Age | Commit message (Collapse) | Author | Files | Lines |
|
canonicalisation
- added support for recognising the S- form of objectsid in search
expressions. I thought this could be done with just a comparison
modified comparison function, but it turns out it also needs a
canonicalisation function so that indexing can work
(This used to be commit 7d2bee2c5619f284375ecbed14371c5e8639ed1c)
|
|
- moved the knowledge of attribute types out of ldb_tdb and into the
generic ldb code. This allows the ldb_match() message match logic
to be generic, so it can be used by other backend
- added the generic ability to load attribute handlers, for
canonicalisation, compare, ldif read and ldif write. In the future
this will be used by the schema module to allow us to correctly
obey the attributetype schema elements
- added attribute handlers for some of the core ldap attribute types,
Integer, DirectoryString, DN, ObjectClass etc
- added automatic registration of attribute handlers for well-known
attribute names 'cn', 'dc', 'dn', 'ou' and 'objectClass'
- converted the objectSid special handlers for Samba to the new system
- added more correct handling of indexing in tdb backend based on the
attribute canonicalisation function
- added generic support for subclasses, moving it out of the tdb
backend. This will be used in future by the schema module
- fixed several bugs in the dn_explode code. It still needs more
work, but doesn't corrupt ldb dbs any more.
(This used to be commit 944c5844ab441b96d8e5d7b2d151982139d1fab9)
|
|
fixed shortly
(This used to be commit a9c32445035a09978c5fdbc189a2767e7650dfc2)
|
|
- add tests for the @SUBCLASSES ltdb special
(This used to be commit ad6e62fdcf0432fcf4d41edb1727cbba1b7528b7)
|
|
memory loop with talloc_unlink(), so now we detect it and handle it
(This used to be commit 563058e78b8c74e821fabf6a43fa861c1ad09944)
|
|
(This used to be commit 5efea40ea63b6951b3bd4362f1ae57f960fefecf)
|
|
(This used to be commit 25d3872a6ebbc152a83695e667f5d08e69c8c8ea)
|
|
pending, which I know break lots of features, still passed our test
suite! Now they don't.
(This used to be commit 5801167c8dfc8a61bfeac396bca8ffd3d5270296)
|
|
(This used to be commit 2de986455c9b616132f06a69c2f135019da2bb8b)
|
|
possible. This is needed because w2k3 will return bogus IPs in its
name resolution replies when it has an unplugged network interface.
(This used to be commit 2fafc230520fb5bbe9f763de94aaba87b56f5411)
|
|
Andrew Bartlett
(This used to be commit 90e94a4630c24282cd93ee05e258877b38e24a57)
|
|
Andrew Bartlett
(This used to be commit 56a5ccd7d924343609698b034b91b4891fb3f08a)
|
|
a few minor issues.
Move ldb manpages one level higher - there is no longer a need to have
subdirectories.
(This used to be commit e8e3524b2394f4107230715ea38fb619332e0251)
|
|
Not part of the "all" make target yet, as it requires xsltproc
(This used to be commit fd3f4636438cf1d9c0dd802064033271b9e4d935)
|
|
(This used to be commit 3898cdb0dc4722a7eb60a61b54ef778dab475aed)
|
|
(This used to be commit 7ccf21ab4eeb9821e457308a239f2103a106fb12)
|
|
this was breaking ldbadd on some platforms
(This used to be commit dd0ac3f68d709c0364d992673e76db73398c0369)
|
|
(This used to be commit c1a0c2042d5bfce5781197919482481c007ff1b3)
|
|
sam database = sam.ldb
and it will know to put it in the private dir, but if you use
sam database = ldap://server
it knows to use it as-is
(This used to be commit c5bccbc366db144d3e1cb7b21f0e3284d841dd06)
|
|
(This used to be commit d2e9e95ea2cab80badc23f0f1d416295f0a4bf9c)
|
|
kernel a fatal error,
the individual services that need at least one known interface check for it anyway
this should fix provisioning on macosx
(This used to be commit 5ad0dc97d01e28dbce8bc9d6793db01809ad09b0)
|
|
(This used to be commit 8e1431efcf0df797bc50ef584c38fce6a03429b3)
|
|
I'd really rather see this code completely replaced, but I'll leave
that to simo (he has volunteered) :-)
(This used to be commit cc2e08d68e27aa203ccc26e8d544a86de3399877)
|
|
(This used to be commit 56f4af5f210da472d41d9bcf6918647181f6ad16)
|
|
Some of these should probably be re-added again later when
we need them. They should then be added to the appropriate config.m4 file
in the source tree rather then in rewrite.m4.
(This used to be commit 4eca613470139f6425f454aea016566f9deffa3e)
|
|
quite a large change as we had lots of code that assumed that
objectSid was a string in S- format.
metze and simo tried to convince me to use NDR format months ago, but
I didn't listen, so its fair that I have the pain of fixing all the
code now :-)
This builds on the ldb_register_samba_handlers() and ldif handlers
code I did earlier this week. There are still three parts of this
conversion I have not finished:
- the ltdb index records need to use the string form of the objectSid
(to keep the DNs sane). Until that it done I have disabled indexing on
objectSid, which is a big performance hit, but allows us to pass
all our tests while I rejig the indexing system to use a externally
supplied conversion function
- I haven't yet put in place the code that allows client to use the
"S-xxx-yyy" form for objectSid in ldap search expressions. w2k3
supports this, presumably by looking for the "S-" prefix to
determine what type of objectSid form is being used by the client. I
have been working on ways to handle this, but am not happy with
them yet so they aren't part of this patch
- I need to change pidl to generate push functions that take a
"const void *" instead of a "void*" for the data pointer. That will
fix the couple of new warnings this code generates.
Luckily it many places the conversion to NDR formatted records
actually simplified the code, as it means we no longer need as many
calls to dom_sid_parse_talloc(). In some places it got more complex,
but not many.
(This used to be commit d40bc2fa8ddd43560315688eebdbe98bdd02756c)
|
|
it into.
sss
(This used to be commit 5b41e3202456549250e6e5b1c63bd45ea7500fa3)
|
|
Steven Edwards <steven_ed4153@yahoo.com>.
I've moved the Win32-specific tests to win32.m4 so it does not
make any of the POSIX configure stuff more complicated.
(This used to be commit bf85fdd01552f75b745fdf3159a7a87cd6521ed2)
|
|
(This used to be commit 863beef35b769c5a531819c974754aea2a790921)
|
|
(This used to be commit 42c42f6611fa295ca60782661781d023c4fdaf8b)
|
|
ldapsearch. They look for an '=' in the first argument to see if it is
a search expression, and if not then it does an 'all records' search
(This used to be commit 91cc009fedefa7b263b345dfa511800e0f4f66a8)
|
|
(This used to be commit 20c84f5c5219c6f306888771b56e0dfdeb8fd774)
|
|
potentially real records
(This used to be commit 2a426f654db668f4bfc899771dd11598e295b774)
|
|
of tests
in tests/test-sqlite3.sh (tests/test-generic.sh).
There are lots of optimizations still TBD, and some things are REALLY slow
right now (e.g. each add() operation takes 1/3 - 1/2 second) but it's ready for
interested parties to poke it and prod it and see how (un)reasonable it is.
Play away.
Still to be implemented or improved:
- tdb specials (@MODULES, @SUBCLASSES, etc.)
- all DNs are case-folded in their entirty right now (since doing otherwise
would require @ATTRIBUTES to be implemented)
- speed improvements and optimizations. I am quite confident that the
excessively slow add() operation can be much improved, and other areas
can be somewhat improved.
(This used to be commit 1dd865005594671e7effe06fb088fa97fa08de0b)
|
|
support in Heimdal.
This removes the 'ext_keytab' step from my Samba4/WinXP client howto.
In doing this work, I realised that the replay cache in Heimdal is
currently a no-op, so I have removed the calls to it, and therefore
the mutex calls from passdb/secrets.c.
This patch also includes a replacement 'magic' mechanism detection,
that does not issue extra error messages from deep inside the GSSAPI
code.
Andrew Bartlett
(This used to be commit c19d5706f4fa760415b727b970bc99e7f1abd064)
|
|
(This used to be commit 0a8c722c8017e20635223b2c5dfc58759478312c)
|
|
(This used to be commit 2b2675055e5113eccb0b876799b226d480335495)
|
|
does
(This used to be commit 38a14396262eeb279d67c2f0da06bfa0706a3be4)
|
|
them just yet. I have tested them, and they work fine, but enabling
them will break code in rpc_server/ and samdb, so we need to fix that
first
(This used to be commit 07d459406b4c63e49141e0e533e1274b4052abf9)
|
|
so that ldbedit, ldbsearch etc can display nice human readable ldif,
while storing the data as binary blobs. This will be used for storing
NDR encoded objectSid and similar attributes, while making the command
line interface sane
(This used to be commit 37e283089a846fc0608fef3981a3447300e33728)
|
|
bug was being silently ignored with the tdb backend because of this
bug. A case where the ldap backend was right, and the tdb backend was
wrong!
(This used to be commit ddb26db763c314049043d80d27113226c0f2e656)
|
|
the two-way
tree nature of the data structure. I think I've finally got it right
also added talloc_show_parents() for debugging
(This used to be commit 5760ed20eed509b0b6e09e78c942dd0f70350fa9)
|
|
(This used to be commit ee3fe42fb16821eedd564201d953042190f7826f)
|
|
the previous commit for the method.
(This used to be commit b0ad505510b9df8e7f05fb646046114eb6b997ed)
|
|
These provide a way to find a parent of a ptr that is of a given
type. I will be using this to find the event context in smbd, relying
on the fact that everything is a child of the top level event
context. I did look at the alternatives, and found that passing the
event context to just about every call in smbd was getting way too
complex (we need to get it to anything that can do a ldb operation, as
that can invoke ldap).
So this method avoids a global, and seems to work nicely
(This used to be commit bdb55c7a10a516b75652065e14f5acd09d24ab35)
|
|
for use by backends.
Currently only EventContext is used in this way.
(This used to be commit 9fa21b245843371f7777682ee4e5b98e2925b4d0)
|
|
(This used to be commit bc6bc84ef4ad3434c6cb8d94a8d7a105ad2fd8c2)
|
|
(This used to be commit 71ee6a1df542b95c61217de71e6f56b8ce9d81b5)
|
|
(This used to be commit 97e4ba84fb4cf4b95270c5d49b6bb8a9a92feaac)
|
|
(This used to be commit 818ae965afad37216d804aa630359d875794612e)
|