The branch, master has been updated
via c7d7c8f ldb:ldb.h - include a comment that the relax control is
mainly used by the OpenLDAP backend
via f9a6ff4 s4/ldb:introduce the LDB_CONTROL_PROVISION_OID control
via 89c42a9 ldb:rename LDB_CONTROL_BYPASSOPERATIONAL_OID into
LDB_CONTROL_BYPASS_OPERATIONAL_OID
via a60965b s4:dns_server - fix counter types
via ee913f4 tdb: commit the version 1.2.7 signatures
from 72c8ccd s4 dns: Implement update record prescan logic
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c7d7c8f6f8b85c15d3fef37d516e34961ee4f31a
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sat Oct 23 16:54:55 2010 +0200
ldb:ldb.h - include a comment that the relax control is mainly used by the
OpenLDAP backend
Autobuild-User: Matthias Dieter Wallnöfer <[email protected]>
Autobuild-Date: Sat Oct 23 16:40:04 UTC 2010 on sn-devel-104
commit f9a6ff482c8d03e7e46fd6925d58214b7a097e02
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sat Oct 23 16:15:51 2010 +0200
s4/ldb:introduce the LDB_CONTROL_PROVISION_OID control
This control is exactly thought for the actions which previously were
performed
using the RELAX one.
We agreed that the RELAX control will only remain for interactions with
OpenLDAP.
commit 89c42a96fcaa43a7f2c9aef9e708276a639e0051
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sat Oct 23 16:06:17 2010 +0200
ldb:rename LDB_CONTROL_BYPASSOPERATIONAL_OID into
LDB_CONTROL_BYPASS_OPERATIONAL_OID
It's nicer to have this consistent with "BYPASS_PASSWORD_HASH".
commit a60965b879f4b4c7fc8507073c6000967b80b724
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sat Oct 23 15:52:34 2010 +0200
s4:dns_server - fix counter types
commit ee913f45683e66d4391944e034217a56d42e7ab5
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sat Oct 23 16:36:45 2010 +0200
tdb: commit the version 1.2.7 signatures
-----------------------------------------------------------------------
Summary of changes:
lib/tdb/ABI/{tdb-1.2.5.sigs => tdb-1.2.7.sigs} | 0
source4/dns_server/dns_query.c | 5 +--
source4/dns_server/dns_server.c | 3 +-
source4/dsdb/common/util.c | 7 +++++
source4/dsdb/common/util.h | 1 +
source4/dsdb/samdb/ldb_modules/operational.c | 6 ++--
source4/lib/ldb/common/ldb_controls.c | 29 +++++++++++++++++++++++-
source4/lib/ldb/include/ldb.h | 10 +++++++-
source4/libcli/ldap/ldap_controls.c | 6 +++-
source4/setup/schema_samba4.ldif | 3 +-
10 files changed, 57 insertions(+), 13 deletions(-)
copy lib/tdb/ABI/{tdb-1.2.5.sigs => tdb-1.2.7.sigs} (100%)
Changeset truncated at 500 lines:
diff --git a/lib/tdb/ABI/tdb-1.2.5.sigs b/lib/tdb/ABI/tdb-1.2.7.sigs
similarity index 100%
copy from lib/tdb/ABI/tdb-1.2.5.sigs
copy to lib/tdb/ABI/tdb-1.2.7.sigs
diff --git a/source4/dns_server/dns_query.c b/source4/dns_server/dns_query.c
index bf82ae2..f730a70 100644
--- a/source4/dns_server/dns_query.c
+++ b/source4/dns_server/dns_query.c
@@ -40,7 +40,7 @@ static WERROR handle_question(struct dns_server *dns,
static const char * const attrs[] = { "dnsRecord", NULL};
int ret;
uint16_t ai = *ancount;
- uint16_t ri;
+ unsigned int ri;
struct ldb_message *msg = NULL;
struct dnsp_DnssrvRpcRecord *recs;
struct ldb_message_element *el;
@@ -206,9 +206,8 @@ WERROR dns_server_process_query(struct dns_server *dns,
struct dns_res_rec **nsrecs, uint16_t
*nscount,
struct dns_res_rec **additional, uint16_t
*arcount)
{
- uint16_t num_answers=0;
+ uint16_t i, num_answers=0;
struct dns_res_rec *ans=NULL;
- int i;
WERROR werror;
ans = talloc_array(mem_ctx, struct dns_res_rec, 0);
diff --git a/source4/dns_server/dns_server.c b/source4/dns_server/dns_server.c
index 9146968..635cd95 100644
--- a/source4/dns_server/dns_server.c
+++ b/source4/dns_server/dns_server.c
@@ -600,8 +600,7 @@ static void dns_task_init(struct task_server *task)
struct ldb_result *res;
struct ldb_dn *rootdn;
static const char * const attrs[] = { "name", NULL};
- int i;
-
+ unsigned int i;
switch (lpcfg_server_role(task->lp_ctx)) {
case ROLE_STANDALONE:
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index f56cd07..9b813d1 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -3660,6 +3660,13 @@ int dsdb_request_add_controls(struct ldb_request *req,
uint32_t dsdb_flags)
}
}
+ if (dsdb_flags & DSDB_PROVISION) {
+ ret = ldb_request_add_control(req, LDB_CONTROL_PROVISION_OID,
false, NULL);
+ if (ret != LDB_SUCCESS) {
+ return ret;
+ }
+ }
+
return LDB_SUCCESS;
}
diff --git a/source4/dsdb/common/util.h b/source4/dsdb/common/util.h
index 7dabef8..fa87648 100644
--- a/source4/dsdb/common/util.h
+++ b/source4/dsdb/common/util.h
@@ -34,5 +34,6 @@
#define DSDB_TREE_DELETE 0x0100
#define DSDB_SEARCH_ONE_ONLY 0x0200 /* give an error unless 1
record */
#define DSDB_SEARCH_SHOW_RECYCLED 0x0400
+#define DSDB_PROVISION 0x0800
bool is_attr_in_list(const char * const * attrs, const char *attr);
diff --git a/source4/dsdb/samdb/ldb_modules/operational.c
b/source4/dsdb/samdb/ldb_modules/operational.c
index 5a5b5e9..e14b1d4 100644
--- a/source4/dsdb/samdb/ldb_modules/operational.c
+++ b/source4/dsdb/samdb/ldb_modules/operational.c
@@ -777,9 +777,9 @@ static int operational_search(struct ldb_module *module,
struct ldb_request *req
ac->controls_flags = talloc(ac, struct op_controls_flags);
/* remember if the SD_FLAGS_OID was set */
ac->controls_flags->sd = (ldb_request_get_control(req,
LDB_CONTROL_SD_FLAGS_OID) != NULL);
- /* remember if the LDB_CONTROL_BYPASSOPERATIONAL_OID */
- ac->controls_flags->bypassoperational = (ldb_request_get_control(req,
-
LDB_CONTROL_BYPASSOPERATIONAL_OID) != NULL);
+ /* remember if the LDB_CONTROL_BYPASS_OPERATIONAL_OID */
+ ac->controls_flags->bypassoperational =
+ (ldb_request_get_control(req,
LDB_CONTROL_BYPASS_OPERATIONAL_OID) != NULL);
/* in the list of attributes we are looking for, rename any
attributes to the alias for any hidden attributes that can
diff --git a/source4/lib/ldb/common/ldb_controls.c
b/source4/lib/ldb/common/ldb_controls.c
index f0afe8a..99154aa 100644
--- a/source4/lib/ldb/common/ldb_controls.c
+++ b/source4/lib/ldb/common/ldb_controls.c
@@ -528,7 +528,7 @@ struct ldb_control **ldb_parse_control_strings(struct
ldb_context *ldb, TALLOC_C
ldb_oom(ldb);
return NULL;
}
- ctrl[i]->oid = LDB_CONTROL_BYPASSOPERATIONAL_OID;
+ ctrl[i]->oid = LDB_CONTROL_BYPASS_OPERATIONAL_OID;
ctrl[i]->critical = crit;
ctrl[i]->data = NULL;
@@ -939,6 +939,33 @@ struct ldb_control **ldb_parse_control_strings(struct
ldb_context *ldb, TALLOC_C
continue;
}
+ if (strncmp(control_strings[i], "provision:", 10) == 0) {
+ const char *p;
+ int crit, ret;
+
+ p = &(control_strings[i][10]);
+ ret = sscanf(p, "%d", &crit);
+ if ((ret != 1) || (crit < 0) || (crit > 1)) {
+ error_string = talloc_asprintf(mem_ctx,
"invalid provision control syntax\n");
+ error_string =
talloc_asprintf_append(error_string, " syntax: crit(b)\n");
+ error_string =
talloc_asprintf_append(error_string, " note: b = boolean");
+ ldb_set_errstring(ldb, error_string);
+ talloc_free(error_string);
+ return NULL;
+ }
+
+ ctrl[i] = talloc(ctrl, struct ldb_control);
+ if (!ctrl[i]) {
+ ldb_oom(ldb);
+ return NULL;
+ }
+ ctrl[i]->oid = LDB_CONTROL_PROVISION_OID;
+ ctrl[i]->critical = crit;
+ ctrl[i]->data = NULL;
+
+ continue;
+ }
+
/* no controls matched, throw an error */
ldb_asprintf_errstring(ldb, "Invalid control name: '%s'",
control_strings[i]);
return NULL;
diff --git a/source4/lib/ldb/include/ldb.h b/source4/lib/ldb/include/ldb.h
index 7f4752e..933ee93 100644
--- a/source4/lib/ldb/include/ldb.h
+++ b/source4/lib/ldb/include/ldb.h
@@ -487,7 +487,7 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void
*opaque);
It can be used to access attribute that used to be stored in the sam
and that are now calculated.
*/
-#define LDB_CONTROL_BYPASSOPERATIONAL_OID "1.3.6.1.4.1.7165.4.3.13"
+#define LDB_CONTROL_BYPASS_OPERATIONAL_OID "1.3.6.1.4.1.7165.4.3.13"
/**
OID for recalculate SD control. This control force the
@@ -510,6 +510,12 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2,
void *opaque);
*/
#define LDB_CONTROL_AS_SYSTEM_OID "1.3.6.1.4.1.7165.4.3.7"
+/**
+ LDB_CONTROL_PROVISION_OID is used to skip some constraint checks. It's is
+ mainly thought to be used for the provisioning.
+*/
+#define LDB_CONTROL_PROVISION_OID "1.3.6.1.4.1.7165.4.3.16"
+
/* AD controls */
/**
@@ -671,6 +677,8 @@ typedef int (*ldb_qsort_cmp_fn_t) (void *v1, void *v2, void
*opaque);
OID for the allowing client to request temporary relaxed
enforcement of constraints of the x.500 model.
+ Mainly used for the OpenLDAP backend.
+
\sa <a
href="http://opends.dev.java.net/public/standards/draft-zeilenga-ldap-managedit.txt";>draft
managedit</a>.
*/
#define LDB_CONTROL_RELAX_OID "1.3.6.1.4.1.4203.666.5.12"
diff --git a/source4/libcli/ldap/ldap_controls.c
b/source4/libcli/ldap/ldap_controls.c
index 8cc0a61..592635d 100644
--- a/source4/libcli/ldap/ldap_controls.c
+++ b/source4/libcli/ldap/ldap_controls.c
@@ -1181,12 +1181,14 @@ static const struct ldap_control_handler
ldap_known_controls[] = {
{ DSDB_CONTROL_APPLY_LINKS, NULL, NULL },
/* DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID is internal only, and has no network
representation */
{ DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID, NULL, NULL },
-/* LDB_CONTROL_BYPASSOPERATIONAL_OID is internal only, and has no network
representation */
- { LDB_CONTROL_BYPASSOPERATIONAL_OID, NULL, NULL },
+/* LDB_CONTROL_BYPASS_OPERATIONAL_OID is internal only, and has no network
representation */
+ { LDB_CONTROL_BYPASS_OPERATIONAL_OID, NULL, NULL },
/* DSDB_CONTROL_CHANGEREPLMETADATA_OID is internal only, and has no network
representation */
{ DSDB_CONTROL_CHANGEREPLMETADATA_OID, NULL, NULL },
/* DSDB_CONTROL_SEARCH_APPLY_ACCESS is internal only, and has no network
representation */
{ DSDB_CONTROL_SEARCH_APPLY_ACCESS, NULL, NULL },
+/* LDB_CONTROL_PROVISION_OID is internal only, and has no network
representation */
+ { LDB_CONTROL_PROVISION_OID, NULL, NULL },
/* DSDB_EXTENDED_REPLICATED_OBJECTS_OID is internal only, and has no network
representation */
{ DSDB_EXTENDED_REPLICATED_OBJECTS_OID, NULL, NULL },
/* DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID is internal only, and has no network
representation */
diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif
index 7fb37de..212097b 100644
--- a/source4/setup/schema_samba4.ldif
+++ b/source4/setup/schema_samba4.ldif
@@ -185,9 +185,10 @@
#Allocated: DSDB_CONTROL_PASSWORD_CHANGE_OID 1.3.6.1.4.1.7165.4.3.10
#Allocated: DSDB_CONTROL_APPLY_LINKS 1.3.6.1.4.1.7165.4.3.11
#Allocated: DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID 1.3.6.1.4.1.7165.4.3.12
-#Allocated: LDB_CONTROL_BYPASSOPERATIONAL_OID 1.3.6.1.4.1.7165.4.3.13
+#Allocated: LDB_CONTROL_BYPASS_OPERATIONAL_OID 1.3.6.1.4.1.7165.4.3.13
#Allocated: DSDB_CONTROL_CHANGEREPLMETADATA_OID 1.3.6.1.4.1.7165.4.3.14
#Allocated: DSDB_CONTROL_SEARCH_APPLY_ACCESS 1.3.6.1.4.1.7165.4.3.15
+#Allocated: LDB_CONTROL_PROVISION_OID 1.3.6.1.4.1.7165.4.3.16
# Extended 1.3.6.1.4.1.7165.4.4.x
#Allocated: DSDB_EXTENDED_REPLICATED_OBJECTS_OID 1.3.6.1.4.1.7165.4.4.1
--
Samba Shared Repository
