The branch, v4-5-test has been updated via 91901e0 WHATSNEW: Start release notes for Samba 4.5.0rc4. via ff8d3d6 VERSION: Bump version up to 4.5.0rc4... via 6c94b10 VERSION: Disable git snapshots for the 4.5.0rc3 release. via 81dff4e WHATSNEW: Release notes for Samba 4.5.0rc3. via 46139bb tests/getnc_exop: Ensure that attribute list sorting is correct via ef21629 getncchanges: Compute the partial attribute set from the remote schema via 91f9633 tests/getnc_exop: PartialAttrSetEx test (passes Windows, fails us) via 589b76f tests/getnc_exop: Ensure the remote prefixmap is always used (name attr) via a6c6050 tests/getnc_exop: Ensure the remote prefixmap is always used (secret attrs) via af88b47 tests/getnc_exop: Ensure that all attids are valid in a given PAS via fc27d74 tests/getnc_exop: Ensure we do the fallback if not given a PAS via ec38c59 drepl_out: Send the prefix map alongside the global catalog partial attribute set via 752a32a drepl_out: Send the prefix map alongside the RODC partial attribute set via c664c03 replicated_objects: Add missing newline for debug via c146881 getncchanges: Fix some whitespace via 257d1d6 tests/schemainfo: run dsdb schema info tests with proper URI via e7c0cb3 Removed upgrading-samba4.txt via 8869cf8 Added Wiki link to replPropertyMetaData Changes section from 6c6fb45 s3-util: Fix asking for username and password in smbget.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-5-test - Log ----------------------------------------------------------------- commit 91901e0299cc3790c27d66225056c4eb950ca2a1 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 29 08:19:04 2016 +0200 WHATSNEW: Start release notes for Samba 4.5.0rc4. Signed-off-by: Stefan Metzmacher <me...@samba.org> Autobuild-User(v4-5-test): Stefan Metzmacher <me...@samba.org> Autobuild-Date(v4-5-test): Mon Aug 29 12:15:37 CEST 2016 on sn-devel-144 commit ff8d3d6bd2642600facfc62ecda05649c6a68b69 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 29 08:17:57 2016 +0200 VERSION: Bump version up to 4.5.0rc4... and re-enable git snapshots. Signed-off-by: Stefan Metzmacher <me...@samba.org> commit 6c94b107841721b9e8893376b2f96b35003b9a4d Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 29 08:17:12 2016 +0200 VERSION: Disable git snapshots for the 4.5.0rc3 release. Signed-off-by: Stefan Metzmacher <me...@samba.org> commit 81dff4eaa8a6f80ba0ce670660e439d8883a6176 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Aug 29 07:34:01 2016 +0200 WHATSNEW: Release notes for Samba 4.5.0rc3. Signed-off-by: Stefan Metzmacher <me...@samba.org> commit 46139bb539c3b3bde0e19782079cb22eae1ff73a Author: Bob Campbell <bobcampb...@catalyst.net.nz> Date: Mon Aug 22 14:43:41 2016 +1200 tests/getnc_exop: Ensure that attribute list sorting is correct With a binary search, this can only be tested on 3+ elements. Pair-programmed-with: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Bob Campbell <bobcampb...@catalyst.net.nz> Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Garming Sam <garm...@samba.org> Autobuild-Date(master): Thu Aug 25 14:22:25 CEST 2016 on sn-devel-144 BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit cb243d86d892cb148d01dd87f29f86f3e2c1ebd0) commit ef2162924b5ef688442946277724bd3eb7fcf3c3 Author: Garming Sam <garm...@catalyst.net.nz> Date: Mon Aug 15 14:10:38 2016 +1200 getncchanges: Compute the partial attribute set from the remote schema This doesn't fix the partialAttrSetEx case, so the test is left in the knownfail file. Signed-off-by: Bob Campbell <bobcampb...@catalyst.net.nz> Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit 1a96f9329e718acac195e75a5156b1c147ad54ff) commit 91f9633d461067e4666781c9ee2e1add51225185 Author: Garming Sam <garm...@catalyst.net.nz> Date: Thu Aug 18 15:20:06 2016 +1200 tests/getnc_exop: PartialAttrSetEx test (passes Windows, fails us) This has an odd behaviour where PartialAttrSetEx does not respect the incoming mapping. PartialAttrSetEx is not respected in Samba at all. Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit 36df826154ed90e92f877e6f36269893c44a2a16) commit 589b76f012001a4d727ec3155b2325356b7541dc Author: Garming Sam <garm...@catalyst.net.nz> Date: Wed Aug 17 16:36:58 2016 +1200 tests/getnc_exop: Ensure the remote prefixmap is always used (name attr) Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit e495d1b2ed9aca45ce696dd8cc54458002ca0c3a) commit a6c6050e45a6cb4fd689bbe988e943879e3dd872 Author: Garming Sam <garm...@catalyst.net.nz> Date: Wed Aug 17 16:04:49 2016 +1200 tests/getnc_exop: Ensure the remote prefixmap is always used (secret attrs) Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit 1f4ea1686ff1575406b5e8e488feb7b900db12ef) commit af88b470406cf026eeab5efbf67dc3eeeedb4454 Author: Garming Sam <garm...@catalyst.net.nz> Date: Wed Aug 17 14:26:55 2016 +1200 tests/getnc_exop: Ensure that all attids are valid in a given PAS On Windows this does not seem to fail, but causes silent errors. Pair-programmed-with: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Bob Campbell <bobcampb...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit 7f3ef150751452411db1e0c5b2ca6d8af2769d5c) commit fc27d741323ff766edf752d39436cb12623d5937 Author: Bob Campbell <bobcampb...@catalyst.net.nz> Date: Mon Aug 15 16:19:09 2016 +1200 tests/getnc_exop: Ensure we do the fallback if not given a PAS This will cause silent errors in the translation, but as far as we know, Windows will accept it just fine. Pair-programmed-with: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Bob Campbell <bobcampb...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit 1673590e8ec3001c6909a78e004f64433060a624) commit ec38c599389a74d7619b8382a710fcabbd302b5f Author: Garming Sam <garm...@catalyst.net.nz> Date: Thu Aug 18 13:18:28 2016 +1200 drepl_out: Send the prefix map alongside the global catalog partial attribute set Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit 0ea126c63c1d5a0081b90a914c9ad7227cf7b748) commit 752a32aa9464b191fb45785e83d17fdfba0b43b9 Author: Garming Sam <garm...@catalyst.net.nz> Date: Thu Aug 11 14:28:27 2016 +1200 drepl_out: Send the prefix map alongside the RODC partial attribute set Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit 317bbc4d0528dca03d94d61c38b038d314f8cad8) commit c664c0341565c1f3557417a941dec986fda4fec4 Author: Garming Sam <garm...@catalyst.net.nz> Date: Tue Aug 16 10:53:39 2016 +1200 replicated_objects: Add missing newline for debug Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit 216c0319c744c39848ae5da7d15dccb6769ea20a) commit c146881e1216d122b3611439a36447c5b005d247 Author: Bob Campbell <bobcampb...@catalyst.net.nz> Date: Mon Aug 15 16:19:20 2016 +1200 getncchanges: Fix some whitespace Pair-programmed-with: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Bob Campbell <bobcampb...@catalyst.net.nz> Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit 9563dab562cb2dfe4c226f03156bec0bf6eef847) commit 257d1d60d179337db4b4e576249962ebf59b5c94 Author: Garming Sam <garm...@catalyst.net.nz> Date: Thu Aug 25 11:33:16 2016 +1200 tests/schemainfo: run dsdb schema info tests with proper URI Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> BUG: https://bugzilla.samba.org/show_bug.cgi?id=12187 (cherry picked from commit fd49b44e0296348c835168f336297fd969e63c50) commit e7c0cb3916daf3774d0c4361b50d1d2037c70ee2 Author: Marc Muehlfeld <mmuehlf...@samba.org> Date: Fri Aug 26 13:42:15 2016 +0200 Removed upgrading-samba4.txt This file was about updating early Samba AD alpha versions. We describe all important things related to the update process in the Wiki: https://wiki.samba.org/index.php/Updating_Samba Signed-off-by: Marc Muehlfeld <mmuehlf...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Autobuild-User(master): Stefan Metzmacher <me...@samba.org> Autobuild-Date(master): Mon Aug 29 03:28:11 CEST 2016 on sn-devel-144 (cherry picked from commit 38696630552d449ec3c8e1fbdf6fb8212a96d2c9) commit 8869cf8edd3d2a8bb19cb423d10043a0fa3da01a Author: Marc Muehlfeld <mmuehlf...@samba.org> Date: Fri Aug 26 14:16:37 2016 +0200 Added Wiki link to replPropertyMetaData Changes section In the Wiki we give more details and describe what the user needs to do to fix the attributes. Signed-off-by: Marc Muehlfeld <mmuehlf...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: VERSION | 2 +- WHATSNEW.txt | 83 +++++- selftest/knownfail | 1 + source4/dsdb/repl/drepl_out_helpers.c | 29 +- source4/dsdb/repl/replicated_objects.c | 4 +- source4/dsdb/tests/python/dsdb_schema_info.py | 2 +- source4/rpc_server/drsuapi/getncchanges.c | 197 +++++++++++--- source4/torture/drs/python/getnc_exop.py | 363 +++++++++++++++++++++++++- upgrading-samba4.txt | 28 -- 9 files changed, 633 insertions(+), 76 deletions(-) delete mode 100644 upgrading-samba4.txt Changeset truncated at 500 lines: diff --git a/VERSION b/VERSION index e238267..465e407 100644 --- a/VERSION +++ b/VERSION @@ -87,7 +87,7 @@ SAMBA_VERSION_PRE_RELEASE= # e.g. SAMBA_VERSION_RC_RELEASE=1 # # -> "3.0.0rc1" # ######################################################## -SAMBA_VERSION_RC_RELEASE=3 +SAMBA_VERSION_RC_RELEASE=4 ######################################################## # To mark SVN snapshots this should be set to 'yes' # diff --git a/WHATSNEW.txt b/WHATSNEW.txt index d6b4f37..87d066b 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -1,7 +1,7 @@ Release Announcements ===================== -This is the second release candidate of Samba 4.5. This is *not* +This is the third release candidate of Samba 4.5. This is *not* intended for production environments and is designed for testing purposes only. Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. @@ -84,10 +84,13 @@ replPropertyMetaData Changes ---------------------------- During the development of the DRS replication, tests showed that Samba -stores the replPropertyMetaData object incorrectly. To address this, +stores the replPropertyMetaData object incorrectly. To address this, be aware that 'dbcheck' will now detect and offer to fix all objects in the domain for this error. +For further information and instructions how to fix the problem, see +https://wiki.samba.org/index.php/Updating_Samba#Fixing_replPropertyMetaData_Attributes + Linked attributes on deleted objects ------------------------------------ @@ -343,6 +346,82 @@ KNOWN ISSUES https://wiki.samba.org/index.php/Release_Planning_for_Samba_4.5#All_bugs +CHANGES SINCE 4.5.0rc3 +====================== + + + +CHANGES SINCE 4.5.0rc2 +====================== + +o Michael Adam <ob...@samba.org> + * BUG 12155: Some idmap backends don't perform range checks for the result + of sids_to_xids. + +o Jeremy Allison <j...@samba.org> + * BUG 12115: Endless loop on drsuapi pull replication after schema changes. + * BUG 12135: net ads gpo refresh can crash with null pointer deref.. + * BUG 12139: Race between break oplock and check for share_mode. + * BUG 12150: SMB2 snapshot query fails on DFS shares.. + * BUG 12165: smbclient allinfo doesn't correctly return 'previous version' + info over SMB1. + * BUG 12166: smbclient allinfo doesn't correctly return 'previous version' + info over SMB2. + * BUG 12174: error: 'conn' undeclared. + +o Douglas Bagnall <douglas.bagn...@catalyst.net.nz> + * BUG 12143: misnamed attribute in samba_kcc causes exception in unusual + circumstances. + * BUG 12187: Backport changes for partial attribute set calculation + for 4.5. + +o Andrew Bartlett <abart...@samba.org> + * BUG 12107: backport backupkey tests. + * BUG 12115: Endless loop on drsuapi pull replication after schema changes. + * BUG 12128: Correctly resolve replicated schema changes regarding linked + attributes. + +o Amitay Isaacs <ami...@gmail.com> + * BUG 12137: Fix printf format non-liternal warnings and printf + format errors. + * BUG 12138: Fix uninitialized timeout in ctdb_pmda. + * BUG 12151: Drop resurrected ctdb commands in new ctdb tool. + * BUG 12152: Fix ctdb addip; implementation to match ctdb delip. + * BUG 12163: Fix missing arguments and format elements in format strings. + * BUG 12168: Fix format-nonliteral warnings. + +o Stefan Metzmacher <me...@samba.org> + * BUG 12108: Backport selftest/autobuild fixes to v4-5-test. + * BUG 12114: In memory schema updated on non schema master. + * BUG 12115: Endless loop on drsuapi pull replication after schema changes. + * BUG 12128: Correctly resolve replicated schema changes regarding + linked attributes. + * BUG 12129: let samba-tool ldapcmp ignore whenChanged. + +o Garming Sam <garm...@catalyst.net.nz> + * BUG 12187: Backport changes for partial attribute set calculation + for 4.5. + +o Andreas Schneider <a...@samba.org> + * BUG 12175: smbget always prompts for a username. + +o Christof Schmitt <c...@samba.org> + * BUG 12150: SMB2 snapshot query fails on DFS shares.. + +o Martin Schwenke <mar...@meltin.net> + * BUG 12157: Coverity and related fixes. + * BUG 12158: CTDB release IP fixes. + * BUG 12161: Fix CTDB cumulative takeover timeout. + * BUG 12170: CTDB test runs can kill each other's ctdbd daemons. + +o Uri Simchoni <u...@samba.org> + * BUG 12145: smbd: if inherit owner is enabled, the free disk on a folder + should take the owner's quota into account. + * BUG 12149: smbd: cannot load a Windows device driver from a Samba share + via SMB2. + * BUG 12172: a snapshot folder cannot be accessed via SMB1. + + CHANGES SINCE 4.5.0rc1 ====================== diff --git a/selftest/knownfail b/selftest/knownfail index ffcaf06..3b28589 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -290,3 +290,4 @@ ^samba4.smb2.read.access #ntvfs server blocks copychunk with execute access on read handle ^samba4.smb2.ioctl.copy_chunk_bad_access +^samba4.drs.getnc_exop.python.*getnc_exop.DrsReplicaPrefixMapTestCase.test_regular_prefix_map_ex_attid.* diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c index 9fe8c3b..ac0b947 100644 --- a/source4/dsdb/repl/drepl_out_helpers.c +++ b/source4/dsdb/repl/drepl_out_helpers.c @@ -302,6 +302,7 @@ static void dreplsrv_op_pull_source_get_changes_done(struct tevent_req *subreq); static NTSTATUS dreplsrv_get_rodc_partial_attribute_set(struct dreplsrv_service *service, TALLOC_CTX *mem_ctx, struct drsuapi_DsPartialAttributeSet **_pas, + struct drsuapi_DsReplicaOIDMapping_Ctr **pfm, bool for_schema) { struct drsuapi_DsPartialAttributeSet *pas; @@ -340,6 +341,11 @@ static NTSTATUS dreplsrv_get_rodc_partial_attribute_set(struct dreplsrv_service } *_pas = pas; + + if (pfm != NULL) { + dsdb_get_oid_mappings_drsuapi(schema, true, mem_ctx, pfm); + } + return NT_STATUS_OK; } @@ -349,7 +355,8 @@ static NTSTATUS dreplsrv_get_rodc_partial_attribute_set(struct dreplsrv_service */ static NTSTATUS dreplsrv_get_gc_partial_attribute_set(struct dreplsrv_service *service, TALLOC_CTX *mem_ctx, - struct drsuapi_DsPartialAttributeSet **_pas) + struct drsuapi_DsPartialAttributeSet **_pas, + struct drsuapi_DsReplicaOIDMapping_Ctr **pfm) { struct drsuapi_DsPartialAttributeSet *pas; struct dsdb_schema *schema; @@ -383,6 +390,11 @@ static NTSTATUS dreplsrv_get_gc_partial_attribute_set(struct dreplsrv_service *s } *_pas = pas; + + if (pfm != NULL) { + dsdb_get_oid_mappings_drsuapi(schema, true, mem_ctx, pfm); + } + return NT_STATUS_OK; } @@ -427,6 +439,7 @@ static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req) uint32_t replica_flags; struct drsuapi_DsReplicaHighWaterMark highwatermark; struct ldb_dn *schema_dn = ldb_get_schema_basedn(service->samdb); + struct drsuapi_DsReplicaOIDMapping_Ctr *mappings = NULL; r = talloc(state, struct drsuapi_DsGetNCChanges); if (tevent_req_nomem(r, req)) { @@ -476,7 +489,9 @@ static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req) } if (partition->partial_replica) { - status = dreplsrv_get_gc_partial_attribute_set(service, r, &pas); + status = dreplsrv_get_gc_partial_attribute_set(service, r, + &pas, + &mappings); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,(__location__ ": Failed to construct GC partial attribute set : %s\n", nt_errstr(status))); tevent_req_nterror(req, status); @@ -488,8 +503,10 @@ static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req) if (ldb_dn_compare_base(schema_dn, partition->dn) == 0) { for_schema = true; } - - status = dreplsrv_get_rodc_partial_attribute_set(service, r, &pas, for_schema); + status = dreplsrv_get_rodc_partial_attribute_set(service, r, + &pas, + &mappings, + for_schema); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,(__location__ ": Failed to construct RODC partial attribute set : %s\n", nt_errstr(status))); tevent_req_nterror(req, status); @@ -538,8 +555,8 @@ static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req) r->in.req->req8.fsmo_info = state->op->fsmo_info; r->in.req->req8.partial_attribute_set = pas; r->in.req->req8.partial_attribute_set_ex= NULL; - r->in.req->req8.mapping_ctr.num_mappings= 0; - r->in.req->req8.mapping_ctr.mappings = NULL; + r->in.req->req8.mapping_ctr.num_mappings= mappings == NULL ? 0 : mappings->num_mappings; + r->in.req->req8.mapping_ctr.mappings = mappings == NULL ? NULL : mappings->mappings; } else { r->in.level = 5; r->in.req->req5.destination_dsa_guid = service->ntds_guid; diff --git a/source4/dsdb/repl/replicated_objects.c b/source4/dsdb/repl/replicated_objects.c index 89d288a..46b0b66 100644 --- a/source4/dsdb/repl/replicated_objects.c +++ b/source4/dsdb/repl/replicated_objects.c @@ -306,7 +306,7 @@ WERROR dsdb_repl_make_working_schema(struct ldb_context *ldb, werr = dsdb_schema_pfm_from_drsuapi_pfm(mapping_ctr, true, working_schema, &pfm_remote, NULL); if (!W_ERROR_IS_OK(werr)) { - DEBUG(0,(__location__ ": Failed to decode remote prefixMap: %s", + DEBUG(0,(__location__ ": Failed to decode remote prefixMap: %s\n", win_errstr(werr))); talloc_free(working_schema); return werr; @@ -667,7 +667,7 @@ WERROR dsdb_replicated_objects_convert(struct ldb_context *ldb, status = dsdb_schema_pfm_from_drsuapi_pfm(mapping_ctr, true, out, &pfm_remote, NULL); if (!W_ERROR_IS_OK(status)) { - DEBUG(0,(__location__ ": Failed to decode remote prefixMap: %s", + DEBUG(0,(__location__ ": Failed to decode remote prefixMap: %s\n", win_errstr(status))); talloc_free(out); return status; diff --git a/source4/dsdb/tests/python/dsdb_schema_info.py b/source4/dsdb/tests/python/dsdb_schema_info.py index 18c2f08..e7933f4 100755 --- a/source4/dsdb/tests/python/dsdb_schema_info.py +++ b/source4/dsdb/tests/python/dsdb_schema_info.py @@ -51,7 +51,7 @@ class SchemaInfoTestCase(samba.tests.TestCase): # connect SamDB if we haven't yet if self.sam_db is None: - ldb_url = samba.tests.env_get_var_value("DC_SERVER") + ldb_url = "ldap://%s" % samba.tests.env_get_var_value("DC_SERVER") SchemaInfoTestCase.sam_db = samba.tests.connect_samdb(ldb_url) # fetch rootDSE diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c index f002836..c1de242 100644 --- a/source4/rpc_server/drsuapi/getncchanges.c +++ b/source4/rpc_server/drsuapi/getncchanges.c @@ -133,24 +133,57 @@ static bool udv_filter(const struct drsuapi_DsReplicaCursorCtrEx *udv, } -static int attid_cmp(enum drsuapi_DsAttributeId a1, enum drsuapi_DsAttributeId a2) +static int uint32_t_cmp(uint32_t a1, uint32_t a2) { if (a1 == a2) return 0; - return ((uint32_t)a1) > ((uint32_t)a2) ? 1 : -1; + return a1 > a2 ? 1 : -1; } -/* - check if an attribute is in a partial_attribute_set - */ -static bool check_partial_attribute_set(const struct dsdb_attribute *sa, - struct drsuapi_DsPartialAttributeSet *pas) +static int uint32_t_ptr_cmp(uint32_t *a1, uint32_t *a2, void *unused) { - enum drsuapi_DsAttributeId *result; - BINARY_ARRAY_SEARCH_V(pas->attids, pas->num_attids, (enum drsuapi_DsAttributeId)sa->attributeID_id, - attid_cmp, result); - return result != NULL; + if (*a1 == *a2) return 0; + return *a1 > *a2 ? 1 : -1; } +static WERROR getncchanges_attid_remote_to_local(const struct dsdb_schema *schema, + const struct dsdb_syntax_ctx *ctx, + enum drsuapi_DsAttributeId remote_attid_as_enum, + enum drsuapi_DsAttributeId *local_attid_as_enum, + const struct dsdb_attribute **_sa) +{ + WERROR werr; + const struct dsdb_attribute *sa = NULL; + + if (ctx->pfm_remote == NULL) { + DEBUG(7, ("No prefixMap supplied, falling back to local prefixMap.\n")); + goto fail; + } + + werr = dsdb_attribute_drsuapi_remote_to_local(ctx, + remote_attid_as_enum, + local_attid_as_enum, + _sa); + if (!W_ERROR_IS_OK(werr)) { + DEBUG(3, ("WARNING: Unable to resolve remote attid, falling back to local prefixMap.\n")); + goto fail; + } + + return werr; +fail: + + sa = dsdb_attribute_by_attributeID_id(schema, remote_attid_as_enum); + if (sa == NULL) { + return WERR_DS_DRA_SCHEMA_MISMATCH; + } else { + if (local_attid_as_enum != NULL) { + *local_attid_as_enum = sa->attributeID_id; + } + if (_sa != NULL) { + *_sa = sa; + } + return WERR_OK; + } +} /* drsuapi_DsGetNCChanges for one object @@ -167,7 +200,8 @@ static WERROR get_nc_changes_build_object(struct drsuapi_DsReplicaObjectListItem struct drsuapi_DsPartialAttributeSet *partial_attribute_set, struct drsuapi_DsReplicaCursorCtrEx *uptodateness_vector, enum drsuapi_DsExtendedOperation extended_op, - bool force_object_return) + bool force_object_return, + uint32_t *local_pas) { const struct ldb_val *md_value; uint32_t i, n; @@ -294,8 +328,13 @@ static WERROR get_nc_changes_build_object(struct drsuapi_DsReplicaObjectListItem } /* filter by partial_attribute_set */ - if (partial_attribute_set && !check_partial_attribute_set(sa, partial_attribute_set)) { - continue; + if (partial_attribute_set) { + uint32_t *result = NULL; + BINARY_ARRAY_SEARCH_V(local_pas, partial_attribute_set->num_attids, sa->attributeID_id, + uint32_t_cmp, result); + if (result == NULL) { + continue; + } } obj->meta_data_ctr->meta_data[n].originating_change_time = md.ctr.ctr1.array[i].originating_change_time; @@ -1185,11 +1224,13 @@ static WERROR getncchanges_change_master(struct drsuapi_bind_state *b_state, */ static WERROR dcesrv_drsuapi_is_reveal_secrets_request(struct drsuapi_bind_state *b_state, struct drsuapi_DsGetNCChangesRequest10 *req10, + struct dsdb_schema_prefixmap *pfm_remote, bool *is_secret_request) { enum drsuapi_DsExtendedOperation exop; uint32_t i; struct dsdb_schema *schema; + struct dsdb_syntax_ctx syntax_ctx; *is_secret_request = true; @@ -1223,14 +1264,24 @@ static WERROR dcesrv_drsuapi_is_reveal_secrets_request(struct drsuapi_bind_state } schema = dsdb_get_schema(b_state->sam_ctx, NULL); + dsdb_syntax_ctx_init(&syntax_ctx, b_state->sam_ctx, schema); + syntax_ctx.pfm_remote = pfm_remote; /* check the attributes they asked for */ for (i=0; i<req10->partial_attribute_set->num_attids; i++) { const struct dsdb_attribute *sa; - sa = dsdb_attribute_by_attributeID_id(schema, req10->partial_attribute_set->attids[i]); - if (sa == NULL) { - return WERR_DS_DRA_SCHEMA_MISMATCH; + WERROR werr = getncchanges_attid_remote_to_local(schema, + &syntax_ctx, + req10->partial_attribute_set->attids[i], + NULL, + &sa); + + if (!W_ERROR_IS_OK(werr)) { + DEBUG(0,(__location__": attid 0x%08X not found: %s\n", + req10->partial_attribute_set->attids[i], win_errstr(werr))); + return werr; } + if (!dsdb_attr_in_rodc_fas(sa)) { *is_secret_request = true; return WERR_OK; @@ -1241,10 +1292,18 @@ static WERROR dcesrv_drsuapi_is_reveal_secrets_request(struct drsuapi_bind_state /* check the extended attributes they asked for */ for (i=0; i<req10->partial_attribute_set_ex->num_attids; i++) { const struct dsdb_attribute *sa; - sa = dsdb_attribute_by_attributeID_id(schema, req10->partial_attribute_set_ex->attids[i]); - if (sa == NULL) { - return WERR_DS_DRA_SCHEMA_MISMATCH; + WERROR werr = getncchanges_attid_remote_to_local(schema, + &syntax_ctx, + req10->partial_attribute_set_ex->attids[i], + NULL, + &sa); + + if (!W_ERROR_IS_OK(werr)) { + DEBUG(0,(__location__": attid 0x%08X not found: %s\n", + req10->partial_attribute_set_ex->attids[i], win_errstr(werr))); + return werr; } + if (!dsdb_attr_in_rodc_fas(sa)) { *is_secret_request = true; return WERR_OK; @@ -1262,11 +1321,13 @@ static WERROR dcesrv_drsuapi_is_reveal_secrets_request(struct drsuapi_bind_state */ static WERROR dcesrv_drsuapi_is_gc_pas_request(struct drsuapi_bind_state *b_state, struct drsuapi_DsGetNCChangesRequest10 *req10, + struct dsdb_schema_prefixmap *pfm_remote, bool *is_gc_pas_request) { enum drsuapi_DsExtendedOperation exop; uint32_t i; struct dsdb_schema *schema; + struct dsdb_syntax_ctx syntax_ctx; exop = req10->extended_op; @@ -1291,14 +1352,24 @@ static WERROR dcesrv_drsuapi_is_gc_pas_request(struct drsuapi_bind_state *b_stat } schema = dsdb_get_schema(b_state->sam_ctx, NULL); + dsdb_syntax_ctx_init(&syntax_ctx, b_state->sam_ctx, schema); + syntax_ctx.pfm_remote = pfm_remote; /* check the attributes they asked for */ for (i=0; i<req10->partial_attribute_set->num_attids; i++) { const struct dsdb_attribute *sa; - sa = dsdb_attribute_by_attributeID_id(schema, req10->partial_attribute_set->attids[i]); - if (sa == NULL) { - return WERR_DS_DRA_SCHEMA_MISMATCH; + WERROR werr = getncchanges_attid_remote_to_local(schema, + &syntax_ctx, + req10->partial_attribute_set->attids[i], + NULL, + &sa); + + if (!W_ERROR_IS_OK(werr)) { + DEBUG(0,(__location__": attid 0x%08X not found: %s\n", + req10->partial_attribute_set->attids[i], win_errstr(werr))); + return werr; } + if (!sa->isMemberOfPartialAttributeSet) { *is_gc_pas_request = false; return WERR_OK; @@ -1309,10 +1380,18 @@ static WERROR dcesrv_drsuapi_is_gc_pas_request(struct drsuapi_bind_state *b_stat /* check the extended attributes they asked for */ for (i=0; i<req10->partial_attribute_set_ex->num_attids; i++) { const struct dsdb_attribute *sa; - sa = dsdb_attribute_by_attributeID_id(schema, req10->partial_attribute_set_ex->attids[i]); - if (sa == NULL) { - return WERR_DS_DRA_SCHEMA_MISMATCH; + WERROR werr = getncchanges_attid_remote_to_local(schema, + &syntax_ctx, + req10->partial_attribute_set_ex->attids[i], + NULL, + &sa); + + if (!W_ERROR_IS_OK(werr)) { + DEBUG(0,(__location__": attid 0x%08X not found: %s\n", + req10->partial_attribute_set_ex->attids[i], win_errstr(werr))); + return werr; } + if (!sa->isMemberOfPartialAttributeSet) { *is_gc_pas_request = false; return WERR_OK; @@ -1606,7 +1685,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ DATA_BLOB session_key; WERROR werr; struct dcesrv_handle *h; - struct drsuapi_bind_state *b_state; + struct drsuapi_bind_state *b_state; struct drsuapi_getncchanges_state *getnc_state; struct drsuapi_DsGetNCChangesRequest10 *req10; uint32_t options; @@ -1629,6 +1708,9 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ bool has_get_all_changes = false; struct GUID invocation_id; static const struct drsuapi_DsReplicaLinkedAttribute no_linked_attr; + struct dsdb_schema_prefixmap *pfm_remote = NULL; + bool full = true; + uint32_t *local_pas = NULL; -- Samba Shared Repository