1
0
mirror of https://github.com/samba-team/samba.git synced 2025-07-22 16:59:09 +03:00
Commit Graph

138 Commits

Author SHA1 Message Date
4889eb9f7a r19831: Big ldb_dn optimization and interfaces enhancement patch
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.

The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.

The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.

Simo.
(This used to be commit a580c871d3)
2007-10-10 14:28:22 -05:00
3c6b9db18f r19722: fix memory leaks and hierachie bugs
metze
(This used to be commit fddcbf5d4c)
2007-10-10 14:28:14 -05:00
132b046ec8 r19721: ldapsrv_SearchCallback isn't needed any more
ldb_search_default_callback does the same...

metze
(This used to be commit 0edac60ec6)
2007-10-10 14:28:13 -05:00
b7774527fa r19531: Make struct ldb_dn opaque and local to ldb_dn.c
(This used to be commit 889fb983ba)
2007-10-10 14:24:44 -05:00
899ae849e8 r19522: Remove gensec and credentials dependency from the rootdse module (less
dependency loops).

This moves the evaluation of the SASL mechansim list to display in the
rootDSE to the ldap server.

Andrew Bartlett
(This used to be commit 379da475e2)
2007-10-10 14:24:44 -05:00
31454d2e8b r18989: Fixes found by these two LDAP testsuites:
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/
- http://gleg.net/protover_ldap_sample.shtml

Also fixes found by a subsequent audit of the code for similar issues.
(This used to be commit 441a4f6262)
2007-10-10 14:20:26 -05:00
30ee8beb93 r18301: I discovered how to load the warnings from a build farm build into
emacs compile mode (hint, paste to a file, and compile as "cat
filename").

This allowed me to fix nearly all the warnings for a IA_64 SuSE build
very quickly.
(This used to be commit eba6c84eff)
2007-10-10 14:18:04 -05:00
0329d755a7 r17930: Merge noinclude branch:
* Move dlinklist.h, smb.h to subsystem-specific directories
 * Clean up ads.h and move what is left of it to dsdb/
   (only place where it's used)
(This used to be commit f7afa1cb77)
2007-10-10 14:16:54 -05:00
aeb8077b96 r17240: move extended operations to a new file
metze
(This used to be commit 0b16350fa2)
2007-10-10 14:10:23 -05:00
4cdcc17893 r17237: - keep pointer to the different sockets
- we need this to later:
  - to disallow a StartTLS when TLS is already in use
  - to place the TLS socket between the raw and sasl socket
    when we had a sasl bind before the StartTLS
  - and rfc4513 says that the server may allow to remove the TLS from
    the tcp connection again and reuse raw tcp
  - and also a 2nd sasl bind should replace the old sasl socket

metze
(This used to be commit 10cb9c07ac)
2007-10-10 14:10:22 -05:00
a6629e037a r17224: Accept the start-tls extended request. Getting OpenLDAP to recognise
our certificate, and proceed with the connection is left as an
exercise for the reader...

Andrew Bartlett
(This used to be commit 9bd66d4c95)
2007-10-10 14:10:21 -05:00
49f68caed2 r17186: "async" word abuse clean-up part 2
(This used to be commit c6aa60c7e6)
2007-10-10 14:10:17 -05:00
c93817b36d r17185: Oh, I wanted to do this for sooo long time.
Finally acknowledge that ldb is inherently async and does not have a dual personality anymore
Rename all ldb_async_XXX functions to ldb_XXX except for ldb_async_result, it is now ldb_reply
to reflect the real function of this structure.

Simo.
(This used to be commit 25fc735404)
2007-10-10 14:10:16 -05:00
32ab518767 r16972: Replace the sequence_number function pointer in ldb with the ldb flags.
The function pointer was meant to be unused, this patch fixes
partition.c to use ldb_sequence_number().  (No backend provided the
pointer any more).

Set the flags onto the ldb structure, so that all backends opened by
the partitions module inherit the flags.

Set the read-ony flag when accessed as the global catalog

Modify the LDAP server to track that this query is for the global
catalog (by incoming port), and set a opqaue pointer.

Next step is to read that opaque pointer in the partitions module.

Andrew Bartlett
(This used to be commit a1161cb30e)
2007-10-10 14:10:04 -05:00
d4c5627073 r16234: Set the request timeout from the LDAP search. Without this, the
initial request time is uninitialised, and this causes havoc later.
This also allows us to honour the client's wishes.

We should be doing this for all the operations...

Andrew Bartlett
(This used to be commit c8f5b1c928)
2007-10-10 14:09:07 -05:00
2d19dca9c8 r15944: rename LDB_ASYNC_ADD -> LDB_ADD, LDB_ASYNC_MODIFY -> LDB_MODIFY, etc...
(This used to be commit 55d97ef88f)
2007-10-10 14:08:43 -05:00
2613d19937 r15933: remove the last sync call to ldb_request
(This used to be commit 10d66aa61d)
2007-10-10 14:08:41 -05:00
f53e12b41b r14857: fix bugs noticed by the ibm code checker
metze
(This used to be commit 07626bf3c7)
2007-10-10 13:59:43 -05:00
82da2d401e r13998: From now on ldb_request() will require an alloced request
By freeing the request you will be sure everything down the path get freed.

this also means you have to steal the results if you want to keep them :)

simo.
(This used to be commit e8075e6a06)
2007-10-10 13:52:36 -05:00
00fe70e5b9 r13609: Get in the initial work on making ldb async
Currently only ldb_ildap is async, the plan
is to first make all backend support the async calls,
and then remove the sync functions from backends and
keep the only in the API.

Modules will need to be transformed along the way.

Simo
(This used to be commit 1e2c13b2d5)
2007-10-10 13:51:59 -05:00
f490434c0f r13606: An attempt to fix #3525.
The problem was that the supportedControls were being stolen into the
result sent to the client, then talloc_free()ed.  This caused them to
be invalid on the next rootDSE query.

This also tries to avoid attaching the result to the long-term samdb
context, and avoids an extra loop in the result processing (pointed
out by tridge).

Andrew BARtlett
(This used to be commit d0b8957f38)
2007-10-10 13:51:59 -05:00
7449f4d803 r13508: some ASN.1 element in LDAP are optional,
make it possible to code the difference between a zero length and a NULL DATA_BLOB...

metze
(This used to be commit 54f0b19c55)
2007-10-10 13:51:56 -05:00
a7a79d2b25 r12880: Remove ldap partitions useless now and probably we
will not use it anyway as we plan to support
partitions in ldb directly like with rootdse

Merge ldap_simple_ldb into ldap_backend, it is
not simple anymore and makes no sense to have
it separated now that ldap partitions are gone

Initial attempt at working to some limit to avoid DOSs
for the ldap server.

Simo.
(This used to be commit 97bff3e049)
2007-10-10 13:50:57 -05:00
c908d0b2aa r12733: Merge ldap/ldb controls into main tree
There's still lot of work to do but the patch is stable
enough to be pushed into the main samba4 tree.

Simo.
(This used to be commit 77125feaff)
2007-10-10 13:49:47 -05:00
d4de4c2d21 r12608: Remove some unused #include lines.
(This used to be commit 70e7449318)
2007-10-10 13:49:03 -05:00
53562f7746 r11955: got rid of the old rootDSE code in the ldap server.
The partitioning logic is still there, but we only have one
partition. If we need partitioning in the future it might be better to
remove this partitioning code and use a partitioning module instead
(This used to be commit f4685e7dc9)
2007-10-10 13:46:50 -05:00
1377cca5f4 r10810: This adds the hooks required to communicate the current user from the
authenticated session down into LDB.  This associates a session info
structure with the open LDB, allowing a future ldb_ntacl module to
allow/deny operations on that basis.

Along the way, I cleaned up a few things, and added new helper functions
to assist.  In particular the LSA pipe uses simpler queries for some of
the setup.

In ldap_server, I have removed the 'ldasrv:hacked' module, which hasn't
been worked on (other than making it continue to compile) since January,
and I think the features of this module are being put into ldb anyway.

I have also changed the partitions in ldap_server to be initialised
after the connection, with the private pointer used to associate the ldb
with the incoming session.

Andrew Bartlett
(This used to be commit fd7203789a)
2007-10-10 13:39:32 -05:00
db6933323c r7777: allow for overriding the location of the sam databasein the ldap server, using
ldapsrv:samdb option. This allows the following:

          sam database=ldap://localhost
          ldapsrv:samdb=tdb:///home/tridge/samba/samba4/prefix/private/sam.ldb

which allows us to test putting the sam on an ldap server using our
own ldap server. This is a great stress test for the ldap code.
(This used to be commit 40948ba384)
2007-10-10 13:18:35 -05:00
c7496c6cdb r7747: - simplified the ldap server buffer handling
- got rid of the special cases for sasl buffers

- added a tls_socket_pending() call to determine how much data is waiting on a tls connection

- removed the attempt at async handling of ldap calls. The buffers/sockets are all async, but the calls themselves
  are sync.
(This used to be commit 73cb4aad22)
2007-10-10 13:18:30 -05:00
c0947b0d7f r7593: simplified the memory management in the ldap code. Having a mem_ctx
element in a structure is not necessary any more.
(This used to be commit 912d0427f5)
2007-10-10 13:18:12 -05:00
4b0e5bd753 r7527: - added a ldb_search_bytree() interface, which takes a ldb_parse_tree
instead of a search expression. This allows our ldap server to pass
  its ASN.1 parsed search expressions straight to ldb, instead of going
  via strings.

- updated all the ldb modules code to handle the new interface

- got rid of the separate ldb_parse.h now that the ldb_parse
  structures are exposed externally

- moved to C99 structure initialisation in ldb

- switched ldap server to using ldb_search_bytree()
(This used to be commit 96620ab2ee)
2007-10-10 13:18:06 -05:00
501379431c r5305: removed libcli/ldap/ldap.h from includes.h
(This used to be commit 0df3fdd817)
2007-10-10 13:09:39 -05:00
759da3b915 r5037: got rid of all of the TALLOC_DEPRECATED stuff. My apologies for the
large commit. I thought this was worthwhile to get done for
consistency.
(This used to be commit ec32b22ed5)
2007-10-10 13:09:15 -05:00
a42142439a r3464: split out registry.h, rap.h and ldap_server.h
(This used to be commit 70d2090f6b)
2007-10-10 13:05:17 -05:00
3643fb1109 r3463: separated out some more headers (asn_1.h, messages.h, dlinklist.h and ioctl.h)
(This used to be commit b97e395c81)
2007-10-10 13:05:17 -05:00
22f0d7012c r2891: call rootDSE only with LDAP_SEARCH_SCOPE_BASE
this is needed because of the global catalog

metze
(This used to be commit 071c19c25d)
2007-10-10 12:59:43 -05:00
85e18e252d r2877: the Bind and Unbind function are already moved...
metze
(This used to be commit 5c3f3b4072)
2007-10-10 12:59:41 -05:00
7a4478845f r2863: move the logical ldapsrv functions to a seperate file
metze
(This used to be commit 5173c4d4fe)
2007-10-10 12:59:40 -05:00