diff options
Diffstat (limited to 'source4/lib')
| -rw-r--r-- | source4/lib/events/events.h | 1 | ||||
| -rw-r--r-- | source4/lib/events/tevent_s4.c | 15 | ||||
| -rw-r--r-- | source4/lib/ldb-samba/ldif_handlers.c | 120 | ||||
| -rw-r--r-- | source4/lib/ldb-samba/ldif_handlers.h | 1 | ||||
| -rw-r--r-- | source4/lib/ldb/common/ldb_dn.c | 8 | ||||
| -rw-r--r-- | source4/lib/ldb/ldb_tdb/ldb_index.c | 36 | ||||
| -rw-r--r-- | source4/lib/ldb/ldb_tdb/ldb_tdb.c | 3 | ||||
| -rwxr-xr-x | source4/lib/ldb/tests/python/acl.py | 3 | ||||
| -rwxr-xr-x | source4/lib/ldb/tests/python/sec_descriptor.py | 116 | ||||
| -rw-r--r-- | source4/lib/ldb/tools/cmdline.c | 6 | ||||
| -rw-r--r-- | source4/lib/messaging/messaging.c | 17 | ||||
| -rw-r--r-- | source4/lib/messaging/messaging.h | 1 |
12 files changed, 272 insertions, 55 deletions
diff --git a/source4/lib/events/events.h b/source4/lib/events/events.h index 1b2dbde32b..5fdb96794e 100644 --- a/source4/lib/events/events.h +++ b/source4/lib/events/events.h @@ -4,4 +4,5 @@ #include <../lib/tevent/tevent.h> struct tevent_context *s4_event_context_init(TALLOC_CTX *mem_ctx); struct tevent_context *event_context_find(TALLOC_CTX *mem_ctx) _DEPRECATED_; +void s4_event_context_set_default(struct tevent_context *ev); #endif /* __LIB_EVENTS_H__ */ diff --git a/source4/lib/events/tevent_s4.c b/source4/lib/events/tevent_s4.c index 1898269c2c..838f20debe 100644 --- a/source4/lib/events/tevent_s4.c +++ b/source4/lib/events/tevent_s4.c @@ -71,6 +71,16 @@ struct tevent_context *s4_event_context_init(TALLOC_CTX *mem_ctx) return ev; } +static struct tevent_context *default_tevent_context; + +/* set a default event context that will be used for + * event_context_find() if a parent event context is not found + */ +void s4_event_context_set_default(struct tevent_context *ev) +{ + default_tevent_context = ev; +} + /* find an event context that is a parent of the given memory context, or create a new event context as a child of the given context if @@ -83,7 +93,10 @@ struct tevent_context *s4_event_context_init(TALLOC_CTX *mem_ctx) struct tevent_context *event_context_find(TALLOC_CTX *mem_ctx) { struct tevent_context *ev = talloc_find_parent_bytype(mem_ctx, struct tevent_context); - if (ev == NULL) { + if (ev == NULL) { + ev = default_tevent_context; + } + if (ev == NULL) { ev = tevent_context_init(mem_ctx); } return ev; diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c index 4611eba3f1..88888bf0a7 100644 --- a/source4/lib/ldb-samba/ldif_handlers.c +++ b/source4/lib/ldb-samba/ldif_handlers.c @@ -406,7 +406,7 @@ static int ldif_write_ntSecurityDescriptor(struct ldb_context *ldb, void *mem_ct talloc_free(sd); return -1; } - out->data = (uint8_t *)sddl_encode(mem_ctx, sd, NULL); + out->data = (uint8_t *)sddl_encode(mem_ctx, sd, samdb_domain_sid_cache_only(ldb)); talloc_free(sd); if (out->data == NULL) { return -1; @@ -700,6 +700,26 @@ static int val_to_int32(const struct ldb_val *in, int32_t *v) return LDB_SUCCESS; } +/* length limited conversion of a ldb_val to a int64_t */ +static int val_to_int64(const struct ldb_val *in, int64_t *v) +{ + char *end; + char buf[64]; + + /* make sure we don't read past the end of the data */ + if (in->length > sizeof(buf)-1) { + return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; + } + strncpy(buf, (char *)in->data, in->length); + buf[in->length] = 0; + + *v = (int64_t) strtoll(buf, &end, 0); + if (*end != 0) { + return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; + } + return LDB_SUCCESS; +} + /* Canonicalisation of two 32-bit integers */ static int ldif_canonicalise_int32(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *in, struct ldb_val *out) @@ -731,6 +751,37 @@ static int ldif_comparison_int32(struct ldb_context *ldb, void *mem_ctx, return i1 > i2? 1 : -1; } +/* Canonicalisation of two 64-bit integers */ +static int ldif_canonicalise_int64(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *in, struct ldb_val *out) +{ + int64_t i; + int ret; + + ret = val_to_int64(in, &i); + if (ret != LDB_SUCCESS) { + return ret; + } + out->data = (uint8_t *) talloc_asprintf(mem_ctx, "%lld", (long long)i); + if (out->data == NULL) { + ldb_oom(ldb); + return LDB_ERR_OPERATIONS_ERROR; + } + out->length = strlen((char *)out->data); + return 0; +} + +/* Comparison of two 64-bit integers */ +static int ldif_comparison_int64(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *v1, const struct ldb_val *v2) +{ + int64_t i1=0, i2=0; + val_to_int64(v1, &i1); + val_to_int64(v2, &i2); + if (i1 == i2) return 0; + return i1 > i2? 1 : -1; +} + /* convert a NDR formatted blob to a ldif formatted repsFromTo */ @@ -778,6 +829,64 @@ static int extended_dn_write_hex(struct ldb_context *ldb, void *mem_ctx, return 0; } + +/* + write a 64 bit 2-part range +*/ +static int ldif_write_range64(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *in, struct ldb_val *out) +{ + int64_t v; + int ret; + ret = val_to_int64(in, &v); + if (ret != LDB_SUCCESS) { + return ret; + } + out->data = (uint8_t *)talloc_asprintf(mem_ctx, "%lu-%lu", + (unsigned long)(v&0xFFFFFFFF), + (unsigned long)(v>>32)); + if (out->data == NULL) { + ldb_oom(ldb); + return LDB_ERR_OPERATIONS_ERROR; + } + out->length = strlen((char *)out->data); + return LDB_SUCCESS; +} + +/* + read a 64 bit 2-part range +*/ +static int ldif_read_range64(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *in, struct ldb_val *out) +{ + unsigned long high, low; + char buf[64]; + + if (memchr(in->data, '-', in->length) == NULL) { + return ldb_handler_copy(ldb, mem_ctx, in, out); + } + + if (in->length > sizeof(buf)-1) { + return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; + } + strncpy(buf, (const char *)in->data, in->length); + buf[in->length] = 0; + + if (sscanf(buf, "%lu-%lu", &low, &high) != 2) { + return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; + } + + out->data = (uint8_t *)talloc_asprintf(mem_ctx, "%llu", + (unsigned long long)(((uint64_t)high)<<32) | (low)); + + if (out->data == NULL) { + ldb_oom(ldb); + return LDB_ERR_OPERATIONS_ERROR; + } + out->length = strlen((char *)out->data); + return LDB_SUCCESS; +} + static const struct ldb_schema_syntax samba_syntaxes[] = { { .name = LDB_SYNTAX_SAMBA_SID, @@ -845,6 +954,12 @@ static const struct ldb_schema_syntax samba_syntaxes[] = { .ldif_write_fn = ldb_handler_copy, .canonicalise_fn = dsdb_dn_string_canonicalise, .comparison_fn = dsdb_dn_string_comparison + },{ + .name = LDB_SYNTAX_SAMBA_RANGE64, + .ldif_read_fn = ldif_read_range64, + .ldif_write_fn = ldif_write_range64, + .canonicalise_fn = ldif_canonicalise_int64, + .comparison_fn = ldif_comparison_int64 }, }; @@ -928,6 +1043,9 @@ static const struct { { "repsTo", LDB_SYNTAX_SAMBA_REPSFROMTO }, { "replPropertyMetaData", LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA }, { "replUpToDateVector", LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR }, + { "rIDAllocationPool", LDB_SYNTAX_SAMBA_RANGE64 }, + { "rIDPreviousAllocationPool", LDB_SYNTAX_SAMBA_RANGE64 }, + { "rIDAvailablePool", LDB_SYNTAX_SAMBA_RANGE64 }, }; const struct ldb_schema_syntax *ldb_samba_syntax_by_name(struct ldb_context *ldb, const char *name) diff --git a/source4/lib/ldb-samba/ldif_handlers.h b/source4/lib/ldb-samba/ldif_handlers.h index 6906c822f9..8e4df77ffc 100644 --- a/source4/lib/ldb-samba/ldif_handlers.h +++ b/source4/lib/ldb-samba/ldif_handlers.h @@ -10,6 +10,7 @@ #define LDB_SYNTAX_SAMBA_REPSFROMTO "LDB_SYNTAX_SAMBA_REPSFROMTO" #define LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA "LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA" #define LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR "LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR" +#define LDB_SYNTAX_SAMBA_RANGE64 "LDB_SYNTAX_SAMBA_RANGE64" #include "lib/ldb-samba/ldif_handlers_proto.h" diff --git a/source4/lib/ldb/common/ldb_dn.c b/source4/lib/ldb/common/ldb_dn.c index 79953c6018..252a0c632b 100644 --- a/source4/lib/ldb/common/ldb_dn.c +++ b/source4/lib/ldb/common/ldb_dn.c @@ -103,7 +103,13 @@ struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx, dn = talloc_zero(mem_ctx, struct ldb_dn); LDB_DN_NULL_FAILED(dn); - dn->ldb = ldb; + dn->ldb = talloc_get_type(ldb, struct ldb_context); + if (dn->ldb == NULL) { + /* the caller probably got the arguments to + ldb_dn_new() mixed up */ + talloc_free(dn); + return NULL; + } if (strdn->data && strdn->length) { const char *data = (const char *)strdn->data; diff --git a/source4/lib/ldb/ldb_tdb/ldb_index.c b/source4/lib/ldb/ldb_tdb/ldb_index.c index 52f9f00c58..01d0d6ce34 100644 --- a/source4/lib/ldb/ldb_tdb/ldb_index.c +++ b/source4/lib/ldb/ldb_tdb/ldb_index.c @@ -1104,6 +1104,8 @@ static int ltdb_index_add1(struct ldb_module *module, const char *dn, if (list->count > 0 && a->flags & LDB_ATTR_FLAG_UNIQUE_INDEX) { talloc_free(list); + ldb_asprintf_errstring(ldb, __location__ ": unique index violation on %s in %s", + el->name, dn); return LDB_ERR_ENTRY_ALREADY_EXISTS; } @@ -1168,6 +1170,10 @@ static int ltdb_index_add_all(struct ldb_module *module, const char *dn, } ret = ltdb_index_add_el(module, dn, &elements[i]); if (ret != LDB_SUCCESS) { + struct ldb_context *ldb = ldb_module_get_ctx(module); + ldb_asprintf_errstring(ldb, + __location__ ": Failed to re-index %s in %s - %s", + elements[i].name, dn, ldb_errstring(ldb)); return ret; } } @@ -1446,13 +1452,19 @@ static int delete_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, vo return 0; } +struct ltdb_reindex_context { + struct ldb_module *module; + int error; +}; + /* traversal function that adds @INDEX records during a re index */ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *state) { struct ldb_context *ldb; - struct ldb_module *module = (struct ldb_module *)state; + struct ltdb_reindex_context *ctx = (struct ltdb_reindex_context *)state; + struct ldb_module *module = ctx->module; struct ldb_message *msg; const char *dn = NULL; int ret; @@ -1511,9 +1523,13 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void * ret = ltdb_index_add_all(module, dn, msg->elements, msg->num_elements); - talloc_free(msg); + if (ret != LDB_SUCCESS) { + ctx->error = ret; + talloc_free(msg); + return -1; + } - if (ret != LDB_SUCCESS) return -1; + talloc_free(msg); return 0; } @@ -1525,6 +1541,7 @@ int ltdb_reindex(struct ldb_module *module) { struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private); int ret; + struct ltdb_reindex_context ctx; if (ltdb_cache_reload(module) != 0) { return LDB_ERR_OPERATIONS_ERROR; @@ -1543,11 +1560,22 @@ int ltdb_reindex(struct ldb_module *module) return LDB_SUCCESS; } + ctx.module = module; + ctx.error = 0; + /* now traverse adding any indexes for normal LDB records */ - ret = tdb_traverse(ltdb->tdb, re_index, module); + ret = tdb_traverse(ltdb->tdb, re_index, &ctx); if (ret == -1) { + struct ldb_context *ldb = ldb_module_get_ctx(module); + ldb_asprintf_errstring(ldb, "reindexing traverse failed: %s", ldb_errstring(ldb)); return LDB_ERR_OPERATIONS_ERROR; } + if (ctx.error != LDB_SUCCESS) { + struct ldb_context *ldb = ldb_module_get_ctx(module); + ldb_asprintf_errstring(ldb, "reindexing failed: %s", ldb_errstring(ldb)); + return ctx.error; + } + return LDB_SUCCESS; } diff --git a/source4/lib/ldb/ldb_tdb/ldb_tdb.c b/source4/lib/ldb/ldb_tdb/ldb_tdb.c index a146b96b20..b8b4d399ef 100644 --- a/source4/lib/ldb/ldb_tdb/ldb_tdb.c +++ b/source4/lib/ldb/ldb_tdb/ldb_tdb.c @@ -230,7 +230,8 @@ static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn) } /* If the modify was to @OPTIONS, reload the cache */ - if (ldb_dn_is_special(dn) && + if (ret == LDB_SUCCESS && + ldb_dn_is_special(dn) && (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) { ret = ltdb_cache_reload(module); } diff --git a/source4/lib/ldb/tests/python/acl.py b/source4/lib/ldb/tests/python/acl.py index 4544f60736..909adc5129 100755 --- a/source4/lib/ldb/tests/python/acl.py +++ b/source4/lib/ldb/tests/python/acl.py @@ -164,7 +164,8 @@ replace: nTSecurityDescriptor """ ldif = """ dn: """ + group_dn + """ -changetype: add +changetype: modify +add: member member: """ + member_dn _ldb.modify_ldif(ldif) diff --git a/source4/lib/ldb/tests/python/sec_descriptor.py b/source4/lib/ldb/tests/python/sec_descriptor.py index e420cec3bd..4589178a42 100755 --- a/source4/lib/ldb/tests/python/sec_descriptor.py +++ b/source4/lib/ldb/tests/python/sec_descriptor.py @@ -285,8 +285,30 @@ userAccountControl: %s""" % userAccountControl class OwnerGroupDescriptorTests(DescriptorTests): + def deleteAll(self): + if self.SAMBA: + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser1")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser2")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser3")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser4")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser5")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser6")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser7")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser8")) + # DOMAIN + self.delete_force(self.ldb_admin, self.get_users_domain_dn("test_domain_group1")) + self.delete_force(self.ldb_admin, "CN=test_domain_user1,OU=test_domain_ou1," + self.base_dn) + self.delete_force(self.ldb_admin, "OU=test_domain_ou2,OU=test_domain_ou1," + self.base_dn) + self.delete_force(self.ldb_admin, "OU=test_domain_ou1," + self.base_dn) + # SCHEMA + # CONFIGURATION + self.delete_force(self.ldb_admin, "CN=test-specifier1,CN=test-container1,CN=DisplaySpecifiers," \ + + self.configuration_dn) + self.delete_force(self.ldb_admin, "CN=test-container1,CN=DisplaySpecifiers," + self.configuration_dn) + def setUp(self): DescriptorTests.setUp(self) + self.deleteAll() if self.SAMBA: ### Create users # User 1 @@ -295,7 +317,8 @@ class OwnerGroupDescriptorTests(DescriptorTests): self.enable_account(user_dn) ldif = """ dn: CN=Enterprise Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 2 @@ -304,7 +327,8 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 3 @@ -313,7 +337,8 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Schema Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 4 @@ -326,11 +351,13 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Enterprise Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 6 @@ -339,15 +366,18 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Enterprise Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Schema Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 7 @@ -356,11 +386,13 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Schema Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 8 @@ -369,11 +401,13 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Enterprise Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Schema Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) self.results = { @@ -490,25 +524,7 @@ member: """ + user_dn self.DS_BEHAVIOR = "ds_behavior_win2008" def tearDown(self): - if self.SAMBA: - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser1")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser2")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser3")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser4")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser5")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser6")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser7")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser8")) - # DOMAIN - self.delete_force(self.ldb_admin, self.get_users_domain_dn("test_domain_group1")) - self.delete_force(self.ldb_admin, "CN=test_domain_user1,OU=test_domain_ou1," + self.base_dn) - self.delete_force(self.ldb_admin, "OU=test_domain_ou2,OU=test_domain_ou1," + self.base_dn) - self.delete_force(self.ldb_admin, "OU=test_domain_ou1," + self.base_dn) - # SCHEMA - # CONFIGURATION - self.delete_force(self.ldb_admin, "CN=test-specifier1,CN=test-container1,CN=DisplaySpecifiers," \ - + self.configuration_dn) - self.delete_force(self.ldb_admin, "CN=test-container1,CN=DisplaySpecifiers," + self.configuration_dn) + self.deleteAll() def check_user_belongs(self, user_dn, groups=[]): """ Test wether user is member of the expected group(s) """ @@ -1414,12 +1430,16 @@ member: """ + user_dn class DaclDescriptorTests(DescriptorTests): + def deleteAll(self): + self.delete_force(self.ldb_admin, "CN=test_inherit_group,OU=test_inherit_ou," + self.base_dn) + self.delete_force(self.ldb_admin, "OU=test_inherit_ou," + self.base_dn) + def setUp(self): DescriptorTests.setUp(self) + self.deleteAll() def tearDown(self): - self.delete_force(self.ldb_admin, "CN=test_inherit_group,OU=test_inherit_ou," + self.base_dn) - self.delete_force(self.ldb_admin, "OU=test_inherit_ou," + self.base_dn) + self.deleteAll() def create_clean_ou(self, object_dn): """ Base repeating setup for unittests to follow """ @@ -1686,12 +1706,16 @@ class DaclDescriptorTests(DescriptorTests): class SdFlagsDescriptorTests(DescriptorTests): + def deleteAll(self): + self.delete_force(self.ldb_admin, "OU=test_sdflags_ou," + self.base_dn) + def setUp(self): DescriptorTests.setUp(self) self.test_descr = "O:AUG:AUD:(D;;CC;;;LG)S:(OU;;WP;;;AU)" + self.deleteAll() def tearDown(self): - self.delete_force(self.ldb_admin, "OU=test_sdflags_ou," + self.base_dn) + self.deleteAll() def test_301(self): """ Modify a descriptor with OWNER_SECURITY_INFORMATION set. @@ -1841,8 +1865,16 @@ class SdFlagsDescriptorTests(DescriptorTests): class RightsAttributesTests(DescriptorTests): + def deleteAll(self): + if self.SAMBA: + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser_attr")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser_attr2")) + + self.delete_force(self.ldb_admin, "OU=test_domain_ou1," + self.base_dn) + def setUp(self): DescriptorTests.setUp(self) + self.deleteAll() if self.SAMBA: ### Create users # User 1 @@ -1855,17 +1887,13 @@ class RightsAttributesTests(DescriptorTests): self.enable_account(user_dn) ldif = """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) def tearDown(self): - - if self.SAMBA: - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser_attr")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser_attr2")) - - self.delete_force(self.ldb_admin, "OU=test_domain_ou1," + self.base_dn) + self.deleteAll() def test_sDRightsEffective(self): object_dn = "OU=test_domain_ou1," + self.base_dn @@ -1964,7 +1992,11 @@ member: """ + user_dn self.assertTrue("managedBy" in res[0]["allowedAttributesEffective"]) if not "://" in host: - host = "ldap://%s" % host + if os.path.isfile(host): + host = "tdb://%s" % host + else: + host = "ldap://%s" % host + ldb = Ldb(host, credentials=creds, session_info=system_session(), lp=lp, options=["modules:paged_searches"]) runner = SubunitTestRunner() diff --git a/source4/lib/ldb/tools/cmdline.c b/source4/lib/ldb/tools/cmdline.c index 39a460763c..44ae23b26c 100644 --- a/source4/lib/ldb/tools/cmdline.c +++ b/source4/lib/ldb/tools/cmdline.c @@ -33,6 +33,7 @@ #include "auth/auth.h" #include "ldb_wrap.h" #include "param/param.h" +#include "dsdb/common/proto.h" #endif static struct ldb_cmdline options; /* needs to be static for older compilers */ @@ -321,6 +322,11 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, goto failed; } +#if (_SAMBA_BUILD_ >= 4) + /* get the domain SID into the cache for SDDL processing */ + samdb_domain_sid(ldb); +#endif + return ret; failed: diff --git a/source4/lib/messaging/messaging.c b/source4/lib/messaging/messaging.c index 277688e8b6..c12945b622 100644 --- a/source4/lib/messaging/messaging.c +++ b/source4/lib/messaging/messaging.c @@ -119,8 +119,15 @@ static NTSTATUS irpc_uptime(struct irpc_message *msg, */ static char *messaging_path(struct messaging_context *msg, struct server_id server_id) { - return talloc_asprintf(msg, "%s/msg.%s", msg->base_path, - cluster_id_string(msg, server_id)); + TALLOC_CTX *tmp_ctx = talloc_new(msg); + const char *id = cluster_id_string(tmp_ctx, server_id); + char *s; + if (id == NULL) { + return NULL; + } + s = talloc_asprintf(msg, "%s/msg.%s", msg->base_path, id); + talloc_steal(s, tmp_ctx); + return s; } /* @@ -261,11 +268,13 @@ static void messaging_send_handler(struct messaging_context *msg) } rec->retries = 0; if (!NT_STATUS_IS_OK(status)) { + TALLOC_CTX *tmp_ctx = talloc_new(msg); DEBUG(1,("messaging: Lost message from %s to %s of type %u - %s\n", - cluster_id_string(debug_ctx(), rec->header->from), - cluster_id_string(debug_ctx(), rec->header->to), + cluster_id_string(tmp_ctx, rec->header->from), + cluster_id_string(tmp_ctx, rec->header->to), rec->header->msg_type, nt_errstr(status))); + talloc_free(tmp_ctx); } DLIST_REMOVE(msg->pending, rec); talloc_free(rec); diff --git a/source4/lib/messaging/messaging.h b/source4/lib/messaging/messaging.h index 4ec69c8f34..08953856a0 100644 --- a/source4/lib/messaging/messaging.h +++ b/source4/lib/messaging/messaging.h @@ -32,6 +32,7 @@ struct messaging_context; #define MSG_IRPC 6 #define MSG_PVFS_NOTIFY 7 #define MSG_NTVFS_OPLOCK_BREAK 8 +#define MSG_DREPL_ALLOCATE_RID 9 /* temporary messaging endpoints are allocated above this line */ #define MSG_TMP_BASE 1000 |