@ records like @IDXLIST are only available via a base search on the specific name
but the method by which they were excluded was expensive, after the unpack the
DN is exploded and ldb_match_msg_error() would reject it for failing to match the
scope.
This uses the fact that @ records have the DN=@ prefix on their TDB/LMDB key
to quickly exclude them from consideration.
Based on analysis by Garming Sam.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13893
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Apr 10 06:23:39 UTC 2019 on sn-devel-144
* Determine if this key could hold a record. We allow the new GUID
* index, the old DN index and a possible future ID=
*/
-bool ldb_kv_key_is_record(struct ldb_val key)
+bool ldb_kv_key_is_normal_record(struct ldb_val key)
{
if (key.length < 4) {
return false;
}
+ /*
+ * @ records are not normal records, we don't want to index
+ * them nor search on them
+ */
+ if (key.length > 4 &&
+ memcmp(key.data, "DN=@", 4) == 0) {
+ return false;
+ }
+
+ /* All other DN= records are however */
if (memcmp(key.data, "DN=", 3) == 0) {
return true;
}
/*
* The following definitions come from lib/ldb/ldb_key_value/ldb_kv.c */
/*
- * Determine if this key could hold a record. We allow the new GUID
- * index, the old DN index and a possible future ID=
+ * Determine if this key could hold a normal record. We allow the new
+ * GUID index, the old DN index and a possible future ID= but not
+ * DN=@.
*/
-bool ldb_kv_key_is_record(struct ldb_val key);
+bool ldb_kv_key_is_normal_record(struct ldb_val key);
struct ldb_val ldb_kv_key_dn(struct ldb_module *module,
TALLOC_CTX *mem_ctx,
struct ldb_dn *dn);
ldb = ldb_module_get_ctx(module);
- if (key.length > 4 &&
- memcmp(key.data, "DN=@", 4) == 0) {
- return 0;
- }
-
- is_record = ldb_kv_key_is_record(key);
+ is_record = ldb_kv_key_is_normal_record(key);
if (is_record == false) {
return 0;
}
ldb = ldb_module_get_ctx(module);
- if (key.length > 4 &&
- memcmp(key.data, "DN=@", 4) == 0) {
- return 0;
- }
-
- is_record = ldb_kv_key_is_record(key);
+ is_record = ldb_kv_key_is_normal_record(key);
if (is_record == false) {
return 0;
}
ac = talloc_get_type(state, struct ldb_kv_context);
ldb = ldb_module_get_ctx(ac->module);
- if (ldb_kv_key_is_record(key) == false) {
+ /*
+ * We want to skip @ records early in a search full scan
+ *
+ * @ records like @IDXLIST are only available via a base
+ * search on the specific name but the method by which they
+ * were excluded was expensive, after the unpack the DN is
+ * exploded and ldb_match_msg_error() would reject it for
+ * failing to match the scope.
+ *
+ * ldb_kv_key_is_normal_record() uses the fact that @ records
+ * have the DN=@ prefix on their TDB/LMDB key to quickly
+ * exclude them from consideration.
+ *
+ * (any other non-records are also excluded by the same key
+ * match)
+ */
+
+ if (ldb_kv_key_is_normal_record(key) == false) {
return 0;
}