The branch, master has been updated
via 6961048... s4-smbtorture: in extended setvalue winreg test, reduce
max random buffer length to 16 bytes.
via 17ddefe... s3-docs: try to make "default case" explanation a little
clearer.
via 6625aad... s3-libsmb: move change_trust_account_password out of
smbd into libsmb.
via e1c185d... s4-smbtorture: enable QueryMultipleValues{2} torture
tests against samba3.
via 2a4bd64... s3-winreg: implement _winreg_QueryMultipleValues().
via de0d9e0... s3-winreg: implement _winreg_QueryMultipleValues2().
via 21869f5... s3-registry: add reg_querymultiplevalues() to reg_api.
via a329dd0... s4-smbtorture: add some more multiple_values_tests to
RPC-WINREG.
from 14f8953... s4:dsdb: move dsdb python tests from lib/ldb/ to dsdb/
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 69610484872bb8c9d52cd1b12c56a3bf99be78ae
Author: Günther Deschner <g...@samba.org>
Date: Wed Jun 30 17:13:42 2010 +0200
s4-smbtorture: in extended setvalue winreg test, reduce max random buffer
length to 16 bytes.
Guenther
commit 17ddefef8a3dd299fd318a9e3908396beba62cbb
Author: Günther Deschner <g...@samba.org>
Date: Wed Jun 30 13:25:28 2010 +0200
s3-docs: try to make "default case" explanation a little clearer.
Guenther
commit 6625aada8174d61f52d6ef22d49edefa15f4a9bb
Author: Günther Deschner <g...@samba.org>
Date: Wed Jun 30 12:10:55 2010 +0200
s3-libsmb: move change_trust_account_password out of smbd into libsmb.
Guenther
commit e1c185d07db69827435812227a392e711bc06db0
Author: Günther Deschner <g...@samba.org>
Date: Wed Jun 30 02:07:15 2010 +0200
s4-smbtorture: enable QueryMultipleValues{2} torture tests against samba3.
Guenther
commit 2a4bd64973252d87b34f90e14872285ed12135ed
Author: Günther Deschner <g...@samba.org>
Date: Wed Jun 30 16:31:46 2010 +0200
s3-winreg: implement _winreg_QueryMultipleValues().
Guenther
commit de0d9e0bff7d39c3f784112bd043095aeaa1042a
Author: Günther Deschner <g...@samba.org>
Date: Wed Jun 30 02:03:27 2010 +0200
s3-winreg: implement _winreg_QueryMultipleValues2().
Guenther
commit 21869f5ed00af5a05f1d109339cd8b725fcc7d61
Author: Günther Deschner <g...@samba.org>
Date: Wed Jun 30 02:02:43 2010 +0200
s3-registry: add reg_querymultiplevalues() to reg_api.
Guenther
commit a329dd02674010e673fbcc7acf369a19befb6738
Author: Günther Deschner <g...@samba.org>
Date: Wed Jun 30 17:13:14 2010 +0200
s4-smbtorture: add some more multiple_values_tests to RPC-WINREG.
Guenther
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages-3/smb.conf.5.xml | 10 ++--
source3/Makefile.in | 2 +-
source3/include/proto.h | 5 +-
source3/include/registry.h | 6 ++
source3/libsmb/trusts_util.c | 74 +++++++++++++++++++
source3/registry/reg_api.c | 50 +++++++++++++
source3/rpc_server/srv_winreg_nt.c | 138 +++++++++++++++++++++++++++++++++---
source3/smbd/change_trust_pw.c | 102 --------------------------
source4/torture/rpc/winreg.c | 20 ++++--
9 files changed, 280 insertions(+), 127 deletions(-)
delete mode 100644 source3/smbd/change_trust_pw.c
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages-3/smb.conf.5.xml
b/docs-xml/manpages-3/smb.conf.5.xml
index 5df579e..7423fc4 100644
--- a/docs-xml/manpages-3/smb.conf.5.xml
+++ b/docs-xml/manpages-3/smb.conf.5.xml
@@ -628,11 +628,11 @@ chmod 1770 /usr/local/samba/lib/usershares
<term>default case = upper/lower</term>
<listitem><para>
controls what the default case is for new filenames (ie. files
that don't currently exist in the filesystem).
- Default <emphasis>lower</emphasis>. IMPORTANT NOTE: This
option will be used to modify the case of
- <emphasis>all</emphasis> incoming client filenames, not just
new filenames if the options <smbconfoption
- name="case sensitive">yes</smbconfoption>, <smbconfoption
name="preserve case">No</smbconfoption>,
- <smbconfoption name="short preserve case">No</smbconfoption>
are set. This change is needed as part of the
- optimisations for directories containing large numbers of files.
+ Default <emphasis>lower</emphasis>. IMPORTANT NOTE: As part of
the optimizations for directories containing
+ large numbers of files, the following special case applies. If
the options
+ <smbconfoption name="case sensitive">yes</smbconfoption>,
<smbconfoption name="preserve case">No</smbconfoption>, and
+ <smbconfoption name="short preserve case">No</smbconfoption>
are set, then the case of <emphasis>all</emphasis>
+ incoming client filenames, not just new filenames, will be
modified. See additional notes below.
</para></listitem>
</varlistentry>
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 07b07df..905ab4c 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -801,7 +801,7 @@ SMBD_OBJ_SRV = smbd/server_reload.o \
smbd/process.o smbd/service.o smbd/error.o \
printing/printfsp.o lib/sysquotas.o lib/sysquotas_linux.o \
lib/sysquotas_xfs.o lib/sysquotas_4A.o \
- smbd/change_trust_pw.o smbd/fake_file.o \
+ smbd/fake_file.o \
smbd/quotas.o smbd/ntquotas.o $(AFS_OBJ) smbd/msdfs.o \
$(AFS_SETTOKEN_OBJ) smbd/aio.o smbd/statvfs.o \
smbd/dmapi.o smbd/signing.o \
diff --git a/source3/include/proto.h b/source3/include/proto.h
index a654495..28feec3 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -3256,6 +3256,7 @@ NTSTATUS trust_pw_find_change_and_store_it(struct
rpc_pipe_client *cli,
bool enumerate_domain_trusts( TALLOC_CTX *mem_ctx, const char *domain,
char ***domain_names, uint32 *num_domains,
struct dom_sid **sids );
+NTSTATUS change_trust_account_password( const char *domain, const char
*remote_machine);
/* The following definitions come from libsmb/unexpected.c */
@@ -5378,10 +5379,6 @@ struct blocking_lock_record
*blocking_lock_cancel_smb1(files_struct *fsp,
unsigned char locktype,
NTSTATUS err);
-/* The following definitions come from smbd/change_trust_pw.c */
-
-NTSTATUS change_trust_account_password( const char *domain, const char
*remote_machine);
-
/* The following definitions come from smbd/close.c */
void set_close_write_time(struct files_struct *fsp, struct timespec ts);
diff --git a/source3/include/registry.h b/source3/include/registry.h
index 703176f..00c27cf 100644
--- a/source3/include/registry.h
+++ b/source3/include/registry.h
@@ -163,6 +163,12 @@ WERROR reg_enumvalue(TALLOC_CTX *mem_ctx, struct
registry_key *key,
uint32 idx, char **pname, struct registry_value **pval);
WERROR reg_queryvalue(TALLOC_CTX *mem_ctx, struct registry_key *key,
const char *name, struct registry_value **pval);
+WERROR reg_querymultiplevalues(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ uint32_t num_names,
+ const char **names,
+ uint32_t *pnum_vals,
+ struct registry_value **pvals);
WERROR reg_queryinfokey(struct registry_key *key, uint32_t *num_subkeys,
uint32_t *max_subkeylen, uint32_t *max_subkeysize,
uint32_t *num_values, uint32_t *max_valnamelen,
diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c
index 3a2d6d7..2daacec 100644
--- a/source3/libsmb/trusts_util.c
+++ b/source3/libsmb/trusts_util.c
@@ -23,6 +23,7 @@
#include "../librpc/gen_ndr/cli_lsa.h"
#include "rpc_client/cli_lsarpc.h"
#include "rpc_client/cli_netlogon.h"
+#include "../librpc/gen_ndr/ndr_netlogon.h"
/*********************************************************
Change the domain password on the PDC.
@@ -222,3 +223,76 @@ done:
return NT_STATUS_IS_OK(result);
}
+
+NTSTATUS change_trust_account_password( const char *domain, const char
*remote_machine)
+{
+ NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+ struct sockaddr_storage pdc_ss;
+ fstring dc_name;
+ struct cli_state *cli = NULL;
+ struct rpc_pipe_client *netlogon_pipe = NULL;
+
+ DEBUG(5,("change_trust_account_password: Attempting to change trust
account password in domain %s....\n",
+ domain));
+
+ if (remote_machine == NULL || !strcmp(remote_machine, "*")) {
+ /* Use the PDC *only* for this */
+
+ if ( !get_pdc_ip(domain, &pdc_ss) ) {
+ DEBUG(0,("Can't get IP for PDC for domain %s\n",
domain));
+ goto failed;
+ }
+
+ if ( !name_status_find( domain, 0x1b, 0x20, &pdc_ss, dc_name) )
+ goto failed;
+ } else {
+ /* supoport old deprecated "smbpasswd -j DOMAIN -r MACHINE"
behavior */
+ fstrcpy( dc_name, remote_machine );
+ }
+
+ /* if this next call fails, then give up. We can't do
+ password changes on BDC's --jerry */
+
+ if (!NT_STATUS_IS_OK(cli_full_connection(&cli, global_myname(), dc_name,
+ NULL, 0,
+ "IPC$", "IPC",
+ "", "",
+ "", 0, Undefined, NULL))) {
+ DEBUG(0,("modify_trust_password: Connection to %s failed!\n",
dc_name));
+ nt_status = NT_STATUS_UNSUCCESSFUL;
+ goto failed;
+ }
+
+ /*
+ * Ok - we have an anonymous connection to the IPC$ share.
+ * Now start the NT Domain stuff :-).
+ */
+
+ /* Shouldn't we open this with schannel ? JRA. */
+
+ nt_status = cli_rpc_pipe_open_noauth(
+ cli, &ndr_table_netlogon.syntax_id, &netlogon_pipe);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0,("modify_trust_password: unable to open the domain
client session to machine %s. Error was : %s.\n",
+ dc_name, nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ cli = NULL;
+ goto failed;
+ }
+
+ nt_status = trust_pw_find_change_and_store_it(
+ netlogon_pipe, netlogon_pipe, domain);
+
+ cli_shutdown(cli);
+ cli = NULL;
+
+failed:
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0,("%s : change_trust_account_password: Failed to change
password for domain %s.\n",
+ current_timestring(talloc_tos(), False), domain));
+ }
+ else
+ DEBUG(5,("change_trust_account_password: sucess!\n"));
+
+ return nt_status;
+}
diff --git a/source3/registry/reg_api.c b/source3/registry/reg_api.c
index 79b9a1e..1954fb5 100644
--- a/source3/registry/reg_api.c
+++ b/source3/registry/reg_api.c
@@ -402,6 +402,56 @@ WERROR reg_queryvalue(TALLOC_CTX *mem_ctx, struct
registry_key *key,
return WERR_BADFILE;
}
+WERROR reg_querymultiplevalues(TALLOC_CTX *mem_ctx,
+ struct registry_key *key,
+ uint32_t num_names,
+ const char **names,
+ uint32_t *pnum_vals,
+ struct registry_value **pvals)
+{
+ WERROR err;
+ uint32_t i, n, found = 0;
+ struct registry_value *vals;
+
+ if (num_names == 0) {
+ return WERR_OK;
+ }
+
+ if (!(key->key->access_granted & KEY_QUERY_VALUE)) {
+ return WERR_ACCESS_DENIED;
+ }
+
+ if (!(W_ERROR_IS_OK(err = fill_value_cache(key)))) {
+ return err;
+ }
+
+ vals = talloc_zero_array(mem_ctx, struct registry_value, num_names);
+ if (vals == NULL) {
+ return WERR_NOMEM;
+ }
+
+ for (n=0; n < num_names; n++) {
+ for (i=0; i < regval_ctr_numvals(key->values); i++) {
+ struct regval_blob *blob;
+ blob = regval_ctr_specific_value(key->values, i);
+ if (strequal(regval_name(blob), names[n])) {
+ struct registry_value *v;
+ err = reg_enumvalue(mem_ctx, key, i, NULL, &v);
+ if (!W_ERROR_IS_OK(err)) {
+ return err;
+ }
+ vals[n] = *v;
+ found++;
+ }
+ }
+ }
+
+ *pvals = vals;
+ *pnum_vals = found;
+
+ return WERR_OK;
+}
+
WERROR reg_queryinfokey(struct registry_key *key, uint32_t *num_subkeys,
uint32_t *max_subkeylen, uint32_t *max_subkeysize,
uint32_t *num_values, uint32_t *max_valnamelen,
diff --git a/source3/rpc_server/srv_winreg_nt.c
b/source3/rpc_server/srv_winreg_nt.c
index 28d5ac9..1cf0903 100644
--- a/source3/rpc_server/srv_winreg_nt.c
+++ b/source3/rpc_server/srv_winreg_nt.c
@@ -968,26 +968,144 @@ WERROR _winreg_NotifyChangeKeyValue(pipes_struct *p,
struct winreg_NotifyChangeK
_winreg_QueryMultipleValues
********************************************************************/
-WERROR _winreg_QueryMultipleValues(pipes_struct *p, struct
winreg_QueryMultipleValues *r)
+WERROR _winreg_QueryMultipleValues(pipes_struct *p,
+ struct winreg_QueryMultipleValues *r)
{
- /* fill in your code here if you think this call should
- do anything */
+ struct winreg_QueryMultipleValues2 r2;
+ uint32_t needed;
+
+ r2.in.key_handle = r->in.key_handle;
+ r2.in.values_in = r->in.values_in;
+ r2.in.num_values = r->in.num_values;
+ r2.in.offered = r->in.buffer_size;
+ r2.in.buffer = r->in.buffer;
+ r2.out.values_out = r->out.values_out;
+ r2.out.needed = &needed;
+ r2.out.buffer = r->out.buffer;
+
+ return _winreg_QueryMultipleValues2(p, &r2);
+}
- p->rng_fault_state = True;
- return WERR_NOT_SUPPORTED;
+/*******************************************************************
+ ********************************************************************/
+
+static WERROR construct_multiple_entry(TALLOC_CTX *mem_ctx,
+ const char *valuename,
+ uint32_t value_length,
+ uint32_t offset,
+ enum winreg_Type type,
+ struct QueryMultipleValue *r)
+{
+ r->ve_valuename = talloc_zero(mem_ctx, struct winreg_ValNameBuf);
+ if (r->ve_valuename == NULL) {
+ return WERR_NOMEM;
+ }
+
+ r->ve_valuename->name = talloc_strdup(r->ve_valuename, valuename ?
valuename : "");
+ if (r->ve_valuename->name == NULL) {
+ return WERR_NOMEM;
+ }
+
+ r->ve_valuename->size = strlen_m_term(r->ve_valuename->name)*2;
+ r->ve_valuelen = value_length;
+ r->ve_valueptr = offset;
+ r->ve_type = type;
+
+ return WERR_OK;
}
/*******************************************************************
_winreg_QueryMultipleValues2
********************************************************************/
-WERROR _winreg_QueryMultipleValues2(pipes_struct *p, struct
winreg_QueryMultipleValues2 *r)
+WERROR _winreg_QueryMultipleValues2(pipes_struct *p,
+ struct winreg_QueryMultipleValues2 *r)
{
- /* fill in your code here if you think this call should
- do anything */
+ struct registry_key *regkey = find_regkey_by_hnd(p, r->in.key_handle);
+ struct registry_value *vals = NULL;
+ const char **names = NULL;
+ uint32_t offset = 0, num_vals = 0;
+ DATA_BLOB result;
+ int i;
+ WERROR err;
- p->rng_fault_state = True;
- return WERR_NOT_SUPPORTED;
+ if (!regkey) {
+ return WERR_BADFID;
+ }
+
+ names = talloc_zero_array(p->mem_ctx, const char *, r->in.num_values);
+ if (names == NULL) {
+ return WERR_NOMEM;
+ }
+
+ for (i=0; i < r->in.num_values; i++) {
+ if (r->in.values_in[i].ve_valuename &&
+ r->in.values_in[i].ve_valuename->name) {
+ names[i] = talloc_strdup(names,
+ r->in.values_in[i].ve_valuename->name);
+ if (names[i] == NULL) {
+ return WERR_NOMEM;
+ }
+ }
+ }
+
+ err = reg_querymultiplevalues(p->mem_ctx, regkey,
+ r->in.num_values, names,
+ &num_vals, &vals);
+ if (!W_ERROR_IS_OK(err)) {
+ return err;
+ }
+
+ result = data_blob_talloc(p->mem_ctx, NULL, 0);
+
+ for (i=0; i < r->in.num_values; i++) {
+ const char *valuename = NULL;
+ DATA_BLOB blob = data_blob_null;
+
+ if (vals[i].type != REG_NONE) {
+ err = registry_push_value(p->mem_ctx, &vals[i], &blob);
+ if (!W_ERROR_IS_OK(err)) {
+ return err;
+ }
+
+ if (!data_blob_append(p->mem_ctx, &result,
+ blob.data, blob.length)) {
+ return WERR_NOMEM;
+ }
+ }
+
+ if (r->in.values_in[i].ve_valuename &&
+ r->in.values_in[i].ve_valuename->name) {
+ valuename = r->in.values_in[i].ve_valuename->name;
+ }
+
+ err = construct_multiple_entry(r->out.values_out,
+ valuename,
+ blob.length,
+ offset,
+ vals[i].type,
+ &r->out.values_out[i]);
+ if (!W_ERROR_IS_OK(err)) {
+ return err;
+ }
+
+ offset += blob.length;
+ }
+
+ *r->out.needed = result.length;
+
+ if (r->in.num_values != num_vals) {
+ return WERR_BADFILE;
+ }
+
+ if (*r->in.offered >= *r->out.needed) {
+ if (r->out.buffer) {
+ memcpy(r->out.buffer, result.data, MIN(result.length,
*r->in.offered));
+ }
+ return WERR_OK;
+ } else {
+ return WERR_MORE_DATA;
+ }
}
/*******************************************************************
diff --git a/source3/smbd/change_trust_pw.c b/source3/smbd/change_trust_pw.c
deleted file mode 100644
index d02de7a..0000000
--- a/source3/smbd/change_trust_pw.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * Unix SMB/CIFS implementation.
- * Periodic Trust account password changing.
- * Copyright (C) Andrew Tridgell 1992-1997,
- * Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
- * Copyright (C) Paul Ashton 1997.
- * Copyright (C) Jeremy Allison 1998.
- * Copyright (C) Andrew Bartlett 2001.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "includes.h"
-#include "../librpc/gen_ndr/ndr_netlogon.h"
-
-/************************************************************************
- Change the trust account password for a domain.
-************************************************************************/
-
-NTSTATUS change_trust_account_password( const char *domain, const char
*remote_machine)
-{
- NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
- struct sockaddr_storage pdc_ss;
- fstring dc_name;
- struct cli_state *cli = NULL;
- struct rpc_pipe_client *netlogon_pipe = NULL;
-
- DEBUG(5,("change_trust_account_password: Attempting to change trust
account password in domain %s....\n",
- domain));
-
- if (remote_machine == NULL || !strcmp(remote_machine, "*")) {
- /* Use the PDC *only* for this */
-
- if ( !get_pdc_ip(domain, &pdc_ss) ) {
- DEBUG(0,("Can't get IP for PDC for domain %s\n",
domain));
- goto failed;
- }
-
- if ( !name_status_find( domain, 0x1b, 0x20, &pdc_ss, dc_name) )
- goto failed;
- } else {
- /* supoport old deprecated "smbpasswd -j DOMAIN -r MACHINE"
behavior */
- fstrcpy( dc_name, remote_machine );
- }
-
- /* if this next call fails, then give up. We can't do
- password changes on BDC's --jerry */
-
- if (!NT_STATUS_IS_OK(cli_full_connection(&cli, global_myname(),
dc_name,
- NULL, 0,
- "IPC$", "IPC",
- "", "",
- "", 0, Undefined, NULL))) {
- DEBUG(0,("modify_trust_password: Connection to %s failed!\n",
dc_name));
- nt_status = NT_STATUS_UNSUCCESSFUL;
- goto failed;
- }
-
- /*
- * Ok - we have an anonymous connection to the IPC$ share.
- * Now start the NT Domain stuff :-).
- */
-
- /* Shouldn't we open this with schannel ? JRA. */
-
- nt_status = cli_rpc_pipe_open_noauth(
- cli, &ndr_table_netlogon.syntax_id, &netlogon_pipe);
- if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(0,("modify_trust_password: unable to open the domain
client session to machine %s. Error was : %s.\n",
- dc_name, nt_errstr(nt_status)));
- cli_shutdown(cli);
- cli = NULL;
- goto failed;
- }
-
- nt_status = trust_pw_find_change_and_store_it(
- netlogon_pipe, netlogon_pipe, domain);
-
- cli_shutdown(cli);
- cli = NULL;
-
-failed:
- if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(0,("%s : change_trust_account_password: Failed to change
password for domain %s.\n",
- current_timestring(talloc_tos(), False), domain));
- }
- else
- DEBUG(5,("change_trust_account_password: sucess!\n"));
-
- return nt_status;
-}
diff --git a/source4/torture/rpc/winreg.c b/source4/torture/rpc/winreg.c
index 0960440..92404d3 100644
--- a/source4/torture/rpc/winreg.c
+++ b/source4/torture/rpc/winreg.c
@@ -2279,7 +2279,7 @@ static bool test_SetValue_extended(struct
dcerpc_binding_handle *b,
torture_comment(tctx, "Testing SetValue (extended formats)\n");
for (t=0; t < ARRAY_SIZE(types); t++) {
- for (l=0; l < 32; l++) {
--
Samba Shared Repository
