[SCM] Samba Shared Repository - branch v3-0-test updated -
release-3-0-28-123-g086eaf2
Michael Adam
obnox at samba.org
Thu Feb 7 13:24:02 GMT 2008
The branch, v3-0-test has been updated
via 086eaf20574264f24230301565f16347c5d2738e (commit)
via 3fcef06e4fdf375f4b07e953a5d707dfc226415b (commit)
from 63b3f2cb410688d2705f53090e7f9638a106daa4 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-0-test
- Log -----------------------------------------------------------------
commit 086eaf20574264f24230301565f16347c5d2738e
Author: Michael Adam <obnox at samba.org>
Date: Wed Feb 6 18:16:03 2008 +0100
Add configure check for LBER_LOG_PRINT_FN - to intercept ldap debug.
Use the resulting HAVE_LBER_LOG_PRINT_FN to determine whether we can
use it in init_ldap_debugging to intercept LDAP debug output and print
it out in the samba logs (controlled with "ldap debug level").
Michael
commit 3fcef06e4fdf375f4b07e953a5d707dfc226415b
Author: Michael Adam <obnox at samba.org>
Date: Mon Jan 28 14:47:01 2008 +0100
Add support for LDAP debug output in Samba log file.
Logging of the ldap libraries appears with a [LDAP] prefix
inside the samba logs. This is controlled by two new parameters:
* "ldap debug level" sets the debug level of the ldap libraries.
It is the bit-field as understood by the openldap server.
* "ldap debug threshold" is the samba debug level at which ldap
logging appears inside the samba logs.
This probably needs some configure tests since it makes
use of the LBER_OPT_LOG_PRINT_FN option to redirect the
debug output of the ldap libraries.
Michael
-----------------------------------------------------------------------
Summary of changes:
source/Makefile.in | 2 +-
source/configure.in | 15 +++++++++++
source/lib/ldap_debug_handler.c | 52 +++++++++++++++++++++++++++++++++++++++
source/param/loadparm.c | 19 ++++++++++++++
4 files changed, 87 insertions(+), 1 deletions(-)
create mode 100644 source/lib/ldap_debug_handler.c
Changeset truncated at 500 lines:
diff --git a/source/Makefile.in b/source/Makefile.in
index ea14944..f37a94e 100644
--- a/source/Makefile.in
+++ b/source/Makefile.in
@@ -270,7 +270,7 @@ READLINE_OBJ = lib/readline.o
# Be sure to include them into your application
POPT_LIB_OBJ = lib/popt_common.o
-PARAM_OBJ = dynconfig.o param/loadparm.o param/params.o lib/sharesec.o
+PARAM_OBJ = dynconfig.o param/loadparm.o param/params.o lib/sharesec.o lib/ldap_debug_handler.o
KRBCLIENT_OBJ = libads/kerberos.o libads/ads_status.o
diff --git a/source/configure.in b/source/configure.in
index 14948ad..d3fb63b 100644
--- a/source/configure.in
+++ b/source/configure.in
@@ -3243,6 +3243,21 @@ if test x"$with_ldap_support" != x"no"; then
# this test must be before the libldap test
AC_CHECK_LIB_EXT(lber, LDAP_LIBS, ber_scanf)
+ #######################################################
+ # if we have LBER_OPT_LOG_PRINT_FN, we can intercept
+ # ldap logging and print it out in the samba logs
+ AC_CACHE_CHECK([for LBER_OPT_LOG_PRINT_FN],
+ samba_cv_HAVE_LBER_OPT_LOG_PRINT_FN,
+ [AC_TRY_COMPILE([#include <lber.h>],
+ [int val = LBER_OPT_LOG_PRINT_FN;],
+ samba_cv_HAVE_LBER_OPT_LOG_PRINT_FN=yes,
+ samba_cv_HAVE_LBER_OPT_LOG_PRINT_FN=no)])
+
+ if test x"$samba_cv_HAVE_LBER_OPT_LOG_PRINT_FN" = x"yes"; then
+ AC_DEFINE(HAVE_LBER_LOG_PRINT_FN, 1,
+ [Support for LDAP/LBER logging interception])
+ fi
+
########################################################
# now see if we can find the ldap libs in standard paths
AC_CHECK_LIB_EXT(ldap, LDAP_LIBS, ldap_init)
diff --git a/source/lib/ldap_debug_handler.c b/source/lib/ldap_debug_handler.c
new file mode 100644
index 0000000..f289f74
--- /dev/null
+++ b/source/lib/ldap_debug_handler.c
@@ -0,0 +1,52 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * Intercept libldap debug output.
+ * Copyright (C) Michael Adam 2008
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+
+#if HAVE_LDAP
+
+static void samba_ldap_log_print_fn(LDAP_CONST char *data)
+{
+ DEBUG(lp_ldap_debug_threshold(), ("[LDAP] %s", data));
+}
+
+#endif
+
+void init_ldap_debugging(void)
+{
+#if defined(HAVE_LDAP) && defined(HAVE_LBER_LOG_PRINT_FN)
+ int ret;
+ int ldap_debug_level = lp_ldap_debug_level();
+
+ ret = ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, &ldap_debug_level);
+ if (ret != LDAP_OPT_SUCCESS) {
+ DEBUG(10, ("Error setting LDAP debug level.\n"));
+ }
+
+ if (ldap_debug_level == 0) {
+ return;
+ }
+
+ ret = ber_set_option(NULL, LBER_OPT_LOG_PRINT_FN,
+ (void *)samba_ldap_log_print_fn);
+ if (ret != LBER_OPT_SUCCESS) {
+ DEBUG(10, ("Error setting LBER log print function.\n"));
+ }
+#endif /* HAVE_LDAP && HAVE_LBER_LOG_PRINT_FN */
+}
diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index be49927..0bb17a2 100644
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -237,6 +237,8 @@ typedef struct {
int ldap_ssl;
char *szLdapSuffix;
char *szLdapAdminDn;
+ int ldap_debug_level;
+ int ldap_debug_threshold;
int iAclCompat;
char *szCupsServer;
char *szIPrintServer;
@@ -634,6 +636,7 @@ static BOOL handle_netbios_aliases( int snum, const char *pszParmValue, char **p
static BOOL handle_netbios_scope( int snum, const char *pszParmValue, char **ptr );
static BOOL handle_charset( int snum, const char *pszParmValue, char **ptr );
static BOOL handle_printing( int snum, const char *pszParmValue, char **ptr);
+static BOOL handle_ldap_debug_level( int snum, const char *pszParmValue, char **ptr);
static void set_server_role(void);
static void set_default_server_announce_type(void);
@@ -1189,6 +1192,10 @@ static struct parm_struct parm_table[] = {
{"ldap page size", P_INTEGER, P_GLOBAL, &Globals.ldap_page_size, NULL, NULL, FLAG_ADVANCED},
{"ldap user suffix", P_STRING, P_GLOBAL, &Globals.szLdapUserSuffix, NULL, NULL, FLAG_ADVANCED},
+ {"ldap debug level", P_INTEGER, P_GLOBAL, &Globals.ldap_debug_level, handle_ldap_debug_level, NULL, FLAG_ADVANCED},
+ {"ldap debug threshold", P_INTEGER, P_GLOBAL, &Globals.ldap_debug_threshold, NULL, NULL, FLAG_ADVANCED},
+
+
{N_("Miscellaneous Options"), P_SEP, P_SEPARATOR},
{"add share command", P_STRING, P_GLOBAL, &Globals.szAddShareCommand, NULL, NULL, FLAG_ADVANCED},
{"change share command", P_STRING, P_GLOBAL, &Globals.szChangeShareCommand, NULL, NULL, FLAG_ADVANCED},
@@ -1592,6 +1599,9 @@ static void init_globals(BOOL first_time_only)
Globals.ldap_timeout = LDAP_CONNECT_DEFAULT_TIMEOUT;
Globals.ldap_page_size = LDAP_PAGE_SIZE;
+ Globals.ldap_debug_level = 0;
+ Globals.ldap_debug_threshold = 10;
+
/* This is what we tell the afs client. in reality we set the token
* to never expire, though, when this runs out the afs client will
* forget the token. Set to 0 to get NEVERDATE.*/
@@ -1918,6 +1928,8 @@ FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
FN_GLOBAL_INTEGER(lp_ldap_replication_sleep, &Globals.ldap_replication_sleep)
FN_GLOBAL_INTEGER(lp_ldap_timeout, &Globals.ldap_timeout)
FN_GLOBAL_INTEGER(lp_ldap_page_size, &Globals.ldap_page_size)
+FN_GLOBAL_INTEGER(lp_ldap_debug_level, &Globals.ldap_debug_level)
+FN_GLOBAL_INTEGER(lp_ldap_debug_threshold, &Globals.ldap_debug_threshold)
FN_GLOBAL_STRING(lp_add_share_cmd, &Globals.szAddShareCommand)
FN_GLOBAL_STRING(lp_change_share_cmd, &Globals.szChangeShareCommand)
FN_GLOBAL_STRING(lp_delete_share_cmd, &Globals.szDeleteShareCommand)
@@ -3227,6 +3239,13 @@ static BOOL handle_copy(int snum, const char *pszParmValue, char **ptr)
return (bRetval);
}
+static BOOL handle_ldap_debug_level(int snum, const char *pszParmValue, char **ptr)
+{
+ Globals.ldap_debug_level = lp_int(pszParmValue);
+ init_ldap_debugging();
+ return True;
+}
+
/***************************************************************************
Handle idmap/non unix account uid and gid allocation parameters. The format of these
parameters is:
--
Samba Shared Repository
More information about the samba-cvs
mailing list