Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
This is all working towards supporting the full WSPP schema without a
major performance penalty.
We now use binary searches when looking up classes and attributes. We
also avoid the loop loading the attributes into ldb, by adding a hook
to override the ldb attribute search function in a module. The
attributes can thus be loaded once, and then saved as part of the
global schema.
Also added support for a few more key attribute syntaxes, as needed
for the full schema.
|
|
|
|
This op will be used by the partition module to give us good
transaction semantics across the 4 partitions that sam.ldb uses.
|
|
|
|
it implicitly.
|
|
|
|
|
|
Fix for the problem was substitute talloc_strndup() with
talloc_memdup(), allocate 1 more character and put null character
('\0') in the extra place so data copied is null terminated.
Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
|
|
|
|
I want to mix this with the server-side sort in particular.
Andrew Bartlett
|
|
This simplifies the code, removes presumptions about being the only
control in the reply, and allows it to function against Windows 2008.
For searches which did not require a paged result, the module was
simply returning a failure when the compleated search did not include
a paged result control.
Andrew Bartlett
|
|
|
|
|
|
|
|
Signed-off-by: Michael Adam <obnox@samba.org>
|
|
This is made up of 4 parts:
1) change our schema to include the parentGUID attribute type
2) in the add hook in the objectclass module, get the objectGUID of
the parent and add it to the message as parentGUID
3) in the rename hook in the objectclass module, get the objectGUID
of the new parent, and insert an async modify request after the
renmam is done
4) added a simple test suite
|
|
|
|
|
|
metze
|
|
metze
|
|
metze
|
|
Extended operations return was not going thorugh the same patch as others
leaving the ctx around. Plus we were neutralizing the spy too early so that it
didn't set the request_terminated flag as it should have.
This should hopefully fix the failures in the build farm.
|
|
In some code paths ltdb_context was still referenced even after we were returned
an error by one of the callbacks. Because the interface assumes that once an
error is returned the ldb_request may be freed, and because the ltdb_context was
allocated as a child of the request, this might cause access to freed memory.
Allocate the ltdb_context on ldb, and keep track of what's going on with the
request by adding a spy children on it. This way even if the request is freed
before the ltdb_callback is called, we will safely free the ctx and just quietly
return.
|
|
Simo reminded me that when (long ago) I moved parse_controls away from
this place, I forgot to update the manually maintained header file.
Andrew Bartlett
|
|
|
|
consistency with Samba 3.
|
|
This should bring the build on AIX one step further.
metze
|
|
|
|
metze
|
|
Jeremy.
|
|
do not reference it from ldb.h
|
|
behavior anyway, and given we can only have one transaction active per
ldb context this is the only sane model we can support.
Fix ldb_tdb transactions, we could return back with an error with neither
committing nor canceling the actual tdb transaction in some error paths
within the ltdb commit and cancel transaction paths.
Added also some debugging to trace what was going on.
|
|
Our packet layer relies on the event system reliably telling us when a
packet is available. When we are using a socket layer like TLS then
things get a bit trickier, as there may be bytes in the encryption
buffer which could be read even if there are no bytes at the socket
level. The GNUTLS library is supposed to prevent this happening by
always leaving some data at the socket level when there is data to be
processed in its buffers, but it seems that this is not always
reliable.
To work around this I have added a new packet option
packet_set_unreliable_select() which tells the packet layer to not
assume that the socket layer has a reliable select, and to instead
keep trying to read from the socket until it gets back no data. This
option is set for the ldap client and server when TLS is negotiated.
This seems to fix the problems with the ldaps tests.
|
|
This fixes two things in the TLS support for Samba4. The first is to
use a somewhat more correct hostname instead of 'Samba' when
generating the test certificates. That allows TLS test clients (such
as gnutls-cli) to connect to Samba4 using auto-generated certificates.
The second fix is to add a call to gcry_control() to tell gcrypt to
use /dev/urandom instead of /dev/random (on systems that support
that). That means that test certificate generation is now very fast,
which was previously an impediment to putting the TLS tests on the
build farm.
|
|
metze
|
|
metze
|
|
|
|
|
|
e5a6eadd8214b56da34f733318a0fecaebbe5ef5
The registry api uses wild casts in the returned types, so we can't check
the talloc name against the type used in the public api...
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|
|
metze
|