The branch, master has been updated via 81cf1fa s3:libads: we always have arcfour-hmac-md5 support via 5a0c439 s4:ldap_server: use LDAP_AUTH_METHOD_NOT_SUPPORTED define via 90cb84c selftest: specify a maximum runtime for 'make testenv' of 1 year via 0b4d3db s4:dsdb/ldb_modules: make it possible to find a reason for LDB_ERR_NO_SUCH_OBJECT in util.c via 67d5506 s4:dsdb/common: make it possible to find a reason for LDB_ERR_NO_SUCH_OBJECT via cff0978 s4:dsdb/common: add dsdb_module_werror() helper function via 58aa29b s4:dsdb/common: add some const to dsdb_dn_is_upgraded_link_val() via 9c09911 drsuapi.idl: add DRSUAPI_ATTID_objectGUID and DRSUAPI_ATTID_replPropertyMetaData via 14f1a94 s3:clispnego: fix confusing warning in spnego_gen_krb5_wrap() from 8024f53 s3: smbd: Fix timestamp rounding inside SMB2 create.
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 81cf1fa9e1f49a8c8e0041ddf11f79c3c7ca3fac Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jan 22 10:00:25 2016 +0100 s3:libads: we always have arcfour-hmac-md5 support Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> Autobuild-User(master): Volker Lendecke <v...@samba.org> Autobuild-Date(master): Mon Feb 1 13:02:32 CET 2016 on sn-devel-144 commit 5a0c439eb5cc071fa3a74702eaf619ab45b7c942 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jul 23 12:17:02 2015 +0200 s4:ldap_server: use LDAP_AUTH_METHOD_NOT_SUPPORTED define Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 90cb84c9052bbe7c23fa6e58a3041f0c05249821 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Jan 22 16:57:15 2016 +0100 selftest: specify a maximum runtime for 'make testenv' of 1 year Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 0b4d3db42d472788c30054d41acc1ad0dc8aefee Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 14 11:50:56 2016 +0100 s4:dsdb/ldb_modules: make it possible to find a reason for LDB_ERR_NO_SUCH_OBJECT in util.c Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 67d550653fb98358755af15eb80396f554aea067 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 14 11:50:56 2016 +0100 s4:dsdb/common: make it possible to find a reason for LDB_ERR_NO_SUCH_OBJECT Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit cff0978495da54c019148709a07ccf5f947cf5ec Author: Stefan Metzmacher <me...@samba.org> Date: Tue Jan 12 15:51:01 2016 +0100 s4:dsdb/common: add dsdb_module_werror() helper function Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 58aa29b8444776874fc409ec0a063567de8b522e Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 28 14:11:52 2016 +0100 s4:dsdb/common: add some const to dsdb_dn_is_upgraded_link_val() Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 9c09911338725d0b9c038df16941284978e7f8bb Author: Stefan Metzmacher <me...@samba.org> Date: Sun Jan 31 19:36:52 2016 +0100 drsuapi.idl: add DRSUAPI_ATTID_objectGUID and DRSUAPI_ATTID_replPropertyMetaData These might be usefull in future if we want to fast check against dsdb_attribute->attributeID_id, instead of an expensive ldb_attr_cmp(). They will never appear in replPropertyMetaData. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> commit 14f1a94b6fb3a55be1e60fe0d28740f04fd94b3f Author: Stefan Metzmacher <me...@samba.org> Date: Thu Jan 28 15:50:06 2016 +0100 s3:clispnego: fix confusing warning in spnego_gen_krb5_wrap() asn1_extract_blob() stops further asn1 processing by setting has_error. Don't call asn1_has_error() after asn1_extract_blob() has been successful otherwise we get an "Failed to build krb5 wrapper at" message on success. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11702 Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Volker Lendecke <v...@samba.org> ----------------------------------------------------------------------- Summary of changes: librpc/idl/drsuapi.idl | 2 ++ selftest/selftest.pl | 10 +++++++++- source3/libads/ldap.c | 4 ---- source3/libsmb/clispnego.c | 15 ++++++++++----- source4/dsdb/common/util.c | 31 +++++++++++++++++++++---------- source4/dsdb/common/util.h | 10 ++++++++++ source4/dsdb/samdb/ldb_modules/util.c | 5 ++--- source4/ldap_server/ldap_bind.c | 2 +- 8 files changed, 55 insertions(+), 24 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/drsuapi.idl b/librpc/idl/drsuapi.idl index b78a865..4e1e11c 100644 --- a/librpc/idl/drsuapi.idl +++ b/librpc/idl/drsuapi.idl @@ -483,6 +483,8 @@ interface drsuapi DRSUAPI_ATTID_auxiliaryClass = 0x0002015f, DRSUAPI_ATTID_lDAPDisplayName = 0x000201cc, DRSUAPI_ATTID_name = 0x00090001, + DRSUAPI_ATTID_objectGUID = 0x00090002, + DRSUAPI_ATTID_replPropertyMetaData = 0x00090003, DRSUAPI_ATTID_userAccountControl = 0x00090008, DRSUAPI_ATTID_badPwdCount = 0x0009000c, DRSUAPI_ATTID_codePage = 0x00090010, diff --git a/selftest/selftest.pl b/selftest/selftest.pl index db5da05..0827376 100755 --- a/selftest/selftest.pl +++ b/selftest/selftest.pl @@ -415,7 +415,15 @@ my $testenv_default = "none"; # must terminate in this time, and testenv will only stay alive this # long -my $server_maxtime = 10800; +my $server_maxtime; +if ($opt_testenv) { + # 1 year should be enough :-) + $server_maxtime = 365 * 24 * 60 * 60; +} else { + # make test should run under 3 hours + $server_maxtime = 3 * 60 * 60; +} + if (defined($ENV{SMBD_MAXTIME}) and $ENV{SMBD_MAXTIME} ne "") { $server_maxtime = $ENV{SMBD_MAXTIME}; } diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index 1538500..2c52e32 100644 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -2229,10 +2229,6 @@ ADS_STATUS ads_create_machine_acct(ADS_STRUCT *ads, const char *machine_name, goto done; } -#ifndef ENCTYPE_ARCFOUR_HMAC - acct_control |= UF_USE_DES_KEY_ONLY; -#endif - if (!(controlstr = talloc_asprintf(ctx, "%u", acct_control))) { goto done; } diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c index 3300c85..82f13b7 100644 --- a/source3/libsmb/clispnego.c +++ b/source3/libsmb/clispnego.c @@ -262,14 +262,19 @@ DATA_BLOB spnego_gen_krb5_wrap(TALLOC_CTX *ctx, const DATA_BLOB ticket, const ui goto err; } + asn1_free(data); + data = NULL; + err: - if (asn1_has_error(data)) { - DEBUG(1, ("Failed to build krb5 wrapper at offset %d\n", - (int)asn1_current_ofs(data))); - } + if (data != NULL) { + if (asn1_has_error(data)) { + DEBUG(1, ("Failed to build krb5 wrapper at offset %d\n", + (int)asn1_current_ofs(data))); + } - asn1_free(data); + asn1_free(data); + } return ret; } diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index c1b5d5a..6807726 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -1775,7 +1775,7 @@ int samdb_server_reference_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, stru server_dn = samdb_server_dn(ldb, mem_ctx); if (server_dn == NULL) { - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb, LDB_ERR_NO_SUCH_OBJECT, __func__); } ret = samdb_reference_dn(ldb, mem_ctx, server_dn, "serverReference", dn); @@ -2988,7 +2988,7 @@ int dsdb_find_guid_attr_by_dn(struct ldb_context *ldb, } if (res->count < 1) { talloc_free(tmp_ctx); - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb, LDB_ERR_NO_SUCH_OBJECT, __func__); } *guid = samdb_result_guid(res->msgs[0], attribute); talloc_free(tmp_ctx); @@ -3064,12 +3064,12 @@ int dsdb_find_sid_by_dn(struct ldb_context *ldb, } if (res->count < 1) { talloc_free(tmp_ctx); - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb, LDB_ERR_NO_SUCH_OBJECT, __func__); } s = samdb_result_dom_sid(tmp_ctx, res->msgs[0], "objectSid"); if (s == NULL) { talloc_free(tmp_ctx); - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb, LDB_ERR_NO_SUCH_OBJECT, __func__); } *sid = *s; talloc_free(tmp_ctx); @@ -3481,7 +3481,7 @@ int samdb_ntds_site_settings_options(struct ldb_context *ldb_ctx, failed: DEBUG(1,("Failed to find our NTDS Site Settings options in ldb!\n")); talloc_free(tmp_ctx); - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb_ctx, LDB_ERR_NO_SUCH_OBJECT, __func__); } /* @@ -3519,7 +3519,7 @@ int samdb_ntds_options(struct ldb_context *ldb, uint32_t *options) failed: DEBUG(1,("Failed to find our own NTDS Settings options in the ldb!\n")); talloc_free(tmp_ctx); - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb, LDB_ERR_NO_SUCH_OBJECT, __func__); } const char* samdb_ntds_object_category(TALLOC_CTX *tmp_ctx, struct ldb_context *ldb) @@ -3766,7 +3766,7 @@ bool dsdb_dn_is_deleted_val(const struct ldb_val *val) return true if a ldb_val containing a DN in storage form is in the upgraded w2k3 linked attribute format */ -bool dsdb_dn_is_upgraded_link_val(struct ldb_val *val) +bool dsdb_dn_is_upgraded_link_val(const struct ldb_val *val) { return memmem(val->data, val->length, "<RMD_VERSION=", 13) != NULL; } @@ -3897,7 +3897,7 @@ int dsdb_find_nc_root(struct ldb_context *samdb, TALLOC_CTX *mem_ctx, struct ldb } talloc_free(tmp_ctx); - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(samdb, LDB_ERR_NO_SUCH_OBJECT, __func__); } @@ -3930,7 +3930,7 @@ int dsdb_tombstone_lifetime(struct ldb_context *ldb, uint32_t *lifetime) struct ldb_dn *dn; dn = ldb_get_config_basedn(ldb); if (!dn) { - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb, LDB_ERR_NO_SUCH_OBJECT, __func__); } dn = ldb_dn_copy(ldb, dn); if (!dn) { @@ -4489,7 +4489,7 @@ int dsdb_search(struct ldb_context *ldb, if (res->count == 0) { talloc_free(tmp_ctx); ldb_reset_err_string(ldb); - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb, LDB_ERR_NO_SUCH_OBJECT, __func__); } if (res->count != 1) { talloc_free(tmp_ctx); @@ -4867,6 +4867,17 @@ bool is_attr_in_list(const char * const * attrs, const char *attr) return false; } +int dsdb_werror_at(struct ldb_context *ldb, int ldb_ecode, WERROR werr, + const char *location, const char *func, + const char *reason) +{ + if (reason == NULL) { + reason = win_errstr(werr); + } + ldb_asprintf_errstring(ldb, "%08X: %s at %s:%s", + W_ERROR_V(werr), reason, location, func); + return ldb_ecode; +} /* map an ldb error code to an approximate NTSTATUS code diff --git a/source4/dsdb/common/util.h b/source4/dsdb/common/util.h index dcf3fc4..1085073 100644 --- a/source4/dsdb/common/util.h +++ b/source4/dsdb/common/util.h @@ -69,4 +69,14 @@ struct GUID; char *NS_GUID_string(TALLOC_CTX *mem_ctx, const struct GUID *guid); NTSTATUS NS_GUID_from_string(const char *s, struct GUID *guid); +struct ldb_context; + +int dsdb_werror_at(struct ldb_context *ldb, int ldb_ecode, WERROR werr, + const char *location, const char *func, + const char *reason); + +#define dsdb_module_werror(module, ldb_ecode, werr, reason) \ + dsdb_werror_at(ldb_module_get_ctx(module), ldb_ecode, werr, \ + __location__, __func__, reason) + #endif /* __DSDB_COMMON_UTIL_H__ */ diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c index 1455760..5f995de 100644 --- a/source4/dsdb/samdb/ldb_modules/util.c +++ b/source4/dsdb/samdb/ldb_modules/util.c @@ -177,8 +177,7 @@ int dsdb_module_search_tree(struct ldb_module *module, if (dsdb_flags & DSDB_SEARCH_ONE_ONLY) { if (res->count == 0) { talloc_free(tmp_ctx); - ldb_reset_err_string(ldb_module_get_ctx(module)); - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb_module_get_ctx(module), LDB_ERR_NO_SUCH_OBJECT, __func__); } if (res->count != 1) { talloc_free(tmp_ctx); @@ -279,7 +278,7 @@ int dsdb_module_dn_by_guid(struct ldb_module *module, TALLOC_CTX *mem_ctx, } if (res->count == 0) { talloc_free(tmp_ctx); - return LDB_ERR_NO_SUCH_OBJECT; + return ldb_error(ldb_module_get_ctx(module), LDB_ERR_NO_SUCH_OBJECT, __func__); } if (res->count != 1) { ldb_asprintf_errstring(ldb_module_get_ctx(module), "More than one object found matching objectGUID %s\n", diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c index 69a6b61..fcbdadf 100644 --- a/source4/ldap_server/ldap_bind.c +++ b/source4/ldap_server/ldap_bind.c @@ -354,7 +354,7 @@ NTSTATUS ldapsrv_BindRequest(struct ldapsrv_call *call) } resp = &reply->msg->r.BindResponse; - resp->response.resultcode = 7; + resp->response.resultcode = LDAP_AUTH_METHOD_NOT_SUPPORTED; resp->response.dn = NULL; resp->response.errormessage = talloc_asprintf(reply, "Bad AuthenticationChoice [%d]", req->mechanism); resp->response.referral = NULL; -- Samba Shared Repository