The branch, master has been updated via bbdace4 VLV tests: remove vestigial pdb stub via 465b7bf VLV tests: add tests with show_deleted control via 31707cd VLV: fix handling with show_deleted and similar controls via 8bb14af VLV tests: comment typo via 929ec47 VLV tests: reduce test duplication hence elapsed time via 12dce74 join.py: Remove talloc enable_null_tracking via 6c460ec pytalloc: Add a warning about enable_null_tracking via 0b3f2c6 selftest: Disable all replication during most replication tests via e359875 selftest: Ensure we can call DRSUAPI_EXOP_REPL_OBJ with replication disabled via 6b458a1 drs: pass the forced-replication flag from DsReplicaSync to GetNCChanges via fcb13cb selftest: Disable replication before doing forced pre-test replicate via 3a787f4 selftest: Make repl_move more robust by disabling replication before the test via 6145da6 selftest: Make repl_schema more robust by disabling replication before the test via 5568892 samba-tool: Put full command and subcommand in informative name when testing samba-tool via b5d6f7b ldb: Add better debugging to ldb_wait() via da66a89 repl: Remove check for parentGUID being NULL in dsdb_convert_object_ex() via c48aef3 Remove unused and untested source4 ntptr and spoolss systems via 7483849 param: Correct the defaults for "dcerpc endpoint services" via d183261 build: Always build eventlog6. This is not a duplicate of eventlog from 961c4b5 vfs_acl_xattr: objects without NT ACL xattr
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit bbdace4b2c2b24aab02b7da9579b5edc6eafdf8d Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Tue Jul 19 14:03:57 2016 +1200 VLV tests: remove vestigial pdb stub Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Tue Jul 19 17:22:51 CEST 2016 on sn-devel-144 commit 465b7bf82796e51a12dc1b5e0d7d40706017533f Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Tue Jul 19 13:39:45 2016 +1200 VLV tests: add tests with show_deleted control These tests add a few deleted users and ensure they are VLV-able. In a `make test` context there will be other deleted users lying around, so we can't assert the expected results of the search without looking first. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 31707cdeaa8f1c800a83080e9d3959f32bd7d8cb Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Fri Jul 8 14:20:15 2016 +1200 VLV: fix handling with show_deleted and similar controls The first search in each round of VLV performs the search then saves the results in the form of an array of GUIDs, which subsequent calls refer to to get different ranges from the same search. These subsequent calls make an individual search for each GUID. If the original search had the show_deleted control, the array may contain GUIDs for deleted items, which would not be seen on the later searches without the same control. So we save all controls except the VLV itself and the sort control (which won't affect the search for a single GUID) and reuse them on the subsequent VLV searches. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 8bb14af5844da89a0af39504135ed22a2b4f022e Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Tue Jul 19 13:16:25 2016 +1200 VLV tests: comment typo Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 929ec47c2a6716173e3d5e2ffa76684c3013cc30 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Tue Jul 12 14:07:13 2016 +1200 VLV tests: reduce test duplication hence elapsed time This makes before/after lattice sparser for the slower tests. While we're doing that, some of the tests are changed to traverse the lattice in a different order just in case that matters. There is very little chance that any particular combination of before and after parameters will behave uniquely wrongly. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 12dce74b80aa0c8522920f08a1bb4f12710dadf2 Author: Garming Sam <garm...@catalyst.net.nz> Date: Mon Jul 18 16:58:04 2016 +1200 join.py: Remove talloc enable_null_tracking The removal of enable_null_tracking is required because we will no longer importing join.py in every single samba-tool invocation. Without removing this line, memory would be hanging from both the actual NULL context and the talloc_null_context (causing a segfault at system_exit). Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 6c460ecf8af67e338857452356110e150f360ff8 Author: Garming Sam <garm...@catalyst.net.nz> Date: Mon Jul 18 09:54:16 2016 +1200 pytalloc: Add a warning about enable_null_tracking If it is called in the middle of a script such as samba-tool, memory would be hanging from both the actual NULL context and the talloc_null_context (causing a segfault at system_exit). Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit 0b3f2c659ab85bb5a6b48ec96f0f34cb109d12f0 Author: Andrew Bartlett <abart...@samba.org> Date: Mon Jul 18 16:55:50 2016 +1200 selftest: Disable all replication during most replication tests Rather than just disabling inbound replication, consider that there may be another server in the test network, and ensure we do not replicate to or from it either. replica_sync.py is omitted, as it tests some more subtle variations of the DISABLE_INBOUND_REPL flag. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit e359875d007290f3c4e747338a00de30f3c0d63c Author: Andrew Bartlett <abart...@samba.org> Date: Tue Jul 19 13:04:02 2016 +1200 selftest: Ensure we can call DRSUAPI_EXOP_REPL_OBJ with replication disabled We add the forced flag, so that we can leave replication otherwise disabled Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit 6b458a1a8ca517fc154c20ed9ee23a3d3f114ded Author: Andrew Bartlett <abart...@samba.org> Date: Mon Jul 18 17:05:40 2016 +1200 drs: pass the forced-replication flag from DsReplicaSync to GetNCChanges This ensures we and sync from a server with DISABLE_OUTBOUND_REPL set Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit fcb13cb64027e41377947d969226b17a5caf2dd8 Author: Andrew Bartlett <abart...@samba.org> Date: Mon Jul 18 16:53:27 2016 +1200 selftest: Disable replication before doing forced pre-test replicate Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit 3a787f45cf150b8ff6c6c6ea268687f335d209bc Author: Andrew Bartlett <abart...@samba.org> Date: Mon Jul 18 16:35:28 2016 +1200 selftest: Make repl_move more robust by disabling replication before the test We do this before we ensure the two DCs are in sync, and then force the sync Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit 6145da66efa732aabf6788e7e3c15fe10b0f6218 Author: Andrew Bartlett <abart...@samba.org> Date: Mon Jul 18 15:53:20 2016 +1200 selftest: Make repl_schema more robust by disabling replication before the test We also ensure the two DCs are in sync before the test starts Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit 5568892d433bccd93ae9357c121c913405985f1a Author: Andrew Bartlett <abart...@samba.org> Date: Mon Jul 18 15:47:03 2016 +1200 samba-tool: Put full command and subcommand in informative name when testing samba-tool These are not used for anything other than to print in the usage, but it seems nicer to match normal invocation of these commands Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit b5d6f7bef14438fad0352a19feb7e660cff88bfe Author: Andrew Bartlett <abart...@samba.org> Date: Fri Jul 8 10:03:38 2016 +1200 ldb: Add better debugging to ldb_wait() To keep line lengths short, the code is re-factored to the early return pattern. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit da66a89bb4a1ef58a10a84f85ad35294605b9896 Author: Andrew Bartlett <abart...@samba.org> Date: Sat Jul 9 16:51:56 2016 +1200 repl: Remove check for parentGUID being NULL in dsdb_convert_object_ex() We find that Windows 2012R2 sends a NULL parent_guid here, probably when no change to name is replicated. That is, if there has not been a rename, this is not required information, as we can just merge with the existing object, not matter where it is Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit c48aef3c11716e3ecbf95c23cef0feebf98171e5 Author: Andrew Bartlett <abart...@samba.org> Date: Sun Jul 10 21:53:04 2016 +1200 Remove unused and untested source4 ntptr and spoolss systems These were never finished, were not tested and clearly will not be revived Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit 748384992b96c3936d82bc09f39459fb4bd489bd Author: Andrew Bartlett <abart...@samba.org> Date: Sat Jul 9 17:36:18 2016 +1200 param: Correct the defaults for "dcerpc endpoint services" We must not list any services that we skip building, as otherwise all RPC services fail to start. We now build without the source4 spoolss server in non-developer builds This fixes commit 0b4c741b9c03d147ee5f56d027bacda75c1b5282 BUG: https://bugzilla.samba.org/show_bug.cgi?id=12025 Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> commit d183261e6844724394d618912403cd0217401741 Author: Andrew Bartlett <abart...@samba.org> Date: Sat Jul 9 17:34:39 2016 +1200 build: Always build eventlog6. This is not a duplicate of eventlog The eventlog6 pipe is not a duplicate with the source3 code, so should be built even for the default build with smbd for file serving This fixes commit 0b4c741b9c03d147ee5f56d027bacda75c1b5282 BUG: https://bugzilla.samba.org/show_bug.cgi?id=12026 Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> ----------------------------------------------------------------------- Summary of changes: .../smbdotconf/protocol/dcerpcendpointservers.xml | 2 +- lib/ldb/common/ldb.c | 68 +- lib/param/loadparm.c | 2 +- lib/talloc/pytalloc_guide.txt | 2 + python/samba/join.py | 3 - python/samba/tests/samba_tool/base.py | 4 +- source3/param/loadparm.c | 2 +- source4/dsdb/repl/drepl_out_helpers.c | 4 + source4/dsdb/repl/replicated_objects.c | 5 - source4/dsdb/samdb/ldb_modules/vlv_pagination.c | 125 +- source4/dsdb/tests/python/vlv.py | 188 ++- source4/ntptr/ntptr.h | 240 --- source4/ntptr/ntptr_base.c | 153 -- source4/ntptr/ntptr_interface.c | 604 ------- source4/ntptr/simple_ldb/ntptr_simple_ldb.c | 932 ---------- source4/ntptr/wscript_build | 18 - source4/rpc_server/spoolss/dcesrv_spoolss.c | 1772 -------------------- source4/rpc_server/wscript_build | 13 +- source4/smbd/server.c | 4 - source4/smbd/wscript_build | 2 +- source4/torture/drs/python/delete_object.py | 10 +- source4/torture/drs/python/drs_base.py | 14 + source4/torture/drs/python/repl_move.py | 28 +- source4/torture/drs/python/repl_schema.py | 27 +- wscript_build | 1 - 25 files changed, 391 insertions(+), 3832 deletions(-) delete mode 100644 source4/ntptr/ntptr.h delete mode 100644 source4/ntptr/ntptr_base.c delete mode 100644 source4/ntptr/ntptr_interface.c delete mode 100644 source4/ntptr/simple_ldb/ntptr_simple_ldb.c delete mode 100644 source4/ntptr/wscript_build delete mode 100644 source4/rpc_server/spoolss/dcesrv_spoolss.c Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml index feecf62..8a217cc 100644 --- a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml +++ b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml @@ -6,6 +6,6 @@ <para>Specifies which DCE/RPC endpoint servers should be run.</para> </description> -<value type="default">epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver</value> +<value type="default">epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver</value> <value type="example">rpcecho</value> </samba:parameter> diff --git a/lib/ldb/common/ldb.c b/lib/ldb/common/ldb.c index a824c7a..6067256 100644 --- a/lib/ldb/common/ldb.c +++ b/lib/ldb/common/ldb.c @@ -596,7 +596,9 @@ int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type) if ((handle->status != LDB_SUCCESS) && (handle->ldb->err_string == NULL)) { /* if no error string was setup by the backend */ - ldb_asprintf_errstring(handle->ldb, "ldb_wait: %s (%d)", + ldb_asprintf_errstring(handle->ldb, + "ldb_wait from %s with LDB_ASYNC_DONE: %s (%d)", + handle->location, ldb_strerror(handle->status), handle->status); } @@ -614,19 +616,21 @@ int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type) if (ret != 0) { return ldb_operr(handle->ldb); } - if (handle->status != LDB_SUCCESS) { - if (handle->ldb->err_string == NULL) { - /* - * if no error string was setup by the backend - */ - ldb_asprintf_errstring(handle->ldb, - "ldb_wait: %s (%d)", - ldb_strerror(handle->status), - handle->status); - } + if (handle->status == LDB_SUCCESS) { + return LDB_SUCCESS; + } + if (handle->ldb->err_string != NULL) { return handle->status; } - break; + /* + * if no error string was setup by the backend + */ + ldb_asprintf_errstring(handle->ldb, + "ldb_wait from %s with LDB_WAIT_NONE: %s (%d)", + handle->location, + ldb_strerror(handle->status), + handle->status); + return handle->status; case LDB_WAIT_ALL: while (handle->state != LDB_ASYNC_DONE) { @@ -635,32 +639,38 @@ int ldb_wait(struct ldb_handle *handle, enum ldb_wait_type type) return ldb_operr(handle->ldb); } if (handle->status != LDB_SUCCESS) { - if (handle->ldb->err_string == NULL) { - /* - * if no error string was setup by the - * backend - */ - ldb_asprintf_errstring(handle->ldb, - "ldb_wait: %s (%d)", - ldb_strerror(handle->status), - handle->status); + if (handle->ldb->err_string != NULL) { + return handle->status; } - return handle->status; - } - } - if (handle->status != LDB_SUCCESS) { - if (handle->ldb->err_string == NULL) { /* - * if no error string was setup by the backend + * if no error string was setup by the + * backend */ ldb_asprintf_errstring(handle->ldb, - "ldb_wait: %s (%d)", + "ldb_wait from %s with " + "LDB_WAIT_ALL: %s (%d)", + handle->location, ldb_strerror(handle->status), handle->status); + return handle->status; } + } + if (handle->status == LDB_SUCCESS) { + return LDB_SUCCESS; + } + if (handle->ldb->err_string != NULL) { return handle->status; } - break; + /* + * if no error string was setup by the backend + */ + ldb_asprintf_errstring(handle->ldb, + "ldb_wait from %s with LDB_WAIT_ALL," + " LDB_ASYNC_DONE: %s (%d)", + handle->location, + ldb_strerror(handle->status), + handle->status); + return handle->status; } return LDB_SUCCESS; diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c index 19ee7eb..d6bd66d 100644 --- a/lib/param/loadparm.c +++ b/lib/param/loadparm.c @@ -2569,7 +2569,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx) lpcfg_do_global_parameter(lp_ctx, "ntvfs handler", "unixuid default"); lpcfg_do_global_parameter(lp_ctx, "max connections", "0"); - lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver"); + lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver"); lpcfg_do_global_parameter(lp_ctx, "server services", "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns"); lpcfg_do_global_parameter(lp_ctx, "kccsrv:samba_kcc", "false"); /* the winbind method for domain controllers is for both RODC diff --git a/lib/talloc/pytalloc_guide.txt b/lib/talloc/pytalloc_guide.txt index 1aa4f99..962d449 100644 --- a/lib/talloc/pytalloc_guide.txt +++ b/lib/talloc/pytalloc_guide.txt @@ -182,6 +182,8 @@ This enables tracking of the NULL memory context without enabling leak reporting on exit. Useful for when you want to do your own leak reporting call via talloc_report_null_full(). +This must be done in the top level script, not an imported module. + =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- pytalloc_total_blocks(obj?) diff --git a/python/samba/join.py b/python/samba/join.py index 3532a7f..10cc5a3 100644 --- a/python/samba/join.py +++ b/python/samba/join.py @@ -39,9 +39,6 @@ import talloc import random import time -# this makes debugging easier -talloc.enable_null_tracking() - class DCJoinException(Exception): def __init__(self, msg): diff --git a/python/samba/tests/samba_tool/base.py b/python/samba/tests/samba_tool/base.py index b71a5b3..de6cf18 100644 --- a/python/samba/tests/samba_tool/base.py +++ b/python/samba/tests/samba_tool/base.py @@ -67,7 +67,7 @@ class SambaToolCmdTest(samba.tests.BlackboxTestCase): cmd = cmd_sambatool.subcommands[name] cmd.outf = StringIO() cmd.errf = StringIO() - result = cmd._run(name, *args) + result = cmd._run("samba-tool %s" % name, *args) return (result, cmd.outf.getvalue(), cmd.errf.getvalue()) def runsubcmd(self, name, sub, *args): @@ -78,7 +78,7 @@ class SambaToolCmdTest(samba.tests.BlackboxTestCase): cmd = cmd_sambatool.subcommands[name].subcommands[sub] cmd.outf = StringIO() cmd.errf = StringIO() - result = cmd._run(name, *args) + result = cmd._run("samba-tool %s %s" % (name, sub), *args) return (result, cmd.outf.getvalue(), cmd.errf.getvalue()) def assertCmdSuccess(self, val, msg=""): diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c17c099..df700bc 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -869,7 +869,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals) Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL); - Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL); + Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL); Globals.tls_enabled = true; Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE; diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c index 64816ad..a2b9a02 100644 --- a/source4/dsdb/repl/drepl_out_helpers.c +++ b/source4/dsdb/repl/drepl_out_helpers.c @@ -462,6 +462,10 @@ static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req) replica_flags |= DRSUAPI_DRS_GET_ANC; } + if (state->op->options & DRSUAPI_DRS_SYNC_FORCED) { + replica_flags |= DRSUAPI_DRS_SYNC_FORCED; + } + if (partition->partial_replica) { status = dreplsrv_get_gc_partial_attribute_set(service, r, &pas); if (!NT_STATUS_IS_OK(status)) { diff --git a/source4/dsdb/repl/replicated_objects.c b/source4/dsdb/repl/replicated_objects.c index 6d39dba..0c0aa8c 100644 --- a/source4/dsdb/repl/replicated_objects.c +++ b/source4/dsdb/repl/replicated_objects.c @@ -574,11 +574,6 @@ WERROR dsdb_convert_object_ex(struct ldb_context *ldb, if (in->parent_object_guid == NULL) { out->parent_guid = NULL; - if ((instanceType & INSTANCE_TYPE_IS_NC_HEAD) == 0) { - DEBUG(0, ("Refusing to replicate %s from a server that did not provide a parentGUID!\n", - ldb_dn_get_linearized(msg->dn))); - return WERR_DS_DRA_INCONSISTENT_DIT; - } } else { out->parent_guid = talloc(mem_ctx, struct GUID); W_ERROR_HAVE_NO_MEMORY(out->parent_guid); diff --git a/source4/dsdb/samdb/ldb_modules/vlv_pagination.c b/source4/dsdb/samdb/ldb_modules/vlv_pagination.c index cc0d483..bd8df7d 100644 --- a/source4/dsdb/samdb/ldb_modules/vlv_pagination.c +++ b/source4/dsdb/samdb/ldb_modules/vlv_pagination.c @@ -66,6 +66,7 @@ struct results_store { struct referral_store *last_ref; struct ldb_control **controls; + struct ldb_control **down_controls; struct ldb_vlv_req_control *vlv_details; struct ldb_server_sort_control *sort_details; }; @@ -119,7 +120,7 @@ struct vlv_sort_context { struct ldb_context *ldb; ldb_attr_comparison_t comparison_fn; const char *attr; - TALLOC_CTX *mem_ctx; + struct vlv_context *ac; int status; struct ldb_val value; }; @@ -131,6 +132,66 @@ struct referral_store { struct referral_store *next; }; +/* + search for attrs on one DN, by the GUID of the DN, with true + LDB controls + */ + +static int vlv_search_by_dn_guid(struct ldb_module *module, + struct vlv_context *ac, + struct ldb_result **result, + const struct GUID *guid, + const char * const *attrs) +{ + struct ldb_dn *dn; + struct ldb_request *req; + struct ldb_result *res; + int ret; + struct GUID_txt_buf guid_str; + struct ldb_control **controls = ac->store->down_controls; + struct ldb_context *ldb = ldb_module_get_ctx(module); + + dn = ldb_dn_new_fmt(ac, ldb, "<GUID=%s>", + GUID_buf_string(guid, &guid_str)); + if (dn == NULL) { + return ldb_oom(ldb); + } + + res = talloc_zero(ac, struct ldb_result); + if (res == NULL) { + return ldb_oom(ldb); + } + + ret = ldb_build_search_req(&req, ldb, ac, + dn, + LDB_SCOPE_BASE, + NULL, + attrs, + controls, + res, + ldb_search_default_callback, + ac->req); + if (ret != LDB_SUCCESS) { + talloc_free(res); + return ret; + } + + ret = ldb_request(ldb, req); + if (ret == LDB_SUCCESS) { + ret = ldb_wait(req->handle, LDB_WAIT_ALL); + } + + talloc_free(req); + if (ret != LDB_SUCCESS) { + talloc_free(res); + return ret; + } + + *result = res; + return ret; +} + + static int save_referral(struct results_store *store, char *ref) { struct referral_store *node = talloc(store, @@ -175,14 +236,14 @@ static int vlv_value_compare(struct vlv_sort_context *target, { struct ldb_result *result = NULL; struct ldb_message_element *el = NULL; + struct vlv_context *ac = target->ac; int ret; const char *attrs[2] = { target->attr, NULL }; - ret = dsdb_search_by_dn_guid(target->ldb, target->mem_ctx, - &result, &guid, attrs, 0); + ret = vlv_search_by_dn_guid(ac->module, ac, &result, &guid, attrs); if (ret != LDB_SUCCESS) { target->status = ret; @@ -191,7 +252,7 @@ static int vlv_value_compare(struct vlv_sort_context *target, } el = ldb_msg_find_element(result->msgs[0], target->attr); - return target->comparison_fn(target->ldb, target->mem_ctx, + return target->comparison_fn(target->ldb, ac, &target->value, &el->values[0]); } @@ -240,7 +301,7 @@ static int vlv_gt_eq_to_index(struct vlv_context *ac, .ldb = ldb, .comparison_fn = a->syntax->comparison_fn, .attr = sort_details->attributeName, - .mem_ctx = ac, + .ac = ac, .status = LDB_SUCCESS, .value = value }; @@ -334,7 +395,6 @@ static int vlv_results(struct vlv_context *ac) struct ldb_vlv_req_control *vlv_details; struct ldb_server_sort_control *sort_details; int target = 0; - struct ldb_context *ldb = NULL; if (ac->store == NULL) { return LDB_ERR_OPERATIONS_ERROR; @@ -350,8 +410,6 @@ static int vlv_results(struct vlv_context *ac) } } - ldb = ldb_module_get_ctx(ac->module); - vlv_details = ac->store->vlv_details; sort_details = ac->store->sort_details; @@ -380,11 +438,9 @@ static int vlv_results(struct vlv_context *ac) for (i = first_i; i <= last_i; i++) { struct ldb_result *result; struct GUID *guid = &ac->store->results[i]; - ret = dsdb_search_by_dn_guid(ldb, ac, - &result, - guid, - ac->req->op.search.attrs, - 0); + + ret = vlv_search_by_dn_guid(ac->module, ac, &result, guid, + ac->req->op.search.attrs); if (ret == LDAP_NO_SUCH_OBJECT) { /* The thing isn't there, which we quietly @@ -604,6 +660,39 @@ static int copy_search_details(struct results_store *store, } +static struct ldb_control ** +vlv_copy_down_controls(TALLOC_CTX *mem_ctx, struct ldb_control **controls) +{ + + struct ldb_control **new_controls; + unsigned int i, j, num_ctrls; + if (controls == NULL) { + return NULL; + } + + for (num_ctrls = 0; controls[num_ctrls]; num_ctrls++); + + new_controls = talloc_array(mem_ctx, struct ldb_control *, num_ctrls); + if (new_controls == NULL) { + return NULL; + } + + for (j = 0, i = 0; i < (num_ctrls); i++) { + struct ldb_control *control = controls[i]; + if (control->oid == NULL) { + break; + } + if (strncmp(control->oid, LDB_CONTROL_VLV_REQ_OID, sizeof(LDB_CONTROL_VLV_REQ_OID)) == 0 || + strncmp(control->oid, LDB_CONTROL_SERVER_SORT_OID, sizeof(LDB_CONTROL_SERVER_SORT_OID)) == 0) { + continue; + } + new_controls[j] = talloc_steal(new_controls, control); + j++; + } + new_controls[j] = NULL; + return new_controls; +} + static int vlv_search(struct ldb_module *module, struct ldb_request *req) { struct ldb_context *ldb; @@ -659,7 +748,7 @@ static int vlv_search(struct ldb_module *module, struct ldb_request *req) * saved search. */ if (vlv_ctrl->ctxid_len == 0) { - const char * const attrs[2] = { + static const char * const attrs[2] = { "objectGUID", NULL }; @@ -691,6 +780,14 @@ static int vlv_search(struct ldb_module *module, struct ldb_request *req) if (!ldb_save_controls(control, search_req, NULL)) { return LDB_ERR_OPERATIONS_ERROR; } + + ac->store->down_controls = vlv_copy_down_controls(ac->store, + req->controls); + + if (ac->store->down_controls == NULL) { + return LDB_ERR_OPERATIONS_ERROR; + } + return ldb_next_request(module, search_req); } else { diff --git a/source4/dsdb/tests/python/vlv.py b/source4/dsdb/tests/python/vlv.py index 660d5b6..0697319 100644 --- a/source4/dsdb/tests/python/vlv.py +++ b/source4/dsdb/tests/python/vlv.py @@ -340,7 +340,9 @@ class VLVTests(samba.tests.TestCase): return if expected_order is not None: - print "expected order: %s" % expected_order + print "expected order: %s" % expected_order[:20] + if len(expected_order) > 20: + print "... and %d more not shown" % (len(expected_order) - 20) print "offset %d before %d after %d" % (offset, before, after) print "start %d end %d" % (start, end) @@ -356,8 +358,8 @@ class VLVTests(samba.tests.TestCase): sort_control = "server_sort:1:0:%s" % attr res = None n = len(self.users) - for before in range(0, 9): - for after in range(0, 9): + for before in [10, 0, 3, 1, 4, 5, 2]: + for after in [0, 3, 1, 4, 5, 2, 7]: for offset in range(max(1, before - 2), min(n - after + 2, n)): if res is None: @@ -499,7 +501,7 @@ class VLVTests(samba.tests.TestCase): """What happens if we add or remove items in the middle of the VLV? Nothing. The search and the sort is not repeated, and we only - deal with ther objects originally found. + deal with the objects originally found. """ attrs = ['cn'] + [x for x in self.users[0].keys() if x not in ('dn', 'objectclass')] @@ -762,6 +764,173 @@ class VLVTests(samba.tests.TestCase): self.assertCorrectResults(results, expected_order, offset, before, after) + def get_expected_order_showing_deleted(self, attr, + expression="(|(cn=vlvtest*)(cn=vlv-deleted*))", + base=None, + scope=ldb.SCOPE_SUBTREE + ): + """Fetch the whole list sorted on the attribute, using sort only, + searching in the entire tree, not just our OU. This is the + way to find deleted objects. + """ + t = time.time() + if base is None: + base = self.base_dn + sort_control = "server_sort:1:0:%s" % attr + controls = [sort_control, "show_deleted:1"] + + res = self.ldb.search(base, + scope=scope, + expression=expression, + attrs=[attr], + controls=controls) -- Samba Shared Repository