The branch, master has been updated via 12aaafd s3:passdb: let pdb_get_trust_credentials() try pdb_get_trusteddom_creds() first via 8e90b93 s3:passdb: add optional get_trusteddom_creds() hooks via 7a9147d pdb: fix build issues with shared modules via 6bc41c4 s3:locking: fix uninitialiazed variable in brl_get_locks_readonly_parser() from 53fb00e torture: improve rpc.remote_pac test so we check if LogonSamLogon actually succeeds
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 12aaafd2971ac71823ccbebda7b2afd689239770 Author: Stefan Metzmacher <me...@samba.org> Date: Tue Dec 16 15:05:17 2014 +0000 s3:passdb: let pdb_get_trust_credentials() try pdb_get_trusteddom_creds() first NT_STATUS_NOT_IMPLEMENTED lets it fallback to the old get_trust_pw_clear2() code. Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Stefan Metzmacher <me...@samba.org> Autobuild-Date(master): Thu Dec 18 06:46:05 CET 2014 on sn-devel-104 commit 8e90b93ddceabd582cb28e40882036e7772608aa Author: Stefan Metzmacher <me...@samba.org> Date: Thu Dec 11 10:52:53 2014 +0000 s3:passdb: add optional get_trusteddom_creds() hooks Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 7a9147dab593a495c5ed5e1157ec8eb8a2809586 Author: Garming Sam <garm...@catalyst.net.nz> Date: Thu Dec 4 10:44:26 2014 +1300 pdb: fix build issues with shared modules Bug: https://bugzilla.samba.org/show_bug.cgi?id=10355 Change-Id: I26e78b56ead0c66afcda6b3fb8b1fd09130b24a5 Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> commit 6bc41c459f6da7de62d2113590bc7d0c2d04e136 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Dec 17 10:43:33 2014 +0100 s3:locking: fix uninitialiazed variable in brl_get_locks_readonly_parser() In a cluster this can be called with an empty record, while brl_parse_data() relies on an initialized structure. This is a regression in commit 837e29035c911f3509135252c3f423d0f56b606d. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10911 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Ralph Boehme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/include/passdb.h | 8 +++ source3/locking/brlock.c | 1 + ...-passdb-0.2.0.sigs => samba-passdb-0.24.1.sigs} | 1 + source3/passdb/passdb.c | 65 +++++++++++++++------- source3/passdb/pdb_interface.c | 17 ++++++ source3/wscript_build | 3 +- 6 files changed, 73 insertions(+), 22 deletions(-) copy source3/passdb/ABI/{samba-passdb-0.2.0.sigs => samba-passdb-0.24.1.sigs} (99%) Changeset truncated at 500 lines: diff --git a/source3/include/passdb.h b/source3/include/passdb.h index 16e3bef..893d0d0 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -34,6 +34,7 @@ #include "../librpc/gen_ndr/lsa.h" #include <tevent.h> struct unixid; +struct cli_credentials; /* group mapping headers */ @@ -416,6 +417,7 @@ enum pdb_policy_type { * Changed to 22, idmap control functions * Changed to 23, new idmap control functions * Changed to 24, removed uid_to_sid and gid_to_sid, replaced with id_to_sid + * Leave at 24, add optional get_trusteddom_creds() */ #define PASSDB_INTERFACE_VERSION 24 @@ -581,6 +583,10 @@ struct pdb_methods bool (*get_trusteddom_pw)(struct pdb_methods *methods, const char *domain, char** pwd, struct dom_sid *sid, time_t *pass_last_set_time); + NTSTATUS (*get_trusteddom_creds)(struct pdb_methods *methods, + const char *domain, + TALLOC_CTX *mem_ctx, + struct cli_credentials **creds); bool (*set_trusteddom_pw)(struct pdb_methods *methods, const char* domain, const char* pwd, const struct dom_sid *sid); @@ -919,6 +925,8 @@ uint32_t pdb_search_entries(struct pdb_search *search, struct samr_displayentry **result); bool pdb_get_trusteddom_pw(const char *domain, char** pwd, struct dom_sid *sid, time_t *pass_last_set_time); +NTSTATUS pdb_get_trusteddom_creds(const char *domain, TALLOC_CTX *mem_ctx, + struct cli_credentials **creds); bool pdb_set_trusteddom_pw(const char* domain, const char* pwd, const struct dom_sid *sid); bool pdb_del_trusteddom_pw(const char *domain); diff --git a/source3/locking/brlock.c b/source3/locking/brlock.c index 6c73c72..7fd3783 100644 --- a/source3/locking/brlock.c +++ b/source3/locking/brlock.c @@ -2014,6 +2014,7 @@ static void brl_get_locks_readonly_parser(TDB_DATA key, TDB_DATA data, *state->br_lock = NULL; return; } + *br_lck = (struct byte_range_lock) {}; if (!brl_parse_data(br_lck, data)) { *state->br_lock = NULL; return; diff --git a/source3/passdb/ABI/samba-passdb-0.2.0.sigs b/source3/passdb/ABI/samba-passdb-0.24.1.sigs similarity index 99% copy from source3/passdb/ABI/samba-passdb-0.2.0.sigs copy to source3/passdb/ABI/samba-passdb-0.24.1.sigs index e2246f6..e5885d0 100644 --- a/source3/passdb/ABI/samba-passdb-0.2.0.sigs +++ b/source3/passdb/ABI/samba-passdb-0.24.1.sigs @@ -160,6 +160,7 @@ pdb_get_tevent_context: struct tevent_context *(void) pdb_get_trust_credentials: NTSTATUS (const char *, const char *, TALLOC_CTX *, struct cli_credentials **) pdb_get_trusted_domain: NTSTATUS (TALLOC_CTX *, const char *, struct pdb_trusted_domain **) pdb_get_trusted_domain_by_sid: NTSTATUS (TALLOC_CTX *, struct dom_sid *, struct pdb_trusted_domain **) +pdb_get_trusteddom_creds: NTSTATUS (const char *, TALLOC_CTX *, struct cli_credentials **) pdb_get_trusteddom_pw: bool (const char *, char **, struct dom_sid *, time_t *) pdb_get_unknown_6: uint32_t (const struct samu *) pdb_get_user_rid: uint32_t (const struct samu *) diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 02f0a78..f071027 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -2523,27 +2523,6 @@ NTSTATUS pdb_get_trust_credentials(const char *netbios_domain, struct cli_credentials *creds = NULL; bool ok; - lp_ctx = loadparm_init_s3(frame, loadparm_s3_helpers()); - if (lp_ctx == NULL) { - DEBUG(1, ("loadparm_init_s3 failed\n")); - status = NT_STATUS_INTERNAL_ERROR; - goto fail; - } - - creds = cli_credentials_init(mem_ctx); - if (creds == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - - cli_credentials_set_conf(creds, lp_ctx); - - ok = cli_credentials_set_domain(creds, netbios_domain, CRED_SPECIFIED); - if (!ok) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - /* * If this is our primary trust relationship, use the common * code to read the secrets.ldb or secrets.tdb file. @@ -2557,6 +2536,27 @@ NTSTATUS pdb_get_trust_credentials(const char *netbios_domain, goto fail; } + lp_ctx = loadparm_init_s3(frame, loadparm_s3_helpers()); + if (lp_ctx == NULL) { + DEBUG(1, ("loadparm_init_s3 failed\n")); + status = NT_STATUS_INTERNAL_ERROR; + goto fail; + } + + creds = cli_credentials_init(mem_ctx); + if (creds == NULL) { + status = NT_STATUS_NO_MEMORY; + goto fail; + } + + cli_credentials_set_conf(creds, lp_ctx); + + ok = cli_credentials_set_domain(creds, netbios_domain, CRED_SPECIFIED); + if (!ok) { + status = NT_STATUS_NO_MEMORY; + goto fail; + } + status = cli_credentials_set_machine_account_db_ctx(creds, lp_ctx, db_ctx); @@ -2573,6 +2573,14 @@ NTSTATUS pdb_get_trust_credentials(const char *netbios_domain, goto fail; } + status = pdb_get_trusteddom_creds(netbios_domain, mem_ctx, &creds); + if (NT_STATUS_IS_OK(status)) { + goto done; + } + if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) { + goto fail; + } + ok = get_trust_pw_clear2(netbios_domain, &_account_name, &channel, @@ -2600,6 +2608,21 @@ NTSTATUS pdb_get_trust_credentials(const char *netbios_domain, goto fail; } + lp_ctx = loadparm_init_s3(frame, loadparm_s3_helpers()); + if (lp_ctx == NULL) { + DEBUG(1, ("loadparm_init_s3 failed\n")); + status = NT_STATUS_INTERNAL_ERROR; + goto fail; + } + + creds = cli_credentials_init(mem_ctx); + if (creds == NULL) { + status = NT_STATUS_NO_MEMORY; + goto fail; + } + + cli_credentials_set_conf(creds, lp_ctx); + cli_credentials_set_secure_channel_type(creds, channel); cli_credentials_set_password_last_changed_time(creds, last_set_time); diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 9dee9d2..b8247f2 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -2145,6 +2145,13 @@ bool pdb_get_trusteddom_pw(const char *domain, char** pwd, struct dom_sid *sid, pass_last_set_time); } +NTSTATUS pdb_get_trusteddom_creds(const char *domain, TALLOC_CTX *mem_ctx, + struct cli_credentials **creds) +{ + struct pdb_methods *pdb = pdb_get_methods(); + return pdb->get_trusteddom_creds(pdb, domain, mem_ctx, creds); +} + bool pdb_set_trusteddom_pw(const char* domain, const char* pwd, const struct dom_sid *sid) { @@ -2182,6 +2189,15 @@ static bool pdb_default_get_trusteddom_pw(struct pdb_methods *methods, } +static NTSTATUS pdb_default_get_trusteddom_creds(struct pdb_methods *methods, + const char *domain, + TALLOC_CTX *mem_ctx, + struct cli_credentials **creds) +{ + *creds = NULL; + return NT_STATUS_NOT_IMPLEMENTED; +} + static bool pdb_default_set_trusteddom_pw(struct pdb_methods *methods, const char* domain, const char* pwd, @@ -2623,6 +2639,7 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods ) (*methods)->search_aliases = pdb_default_search_aliases; (*methods)->get_trusteddom_pw = pdb_default_get_trusteddom_pw; + (*methods)->get_trusteddom_creds = pdb_default_get_trusteddom_creds; (*methods)->set_trusteddom_pw = pdb_default_set_trusteddom_pw; (*methods)->del_trusteddom_pw = pdb_default_del_trusteddom_pw; (*methods)->enum_trusteddoms = pdb_default_enum_trusteddoms; diff --git a/source3/wscript_build b/source3/wscript_build index 9376576..a57fcf0 100755 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -140,6 +140,7 @@ bld.SAMBA3_LIBRARY('samba-passdb', source='', deps='pdb', private_library=False, + grouping_library=True, pc_files=[], public_headers_install=True, public_headers=''' @@ -148,7 +149,7 @@ bld.SAMBA3_LIBRARY('samba-passdb', passdb/lookup_sid.h''', abi_match=private_pdb_match, abi_directory='passdb/ABI', - vnum='0.2.0') + vnum='0.24.1') bld.SAMBA3_SUBSYSTEM('pdb', source='''passdb/pdb_get_set.c -- Samba Shared Repository