From 508527890adc7bedd47522a7dae0c96d2b2e4bae Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Tue, 23 Sep 2008 14:30:06 -0400 Subject: Merge ldb_search() and ldb_search_exp_fmt() into a simgle function. The previous ldb_search() interface made it way too easy to leak results, and being able to use a printf-like expression turns to be really useful. --- source4/cldap_server/netlogon.c | 44 +++++++++++++++++++---------------------- 1 file changed, 20 insertions(+), 24 deletions(-) (limited to 'source4/cldap_server') diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c index 0b146b3c7d..7dccd81fad 100644 --- a/source4/cldap_server/netlogon.c +++ b/source4/cldap_server/netlogon.c @@ -84,11 +84,11 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, struct ldb_dn *dom_dn; /* try and find the domain */ - ret = ldb_search_exp_fmt(sam_ctx, mem_ctx, &ref_res, - partitions_basedn, LDB_SCOPE_ONELEVEL, - ref_attrs, - "(&(&(objectClass=crossRef)(dnsRoot=%s))(nETBIOSName=*))", - ldb_binary_encode_string(mem_ctx, domain)); + ret = ldb_search(sam_ctx, mem_ctx, &ref_res, + partitions_basedn, LDB_SCOPE_ONELEVEL, + ref_attrs, + "(&(&(objectClass=crossRef)(dnsRoot=%s))(nETBIOSName=*))", + ldb_binary_encode_string(mem_ctx, domain)); if (ret != LDB_SUCCESS) { DEBUG(2,("Unable to find referece to '%s' in sam: %s\n", @@ -96,19 +96,17 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, ldb_errstring(sam_ctx))); return NT_STATUS_NO_SUCH_DOMAIN; } else if (ref_res->count == 1) { - talloc_steal(mem_ctx, dom_res); dom_dn = ldb_msg_find_attr_as_dn(sam_ctx, mem_ctx, ref_res->msgs[0], "ncName"); if (!dom_dn) { return NT_STATUS_NO_SUCH_DOMAIN; } - ret = ldb_search(sam_ctx, dom_dn, - LDB_SCOPE_BASE, "objectClass=domain", - dom_attrs, &dom_res); + ret = ldb_search(sam_ctx, mem_ctx, &dom_res, + dom_dn, LDB_SCOPE_BASE, dom_attrs, + "objectClass=domain"); if (ret != LDB_SUCCESS) { DEBUG(2,("Error finding domain '%s'/'%s' in sam: %s\n", domain, ldb_dn_get_linearized(dom_dn), ldb_errstring(sam_ctx))); return NT_STATUS_NO_SUCH_DOMAIN; } - talloc_steal(mem_ctx, dom_res); if (dom_res->count != 1) { DEBUG(2,("Error finding domain '%s'/'%s' in sam\n", domain, ldb_dn_get_linearized(dom_dn))); return NT_STATUS_NO_SUCH_DOMAIN; @@ -123,11 +121,11 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, struct ldb_dn *dom_dn; /* try and find the domain */ - ret = ldb_search_exp_fmt(sam_ctx, mem_ctx, &ref_res, - partitions_basedn, LDB_SCOPE_ONELEVEL, - ref_attrs, - "(&(objectClass=crossRef)(ncName=*)(nETBIOSName=%s))", - ldb_binary_encode_string(mem_ctx, netbios_domain)); + ret = ldb_search(sam_ctx, mem_ctx, &ref_res, + partitions_basedn, LDB_SCOPE_ONELEVEL, + ref_attrs, + "(&(objectClass=crossRef)(ncName=*)(nETBIOSName=%s))", + ldb_binary_encode_string(mem_ctx, netbios_domain)); if (ret != LDB_SUCCESS) { DEBUG(2,("Unable to find referece to '%s' in sam: %s\n", @@ -135,19 +133,17 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, ldb_errstring(sam_ctx))); return NT_STATUS_NO_SUCH_DOMAIN; } else if (ref_res->count == 1) { - talloc_steal(mem_ctx, dom_res); dom_dn = ldb_msg_find_attr_as_dn(sam_ctx, mem_ctx, ref_res->msgs[0], "ncName"); if (!dom_dn) { return NT_STATUS_NO_SUCH_DOMAIN; } - ret = ldb_search(sam_ctx, dom_dn, - LDB_SCOPE_BASE, "objectClass=domain", - dom_attrs, &dom_res); + ret = ldb_search(sam_ctx, mem_ctx, &dom_res, + dom_dn, LDB_SCOPE_BASE, dom_attrs, + "objectClass=domain"); if (ret != LDB_SUCCESS) { DEBUG(2,("Error finding domain '%s'/'%s' in sam: %s\n", domain, ldb_dn_get_linearized(dom_dn), ldb_errstring(sam_ctx))); return NT_STATUS_NO_SUCH_DOMAIN; } - talloc_steal(mem_ctx, dom_res); if (dom_res->count != 1) { DEBUG(2,("Error finding domain '%s'/'%s' in sam\n", domain, ldb_dn_get_linearized(dom_dn))); return NT_STATUS_NO_SUCH_DOMAIN; @@ -179,7 +175,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { return NT_STATUS_INVALID_PARAMETER; } - ret = ldb_search_exp_fmt(sam_ctx, mem_ctx, &dom_res, + ret = ldb_search(sam_ctx, mem_ctx, &dom_res, NULL, LDB_SCOPE_SUBTREE, dom_attrs, "(&(objectCategory=DomainDNS)(objectGUID=%s))", @@ -196,7 +192,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, return NT_STATUS_INVALID_PARAMETER; } - ret = ldb_search_exp_fmt(sam_ctx, mem_ctx, &dom_res, + ret = ldb_search(sam_ctx, mem_ctx, &dom_res, NULL, LDB_SCOPE_SUBTREE, dom_attrs, "(&(objectCategory=DomainDNS)(objectSID=%s))", @@ -210,7 +206,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, return NT_STATUS_NO_SUCH_DOMAIN; } else if (dom_res->count == 1) { /* try and find the domain */ - ret = ldb_search_exp_fmt(sam_ctx, mem_ctx, &ref_res, + ret = ldb_search(sam_ctx, mem_ctx, &ref_res, partitions_basedn, LDB_SCOPE_ONELEVEL, ref_attrs, "(&(objectClass=crossRef)(ncName=%s))", @@ -260,7 +256,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, acct_control = acct_control & (ACB_TEMPDUP | ACB_NORMAL | ACB_DOMTRUST | ACB_WSTRUST | ACB_SVRTRUST); /* We must exclude disabled accounts, but otherwise do the bitwise match the client asked for */ - ret = ldb_search_exp_fmt(sam_ctx, mem_ctx, &user_res, + ret = ldb_search(sam_ctx, mem_ctx, &user_res, dom_res->msgs[0]->dn, LDB_SCOPE_SUBTREE, none_attrs, "(&(objectClass=user)(samAccountName=%s)" -- cgit From 6a689c23e83fef71a562a9009b92983d750f63cc Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 24 Sep 2008 03:16:15 +0200 Subject: Rename smbd -> samba. This reverts commit 05ea5e23cf4e70de0bd658b1c5c0ead133967091. Conflicts: source4/smbd/server.c --- source4/cldap_server/config.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/cldap_server') diff --git a/source4/cldap_server/config.mk b/source4/cldap_server/config.mk index 137a44d0f7..baf2620f32 100644 --- a/source4/cldap_server/config.mk +++ b/source4/cldap_server/config.mk @@ -4,7 +4,7 @@ # Start SUBSYSTEM CLDAPD [MODULE::CLDAPD] INIT_FUNCTION = server_service_cldapd_init -SUBSYSTEM = smbd +SUBSYSTEM = samba PRIVATE_DEPENDENCIES = \ LIBCLI_CLDAP LIBNETIF process_model # End SUBSYSTEM CLDAPD -- cgit From b2901da479f5e711986de48df4910910460fe7db Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Thu, 11 Sep 2008 18:38:40 -0400 Subject: LDB ASYNC: misc changes --- source4/cldap_server/rootdse.c | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) (limited to 'source4/cldap_server') diff --git a/source4/cldap_server/rootdse.c b/source4/cldap_server/rootdse.c index 4ff71c0863..65786e6708 100644 --- a/source4/cldap_server/rootdse.c +++ b/source4/cldap_server/rootdse.c @@ -66,22 +66,19 @@ static void cldapd_rootdse_fill(struct cldapd_server *cldapd, attrs[i] = NULL; } - lreq = talloc(mem_ctx, struct ldb_request); - if (lreq == NULL) goto nomem; - res = talloc_zero(mem_ctx, struct ldb_result); if (res == NULL) goto nomem; - lreq->operation = LDB_SEARCH; - lreq->op.search.base = basedn; - lreq->op.search.scope = scope; - lreq->op.search.tree = search->tree; - lreq->op.search.attrs = attrs; - - lreq->controls = NULL; + ldb_ret = ldb_build_search_req_ex(&lreq, cldapd->samctx, mem_ctx, + basedn, scope, + search->tree, attrs, + NULL, + res, ldb_search_default_callback, + NULL); - lreq->context = res; - lreq->callback = ldb_search_default_callback; + if (ldb_ret != LDB_SUCCESS) { + goto reply; + } /* Copy the timeout from the incoming call */ ldb_set_timeout(cldapd->samctx, lreq, search->timelimit); -- cgit From af1c802791e3c9f54220d8c80c3de79ef422d726 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 2 Oct 2008 08:09:25 +0200 Subject: The IRIX compiler does not like embedded unnamed unions --- source4/cldap_server/netlogon.c | 80 ++++++++++++++++++++--------------------- 1 file changed, 40 insertions(+), 40 deletions(-) (limited to 'source4/cldap_server') diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c index 7dccd81fad..aac74f5d77 100644 --- a/source4/cldap_server/netlogon.c +++ b/source4/cldap_server/netlogon.c @@ -331,68 +331,68 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, /* could check if the user exists */ if (user_known) { - netlogon->nt5_ex.command = LOGON_SAM_LOGON_RESPONSE_EX; + netlogon->data.nt5_ex.command = LOGON_SAM_LOGON_RESPONSE_EX; } else { - netlogon->nt5_ex.command = LOGON_SAM_LOGON_USER_UNKNOWN_EX; + netlogon->data.nt5_ex.command = LOGON_SAM_LOGON_USER_UNKNOWN_EX; } - netlogon->nt5_ex.server_type = server_type; - netlogon->nt5_ex.domain_uuid = domain_uuid; - netlogon->nt5_ex.forest = realm; - netlogon->nt5_ex.dns_domain = dns_domain; - netlogon->nt5_ex.pdc_dns_name = pdc_dns_name; - netlogon->nt5_ex.domain = flatname; - netlogon->nt5_ex.pdc_name = lp_netbios_name(lp_ctx); - netlogon->nt5_ex.user_name = user; - netlogon->nt5_ex.server_site = server_site; - netlogon->nt5_ex.client_site = client_site; + netlogon->data.nt5_ex.server_type = server_type; + netlogon->data.nt5_ex.domain_uuid = domain_uuid; + netlogon->data.nt5_ex.forest = realm; + netlogon->data.nt5_ex.dns_domain = dns_domain; + netlogon->data.nt5_ex.pdc_dns_name = pdc_dns_name; + netlogon->data.nt5_ex.domain = flatname; + netlogon->data.nt5_ex.pdc_name = lp_netbios_name(lp_ctx); + netlogon->data.nt5_ex.user_name = user; + netlogon->data.nt5_ex.server_site = server_site; + netlogon->data.nt5_ex.client_site = client_site; if (version & NETLOGON_NT_VERSION_5EX_WITH_IP) { /* Clearly this needs to be fixed up for IPv6 */ extra_flags = NETLOGON_NT_VERSION_5EX_WITH_IP; - netlogon->nt5_ex.sockaddr.sa_family = 2; - netlogon->nt5_ex.sockaddr.pdc_ip = pdc_ip; - netlogon->nt5_ex.sockaddr.remaining = data_blob_talloc_zero(mem_ctx, 8); + netlogon->data.nt5_ex.sockaddr.sa_family = 2; + netlogon->data.nt5_ex.sockaddr.pdc_ip = pdc_ip; + netlogon->data.nt5_ex.sockaddr.remaining = data_blob_talloc_zero(mem_ctx, 8); } - netlogon->nt5_ex.nt_version = NETLOGON_NT_VERSION_1|NETLOGON_NT_VERSION_5EX|extra_flags; - netlogon->nt5_ex.lmnt_token = 0xFFFF; - netlogon->nt5_ex.lm20_token = 0xFFFF; + netlogon->data.nt5_ex.nt_version = NETLOGON_NT_VERSION_1|NETLOGON_NT_VERSION_5EX|extra_flags; + netlogon->data.nt5_ex.lmnt_token = 0xFFFF; + netlogon->data.nt5_ex.lm20_token = 0xFFFF; } else if (version & NETLOGON_NT_VERSION_5) { netlogon->ntver = NETLOGON_NT_VERSION_5; /* could check if the user exists */ if (user_known) { - netlogon->nt5.command = LOGON_SAM_LOGON_RESPONSE; + netlogon->data.nt5.command = LOGON_SAM_LOGON_RESPONSE; } else { - netlogon->nt5.command = LOGON_SAM_LOGON_USER_UNKNOWN; + netlogon->data.nt5.command = LOGON_SAM_LOGON_USER_UNKNOWN; } - netlogon->nt5.pdc_name = pdc_name; - netlogon->nt5.user_name = user; - netlogon->nt5.domain_name = flatname; - netlogon->nt5.domain_uuid = domain_uuid; - netlogon->nt5.forest = realm; - netlogon->nt5.dns_domain = dns_domain; - netlogon->nt5.pdc_dns_name = pdc_dns_name; - netlogon->nt5.pdc_ip = pdc_ip; - netlogon->nt5.server_type = server_type; - netlogon->nt5.nt_version = NETLOGON_NT_VERSION_1|NETLOGON_NT_VERSION_5; - netlogon->nt5.lmnt_token = 0xFFFF; - netlogon->nt5.lm20_token = 0xFFFF; + netlogon->data.nt5.pdc_name = pdc_name; + netlogon->data.nt5.user_name = user; + netlogon->data.nt5.domain_name = flatname; + netlogon->data.nt5.domain_uuid = domain_uuid; + netlogon->data.nt5.forest = realm; + netlogon->data.nt5.dns_domain = dns_domain; + netlogon->data.nt5.pdc_dns_name = pdc_dns_name; + netlogon->data.nt5.pdc_ip = pdc_ip; + netlogon->data.nt5.server_type = server_type; + netlogon->data.nt5.nt_version = NETLOGON_NT_VERSION_1|NETLOGON_NT_VERSION_5; + netlogon->data.nt5.lmnt_token = 0xFFFF; + netlogon->data.nt5.lm20_token = 0xFFFF; } else /* (version & NETLOGON_NT_VERSION_1) and all other cases */ { netlogon->ntver = NETLOGON_NT_VERSION_1; /* could check if the user exists */ if (user_known) { - netlogon->nt4.command = LOGON_SAM_LOGON_RESPONSE; + netlogon->data.nt4.command = LOGON_SAM_LOGON_RESPONSE; } else { - netlogon->nt4.command = LOGON_SAM_LOGON_USER_UNKNOWN; + netlogon->data.nt4.command = LOGON_SAM_LOGON_USER_UNKNOWN; } - netlogon->nt4.server = pdc_name; - netlogon->nt4.user_name = user; - netlogon->nt4.domain = flatname; - netlogon->nt4.nt_version = NETLOGON_NT_VERSION_1; - netlogon->nt4.lmnt_token = 0xFFFF; - netlogon->nt4.lm20_token = 0xFFFF; + netlogon->data.nt4.server = pdc_name; + netlogon->data.nt4.user_name = user; + netlogon->data.nt4.domain = flatname; + netlogon->data.nt4.nt_version = NETLOGON_NT_VERSION_1; + netlogon->data.nt4.lmnt_token = 0xFFFF; + netlogon->data.nt4.lm20_token = 0xFFFF; } return NT_STATUS_OK; -- cgit From 89a67bb60c3b88d5054a81085fb400930cfd5c55 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 2 Oct 2008 21:55:26 -0700 Subject: we need to listen on all interfaces in the CLDAP server as the windows CDLAP client ignores replies from the wrong IP --- source4/cldap_server/cldap_server.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'source4/cldap_server') diff --git a/source4/cldap_server/cldap_server.c b/source4/cldap_server/cldap_server.c index 310fb564e0..240f2b1dc2 100644 --- a/source4/cldap_server/cldap_server.c +++ b/source4/cldap_server/cldap_server.c @@ -127,6 +127,7 @@ static NTSTATUS cldapd_startup_interfaces(struct cldapd_server *cldapd, struct l int num_interfaces; TALLOC_CTX *tmp_ctx = talloc_new(cldapd); NTSTATUS status; + int i; num_interfaces = iface_count(ifaces); @@ -135,14 +136,14 @@ static NTSTATUS cldapd_startup_interfaces(struct cldapd_server *cldapd, struct l if (!lp_bind_interfaces_only(lp_ctx)) { status = cldapd_add_socket(cldapd, lp_ctx, "0.0.0.0"); NT_STATUS_NOT_OK_RETURN(status); - } else { - int i; - - for (i=0; i Date: Thu, 2 Oct 2008 21:58:46 -0700 Subject: fixed the sense of ldb base dn comparisons in two places, and use a direct comparison instead of a sub-tree comparison in another this fixes basedn searches on the global catalog port --- source4/cldap_server/netlogon.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/cldap_server') diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c index 7dccd81fad..b31e89b7a5 100644 --- a/source4/cldap_server/netlogon.c +++ b/source4/cldap_server/netlogon.c @@ -301,7 +301,7 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx, server_type |= NBT_SERVER_KDC; } - if (!ldb_dn_compare_base(ldb_get_root_basedn(sam_ctx), ldb_get_default_basedn(sam_ctx))) { + if (ldb_dn_compare(ldb_get_root_basedn(sam_ctx), ldb_get_default_basedn(sam_ctx)) == 0) { server_type |= NBT_SERVER_DS_DNS_FOREST; } -- cgit