The branch, master has been updated
via a236bc4... s4:dsdb/password_hash: implement
DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID
via 6d7b964... s4:dsdb: allocate DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID
via 24d6950... s4:dsdb/password_hash: fix some c++ compiler warnings
from 4a0edb5... DNS objects should not be ignored
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a236bc4b334433eb743cb88a8a5f36c7d694681c
Author: Stefan Metzmacher <[email protected]>
Date: Wed Jun 30 08:26:08 2010 +0200
s4:dsdb/password_hash: implement DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID
metze
commit 6d7b9648e5bff20136dd4462313ce4c3cd502662
Author: Stefan Metzmacher <[email protected]>
Date: Wed Jun 30 08:24:35 2010 +0200
s4:dsdb: allocate DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID
When importing users from Samba3 we need to control all values.
metze
commit 24d6950f631f7b1f36ee72c1d06b6b4bc9a1033a
Author: Stefan Metzmacher <[email protected]>
Date: Wed Jun 30 12:08:30 2010 +0200
s4:dsdb/password_hash: fix some c++ compiler warnings
metze
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/password_hash.c | 41 ++++++++++++++++++-----
source4/dsdb/samdb/samdb.h | 5 +++
source4/setup/schema_samba4.ldif | 1 +
3 files changed, 38 insertions(+), 9 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c
b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 0a34645..505f2c2 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1405,11 +1405,12 @@ static int setup_given_passwords(struct
setup_password_fields_io *io,
static int setup_password_fields(struct setup_password_fields_io *io)
{
- struct ldb_context *ldb;
+ struct ldb_context *ldb = ldb_module_get_ctx(io->ac->module);
+ struct loadparm_context *lp_ctx =
+ lp_ctx = talloc_get_type(ldb_get_opaque(ldb, "loadparm"),
+ struct loadparm_context);
int ret;
- ldb = ldb_module_get_ctx(io->ac->module);
-
/* transform the old password (for password changes) */
ret = setup_given_passwords(io, &io->og);
if (ret != LDB_SUCCESS) {
@@ -1434,7 +1435,7 @@ static int setup_password_fields(struct
setup_password_fields_io *io)
return ret;
}
- if (lp_lanman_auth(ldb_get_opaque(ldb, "loadparm"))) {
+ if (lp_lanman_auth(lp_ctx)) {
ret = setup_lm_fields(io);
if (ret != LDB_SUCCESS) {
return ret;
@@ -1631,7 +1632,8 @@ static int setup_io(struct ph_context *ac,
const struct ldb_val *quoted_utf16, *old_quoted_utf16, *lm_hash,
*old_lm_hash;
struct ldb_context *ldb = ldb_module_get_ctx(ac->module);
struct loadparm_context *lp_ctx =
- (struct loadparm_context *)ldb_get_opaque(ldb, "loadparm");
+ lp_ctx = talloc_get_type(ldb_get_opaque(ldb, "loadparm"),
+ struct loadparm_context);
int ret;
ZERO_STRUCTP(io);
@@ -2185,6 +2187,7 @@ static int password_hash_add(struct ldb_module *module,
struct ldb_request *req)
struct ldb_message_element *userPasswordAttr, *clearTextPasswordAttr,
*ntAttr, *lmAttr;
int ret;
+ struct ldb_control *bypass = NULL;
ldb = ldb_module_get_ctx(module);
@@ -2200,6 +2203,15 @@ static int password_hash_add(struct ldb_module *module,
struct ldb_request *req)
return ldb_next_request(module, req);
}
+ bypass = ldb_request_get_control(req,
+ DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID);
+ if (bypass != NULL) {
+ /* Mark the "bypass" control as uncritical (done) */
+ bypass->critical = false;
+ ldb_debug(ldb, LDB_DEBUG_TRACE, "password_hash_add
(bypassing)\n");
+ return ldb_next_request(module, req);
+ }
+
/* nobody must touch password histories and 'supplementalCredentials' */
if (ldb_msg_find_element(req->op.add.message, "ntPwdHistory")) {
return LDB_ERR_UNWILLING_TO_PERFORM;
@@ -2361,6 +2373,7 @@ static int password_hash_modify(struct ldb_module
*module, struct ldb_request *r
struct ldb_message *msg;
struct ldb_request *down_req;
int ret;
+ struct ldb_control *bypass = NULL;
ldb = ldb_module_get_ctx(module);
@@ -2376,6 +2389,15 @@ static int password_hash_modify(struct ldb_module
*module, struct ldb_request *r
return ldb_next_request(module, req);
}
+ bypass = ldb_request_get_control(req,
+ DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID);
+ if (bypass != NULL) {
+ /* Mark the "bypass" control as uncritical (done) */
+ bypass->critical = false;
+ ldb_debug(ldb, LDB_DEBUG_TRACE, "password_hash_modify
(bypassing)\n");
+ return ldb_next_request(module, req);
+ }
+
/* nobody must touch password histories and 'supplementalCredentials' */
if (ldb_msg_find_element(req->op.mod.message, "ntPwdHistory")) {
return LDB_ERR_UNWILLING_TO_PERFORM;
@@ -2641,7 +2663,10 @@ static int password_hash_mod_search_self(struct
ph_context *ac)
static int password_hash_mod_do_mod(struct ph_context *ac)
{
- struct ldb_context *ldb;
+ struct ldb_context *ldb = ldb_module_get_ctx(ac->module);
+ struct loadparm_context *lp_ctx =
+ lp_ctx = talloc_get_type(ldb_get_opaque(ldb, "loadparm"),
+ struct loadparm_context);
struct ldb_request *mod_req;
struct ldb_message *msg;
const struct ldb_message *orig_msg, *searched_msg;
@@ -2649,8 +2674,6 @@ static int password_hash_mod_do_mod(struct ph_context *ac)
int ret;
NTSTATUS status;
- ldb = ldb_module_get_ctx(ac->module);
-
/* use a new message structure so that we can modify it */
msg = ldb_msg_new(ac);
if (msg == NULL) {
@@ -2671,7 +2694,7 @@ static int password_hash_mod_do_mod(struct ph_context *ac)
/* Get the old password from the database */
status = samdb_result_passwords(io.ac,
- ldb_get_opaque(ldb, "loadparm"),
+ lp_ctx,
discard_const_p(struct ldb_message,
searched_msg),
&io.o.lm_hash, &io.o.nt_hash);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source4/dsdb/samdb/samdb.h b/source4/dsdb/samdb/samdb.h
index 88c6113..8b45cd0 100644
--- a/source4/dsdb/samdb/samdb.h
+++ b/source4/dsdb/samdb/samdb.h
@@ -87,6 +87,11 @@ struct dsdb_control_password_change_status {
*/
#define DSDB_CONTROL_APPLY_LINKS "1.3.6.1.4.1.7165.4.3.11"
+/*
+ * this should only be used for importing users from Samba3
+ */
+#define DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID "1.3.6.1.4.1.7165.4.3.12"
+
#define DSDB_EXTENDED_REPLICATED_OBJECTS_OID "1.3.6.1.4.1.7165.4.4.1"
struct dsdb_extended_replicated_object {
struct ldb_message *msg;
diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif
index b8ef5d6..681aa96 100644
--- a/source4/setup/schema_samba4.ldif
+++ b/source4/setup/schema_samba4.ldif
@@ -184,6 +184,7 @@
#Allocated: DSDB_CONTROL_PASSWORD_HASH_VALUES_OID 1.3.6.1.4.1.7165.4.3.9
#Allocated: DSDB_CONTROL_PASSWORD_CHANGE_OLD_PW_CHECKED_OID
1.3.6.1.4.1.7165.4.3.10
#Allocated: DSDB_CONTROL_APPLY_LINKS 1.3.6.1.4.1.7165.4.3.11
+#Allocated: DSDB_CONTROL_BYPASS_PASSWORD_HASH_OID 1.3.6.1.4.1.7165.4.3.12
#Allocated: LDB_CONTROL_BYPASSOPERATIONAL_OID 1.3.6.1.4.1.7165.4.3.13
# Extended 1.3.6.1.4.1.7165.4.4.x
--
Samba Shared Repository
