summaryrefslogtreecommitdiffstats
path: root/src/back-sch.c
Commit message (Collapse)AuthorAgeFilesLines
* Add schema-compat-relevant-subtreeNalin Dahyabhai2013-09-121-1/+7
| | | | | | | | | | Add a schema-compat-relevant-subtree configuration option, listing the only parts of the DIT that we should ever look at, either as source entries or as other entries which contain data which might be pulled in as part of computing the contents of compat entries. This is more or less the whitelist to schema-compat-ignore-subtree's blacklist.
* Add schema-compat-ignore-subtreeNalin Dahyabhai2013-09-121-0/+7
| | | | | | | Add a schema-compat-ignore-subtree configuration option, listing parts of the DIT that we should never look at, neither as source entries nor as random other entries which contain data which might be pulled in as part of computing the contents of compat entries.
* Free staged data correctly when locking failsNalin Dahyabhai2013-08-271-0/+2
|
* Always use normalized RDNs as map keysNalin Dahyabhai2013-08-121-2/+3
| | | | | | Always use normalized RDNs as map keys, so that we can be sure that a lookup using part of the DN will find the entry, even if it needed to be escaped and/or normalized to something else at some point.
* Only add extensibleObject if we have an SIDNalin Dahyabhai2013-08-121-1/+1
| | | | | | Make the addition of extensibleObject to the list of objectclasses conditional on there being a ipaNTSecurityIdentifier value in the source entry.
* Handle locking failuresNalin Dahyabhai2013-08-121-37/+64
| | | | Handle cases where we fail to acquire locks.
* Switch to tracking entry sources explicitlyNalin Dahyabhai2013-08-121-8/+2
| | | | | | Don't depend on a text attribute in a synthetic entry to tell us where it came from; just record it in the entry's backend_data and consult it directly later.
* Don't log "with closest match (null)"Nalin Dahyabhai2013-08-121-15/+14
| | | | | If we're sending a result, don't log that we're sending a closest match, even if it's "(null)", if we're not sending a closest match.
* Formatting, implicit NULL checksNalin Dahyabhai2013-08-121-4/+4
|
* Fix a type safety errorNalin Dahyabhai2013-08-121-1/+1
|
* Explicitly track the sources of cached entriesNalin Dahyabhai2013-08-121-7/+16
|
* Renames and fix a memory leakNalin Dahyabhai2013-08-121-29/+30
| | | | | | | | Rename backend_staged_data to backend_staged_search. Fix some formatting. Change how we walk the list of entries retrieved using a staged search so that if the map's been removed since the search was staged, we still free the temporary entry structures.
* Comment cleanupNalin Dahyabhai2013-08-121-7/+8
|
* Notice when read locks failNalin Dahyabhai2013-08-071-24/+50
| | | | | When we fail to obtain a read lock on the data, attempt to fail the operation, so that it can be retried later.
* back-sch.c: authenticate users through PAM system-auth serviceAlexander Bokovoy2013-08-071-18/+126
| | | | | | | | | | | | | | | | Since trusted domain users do not exist in the LDAP tree, their authentication is handed over to PAM stack with the hope that PAM is set up properly to authenticate them. Additionally, this patch completely refactors authentication for the original DNs that *are* located in the LDAP tree. Previous way to handle it was through referrals being sent back. However, this method does not work at all. Instead, we set SLAPI_BIND_TARGET_DN to the entry's original DN and hand over pre-bind processing to other directory server's plugins. If slapi-nis set up with a higher precedence to them, authentication will be handled by others.
* back-sch.c: search users and groups through NSSWITCHAlexander Bokovoy2013-08-071-6/+124
| | | | | | | | | | | Schema-compat plugin can be configured to serve users and groups through the plugin configuration entry in directory server: schema-compat-lookup-nsswitch: <user|group> schema-compat-nsswitch-min-id: <value> Separate trees should be configured to look up users and groups. If minimal id value is missing, it will default to 1000.
* back-sch: use plugin configuration to decide whether NSSWITCH should be ↵Alexander Bokovoy2013-08-071-1/+44
| | | | | | | | | consulted When one instance of schema compat plugin is configured to consult NSSWITCH, promote its configuration to the backend. Default to not looking into NSSWITCH.
* back-sch: move structure definitions to back-sch.h to share with other codeAlexander Bokovoy2013-08-071-33/+1
| | | | NSSWITCH supporting code needs access to the schema-compat structures
* fixup log messages and a signed booleanNalin Dahyabhai2012-11-141-2/+2
| | | | | - add missing newlines at the end of a couple of messages - make that one bit that we compare to zero unsigned instead of signed
* warning cleanup: remove unused variablesNalin Dahyabhai2012-11-131-3/+2
|
* Overhaul betxn supportNalin Dahyabhai2012-11-011-63/+114
| | | | | | | | | * Check for BETXN support at build-time, provide options for disabling or requiring that it be available for build to succeed. * Track whether or not BETXN support is enabled in the plugin-local state. * Skip processing in post/internalpost callbacks if BETXN support is enabled. * Skip work in betxnpost callbacks if BETXN support is disabled.
* make NIS Plugin and Schema Compatibility Plugin betxn awareNoriko Hosoi2012-10-161-14/+66
| | | | | | | | | | When NIS Plugin and Schema Compatibility Plugin config entries include nsslapd-pluginbetxn: on (the value could be yes, true or 1, too), the plugins' update callbacks (add, delete, modify, and modrdn) are called at the betxn pre/postop timing. By default, the value of nsslapd-pluginbetxn is off. (See also https://fedorahosted.org/389/ticket/351)
* drop support for directory server transactionsNalin Dahyabhai2012-06-131-10/+0
| | | | | | | Transaction support the way we added it is an all-or-nothing proposition for a server installation, which turned out to be problematic, so 389 is going to pursue another strategy for that. The new way requires that we not register as a betxn plugin, ever.
* - add setting of a synthetic entry's entryUSN based on the source entry's ↵Nalin Dahyabhai2012-03-151-5/+79
| | | | entryUSN or the root DSE's lastUSN (if we have no source entry)
* properly escape RDN values when building compat entries (#796509)Nalin Dahyabhai2012-02-231-9/+73
|
* - fix a compile error on systems which don't define LDAP_SCOPE_SUBORDINATE, ↵Nalin Dahyabhai2012-02-131-1/+1
| | | | reported by Christian Neuhold
* - remove unused variablesNalin Dahyabhai2012-01-241-11/+11
|
* - typoNalin Dahyabhai2012-01-181-1/+1
|
* - log a text version of the search scope, tooNalin Dahyabhai2012-01-181-2/+25
|
* - in callbacks, only use pblocks that are built from pblocks that weNalin Dahyabhai2012-01-161-16/+22
| | | | | | already have, so that we can pass the transaction ID around; this includes additional parameters for a number of functions and a new callback data type for backend_set_config_entry_add_cb()
* - avoid using pblocks for more than one internal operation - the serverNalin Dahyabhai2012-01-111-2/+2
| | | | | | allocates internal state each time but doesn't clean up any that's aready there if you reuse the block - correctly free values we use when constructing compat entries
* - adapt to slapi_dn_normalize() becoming a no-op because it's deprecatedNalin Dahyabhai2012-01-111-8/+11
|
* - get the disabling logic rightNalin Dahyabhai2012-01-101-3/+3
|
* - add a testing option for toggling the skip-uninteresting-updates logicNalin Dahyabhai2012-01-101-0/+8
|
* - most of what's needed to hook back-end txn postoperations, except for the ↵Nalin Dahyabhai2012-01-091-0/+10
| | | | passing the TXN ID around, which means we deadlock if we actually do it
* - Make a note of which attributes we read from any entry when evaluating ↵Nalin Dahyabhai2012-01-061-3/+14
| | | | data, and when we're later called for a modify request which doesn't modify any of those attributes, skip recalculating the entry contents (should make a dent in #771493).
* - get more verbose with loggingNalin Dahyabhai2011-07-261-1/+11
|
* - don't assume that libc will provide yp headers -- build them ourselvesNalin Dahyabhai2011-05-131-2/+2
|
* speed up building compat entries with attributes with thousands of literal ↵slapi-nis-0.23Nalin Dahyabhai2011-03-311-27/+55
| | | | values (#692690)
* - clean up the no-entries warning for the NULL setNalin Dahyabhai2011-02-091-1/+1
|
* - for containers which are also the groups, don't return the containerNalin Dahyabhai2010-11-231-3/+5
| | | | | entry as a search result if it's also the group entry (in which case we already looked at the entry)
* - fix a brown-paper-bag crash in the schema-compat pluginslapi-nis-0.19Nalin Dahyabhai2010-11-221-1/+1
|
* - handle a group with no explicitly-named container by treating theNalin Dahyabhai2010-11-221-18/+54
| | | | entries as direct subordinates of the group entry
* Check that the search base is serviced by a real backend before we'll ↵Nalin Dahyabhai2010-11-221-0/+9
| | | | attempt to participate in a search request.
* - return unwilling-to-perform instead of insufficient-access in responseNalin Dahyabhai2010-08-021-2/+2
| | | | to write requests
* - revert to registering plugins at init-time, which is what the docsNalin Dahyabhai2009-05-061-0/+13
| | | | | | say we should do - use whether or not the plugin_base is initialized as in indicator of whether the plugin's been started or not
* - merge discovered values rather than straight-out adding them, so thatNalin Dahyabhai2008-12-081-8/+9
| | | | the duplicates don't show up in the constructed entry
* - don't use a DN as the right-side of a search filter, since theNalin Dahyabhai2008-12-031-30/+82
| | | | server doesn't know that the attribute should have DN syntax
* - give callback registration the ability to return errorsNalin Dahyabhai2008-12-031-3/+19
| | | | | - make the nis plugin register two types of internal plugins, since it can't just be a postop plugin any more
* - use a counter to make sure we don't recurse inside the same thread,Nalin Dahyabhai2008-12-021-18/+22
| | | | | which might cause us to try to take a read lock when we're holding the write lock, or vice-versa
generated by cgit (git 2.34.1) at 2024-06-25 01:39:49 +0000