The Samba-Bugzilla – Attachment 13879 Details for
Bug 13191
Performance regression in DNS server with introduction of DNS wildcard
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
backported patch for 4.7
v4-7-dns-wildcard-perf.patch (text/plain), 51.57 KB, created by
Andrew Bartlett
on 2017-12-20 03:49:52 UTC
(
hide
)
Description:
backported patch for 4.7
Filename:
MIME Type:
Creator:
Andrew Bartlett
Created:
2017-12-20 03:49:52 UTC
Size:
51.57 KB
patch
obsolete
>From 8a101fbb34b3bee805d5b8cbf96e07e9e42e5042 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Wed, 20 Dec 2017 14:55:04 +1300 >Subject: [PATCH 1/7] selftest: Do not use dn= filter string > >This accidentially worked with SCOPE_ONELEVEL against Samba but dn= filters are >not valid in AD. > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >--- > python/samba/tests/samba_tool/sites.py | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > >diff --git a/python/samba/tests/samba_tool/sites.py b/python/samba/tests/samba_tool/sites.py >index 8f96bba4df8..36948257b08 100644 >--- a/python/samba/tests/samba_tool/sites.py >+++ b/python/samba/tests/samba_tool/sites.py >@@ -50,7 +50,7 @@ class SitesCmdTestCase(BaseSitesCmdTestCase): > dnsite = ldb.Dn(self.samdb, "CN=%s,%s" % (sitename, dnsites)) > > ret = self.samdb.search(base=dnsites, scope=ldb.SCOPE_ONELEVEL, >- expression='(dn=%s)' % str(dnsite)) >+ expression='(cn=%s)' % sitename) > self.assertEquals(len(ret), 1) > > # now delete it >@@ -106,7 +106,7 @@ class SitesSubnetCmdTestCase(BaseSitesCmdTestCase): > (cidr, self.config_dn))) > > ret = self.samdb.search(base=dnsubnets, scope=ldb.SCOPE_ONELEVEL, >- expression='(dn=%s)' % dnsubnet) >+ expression='(CN=%s)' % cidr) > self.assertIsNotNone(ret) > self.assertEqual(len(ret), 1) > self.samdb.delete(dnsubnet, ["tree_delete:0"]) >-- >2.11.0 > > >From 3184f1cf26d64b257b06999308c183cb42fd4499 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Thu, 10 Aug 2017 16:23:33 +1200 >Subject: [PATCH 2/7] ldb_tdb: Provide struct ltdb_private to index routines > >This will make it easier to switch the GUID index mode on and off > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13191 > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit 3d952157d72b3a4635f3942449c1727c438c97c6) >--- > lib/ldb/ldb_tdb/ldb_index.c | 90 ++++++++++++++++++++++++++++++--------------- > lib/ldb/ldb_tdb/ldb_tdb.c | 38 +++++++++++++------ > lib/ldb/ldb_tdb/ldb_tdb.h | 16 ++++++-- > 3 files changed, 99 insertions(+), 45 deletions(-) > >diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c >index 3510dd9b1bc..ddcf0124dab 100644 >--- a/lib/ldb/ldb_tdb/ldb_index.c >+++ b/lib/ldb/ldb_tdb/ldb_index.c >@@ -79,7 +79,9 @@ static int dn_list_cmp(const struct ldb_val *v1, const struct ldb_val *v2) > find a entry in a dn_list, using a ldb_val. Uses a case sensitive > comparison with the dn returns -1 if not found > */ >-static int ltdb_dn_list_find_val(const struct dn_list *list, const struct ldb_val *v) >+static int ltdb_dn_list_find_val(struct ltdb_private *ltdb, >+ const struct dn_list *list, >+ const struct ldb_val *v) > { > unsigned int i; > for (i=0; i<list->count; i++) { >@@ -94,12 +96,14 @@ static int ltdb_dn_list_find_val(const struct dn_list *list, const struct ldb_va > find a entry in a dn_list. Uses a case sensitive comparison with the dn > returns -1 if not found > */ >-static int ltdb_dn_list_find_str(struct dn_list *list, const char *dn) >+static int ltdb_dn_list_find_str(struct ltdb_private *ltdb, >+ struct dn_list *list, >+ const char *dn) > { > struct ldb_val v; > v.data = discard_const_p(unsigned char, dn); > v.length = strlen(dn); >- return ltdb_dn_list_find_val(list, &v); >+ return ltdb_dn_list_find_val(ltdb, list, &v); > } > > /* >@@ -219,7 +223,9 @@ normal_index: > /* > save a dn_list into a full @IDX style record > */ >-static int ltdb_dn_list_store_full(struct ldb_module *module, struct ldb_dn *dn, >+static int ltdb_dn_list_store_full(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ struct ldb_dn *dn, > struct dn_list *list) > { > struct ldb_message *msg; >@@ -274,7 +280,8 @@ static int ltdb_dn_list_store(struct ldb_module *module, struct ldb_dn *dn, > struct dn_list *list2; > > if (ltdb->idxptr == NULL) { >- return ltdb_dn_list_store_full(module, dn, list); >+ return ltdb_dn_list_store_full(module, ltdb, >+ dn, list); > } > > if (ltdb->idxptr->itdb == NULL) { >@@ -345,7 +352,8 @@ static int ltdb_index_traverse_store(struct tdb_context *tdb, TDB_DATA key, TDB_ > return -1; > } > >- ltdb->idxptr->error = ltdb_dn_list_store_full(module, dn, list); >+ ltdb->idxptr->error = ltdb_dn_list_store_full(module, ltdb, >+ dn, list); > talloc_free(dn); > if (ltdb->idxptr->error != 0) { > return -1; >@@ -575,6 +583,7 @@ static int ltdb_index_dn_leaf(struct ldb_module *module, > list = list & list2 > */ > static bool list_intersect(struct ldb_context *ldb, >+ struct ltdb_private *ltdb, > struct dn_list *list, const struct dn_list *list2) > { > struct dn_list *list3; >@@ -622,7 +631,8 @@ static bool list_intersect(struct ldb_context *ldb, > list3->count = 0; > > for (i=0;i<list->count;i++) { >- if (ltdb_dn_list_find_val(list2, &list->dn[i]) != -1) { >+ if (ltdb_dn_list_find_val(ltdb, list2, >+ &list->dn[i]) != -1) { > list3->dn[list3->count] = list->dn[i]; > list3->count++; > } >@@ -846,7 +856,8 @@ static int ltdb_index_dn_and(struct ldb_module *module, > list->dn = list2->dn; > list->count = list2->count; > found = true; >- } else if (!list_intersect(ldb, list, list2)) { >+ } else if (!list_intersect(ldb, ltdb, >+ list, list2)) { > talloc_free(list2); > return LDB_ERR_OPERATIONS_ERROR; > } >@@ -952,7 +963,8 @@ static int ltdb_index_dn(struct ldb_module *module, > filter a candidate dn_list from an indexed search into a set of results > extracting just the given attributes > */ >-static int ltdb_index_filter(const struct dn_list *dn_list, >+static int ltdb_index_filter(struct ltdb_private *ltdb, >+ const struct dn_list *dn_list, > struct ltdb_context *ac, > uint32_t *match_count) > { >@@ -1123,7 +1135,7 @@ int ltdb_search_indexed(struct ltdb_context *ac, uint32_t *match_count) > break; > } > >- ret = ltdb_index_filter(dn_list, ac, match_count); >+ ret = ltdb_index_filter(ltdb, dn_list, ac, match_count); > talloc_free(dn_list); > return ret; > } >@@ -1148,7 +1160,9 @@ int ltdb_search_indexed(struct ltdb_context *ac, uint32_t *match_count) > * > * @return An ldb error code > */ >-static int ltdb_index_add1(struct ldb_module *module, const char *dn, >+static int ltdb_index_add1(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ const char *dn, > struct ldb_message_element *el, int v_idx) > { > struct ldb_context *ldb; >@@ -1227,12 +1241,15 @@ static int ltdb_index_add1(struct ldb_module *module, const char *dn, > /* > add index entries for one elements in a message > */ >-static int ltdb_index_add_el(struct ldb_module *module, const char *dn, >+static int ltdb_index_add_el(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ const char *dn, > struct ldb_message_element *el) > { > unsigned int i; > for (i = 0; i < el->num_values; i++) { >- int ret = ltdb_index_add1(module, dn, el, i); >+ int ret = ltdb_index_add1(module, ltdb, >+ dn, el, i); > if (ret != LDB_SUCCESS) { > return ret; > } >@@ -1244,11 +1261,12 @@ static int ltdb_index_add_el(struct ldb_module *module, const char *dn, > /* > add index entries for all elements in a message > */ >-static int ltdb_index_add_all(struct ldb_module *module, const char *dn, >+static int ltdb_index_add_all(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ const char *dn, > struct ldb_message_element *elements, > unsigned int num_el) > { >- struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private); > unsigned int i; > > if (dn[0] == '@') { >@@ -1265,7 +1283,7 @@ static int ltdb_index_add_all(struct ldb_module *module, const char *dn, > if (!ltdb_is_indexed(module, ltdb, elements[i].name)) { > continue; > } >- ret = ltdb_index_add_el(module, dn, &elements[i]); >+ ret = ltdb_index_add_el(module, ltdb, dn, &elements[i]); > if (ret != LDB_SUCCESS) { > struct ldb_context *ldb = ldb_module_get_ctx(module); > ldb_asprintf_errstring(ldb, >@@ -1321,9 +1339,9 @@ static int ltdb_index_onelevel(struct ldb_module *module, > el.num_values = 1; > > if (add) { >- ret = ltdb_index_add1(module, dn, &el, 0); >+ ret = ltdb_index_add1(module, ltdb, dn, &el, 0); > } else { /* delete */ >- ret = ltdb_index_del_value(module, msg->dn, &el, 0); >+ ret = ltdb_index_del_value(module, ltdb, msg->dn, &el, 0); > } > > talloc_free(pdn); >@@ -1335,23 +1353,27 @@ static int ltdb_index_onelevel(struct ldb_module *module, > add the index entries for a new element in a record > The caller guarantees that these element values are not yet indexed > */ >-int ltdb_index_add_element(struct ldb_module *module, struct ldb_dn *dn, >+int ltdb_index_add_element(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ struct ldb_dn *dn, > struct ldb_message_element *el) > { >- struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private); > if (ldb_dn_is_special(dn)) { > return LDB_SUCCESS; > } > if (!ltdb_is_indexed(module, ltdb, el->name)) { > return LDB_SUCCESS; > } >- return ltdb_index_add_el(module, ldb_dn_get_linearized(dn), el); >+ return ltdb_index_add_el(module, ltdb, >+ ldb_dn_get_linearized(dn), el); > } > > /* > add the index entries for a new record > */ >-int ltdb_index_add_new(struct ldb_module *module, const struct ldb_message *msg) >+int ltdb_index_add_new(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ const struct ldb_message *msg) > { > const char *dn; > int ret; >@@ -1365,7 +1387,8 @@ int ltdb_index_add_new(struct ldb_module *module, const struct ldb_message *msg) > return LDB_ERR_OPERATIONS_ERROR; > } > >- ret = ltdb_index_add_all(module, dn, msg->elements, msg->num_elements); >+ ret = ltdb_index_add_all(module, ltdb, dn, msg->elements, >+ msg->num_elements); > if (ret != LDB_SUCCESS) { > return ret; > } >@@ -1377,7 +1400,9 @@ int ltdb_index_add_new(struct ldb_module *module, const struct ldb_message *msg) > /* > delete an index entry for one message element > */ >-int ltdb_index_del_value(struct ldb_module *module, struct ldb_dn *dn, >+int ltdb_index_del_value(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ struct ldb_dn *dn, > struct ldb_message_element *el, unsigned int v_idx) > { > struct ldb_context *ldb; >@@ -1422,7 +1447,7 @@ int ltdb_index_del_value(struct ldb_module *module, struct ldb_dn *dn, > return ret; > } > >- i = ltdb_dn_list_find_str(list, dn_str); >+ i = ltdb_dn_list_find_str(ltdb, list, dn_str); > if (i == -1) { > /* nothing to delete */ > talloc_free(dn_key); >@@ -1452,10 +1477,11 @@ int ltdb_index_del_value(struct ldb_module *module, struct ldb_dn *dn, > delete the index entries for a element > return -1 on failure > */ >-int ltdb_index_del_element(struct ldb_module *module, struct ldb_dn *dn, >+int ltdb_index_del_element(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ struct ldb_dn *dn, > struct ldb_message_element *el) > { >- struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private); > const char *dn_str; > int ret; > unsigned int i; >@@ -1478,7 +1504,7 @@ int ltdb_index_del_element(struct ldb_module *module, struct ldb_dn *dn, > return LDB_SUCCESS; > } > for (i = 0; i < el->num_values; i++) { >- ret = ltdb_index_del_value(module, dn, el, i); >+ ret = ltdb_index_del_value(module, ltdb, dn, el, i); > if (ret != LDB_SUCCESS) { > return ret; > } >@@ -1512,7 +1538,8 @@ int ltdb_index_delete(struct ldb_module *module, const struct ldb_message *msg) > } > > for (i = 0; i < msg->num_elements; i++) { >- ret = ltdb_index_del_element(module, msg->dn, &msg->elements[i]); >+ ret = ltdb_index_del_element(module, ltdb, >+ msg->dn, &msg->elements[i]); > if (ret != LDB_SUCCESS) { > return ret; > } >@@ -1677,6 +1704,8 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void * > struct ldb_context *ldb; > struct ltdb_reindex_context *ctx = (struct ltdb_reindex_context *)state; > struct ldb_module *module = ctx->module; >+ struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), >+ struct ltdb_private); > struct ldb_message *msg; > const char *dn = NULL; > unsigned int nb_elements_in_db; >@@ -1738,7 +1767,8 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void * > return -1; > } > >- ret = ltdb_index_add_all(module, dn, msg->elements, msg->num_elements); >+ ret = ltdb_index_add_all(module, ltdb, dn, >+ msg->elements, msg->num_elements); > > if (ret != LDB_SUCCESS) { > ctx->error = ret; >diff --git a/lib/ldb/ldb_tdb/ldb_tdb.c b/lib/ldb/ldb_tdb/ldb_tdb.c >index ccad8168a6e..afa0f9e47c3 100644 >--- a/lib/ldb/ldb_tdb/ldb_tdb.c >+++ b/lib/ldb/ldb_tdb/ldb_tdb.c >@@ -355,6 +355,7 @@ static bool ldb_tdb_single_valued(const struct ldb_schema_attribute *a, > } > > static int ltdb_add_internal(struct ldb_module *module, >+ struct ltdb_private *ltdb, > const struct ldb_message *msg, > bool check_single_value) > { >@@ -419,7 +420,7 @@ static int ltdb_add_internal(struct ldb_module *module, > return ret; > } > >- ret = ltdb_index_add_new(module, msg); >+ ret = ltdb_index_add_new(module, ltdb, msg); > if (ret != LDB_SUCCESS) { > return ret; > } >@@ -436,6 +437,8 @@ static int ltdb_add(struct ltdb_context *ctx) > { > struct ldb_module *module = ctx->module; > struct ldb_request *req = ctx->req; >+ void *data = ldb_module_get_private(module); >+ struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private); > int ret = LDB_SUCCESS; > > ret = ltdb_check_special_dn(module, req->op.add.message); >@@ -449,7 +452,8 @@ static int ltdb_add(struct ltdb_context *ctx) > return LDB_ERR_OPERATIONS_ERROR; > } > >- ret = ltdb_add_internal(module, req->op.add.message, true); >+ ret = ltdb_add_internal(module, ltdb, >+ req->op.add.message, true); > > return ret; > } >@@ -609,6 +613,7 @@ static int ltdb_msg_add_element(struct ldb_message *msg, > delete all elements having a specified attribute name > */ > static int msg_delete_attribute(struct ldb_module *module, >+ struct ltdb_private *ltdb, > struct ldb_message *msg, const char *name) > { > unsigned int i; >@@ -621,7 +626,7 @@ static int msg_delete_attribute(struct ldb_module *module, > } > i = el - msg->elements; > >- ret = ltdb_index_del_element(module, msg->dn, el); >+ ret = ltdb_index_del_element(module, ltdb, msg->dn, el); > if (ret != LDB_SUCCESS) { > return ret; > } >@@ -643,6 +648,7 @@ static int msg_delete_attribute(struct ldb_module *module, > return LDB Error on failure > */ > static int msg_delete_element(struct ldb_module *module, >+ struct ltdb_private *ltdb, > struct ldb_message *msg, > const char *name, > const struct ldb_val *val) >@@ -675,10 +681,11 @@ static int msg_delete_element(struct ldb_module *module, > } > if (matched) { > if (el->num_values == 1) { >- return msg_delete_attribute(module, msg, name); >+ return msg_delete_attribute(module, >+ ltdb, msg, name); > } > >- ret = ltdb_index_del_value(module, msg->dn, el, i); >+ ret = ltdb_index_del_value(module, ltdb, msg->dn, el, i); > if (ret != LDB_SUCCESS) { > return ret; > } >@@ -715,6 +722,8 @@ int ltdb_modify_internal(struct ldb_module *module, > struct ldb_request *req) > { > struct ldb_context *ldb = ldb_module_get_ctx(module); >+ void *data = ldb_module_get_private(module); >+ struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private); > struct ldb_message *msg2; > unsigned int i, j; > int ret = LDB_SUCCESS, idx; >@@ -800,7 +809,8 @@ int ltdb_modify_internal(struct ldb_module *module, > ret = LDB_ERR_OTHER; > goto done; > } >- ret = ltdb_index_add_element(module, msg2->dn, >+ ret = ltdb_index_add_element(module, ltdb, >+ msg2->dn, > el); > if (ret != LDB_SUCCESS) { > goto done; >@@ -881,7 +891,8 @@ int ltdb_modify_internal(struct ldb_module *module, > el2->values = vals; > el2->num_values += el->num_values; > >- ret = ltdb_index_add_element(module, msg2->dn, el); >+ ret = ltdb_index_add_element(module, ltdb, >+ msg2->dn, el); > if (ret != LDB_SUCCESS) { > goto done; > } >@@ -945,7 +956,8 @@ int ltdb_modify_internal(struct ldb_module *module, > } > > /* Delete the attribute if it exists in the DB */ >- if (msg_delete_attribute(module, msg2, >+ if (msg_delete_attribute(module, ltdb, >+ msg2, > el->name) != 0) { > ret = LDB_ERR_OTHER; > goto done; >@@ -958,7 +970,8 @@ int ltdb_modify_internal(struct ldb_module *module, > goto done; > } > >- ret = ltdb_index_add_element(module, msg2->dn, el); >+ ret = ltdb_index_add_element(module, ltdb, >+ msg2->dn, el); > if (ret != LDB_SUCCESS) { > goto done; > } >@@ -974,7 +987,9 @@ int ltdb_modify_internal(struct ldb_module *module, > > if (msg->elements[i].num_values == 0) { > /* Delete the whole attribute */ >- ret = msg_delete_attribute(module, msg2, >+ ret = msg_delete_attribute(module, >+ ltdb, >+ msg2, > msg->elements[i].name); > if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE && > control_permissive) { >@@ -991,6 +1006,7 @@ int ltdb_modify_internal(struct ldb_module *module, > /* Delete specified values from an attribute */ > for (j=0; j < msg->elements[i].num_values; j++) { > ret = msg_delete_element(module, >+ ltdb, > msg2, > msg->elements[i].name, > &msg->elements[i].values[j]); >@@ -1142,7 +1158,7 @@ static int ltdb_rename(struct ltdb_context *ctx) > * deleted attributes. We could go through all elements but that's > * maybe not the most efficient way > */ >- ret = ltdb_add_internal(module, msg, false); >+ ret = ltdb_add_internal(module, ltdb, msg, false); > > talloc_free(msg); > >diff --git a/lib/ldb/ldb_tdb/ldb_tdb.h b/lib/ldb/ldb_tdb/ldb_tdb.h >index a391606dd16..7871cbcb6d6 100644 >--- a/lib/ldb/ldb_tdb/ldb_tdb.h >+++ b/lib/ldb/ldb_tdb/ldb_tdb.h >@@ -82,13 +82,21 @@ int ltdb_check_at_attributes_values(const struct ldb_val *value); > struct ldb_parse_tree; > > int ltdb_search_indexed(struct ltdb_context *ctx, uint32_t *); >-int ltdb_index_add_new(struct ldb_module *module, const struct ldb_message *msg); >+int ltdb_index_add_new(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ const struct ldb_message *msg); > int ltdb_index_delete(struct ldb_module *module, const struct ldb_message *msg); >-int ltdb_index_del_element(struct ldb_module *module, struct ldb_dn *dn, >+int ltdb_index_del_element(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ struct ldb_dn *dn, > struct ldb_message_element *el); >-int ltdb_index_add_element(struct ldb_module *module, struct ldb_dn *dn, >+int ltdb_index_add_element(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ struct ldb_dn *dn, > struct ldb_message_element *el); >-int ltdb_index_del_value(struct ldb_module *module, struct ldb_dn *dn, >+int ltdb_index_del_value(struct ldb_module *module, >+ struct ltdb_private *ltdb, >+ struct ldb_dn *dn, > struct ldb_message_element *el, unsigned int v_idx); > int ltdb_reindex(struct ldb_module *module); > int ltdb_index_transaction_start(struct ldb_module *module); >-- >2.11.0 > > >From 34c6cf46661614f27cb0082bb03fdeb05929ef5d Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Mon, 18 Dec 2017 16:22:01 +1300 >Subject: [PATCH 3/7] ldb: Intersect the index from SCOPE_ONELEVEL with the > index for the search expression > >This helps ensure we do not have to scan all objects at this level >which could be very many (one per DNS zone entry). > >However, due to the O(n*m) behaviour in list_intersect() for ldb >1.2 and earlier, we only do this for small numbers of matches on the >filter tree. > >This behaviour will only be for ldb 1.2 and will not be kept >long-term in LDB, versions 1.3.1 and above will instead only >intersect when the GUID index is in use. > >NOTE WELL: the behaviour of disallowDNFilter is enforced >in the index code, so this fixes SCOPE_ONELEVEL to also >honour disallowDNFilter if there @IDXONE is enabled. Again, >this will change again in 1.3.1 and above. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13191 > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(adapted from a similar change in master) >--- > lib/ldb/ldb_tdb/ldb_index.c | 51 ++++++++++++++++++++++++++++++++++++++++++++- > 1 file changed, 50 insertions(+), 1 deletion(-) > >diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c >index ddcf0124dab..56ecf935eb6 100644 >--- a/lib/ldb/ldb_tdb/ldb_index.c >+++ b/lib/ldb/ldb_tdb/ldb_index.c >@@ -1075,6 +1075,7 @@ static void ltdb_dn_list_remove_duplicates(struct dn_list *list) > */ > int ltdb_search_indexed(struct ltdb_context *ac, uint32_t *match_count) > { >+ struct ldb_context *ldb = ldb_module_get_ctx(ac->module); > struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(ac->module), struct ltdb_private); > struct dn_list *dn_list; > int ret; >@@ -1109,6 +1110,8 @@ int ltdb_search_indexed(struct ltdb_context *ac, uint32_t *match_count) > break; > > case LDB_SCOPE_ONELEVEL: >+ { >+ struct dn_list *idx_one_tree_list = NULL; > if (!ltdb->cache->one_level_indexes) { > talloc_free(dn_list); > return LDB_ERR_OPERATIONS_ERROR; >@@ -1118,8 +1121,54 @@ int ltdb_search_indexed(struct ltdb_context *ac, uint32_t *match_count) > talloc_free(dn_list); > return ret; > } >- break; > >+ /* >+ * If we have too many matches, also try the filter >+ * tree and do index work there >+ * >+ * We only do this in the GUID index mode, which is >+ * O(n*log(m)) otherwise the intersection below will >+ * be too costly at O(n*m). >+ */ >+ idx_one_tree_list >+ = talloc_zero(ac, struct dn_list); >+ if (idx_one_tree_list == NULL) { >+ return ldb_module_oom(ac->module); >+ } >+ >+ if (!ltdb->cache->attribute_indexes) { >+ talloc_free(idx_one_tree_list); >+ talloc_free(dn_list); >+ return LDB_ERR_OPERATIONS_ERROR; >+ } >+ /* >+ * Here we load the index for the tree. >+ */ >+ ret = ltdb_index_dn(ac->module, ltdb, ac->tree, >+ idx_one_tree_list); >+ if (ret != LDB_SUCCESS) { >+ talloc_free(idx_one_tree_list); >+ talloc_free(dn_list); >+ return ret; >+ } >+ >+ /* >+ * We have to avoid the O(n*m) behaviour here blowing >+ * up, so we only intersect the lists if it will >+ * really help >+ */ >+ if (idx_one_tree_list->count < 10) { >+ if (!list_intersect(ldb, ltdb, >+ dn_list, idx_one_tree_list)) { >+ talloc_free(idx_one_tree_list); >+ talloc_free(dn_list); >+ return LDB_ERR_OPERATIONS_ERROR; >+ } >+ } else { >+ talloc_free(idx_one_tree_list); >+ } >+ break; >+ } > case LDB_SCOPE_SUBTREE: > case LDB_SCOPE_DEFAULT: > if (!ltdb->cache->attribute_indexes) { >-- >2.11.0 > > >From 85761f863a007f2c99f88b9f92344745c483e2d8 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Mon, 18 Dec 2017 10:14:31 +1300 >Subject: [PATCH 4/7] ldb: Release 1.2.3 > > - Intersect the index from SCOPE_ONELEVEL with the index for the search expression > > This helps ensure we do not have to scan all objects at this level > which could be very many (one per DNS zone entry). > > However, due to the O(n*m) behaviour in the LDB index code > we only do this for small numbers of matches on the > filter tree. > > This behaviour will only be for ldb 1.2 and will not be kept > long-term in LDB, versions 1.3.1 and above will instead only > intersect when the more efficient GUID index is in use. > > Finally, disallowDNFilter now applies to SCOPE_ONELEVEL banning > dn= as a filter string when so configured. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13191 > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >--- > lib/ldb/ABI/ldb-1.2.3.sigs | 277 ++++++++++++++++++++++++++++++++++ > lib/ldb/ABI/pyldb-util-1.2.3.sigs | 2 + > lib/ldb/ABI/pyldb-util.py3-1.2.3.sigs | 2 + > lib/ldb/wscript | 2 +- > 4 files changed, 282 insertions(+), 1 deletion(-) > create mode 100644 lib/ldb/ABI/ldb-1.2.3.sigs > create mode 100644 lib/ldb/ABI/pyldb-util-1.2.3.sigs > create mode 100644 lib/ldb/ABI/pyldb-util.py3-1.2.3.sigs > >diff --git a/lib/ldb/ABI/ldb-1.2.3.sigs b/lib/ldb/ABI/ldb-1.2.3.sigs >new file mode 100644 >index 00000000000..9dc61cda019 >--- /dev/null >+++ b/lib/ldb/ABI/ldb-1.2.3.sigs >@@ -0,0 +1,277 @@ >+ldb_add: int (struct ldb_context *, const struct ldb_message *) >+ldb_any_comparison: int (struct ldb_context *, void *, ldb_attr_handler_t, const struct ldb_val *, const struct ldb_val *) >+ldb_asprintf_errstring: void (struct ldb_context *, const char *, ...) >+ldb_attr_casefold: char *(TALLOC_CTX *, const char *) >+ldb_attr_dn: int (const char *) >+ldb_attr_in_list: int (const char * const *, const char *) >+ldb_attr_list_copy: const char **(TALLOC_CTX *, const char * const *) >+ldb_attr_list_copy_add: const char **(TALLOC_CTX *, const char * const *, const char *) >+ldb_base64_decode: int (char *) >+ldb_base64_encode: char *(TALLOC_CTX *, const char *, int) >+ldb_binary_decode: struct ldb_val (TALLOC_CTX *, const char *) >+ldb_binary_encode: char *(TALLOC_CTX *, struct ldb_val) >+ldb_binary_encode_string: char *(TALLOC_CTX *, const char *) >+ldb_build_add_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) >+ldb_build_del_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) >+ldb_build_extended_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, const char *, void *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) >+ldb_build_mod_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) >+ldb_build_rename_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, struct ldb_dn *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) >+ldb_build_search_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, enum ldb_scope, const char *, const char * const *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) >+ldb_build_search_req_ex: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, enum ldb_scope, struct ldb_parse_tree *, const char * const *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) >+ldb_casefold: char *(struct ldb_context *, TALLOC_CTX *, const char *, size_t) >+ldb_casefold_default: char *(void *, TALLOC_CTX *, const char *, size_t) >+ldb_check_critical_controls: int (struct ldb_control **) >+ldb_comparison_binary: int (struct ldb_context *, void *, const struct ldb_val *, const struct ldb_val *) >+ldb_comparison_fold: int (struct ldb_context *, void *, const struct ldb_val *, const struct ldb_val *) >+ldb_connect: int (struct ldb_context *, const char *, unsigned int, const char **) >+ldb_control_to_string: char *(TALLOC_CTX *, const struct ldb_control *) >+ldb_controls_except_specified: struct ldb_control **(struct ldb_control **, TALLOC_CTX *, struct ldb_control *) >+ldb_debug: void (struct ldb_context *, enum ldb_debug_level, const char *, ...) >+ldb_debug_add: void (struct ldb_context *, const char *, ...) >+ldb_debug_end: void (struct ldb_context *, enum ldb_debug_level) >+ldb_debug_set: void (struct ldb_context *, enum ldb_debug_level, const char *, ...) >+ldb_delete: int (struct ldb_context *, struct ldb_dn *) >+ldb_dn_add_base: bool (struct ldb_dn *, struct ldb_dn *) >+ldb_dn_add_base_fmt: bool (struct ldb_dn *, const char *, ...) >+ldb_dn_add_child: bool (struct ldb_dn *, struct ldb_dn *) >+ldb_dn_add_child_fmt: bool (struct ldb_dn *, const char *, ...) >+ldb_dn_alloc_casefold: char *(TALLOC_CTX *, struct ldb_dn *) >+ldb_dn_alloc_linearized: char *(TALLOC_CTX *, struct ldb_dn *) >+ldb_dn_canonical_ex_string: char *(TALLOC_CTX *, struct ldb_dn *) >+ldb_dn_canonical_string: char *(TALLOC_CTX *, struct ldb_dn *) >+ldb_dn_check_local: bool (struct ldb_module *, struct ldb_dn *) >+ldb_dn_check_special: bool (struct ldb_dn *, const char *) >+ldb_dn_compare: int (struct ldb_dn *, struct ldb_dn *) >+ldb_dn_compare_base: int (struct ldb_dn *, struct ldb_dn *) >+ldb_dn_copy: struct ldb_dn *(TALLOC_CTX *, struct ldb_dn *) >+ldb_dn_escape_value: char *(TALLOC_CTX *, struct ldb_val) >+ldb_dn_extended_add_syntax: int (struct ldb_context *, unsigned int, const struct ldb_dn_extended_syntax *) >+ldb_dn_extended_filter: void (struct ldb_dn *, const char * const *) >+ldb_dn_extended_syntax_by_name: const struct ldb_dn_extended_syntax *(struct ldb_context *, const char *) >+ldb_dn_from_ldb_val: struct ldb_dn *(TALLOC_CTX *, struct ldb_context *, const struct ldb_val *) >+ldb_dn_get_casefold: const char *(struct ldb_dn *) >+ldb_dn_get_comp_num: int (struct ldb_dn *) >+ldb_dn_get_component_name: const char *(struct ldb_dn *, unsigned int) >+ldb_dn_get_component_val: const struct ldb_val *(struct ldb_dn *, unsigned int) >+ldb_dn_get_extended_comp_num: int (struct ldb_dn *) >+ldb_dn_get_extended_component: const struct ldb_val *(struct ldb_dn *, const char *) >+ldb_dn_get_extended_linearized: char *(TALLOC_CTX *, struct ldb_dn *, int) >+ldb_dn_get_ldb_context: struct ldb_context *(struct ldb_dn *) >+ldb_dn_get_linearized: const char *(struct ldb_dn *) >+ldb_dn_get_parent: struct ldb_dn *(TALLOC_CTX *, struct ldb_dn *) >+ldb_dn_get_rdn_name: const char *(struct ldb_dn *) >+ldb_dn_get_rdn_val: const struct ldb_val *(struct ldb_dn *) >+ldb_dn_has_extended: bool (struct ldb_dn *) >+ldb_dn_is_null: bool (struct ldb_dn *) >+ldb_dn_is_special: bool (struct ldb_dn *) >+ldb_dn_is_valid: bool (struct ldb_dn *) >+ldb_dn_map_local: struct ldb_dn *(struct ldb_module *, void *, struct ldb_dn *) >+ldb_dn_map_rebase_remote: struct ldb_dn *(struct ldb_module *, void *, struct ldb_dn *) >+ldb_dn_map_remote: struct ldb_dn *(struct ldb_module *, void *, struct ldb_dn *) >+ldb_dn_minimise: bool (struct ldb_dn *) >+ldb_dn_new: struct ldb_dn *(TALLOC_CTX *, struct ldb_context *, const char *) >+ldb_dn_new_fmt: struct ldb_dn *(TALLOC_CTX *, struct ldb_context *, const char *, ...) >+ldb_dn_remove_base_components: bool (struct ldb_dn *, unsigned int) >+ldb_dn_remove_child_components: bool (struct ldb_dn *, unsigned int) >+ldb_dn_remove_extended_components: void (struct ldb_dn *) >+ldb_dn_replace_components: bool (struct ldb_dn *, struct ldb_dn *) >+ldb_dn_set_component: int (struct ldb_dn *, int, const char *, const struct ldb_val) >+ldb_dn_set_extended_component: int (struct ldb_dn *, const char *, const struct ldb_val *) >+ldb_dn_update_components: int (struct ldb_dn *, const struct ldb_dn *) >+ldb_dn_validate: bool (struct ldb_dn *) >+ldb_dump_results: void (struct ldb_context *, struct ldb_result *, FILE *) >+ldb_error_at: int (struct ldb_context *, int, const char *, const char *, int) >+ldb_errstring: const char *(struct ldb_context *) >+ldb_extended: int (struct ldb_context *, const char *, void *, struct ldb_result **) >+ldb_extended_default_callback: int (struct ldb_request *, struct ldb_reply *) >+ldb_filter_from_tree: char *(TALLOC_CTX *, const struct ldb_parse_tree *) >+ldb_get_config_basedn: struct ldb_dn *(struct ldb_context *) >+ldb_get_create_perms: unsigned int (struct ldb_context *) >+ldb_get_default_basedn: struct ldb_dn *(struct ldb_context *) >+ldb_get_event_context: struct tevent_context *(struct ldb_context *) >+ldb_get_flags: unsigned int (struct ldb_context *) >+ldb_get_opaque: void *(struct ldb_context *, const char *) >+ldb_get_root_basedn: struct ldb_dn *(struct ldb_context *) >+ldb_get_schema_basedn: struct ldb_dn *(struct ldb_context *) >+ldb_global_init: int (void) >+ldb_handle_get_event_context: struct tevent_context *(struct ldb_handle *) >+ldb_handle_new: struct ldb_handle *(TALLOC_CTX *, struct ldb_context *) >+ldb_handle_use_global_event_context: void (struct ldb_handle *) >+ldb_handler_copy: int (struct ldb_context *, void *, const struct ldb_val *, struct ldb_val *) >+ldb_handler_fold: int (struct ldb_context *, void *, const struct ldb_val *, struct ldb_val *) >+ldb_init: struct ldb_context *(TALLOC_CTX *, struct tevent_context *) >+ldb_ldif_message_redacted_string: char *(struct ldb_context *, TALLOC_CTX *, enum ldb_changetype, const struct ldb_message *) >+ldb_ldif_message_string: char *(struct ldb_context *, TALLOC_CTX *, enum ldb_changetype, const struct ldb_message *) >+ldb_ldif_parse_modrdn: int (struct ldb_context *, const struct ldb_ldif *, TALLOC_CTX *, struct ldb_dn **, struct ldb_dn **, bool *, struct ldb_dn **, struct ldb_dn **) >+ldb_ldif_read: struct ldb_ldif *(struct ldb_context *, int (*)(void *), void *) >+ldb_ldif_read_file: struct ldb_ldif *(struct ldb_context *, FILE *) >+ldb_ldif_read_file_state: struct ldb_ldif *(struct ldb_context *, struct ldif_read_file_state *) >+ldb_ldif_read_free: void (struct ldb_context *, struct ldb_ldif *) >+ldb_ldif_read_string: struct ldb_ldif *(struct ldb_context *, const char **) >+ldb_ldif_write: int (struct ldb_context *, int (*)(void *, const char *, ...), void *, const struct ldb_ldif *) >+ldb_ldif_write_file: int (struct ldb_context *, FILE *, const struct ldb_ldif *) >+ldb_ldif_write_redacted_trace_string: char *(struct ldb_context *, TALLOC_CTX *, const struct ldb_ldif *) >+ldb_ldif_write_string: char *(struct ldb_context *, TALLOC_CTX *, const struct ldb_ldif *) >+ldb_load_modules: int (struct ldb_context *, const char **) >+ldb_map_add: int (struct ldb_module *, struct ldb_request *) >+ldb_map_delete: int (struct ldb_module *, struct ldb_request *) >+ldb_map_init: int (struct ldb_module *, const struct ldb_map_attribute *, const struct ldb_map_objectclass *, const char * const *, const char *, const char *) >+ldb_map_modify: int (struct ldb_module *, struct ldb_request *) >+ldb_map_rename: int (struct ldb_module *, struct ldb_request *) >+ldb_map_search: int (struct ldb_module *, struct ldb_request *) >+ldb_match_msg: int (struct ldb_context *, const struct ldb_message *, const struct ldb_parse_tree *, struct ldb_dn *, enum ldb_scope) >+ldb_match_msg_error: int (struct ldb_context *, const struct ldb_message *, const struct ldb_parse_tree *, struct ldb_dn *, enum ldb_scope, bool *) >+ldb_match_msg_objectclass: int (const struct ldb_message *, const char *) >+ldb_mod_register_control: int (struct ldb_module *, const char *) >+ldb_modify: int (struct ldb_context *, const struct ldb_message *) >+ldb_modify_default_callback: int (struct ldb_request *, struct ldb_reply *) >+ldb_module_call_chain: char *(struct ldb_request *, TALLOC_CTX *) >+ldb_module_connect_backend: int (struct ldb_context *, const char *, const char **, struct ldb_module **) >+ldb_module_done: int (struct ldb_request *, struct ldb_control **, struct ldb_extended *, int) >+ldb_module_flags: uint32_t (struct ldb_context *) >+ldb_module_get_ctx: struct ldb_context *(struct ldb_module *) >+ldb_module_get_name: const char *(struct ldb_module *) >+ldb_module_get_ops: const struct ldb_module_ops *(struct ldb_module *) >+ldb_module_get_private: void *(struct ldb_module *) >+ldb_module_init_chain: int (struct ldb_context *, struct ldb_module *) >+ldb_module_load_list: int (struct ldb_context *, const char **, struct ldb_module *, struct ldb_module **) >+ldb_module_new: struct ldb_module *(TALLOC_CTX *, struct ldb_context *, const char *, const struct ldb_module_ops *) >+ldb_module_next: struct ldb_module *(struct ldb_module *) >+ldb_module_popt_options: struct poptOption **(struct ldb_context *) >+ldb_module_send_entry: int (struct ldb_request *, struct ldb_message *, struct ldb_control **) >+ldb_module_send_referral: int (struct ldb_request *, char *) >+ldb_module_set_next: void (struct ldb_module *, struct ldb_module *) >+ldb_module_set_private: void (struct ldb_module *, void *) >+ldb_modules_hook: int (struct ldb_context *, enum ldb_module_hook_type) >+ldb_modules_list_from_string: const char **(struct ldb_context *, TALLOC_CTX *, const char *) >+ldb_modules_load: int (const char *, const char *) >+ldb_msg_add: int (struct ldb_message *, const struct ldb_message_element *, int) >+ldb_msg_add_empty: int (struct ldb_message *, const char *, int, struct ldb_message_element **) >+ldb_msg_add_fmt: int (struct ldb_message *, const char *, const char *, ...) >+ldb_msg_add_linearized_dn: int (struct ldb_message *, const char *, struct ldb_dn *) >+ldb_msg_add_steal_string: int (struct ldb_message *, const char *, char *) >+ldb_msg_add_steal_value: int (struct ldb_message *, const char *, struct ldb_val *) >+ldb_msg_add_string: int (struct ldb_message *, const char *, const char *) >+ldb_msg_add_value: int (struct ldb_message *, const char *, const struct ldb_val *, struct ldb_message_element **) >+ldb_msg_canonicalize: struct ldb_message *(struct ldb_context *, const struct ldb_message *) >+ldb_msg_check_string_attribute: int (const struct ldb_message *, const char *, const char *) >+ldb_msg_copy: struct ldb_message *(TALLOC_CTX *, const struct ldb_message *) >+ldb_msg_copy_attr: int (struct ldb_message *, const char *, const char *) >+ldb_msg_copy_shallow: struct ldb_message *(TALLOC_CTX *, const struct ldb_message *) >+ldb_msg_diff: struct ldb_message *(struct ldb_context *, struct ldb_message *, struct ldb_message *) >+ldb_msg_difference: int (struct ldb_context *, TALLOC_CTX *, struct ldb_message *, struct ldb_message *, struct ldb_message **) >+ldb_msg_element_compare: int (struct ldb_message_element *, struct ldb_message_element *) >+ldb_msg_element_compare_name: int (struct ldb_message_element *, struct ldb_message_element *) >+ldb_msg_element_equal_ordered: bool (const struct ldb_message_element *, const struct ldb_message_element *) >+ldb_msg_find_attr_as_bool: int (const struct ldb_message *, const char *, int) >+ldb_msg_find_attr_as_dn: struct ldb_dn *(struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, const char *) >+ldb_msg_find_attr_as_double: double (const struct ldb_message *, const char *, double) >+ldb_msg_find_attr_as_int: int (const struct ldb_message *, const char *, int) >+ldb_msg_find_attr_as_int64: int64_t (const struct ldb_message *, const char *, int64_t) >+ldb_msg_find_attr_as_string: const char *(const struct ldb_message *, const char *, const char *) >+ldb_msg_find_attr_as_uint: unsigned int (const struct ldb_message *, const char *, unsigned int) >+ldb_msg_find_attr_as_uint64: uint64_t (const struct ldb_message *, const char *, uint64_t) >+ldb_msg_find_common_values: int (struct ldb_context *, TALLOC_CTX *, struct ldb_message_element *, struct ldb_message_element *, uint32_t) >+ldb_msg_find_duplicate_val: int (struct ldb_context *, TALLOC_CTX *, const struct ldb_message_element *, struct ldb_val **, uint32_t) >+ldb_msg_find_element: struct ldb_message_element *(const struct ldb_message *, const char *) >+ldb_msg_find_ldb_val: const struct ldb_val *(const struct ldb_message *, const char *) >+ldb_msg_find_val: struct ldb_val *(const struct ldb_message_element *, struct ldb_val *) >+ldb_msg_new: struct ldb_message *(TALLOC_CTX *) >+ldb_msg_normalize: int (struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, struct ldb_message **) >+ldb_msg_remove_attr: void (struct ldb_message *, const char *) >+ldb_msg_remove_element: void (struct ldb_message *, struct ldb_message_element *) >+ldb_msg_rename_attr: int (struct ldb_message *, const char *, const char *) >+ldb_msg_sanity_check: int (struct ldb_context *, const struct ldb_message *) >+ldb_msg_sort_elements: void (struct ldb_message *) >+ldb_next_del_trans: int (struct ldb_module *) >+ldb_next_end_trans: int (struct ldb_module *) >+ldb_next_init: int (struct ldb_module *) >+ldb_next_prepare_commit: int (struct ldb_module *) >+ldb_next_read_lock: int (struct ldb_module *) >+ldb_next_read_unlock: int (struct ldb_module *) >+ldb_next_remote_request: int (struct ldb_module *, struct ldb_request *) >+ldb_next_request: int (struct ldb_module *, struct ldb_request *) >+ldb_next_start_trans: int (struct ldb_module *) >+ldb_op_default_callback: int (struct ldb_request *, struct ldb_reply *) >+ldb_options_find: const char *(struct ldb_context *, const char **, const char *) >+ldb_pack_data: int (struct ldb_context *, const struct ldb_message *, struct ldb_val *) >+ldb_parse_control_from_string: struct ldb_control *(struct ldb_context *, TALLOC_CTX *, const char *) >+ldb_parse_control_strings: struct ldb_control **(struct ldb_context *, TALLOC_CTX *, const char **) >+ldb_parse_tree: struct ldb_parse_tree *(TALLOC_CTX *, const char *) >+ldb_parse_tree_attr_replace: void (struct ldb_parse_tree *, const char *, const char *) >+ldb_parse_tree_copy_shallow: struct ldb_parse_tree *(TALLOC_CTX *, const struct ldb_parse_tree *) >+ldb_parse_tree_walk: int (struct ldb_parse_tree *, int (*)(struct ldb_parse_tree *, void *), void *) >+ldb_qsort: void (void * const, size_t, size_t, void *, ldb_qsort_cmp_fn_t) >+ldb_register_backend: int (const char *, ldb_connect_fn, bool) >+ldb_register_extended_match_rule: int (struct ldb_context *, const struct ldb_extended_match_rule *) >+ldb_register_hook: int (ldb_hook_fn) >+ldb_register_module: int (const struct ldb_module_ops *) >+ldb_rename: int (struct ldb_context *, struct ldb_dn *, struct ldb_dn *) >+ldb_reply_add_control: int (struct ldb_reply *, const char *, bool, void *) >+ldb_reply_get_control: struct ldb_control *(struct ldb_reply *, const char *) >+ldb_req_get_custom_flags: uint32_t (struct ldb_request *) >+ldb_req_is_untrusted: bool (struct ldb_request *) >+ldb_req_location: const char *(struct ldb_request *) >+ldb_req_mark_trusted: void (struct ldb_request *) >+ldb_req_mark_untrusted: void (struct ldb_request *) >+ldb_req_set_custom_flags: void (struct ldb_request *, uint32_t) >+ldb_req_set_location: void (struct ldb_request *, const char *) >+ldb_request: int (struct ldb_context *, struct ldb_request *) >+ldb_request_add_control: int (struct ldb_request *, const char *, bool, void *) >+ldb_request_done: int (struct ldb_request *, int) >+ldb_request_get_control: struct ldb_control *(struct ldb_request *, const char *) >+ldb_request_get_status: int (struct ldb_request *) >+ldb_request_replace_control: int (struct ldb_request *, const char *, bool, void *) >+ldb_request_set_state: void (struct ldb_request *, int) >+ldb_reset_err_string: void (struct ldb_context *) >+ldb_save_controls: int (struct ldb_control *, struct ldb_request *, struct ldb_control ***) >+ldb_schema_attribute_add: int (struct ldb_context *, const char *, unsigned int, const char *) >+ldb_schema_attribute_add_with_syntax: int (struct ldb_context *, const char *, unsigned int, const struct ldb_schema_syntax *) >+ldb_schema_attribute_by_name: const struct ldb_schema_attribute *(struct ldb_context *, const char *) >+ldb_schema_attribute_fill_with_syntax: int (struct ldb_context *, TALLOC_CTX *, const char *, unsigned int, const struct ldb_schema_syntax *, struct ldb_schema_attribute *) >+ldb_schema_attribute_remove: void (struct ldb_context *, const char *) >+ldb_schema_attribute_remove_flagged: void (struct ldb_context *, unsigned int) >+ldb_schema_attribute_set_override_handler: void (struct ldb_context *, ldb_attribute_handler_override_fn_t, void *) >+ldb_schema_set_override_indexlist: void (struct ldb_context *, bool) >+ldb_search: int (struct ldb_context *, TALLOC_CTX *, struct ldb_result **, struct ldb_dn *, enum ldb_scope, const char * const *, const char *, ...) >+ldb_search_default_callback: int (struct ldb_request *, struct ldb_reply *) >+ldb_sequence_number: int (struct ldb_context *, enum ldb_sequence_type, uint64_t *) >+ldb_set_create_perms: void (struct ldb_context *, unsigned int) >+ldb_set_debug: int (struct ldb_context *, void (*)(void *, enum ldb_debug_level, const char *, va_list), void *) >+ldb_set_debug_stderr: int (struct ldb_context *) >+ldb_set_default_dns: void (struct ldb_context *) >+ldb_set_errstring: void (struct ldb_context *, const char *) >+ldb_set_event_context: void (struct ldb_context *, struct tevent_context *) >+ldb_set_flags: void (struct ldb_context *, unsigned int) >+ldb_set_modules_dir: void (struct ldb_context *, const char *) >+ldb_set_opaque: int (struct ldb_context *, const char *, void *) >+ldb_set_require_private_event_context: void (struct ldb_context *) >+ldb_set_timeout: int (struct ldb_context *, struct ldb_request *, int) >+ldb_set_timeout_from_prev_req: int (struct ldb_context *, struct ldb_request *, struct ldb_request *) >+ldb_set_utf8_default: void (struct ldb_context *) >+ldb_set_utf8_fns: void (struct ldb_context *, void *, char *(*)(void *, void *, const char *, size_t)) >+ldb_setup_wellknown_attributes: int (struct ldb_context *) >+ldb_should_b64_encode: int (struct ldb_context *, const struct ldb_val *) >+ldb_standard_syntax_by_name: const struct ldb_schema_syntax *(struct ldb_context *, const char *) >+ldb_strerror: const char *(int) >+ldb_string_to_time: time_t (const char *) >+ldb_string_utc_to_time: time_t (const char *) >+ldb_timestring: char *(TALLOC_CTX *, time_t) >+ldb_timestring_utc: char *(TALLOC_CTX *, time_t) >+ldb_transaction_cancel: int (struct ldb_context *) >+ldb_transaction_cancel_noerr: int (struct ldb_context *) >+ldb_transaction_commit: int (struct ldb_context *) >+ldb_transaction_prepare_commit: int (struct ldb_context *) >+ldb_transaction_start: int (struct ldb_context *) >+ldb_unpack_data: int (struct ldb_context *, const struct ldb_val *, struct ldb_message *) >+ldb_unpack_data_only_attr_list: int (struct ldb_context *, const struct ldb_val *, struct ldb_message *, const char * const *, unsigned int, unsigned int *) >+ldb_unpack_data_only_attr_list_flags: int (struct ldb_context *, const struct ldb_val *, struct ldb_message *, const char * const *, unsigned int, unsigned int, unsigned int *) >+ldb_val_dup: struct ldb_val (TALLOC_CTX *, const struct ldb_val *) >+ldb_val_equal_exact: int (const struct ldb_val *, const struct ldb_val *) >+ldb_val_map_local: struct ldb_val (struct ldb_module *, void *, const struct ldb_map_attribute *, const struct ldb_val *) >+ldb_val_map_remote: struct ldb_val (struct ldb_module *, void *, const struct ldb_map_attribute *, const struct ldb_val *) >+ldb_val_string_cmp: int (const struct ldb_val *, const char *) >+ldb_val_to_time: int (const struct ldb_val *, time_t *) >+ldb_valid_attr_name: int (const char *) >+ldb_vdebug: void (struct ldb_context *, enum ldb_debug_level, const char *, va_list) >+ldb_wait: int (struct ldb_handle *, enum ldb_wait_type) >diff --git a/lib/ldb/ABI/pyldb-util-1.2.3.sigs b/lib/ldb/ABI/pyldb-util-1.2.3.sigs >new file mode 100644 >index 00000000000..74d6719d2bc >--- /dev/null >+++ b/lib/ldb/ABI/pyldb-util-1.2.3.sigs >@@ -0,0 +1,2 @@ >+pyldb_Dn_FromDn: PyObject *(struct ldb_dn *) >+pyldb_Object_AsDn: bool (TALLOC_CTX *, PyObject *, struct ldb_context *, struct ldb_dn **) >diff --git a/lib/ldb/ABI/pyldb-util.py3-1.2.3.sigs b/lib/ldb/ABI/pyldb-util.py3-1.2.3.sigs >new file mode 100644 >index 00000000000..74d6719d2bc >--- /dev/null >+++ b/lib/ldb/ABI/pyldb-util.py3-1.2.3.sigs >@@ -0,0 +1,2 @@ >+pyldb_Dn_FromDn: PyObject *(struct ldb_dn *) >+pyldb_Object_AsDn: bool (TALLOC_CTX *, PyObject *, struct ldb_context *, struct ldb_dn **) >diff --git a/lib/ldb/wscript b/lib/ldb/wscript >index bd17b7b9edc..5ea52317d4d 100644 >--- a/lib/ldb/wscript >+++ b/lib/ldb/wscript >@@ -1,7 +1,7 @@ > #!/usr/bin/env python > > APPNAME = 'ldb' >-VERSION = '1.2.2' >+VERSION = '1.2.3' > > blddir = 'bin' > >-- >2.11.0 > > >From efd2f132384139c3bd42f5caf5078d16a04cdfe0 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Fri, 15 Dec 2017 12:30:50 +1300 >Subject: [PATCH 5/7] dns_server: Do the exact match query first, then do the > wildcard lookup > >The wildcard lookup is SCOPE_ONELEVEL combined with an index on the name >attribute. This is not as efficient as a base DN lookup, so we try for >that first. > >A not-found and wildcard response will still fall back to the ONELEVEL >index. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13191 > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit 3efc879d98ba136d4d70e0e2d77fac9614186ab3) >--- > source4/dns_server/dnsserver_common.c | 14 ++++++++++++++ > 1 file changed, 14 insertions(+) > >diff --git a/source4/dns_server/dnsserver_common.c b/source4/dns_server/dnsserver_common.c >index 217e65b39f4..62015f66c94 100644 >--- a/source4/dns_server/dnsserver_common.c >+++ b/source4/dns_server/dnsserver_common.c >@@ -555,6 +555,20 @@ WERROR dns_common_wildcard_lookup(struct ldb_context *samdb, > return werr; > } > >+ /* >+ * Do a point search first, then fall back to a wildcard >+ * lookup if it does not exist >+ */ >+ werr = dns_common_lookup(samdb, >+ mem_ctx, >+ dn, >+ records, >+ num_records, >+ NULL); >+ if (!W_ERROR_EQUAL(werr, WERR_DNS_ERROR_NAME_DOES_NOT_EXIST)) { >+ return werr; >+ } >+ > ret = dns_wildcard_lookup(samdb, mem_ctx, dn, &msg); > if (ret == LDB_ERR_OPERATIONS_ERROR) { > return DNS_ERR(SERVER_FAILURE); >-- >2.11.0 > > >From 0a2a5703ce4bac27781368c75d3ea2ea1c69ffe3 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Fri, 15 Dec 2017 11:40:28 +1300 >Subject: [PATCH 6/7] dns_server: Do not look for a wildcard for @ > >This query is made for every record returned via BIND9 DLZ. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13191 > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit 948791aca70ca973755adcef27dc02da4c46f267) >--- > source4/dns_server/dnsserver_common.c | 10 ++++++++++ > 1 file changed, 10 insertions(+) > >diff --git a/source4/dns_server/dnsserver_common.c b/source4/dns_server/dnsserver_common.c >index 62015f66c94..199e9d513d6 100644 >--- a/source4/dns_server/dnsserver_common.c >+++ b/source4/dns_server/dnsserver_common.c >@@ -547,6 +547,16 @@ WERROR dns_common_wildcard_lookup(struct ldb_context *samdb, > return DNS_ERR(NAME_ERROR); > } > >+ /* Don't look for a wildcard for @ */ >+ if (name->length == 1 && name->data[0] == '@') { >+ return dns_common_lookup(samdb, >+ mem_ctx, >+ dn, >+ records, >+ num_records, >+ NULL); >+ } >+ > werr = dns_name_check( > mem_ctx, > strlen((const char*)name->data), >-- >2.11.0 > > >From 9c5c706ab8e5de9968de1b678008de9fda13ca55 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Mon, 18 Dec 2017 16:22:23 +1300 >Subject: [PATCH 7/7] dns_server: Use the indexed "name" attribute in wildcard > lookup > >(the RDN, being 'dc' in this use case, does not have an index in >the AD schema). > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=13191 > >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Garming Sam <garming@catalyst.net.nz> >(cherry picked from commit 071ad56aef33c2bfb3840e1a114e17272e926890) >--- > source4/dns_server/dnsserver_common.c | 12 +++++------- > 1 file changed, 5 insertions(+), 7 deletions(-) > >diff --git a/source4/dns_server/dnsserver_common.c b/source4/dns_server/dnsserver_common.c >index 199e9d513d6..6c7ab802575 100644 >--- a/source4/dns_server/dnsserver_common.c >+++ b/source4/dns_server/dnsserver_common.c >@@ -305,6 +305,10 @@ static unsigned int number_of_labels(const struct ldb_val *name) { > * > * x.y.z -> (|(name=x.y.z)(name=\2a.y.z)(name=\2a.z)(name=\2a)) > * >+ * The attribute 'name' is used as this is what the LDB index is on >+ * (the RDN, being 'dc' in this use case, does not have an index in >+ * the AD schema). >+ * > * Returns NULL if unable to build the query. > * > * The first component of the DN is assumed to be the name being looked up >@@ -318,7 +322,7 @@ static struct ldb_parse_tree *build_wildcard_query( > { > const struct ldb_val *name = NULL; /* The DNS name being > queried */ >- const char *attr = NULL; /* The attribute name */ >+ const char *attr = "name"; /* The attribute name */ > struct ldb_parse_tree *query = NULL; /* The constructed query > parse tree*/ > struct ldb_parse_tree *wildcard_query = NULL; /* The parse tree for the >@@ -326,12 +330,6 @@ static struct ldb_parse_tree *build_wildcard_query( > entries */ > int labels = 0; /* The number of labels in the name */ > >- attr = ldb_dn_get_rdn_name(dn); >- if (attr == NULL) { >- DBG_ERR("Unable to get rdn_name\n"); >- return NULL; >- } >- > name = ldb_dn_get_rdn_val(dn); > if (name == NULL) { > DBG_ERR("Unable to get domain name value\n"); >-- >2.11.0 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 13191
:
13868
|
13879
|
13880