summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/auth/credentials/credentials_krb5.h1
-rw-r--r--source4/auth/kerberos/clikrb5.c6
-rwxr-xr-xsource4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py243
-rw-r--r--source4/headermap.txt2
-rw-r--r--source4/heimdal_build/replace.c4
-rw-r--r--source4/heimdal_build/roken.h19
-rw-r--r--source4/kdc/kdc.c2
-rw-r--r--source4/lib/ldb/pyldb.c63
-rwxr-xr-xsource4/lib/ldb/tests/python/api.py13
-rw-r--r--source4/lib/smbreadline/smbreadline.c1
-rw-r--r--source4/librpc/config.mk4
-rw-r--r--source4/librpc/idl/dcerpc.idl306
-rw-r--r--source4/scripting/python/samba/provision.py2
-rw-r--r--source4/selftest/config.mk12
-rw-r--r--source4/smbd/server.c2
-rw-r--r--source4/torture/ldap/cldap.c4
16 files changed, 339 insertions, 345 deletions
diff --git a/source4/auth/credentials/credentials_krb5.h b/source4/auth/credentials/credentials_krb5.h
index 0d0e9f330f..5e56752eb4 100644
--- a/source4/auth/credentials/credentials_krb5.h
+++ b/source4/auth/credentials/credentials_krb5.h
@@ -24,6 +24,7 @@
#define __CREDENTIALS_KRB5_H__
#include <gssapi/gssapi.h>
+#include <gssapi/gssapi_krb5.h>
#include <krb5.h>
struct gssapi_creds_container {
diff --git a/source4/auth/kerberos/clikrb5.c b/source4/auth/kerberos/clikrb5.c
index cf87d13cf2..68e7eb90cc 100644
--- a/source4/auth/kerberos/clikrb5.c
+++ b/source4/auth/kerberos/clikrb5.c
@@ -74,13 +74,9 @@
void kerberos_free_data_contents(krb5_context context, krb5_data *pdata)
{
-#if defined(HAVE_KRB5_FREE_DATA_CONTENTS)
if (pdata->data) {
- krb5_free_data_contents(context, pdata);
+ krb5_data_free(pdata);
}
-#else
- SAFE_FREE(pdata->data);
-#endif
}
krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry)
diff --git a/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py b/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py
new file mode 100755
index 0000000000..ec426c099b
--- /dev/null
+++ b/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py
@@ -0,0 +1,243 @@
+#!/usr/bin/python
+
+# Unix SMB/CIFS implementation.
+# Copyright (C) Andrew Tridgell 2009
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+"""Tests the possibleInferiors generation in the schema_fsmo ldb module"""
+
+import optparse
+import sys
+
+
+# Find right directory when running from source tree
+sys.path.insert(0, "bin/python")
+
+import samba
+from samba import getopt as options, Ldb
+import ldb
+
+parser = optparse.OptionParser("possibleinferiors.py <URL> [<CLASS>]")
+sambaopts = options.SambaOptions(parser)
+parser.add_option_group(sambaopts)
+credopts = options.CredentialsOptions(parser)
+parser.add_option_group(credopts)
+parser.add_option_group(options.VersionOptions(parser))
+
+opts, args = parser.parse_args()
+
+if len(args) < 1:
+ parser.print_usage()
+ sys.exit(1)
+
+url = args[0]
+if (len(args) > 1):
+ objectclass = args[1]
+else:
+ objectclass = None
+
+def uniq_list(alist):
+ """return a unique list"""
+ set = {}
+ return [set.setdefault(e,e) for e in alist if e not in set]
+
+
+lp_ctx = sambaopts.get_loadparm()
+
+creds = credopts.get_credentials(lp_ctx)
+db = Ldb(url, credentials=creds, lp=lp_ctx, options=["modules:paged_searches"])
+
+# get the rootDSE
+res = db.search(base="", expression="",
+ scope=ldb.SCOPE_BASE,
+ attrs=["schemaNamingContext"])
+rootDse = res[0]
+
+schema_base = rootDse["schemaNamingContext"][0]
+
+def possible_inferiors_search(db, oc):
+ """return the possible inferiors via a search for the possibleInferiors attribute"""
+ res = db.search(base=schema_base,
+ expression=("ldapDisplayName=%s" % oc),
+ attrs=["possibleInferiors"])
+
+ poss=[]
+ if len(res) == 0 or res[0].get("possibleInferiors") is None:
+ return poss
+ for item in res[0]["possibleInferiors"]:
+ poss.append(str(item))
+ poss = uniq_list(poss)
+ poss.sort()
+ return poss;
+
+
+
+# see [MS-ADTS] section 3.1.1.4.5.21
+# and section 3.1.1.4.2 for this algorithm
+
+# !systemOnly=TRUE
+# !objectClassCategory=2
+# !objectClassCategory=3
+
+def SUPCLASSES(classinfo, oc):
+ list = []
+ if oc == "top":
+ return list
+ if classinfo[oc].get("SUPCLASSES") is not None:
+ return classinfo[oc]["SUPCLASSES"]
+ res = classinfo[oc]["subClassOf"];
+ for r in res:
+ list.append(r)
+ list.extend(SUPCLASSES(classinfo,r))
+ classinfo[oc]["SUPCLASSES"] = list
+ return list
+
+def AUXCLASSES(classinfo, oclist):
+ list = []
+ if oclist == []:
+ return list
+ for oc in oclist:
+ if classinfo[oc].get("AUXCLASSES") is not None:
+ list.extend(classinfo[oc]["AUXCLASSES"])
+ else:
+ list2 = []
+ list2.extend(classinfo[oc]["systemAuxiliaryClass"])
+ list2.extend(AUXCLASSES(classinfo, classinfo[oc]["systemAuxiliaryClass"]))
+ list2.extend(classinfo[oc]["auxiliaryClass"])
+ list2.extend(AUXCLASSES(classinfo, classinfo[oc]["auxiliaryClass"]))
+ list2.extend(AUXCLASSES(classinfo, SUPCLASSES(classinfo, oc)))
+ classinfo[oc]["AUXCLASSES"] = list2
+ list.extend(list2)
+ return list
+
+def SUBCLASSES(classinfo, oclist):
+ list = []
+ for oc in oclist:
+ list.extend(classinfo[oc]["SUBCLASSES"])
+ return list
+
+def POSSSUPERIORS(classinfo, oclist):
+ list = []
+ for oc in oclist:
+ if classinfo[oc].get("POSSSUPERIORS") is not None:
+ list.extend(classinfo[oc]["POSSSUPERIORS"])
+ else:
+ list2 = []
+ list2.extend(classinfo[oc]["systemPossSuperiors"])
+ list2.extend(classinfo[oc]["possSuperiors"])
+ list2.extend(POSSSUPERIORS(classinfo, SUPCLASSES(classinfo, oc)))
+ # the WSPP docs suggest we should do this:
+ # list2.extend(POSSSUPERIORS(classinfo, AUXCLASSES(classinfo, [oc])))
+ # but testing against w2k3 and w2k8 shows that we need to do this instead
+ list2.extend(SUBCLASSES(classinfo, list2))
+ classinfo[oc]["POSSSUPERIORS"] = list2
+ list.extend(list2)
+ return list
+
+def pull_classinfo(db):
+ """At startup we build a classinfo[] dictionary that holds all the information needed to construct the possible inferiors"""
+ classinfo = {}
+ res = db.search(base=schema_base,
+ expression="objectclass=classSchema",
+ attrs=["ldapDisplayName", "systemOnly", "objectClassCategory",
+ "possSuperiors", "systemPossSuperiors",
+ "auxiliaryClass", "systemAuxiliaryClass", "subClassOf"])
+ for r in res:
+ name = str(r["ldapDisplayName"][0])
+ classinfo[name] = {}
+ if str(r["systemOnly"]) == "TRUE":
+ classinfo[name]["systemOnly"] = True
+ else:
+ classinfo[name]["systemOnly"] = False
+ if r.get("objectClassCategory"):
+ classinfo[name]["objectClassCategory"] = int(r["objectClassCategory"][0])
+ else:
+ classinfo[name]["objectClassCategory"] = 0
+ for a in [ "possSuperiors", "systemPossSuperiors",
+ "auxiliaryClass", "systemAuxiliaryClass",
+ "subClassOf" ]:
+ classinfo[name][a] = []
+ if r.get(a):
+ for i in r[a]:
+ classinfo[name][a].append(str(i))
+
+ # build a list of subclasses for each class
+ def subclasses_recurse(subclasses, oc):
+ list = subclasses[oc]
+ for c in list:
+ list.extend(subclasses_recurse(subclasses, c))
+ return list
+
+ subclasses = {}
+ for oc in classinfo:
+ subclasses[oc] = []
+ for oc in classinfo:
+ for c in classinfo[oc]["subClassOf"]:
+ if not c == oc:
+ subclasses[c].append(oc)
+ for oc in classinfo:
+ classinfo[oc]["SUBCLASSES"] = uniq_list(subclasses_recurse(subclasses, oc))
+
+ return classinfo
+
+def is_in_list(list, c):
+ for a in list:
+ if c == a:
+ return True
+ return False
+
+def possible_inferiors_constructed(db, classinfo, c):
+ list = []
+ for oc in classinfo:
+ superiors = POSSSUPERIORS(classinfo, [oc])
+ if (is_in_list(superiors, c) and
+ classinfo[oc]["systemOnly"] == False and
+ classinfo[oc]["objectClassCategory"] != 2 and
+ classinfo[oc]["objectClassCategory"] != 3):
+ list.append(oc)
+ list = uniq_list(list)
+ list.sort()
+ return list
+
+def test_class(db, classinfo, oc):
+ """test to see if one objectclass returns the correct possibleInferiors"""
+ print "testing objectClass %s" % oc
+ poss1 = possible_inferiors_search(db, oc)
+ poss2 = possible_inferiors_constructed(db, classinfo, oc)
+ if poss1 != poss2:
+ print "Returned incorrect list for objectclass %s" % oc
+ print poss1
+ print poss2
+ for i in range(0,min(len(poss1),len(poss2))):
+ print "%30s %30s" % (poss1[i], poss2[i])
+ exit(1)
+
+def get_object_classes(db):
+ """return a list of all object classes"""
+ list=[]
+ for item in classinfo:
+ list.append(item)
+ return list
+
+classinfo = pull_classinfo(db)
+
+if objectclass is None:
+ for oc in get_object_classes(db):
+ test_class(db,classinfo,oc)
+else:
+ test_class(db,classinfo,objectclass)
+
+print "Lists match OK"
diff --git a/source4/headermap.txt b/source4/headermap.txt
index 280d60beb2..1c86f9e934 100644
--- a/source4/headermap.txt
+++ b/source4/headermap.txt
@@ -86,6 +86,8 @@ librpc/gen_ndr/nbt.h: gen_ndr/nbt.h
librpc/gen_ndr/svcctl.h: gen_ndr/svcctl.h
librpc/gen_ndr/ndr_svcctl.h: gen_ndr/ndr_svcctl.h
librpc/gen_ndr/ndr_svcctl_c.h: gen_ndr/ndr_svcctl_c.h
+../librpc/gen_ndr/dcerpc.h: gen_ndr/dcerpc.h
+../librpc/gen_ndr/ndr_dcerpc.h: gen_ndr/ndr_dcerpc.h
../librpc/gen_ndr/netlogon.h: gen_ndr/netlogon.h
../librpc/gen_ndr/ndr_misc.h: gen_ndr/ndr_misc.h
../librpc/gen_ndr/mgmt.h: gen_ndr/mgmt.h
diff --git a/source4/heimdal_build/replace.c b/source4/heimdal_build/replace.c
index 41309fea6e..ba43dd9495 100644
--- a/source4/heimdal_build/replace.c
+++ b/source4/heimdal_build/replace.c
@@ -84,3 +84,7 @@
return -1;
}
#endif
+
+const char *heimdal_version = "samba-internal-heimdal";
+const char *heimdal_long_version = "samba-interal-heimdal";
+
diff --git a/source4/heimdal_build/roken.h b/source4/heimdal_build/roken.h
index 3edeb2fb2e..e3edd53872 100644
--- a/source4/heimdal_build/roken.h
+++ b/source4/heimdal_build/roken.h
@@ -41,6 +41,22 @@
#define HAVE_STRNDUP
#endif
+#ifndef HAVE_STRLCPY
+#define HAVE_STRLCPY
+#endif
+
+#ifndef HAVE_STRLCAT
+#define HAVE_STRLCAT
+#endif
+
+#ifndef HAVE_STRCASECMP
+#define HAVE_STRCASECMP
+#endif
+
+#ifndef HAVE_MKSTEMP
+#define HAVE_MKSTEMP
+#endif
+
#ifndef HAVE_SETENV
#define HAVE_SETENV
#endif
@@ -84,4 +100,7 @@
#undef SOCKET_WRAPPER_REPLACE
#include "heimdal/lib/roken/roken.h.in"
+extern const char *heimdal_version;
+extern const char *heimdal_long_version;
+
#endif
diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c
index 1cfe9852f0..3d11441062 100644
--- a/source4/kdc/kdc.c
+++ b/source4/kdc/kdc.c
@@ -345,7 +345,7 @@ static bool kdc_process(struct kdc_server *kdc,
}
if (k5_reply.length) {
*reply = data_blob_talloc(mem_ctx, k5_reply.data, k5_reply.length);
- krb5_free_data_contents(kdc->smb_krb5_context->krb5_context, &k5_reply);
+ krb5_data_free(&k5_reply);
} else {
*reply = data_blob(NULL, 0);
}
diff --git a/source4/lib/ldb/pyldb.c b/source4/lib/ldb/pyldb.c
index 7ff4bf4aad..bceda05e4f 100644
--- a/source4/lib/ldb/pyldb.c
+++ b/source4/lib/ldb/pyldb.c
@@ -5,7 +5,7 @@
Copyright (C) 2005,2006 Tim Potter <tpot@samba.org>
Copyright (C) 2006 Simo Sorce <idra@samba.org>
- Copyright (C) 2007-2008 Jelmer Vernooij <jelmer@samba.org>
+ Copyright (C) 2007-2009 Jelmer Vernooij <jelmer@samba.org>
** NOTE! The following LGPL license applies to the ldb
** library. This does NOT imply that all of Samba is released
@@ -65,18 +65,7 @@ static PyObject *PyObject_FromLdbValue(struct ldb_context *ldb_ctx,
PyObject *ret;
new_val = *val;
-
- if (ldb_ctx != NULL) {
- a = ldb_schema_attribute_by_name(ldb_ctx, el->name);
-
- if (a != NULL) {
- if (a->syntax->ldif_write_fn(ldb_ctx, mem_ctx, val, &new_val) != 0) {
- talloc_free(mem_ctx);
- return NULL;
- }
- }
- }
-
+
ret = PyString_FromStringAndSize((const char *)new_val.data, new_val.length);
talloc_free(mem_ctx);
@@ -84,6 +73,14 @@ static PyObject *PyObject_FromLdbValue(struct ldb_context *ldb_ctx,
return ret;
}
+/**
+ * Obtain a ldb DN from a Python object.
+ *
+ * @param mem_ctx Memory context
+ * @param object Python object
+ * @param ldb_ctx LDB context
+ * @return Whether or not the conversion succeeded
+ */
bool PyObject_AsDn(TALLOC_CTX *mem_ctx, PyObject *object,
struct ldb_context *ldb_ctx, struct ldb_dn **dn)
{
@@ -104,6 +101,12 @@ bool PyObject_AsDn(TALLOC_CTX *mem_ctx, PyObject *object,
return false;
}
+/**
+ * Create a Python object from a ldb_result.
+ *
+ * @param result LDB result to convert
+ * @return Python object with converted result (a list object)
+ */
static PyObject *PyLdbResult_FromResult(struct ldb_result *result)
{
PyObject *ret;
@@ -119,7 +122,16 @@ static PyObject *PyLdbResult_FromResult(struct ldb_result *result)
return ret;
}
-static struct ldb_result *PyLdbResult_AsResult(TALLOC_CTX *mem_ctx, PyObject *obj)
+/**
+ * Create a LDB Result from a Python object.
+ * If conversion fails, NULL will be returned and a Python exception set.
+ *
+ * @param mem_ctx Memory context in which to allocate the LDB Result
+ * @param obj Python object to convert
+ * @return a ldb_result, or NULL if the conversion failed
+ */
+static struct ldb_result *PyLdbResult_AsResult(TALLOC_CTX *mem_ctx,
+ PyObject *obj)
{
struct ldb_result *res;
int i;
@@ -451,7 +463,6 @@ static PyObject *py_ldb_get_schema_basedn(PyLdbObject *self)
return PyLdbDn_FromDn(dn);
}
-
static PyObject *py_ldb_get_config_basedn(PyLdbObject *self)
{
struct ldb_dn *dn = ldb_get_config_basedn(PyLdb_AsLdbContext(self));
@@ -460,7 +471,6 @@ static PyObject *py_ldb_get_config_basedn(PyLdbObject *self)
return PyLdbDn_FromDn(dn);
}
-
static PyObject *py_ldb_get_default_basedn(PyLdbObject *self)
{
struct ldb_dn *dn = ldb_get_default_basedn(PyLdb_AsLdbContext(self));
@@ -652,8 +662,6 @@ static PyObject *py_ldb_add(PyLdbObject *self, PyObject *args)
Py_RETURN_NONE;
}
-
-
static PyObject *py_ldb_delete(PyLdbObject *self, PyObject *args)
{
PyObject *py_dn;
@@ -1257,6 +1265,21 @@ PyTypeObject PyLdbModule = {
.tp_flags = Py_TPFLAGS_DEFAULT,
};
+
+/**
+ * Create a ldb_message_element from a Python object.
+ *
+ * This will accept any sequence objects that contains strings, or
+ * a string object.
+ *
+ * A reference to set_obj will be borrowed.
+ *
+ * @param mem_ctx Memory context
+ * @param set_obj Python object to convert
+ * @param flags ldb_message_element flags to set
+ * @param attr_name Name of the attribute
+ * @return New ldb_message_element, allocated as child of mem_ctx
+ */
struct ldb_message_element *PyObject_AsMessageElement(TALLOC_CTX *mem_ctx,
PyObject *set_obj, int flags,
const char *attr_name)
@@ -1274,9 +1297,7 @@ struct ldb_message_element *PyObject_AsMessageElement(TALLOC_CTX *mem_ctx,
me->num_values = 1;
me->values = talloc_array(me, struct ldb_val, me->num_values);
me->values[0].length = PyString_Size(set_obj);
- me->values[0].data = (uint8_t *)talloc_strndup(me->values,
- PyString_AsString(set_obj),
- me->values[0].length);
+ me->values[0].data = (uint8_t *)PyString_AsString(set_obj);
} else if (PySequence_Check(set_obj)) {
int i;
me->num_values = PySequence_Size(set_obj);
diff --git a/source4/lib/ldb/tests/python/api.py b/source4/lib/ldb/tests/python/api.py
index c372b8fa71..07500e2372 100755
--- a/source4/lib/ldb/tests/python/api.py
+++ b/source4/lib/ldb/tests/python/api.py
@@ -258,6 +258,19 @@ class SimpleLdb(unittest.TestCase):
l = ldb.Ldb(filename())
l.set_debug(my_report_fn)
+ def test_zero_byte_string(self):
+ """Testing we do not get trapped in the \0 byte in a property string."""
+ l = ldb.Ldb(filename())
+ l.add({
+ "dn" : "dc=somedn",
+ "objectclass" : "user",
+ "cN" : "LDAPtestUSER",
+ "givenname" : "ldap",
+ "displayname" : "foo\0bar",
+ })
+ res = l.search(expression="(dn=dc=somedn)")
+ self.assertEquals("foo\0bar", res[0]["displayname"][0])
+
class DnTests(unittest.TestCase):
def setUp(self):
diff --git a/source4/lib/smbreadline/smbreadline.c b/source4/lib/smbreadline/smbreadline.c
index 5fb3bf4fae..b07417357f 100644
--- a/source4/lib/smbreadline/smbreadline.c
+++ b/source4/lib/smbreadline/smbreadline.c
@@ -83,6 +83,7 @@ static char *smb_readline_replacement(const char *prompt, void (*callback)(void)
char *ret;
printf("%s", prompt);
+ fflush(stdout);
line = (char *)malloc(BUFSIZ);
if (!line) {
diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk
index 2f1b14dc37..64a4750ab7 100644
--- a/source4/librpc/config.mk
+++ b/source4/librpc/config.mk
@@ -595,9 +595,9 @@ RPC_NDR_KEYSVC_OBJ_FILES = ../librpc/gen_ndr/ndr_keysvc_c.o
[SUBSYSTEM::NDR_DCERPC]
PUBLIC_DEPENDENCIES = LIBNDR
-NDR_DCERPC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dcerpc.o
+NDR_DCERPC_OBJ_FILES = ../librpc/gen_ndr/ndr_dcerpc.o
-PUBLIC_HEADERS += $(addprefix $(librpcsrcdir)/, gen_ndr/dcerpc.h gen_ndr/ndr_dcerpc.h)
+PUBLIC_HEADERS += ../librpc/gen_ndr/dcerpc.h ../librpc/gen_ndr/ndr_dcerpc.h
################################################
# Start SUBSYSTEM dcerpc
diff --git a/source4/librpc/idl/dcerpc.idl b/source4/librpc/idl/dcerpc.idl
deleted file mode 100644
index 7c0abe6ab8..0000000000
--- a/source4/librpc/idl/dcerpc.idl
+++ /dev/null
@@ -1,306 +0,0 @@
-#include "idl_types.h"
-
-/*
- the base dcerpc packet definitions - not traditionally coded as IDL,
- but given that pidl can handle it nicely it simplifies things a lot
- to do it this way
-
- see http://www.opengroup.org/onlinepubs/9629399/chap12.htm for packet
- layouts
-*/
-import "misc.idl";
-
-interface dcerpc
-{
- typedef struct {
- uint16 context_id;
- uint8 num_transfer_syntaxes;
- ndr_syntax_id abstract_syntax;
- ndr_syntax_id transfer_syntaxes[num_transfer_syntaxes];
- } dcerpc_ctx_list;
-
- typedef struct {
- uint16 max_xmit_frag;
- uint16 max_recv_frag;
- uint32 assoc_group_id;
- uint8 num_contexts;
- dcerpc_ctx_list ctx_list[num_contexts];
- [flag(NDR_ALIGN4)] DATA_BLOB _pad;
- [flag(NDR_REMAINING)] DATA_BLOB auth_info;
- } dcerpc_bind;
-
- const uint8 DCERPC_REQUEST_LENGTH = 24;
-
- typedef struct {
- } dcerpc_empty;
-
- typedef [nodiscriminant] union {
- [default] dcerpc_empty empty;
- [case(LIBNDR_FLAG_OBJECT_PRESENT)] GUID object;
- } dcerpc_object;
-
- typedef struct {
- uint32 alloc_hint;
- uint16 context_id;
- uint16 opnum;
- [switch_is(ndr->flags & LIBNDR_FLAG_OBJECT_PRESENT)] dcerpc_object object;
- [flag(NDR_ALIGN8)] DATA_BLOB _pad;
- [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier;
- } dcerpc_request;
-
- const int DCERPC_BIND_REASON_ASYNTAX = 1;
- const int DCERPC_BIND_PROVIDER_REJECT = 2;
- const int DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED = 4;
- const int DCERPC_BIND_REASON_INVALID_AUTH_TYPE = 8;
-
- typedef struct {
- uint16 result;
- uint16 reason;
- ndr_syntax_id syntax;
- } dcerpc_ack_ctx;
-
- typedef struct {
- uint16 max_xmit_frag;
- uint16 max_recv_frag;
- uint32 assoc_group_id;
- [value(strlen(secondary_address)+1)] uint16 secondary_address_size;
- [charset(DOS)] uint8 secondary_address[secondary_address_size];
- [flag(NDR_ALIGN4)] DATA_BLOB _pad1;
- uint8 num_results;
- dcerpc_ack_ctx ctx_list[num_results];
- [flag(NDR_REMAINING)] DATA_BLOB auth_info;
- } dcerpc_bind_ack;
-
- typedef struct {
- uint32 num_versions;
- uint32 versions[num_versions];
- } dcerpc_bind_nak_versions;
-
- typedef [nodiscriminant] union {
- [case(DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED)] dcerpc_bind_nak_versions v;
- [default] ;
- } dcerpc_bind_nak_versions_ctr;
-
- typedef struct {
- uint16 reject_reason;
- [switch_is(reject_reason)] dcerpc_bind_nak_versions_ctr versions;
- } dcerpc_bind_nak;
-
- const uint8 DCERPC_RESPONSE_LENGTH = 24;
-
- typedef struct {
- uint32 alloc_hint;
- uint16 context_id;
- uint8 cancel_count;
- [flag(NDR_ALIGN8)] DATA_BLOB _pad;
- [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier;
- } dcerpc_response;
-
-
- const int DCERPC_FAULT_OP_RNG_ERROR = 0x1c010002;
- const int DCERPC_FAULT_UNK_IF = 0x1c010003;
- const int DCERPC_FAULT_NDR = 0x000006f7;
- const int DCERPC_FAULT_INVALID_TAG = 0x1c000006;
- const int DCERPC_FAULT_CONTEXT_MISMATCH = 0x1c00001a;
- const int DCERPC_FAULT_OTHER = 0x00000001;
- const int DCERPC_FAULT_ACCESS_DENIED = 0x00000005;
- const int DCERPC_FAULT_CANT_PERFORM = 0x000006d8;
-
- /* we return this fault when we haven't yet run the test
- to see what fault w2k3 returns in this case */
- const int DCERPC_FAULT_TODO = 0x00000042;
-
- typedef struct {
- uint32 alloc_hint;
- uint16 context_id;
- uint8 cancel_count;
- uint32 status;
- [flag(NDR_REMAINING)] DATA_BLOB _pad;
- } dcerpc_fault;
-
- /* the auth types we know about */
- typedef [enum8bit] enum {
- DCERPC_AUTH_TYPE_NONE = 0,
- /* this seems to be not krb5! */
- DCERPC_AUTH_TYPE_KRB5_1 = 1,
- DCERPC_AUTH_TYPE_SPNEGO = 9,
- DCERPC_AUTH_TYPE_NTLMSSP = 10,
- DCERPC_AUTH_TYPE_KRB5 = 16,
- DCERPC_AUTH_TYPE_DPA = 17,
- DCERPC_AUTH_TYPE_MSN = 18,
- DCERPC_AUTH_TYPE_DIGEST = 21,
- DCERPC_AUTH_TYPE_SCHANNEL = 68,
- DCERPC_AUTH_TYPE_MSMQ = 100
- } dcerpc_AuthType;
-
- typedef [enum8bit] enum {
- DCERPC_AUTH_LEVEL_NONE = 1,
- DCERPC_AUTH_LEVEL_CONNECT = 2,
- DCERPC_AUTH_LEVEL_CALL = 3,
- DCERPC_AUTH_LEVEL_PACKET = 4,
- DCERPC_AUTH_LEVEL_INTEGRITY = 5,
- DCERPC_AUTH_LEVEL_PRIVACY = 6
- } dcerpc_AuthLevel;
-
- const uint8 DCERPC_AUTH_LEVEL_DEFAULT = DCERPC_AUTH_LEVEL_CONNECT;
-
- typedef [public] struct {
- dcerpc_AuthType auth_type;
- dcerpc_AuthLevel auth_level;
- uint8 auth_pad_length;
- uint8 auth_reserved;
- uint32 auth_context_id;
- [flag(NDR_REMAINING)] DATA_BLOB credentials;
- } dcerpc_auth;
-
- const uint8 DCERPC_AUTH_TRAILER_LENGTH = 8;
-
- typedef [public] struct {
- uint32 _pad;
- [flag(NDR_REMAINING)] DATA_BLOB auth_info;
- } dcerpc_auth3;
-
- typedef [public] struct {
- uint32 _pad;
- [flag(NDR_REMAINING)] DATA_BLOB auth_info;
- } dcerpc_orphaned;
-
- typedef [public] struct {
- uint32 _pad;
- [flag(NDR_REMAINING)] DATA_BLOB auth_info;
- } dcerpc_co_cancel;
-
- typedef [public] struct {
- uint32 version;
- uint32 id;
- } dcerpc_cl_cancel;
-
- typedef [public] struct {
- uint32 version;
- uint32 id;
- boolean32 server_is_accepting;
- } dcerpc_cancel_ack;
-
- typedef [public] struct {
- uint32 version;
- uint8 _pad1;
- uint16 window_size;
- uint32 max_tdsu;
- uint32 max_frag_size;
- uint16 serial_no;
- uint16 selack_size;
- uint32 selack[selack_size];
- } dcerpc_fack;
-
- typedef [public] struct {
- } dcerpc_ack;
-
- typedef [public] struct {
- } dcerpc_ping;
-
- typedef [public] struct {
- } dcerpc_shutdown;
-
- typedef [public] struct {
- } dcerpc_working;
-
- typedef [enum8bit] enum {
- DCERPC_PKT_REQUEST = 0, /* Ordinary request. */
- DCERPC_PKT_PING = 1, /* Connectionless is server alive ? */
- DCERPC_PKT_RESPONSE = 2, /* Ordinary reply. */
- DCERPC_PKT_FAULT = 3, /* Fault in processing of call. */
- DCERPC_PKT_WORKING = 4, /* Connectionless reply to a ping when server busy. */
- DCERPC_PKT_NOCALL = 5, /* Connectionless reply to a ping when server has lost part of clients call. */
- DCERPC_PKT_REJECT = 6, /* Refuse a request with a code. */
- DCERPC_PKT_ACK = 7, /* Connectionless client to server code. */
- DCERPC_PKT_CL_CANCEL = 8, /* Connectionless cancel. */
- DCERPC_PKT_FACK = 9, /* Connectionless fragment ack. Both client and server send. */
- DCERPC_PKT_CANCEL_ACK = 10, /* Server ACK to client cancel request. */
- DCERPC_PKT_BIND = 11, /* Bind to interface. */
- DCERPC_PKT_BIND_ACK = 12, /* Server ack of bind. */
- DCERPC_PKT_BIND_NAK = 13, /* Server nack of bind. */
- DCERPC_PKT_ALTER = 14, /* Alter auth. */
- DCERPC_PKT_ALTER_RESP = 15, /* Reply to alter auth. */
- DCERPC_PKT_AUTH3 = 16, /* not the real name! this is undocumented! */
- DCERPC_PKT_SHUTDOWN = 17, /* Server to client request to shutdown. */
- DCERPC_PKT_CO_CANCEL = 18, /* Connection-oriented cancel request. */
- DCERPC_PKT_ORPHANED = 19 /* Client telling server it's aborting a partially sent request or telling server to stop sending replies. */
- } dcerpc_pkt_type;
-
- typedef [nodiscriminant] union {
- [case(DCERPC_PKT_REQUEST)] dcerpc_request request;
- [case(DCERPC_PKT_PING)] dcerpc_ping ping;
- [case(DCERPC_PKT_RESPONSE)] dcerpc_response response;
- [case(DCERPC_PKT_FAULT)] dcerpc_fault fault;
- [case(DCERPC_PKT_WORKING)] dcerpc_working working;
- [case(DCERPC_PKT_NOCALL)] dcerpc_fack nocall;
- [case(DCERPC_PKT_REJECT)] dcerpc_fault reject;
- [case(DCERPC_PKT_ACK)] dcerpc_ack ack;
- [case(DCERPC_PKT_CL_CANCEL)] dcerpc_cl_cancel cl_cancel;
- [case(DCERPC_PKT_FACK)] dcerpc_fack fack;
- [case(DCERPC_PKT_CANCEL_ACK)] dcerpc_cancel_ack cancel_ack;
- [case(DCERPC_PKT_BIND)] dcerpc_bind bind;
- [case(DCERPC_PKT_BIND_ACK)] dcerpc_bind_ack bind_ack;
- [case(DCERPC_PKT_BIND_NAK)] dcerpc_bind_nak bind_nak;
- [case(DCERPC_PKT_ALTER)] dcerpc_bind alter;
- [case(DCERPC_PKT_ALTER_RESP)] dcerpc_bind_ack alter_resp;
- [case(DCERPC_PKT_SHUTDOWN)] dcerpc_shutdown shutdown;
- [case(DCERPC_PKT_CO_CANCEL)] dcerpc_co_cancel co_cancel;
- [case(DCERPC_PKT_ORPHANED)] dcerpc_orphaned orphaned;
- [case(DCERPC_PKT_AUTH3)] dcerpc_auth3 auth3;
- } dcerpc_payload;
-
- /* pfc_flags values */
- const uint8 DCERPC_PFC_FLAG_FIRST = 0x01; /* First fragment */
- const uint8 DCERPC_PFC_FLAG_LAST = 0x02; /* Last fragment */
- const uint8 DCERPC_PFC_FLAG_PENDING_CANCEL = 0x04; /* Cancel was pending at sender */
- const uint8 DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN = DCERPC_PFC_FLAG_PENDING_CANCEL; /* depends on the pdu type */
- const uint8 DCERPC_PFC_FLAG_CONC_MPX = 0x10; /* supports concurrent multiplexing of a single connection. */
- const uint8 DCERPC_PFC_FLAG_DID_NOT_EXECUTE = 0x20; /* on a fault it means the server hasn't done anything */
- const uint8 DCERPC_PFC_FLAG_MAYBE = 0x40; /* `maybe' call semantics requested */
- const uint8 DCERPC_PFC_FLAG_OBJECT_UUID = 0x80; /* on valid guid is in the optional object field */
-
- /* these offsets are needed by the signing code */
- const uint8 DCERPC_PFC_OFFSET = 3;
- const uint8 DCERPC_DREP_OFFSET = 4;
- const uint8 DCERPC_FRAG_LEN_OFFSET = 8;
- const uint8 DCERPC_AUTH_LEN_OFFSET = 10;
-
- /* little-endian flag */
- const uint8 DCERPC_DREP_LE = 0x10;
-
- typedef [public] struct {
- uint8 rpc_vers; /* RPC version */
- uint8 rpc_vers_minor; /* Minor version */
- dcerpc_pkt_type ptype; /* Packet type */
- uint8 pfc_flags; /* Fragmentation flags */
- uint8 drep[4]; /* NDR data representation */
- uint16 frag_length; /* Total length of fragment */
- uint16 auth_length; /* authenticator length */
- uint32 call_id; /* Call identifier */
- [switch_is(ptype)] dcerpc_payload u;
- } ncacn_packet;
-
- typedef [public] struct {
- uint8 rpc_vers; /* RPC version (4) */
- uint8 ptype;
- uint8 pfc_flags;
- uint8 ncadg_flags;
- uint8 drep[3];
- uint8 serial_high;
- GUID object;
- GUID iface;
- GUID activity;
- uint32 server_boot; /* Server boot time */
- uint32 iface_version;
- uint32 seq_num;
- uint16 opnum;
- uint16 ihint;
- uint16 ahint;
- uint16 len;
- uint16 fragnum;
- uint8 auth_proto;
- uint8 serial_low;
- [switch_is(ptype)] dcerpc_payload u;
- } ncadg_packet;
-}
diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py
index d96857661e..896f237bd7 100644
--- a/source4/scripting/python/samba/provision.py
+++ b/source4/scripting/python/samba/provision.py
@@ -1056,7 +1056,7 @@ def provision(setup_dir, message, session_info,
serverrole=serverrole, ldap_backend=ldap_backend,
ldap_backend_type=ldap_backend_type)
- if lp.get("server role") == "domain controller":
+ if serverrole == "domain controller":
if paths.netlogon is None:
message("Existing smb.conf does not have a [netlogon] share, but you are configuring a DC.")
message("Please either remove %s or see the template at %s" %
diff --git a/source4/selftest/config.mk b/source4/selftest/config.mk
index 324532c22a..1838a0bb38 100644
--- a/source4/selftest/config.mk
+++ b/source4/selftest/config.mk
@@ -59,31 +59,31 @@ test-%::
valgrindtest:: valgrindtest-all
valgrindtest-quick:: all
- SMBD_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \
+ SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \
VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \
$(SELFTEST) $(SELFTEST_QUICK_OPTS) --immediate --socket-wrapper $(TESTS)
valgrindtest-all:: everything
- SMBD_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \
+ SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \
VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \
$(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --immediate --socket-wrapper $(TESTS)
valgrindtest-env:: everything
- SMBD_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \
+ SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \
VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \
$(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --socket-wrapper --testenv
gdbtest:: gdbtest-all
gdbtest-quick:: all
- SMBD_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \
+ SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \
$(SELFTEST) $(SELFTEST_QUICK_OPTS) --immediate --socket-wrapper $(TESTS)
gdbtest-all:: everything
- SMBD_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \
+ SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \
$(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --immediate --socket-wrapper $(TESTS)
gdbtest-env:: everything
- SMBD_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \
+ SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \
$(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --socket-wrapper --testenv
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index d576782ab1..635e84fafe 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -365,5 +365,5 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[
int main(int argc, const char *argv[])
{
- return binary_smbd_main("smbd", argc, argv);
+ return binary_smbd_main("samba", argc, argv);
}
diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c
index 98669288a8..814c9ac86d 100644
--- a/source4/torture/ldap/cldap.c
+++ b/source4/torture/ldap/cldap.c
@@ -59,8 +59,8 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
CHECK_STATUS(status, NT_STATUS_OK);
ZERO_STRUCT(search);
- search.in.dest_address = NULL;//dest;
- search.in.dest_port = 0;//lp_cldap_port(tctx->lp_ctx);
+ search.in.dest_address = NULL;
+ search.in.dest_port = 0;
search.in.acct_control = -1;
search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
search.in.map_response = true;