The branch, v3-5-test has been updated
via 8e0c9e4... s3-lsa: fill in some more info levels in
_lsa_QueryInfoPolicy().
via 3b53045... s4-smbtorture: skip three info levels while testing s3
with RPC-LSA.
via 505934c... s4-smbtorture: skip QueryInfoPolicy2 while running
RPC-LSA against s3.
via fc8c1b2... s4-smbtorture: skip QueryDomainInformationPolicy test
against s3 in RPC-LSA.
via 18a00b7... s4-smbtorture: simplify some torture_comments in RPC-LSA.
via b8465e0... s3-passdb: cleanup some callers of
pdb_get_trusteddom_pw().
via e182940... libndr: add int3264 ndr prototype.
from bdd1622... tsocket: rewrite tsocket_guide.txt to reflect the
current APIs
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -----------------------------------------------------------------
commit 8e0c9e40278265a1da959542178276bc042df006
Author: Günther Deschner <[email protected]>
Date: Tue Nov 3 11:45:15 2009 +0100
s3-lsa: fill in some more info levels in _lsa_QueryInfoPolicy().
Add dummys (just like s4 does) and fill in some more appropriate error
codes.
Guenther
(cherry picked from commit 97496bb3cafd8914a3a7c7b7d3a668ba3e533769)
commit 3b53045146803bbb046f52ba28a39d6ca4bf4870
Author: Günther Deschner <[email protected]>
Date: Tue Nov 3 11:46:07 2009 +0100
s4-smbtorture: skip three info levels while testing s3 with RPC-LSA.
These are only supported by s3 when running pdb_ads atm.
Guenther
(cherry picked from commit a8de4f091ef10223e862b3cb6f0b9e5cef5cde2a)
commit 505934c56e0df600aff8d406b7c636f830360257
Author: Günther Deschner <[email protected]>
Date: Mon Nov 2 20:11:14 2009 +0100
s4-smbtorture: skip QueryInfoPolicy2 while running RPC-LSA against s3.
This is only supported by s3 when running pdb_ads atm.
Guenther
(cherry picked from commit 58d401bb212b43d05213514f8bb2efa850d4e5c9)
commit fc8c1b23109b90daf2b185522728d08c921a91af
Author: Günther Deschner <[email protected]>
Date: Mon Nov 2 16:51:00 2009 +0100
s4-smbtorture: skip QueryDomainInformationPolicy test against s3 in RPC-LSA.
Guenther
(cherry picked from commit bff9819521255b3dcd0f04aa585c1ad0385896fd)
commit 18a00b7c0c0fa6d3e2d8bcba2d3f0969697781f3
Author: Günther Deschner <[email protected]>
Date: Mon Nov 2 19:59:47 2009 +0100
s4-smbtorture: simplify some torture_comments in RPC-LSA.
Guenther
(cherry picked from commit 074ad24653e85c60b9af863ac526832229754a96)
commit b8465e0dae7033e04e14d0808c5afc0d06b3a445
Author: Günther Deschner <[email protected]>
Date: Fri Oct 30 02:15:45 2009 +0100
s3-passdb: cleanup some callers of pdb_get_trusteddom_pw().
Guenther
(cherry picked from commit 463b1eb2b55ae85cfc9539c936375a989cde1076)
commit e182940be3df57d412857cf6dad41170acbbbe88
Author: Günther Deschner <[email protected]>
Date: Mon Oct 5 15:10:35 2009 +0200
libndr: add int3264 ndr prototype.
Guenther
(cherry picked from commit 76feeb1b97b1d8f24650c5198e9c61c4f5b1357a)
-----------------------------------------------------------------------
Summary of changes:
librpc/ndr/libndr.h | 1 +
source3/auth/auth_domain.c | 4 +--
source3/rpc_server/srv_lsa_nt.c | 32 ++++++++++++++++++++++++
source3/winbindd/winbindd_ads.c | 4 +--
source4/torture/rpc/lsa.c | 51 +++++++++++++++++++++-----------------
5 files changed, 63 insertions(+), 29 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/ndr/libndr.h b/librpc/ndr/libndr.h
index 3236932..f4c649c 100644
--- a/librpc/ndr/libndr.h
+++ b/librpc/ndr/libndr.h
@@ -470,6 +470,7 @@ NDR_SCALAR_PROTO(int16, int16_t)
NDR_SCALAR_PROTO(uint32, uint32_t)
NDR_SCALAR_PROTO(uint3264, uint32_t)
NDR_SCALAR_PROTO(int32, int32_t)
+NDR_SCALAR_PROTO(int3264, int32_t)
NDR_SCALAR_PROTO(udlong, uint64_t)
NDR_SCALAR_PROTO(udlongr, uint64_t)
NDR_SCALAR_PROTO(dlong, int64_t)
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 084d84c..c527360 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -447,8 +447,6 @@ static NTSTATUS check_trustdomain_security(const struct
auth_context *auth_conte
NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
unsigned char trust_md4_password[16];
char *trust_password;
- time_t last_change_time;
- DOM_SID sid;
fstring dc_name;
struct sockaddr_storage dc_ss;
@@ -481,7 +479,7 @@ static NTSTATUS check_trustdomain_security(const struct
auth_context *auth_conte
*/
if (!pdb_get_trusteddom_pw(user_info->domain, &trust_password,
- &sid, &last_change_time)) {
+ NULL, NULL)) {
DEBUG(0, ("check_trustdomain_security: could not fetch trust "
"account password for domain %s\n",
user_info->domain));
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 931026e..08d6911 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -577,6 +577,38 @@ NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p,
}
switch (r->in.level) {
+ /* according to MS-LSAD 3.1.4.4.3 */
+ case LSA_POLICY_INFO_MOD:
+ case LSA_POLICY_INFO_AUDIT_FULL_SET:
+ case LSA_POLICY_INFO_AUDIT_FULL_QUERY:
+ return NT_STATUS_INVALID_PARAMETER;
+ case LSA_POLICY_INFO_AUDIT_LOG:
+ info->audit_log.percent_full = 0;
+ info->audit_log.maximum_log_size = 0;
+ info->audit_log.retention_time = 0;
+ info->audit_log.shutdown_in_progress = 0;
+ info->audit_log.time_to_shutdown = 0;
+ info->audit_log.next_audit_record = 0;
+ status = NT_STATUS_OK;
+ break;
+ case LSA_POLICY_INFO_PD:
+ info->pd.name.string = NULL;
+ status = NT_STATUS_OK;
+ break;
+ case LSA_POLICY_INFO_REPLICA:
+ info->replica.source.string = NULL;
+ info->replica.account.string = NULL;
+ status = NT_STATUS_OK;
+ break;
+ case LSA_POLICY_INFO_QUOTA:
+ info->quota.paged_pool = 0;
+ info->quota.non_paged_pool = 0;
+ info->quota.min_wss = 0;
+ info->quota.max_wss = 0;
+ info->quota.pagefile = 0;
+ info->quota.unknown = 0;
+ status = NT_STATUS_OK;
+ break;
case LSA_POLICY_INFO_AUDIT_EVENTS:
{
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 119e81d..b271671 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -84,10 +84,8 @@ static ADS_STRUCT *ads_cached_connection(struct
winbindd_domain *domain)
SAFE_FREE(ads->auth.realm);
if ( IS_DC ) {
- DOM_SID sid;
- time_t last_set_time;
- if ( !pdb_get_trusteddom_pw( domain->name, &ads->auth.password,
&sid, &last_set_time ) ) {
+ if ( !pdb_get_trusteddom_pw( domain->name, &ads->auth.password,
NULL, NULL ) ) {
ads_destroy( &ads );
return NULL;
}
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 710f4c5..cff42a2 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -2463,6 +2463,10 @@ static bool test_QueryDomainInfoPolicy(struct
dcerpc_pipe *p,
int i;
bool ret = true;
+ if (torture_setting_bool(tctx, "samba3", false)) {
+ torture_skip(tctx, "skipping QueryDomainInformationPolicy
test\n");
+ }
+
torture_comment(tctx, "\nTesting QueryDomainInformationPolicy\n");
for (i=2;i<4;i++) {
@@ -2498,21 +2502,20 @@ static bool test_QueryInfoPolicyCalls( bool version2,
NTSTATUS status;
int i;
bool ret = true;
+ const char *call = talloc_asprintf(tctx, "QueryInfoPolicy%s", version2
? "2":"");
- if (version2)
- torture_comment(tctx, "\nTesting QueryInfoPolicy2\n");
- else
- torture_comment(tctx, "\nTesting QueryInfoPolicy\n");
+ torture_comment(tctx, "\nTesting %s\n", call);
+
+ if (version2 && torture_setting_bool(tctx, "samba3", false)) {
+ torture_skip(tctx, "skipping QueryInfoPolicy2 tests\n");
+ }
for (i=1;i<=14;i++) {
r.in.handle = handle;
r.in.level = i;
r.out.info = &info;
- if (version2)
- torture_comment(tctx, "\nTrying QueryInfoPolicy2 level
%d\n", i);
- else
- torture_comment(tctx, "\nTrying QueryInfoPolicy level
%d\n", i);
+ torture_comment(tctx, "\nTrying %s level %d\n", call, i);
if (version2)
/* We can perform the cast, because both types are
@@ -2533,9 +2536,6 @@ static bool test_QueryInfoPolicyCalls( bool version2,
break;
case LSA_POLICY_INFO_DOMAIN:
case LSA_POLICY_INFO_ACCOUNT_DOMAIN:
- case LSA_POLICY_INFO_L_ACCOUNT_DOMAIN:
- case LSA_POLICY_INFO_DNS_INT:
- case LSA_POLICY_INFO_DNS:
case LSA_POLICY_INFO_REPLICA:
case LSA_POLICY_INFO_QUOTA:
case LSA_POLICY_INFO_ROLE:
@@ -2543,10 +2543,21 @@ static bool test_QueryInfoPolicyCalls( bool version2,
case LSA_POLICY_INFO_AUDIT_EVENTS:
case LSA_POLICY_INFO_PD:
if (!NT_STATUS_IS_OK(status)) {
- if (version2)
- torture_comment(tctx, "QueryInfoPolicy2
failed - %s\n", nt_errstr(status));
- else
- torture_comment(tctx, "QueryInfoPolicy
failed - %s\n", nt_errstr(status));
+ torture_comment(tctx, "%s failed - %s\n", call,
nt_errstr(status));
+ ret = false;
+ }
+ break;
+ case LSA_POLICY_INFO_L_ACCOUNT_DOMAIN:
+ case LSA_POLICY_INFO_DNS_INT:
+ case LSA_POLICY_INFO_DNS:
+ if (torture_setting_bool(tctx, "samba3", false)) {
+ /* Other levels not implemented yet */
+ if (!NT_STATUS_EQUAL(status,
NT_STATUS_INVALID_INFO_CLASS)) {
+ torture_comment(tctx, "%s failed -
%s\n", call, nt_errstr(status));
+ ret = false;
+ }
+ } else if (!NT_STATUS_IS_OK(status)) {
+ torture_comment(tctx, "%s failed - %s\n", call,
nt_errstr(status));
ret = false;
}
break;
@@ -2554,17 +2565,11 @@ static bool test_QueryInfoPolicyCalls( bool version2,
if (torture_setting_bool(tctx, "samba4", false)) {
/* Other levels not implemented yet */
if (!NT_STATUS_EQUAL(status,
NT_STATUS_INVALID_INFO_CLASS)) {
- if (version2)
- torture_comment(tctx,
"QueryInfoPolicy2 failed - %s\n", nt_errstr(status));
- else
- torture_comment(tctx,
"QueryInfoPolicy failed - %s\n", nt_errstr(status));
+ torture_comment(tctx, "%s failed -
%s\n", call, nt_errstr(status));
ret = false;
}
} else if (!NT_STATUS_IS_OK(status)) {
- if (version2)
- torture_comment(tctx, "QueryInfoPolicy2
failed - %s\n", nt_errstr(status));
- else
- torture_comment(tctx, "QueryInfoPolicy
failed - %s\n", nt_errstr(status));
+ torture_comment(tctx, "%s failed - %s\n", call,
nt_errstr(status));
ret = false;
}
break;
--
Samba Shared Repository
