summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2010-11-06 13:41:34 +0100
committerStefan Metzmacher <metze@samba.org>2010-11-06 13:30:15 +0000
commit0980a3471ed8fcc3a37296857285dc0235e0e0d2 (patch)
treec8d19711b9dc1e7ea7e13eab07e43cbd47b58c04 /source4
parentce203c001db8d9598b6432738abd3081e8d658b8 (diff)
downloadsamba-0980a3471ed8fcc3a37296857285dc0235e0e0d2.tar.gz
samba-0980a3471ed8fcc3a37296857285dc0235e0e0d2.tar.bz2
samba-0980a3471ed8fcc3a37296857285dc0235e0e0d2.zip
s4:DRS-RPC-DSSYNC: don't try to decrypt secret attributes twice
dsdb_extended_replicated_objects_convert() already decrypts the attributes in place. This fixes the usage of --option="dssync:print_pwd_blobs=yes". metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Sat Nov 6 13:30:16 UTC 2010 on sn-devel-104
Diffstat (limited to 'source4')
-rw-r--r--source4/torture/drs/rpc/dssync.c22
1 files changed, 3 insertions, 19 deletions
diff --git a/source4/torture/drs/rpc/dssync.c b/source4/torture/drs/rpc/dssync.c
index 522123c366..7d1c4ff2c8 100644
--- a/source4/torture/drs/rpc/dssync.c
+++ b/source4/torture/drs/rpc/dssync.c
@@ -534,8 +534,6 @@ static bool test_analyse_objects(struct torture_context *tctx,
for (i=0; i < cur->object.attribute_ctr.num_attributes; i++) {
WERROR werr;
const char *name = NULL;
- bool rcrypt = false;
- DATA_BLOB *enc_data = NULL;
DATA_BLOB plain_data;
struct drsuapi_DsReplicaAttribute *attr;
ndr_pull_flags_fn_t pull_fn = NULL;
@@ -546,19 +544,15 @@ static bool test_analyse_objects(struct torture_context *tctx,
switch (attr->attid) {
case DRSUAPI_ATTID_dBCSPwd:
name = "dBCSPwd";
- rcrypt = true;
break;
case DRSUAPI_ATTID_unicodePwd:
name = "unicodePwd";
- rcrypt = true;
break;
case DRSUAPI_ATTID_ntPwdHistory:
name = "ntPwdHistory";
- rcrypt = true;
break;
case DRSUAPI_ATTID_lmPwdHistory:
name = "lmPwdHistory";
- rcrypt = true;
break;
case DRSUAPI_ATTID_supplementalCredentials:
name = "supplementalCredentials";
@@ -598,23 +592,15 @@ static bool test_analyse_objects(struct torture_context *tctx,
if (!attr->value_ctr.values[0].blob) continue;
- enc_data = attr->value_ctr.values[0].blob;
- ZERO_STRUCT(plain_data);
+ plain_data = *attr->value_ctr.values[0].blob;
- werr = drsuapi_decrypt_attribute_value(ctx, gensec_skey, rcrypt,
- rid,
- enc_data, &plain_data);
- if (!W_ERROR_IS_OK(werr)) {
- DEBUG(0, ("Failed to decrypt %s\n", name));
- continue;
- }
if (!dn_printed) {
object_id++;
DEBUG(0,("DN[%u] %s\n", object_id, dn));
dn_printed = true;
}
- DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
- name, (long)enc_data->length, (long)plain_data.length));
+ DEBUGADD(0,("ATTR: %s plain.length=%lu\n",
+ name, (long)plain_data.length));
if (plain_data.length) {
enum ndr_err_code ndr_err;
dump_data(0, plain_data.data, plain_data.length);
@@ -643,8 +629,6 @@ static bool test_analyse_objects(struct torture_context *tctx,
DEBUG(0, ("Failed to decode %s\n", name));
}
}
- } else {
- dump_data(0, enc_data->data, enc_data->length);
}
talloc_free(ptr);
}