From dbd7a62baa56eb2ce082fdcf24e2d8621a4f54ea Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 30 Dec 2009 21:59:50 +0100 Subject: py/security: Add test for dom_sid.split. Signed-off-by: Andrew Tridgell --- source4/libcli/security/tests/bindings.py | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'source4/libcli') diff --git a/source4/libcli/security/tests/bindings.py b/source4/libcli/security/tests/bindings.py index 00fa05d070..6fe3d5471d 100644 --- a/source4/libcli/security/tests/bindings.py +++ b/source4/libcli/security/tests/bindings.py @@ -2,17 +2,17 @@ # Unix SMB/CIFS implementation. # Copyright (C) Jelmer Vernooij 2007 -# +# # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. -# +# # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -# +# # You should have received a copy of the GNU General Public License # along with this program. If not, see . # @@ -46,6 +46,7 @@ class SecurityTokenTests(unittest.TestCase): class SecurityDescriptorTests(unittest.TestCase): + def setUp(self): self.descriptor = security.descriptor() @@ -100,6 +101,10 @@ class SecurityDescriptorTests(unittest.TestCase): desc1 = security.descriptor.from_sddl(text, dom) self.assertNotEqual(desc1.as_sddl(), desc1.as_sddl(dom)) + def test_split(self): + dom = security.dom_sid("S-2-0-7") + self.assertEquals((security.dom_sid("S-2-0"), 7), dom.split()) + class DomSidTests(unittest.TestCase): def test_parse_sid(self): -- cgit From de9485784867a7a68207e42fe2a021de01e54904 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 31 Dec 2009 16:53:14 +1100 Subject: s4-net: fixed finddcs to use empty SID instead of NULL sid (NDR error) --- source4/libcli/finddcs.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source4/libcli') diff --git a/source4/libcli/finddcs.c b/source4/libcli/finddcs.c index 8330042ea1..04b25d37ef 100644 --- a/source4/libcli/finddcs.c +++ b/source4/libcli/finddcs.c @@ -158,6 +158,9 @@ static void finddcs_name_resolved(struct composite_context *ctx) if (composite_nomem(state->r.in.my_accountname, state->ctx)) return; state->r.in.account_control = ACB_WSTRUST; state->r.in.domain_sid = state->domain_sid; + if (state->r.in.domain_sid == NULL) { + state->r.in.domain_sid = talloc_zero(state, struct dom_sid); + } ireq = irpc_call_send(state->msg_ctx, nbt_servers[0], &ndr_table_irpc, NDR_NBTD_GETDCNAME, -- cgit From 0bc902ac841ec883fb5a22b1db185d86ae12b114 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 2 Jan 2010 12:30:48 +1100 Subject: s4-sddl: DRS replication needs REVISION_ADS for SDs DRS replication with w2k8-r2 fails with a schema mismatch error if we set the revision to NT4 --- source4/libcli/security/sddl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/libcli') diff --git a/source4/libcli/security/sddl.c b/source4/libcli/security/sddl.c index 2244a3d3ed..c4f8c5667b 100644 --- a/source4/libcli/security/sddl.c +++ b/source4/libcli/security/sddl.c @@ -304,7 +304,7 @@ static struct security_acl *sddl_decode_acl(struct security_descriptor *sd, acl = talloc_zero(sd, struct security_acl); if (acl == NULL) return NULL; - acl->revision = SECURITY_ACL_REVISION_NT4; + acl->revision = SECURITY_ACL_REVISION_ADS; if (isupper(sddl[0]) && sddl[1] == ':') { /* its an empty ACL */ -- cgit