Age | Commit message (Collapse) | Author | Files | Lines |
|
canonicalisation
- added support for recognising the S- form of objectsid in search
expressions. I thought this could be done with just a comparison
modified comparison function, but it turns out it also needs a
canonicalisation function so that indexing can work
(This used to be commit 7d2bee2c5619f284375ecbed14371c5e8639ed1c)
|
|
- moved the knowledge of attribute types out of ldb_tdb and into the
generic ldb code. This allows the ldb_match() message match logic
to be generic, so it can be used by other backend
- added the generic ability to load attribute handlers, for
canonicalisation, compare, ldif read and ldif write. In the future
this will be used by the schema module to allow us to correctly
obey the attributetype schema elements
- added attribute handlers for some of the core ldap attribute types,
Integer, DirectoryString, DN, ObjectClass etc
- added automatic registration of attribute handlers for well-known
attribute names 'cn', 'dc', 'dn', 'ou' and 'objectClass'
- converted the objectSid special handlers for Samba to the new system
- added more correct handling of indexing in tdb backend based on the
attribute canonicalisation function
- added generic support for subclasses, moving it out of the tdb
backend. This will be used in future by the schema module
- fixed several bugs in the dn_explode code. It still needs more
work, but doesn't corrupt ldb dbs any more.
(This used to be commit 944c5844ab441b96d8e5d7b2d151982139d1fab9)
|
|
fixed shortly
(This used to be commit a9c32445035a09978c5fdbc189a2767e7650dfc2)
|
|
- add tests for the @SUBCLASSES ltdb special
(This used to be commit ad6e62fdcf0432fcf4d41edb1727cbba1b7528b7)
|
|
(This used to be commit 5efea40ea63b6951b3bd4362f1ae57f960fefecf)
|
|
(This used to be commit 25d3872a6ebbc152a83695e667f5d08e69c8c8ea)
|
|
pending, which I know break lots of features, still passed our test
suite! Now they don't.
(This used to be commit 5801167c8dfc8a61bfeac396bca8ffd3d5270296)
|
|
(This used to be commit 2de986455c9b616132f06a69c2f135019da2bb8b)
|
|
a few minor issues.
Move ldb manpages one level higher - there is no longer a need to have
subdirectories.
(This used to be commit e8e3524b2394f4107230715ea38fb619332e0251)
|
|
Not part of the "all" make target yet, as it requires xsltproc
(This used to be commit fd3f4636438cf1d9c0dd802064033271b9e4d935)
|
|
(This used to be commit 3898cdb0dc4722a7eb60a61b54ef778dab475aed)
|
|
(This used to be commit 7ccf21ab4eeb9821e457308a239f2103a106fb12)
|
|
this was breaking ldbadd on some platforms
(This used to be commit dd0ac3f68d709c0364d992673e76db73398c0369)
|
|
(This used to be commit 8e1431efcf0df797bc50ef584c38fce6a03429b3)
|
|
I'd really rather see this code completely replaced, but I'll leave
that to simo (he has volunteered) :-)
(This used to be commit cc2e08d68e27aa203ccc26e8d544a86de3399877)
|
|
(This used to be commit 56f4af5f210da472d41d9bcf6918647181f6ad16)
|
|
quite a large change as we had lots of code that assumed that
objectSid was a string in S- format.
metze and simo tried to convince me to use NDR format months ago, but
I didn't listen, so its fair that I have the pain of fixing all the
code now :-)
This builds on the ldb_register_samba_handlers() and ldif handlers
code I did earlier this week. There are still three parts of this
conversion I have not finished:
- the ltdb index records need to use the string form of the objectSid
(to keep the DNs sane). Until that it done I have disabled indexing on
objectSid, which is a big performance hit, but allows us to pass
all our tests while I rejig the indexing system to use a externally
supplied conversion function
- I haven't yet put in place the code that allows client to use the
"S-xxx-yyy" form for objectSid in ldap search expressions. w2k3
supports this, presumably by looking for the "S-" prefix to
determine what type of objectSid form is being used by the client. I
have been working on ways to handle this, but am not happy with
them yet so they aren't part of this patch
- I need to change pidl to generate push functions that take a
"const void *" instead of a "void*" for the data pointer. That will
fix the couple of new warnings this code generates.
Luckily it many places the conversion to NDR formatted records
actually simplified the code, as it means we no longer need as many
calls to dom_sid_parse_talloc(). In some places it got more complex,
but not many.
(This used to be commit d40bc2fa8ddd43560315688eebdbe98bdd02756c)
|
|
it into.
sss
(This used to be commit 5b41e3202456549250e6e5b1c63bd45ea7500fa3)
|
|
(This used to be commit 863beef35b769c5a531819c974754aea2a790921)
|
|
(This used to be commit 42c42f6611fa295ca60782661781d023c4fdaf8b)
|
|
ldapsearch. They look for an '=' in the first argument to see if it is
a search expression, and if not then it does an 'all records' search
(This used to be commit 91cc009fedefa7b263b345dfa511800e0f4f66a8)
|
|
(This used to be commit 20c84f5c5219c6f306888771b56e0dfdeb8fd774)
|
|
potentially real records
(This used to be commit 2a426f654db668f4bfc899771dd11598e295b774)
|
|
of tests
in tests/test-sqlite3.sh (tests/test-generic.sh).
There are lots of optimizations still TBD, and some things are REALLY slow
right now (e.g. each add() operation takes 1/3 - 1/2 second) but it's ready for
interested parties to poke it and prod it and see how (un)reasonable it is.
Play away.
Still to be implemented or improved:
- tdb specials (@MODULES, @SUBCLASSES, etc.)
- all DNs are case-folded in their entirty right now (since doing otherwise
would require @ATTRIBUTES to be implemented)
- speed improvements and optimizations. I am quite confident that the
excessively slow add() operation can be much improved, and other areas
can be somewhat improved.
(This used to be commit 1dd865005594671e7effe06fb088fa97fa08de0b)
|
|
(This used to be commit 0a8c722c8017e20635223b2c5dfc58759478312c)
|
|
(This used to be commit 2b2675055e5113eccb0b876799b226d480335495)
|
|
does
(This used to be commit 38a14396262eeb279d67c2f0da06bfa0706a3be4)
|
|
them just yet. I have tested them, and they work fine, but enabling
them will break code in rpc_server/ and samdb, so we need to fix that
first
(This used to be commit 07d459406b4c63e49141e0e533e1274b4052abf9)
|
|
so that ldbedit, ldbsearch etc can display nice human readable ldif,
while storing the data as binary blobs. This will be used for storing
NDR encoded objectSid and similar attributes, while making the command
line interface sane
(This used to be commit 37e283089a846fc0608fef3981a3447300e33728)
|
|
bug was being silently ignored with the tdb backend because of this
bug. A case where the ldap backend was right, and the tdb backend was
wrong!
(This used to be commit ddb26db763c314049043d80d27113226c0f2e656)
|
|
for use by backends.
Currently only EventContext is used in this way.
(This used to be commit 9fa21b245843371f7777682ee4e5b98e2925b4d0)
|
|
(This used to be commit 97e4ba84fb4cf4b95270c5d49b6bb8a9a92feaac)
|
|
(This used to be commit 818ae965afad37216d804aa630359d875794612e)
|
|
- fixed some infinite loops in asn1.c
- ensure asn1 callers know if an error is end of buffer or bad data
- handle npending 0 in ldap server
(This used to be commit f22c3b84c8912ccd36e676a782b58f1841be8875)
|
|
(This used to be commit 3d60b3a8eea5ac6c35cf2e579ae12cef3dc1794e)
|
|
(This used to be commit a440133140a6adb5ea62d37690b9c4ae74dc6be0)
|
|
(This used to be commit cf17f90a83cf04815544c5408eb56d00546b3e88)
|
|
(This used to be commit fe2b77af2352f1964402a4286105916e990dc36f)
|
|
(This used to be commit 57132344b4e39a670e683b3db00665e5f7a899fd)
|
|
- handle ldb_errstring() calls on failed connect
(This used to be commit 8698a20fcc6a04ccbe533afd742e7a5df94423ee)
|
|
is not specified, so:
ldbsearch ldap://hostname '(objectclass=user)'
works without knowing the domain name
(This used to be commit f6c2c5190737ca11f55a147f5295ccca505fb58b)
|
|
encrypted ldbedit against w2k3
(This used to be commit 6277c3923e7d9c26753424b1e77ac62f8e0729a4)
|
|
(This used to be commit aec0544962483b3cd8507b2de6d1552691e72932)
|
|
(This used to be commit 5e8db1c9b3bb6c5196652a7af877b4204148c305)
|
|
cmdline credentials code (which will be done soon)
- added a ldb_init() call, and changed ldb_connect() to take a ldb
context. This allows for much better error handling in
ldb_connect(), and also made the popt conversion easier
- fixed up all the existing backends with the new syntax
- improved error handling in *_connect()
- fixed a crash bug in the new case_fold_required() code
- ensured that ltdb_rename() and all ltdb_search() paths get the read lock
- added a ldb_oom() macro to make it easier to report out of memory
situations in ldb code
(This used to be commit f648fdf187669d6d87d01dd4e786b03cd420f220)
|
|
This takes our link dependencies from this:
tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch
libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000)
libldap_r.so.2 => /usr/lib/libldap_r.so.2 (0xb7f92000)
liblber.so.2 => /usr/local/lib/liblber.so.2 (0xb7f85000)
libpam.so.0 => /lib/libpam.so.0 (0xb7f7d000)
libc.so.6 => /lib/tls/libc.so.6 (0xb7e48000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000)
libresolv.so.2 => /lib/tls/libresolv.so.2 (0xb7e36000)
libcrypt.so.1 => /lib/tls/libcrypt.so.1 (0xb7e09000)
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7df3000)
libgnutls.so.11 => /usr/lib/libgnutls.so.11 (0xb7d8c000)
libpthread.so.0 => /lib/tls/libpthread.so.0 (0xb7d7d000)
libtasn1.so.2 => /usr/lib/libtasn1.so.2 (0xb7d6d000)
libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7d20000)
libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7d1c000)
libz.so.1 => /usr/lib/libz.so.1 (0xb7d09000)
libnsl.so.1 => /lib/tls/libnsl.so.1 (0xb7cf5000)
to this:
tridge@blu:~/samba/samba4/source$ ldd bin/ldbsearch
libdl.so.2 => /lib/tls/libdl.so.2 (0xb7fc9000)
libpam.so.0 => /lib/libpam.so.0 (0xb7fc0000)
libc.so.6 => /lib/tls/libc.so.6 (0xb7e8b000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7fea000)
this finally gets rid of the implicit dependency on pthreads! Yay!
(This used to be commit 844d2a20830a4666b6c38f6a58305be64b6b76fa)
|
|
Next step is to
remove the check for the ldap libraries in configure
(This used to be commit 74841dbb2a86bb1c584b5c26c4cd24a818a65a34)
|
|
(This used to be commit ac3f33c61555a2afa30fe446676013564982e257)
|
|
(This used to be commit 8735188b46d4bb6c3d63d22a8c6f3fad2c82df89)
|
|
(This used to be commit b38bb63175ae0bdcf833c017e5fbbfc2c0769506)
|