The branch, master has been updated
via 77b9d28... s4:torture "cldap" test - rework and test more results
via 85e4995... s4:sites - get the server site (name) from DSDB
via 5d4093a... s4:dcerpc_netlogon - unify the two workstation object
lookups (DNS hostname and supported encryption types)
from 56a8baf... s4:ldb_msg - Use LDB constants on results
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 77b9d2827b296d8da69545b647acae1c2de8717d
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sun Oct 18 14:30:50 2009 +0200
s4:torture "cldap" test - rework and test more results
commit 85e49953641fc9ddece3f4a08df8c96cf41e06dc
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sun Oct 18 11:59:11 2009 +0200
s4:sites - get the server site (name) from DSDB
commit 5d4093a937a39243c0c8ca1215297d26a67ba64b
Author: Matthias Dieter Wallnöfer <[email protected]>
Date: Sun Oct 18 11:11:57 2009 +0200
s4:dcerpc_netlogon - unify the two workstation object lookups (DNS hostname
and supported encryption types)
This is simply for better performance (no functional change).
-----------------------------------------------------------------------
Summary of changes:
source4/cldap_server/netlogon.c | 4 +-
source4/dsdb/common/util.c | 10 +++++
source4/rpc_server/netlogon/dcerpc_netlogon.c | 50 ++++++++++++++----------
source4/torture/ldap/cldap.c | 38 ++++++++----------
4 files changed, 58 insertions(+), 44 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index b06fd60..c565f2f 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -251,8 +251,8 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context
*sam_ctx,
dns_domain);
flatname = lp_sam_name(lp_ctx);
- /* FIXME: Hardcoded site names */
- server_site = "Default-First-Site-Name";
+ server_site = samdb_server_site_name(sam_ctx, mem_ctx);
+ /* FIXME: Hardcoded site name */
client_site = "Default-First-Site-Name";
load_interfaces(mem_ctx, lp_interfaces(lp_ctx), &ifaces);
pdc_ip = iface_best_ip(ifaces, src_address);
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index c9562b0..ace8e18 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1432,6 +1432,16 @@ struct ldb_dn *samdb_server_site_dn(struct ldb_context
*ldb, TALLOC_CTX *mem_ctx
return server_site_dn;
}
+const char *samdb_server_site_name(struct ldb_context *ldb, TALLOC_CTX
*mem_ctx)
+{
+ const struct ldb_val *val =
ldb_dn_get_rdn_val(samdb_server_site_dn(ldb, mem_ctx));
+
+ if (val != NULL)
+ return (const char *) val->data;
+ else
+ return NULL;
+}
+
/*
work out if we are the PDC for the domain of the current open ldb
*/
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c
b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index f763069..f04f4be 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1125,16 +1125,18 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct
dcesrv_call_state *dce_cal
struct netlogon_creds_CredentialState *creds;
const char * const attrs[] = { "objectSid", "objectGUID", "flatName",
"securityIdentifier", "trustPartner", NULL };
+ const char * const attrs2[] = { "dNSHostName",
+ "msDS-SupportedEncryptionTypes", NULL };
const char *temp_str;
const char *old_dns_hostname;
struct ldb_context *sam_ctx;
- struct ldb_message **res1, **res2, *new_msg;
+ struct ldb_message **res1, **res2, **res3, *new_msg;
struct ldb_dn *workstation_dn;
struct netr_DomainInformation *domain_info;
struct netr_LsaPolicyInformation *lsa_policy_info;
struct netr_OsVersionInfoEx *os_version;
uint32_t default_supported_enc_types = 0xFFFFFFFF;
- int ret1, ret2, i;
+ int ret1, ret2, ret3, i;
NTSTATUS status;
status = dcesrv_netr_creds_server_step_check(dce_call,
@@ -1175,11 +1177,16 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct
dcesrv_call_state *dce_cal
dom_sid_string(mem_ctx, creds->sid));
NT_STATUS_HAVE_NO_MEMORY(workstation_dn);
+ /* Lookup for attributes in workstation object */
+ ret1 = gendb_search_dn(sam_ctx, mem_ctx, workstation_dn,
+ &res1, attrs2);
+ if (ret1 != 1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
/* Gets the old DNS hostname */
- old_dns_hostname = samdb_search_string(sam_ctx, mem_ctx,
- workstation_dn,
- "dNSHostName",
- NULL);
+ old_dns_hostname = samdb_result_string(res1[0], "dNSHostName",
+ NULL);
/* Gets host informations and put them in our directory */
new_msg = ldb_msg_new(mem_ctx);
@@ -1273,15 +1280,15 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct
dcesrv_call_state *dce_cal
primary domain is also a "trusted" domain, so we need to
put the primary domain into the lists of returned trusts as
well. */
- ret1 = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(sam_ctx),
- &res1, attrs);
- if (ret1 != 1) {
+ ret2 = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(sam_ctx),
+ &res2, attrs);
+ if (ret2 != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- ret2 = gendb_search(sam_ctx, mem_ctx, NULL, &res2, attrs,
+ ret3 = gendb_search(sam_ctx, mem_ctx, NULL, &res3, attrs,
"(objectClass=trustedDomain)");
- if (ret2 == -1) {
+ if (ret3 == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
@@ -1294,35 +1301,34 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct
dcesrv_call_state *dce_cal
status = fill_one_domain_info(mem_ctx,
dce_call->conn->dce_ctx->lp_ctx,
- sam_ctx, res1[0], &domain_info->primary_domain,
+ sam_ctx, res2[0], &domain_info->primary_domain,
true, false);
NT_STATUS_NOT_OK_RETURN(status);
- domain_info->trusted_domain_count = ret2 + 1;
+ domain_info->trusted_domain_count = ret3 + 1;
domain_info->trusted_domains = talloc_array(mem_ctx,
struct netr_OneDomainInfo,
domain_info->trusted_domain_count);
NT_STATUS_HAVE_NO_MEMORY(domain_info->trusted_domains);
- for (i=0;i<ret2;i++) {
+ for (i=0;i<ret3;i++) {
status = fill_one_domain_info(mem_ctx,
dce_call->conn->dce_ctx->lp_ctx,
- sam_ctx, res2[i],
+ sam_ctx, res3[i],
&domain_info->trusted_domains[i],
false, true);
NT_STATUS_NOT_OK_RETURN(status);
}
status = fill_one_domain_info(mem_ctx,
- dce_call->conn->dce_ctx->lp_ctx, sam_ctx, res1[0],
+ dce_call->conn->dce_ctx->lp_ctx, sam_ctx, res2[0],
&domain_info->trusted_domains[i], true, true);
NT_STATUS_NOT_OK_RETURN(status);
/* Sets the supported encryption types */
- domain_info->supported_enc_types = samdb_search_uint(
- sam_ctx, mem_ctx,
- default_supported_enc_types, workstation_dn,
- "msDS-SupportedEncryptionTypes", NULL);
+ domain_info->supported_enc_types = samdb_result_uint(res1[0],
+ "msDS-SupportedEncryptionTypes",
+ default_supported_enc_types);
/* Other host domain informations */
@@ -1451,8 +1457,9 @@ static WERROR dcesrv_netr_DsRGetDCNameEx2(struct
dcesrv_call_state *dce_call, TA
DS_SERVER_LDAP |
DS_SERVER_GC |
DS_SERVER_PDC;
- info->dc_site_name = talloc_strdup(mem_ctx,
"Default-First-Site-Name");
+ info->dc_site_name = samdb_server_site_name(sam_ctx, mem_ctx);
W_ERROR_HAVE_NO_MEMORY(info->dc_site_name);
+ /* FIXME: Hardcoded site name */
info->client_site_name = talloc_strdup(mem_ctx,
"Default-First-Site-Name");
W_ERROR_HAVE_NO_MEMORY(info->client_site_name);
@@ -1555,6 +1562,7 @@ static WERROR dcesrv_netr_DsRAddressToSitenamesExW(struct
dcesrv_call_state *dce
W_ERROR_HAVE_NO_MEMORY(ctr->subnetname);
for (i=0; i<ctr->count; i++) {
+ /* FIXME: Hardcoded site name */
ctr->sitename[i].string = "Default-First-Site-Name";
ctr->subnetname[i].string = NULL;
}
diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c
index 5e5b374..a20f0a3 100644
--- a/source4/torture/ldap/cldap.c
+++ b/source4/torture/ldap/cldap.c
@@ -4,6 +4,7 @@
test CLDAP operations
Copyright (C) Andrew Tridgell 2005
+ Copyright (C) Matthias Dieter Wallnöfer 2009
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -96,47 +97,40 @@ static bool test_cldap_netlogon(struct torture_context
*tctx, const char *dest)
}
search.in.version =
NETLOGON_NT_VERSION_5|NETLOGON_NT_VERSION_5EX|NETLOGON_NT_VERSION_IP;
-
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
printf("Trying with User=NULL\n");
-
search.in.user = NULL;
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "");
CHECK_VAL(search.out.netlogon.data.nt5_ex.command,
LOGON_SAM_LOGON_RESPONSE_EX);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "");
printf("Trying with User=Administrator\n");
-
search.in.user = "Administrator";
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
-
- CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command,
LOGON_SAM_LOGON_USER_UNKNOWN_EX);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user);
search.in.version = NETLOGON_NT_VERSION_5;
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
printf("Trying with User=NULL\n");
-
search.in.user = NULL;
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "");
CHECK_VAL(search.out.netlogon.data.nt5_ex.command,
LOGON_SAM_LOGON_RESPONSE);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "");
printf("Trying with User=Administrator\n");
-
search.in.user = "Administrator";
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
-
- CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command,
LOGON_SAM_LOGON_USER_UNKNOWN);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user);
search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
@@ -194,16 +188,12 @@ static bool test_cldap_netlogon(struct torture_context
*tctx, const char *dest)
search.in.user = "Administrator";
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.forest,
n1.data.nt5_ex.dns_domain);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain,
n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user);
printf("Trying with just a bad username\n");
search.in.user = "___no_such_user___";
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.forest,
n1.data.nt5_ex.dns_domain);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain,
n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command,
LOGON_SAM_LOGON_USER_UNKNOWN_EX);
@@ -217,8 +207,6 @@ static bool test_cldap_netlogon(struct torture_context
*tctx, const char *dest)
search.in.domain_guid = GUID_string(tctx, &n1.data.nt5_ex.domain_uuid);
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.forest,
n1.data.nt5_ex.dns_domain);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain,
n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "");
CHECK_VAL(search.out.netlogon.data.nt5_ex.command,
LOGON_SAM_LOGON_RESPONSE_EX);
@@ -226,8 +214,6 @@ static bool test_cldap_netlogon(struct torture_context
*tctx, const char *dest)
search.in.domain_guid = GUID_string(tctx, &guid);
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_NOT_FOUND);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.forest,
n1.data.nt5_ex.dns_domain);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain,
n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "");
CHECK_VAL(search.out.netlogon.data.nt5_ex.command,
LOGON_SAM_LOGON_RESPONSE_EX);
@@ -236,11 +222,21 @@ static bool test_cldap_netlogon(struct torture_context
*tctx, const char *dest)
search.in.realm = n1.data.nt5_ex.dns_domain;
status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
CHECK_STATUS(status, NT_STATUS_OK);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.forest,
n1.data.nt5_ex.dns_domain);
- CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain,
n1.data.nt5_ex.dns_domain);
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "");
CHECK_VAL(search.out.netlogon.data.nt5_ex.command,
LOGON_SAM_LOGON_RESPONSE_EX);
+ printf("Proof other results\n");
+ search.in.user = "Administrator";
+ status = cldap_netlogon(cldap, iconv_convenience, tctx, &search);
+ CHECK_STATUS(status, NT_STATUS_OK);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.forest,
n1.data.nt5_ex.dns_domain);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.dns_domain,
n1.data.nt5_ex.dns_domain);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.domain,
n1.data.nt5_ex.domain);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.pdc_name,
n1.data.nt5_ex.pdc_name);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.server_site,
n1.data.nt5_ex.server_site);
+ CHECK_STRING(search.out.netlogon.data.nt5_ex.client_site,
n1.data.nt5_ex.client_site);
+
return true;
}
--
Samba Shared Repository
