Andrew Bartlett [Sun, 13 Aug 2006 23:58:04 +0000 (23:58 +0000)]
r17525: This is a merge from the Google Summer of Code 2006 project by Martin Kühl
<mkhl@samba.org>.
Martin took over the work done last year by Jelmer, in last year's
SoC. This was a substanital task, as the the ldb modules API changed
significantly during the past year, with the addition of async calls.
This changeset reimplements and enables the ldb_map ldb module and
adapts the example module and test case, both named samba3sam, to the
implementation.
The ldb_map module supports splitting an ldb database into two parts
(called the "local" and "remote" part) and storing the data in one of
them (the remote database) in a different format while the other acts
as a fallback.
This allows ldb to e.g. store to and load data from a remote LDAP
server and present it according to the Samba4 schema while still
allowing the LDAP to present and modify its data separately.
A complex example of this is the samba3sam module (by Jelmer
Vernooij), which maps data between the samba3 and samba4 schemas.
A simpler example is given by the entryUUID module (by Andrew
Bartlett), which handles some of the differences between AD and
OpenLDAP in operational attributes. It principally maps objectGUID,
to and from entryUUID elements. This is also an example of a module
that doesn't use the local backend as fallback storage.
This merge also splits the ldb_map.c file into smaller, more
manageable parts.
Andrew Bartlett [Sun, 13 Aug 2006 22:57:05 +0000 (22:57 +0000)]
r17524: Lets see if we can try and get the socket_wapper includes to be
pre-processed last, and get AIX and some other hosts to pass make test
again (I think the macros were being over-overridden).
Andrew Bartlett
Andrew Bartlett [Sun, 13 Aug 2006 12:42:25 +0000 (12:42 +0000)]
r17523: FIXME is a macro (I think) on some platforms (AIX), and this caused pain.
Andrew Bartlett
Andrew Bartlett [Sun, 13 Aug 2006 12:34:41 +0000 (12:34 +0000)]
r17522: Fix another declaration after statement.
Andrew Bartlett
Andrew Bartlett [Sun, 13 Aug 2006 11:55:13 +0000 (11:55 +0000)]
r17520: If the blkid library fails, I don't see any reason to return more of
an error than if we don't have it. We might not be on a volume that
can store/return such a GUID.
(Try to fix one of the build farm failures).
Andrew Bartlett
Andrew Bartlett [Sun, 13 Aug 2006 10:20:21 +0000 (10:20 +0000)]
r17517: Fix declaration after statement, which breaks the build on older GCC.
Andrew Bartlett
Simo Sorce [Sun, 13 Aug 2006 08:00:36 +0000 (08:00 +0000)]
r17516: Change helper function names to make more clear what they are meant to do
Simo Sorce [Sun, 13 Aug 2006 07:57:42 +0000 (07:57 +0000)]
r17515: Fix warnings
Simo Sorce [Sun, 13 Aug 2006 07:33:57 +0000 (07:33 +0000)]
r17514: Simplify the way to set ldb errors and add another
helper function to set them.
Simo Sorce [Sun, 13 Aug 2006 07:32:05 +0000 (07:32 +0000)]
r17513: ldb_set_errstring is an ldb private string, samdb uses DEBUG() statements
Simo Sorce [Sat, 12 Aug 2006 19:05:18 +0000 (19:05 +0000)]
r17507: pread and pwrite depends on HAVE_PREAD/HAVE_PWRITE not HAVE_PREAD_DECL/HAVE_PWRITE_DECL
and common/io.h already defines pread and pwrite as static if they are not.
remove unneded defines
Simo Sorce [Sat, 12 Aug 2006 15:22:58 +0000 (15:22 +0000)]
r17505: we are setting the timeout with the provide function right after.
Simo Sorce [Sat, 12 Aug 2006 15:22:03 +0000 (15:22 +0000)]
r17504: Do not use the invented unixID but use the rfc2307 uidNumber and gidNumber attributes instead
Do not change unixName right now, we don't have an attribute to use in the posixGroup class,
and I think we should remove its usage altogether and look up users and groups by their uid/gid only.
Simo.
Simo Sorce [Sat, 12 Aug 2006 15:20:06 +0000 (15:20 +0000)]
r17503: Add a useful function to search for a DN
Andrew Bartlett [Fri, 11 Aug 2006 22:11:29 +0000 (22:11 +0000)]
r17499: Open the main database only the minimum times during a provision.
This causes things to operate as just one transaction (locally), and
to make a minimum of TCP connections when connecting to a remote LDAP
server.
Taking advantage of this, create another file to handle loading the
Samba4 specific schema extensions. Also comment out 'middleName' and
reassign the OID to one in the Samba4 range, as it is 'stolen' from a
netscape range that is used in OpenLDAP and interenet standards for
'ref'.
Andrew Bartlett
Stefan Metzmacher [Fri, 11 Aug 2006 13:16:59 +0000 (13:16 +0000)]
r17495: run LOCAL-CRYPTO-MD4 and LOCAL-CRYPTO-MD5 with make test
metze
Stefan Metzmacher [Fri, 11 Aug 2006 13:13:03 +0000 (13:13 +0000)]
r17494: add tests for the example values from rfc 1320 (MD4)
metze
Stefan Metzmacher [Fri, 11 Aug 2006 11:47:11 +0000 (11:47 +0000)]
r17493: fix typo
metze
Stefan Metzmacher [Fri, 11 Aug 2006 11:26:58 +0000 (11:26 +0000)]
r17492: add a test with the example values from rfc1321 (MD5)
metze
Stefan Metzmacher [Fri, 11 Aug 2006 11:23:50 +0000 (11:23 +0000)]
r17491: I forgot to commit this...fix make test...sorry:-)
metze
Stefan Metzmacher [Fri, 11 Aug 2006 10:49:38 +0000 (10:49 +0000)]
r17490: add all test values from rfc 2202
metze
Stefan Metzmacher [Fri, 11 Aug 2006 09:35:52 +0000 (09:35 +0000)]
r17489: run the crypto tests with test
metze
Stefan Metzmacher [Fri, 11 Aug 2006 08:02:43 +0000 (08:02 +0000)]
r17488: - add SHA1 and HMACSHA1 functions, based on rfc 2104,2202,3174
- and add torture tests also based on the rfc's
metze
Rafal Szczesniak [Thu, 10 Aug 2006 20:42:07 +0000 (20:42 +0000)]
r17484: Make last version of the function generating random set of changes
more fair to each of the fields (ie. don't create new code at midnight
after a long day...).
This will be useful for testing multiple changes at once and verifying
correctness. A few testing runs already demostrated some missing pieces.
rafal
Alexander Bokovoy [Thu, 10 Aug 2006 11:51:43 +0000 (11:51 +0000)]
r17478: Add BENCH-READWRITE test to simulate read/write workload from simultaneous async clients. This code is based on concept from Mathias Dietz <mdietz@de.ibm.com>
Andrew Bartlett [Thu, 10 Aug 2006 01:51:27 +0000 (01:51 +0000)]
r17474: Allow the partitions module to load modules for specific backends.
Andrew Bartlett
Andrew Bartlett [Thu, 10 Aug 2006 00:52:56 +0000 (00:52 +0000)]
r17473: Split loading a list of modules and initialising them into a seperate
function.
Andrew Bartlett
Rafal Szczesniak [Wed, 9 Aug 2006 22:10:26 +0000 (22:10 +0000)]
r17472: Remove unused variable.
rafal
Rafal Szczesniak [Wed, 9 Aug 2006 22:09:47 +0000 (22:09 +0000)]
r17471: Add a function generating pseudorandom set of changes to test
user modify routines.
rafal
Rafal Szczesniak [Mon, 7 Aug 2006 20:43:06 +0000 (20:43 +0000)]
r17450: A bit more protection against memory allocation errors.
rafal
Rafal Szczesniak [Mon, 7 Aug 2006 20:30:58 +0000 (20:30 +0000)]
r17449: Add another field to the test before expanding the whole test
to more complex form.
rafal
Rafal Szczesniak [Mon, 7 Aug 2006 20:29:18 +0000 (20:29 +0000)]
r17448: Define macros to set fields in api function modifying user account.
rafal
Rafal Szczesniak [Mon, 7 Aug 2006 20:28:09 +0000 (20:28 +0000)]
r17447: Add more fields to user modify routines.
rafal
Stefan Metzmacher [Mon, 7 Aug 2006 17:26:51 +0000 (17:26 +0000)]
r17442: print out credentials on the "secret" objectClass and "trustedDomain"
objectclass
metze
Stefan Metzmacher [Mon, 7 Aug 2006 17:25:52 +0000 (17:25 +0000)]
r17441: add some more attribute with credentials in them
metze
Stefan Metzmacher [Mon, 7 Aug 2006 13:39:52 +0000 (13:39 +0000)]
r17438: extend the comment
metze
Simo Sorce [Sun, 6 Aug 2006 18:24:36 +0000 (18:24 +0000)]
r17434: update our index
Simo Sorce [Sun, 6 Aug 2006 18:05:43 +0000 (18:05 +0000)]
r17433: remove obsoleted RFCs
Stefan Metzmacher [Sun, 6 Aug 2006 16:59:29 +0000 (16:59 +0000)]
r17432: display more GUID values nicely,
they all have rangeLower=16 rangeUpper=16
and attribute syntax 2.5.5.10
metze
Stefan Metzmacher [Sat, 5 Aug 2006 19:50:58 +0000 (19:50 +0000)]
r17430: implement the LDAP_SERVER_PERMISSIVE_MODIFY control in the client
metze
Stefan Metzmacher [Sat, 5 Aug 2006 19:35:00 +0000 (19:35 +0000)]
r17429: implement the LDAP_SERVER_SHOW_DELETED control in the client
metze
Stefan Metzmacher [Sat, 5 Aug 2006 11:38:50 +0000 (11:38 +0000)]
r17420: add client support for the LDAP_SERVER_DOMAIN_SCOPE control
metze
Stefan Metzmacher [Sat, 5 Aug 2006 11:18:14 +0000 (11:18 +0000)]
r17419: add client support for the LDAP_SERVER_SEARCH_OPTIONS support.
with this you can limit a search to a specific partitions
or a search over all partitions without getting referrals.
(Witch is the default behavior on the Global Catalog Port)
metze
Stefan Metzmacher [Sat, 5 Aug 2006 10:26:23 +0000 (10:26 +0000)]
r17418: add client support for the LDAP_SERVER_SD_FLAGS control
metze
Volker Lendecke [Sat, 5 Aug 2006 08:21:31 +0000 (08:21 +0000)]
r17417: Try to fix random failures in the build farm for 3_0.
Volker
Stefan Metzmacher [Sat, 5 Aug 2006 06:48:19 +0000 (06:48 +0000)]
r17416: display the attributeSecurityGUID nicely.
this attriute is used to group multiple attribute
to a propertySet for access control.
metze
Stefan Metzmacher [Sat, 5 Aug 2006 06:35:32 +0000 (06:35 +0000)]
r17415: the ldif handlers can't do search as this now blocks foerever
because the handlers are called within the async callbacks
in side the main search.
Also it makes no sense to give the sddl encoder the sid of the primary
domain when we need a description of a real security_descriptor,
this only makes sense for the defaultSecurityDescriptor...
metze
Stefan Metzmacher [Sat, 5 Aug 2006 06:20:55 +0000 (06:20 +0000)]
r17414: add new error code
metze
Stefan Metzmacher [Sat, 5 Aug 2006 05:43:47 +0000 (05:43 +0000)]
r17413: add a new case for the this:
top->level1->level2->level3
level3 has a deny destructor
talloc_free(level1)
result: top->level3
metze
Simo Sorce [Sat, 5 Aug 2006 05:03:10 +0000 (05:03 +0000)]
r17412: fix missing colon
Andrew Bartlett [Fri, 4 Aug 2006 23:46:03 +0000 (23:46 +0000)]
r17411: Try and compile on older versions of GnuTLS.
Andrew Bartlett
Simo Sorce [Fri, 4 Aug 2006 12:05:46 +0000 (12:05 +0000)]
r17398: avoid a memleak when we are returned 0 results and make a more creative use of memory contexts
Andrew Bartlett [Fri, 4 Aug 2006 10:27:14 +0000 (10:27 +0000)]
r17397: Add const, and use a more local memory context.
Andrew Bartlett
Andrew Bartlett [Fri, 4 Aug 2006 07:00:53 +0000 (07:00 +0000)]
r17396: Bump the time up again. RPC-SAMR can slow, I probably need to break
it up again...
Andrew Bartlett
Andrew Bartlett [Fri, 4 Aug 2006 06:53:17 +0000 (06:53 +0000)]
r17395: Add some more time to the default runtime. Now 7.5 mins.
Andrew Bartlett
Andrew Bartlett [Fri, 4 Aug 2006 04:43:35 +0000 (04:43 +0000)]
r17394: Pregenerate all the files for TLS. Make the 'make test' startup *much* faster.
Andrew Bartlett
Stefan Metzmacher [Thu, 3 Aug 2006 09:29:12 +0000 (09:29 +0000)]
r17381: - we don't need debug messages twice
- also user_info->mapped is maybe uninitialized
in auth_password_check() as it we do the mapping in
auth_password_check_send()
that to Kai Blin <kai.blin@gmail.com> and valgrind to find
this bug
metze
Andrew Bartlett [Thu, 3 Aug 2006 09:18:44 +0000 (09:18 +0000)]
r17380: An expanded test, cross-referencing the global catalog to the main port.
Andrew Bartlett
Andrew Bartlett [Thu, 3 Aug 2006 08:02:54 +0000 (08:02 +0000)]
r17379: Pre-generate DH parameters, to avoid doing this at runtime in our testsuite.
Andrew Bartlett
Andrew Bartlett [Thu, 3 Aug 2006 00:59:39 +0000 (00:59 +0000)]
r17377: This attribute is maintained by the modules, don't override it.
Andrew Bartlett
Simo Sorce [Wed, 2 Aug 2006 00:01:09 +0000 (00:01 +0000)]
r17370: Fix tdb searches, we need to return an LDAP_REPLY_DONE packet when done.
Awesome how this didn't break everything around...
Andrew Bartlett [Tue, 1 Aug 2006 22:46:49 +0000 (22:46 +0000)]
r17368: Add 'const' to ldb_match_msg().
Andrew Bartlett
Stefan Metzmacher [Tue, 1 Aug 2006 10:58:01 +0000 (10:58 +0000)]
r17362: session_info and smbpid are available from the ntvfs_handle
so we don't need them on the pvfs_file struct.
also we don't need to check is the handle has the correct session
as this is job of the frontend server
metze
Stefan Metzmacher [Tue, 1 Aug 2006 10:42:03 +0000 (10:42 +0000)]
r17361: check that file handles are only accessable
by the correct session in the SMB frontend server
metze
Stefan Metzmacher [Tue, 1 Aug 2006 10:37:34 +0000 (10:37 +0000)]
r17360: add some comments
metze
Stefan Metzmacher [Tue, 1 Aug 2006 10:11:37 +0000 (10:11 +0000)]
r17359: cs.wisc.edu/~cao/cs739/draft-leach-cifs-v1-spec-01.txt
says that with the 0xffff fid all files only for the given pid
should be flushed
Does samba3 handle this correct?
metze
Stefan Metzmacher [Tue, 1 Aug 2006 09:09:45 +0000 (09:09 +0000)]
r17357: - fix the build
- generate the IDL_NDR_* variables before using them
(this was the reason I didn't noticed this error)
metze
Andrew Bartlett [Tue, 1 Aug 2006 05:58:06 +0000 (05:58 +0000)]
r17352: Don't do a modify on the objectClasses, as OpenLDAP doesn't like
this. Instead, handle this one in the add.
Andrew Bartlett
Andrew Bartlett [Tue, 1 Aug 2006 05:56:47 +0000 (05:56 +0000)]
r17351: Remove extra LDB partition we don't actually use (these are in the
main database, under cn=templates).
Andrew Bartlett
Simo Sorce [Tue, 1 Aug 2006 03:22:02 +0000 (03:22 +0000)]
r17350: Avoid a couple of memleaks, unnecessary code and use a more linear style
Andrew Bartlett [Tue, 1 Aug 2006 02:25:05 +0000 (02:25 +0000)]
r17349: We can't just return sucess here, modules below us expect the async
reply rules to be followed.
Add code to do a fake async callback on the skipped records.
Andrew Bartlett
Stefan Metzmacher [Mon, 31 Jul 2006 15:52:26 +0000 (15:52 +0000)]
r17344: move the gensec_update_request structure into the header file
and add a private_data for the backends.
metze
Stefan Metzmacher [Mon, 31 Jul 2006 15:42:27 +0000 (15:42 +0000)]
r17343: let auth_winbind use IRPC against the winbind task.
(currently this uses the sync IRPC_CALL(), but when
auth_check_password will be async for the backend this will
change to IRPC_CALL_SEND()
the old module which uses the samba3 protocol against winbind
is still available as 'winbind_samba3'
metze
Stefan Metzmacher [Mon, 31 Jul 2006 15:38:18 +0000 (15:38 +0000)]
r17342: implement a SamLogon via IRPC in samba4's winbind
metze
Stefan Metzmacher [Mon, 31 Jul 2006 14:05:08 +0000 (14:05 +0000)]
r17341: pass a messaging context to auth_context_create()
and gensec_server_start().
calling them with NULL for event context or messaging context
is no longer allowed!
metze
Stefan Metzmacher [Mon, 31 Jul 2006 13:40:49 +0000 (13:40 +0000)]
r17340: initialize elements od dcesrc_call_state in one central place
and pass the messaging context to the call
metze
Stefan Metzmacher [Mon, 31 Jul 2006 13:34:00 +0000 (13:34 +0000)]
r17339: pass the event context and messaging context together to the
smb ejs functions
metze
Stefan Metzmacher [Mon, 31 Jul 2006 08:14:27 +0000 (08:14 +0000)]
r17337: make better usage of the composite api
and create an event context explicit
metze
Stefan Metzmacher [Mon, 31 Jul 2006 07:29:44 +0000 (07:29 +0000)]
r17336: make the logic a bit more easier to understand...
metze
Andrew Bartlett [Mon, 31 Jul 2006 01:20:05 +0000 (01:20 +0000)]
r17332: May as well make this a round number
Andrew Bartlett [Mon, 31 Jul 2006 01:16:28 +0000 (01:16 +0000)]
r17331: Oops, how did I commit this empty file...
Andrew Bartlett
Andrew Bartlett [Mon, 31 Jul 2006 01:00:18 +0000 (01:00 +0000)]
r17330: Enable the partitions module.
This module redirects various samdb requests into different modules,
depending on the prefix. It also makes moving to an LDAP backend
easier, as it is just a different partition backend.
This adds yet another stage to the provision process, as we must setup
the partitions before we setup the magic attributes.
Andrew Bartlett
Stefan Metzmacher [Sun, 30 Jul 2006 19:22:39 +0000 (19:22 +0000)]
r17329: - after a composite_continue() we need to call return;
- add some comments
metze
Stefan Metzmacher [Sun, 30 Jul 2006 19:00:16 +0000 (19:00 +0000)]
r17328: make better usage of the composite api
metze
Stefan Metzmacher [Sun, 30 Jul 2006 18:59:03 +0000 (18:59 +0000)]
r17327: when the connect with the ipv6 socket was ok,
we need to inform the caller...
metze
Stefan Metzmacher [Sun, 30 Jul 2006 18:36:17 +0000 (18:36 +0000)]
r17326: make better usage of the composite api
metze
Stefan Metzmacher [Sun, 30 Jul 2006 18:24:07 +0000 (18:24 +0000)]
r17325: make better usage of the composite api
metze
Stefan Metzmacher [Sun, 30 Jul 2006 17:55:09 +0000 (17:55 +0000)]
r17324: make better usage of the composite api
metze
Stefan Metzmacher [Sun, 30 Jul 2006 17:50:37 +0000 (17:50 +0000)]
r17323: make better use of the composite api and fix the memory
hierachy
metze
Stefan Metzmacher [Sun, 30 Jul 2006 17:45:11 +0000 (17:45 +0000)]
r17322: make better use of the composite api
metze
Stefan Metzmacher [Sun, 30 Jul 2006 17:43:58 +0000 (17:43 +0000)]
r17321: give better error codes
metze
Stefan Metzmacher [Sun, 30 Jul 2006 17:34:37 +0000 (17:34 +0000)]
r17320: - print the debug message before the composite context get received by the caller
- steal pipe2 to the state structure so we don't need to take about freeing is later
metze
Stefan Metzmacher [Sun, 30 Jul 2006 17:31:12 +0000 (17:31 +0000)]
r17319: make better usage of the composite api
metze
Stefan Metzmacher [Sun, 30 Jul 2006 17:29:02 +0000 (17:29 +0000)]
r17318: make better usage of the composite api
metze
Stefan Metzmacher [Sun, 30 Jul 2006 16:48:41 +0000 (16:48 +0000)]
r17317: - add a composite_create() function that allocates and initialize
the composite_context structue, we should try to convert all code
to use this because there're a lot of places where the we have
bugs with this task...
- add a composite_continue_smb2() helper
We should try to hide the internals of the composite code from the users
to avoid errors (and I found a lot of them... and will fix then step by step)
metze
Stefan Metzmacher [Sat, 29 Jul 2006 07:56:03 +0000 (07:56 +0000)]
r17306: fix compiler warning
metze
Stefan Metzmacher [Sat, 29 Jul 2006 06:00:58 +0000 (06:00 +0000)]
r17305: allow 'declare [...] union foo;'
metze
Andrew Bartlett [Sat, 29 Jul 2006 03:00:16 +0000 (03:00 +0000)]
r17304: Improve ldb_tdb error strings a bit more.
Andrew Bartlett
Andrew Bartlett [Sat, 29 Jul 2006 02:00:33 +0000 (02:00 +0000)]
r17303: More testing results: Don't try and call a NULL callback, and use the
correct parameter, as this is called for more than just 'add'.
Andrew Bartlett
Andrew Bartlett [Sat, 29 Jul 2006 01:52:15 +0000 (01:52 +0000)]
r17302: Testing!
This confirms that records are replicated into the correct databases,
and that the case insensitive flags really work.
Andrew Bartlett