later if we found out they are really used, so far my tests
show w2k3 do not handle them as well
- fix escaping issues, move component value to be in an ldb_val structure
still need to handle binary values case
- make cononicalize functions leak less memory by giving a specific memory context
- fix tests scripts so that test-ldap can start
- make test not delete databases on completion so that I can inspect them
(This used to be commit 624a73148d125690ce18515f19231d26df207738)
|
|
canonicalisation
- added support for recognising the S- form of objectsid in search
expressions. I thought this could be done with just a comparison
modified comparison function, but it turns out it also needs a
canonicalisation function so that indexing can work
(This used to be commit 7d2bee2c5619f284375ecbed14371c5e8639ed1c)
|
|
- moved the knowledge of attribute types out of ldb_tdb and into the
generic ldb code. This allows the ldb_match() message match logic
to be generic, so it can be used by other backend
- added the generic ability to load attribute handlers, for
canonicalisation, compare, ldif read and ldif write. In the future
this will be used by the schema module to allow us to correctly
obey the attributetype schema elements
- added attribute handlers for some of the core ldap attribute types,
Integer, DirectoryString, DN, ObjectClass etc
- added automatic registration of attribute handlers for well-known
attribute names 'cn', 'dc', 'dn', 'ou' and 'objectClass'
- converted the objectSid special handlers for Samba to the new system
- added more correct handling of indexing in tdb backend based on the
attribute canonicalisation function
- added generic support for subclasses, moving it out of the tdb
backend. This will be used in future by the schema module
- fixed several bugs in the dn_explode code. It still needs more
work, but doesn't corrupt ldb dbs any more.
(This used to be commit 944c5844ab441b96d8e5d7b2d151982139d1fab9)
|
|
(This used to be commit 7ccf21ab4eeb9821e457308a239f2103a106fb12)
|
|
bug was being silently ignored with the tdb backend because of this
bug. A case where the ldap backend was right, and the tdb backend was
wrong!
(This used to be commit ddb26db763c314049043d80d27113226c0f2e656)
|
|
(This used to be commit 57132344b4e39a670e683b3db00665e5f7a899fd)
|
|
cmdline credentials code (which will be done soon)
- added a ldb_init() call, and changed ldb_connect() to take a ldb
context. This allows for much better error handling in
ldb_connect(), and also made the popt conversion easier
- fixed up all the existing backends with the new syntax
- improved error handling in *_connect()
- fixed a crash bug in the new case_fold_required() code
- ensured that ltdb_rename() and all ltdb_search() paths get the read lock
- added a ldb_oom() macro to make it easier to report out of memory
situations in ldb code
(This used to be commit f648fdf187669d6d87d01dd4e786b03cd420f220)
|
|
(This used to be commit ce9966e091d36f66d409ac6f7b5e462c9dc37325)
|
|
(This used to be commit 0a64948152a446b5e127578d49b1ed8a90a1a222)
|
|
Old way was ugly and had a bug, you couldn't add an attribute named
dn or distinguishedName and search for it, tdb would change that search in a dn search.
This makes it also possible to search by dn against an ldap server as the old method was
not supported by ldap syntaxes.
sss
(This used to be commit a614466dec2484a0d39bdfae53da822cfcf80926)
|
|
(This used to be commit 42cbb155c20779c458f727488c8554842b24681b)
|
|
(This used to be commit 0c44a67001b9ae91c1ba7fc52f22d1eafc22dcc7)
|
|
using to perform such things as bitop tests on integers.
So far I have only added support for the 1.2.840.113556.1.4.803 and
1.2.840.113556.1.4.804 rules, which are for bitwise and/or
(This used to be commit 5f773b065f1db959e59c02de68bcf30cef1a6c2c)
|
|
instead of a search expression. This allows our ldap server to pass
its ASN.1 parsed search expressions straight to ldb, instead of going
via strings.
- updated all the ldb modules code to handle the new interface
- got rid of the separate ldb_parse.h now that the ldb_parse
structures are exposed externally
- moved to C99 structure initialisation in ldb
- switched ldap server to using ldb_search_bytree()
(This used to be commit 96620ab2ee5d440bbbc51c1bc0cad9977770f897)
|
|
potentially use
it in our ldap client code, instead of replicating all the code
(This used to be commit 5b3575d9303d54a771e080a670dcd2f444b10c20)
|
|
called from multiple backends. (ldb_sqlite3 needs it too.) Added parameter
for a callback function that determines whether an attribute needs case
folding.
- begin to prepare for sqlite3 in build process
- work-in-progress updates, on ldb_sqlite3
(This used to be commit a80bced0b96ffb655559a43cf7f4d7a34deb5a7d)
|
|
this demonstrates that we need a improved test suite as well
(This used to be commit 959c73e93faa243154288c91a716e5a293d7a51c)
|
|
this object properties are now used as multivalue attributes
now all values inserted are checked against a "valid values table"
eg:
this form is now accepted:
dn: @ATTRIBUTES
uid: CASE_INSENSITIVE
uid: WILDCARD
this form is now rejected:
dn: @ATTRIBUTES
uid: CASE_INSENSITIVE WILDCARD
please update your .ldb files if you make use of @ATTRIBUTES
(sam.ldb heavily uses it)
the code passes all make test tests for both tdb and ldap, it also
passes the new test to check for wrong @ATTRIBUTES attribute values
Simo.
(This used to be commit 1295b891a26c2cb2c34540f90ded83390cf87da2)
|
|
attributes
example:
*: CASE_INSENSITIVE
by placing it in the @ATTRIBUTES object you make all the matching be case insensitive
to make an excepion to the general rule now you just need to create an entry like:
name: CASE_SENSITIVE
the key CASE_SENSITIVE currently does not exist but has the effect of making the code
ignore the wildcard default flag and being ldb case sensitive by default it let the
"name" attribute be case sensitive again
Tridge, can you look at this commit?
Should we introduce a CASE_SENSITVE/BINARY flag and handle it in the code ?
Simo.
(This used to be commit 5f10707e8ac36db03f3aa3e1ee1c40a9d9da2016)
|
|
that ldb_search() sees a single consistent view of the database (by
blocking writes during a ldb_search)
(This used to be commit 917f2a8a073fd501f0626bea4f9deb91b95fdc90)
|
|
Just use talloc_free() to release the memory after an ldb_search().
(This used to be commit 4f0948dab0aa5e8b6a4ce486f3668ca8dfae23db)
|
|
changes:
- ldb_wrap disappears from code and become a private structure of db_wrap.c
thanks to our move to talloc in ldb code, we do not need to expose it anymore
- removal of ldb_close() function form the code
thanks to our move to talloc in ldb code, we do not need it anymore
use talloc_free() to close and free an ldb database
- some minor updates to ldb modules code to cope with the change and fix some
bugs I found out during the process
(This used to be commit d58be9e74b786a11a57e89df36081d55730dfe0a)
|
|
the case sensitive/insensitive flags on sections of a dn. So if a dn
is made up of 4 attributes, and 2 of those are case insensitive and 2
are case sensitive, then all the attribute names are uppercases, but
only the values of the case insensitive attributes are uppercased when
forming the tdb key.
- added code to canonicalise the dn, removing leading and trailing
spaces from attribute names and values
- when the @ATTRIBUTES record changes, fix the dn keys of any records that should now have new
dn keys due to changes in the case sensitivity of the record
I really did this to allow me to make the WINS database properly case
insensitive, but it is also the correct general fix for ldb, as it
matches the LDAP specification (and w2k LDAP server behaviour)
(This used to be commit 0f034dc5636d182a1d9207ad662b3fc8df7ca3e4)
|
|
less likely that anyone will use pstring for new code
- got rid of winbind_client.h from includes.h. This one triggered a
huge change, as winbind_client.h was including system/filesys.h and
defining the old uint32 and uint16 types, as well as its own
pstring and fstring.
(This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
|
|
- removed the u32 hack in events.c as I think this was only needed as
tdb.h defines u32. Metze, can you check that this hack is indeed no
longer needed on your suse system?
(This used to be commit 6f79432fe656164d4770dbce114a30dda5e7bf9a)
|
|
(This used to be commit 7be0bc93bd6757e52fd10bd3d3b3d1a8f5221452)
|
|
samba-technical posting), this is an interim solution that makes us
work pretty much like w2k3 does.
(This used to be commit 789325145651f2f6fc8716aa4bced83a2eb31994)
|
|
this helps standalone building of ldb
renew the schema module
split code into functions to improve readability and code reuse
add and modify works correctly but we need a proper testsuite
Simo
(This used to be commit a681ae365ff1b5a2771b42ebd90336651ce1e513)
|
|
(This used to be commit 1dfc41c9a3b6418236a1f04b5cf3f9ef9e8b608e)
|
|
is always
allocated as a child of the right context
(This used to be commit 1071712cf5951fa2e94f314bd7678cfa51b2dbcd)
|
|
(This used to be commit 4edbd1b18ee38e584cf844b64c7fcb2645921837)
|
|
- added gcov flags to Makefile.ldb
- expanded ldb test suite to get more coverage
(This used to be commit 0ab98f50a7e0fe15347a99e5c29a6590a87729a0)
|
|
outside the tree, instead defined _SAMBA_BUILD_ inside the Samba
build. This makes it easier to pull code out of Samba for external
use.
(This used to be commit 09e98c8745cca7ccb1ad7134c0c09b8e4c0f4f06)
|
|
amazed we got along for so long with this bug!
(This used to be commit 937159cf2c6ae08808bd10946fcdbd8741e1a560)
|
|
'(&(objectclass=domain)(!(objectclass=builtindomain)))' fell
back to a full search.
Volker
(This used to be commit 55c9fbd4f4afdde30a0d92bfd31f5c9ebb98c59b)
|
|
could end
up with a corrupt data structure on disk, namely with two attribute structures
for the same attribute name.
Volker
(This used to be commit 284044b5b20102894a8128f84ab41d59cfcc9285)
|
|
modify call
(This used to be commit 58fcc326241e73cc8a122e6130b5ff0d6a3b9232)
|
|
index entries were not always being removed on modify
(This used to be commit 9c668e7b43dc2d82d3d639b64c53e887723ccba7)
|
|
operation, but not if the value already exists
- fixed syntax of test.ldif for ldap backend
(This used to be commit 29225d0bec39038e42e68849bd9378898f062081)
|
|
uint32 != uint8_t ...
metze
(This used to be commit a8a3b8ee341fda041383df225ea2b7f9b589fc04)
|
|
this caused new ldb record to be corrupt if the length was > 12b byte
thanks tridge for finding this
metze
(This used to be commit 6998c37b473d8efeb2ed5285f10f469a29ad787a)
|
|
metze
(This used to be commit 79d0eb2f677f9e985ba476a9680f68537d41be6f)
|
|
(This used to be commit a99c0adb09e2bc77b876d23cb2d0711ccffd83ca)
|
|
- split ldh.h out of samba's includes.h
- make ldb_context and ldb_module private to the subsystem
- use ltdb_ prefix for all ldb_tdb functions
metze
(This used to be commit f5ee40d6ce8224e280070975efc9911558fe675c)
|
|
metze
(This used to be commit 9003698e0fba28551d41d41dec159cc9c42ce7d2)
|
|
(This used to be commit 71323f424b4561af1fdddd2358629049be3dad8c)
|
|
- reenable index tests
metze
(This used to be commit 1e7e94fdb10db831090f9bd37e39053dfcde04ce)
|
|
- add tests for ldbrename
- disable all tests which regenerate the index
(this is broken for me...the process hangs,
tridge we need to discuss that)
- link only the needed stuff to the ldb tools
- build ldbtest inside samba
metze
(This used to be commit 18552f4786c24e0019cc87726ef4c05365fe586e)
|