summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/rpc_server/drsuapi/getncchanges.c90
1 files changed, 69 insertions, 21 deletions
diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c
index b3295c23f6..d38250f92b 100644
--- a/source4/rpc_server/drsuapi/getncchanges.c
+++ b/source4/rpc_server/drsuapi/getncchanges.c
@@ -1042,7 +1042,8 @@ static WERROR getncchanges_change_master(struct drsuapi_bind_state *b_state,
/* state of a partially completed getncchanges call */
struct drsuapi_getncchanges_state {
- struct ldb_result *site_res;
+ struct GUID *guids;
+ uint32_t num_records;
uint32_t num_sent;
struct ldb_dn *ncRoot_dn;
bool is_schema_nc;
@@ -1178,15 +1179,8 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
struct drsuapi_DsReplicaObjectListItemEx **currentObject;
NTSTATUS status;
DATA_BLOB session_key;
- const char *attrs[] = { "*", "distinguishedName",
- "nTSecurityDescriptor",
- "parentGUID",
- "replPropertyMetaData",
- "unicodePwd",
- "dBCSPwd",
- "ntPwdHistory",
- "lmPwdHistory",
- "supplementalCredentials",
+ const char *attrs[] = { "uSNChanged",
+ "objectGUID" ,
NULL };
WERROR werr;
struct dcesrv_handle *h;
@@ -1398,10 +1392,11 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
TODO: MS-DRSR section 4.1.10.1.1
Work out if this is the start of a new cycle */
- if (getnc_state->site_res == NULL) {
+ if (getnc_state->guids == NULL) {
char* search_filter;
enum ldb_scope scope = LDB_SCOPE_SUBTREE;
const char *extra_filter;
+ struct ldb_result *search_res;
if (req10->extended_op == DRSUAPI_EXOP_REPL_OBJ ||
req10->extended_op == DRSUAPI_EXOP_REPL_SECRET) {
@@ -1437,7 +1432,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
DEBUG(2,(__location__ ": getncchanges on %s using filter %s\n",
ldb_dn_get_linearized(getnc_state->ncRoot_dn), search_filter));
- ret = drsuapi_search_with_extended_dn(sam_ctx, getnc_state, &getnc_state->site_res,
+ ret = drsuapi_search_with_extended_dn(sam_ctx, getnc_state, &search_res,
search_dn, scope, attrs,
search_filter);
if (ret != LDB_SUCCESS) {
@@ -1445,15 +1440,31 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
}
if (req10->replica_flags & DRSUAPI_DRS_GET_ANC) {
- TYPESAFE_QSORT(getnc_state->site_res->msgs,
- getnc_state->site_res->count,
+ TYPESAFE_QSORT(search_res->msgs,
+ search_res->count,
site_res_cmp_parent_order);
} else {
- TYPESAFE_QSORT(getnc_state->site_res->msgs,
- getnc_state->site_res->count,
+ TYPESAFE_QSORT(search_res->msgs,
+ search_res->count,
site_res_cmp_usn_order);
}
+ /* extract out the GUIDs list */
+ getnc_state->num_records = search_res->count;
+ getnc_state->guids = talloc_array(getnc_state, struct GUID, getnc_state->num_records);
+ W_ERROR_HAVE_NO_MEMORY(getnc_state->guids);
+
+ for (i=0; i<getnc_state->num_records; i++) {
+ getnc_state->guids[i] = samdb_result_guid(search_res->msgs[i], "objectGUID");
+ if (GUID_all_zero(&getnc_state->guids[i])) {
+ DEBUG(2,("getncchanges: bad objectGUID from %s\n", ldb_dn_get_linearized(search_res->msgs[i]->dn)));
+ return WERR_DS_DRA_INTERNAL_ERROR;
+ }
+ }
+
+
+ talloc_free(search_res);
+
getnc_state->uptodateness_vector = talloc_steal(getnc_state, req10->uptodateness_vector);
if (getnc_state->uptodateness_vector) {
/* make sure its sorted */
@@ -1508,15 +1519,49 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
max_links = lpcfg_parm_int(dce_call->conn->dce_ctx->lp_ctx, NULL, "drs", "max link sync", 1500);
for (i=getnc_state->num_sent;
- i<getnc_state->site_res->count &&
+ i<getnc_state->num_records &&
!null_scope &&
(r->out.ctr->ctr6.object_count < max_objects);
i++) {
int uSN;
struct drsuapi_DsReplicaObjectListItemEx *obj;
- struct ldb_message *msg = getnc_state->site_res->msgs[i];
+ struct ldb_message *msg;
+ const char *msg_attrs[] = { "*", "distinguishedName",
+ "nTSecurityDescriptor",
+ "parentGUID",
+ "replPropertyMetaData",
+ "unicodePwd",
+ "dBCSPwd",
+ "ntPwdHistory",
+ "lmPwdHistory",
+ "supplementalCredentials",
+ NULL };
+ struct ldb_result *msg_res;
+ struct ldb_dn *msg_dn;
obj = talloc_zero(mem_ctx, struct drsuapi_DsReplicaObjectListItemEx);
+ W_ERROR_HAVE_NO_MEMORY(obj);
+
+ msg_dn = ldb_dn_new_fmt(obj, sam_ctx, "<GUID=%s>", GUID_string(obj, &getnc_state->guids[i]));
+ W_ERROR_HAVE_NO_MEMORY(msg_dn);
+
+
+ /* by re-searching here we avoid having a lot of full
+ * records in memory between calls to getncchanges
+ */
+ ret = drsuapi_search_with_extended_dn(sam_ctx, obj, &msg_res,
+ msg_dn,
+ LDB_SCOPE_BASE, msg_attrs, NULL);
+ if (ret != LDB_SUCCESS) {
+ if (ret != LDB_ERR_NO_SUCH_OBJECT) {
+ DEBUG(1,("getncchanges: failed to fetch DN %s - %s\n",
+ ldb_dn_get_extended_linearized(obj, msg_dn, 1), ldb_errstring(sam_ctx)));
+ }
+ talloc_free(obj);
+ continue;
+ }
+
+ msg = msg_res->msgs[0];
werr = get_nc_changes_build_object(obj, msg,
sam_ctx, getnc_state->ncRoot_dn,
@@ -1567,11 +1612,14 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
getnc_state->last_dn = ldb_dn_copy(getnc_state, msg->dn);
DEBUG(8,(__location__ ": replicating object %s\n", ldb_dn_get_linearized(msg->dn)));
+
+ talloc_free(msg_res);
+ talloc_free(msg_dn);
}
getnc_state->num_sent += r->out.ctr->ctr6.object_count;
- r->out.ctr->ctr6.nc_object_count = getnc_state->site_res->count;
+ r->out.ctr->ctr6.nc_object_count = getnc_state->num_records;
/* the client can us to call UpdateRefs on its behalf to
re-establish monitoring of the NC */
@@ -1618,7 +1666,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
link_total = getnc_state->la_count;
- if (i < getnc_state->site_res->count) {
+ if (i < getnc_state->num_records) {
r->out.ctr->ctr6.more_data = true;
} else {
/* sort the whole array the first time */
@@ -1670,7 +1718,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_
(unsigned long long)(req10->highwatermark.highest_usn+1),
req10->replica_flags, drs_ObjectIdentifier_to_string(mem_ctx, ncRoot),
r->out.ctr->ctr6.object_count,
- i, r->out.ctr->ctr6.more_data?getnc_state->site_res->count:i,
+ i, r->out.ctr->ctr6.more_data?getnc_state->num_records:i,
r->out.ctr->ctr6.linked_attributes_count,
link_given, link_total,
dom_sid_string(mem_ctx, user_sid)));