IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When using w2k3 linked attributes we are allowed to have multiple
values on a single valued attribute. This happens when the other
values are deleted.
Setting the RELAX control tell the ldb-tdb backend to not check for
this on replace, which means the caller has to check for single valued
violations.
This gets rid of the @IDXPTR approach to in-transaction indexing,
instead using an in-memory tdb to hold index values during a
transaction. This also cleans up a lot of the internal indexing logic,
hopefully making it easier to understand.
One of the big changes is in memory management, with a lot more use
made of talloc tricks to avoid copying dn lists, and shortcuts used to
avoid high intersection and union calculation costs.
The overall result is that a re-provision on my laptop goes from 48s
to a bit over 10s.
Separate again the public from the private headers.
Add a new header specific for modules.
Also add service function for modules as now ldb_context and ldb_module are
opaque structures for them.
Use the checkBaseOnSearch attribute to control if we should check the
base DN on search requests.
Also ensure we honour any errors in searching, not just errors in the
supplied 'done' callback.
Andrew Bartlett
(This used to be commit deaac92f439ef001bfe052df170d6e34e8ba5845)
Subclass support was designed to avoid needing to spell out the full
list of objectClasses that an entry was in. However, Samba4 now
enforces this restriction in the objectClass module, and the way
subclass matching was handled was complex and counter-intuitive in my
opinion (and did not match LDAP).
Andrew Bartlett
(This used to be commit f5ce04b904e14445a2a7e7f92e7e1f64b645c6f2)
This is a 1 to 1 convertion, next step is to make this
code report an error if the basedn is not used, hopefully
avoiding an explicit search on the base object in the most
common cases.
(This used to be commit 50534c84b4577b2d32565a74a4716088f706bfea)
write. We should only be doing this if another process writes and
changes the seqnum. This avoids the extra cache loads
(This used to be commit 65858ebb68c25a672e9284e8cba9a6675902f1df)
to a ldb_schema_syntax struct.
the default attribute handler is now registered dynamicly as "*"
attribute, instead of having its own code path.
ldb_schema_attribute's can be added to the ldb_schema given a
ldb_schema_syntax struct or the syntax name
we may also need to introduce a ldb_schema_matching_rule,
and add a pointer to a default ldb_schema_matching_rule
in the ldb_schema_syntax.
metze
(This used to be commit b97b8f5dcbce006f005e53ca79df3330e62f117b)
This patch changes a lot of the code in ldb_dn.c, and also
removes and add a number of manipulation functions around.
The aim is to avoid validating a dn if not necessary as the
validation code is necessarily slow. This is mainly to speed up
internal operations where input is not user generated and so we
can assume the DNs need no validation. The code is designed to
keep the data as a string if possible.
The code is not yet 100% perfect, but pass all the tests so far.
A memleak is certainly present, I'll work on that next.
Simo.
(This used to be commit a580c871d3784602a9cce32d33419e63c8236e63)
by avoiding chain locks on each tdb_fetch() within the search
- use the tdb_get_seqnum() call to avoid re-reading the @BASEINFO
record when it hasn't changed.
These speed up the LOCAL-DBSPEED test for ldb from 7k ops/sec to a bit
over 11k ops/sec
(This used to be commit 1347ad254eb8cd12ce22a5a2a37bec0a0ac8dbf1)
This moves these attributes from objectguid into an optional backend
(objectguid), used by ltdb. For OpenLDAP, the entryUUID module
converts entryCSN into usnChanged.
This also changes the sequence number API, and uses 'time based'
sequence numbers, when an LDAP or similar backend is detected.
To assist this, we also store the last modified time in the TDB,
whenever we change a value.
Andrew Bartlett
(This used to be commit 72858f859483c0c532dddb2c146d6bd7b9be5072)
this helps in getting symbol -fvisibility=hidden (GCC 4 feature) working later.
metze
(This used to be commit 380938e97f31c7860aed1e73cc0110c6e17b472e)
most of the changes are fixes to make all the ldb code compile without
warnings on gcc4. Unfortunately That required a lot of casts :-(
I have also added the start of an 'operational' module, which will
replace the timestamp module, plus add support for some other
operational attributes
In ldb_msg_*() I added some new utility functions to make the
operational module sane, and remove the 'ldb' argument from the
ldb_msg_add_*() functions. That argument was only needed back in the
early days of ldb when we didn't use the hierarchical talloc and thus
needed a place to get the allocation function from. Now its just a
pain to pass around everywhere.
Also added a ldb_debug_set() function that calls ldb_debug() plus sets
the result using ldb_set_errstring(). That saves on some awkward
coding in a few places.
(This used to be commit f6818daecca95760c12f79fd307770cbe3346f57)
This code applies correct ldap standard wildcard matching code
removes WILDCARD matching from tdb @ATTRIBUTES, that's now handled independently
adds some more tests for wildcard matching
fixes dn comparison code in ldb_match
(This used to be commit 4eb5863042011988d85092d7dde3d809aa15bd59)
- moved the knowledge of attribute types out of ldb_tdb and into the
generic ldb code. This allows the ldb_match() message match logic
to be generic, so it can be used by other backend
- added the generic ability to load attribute handlers, for
canonicalisation, compare, ldif read and ldif write. In the future
this will be used by the schema module to allow us to correctly
obey the attributetype schema elements
- added attribute handlers for some of the core ldap attribute types,
Integer, DirectoryString, DN, ObjectClass etc
- added automatic registration of attribute handlers for well-known
attribute names 'cn', 'dc', 'dn', 'ou' and 'objectClass'
- converted the objectSid special handlers for Samba to the new system
- added more correct handling of indexing in tdb backend based on the
attribute canonicalisation function
- added generic support for subclasses, moving it out of the tdb
backend. This will be used in future by the schema module
- fixed several bugs in the dn_explode code. It still needs more
work, but doesn't corrupt ldb dbs any more.
(This used to be commit 944c5844ab441b96d8e5d7b2d151982139d1fab9)
this object properties are now used as multivalue attributes
now all values inserted are checked against a "valid values table"
eg:
this form is now accepted:
dn: @ATTRIBUTES
uid: CASE_INSENSITIVE
uid: WILDCARD
this form is now rejected:
dn: @ATTRIBUTES
uid: CASE_INSENSITIVE WILDCARD
please update your .ldb files if you make use of @ATTRIBUTES
(sam.ldb heavily uses it)
the code passes all make test tests for both tdb and ldap, it also
passes the new test to check for wrong @ATTRIBUTES attribute values
Simo.
(This used to be commit 1295b891a26c2cb2c34540f90ded83390cf87da2)
example:
*: CASE_INSENSITIVE
by placing it in the @ATTRIBUTES object you make all the matching be case insensitive
to make an excepion to the general rule now you just need to create an entry like:
name: CASE_SENSITIVE
the key CASE_SENSITIVE currently does not exist but has the effect of making the code
ignore the wildcard default flag and being ldb case sensitive by default it let the
"name" attribute be case sensitive again
Tridge, can you look at this commit?
Should we introduce a CASE_SENSITVE/BINARY flag and handle it in the code ?
Simo.
(This used to be commit 5f10707e8ac36db03f3aa3e1ee1c40a9d9da2016)
this helps standalone building of ldb
renew the schema module
split code into functions to improve readability and code reuse
add and modify works correctly but we need a proper testsuite
Simo
(This used to be commit a681ae365ff1b5a2771b42ebd90336651ce1e513)
- split ldh.h out of samba's includes.h
- make ldb_context and ldb_module private to the subsystem
- use ltdb_ prefix for all ldb_tdb functions
metze
(This used to be commit f5ee40d6ce8224e280070975efc9911558fe675c)
- fixed the bug shown with the above test, by initialising the
sequence number to something different from the value used in
ltdb_cache_free()
(This used to be commit 856cdf82f24aada074ee5c605cccb2e8ceeea487)
an attribute as only appearing in searches that explicitly name it. It will be used
for attributes like nTSecurityDescriptor
(This used to be commit f5cd3d733b71368ea652f8a4d653d87f45ff983f)
allocator. The way to use this is to call ldb_set_alloc() with a
function pointer to whatever memory allocator you like. It includes a
context pointer to allow for pool based allocators.
(This used to be commit 3955c482e6c2c9e975a4bb809ec8cb6068e48e34)
- made yet another attempt to make ldb const clean.
- "make test" now runs both the tdb and ldap backend tests, and run the ldbtest utility
with and without indexing
- added prototypes in ldb.h for ldb_msg_*() public functions
(This used to be commit 01e87406768cb5a98ac8530a2f361a4987a36cd3)
- added the ability to mark record attributes as being CASE_INSENSITIVE, WILDCARD or INTEGER.
- added the ability to support objectclass subclasses, and to search by a parent class
- added internal support for case insensitive versus case sensitive
indexing (not UTF8 compliant yet)
- cleaned up a number of const warnings
- added a number of helper functions for fetching integers, strings and doubles
- added a in-memory cache for important database properties, supported by a
database sequence number
- changed some variable names to avoid conflicts with C++
(This used to be commit f2bf06f25c2e6c744817711c7bedbd1d3b52f994)
