Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
than linking against the python module.
|
|
to each other.
|
|
When a attribute is marked unique we know that if we find a match
it will be the only possible match. This means that in a list of
subtrees connected by an &, it is best to first load the index values
for the unique entries, as if they find something then we know we
won't have to look any further.
This helps with searches like this:
(&(objectclass=user)(samaccountname=tridge))
the old code would first have loaded the very large index for the
objectclass=user attribute, and then loaded the single entry for
samaccountname=tridge. Now we load the samaccountname=tridge entry
first, notice that it gives us a single result, and stop, thereby
skipping the load of the objectclass=user index record completely.
|
|
When a attribute is marked as LDB_ATTR_FLAG_UNIQUE_INDEX then attempts
to add a 2nd record that has the same attribute value for this
attribute as another record will fail.
This provides a much more efficient mechanism for ensuring that
attributes like objectGUID are unique
|
|
This fixes a bug where we would look at an uninitialised
dn->linearized
|
|
|
|
When looking at performance problems with ldb it can be useful to see
which searches causes unindexed full searches. This makes it easy to
enable that.
|
|
one-level indexing was not always effective due to some broken logic
in the indexing code. This change means that if normal indexing fails,
we can still fall back on one-level indexing.
This reduces the number of full unindexed searches in s4 quite a lot
|
|
The sheer volume of messages generated by tevent when the trace level is set to
10 makes it difficult to debug issues in a level 10 log. Increasing this to
50 allows tevent tracing to be enabled if needed, but otherwise keeps the extra
chatter out of a level 10 log.
|
|
|
|
|
|
of LDB
(including the one in Samba 3).
|
|
|
|
The parentGUID test didn't clean up after itself correctly.
Andrew Bartlett
|
|
|
|
|
|
This is all working towards supporting the full WSPP schema without a
major performance penalty.
We now use binary searches when looking up classes and attributes. We
also avoid the loop loading the attributes into ldb, by adding a hook
to override the ldb attribute search function in a module. The
attributes can thus be loaded once, and then saved as part of the
global schema.
Also added support for a few more key attribute syntaxes, as needed
for the full schema.
|
|
|
|
This op will be used by the partition module to give us good
transaction semantics across the 4 partitions that sam.ldb uses.
|
|
|
|
it implicitly.
|
|
|
|
|
|
Fix for the problem was substitute talloc_strndup() with
talloc_memdup(), allocate 1 more character and put null character
('\0') in the extra place so data copied is null terminated.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
|
|
|
|
I want to mix this with the server-side sort in particular.
Andrew Bartlett
|
|
This simplifies the code, removes presumptions about being the only
control in the reply, and allows it to function against Windows 2008.
For searches which did not require a paged result, the module was
simply returning a failure when the compleated search did not include
a paged result control.
Andrew Bartlett
|
|
|
|
|
|
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
This is made up of 4 parts:
1) change our schema to include the parentGUID attribute type
2) in the add hook in the objectclass module, get the objectGUID of
the parent and add it to the message as parentGUID
3) in the rename hook in the objectclass module, get the objectGUID
of the new parent, and insert an async modify request after the
renmam is done
4) added a simple test suite
|
|
|
|
|
|
metze
|
|
metze
|
|
metze
|
|
Extended operations return was not going thorugh the same patch as others
leaving the ctx around. Plus we were neutralizing the spy too early so that it
didn't set the request_terminated flag as it should have.
This should hopefully fix the failures in the build farm.
|
|
In some code paths ltdb_context was still referenced even after we were returned
an error by one of the callbacks. Because the interface assumes that once an
error is returned the ldb_request may be freed, and because the ltdb_context was
allocated as a child of the request, this might cause access to freed memory.
Allocate the ltdb_context on ldb, and keep track of what's going on with the
request by adding a spy children on it. This way even if the request is freed
before the ltdb_callback is called, we will safely free the ctx and just quietly
return.
|
|
Simo reminded me that when (long ago) I moved parse_controls away from
this place, I forgot to update the manually maintained header file.
Andrew Bartlett
|
|
|
|
consistency with Samba 3.
|
|
This should bring the build on AIX one step further.
metze
|
|
|
|
metze
|
|
Jeremy.
|
|
do not reference it from ldb.h
|
|
behavior anyway, and given we can only have one transaction active per
ldb context this is the only sane model we can support.
Fix ldb_tdb transactions, we could return back with an error with neither
committing nor canceling the actual tdb transaction in some error paths
within the ltdb commit and cancel transaction paths.
Added also some debugging to trace what was going on.
|
|
Our packet layer relies on the event system reliably telling us when a
packet is available. When we are using a socket layer like TLS then
things get a bit trickier, as there may be bytes in the encryption
buffer which could be read even if there are no bytes at the socket
level. The GNUTLS library is supposed to prevent this happening by
always leaving some data at the socket level when there is data to be
processed in its buffers, but it seems that this is not always
reliable.
To work around this I have added a new packet option
packet_set_unreliable_select() which tells the packet layer to not
assume that the socket layer has a reliable select, and to instead
keep trying to read from the socket until it gets back no data. This
option is set for the ldap client and server when TLS is negotiated.
This seems to fix the problems with the ldaps tests.
|