[SCM] Samba Shared Repository - branch master updated

Nadezhda Ivanova nivanova at samba.org
Mon May 3 06:51:48 MDT 2010


The branch, master has been updated
       via  15b42d6... Added a function to check if an attribute can belong to a filtered replica.
      from  fe1617a... s3-lanman: fix api_DosPrintQEnum().

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 15b42d6515504862184f33ad8002135ec1e63158
Author: Nadezhda Ivanova <nivanova at samba.org>
Date:   Mon May 3 14:50:10 2010 +0200

    Added a function to check if an attribute can belong to a filtered replica.

-----------------------------------------------------------------------

Summary of changes:
 source4/dsdb/config.mk                |    3 +-
 source4/dsdb/schema/schema_filtered.c |  110 +++++++++++++++++++++++++++++++++
 source4/dsdb/wscript_build            |    2 +-
 source4/torture/ldap/schema.c         |   17 +++++
 4 files changed, 130 insertions(+), 2 deletions(-)
 create mode 100644 source4/dsdb/schema/schema_filtered.c


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/config.mk b/source4/dsdb/config.mk
index 4363399..1ab0cb2 100644
--- a/source4/dsdb/config.mk
+++ b/source4/dsdb/config.mk
@@ -43,7 +43,8 @@ SAMDB_SCHEMA_OBJ_FILES = $(addprefix $(dsdbsrcdir)/schema/, \
 		schema_convert_to_ol.o \
 		schema_inferiors.o \
 		schema_prefixmap.o \
-		schema_info_attr.o)
+		schema_info_attr.o \
+		schema_filtered.o)
 
 $(eval $(call proto_header_template,$(dsdbsrcdir)/schema/proto.h,$(SAMDB_SCHEMA_OBJ_FILES:.o=.c)))
 # PUBLIC_HEADERS += dsdb/schema/schema.h
diff --git a/source4/dsdb/schema/schema_filtered.c b/source4/dsdb/schema/schema_filtered.c
new file mode 100644
index 0000000..304160d
--- /dev/null
+++ b/source4/dsdb/schema/schema_filtered.c
@@ -0,0 +1,110 @@
+/* 
+   Unix SMB/CIFS mplementation.
+   API for determining af an attribute belongs to the filtered set.
+   
+   Copyright (C) Nadezhda Ivanova <nivanova at samba.org> 2010
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+   
+*/
+#include "includes.h"
+#include "dsdb/samdb/samdb.h"
+#include "dsdb/common/util.h"
+#include "lib/ldb/include/ldb_errors.h"
+#include "../lib/util/dlinklist.h"
+#include "param/param.h"
+
+const char *never_in_filtered_attrs[] = { "accountExpires",
+				     "codePage",
+				     "creationTime",
+				     "currentValue",
+				     "dBCSPwd",
+				     "dNSHostName",
+				     "displayName",
+				     "domainReplica",
+				     "fSMORoleOwner",
+				     "flatName",
+				     "initialAuthIncoming",
+				     "initialAuthOutgoing",
+				     "isCriticalSystemObject",
+				     "lmPwdHistory",
+				     "lockOutObservationWindow",
+				     "lockoutDuration",
+				     "lockoutTime",
+				     "logonHours",
+				     "maxPwdAge",
+				     "minPwdAge",
+				     "minPwdLength",
+				     "msDS-AdditionalDnsHostName",
+				     "msDS-AdditionalSamAccountName",
+				     "msDS-AllowedToDelegateTo",
+				     "msDS-AuthenticatedAtDC",
+				     "msDS-ExecuteScriptPassword",
+				     "msDS-KrbTgtLink",
+				     "msDS-SPNSuffixes",
+				     "msDS-SupportedEncryptionTypes",
+				     "msDS-TrustForestTrustInfo",
+				     "nETBIOSName",
+				     "nTMixedDomain",
+				     "notFiltlockoutThreshold",
+				     "ntPwdHistory",
+				     "operatingSystem",
+				     "operatingSystemServicePack",
+				     "operatingSystemVersion",
+				     "priorValue",
+				     "pwdHistoryLength",
+				     "pwdLastSet",
+				     "pwdProperties",
+				     "rid",
+				     "sIDHistory",
+				     "securityIdentifier",
+				     "servicePrincipalName",
+				     "supplementalCredentials",
+				     "trustAttributes",
+				     "trustAuthIncoming",
+				     "trustAuthOutgoing",
+				     "trustDirection",
+				     "trustParent",
+				     "trustPartner",
+				     "trustPosixOffset",
+				     "trustType",
+				     "unicodePwd"
+};
+
+/* returns true if the attribute can be in a filtered replica */
+
+bool dsdb_attribute_is_attr_in_filtered_replica(struct dsdb_attribute *attribute)
+{
+	int i, size = sizeof(never_in_filtered_attrs)/sizeof(char *);
+	if (attribute->systemOnly ||
+	    attribute->schemaFlagsEx & DS_FLAG_ATTR_IS_CRITICAL) {
+		return false;
+	}
+	if (attribute->systemFlags & (DS_FLAG_ATTR_NOT_REPLICATED |
+				      DS_FLAG_ATTR_REQ_PARTIAL_SET_MEMBER |
+				      DS_FLAG_ATTR_IS_CONSTRUCTED)) {
+		return false;
+	}
+
+	for (i=0; i < size; i++) {
+		if (strcmp(attribute->lDAPDisplayName, never_in_filtered_attrs[i]) == 0) {
+			return false;
+		}
+	}
+
+	if (attribute->searchFlags & SEARCH_FLAG_RODC_ATTRIBUTE) {
+		return false;
+	}
+	return true;
+}
diff --git a/source4/dsdb/wscript_build b/source4/dsdb/wscript_build
index dbe1f48..92f0561 100644
--- a/source4/dsdb/wscript_build
+++ b/source4/dsdb/wscript_build
@@ -18,7 +18,7 @@ bld.SAMBA_SUBSYSTEM('SAMDB_COMMON',
 
 
 bld.SAMBA_SUBSYSTEM('SAMDB_SCHEMA',
-	source='schema/schema_init.c schema/schema_set.c schema/schema_query.c schema/schema_syntax.c schema/schema_description.c schema/schema_convert_to_ol.c schema/schema_inferiors.c schema/schema_prefixmap.c schema/schema_info_attr.c',
+	source='schema/schema_init.c schema/schema_set.c schema/schema_query.c schema/schema_syntax.c schema/schema_description.c schema/schema_convert_to_ol.c schema/schema_inferiors.c schema/schema_prefixmap.c schema/schema_info_attr.c schema/schema_filtered.c',
 	autoproto='schema/proto.h',
 	deps='SAMDB_COMMON NDR_DRSUAPI NDR_DRSBLOBS LDBSAMBA tevent'
 	)
diff --git a/source4/torture/ldap/schema.c b/source4/torture/ldap/schema.c
index c942340..af33de9 100644
--- a/source4/torture/ldap/schema.c
+++ b/source4/torture/ldap/schema.c
@@ -356,6 +356,22 @@ static bool test_dump_sorted_syntax(struct ldb_context *ldb, struct test_rootDSE
 	return true;
 }
 
+static bool test_dump_not_in_filtered_replica(struct ldb_context *ldb, struct test_rootDSE *root, struct dsdb_schema *schema)
+{
+	struct dsdb_attribute *a;
+	uint32_t a_i = 1;
+
+	d_printf("Dumping attributes not in filtered replica\n");
+
+	for (a=schema->attributes; a; a = a->next) {
+		if (!dsdb_attribute_is_attr_in_filtered_replica(a)) {
+			d_printf("attr[%4u]: '%s'\n", a_i++,
+				 a->lDAPDisplayName);
+		}
+	}
+	return true;
+}
+
 bool torture_ldap_schema(struct torture_context *torture)
 {
 	struct ldb_context *ldb;
@@ -384,6 +400,7 @@ bool torture_ldap_schema(struct torture_context *torture)
 	ret &= test_dump_partial(ldb, &rootDSE, schema);
 	ret &= test_dump_contructed(ldb, &rootDSE, schema);
 	ret &= test_dump_sorted_syntax(ldb, &rootDSE, schema);
+	ret &= test_dump_not_in_filtered_replica(ldb, &rootDSE, schema);
 
 failed:
 	return ret;


-- 
Samba Shared Repository


More information about the samba-cvs mailing list