diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/auth/credentials/credentials_krb5.h | 1 | ||||
-rw-r--r-- | source4/auth/kerberos/clikrb5.c | 6 | ||||
-rwxr-xr-x | source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py | 243 | ||||
-rw-r--r-- | source4/headermap.txt | 2 | ||||
-rw-r--r-- | source4/heimdal_build/replace.c | 4 | ||||
-rw-r--r-- | source4/heimdal_build/roken.h | 19 | ||||
-rw-r--r-- | source4/kdc/kdc.c | 2 | ||||
-rw-r--r-- | source4/lib/ldb/pyldb.c | 63 | ||||
-rwxr-xr-x | source4/lib/ldb/tests/python/api.py | 13 | ||||
-rw-r--r-- | source4/lib/smbreadline/smbreadline.c | 1 | ||||
-rw-r--r-- | source4/librpc/config.mk | 4 | ||||
-rw-r--r-- | source4/librpc/idl/dcerpc.idl | 306 | ||||
-rw-r--r-- | source4/scripting/python/samba/provision.py | 2 | ||||
-rw-r--r-- | source4/selftest/config.mk | 12 | ||||
-rw-r--r-- | source4/smbd/server.c | 2 | ||||
-rw-r--r-- | source4/torture/ldap/cldap.c | 4 |
16 files changed, 339 insertions, 345 deletions
diff --git a/source4/auth/credentials/credentials_krb5.h b/source4/auth/credentials/credentials_krb5.h index 0d0e9f330f..5e56752eb4 100644 --- a/source4/auth/credentials/credentials_krb5.h +++ b/source4/auth/credentials/credentials_krb5.h @@ -24,6 +24,7 @@ #define __CREDENTIALS_KRB5_H__ #include <gssapi/gssapi.h> +#include <gssapi/gssapi_krb5.h> #include <krb5.h> struct gssapi_creds_container { diff --git a/source4/auth/kerberos/clikrb5.c b/source4/auth/kerberos/clikrb5.c index cf87d13cf2..68e7eb90cc 100644 --- a/source4/auth/kerberos/clikrb5.c +++ b/source4/auth/kerberos/clikrb5.c @@ -74,13 +74,9 @@ void kerberos_free_data_contents(krb5_context context, krb5_data *pdata) { -#if defined(HAVE_KRB5_FREE_DATA_CONTENTS) if (pdata->data) { - krb5_free_data_contents(context, pdata); + krb5_data_free(pdata); } -#else - SAFE_FREE(pdata->data); -#endif } krb5_error_code smb_krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *kt_entry) diff --git a/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py b/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py new file mode 100755 index 0000000000..ec426c099b --- /dev/null +++ b/source4/dsdb/samdb/ldb_modules/tests/possibleinferiors.py @@ -0,0 +1,243 @@ +#!/usr/bin/python + +# Unix SMB/CIFS implementation. +# Copyright (C) Andrew Tridgell 2009 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +"""Tests the possibleInferiors generation in the schema_fsmo ldb module""" + +import optparse +import sys + + +# Find right directory when running from source tree +sys.path.insert(0, "bin/python") + +import samba +from samba import getopt as options, Ldb +import ldb + +parser = optparse.OptionParser("possibleinferiors.py <URL> [<CLASS>]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option_group(options.VersionOptions(parser)) + +opts, args = parser.parse_args() + +if len(args) < 1: + parser.print_usage() + sys.exit(1) + +url = args[0] +if (len(args) > 1): + objectclass = args[1] +else: + objectclass = None + +def uniq_list(alist): + """return a unique list""" + set = {} + return [set.setdefault(e,e) for e in alist if e not in set] + + +lp_ctx = sambaopts.get_loadparm() + +creds = credopts.get_credentials(lp_ctx) +db = Ldb(url, credentials=creds, lp=lp_ctx, options=["modules:paged_searches"]) + +# get the rootDSE +res = db.search(base="", expression="", + scope=ldb.SCOPE_BASE, + attrs=["schemaNamingContext"]) +rootDse = res[0] + +schema_base = rootDse["schemaNamingContext"][0] + +def possible_inferiors_search(db, oc): + """return the possible inferiors via a search for the possibleInferiors attribute""" + res = db.search(base=schema_base, + expression=("ldapDisplayName=%s" % oc), + attrs=["possibleInferiors"]) + + poss=[] + if len(res) == 0 or res[0].get("possibleInferiors") is None: + return poss + for item in res[0]["possibleInferiors"]: + poss.append(str(item)) + poss = uniq_list(poss) + poss.sort() + return poss; + + + +# see [MS-ADTS] section 3.1.1.4.5.21 +# and section 3.1.1.4.2 for this algorithm + +# !systemOnly=TRUE +# !objectClassCategory=2 +# !objectClassCategory=3 + +def SUPCLASSES(classinfo, oc): + list = [] + if oc == "top": + return list + if classinfo[oc].get("SUPCLASSES") is not None: + return classinfo[oc]["SUPCLASSES"] + res = classinfo[oc]["subClassOf"]; + for r in res: + list.append(r) + list.extend(SUPCLASSES(classinfo,r)) + classinfo[oc]["SUPCLASSES"] = list + return list + +def AUXCLASSES(classinfo, oclist): + list = [] + if oclist == []: + return list + for oc in oclist: + if classinfo[oc].get("AUXCLASSES") is not None: + list.extend(classinfo[oc]["AUXCLASSES"]) + else: + list2 = [] + list2.extend(classinfo[oc]["systemAuxiliaryClass"]) + list2.extend(AUXCLASSES(classinfo, classinfo[oc]["systemAuxiliaryClass"])) + list2.extend(classinfo[oc]["auxiliaryClass"]) + list2.extend(AUXCLASSES(classinfo, classinfo[oc]["auxiliaryClass"])) + list2.extend(AUXCLASSES(classinfo, SUPCLASSES(classinfo, oc))) + classinfo[oc]["AUXCLASSES"] = list2 + list.extend(list2) + return list + +def SUBCLASSES(classinfo, oclist): + list = [] + for oc in oclist: + list.extend(classinfo[oc]["SUBCLASSES"]) + return list + +def POSSSUPERIORS(classinfo, oclist): + list = [] + for oc in oclist: + if classinfo[oc].get("POSSSUPERIORS") is not None: + list.extend(classinfo[oc]["POSSSUPERIORS"]) + else: + list2 = [] + list2.extend(classinfo[oc]["systemPossSuperiors"]) + list2.extend(classinfo[oc]["possSuperiors"]) + list2.extend(POSSSUPERIORS(classinfo, SUPCLASSES(classinfo, oc))) + # the WSPP docs suggest we should do this: + # list2.extend(POSSSUPERIORS(classinfo, AUXCLASSES(classinfo, [oc]))) + # but testing against w2k3 and w2k8 shows that we need to do this instead + list2.extend(SUBCLASSES(classinfo, list2)) + classinfo[oc]["POSSSUPERIORS"] = list2 + list.extend(list2) + return list + +def pull_classinfo(db): + """At startup we build a classinfo[] dictionary that holds all the information needed to construct the possible inferiors""" + classinfo = {} + res = db.search(base=schema_base, + expression="objectclass=classSchema", + attrs=["ldapDisplayName", "systemOnly", "objectClassCategory", + "possSuperiors", "systemPossSuperiors", + "auxiliaryClass", "systemAuxiliaryClass", "subClassOf"]) + for r in res: + name = str(r["ldapDisplayName"][0]) + classinfo[name] = {} + if str(r["systemOnly"]) == "TRUE": + classinfo[name]["systemOnly"] = True + else: + classinfo[name]["systemOnly"] = False + if r.get("objectClassCategory"): + classinfo[name]["objectClassCategory"] = int(r["objectClassCategory"][0]) + else: + classinfo[name]["objectClassCategory"] = 0 + for a in [ "possSuperiors", "systemPossSuperiors", + "auxiliaryClass", "systemAuxiliaryClass", + "subClassOf" ]: + classinfo[name][a] = [] + if r.get(a): + for i in r[a]: + classinfo[name][a].append(str(i)) + + # build a list of subclasses for each class + def subclasses_recurse(subclasses, oc): + list = subclasses[oc] + for c in list: + list.extend(subclasses_recurse(subclasses, c)) + return list + + subclasses = {} + for oc in classinfo: + subclasses[oc] = [] + for oc in classinfo: + for c in classinfo[oc]["subClassOf"]: + if not c == oc: + subclasses[c].append(oc) + for oc in classinfo: + classinfo[oc]["SUBCLASSES"] = uniq_list(subclasses_recurse(subclasses, oc)) + + return classinfo + +def is_in_list(list, c): + for a in list: + if c == a: + return True + return False + +def possible_inferiors_constructed(db, classinfo, c): + list = [] + for oc in classinfo: + superiors = POSSSUPERIORS(classinfo, [oc]) + if (is_in_list(superiors, c) and + classinfo[oc]["systemOnly"] == False and + classinfo[oc]["objectClassCategory"] != 2 and + classinfo[oc]["objectClassCategory"] != 3): + list.append(oc) + list = uniq_list(list) + list.sort() + return list + +def test_class(db, classinfo, oc): + """test to see if one objectclass returns the correct possibleInferiors""" + print "testing objectClass %s" % oc + poss1 = possible_inferiors_search(db, oc) + poss2 = possible_inferiors_constructed(db, classinfo, oc) + if poss1 != poss2: + print "Returned incorrect list for objectclass %s" % oc + print poss1 + print poss2 + for i in range(0,min(len(poss1),len(poss2))): + print "%30s %30s" % (poss1[i], poss2[i]) + exit(1) + +def get_object_classes(db): + """return a list of all object classes""" + list=[] + for item in classinfo: + list.append(item) + return list + +classinfo = pull_classinfo(db) + +if objectclass is None: + for oc in get_object_classes(db): + test_class(db,classinfo,oc) +else: + test_class(db,classinfo,objectclass) + +print "Lists match OK" diff --git a/source4/headermap.txt b/source4/headermap.txt index 280d60beb2..1c86f9e934 100644 --- a/source4/headermap.txt +++ b/source4/headermap.txt @@ -86,6 +86,8 @@ librpc/gen_ndr/nbt.h: gen_ndr/nbt.h librpc/gen_ndr/svcctl.h: gen_ndr/svcctl.h librpc/gen_ndr/ndr_svcctl.h: gen_ndr/ndr_svcctl.h librpc/gen_ndr/ndr_svcctl_c.h: gen_ndr/ndr_svcctl_c.h +../librpc/gen_ndr/dcerpc.h: gen_ndr/dcerpc.h +../librpc/gen_ndr/ndr_dcerpc.h: gen_ndr/ndr_dcerpc.h ../librpc/gen_ndr/netlogon.h: gen_ndr/netlogon.h ../librpc/gen_ndr/ndr_misc.h: gen_ndr/ndr_misc.h ../librpc/gen_ndr/mgmt.h: gen_ndr/mgmt.h diff --git a/source4/heimdal_build/replace.c b/source4/heimdal_build/replace.c index 41309fea6e..ba43dd9495 100644 --- a/source4/heimdal_build/replace.c +++ b/source4/heimdal_build/replace.c @@ -84,3 +84,7 @@ return -1; } #endif + +const char *heimdal_version = "samba-internal-heimdal"; +const char *heimdal_long_version = "samba-interal-heimdal"; + diff --git a/source4/heimdal_build/roken.h b/source4/heimdal_build/roken.h index 3edeb2fb2e..e3edd53872 100644 --- a/source4/heimdal_build/roken.h +++ b/source4/heimdal_build/roken.h @@ -41,6 +41,22 @@ #define HAVE_STRNDUP #endif +#ifndef HAVE_STRLCPY +#define HAVE_STRLCPY +#endif + +#ifndef HAVE_STRLCAT +#define HAVE_STRLCAT +#endif + +#ifndef HAVE_STRCASECMP +#define HAVE_STRCASECMP +#endif + +#ifndef HAVE_MKSTEMP +#define HAVE_MKSTEMP +#endif + #ifndef HAVE_SETENV #define HAVE_SETENV #endif @@ -84,4 +100,7 @@ #undef SOCKET_WRAPPER_REPLACE #include "heimdal/lib/roken/roken.h.in" +extern const char *heimdal_version; +extern const char *heimdal_long_version; + #endif diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c index 1cfe9852f0..3d11441062 100644 --- a/source4/kdc/kdc.c +++ b/source4/kdc/kdc.c @@ -345,7 +345,7 @@ static bool kdc_process(struct kdc_server *kdc, } if (k5_reply.length) { *reply = data_blob_talloc(mem_ctx, k5_reply.data, k5_reply.length); - krb5_free_data_contents(kdc->smb_krb5_context->krb5_context, &k5_reply); + krb5_data_free(&k5_reply); } else { *reply = data_blob(NULL, 0); } diff --git a/source4/lib/ldb/pyldb.c b/source4/lib/ldb/pyldb.c index 7ff4bf4aad..bceda05e4f 100644 --- a/source4/lib/ldb/pyldb.c +++ b/source4/lib/ldb/pyldb.c @@ -5,7 +5,7 @@ Copyright (C) 2005,2006 Tim Potter <tpot@samba.org> Copyright (C) 2006 Simo Sorce <idra@samba.org> - Copyright (C) 2007-2008 Jelmer Vernooij <jelmer@samba.org> + Copyright (C) 2007-2009 Jelmer Vernooij <jelmer@samba.org> ** NOTE! The following LGPL license applies to the ldb ** library. This does NOT imply that all of Samba is released @@ -65,18 +65,7 @@ static PyObject *PyObject_FromLdbValue(struct ldb_context *ldb_ctx, PyObject *ret; new_val = *val; - - if (ldb_ctx != NULL) { - a = ldb_schema_attribute_by_name(ldb_ctx, el->name); - - if (a != NULL) { - if (a->syntax->ldif_write_fn(ldb_ctx, mem_ctx, val, &new_val) != 0) { - talloc_free(mem_ctx); - return NULL; - } - } - } - + ret = PyString_FromStringAndSize((const char *)new_val.data, new_val.length); talloc_free(mem_ctx); @@ -84,6 +73,14 @@ static PyObject *PyObject_FromLdbValue(struct ldb_context *ldb_ctx, return ret; } +/** + * Obtain a ldb DN from a Python object. + * + * @param mem_ctx Memory context + * @param object Python object + * @param ldb_ctx LDB context + * @return Whether or not the conversion succeeded + */ bool PyObject_AsDn(TALLOC_CTX *mem_ctx, PyObject *object, struct ldb_context *ldb_ctx, struct ldb_dn **dn) { @@ -104,6 +101,12 @@ bool PyObject_AsDn(TALLOC_CTX *mem_ctx, PyObject *object, return false; } +/** + * Create a Python object from a ldb_result. + * + * @param result LDB result to convert + * @return Python object with converted result (a list object) + */ static PyObject *PyLdbResult_FromResult(struct ldb_result *result) { PyObject *ret; @@ -119,7 +122,16 @@ static PyObject *PyLdbResult_FromResult(struct ldb_result *result) return ret; } -static struct ldb_result *PyLdbResult_AsResult(TALLOC_CTX *mem_ctx, PyObject *obj) +/** + * Create a LDB Result from a Python object. + * If conversion fails, NULL will be returned and a Python exception set. + * + * @param mem_ctx Memory context in which to allocate the LDB Result + * @param obj Python object to convert + * @return a ldb_result, or NULL if the conversion failed + */ +static struct ldb_result *PyLdbResult_AsResult(TALLOC_CTX *mem_ctx, + PyObject *obj) { struct ldb_result *res; int i; @@ -451,7 +463,6 @@ static PyObject *py_ldb_get_schema_basedn(PyLdbObject *self) return PyLdbDn_FromDn(dn); } - static PyObject *py_ldb_get_config_basedn(PyLdbObject *self) { struct ldb_dn *dn = ldb_get_config_basedn(PyLdb_AsLdbContext(self)); @@ -460,7 +471,6 @@ static PyObject *py_ldb_get_config_basedn(PyLdbObject *self) return PyLdbDn_FromDn(dn); } - static PyObject *py_ldb_get_default_basedn(PyLdbObject *self) { struct ldb_dn *dn = ldb_get_default_basedn(PyLdb_AsLdbContext(self)); @@ -652,8 +662,6 @@ static PyObject *py_ldb_add(PyLdbObject *self, PyObject *args) Py_RETURN_NONE; } - - static PyObject *py_ldb_delete(PyLdbObject *self, PyObject *args) { PyObject *py_dn; @@ -1257,6 +1265,21 @@ PyTypeObject PyLdbModule = { .tp_flags = Py_TPFLAGS_DEFAULT, }; + +/** + * Create a ldb_message_element from a Python object. + * + * This will accept any sequence objects that contains strings, or + * a string object. + * + * A reference to set_obj will be borrowed. + * + * @param mem_ctx Memory context + * @param set_obj Python object to convert + * @param flags ldb_message_element flags to set + * @param attr_name Name of the attribute + * @return New ldb_message_element, allocated as child of mem_ctx + */ struct ldb_message_element *PyObject_AsMessageElement(TALLOC_CTX *mem_ctx, PyObject *set_obj, int flags, const char *attr_name) @@ -1274,9 +1297,7 @@ struct ldb_message_element *PyObject_AsMessageElement(TALLOC_CTX *mem_ctx, me->num_values = 1; me->values = talloc_array(me, struct ldb_val, me->num_values); me->values[0].length = PyString_Size(set_obj); - me->values[0].data = (uint8_t *)talloc_strndup(me->values, - PyString_AsString(set_obj), - me->values[0].length); + me->values[0].data = (uint8_t *)PyString_AsString(set_obj); } else if (PySequence_Check(set_obj)) { int i; me->num_values = PySequence_Size(set_obj); diff --git a/source4/lib/ldb/tests/python/api.py b/source4/lib/ldb/tests/python/api.py index c372b8fa71..07500e2372 100755 --- a/source4/lib/ldb/tests/python/api.py +++ b/source4/lib/ldb/tests/python/api.py @@ -258,6 +258,19 @@ class SimpleLdb(unittest.TestCase): l = ldb.Ldb(filename()) l.set_debug(my_report_fn) + def test_zero_byte_string(self): + """Testing we do not get trapped in the \0 byte in a property string.""" + l = ldb.Ldb(filename()) + l.add({ + "dn" : "dc=somedn", + "objectclass" : "user", + "cN" : "LDAPtestUSER", + "givenname" : "ldap", + "displayname" : "foo\0bar", + }) + res = l.search(expression="(dn=dc=somedn)") + self.assertEquals("foo\0bar", res[0]["displayname"][0]) + class DnTests(unittest.TestCase): def setUp(self): diff --git a/source4/lib/smbreadline/smbreadline.c b/source4/lib/smbreadline/smbreadline.c index 5fb3bf4fae..b07417357f 100644 --- a/source4/lib/smbreadline/smbreadline.c +++ b/source4/lib/smbreadline/smbreadline.c @@ -83,6 +83,7 @@ static char *smb_readline_replacement(const char *prompt, void (*callback)(void) char *ret; printf("%s", prompt); + fflush(stdout); line = (char *)malloc(BUFSIZ); if (!line) { diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk index 2f1b14dc37..64a4750ab7 100644 --- a/source4/librpc/config.mk +++ b/source4/librpc/config.mk @@ -595,9 +595,9 @@ RPC_NDR_KEYSVC_OBJ_FILES = ../librpc/gen_ndr/ndr_keysvc_c.o [SUBSYSTEM::NDR_DCERPC] PUBLIC_DEPENDENCIES = LIBNDR -NDR_DCERPC_OBJ_FILES = $(gen_ndrsrcdir)/ndr_dcerpc.o +NDR_DCERPC_OBJ_FILES = ../librpc/gen_ndr/ndr_dcerpc.o -PUBLIC_HEADERS += $(addprefix $(librpcsrcdir)/, gen_ndr/dcerpc.h gen_ndr/ndr_dcerpc.h) +PUBLIC_HEADERS += ../librpc/gen_ndr/dcerpc.h ../librpc/gen_ndr/ndr_dcerpc.h ################################################ # Start SUBSYSTEM dcerpc diff --git a/source4/librpc/idl/dcerpc.idl b/source4/librpc/idl/dcerpc.idl deleted file mode 100644 index 7c0abe6ab8..0000000000 --- a/source4/librpc/idl/dcerpc.idl +++ /dev/null @@ -1,306 +0,0 @@ -#include "idl_types.h" - -/* - the base dcerpc packet definitions - not traditionally coded as IDL, - but given that pidl can handle it nicely it simplifies things a lot - to do it this way - - see http://www.opengroup.org/onlinepubs/9629399/chap12.htm for packet - layouts -*/ -import "misc.idl"; - -interface dcerpc -{ - typedef struct { - uint16 context_id; - uint8 num_transfer_syntaxes; - ndr_syntax_id abstract_syntax; - ndr_syntax_id transfer_syntaxes[num_transfer_syntaxes]; - } dcerpc_ctx_list; - - typedef struct { - uint16 max_xmit_frag; - uint16 max_recv_frag; - uint32 assoc_group_id; - uint8 num_contexts; - dcerpc_ctx_list ctx_list[num_contexts]; - [flag(NDR_ALIGN4)] DATA_BLOB _pad; - [flag(NDR_REMAINING)] DATA_BLOB auth_info; - } dcerpc_bind; - - const uint8 DCERPC_REQUEST_LENGTH = 24; - - typedef struct { - } dcerpc_empty; - - typedef [nodiscriminant] union { - [default] dcerpc_empty empty; - [case(LIBNDR_FLAG_OBJECT_PRESENT)] GUID object; - } dcerpc_object; - - typedef struct { - uint32 alloc_hint; - uint16 context_id; - uint16 opnum; - [switch_is(ndr->flags & LIBNDR_FLAG_OBJECT_PRESENT)] dcerpc_object object; - [flag(NDR_ALIGN8)] DATA_BLOB _pad; - [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier; - } dcerpc_request; - - const int DCERPC_BIND_REASON_ASYNTAX = 1; - const int DCERPC_BIND_PROVIDER_REJECT = 2; - const int DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED = 4; - const int DCERPC_BIND_REASON_INVALID_AUTH_TYPE = 8; - - typedef struct { - uint16 result; - uint16 reason; - ndr_syntax_id syntax; - } dcerpc_ack_ctx; - - typedef struct { - uint16 max_xmit_frag; - uint16 max_recv_frag; - uint32 assoc_group_id; - [value(strlen(secondary_address)+1)] uint16 secondary_address_size; - [charset(DOS)] uint8 secondary_address[secondary_address_size]; - [flag(NDR_ALIGN4)] DATA_BLOB _pad1; - uint8 num_results; - dcerpc_ack_ctx ctx_list[num_results]; - [flag(NDR_REMAINING)] DATA_BLOB auth_info; - } dcerpc_bind_ack; - - typedef struct { - uint32 num_versions; - uint32 versions[num_versions]; - } dcerpc_bind_nak_versions; - - typedef [nodiscriminant] union { - [case(DECRPC_BIND_PROTOCOL_VERSION_NOT_SUPPORTED)] dcerpc_bind_nak_versions v; - [default] ; - } dcerpc_bind_nak_versions_ctr; - - typedef struct { - uint16 reject_reason; - [switch_is(reject_reason)] dcerpc_bind_nak_versions_ctr versions; - } dcerpc_bind_nak; - - const uint8 DCERPC_RESPONSE_LENGTH = 24; - - typedef struct { - uint32 alloc_hint; - uint16 context_id; - uint8 cancel_count; - [flag(NDR_ALIGN8)] DATA_BLOB _pad; - [flag(NDR_REMAINING)] DATA_BLOB stub_and_verifier; - } dcerpc_response; - - - const int DCERPC_FAULT_OP_RNG_ERROR = 0x1c010002; - const int DCERPC_FAULT_UNK_IF = 0x1c010003; - const int DCERPC_FAULT_NDR = 0x000006f7; - const int DCERPC_FAULT_INVALID_TAG = 0x1c000006; - const int DCERPC_FAULT_CONTEXT_MISMATCH = 0x1c00001a; - const int DCERPC_FAULT_OTHER = 0x00000001; - const int DCERPC_FAULT_ACCESS_DENIED = 0x00000005; - const int DCERPC_FAULT_CANT_PERFORM = 0x000006d8; - - /* we return this fault when we haven't yet run the test - to see what fault w2k3 returns in this case */ - const int DCERPC_FAULT_TODO = 0x00000042; - - typedef struct { - uint32 alloc_hint; - uint16 context_id; - uint8 cancel_count; - uint32 status; - [flag(NDR_REMAINING)] DATA_BLOB _pad; - } dcerpc_fault; - - /* the auth types we know about */ - typedef [enum8bit] enum { - DCERPC_AUTH_TYPE_NONE = 0, - /* this seems to be not krb5! */ - DCERPC_AUTH_TYPE_KRB5_1 = 1, - DCERPC_AUTH_TYPE_SPNEGO = 9, - DCERPC_AUTH_TYPE_NTLMSSP = 10, - DCERPC_AUTH_TYPE_KRB5 = 16, - DCERPC_AUTH_TYPE_DPA = 17, - DCERPC_AUTH_TYPE_MSN = 18, - DCERPC_AUTH_TYPE_DIGEST = 21, - DCERPC_AUTH_TYPE_SCHANNEL = 68, - DCERPC_AUTH_TYPE_MSMQ = 100 - } dcerpc_AuthType; - - typedef [enum8bit] enum { - DCERPC_AUTH_LEVEL_NONE = 1, - DCERPC_AUTH_LEVEL_CONNECT = 2, - DCERPC_AUTH_LEVEL_CALL = 3, - DCERPC_AUTH_LEVEL_PACKET = 4, - DCERPC_AUTH_LEVEL_INTEGRITY = 5, - DCERPC_AUTH_LEVEL_PRIVACY = 6 - } dcerpc_AuthLevel; - - const uint8 DCERPC_AUTH_LEVEL_DEFAULT = DCERPC_AUTH_LEVEL_CONNECT; - - typedef [public] struct { - dcerpc_AuthType auth_type; - dcerpc_AuthLevel auth_level; - uint8 auth_pad_length; - uint8 auth_reserved; - uint32 auth_context_id; - [flag(NDR_REMAINING)] DATA_BLOB credentials; - } dcerpc_auth; - - const uint8 DCERPC_AUTH_TRAILER_LENGTH = 8; - - typedef [public] struct { - uint32 _pad; - [flag(NDR_REMAINING)] DATA_BLOB auth_info; - } dcerpc_auth3; - - typedef [public] struct { - uint32 _pad; - [flag(NDR_REMAINING)] DATA_BLOB auth_info; - } dcerpc_orphaned; - - typedef [public] struct { - uint32 _pad; - [flag(NDR_REMAINING)] DATA_BLOB auth_info; - } dcerpc_co_cancel; - - typedef [public] struct { - uint32 version; - uint32 id; - } dcerpc_cl_cancel; - - typedef [public] struct { - uint32 version; - uint32 id; - boolean32 server_is_accepting; - } dcerpc_cancel_ack; - - typedef [public] struct { - uint32 version; - uint8 _pad1; - uint16 window_size; - uint32 max_tdsu; - uint32 max_frag_size; - uint16 serial_no; - uint16 selack_size; - uint32 selack[selack_size]; - } dcerpc_fack; - - typedef [public] struct { - } dcerpc_ack; - - typedef [public] struct { - } dcerpc_ping; - - typedef [public] struct { - } dcerpc_shutdown; - - typedef [public] struct { - } dcerpc_working; - - typedef [enum8bit] enum { - DCERPC_PKT_REQUEST = 0, /* Ordinary request. */ - DCERPC_PKT_PING = 1, /* Connectionless is server alive ? */ - DCERPC_PKT_RESPONSE = 2, /* Ordinary reply. */ - DCERPC_PKT_FAULT = 3, /* Fault in processing of call. */ - DCERPC_PKT_WORKING = 4, /* Connectionless reply to a ping when server busy. */ - DCERPC_PKT_NOCALL = 5, /* Connectionless reply to a ping when server has lost part of clients call. */ - DCERPC_PKT_REJECT = 6, /* Refuse a request with a code. */ - DCERPC_PKT_ACK = 7, /* Connectionless client to server code. */ - DCERPC_PKT_CL_CANCEL = 8, /* Connectionless cancel. */ - DCERPC_PKT_FACK = 9, /* Connectionless fragment ack. Both client and server send. */ - DCERPC_PKT_CANCEL_ACK = 10, /* Server ACK to client cancel request. */ - DCERPC_PKT_BIND = 11, /* Bind to interface. */ - DCERPC_PKT_BIND_ACK = 12, /* Server ack of bind. */ - DCERPC_PKT_BIND_NAK = 13, /* Server nack of bind. */ - DCERPC_PKT_ALTER = 14, /* Alter auth. */ - DCERPC_PKT_ALTER_RESP = 15, /* Reply to alter auth. */ - DCERPC_PKT_AUTH3 = 16, /* not the real name! this is undocumented! */ - DCERPC_PKT_SHUTDOWN = 17, /* Server to client request to shutdown. */ - DCERPC_PKT_CO_CANCEL = 18, /* Connection-oriented cancel request. */ - DCERPC_PKT_ORPHANED = 19 /* Client telling server it's aborting a partially sent request or telling server to stop sending replies. */ - } dcerpc_pkt_type; - - typedef [nodiscriminant] union { - [case(DCERPC_PKT_REQUEST)] dcerpc_request request; - [case(DCERPC_PKT_PING)] dcerpc_ping ping; - [case(DCERPC_PKT_RESPONSE)] dcerpc_response response; - [case(DCERPC_PKT_FAULT)] dcerpc_fault fault; - [case(DCERPC_PKT_WORKING)] dcerpc_working working; - [case(DCERPC_PKT_NOCALL)] dcerpc_fack nocall; - [case(DCERPC_PKT_REJECT)] dcerpc_fault reject; - [case(DCERPC_PKT_ACK)] dcerpc_ack ack; - [case(DCERPC_PKT_CL_CANCEL)] dcerpc_cl_cancel cl_cancel; - [case(DCERPC_PKT_FACK)] dcerpc_fack fack; - [case(DCERPC_PKT_CANCEL_ACK)] dcerpc_cancel_ack cancel_ack; - [case(DCERPC_PKT_BIND)] dcerpc_bind bind; - [case(DCERPC_PKT_BIND_ACK)] dcerpc_bind_ack bind_ack; - [case(DCERPC_PKT_BIND_NAK)] dcerpc_bind_nak bind_nak; - [case(DCERPC_PKT_ALTER)] dcerpc_bind alter; - [case(DCERPC_PKT_ALTER_RESP)] dcerpc_bind_ack alter_resp; - [case(DCERPC_PKT_SHUTDOWN)] dcerpc_shutdown shutdown; - [case(DCERPC_PKT_CO_CANCEL)] dcerpc_co_cancel co_cancel; - [case(DCERPC_PKT_ORPHANED)] dcerpc_orphaned orphaned; - [case(DCERPC_PKT_AUTH3)] dcerpc_auth3 auth3; - } dcerpc_payload; - - /* pfc_flags values */ - const uint8 DCERPC_PFC_FLAG_FIRST = 0x01; /* First fragment */ - const uint8 DCERPC_PFC_FLAG_LAST = 0x02; /* Last fragment */ - const uint8 DCERPC_PFC_FLAG_PENDING_CANCEL = 0x04; /* Cancel was pending at sender */ - const uint8 DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN = DCERPC_PFC_FLAG_PENDING_CANCEL; /* depends on the pdu type */ - const uint8 DCERPC_PFC_FLAG_CONC_MPX = 0x10; /* supports concurrent multiplexing of a single connection. */ - const uint8 DCERPC_PFC_FLAG_DID_NOT_EXECUTE = 0x20; /* on a fault it means the server hasn't done anything */ - const uint8 DCERPC_PFC_FLAG_MAYBE = 0x40; /* `maybe' call semantics requested */ - const uint8 DCERPC_PFC_FLAG_OBJECT_UUID = 0x80; /* on valid guid is in the optional object field */ - - /* these offsets are needed by the signing code */ - const uint8 DCERPC_PFC_OFFSET = 3; - const uint8 DCERPC_DREP_OFFSET = 4; - const uint8 DCERPC_FRAG_LEN_OFFSET = 8; - const uint8 DCERPC_AUTH_LEN_OFFSET = 10; - - /* little-endian flag */ - const uint8 DCERPC_DREP_LE = 0x10; - - typedef [public] struct { - uint8 rpc_vers; /* RPC version */ - uint8 rpc_vers_minor; /* Minor version */ - dcerpc_pkt_type ptype; /* Packet type */ - uint8 pfc_flags; /* Fragmentation flags */ - uint8 drep[4]; /* NDR data representation */ - uint16 frag_length; /* Total length of fragment */ - uint16 auth_length; /* authenticator length */ - uint32 call_id; /* Call identifier */ - [switch_is(ptype)] dcerpc_payload u; - } ncacn_packet; - - typedef [public] struct { - uint8 rpc_vers; /* RPC version (4) */ - uint8 ptype; - uint8 pfc_flags; - uint8 ncadg_flags; - uint8 drep[3]; - uint8 serial_high; - GUID object; - GUID iface; - GUID activity; - uint32 server_boot; /* Server boot time */ - uint32 iface_version; - uint32 seq_num; - uint16 opnum; - uint16 ihint; - uint16 ahint; - uint16 len; - uint16 fragnum; - uint8 auth_proto; - uint8 serial_low; - [switch_is(ptype)] dcerpc_payload u; - } ncadg_packet; -} diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index d96857661e..896f237bd7 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -1056,7 +1056,7 @@ def provision(setup_dir, message, session_info, serverrole=serverrole, ldap_backend=ldap_backend, ldap_backend_type=ldap_backend_type) - if lp.get("server role") == "domain controller": + if serverrole == "domain controller": if paths.netlogon is None: message("Existing smb.conf does not have a [netlogon] share, but you are configuring a DC.") message("Please either remove %s or see the template at %s" % diff --git a/source4/selftest/config.mk b/source4/selftest/config.mk index 324532c22a..1838a0bb38 100644 --- a/source4/selftest/config.mk +++ b/source4/selftest/config.mk @@ -59,31 +59,31 @@ test-%:: valgrindtest:: valgrindtest-all valgrindtest-quick:: all - SMBD_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \ + SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \ VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \ $(SELFTEST) $(SELFTEST_QUICK_OPTS) --immediate --socket-wrapper $(TESTS) valgrindtest-all:: everything - SMBD_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \ + SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \ VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \ $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --immediate --socket-wrapper $(TESTS) valgrindtest-env:: everything - SMBD_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \ + SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/valgrind_run $(LD_LIBPATH_OVERRIDE)" \ VALGRIND="valgrind -q --num-callers=30 --log-file=${selftest_prefix}/valgrind.log" \ $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --socket-wrapper --testenv gdbtest:: gdbtest-all gdbtest-quick:: all - SMBD_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \ + SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \ $(SELFTEST) $(SELFTEST_QUICK_OPTS) --immediate --socket-wrapper $(TESTS) gdbtest-all:: everything - SMBD_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \ + SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \ $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --immediate --socket-wrapper $(TESTS) gdbtest-env:: everything - SMBD_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \ + SAMBA_VALGRIND="xterm -n server -e $(selftestdir)/gdb_run $(LD_LIBPATH_OVERRIDE)" \ $(SELFTEST) $(SELFTEST_NOSLOW_OPTS) --socket-wrapper --testenv diff --git a/source4/smbd/server.c b/source4/smbd/server.c index d576782ab1..635e84fafe 100644 --- a/source4/smbd/server.c +++ b/source4/smbd/server.c @@ -365,5 +365,5 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ int main(int argc, const char *argv[]) { - return binary_smbd_main("smbd", argc, argv); + return binary_smbd_main("samba", argc, argv); } diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c index 98669288a8..814c9ac86d 100644 --- a/source4/torture/ldap/cldap.c +++ b/source4/torture/ldap/cldap.c @@ -59,8 +59,8 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest) CHECK_STATUS(status, NT_STATUS_OK); ZERO_STRUCT(search); - search.in.dest_address = NULL;//dest; - search.in.dest_port = 0;//lp_cldap_port(tctx->lp_ctx); + search.in.dest_address = NULL; + search.in.dest_port = 0; search.in.acct_control = -1; search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX; search.in.map_response = true; |