The branch, master has been updated
via ee4418e dsdb: Only trigger a re-index once per @INDEXLIST
modification
via da575f0 selftest: sort dbcheck output to avoid sort order impacting
results
via 9e9a8d8 s4-dnsserver: Check for too many DNS results
via c174702 s4-dnsserver: Always encode user-supplied names when
looking up DNS records
from 3e1870c kcc: Remove unused, untested KCC code
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ee4418e73f5ed9a1c5d5dc1a5547899f80d9fb5a
Author: Andrew Bartlett <[email protected]>
Date: Mon Sep 11 13:53:19 2017 +1200
dsdb: Only trigger a re-index once per @INDEXLIST modification
A modify of both @INDEXLIST and @ATTRIBUTES will still trigger two re-index
passes
but that is a task for later.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9527
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Garming Sam <[email protected]>
Autobuild-User(master): Andrew Bartlett <[email protected]>
Autobuild-Date(master): Wed Sep 20 12:29:49 CEST 2017 on sn-devel-144
commit da575f01313673fedfc7d15ec11ba6818dbd30d8
Author: Andrew Bartlett <[email protected]>
Date: Fri Aug 25 17:37:05 2017 +1200
selftest: sort dbcheck output to avoid sort order impacting results
The GUID index code will change the returned results order
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Garming Sam <[email protected]>
commit 9e9a8d8f887a3b13d06a7cc71edad78c140bb0be
Author: Andrew Bartlett <[email protected]>
Date: Tue Aug 29 14:19:22 2017 +1200
s4-dnsserver: Check for too many DNS results
If we had this check in when the wildcard DNS tests were written, we would
have
noticed that the name needed to be escaped (see previous commit).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12994
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Douglas Bagnall <[email protected]>
Reviewed-by: Garming Sam <[email protected]>
commit c17470210792e6443bd3c28c18874645f1558494
Author: Andrew Bartlett <[email protected]>
Date: Tue Aug 29 11:48:46 2017 +1200
s4-dnsserver: Always encode user-supplied names when looking up DNS records
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12994
Signed-off-by: Andrew Bartlett <[email protected]>
Reviewed-by: Garming Sam <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/partition.c | 90 ++++++++++++++++++++-----
source4/rpc_server/dnsserver/dcerpc_dnsserver.c | 15 ++++-
source4/rpc_server/dnsserver/dnsdb.c | 18 +++--
testprogs/blackbox/dbcheck-links.sh | 4 +-
4 files changed, 104 insertions(+), 23 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/partition.c
b/source4/dsdb/samdb/ldb_modules/partition.c
index c304efa..426fce3 100644
--- a/source4/dsdb/samdb/ldb_modules/partition.c
+++ b/source4/dsdb/samdb/ldb_modules/partition.c
@@ -432,30 +432,90 @@ static int partition_copy_all(struct ldb_module *module,
return search_ret;
}
- /* now delete the object in the other partitions. Once that is
- done we will re-add the object, if search_ret was not
- LDB_ERR_NO_SUCH_OBJECT
+ /* now delete the object in the other partitions, if requried
*/
+ if (search_ret == LDB_ERR_NO_SUCH_OBJECT) {
+ for (i=0; data->partitions && data->partitions[i]; i++) {
+ int pret;
+ pret = dsdb_module_del(data->partitions[i]->module,
+ dn,
+ DSDB_FLAG_NEXT_MODULE,
+ req);
+ if (pret != LDB_SUCCESS && pret !=
LDB_ERR_NO_SUCH_OBJECT) {
+ /* we should only get success or no
+ such object from the other partitions */
+ return pret;
+ }
+ }
+
+ return ldb_module_done(req, NULL, NULL, LDB_SUCCESS);
+ }
+
+ /* now add/modify in the other partitions */
for (i=0; data->partitions && data->partitions[i]; i++) {
+ struct ldb_message *modify_msg = NULL;
int pret;
- pret = dsdb_module_del(data->partitions[i]->module, dn,
DSDB_FLAG_NEXT_MODULE, req);
- if (pret != LDB_SUCCESS && pret != LDB_ERR_NO_SUCH_OBJECT) {
- /* we should only get success or no
- such object from the other partitions */
+ unsigned int el_idx;
+
+ pret = dsdb_module_add(data->partitions[i]->module,
+ res->msgs[0],
+ DSDB_FLAG_NEXT_MODULE,
+ req);
+ if (pret == LDB_SUCCESS) {
+ continue;
+ }
+
+ if (pret != LDB_ERR_ENTRY_ALREADY_EXISTS) {
return pret;
}
- }
+ modify_msg = ldb_msg_copy(req, res->msgs[0]);
+ if (modify_msg == NULL) {
+ return ldb_module_oom(module);
+ }
- if (search_ret != LDB_ERR_NO_SUCH_OBJECT) {
- /* now re-add in the other partitions */
- for (i=0; data->partitions && data->partitions[i]; i++) {
- int pret;
- pret = dsdb_module_add(data->partitions[i]->module,
res->msgs[0], DSDB_FLAG_NEXT_MODULE, req);
- if (pret != LDB_SUCCESS) {
- return pret;
+ /*
+ * mark all the message elements as
+ * LDB_FLAG_MOD_REPLACE
+ */
+ for (el_idx=0;
+ el_idx < modify_msg->num_elements;
+ el_idx++) {
+ modify_msg->elements[el_idx].flags
+ = LDB_FLAG_MOD_REPLACE;
+ }
+
+ if (req->operation == LDB_MODIFY) {
+ const struct ldb_message *req_msg = req->op.mod.message;
+ /*
+ * mark elements to be removed, if there were
+ * deleted entirely above we need to delete
+ * them here too
+ */
+ for (el_idx=0; el_idx < req_msg->num_elements;
el_idx++) {
+ if (req_msg->elements[el_idx].flags &
LDB_FLAG_MOD_DELETE
+ || ((req_msg->elements[el_idx].flags &
LDB_FLAG_MOD_REPLACE) &&
+ req_msg->elements[el_idx].num_values ==
0)) {
+ if (ldb_msg_find_element(modify_msg,
+
req_msg->elements[el_idx].name) != NULL) {
+ continue;
+ }
+ ldb_msg_add_empty(modify_msg,
+
req_msg->elements[el_idx].name,
+ LDB_FLAG_MOD_REPLACE,
+ NULL);
+ }
}
}
+
+ pret = dsdb_module_modify(data->partitions[i]->module,
+ modify_msg,
+ DSDB_FLAG_NEXT_MODULE,
+ req);
+
+ if (pret != LDB_SUCCESS) {
+ return pret;
+ }
}
return ldb_module_done(req, NULL, NULL, LDB_SUCCESS);
diff --git a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
index 286da18..120d4b9 100644
--- a/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
+++ b/source4/rpc_server/dnsserver/dcerpc_dnsserver.c
@@ -1674,10 +1674,13 @@ static WERROR dnsserver_enumerate_root_records(struct
dnsserver_state *dsstate,
/* Add any additional records */
if (select_flag & DNS_RPC_VIEW_ADDITIONAL_DATA) {
for (i=0; i<add_count; i++) {
+ char *encoded_name
+ = ldb_binary_encode_string(tmp_ctx,
+ add_names[i]);
ret = ldb_search(dsstate->samdb, tmp_ctx, &res,
z->zone_dn,
LDB_SCOPE_ONELEVEL, attrs,
"(&(objectClass=dnsNode)(name=%s)(!(dNSTombstoned=TRUE)))",
- add_names[i]);
+ encoded_name);
if (ret != LDB_SUCCESS || res->count == 0) {
talloc_free(res);
continue;
@@ -1744,10 +1747,12 @@ static WERROR dnsserver_enumerate_records(struct
dnsserver_state *dsstate,
LDB_SCOPE_ONELEVEL, attrs,
"(&(objectClass=dnsNode)(!(dNSTombstoned=TRUE)))");
} else {
+ char *encoded_name
+ = ldb_binary_encode_string(tmp_ctx, name);
ret = ldb_search(dsstate->samdb, tmp_ctx, &res, z->zone_dn,
LDB_SCOPE_ONELEVEL, attrs,
"(&(objectClass=dnsNode)(|(name=%s)(name=*.%s))(!(dNSTombstoned=TRUE)))",
- name, name);
+ encoded_name, encoded_name);
}
if (ret != LDB_SUCCESS) {
talloc_free(tmp_ctx);
@@ -1818,11 +1823,15 @@ static WERROR dnsserver_enumerate_records(struct
dnsserver_state *dsstate,
/* Search all the available zones for additional name */
for (z2 = dsstate->zones; z2; z2 = z2->next) {
+ char *encoded_name;
name = dns_split_node_name(tmp_ctx,
add_names[i], z2->name);
+ encoded_name
+ = ldb_binary_encode_string(tmp_ctx,
+ name);
ret = ldb_search(dsstate->samdb, tmp_ctx, &res,
z2->zone_dn,
LDB_SCOPE_ONELEVEL, attrs,
"(&(objectClass=dnsNode)(name=%s)(!(dNSTombstoned=TRUE)))",
- name);
+ encoded_name);
talloc_free(name);
if (ret != LDB_SUCCESS) {
continue;
diff --git a/source4/rpc_server/dnsserver/dnsdb.c
b/source4/rpc_server/dnsserver/dnsdb.c
index da37878..81a2d20 100644
--- a/source4/rpc_server/dnsserver/dnsdb.c
+++ b/source4/rpc_server/dnsserver/dnsdb.c
@@ -364,10 +364,12 @@ WERROR dnsserver_db_add_empty_node(TALLOC_CTX *mem_ctx,
const char * const attrs[] = { "name", NULL };
struct ldb_result *res;
struct ldb_dn *dn;
+ char *encoded_name = ldb_binary_encode_string(mem_ctx, name);
int ret;
ret = ldb_search(samdb, mem_ctx, &res, z->zone_dn, LDB_SCOPE_BASE,
attrs,
- "(&(objectClass=dnsNode)(name=%s))", name);
+ "(&(objectClass=dnsNode)(name=%s))",
+ encoded_name);
if (ret != LDB_SUCCESS) {
return WERR_INTERNAL_DB_ERROR;
}
@@ -406,6 +408,7 @@ WERROR dnsserver_db_add_record(TALLOC_CTX *mem_ctx,
int serial;
WERROR werr;
bool was_tombstoned = false;
+ char *encoded_name = ldb_binary_encode_string(mem_ctx, name);
werr = dns_to_dnsp_convert(mem_ctx, add_record, &rec, true);
if (!W_ERROR_IS_OK(werr)) {
@@ -436,7 +439,8 @@ WERROR dnsserver_db_add_record(TALLOC_CTX *mem_ctx,
rec->dwTimeStamp = t;
ret = ldb_search(samdb, mem_ctx, &res, z->zone_dn, LDB_SCOPE_ONELEVEL,
attrs,
- "(&(objectClass=dnsNode)(name=%s))", name);
+ "(&(objectClass=dnsNode)(name=%s))",
+ encoded_name);
if (ret != LDB_SUCCESS) {
return WERR_INTERNAL_DB_ERROR;
}
@@ -524,6 +528,7 @@ WERROR dnsserver_db_update_record(TALLOC_CTX *mem_ctx,
int ret, i;
int serial;
WERROR werr;
+ char *encoded_name = ldb_binary_encode_string(mem_ctx, name);
werr = dns_to_dnsp_convert(mem_ctx, add_record, &arec, true);
if (!W_ERROR_IS_OK(werr)) {
@@ -541,7 +546,8 @@ WERROR dnsserver_db_update_record(TALLOC_CTX *mem_ctx,
arec->dwTimeStamp = t;
ret = ldb_search(samdb, mem_ctx, &res, z->zone_dn, LDB_SCOPE_ONELEVEL,
attrs,
-
"(&(objectClass=dnsNode)(name=%s)(!(dNSTombstoned=TRUE)))", name);
+
"(&(objectClass=dnsNode)(name=%s)(!(dNSTombstoned=TRUE)))",
+ encoded_name);
if (ret != LDB_SUCCESS) {
return WERR_INTERNAL_DB_ERROR;
}
@@ -642,7 +648,8 @@ WERROR dnsserver_db_delete_record(TALLOC_CTX *mem_ctx,
}
ret = ldb_search(samdb, mem_ctx, &res, z->zone_dn, LDB_SCOPE_ONELEVEL,
attrs,
- "(&(objectClass=dnsNode)(name=%s))", name);
+ "(&(objectClass=dnsNode)(name=%s))",
+ ldb_binary_encode_string(mem_ctx, name));
if (ret != LDB_SUCCESS) {
return WERR_INTERNAL_DB_ERROR;
}
@@ -650,6 +657,9 @@ WERROR dnsserver_db_delete_record(TALLOC_CTX *mem_ctx,
if (res->count == 0) {
return WERR_DNS_ERROR_RECORD_DOES_NOT_EXIST;
}
+ if (res->count > 1) {
+ return WERR_DNS_ERROR_RCODE_SERVER_FAILURE;
+ }
el = ldb_msg_find_element(res->msgs[0], "dnsRecord");
if (el == NULL || el->num_values == 0) {
diff --git a/testprogs/blackbox/dbcheck-links.sh
b/testprogs/blackbox/dbcheck-links.sh
index fb66d14..17973e9 100755
--- a/testprogs/blackbox/dbcheck-links.sh
+++ b/testprogs/blackbox/dbcheck-links.sh
@@ -59,7 +59,9 @@ dbcheck() {
if [ "$?" != "1" ]; then
return 1
fi
- diff $tmpfile $release_dir/expected-dbcheck-link-output.txt
+ sort $tmpfile > $tmpfile.sorted
+ sort $release_dir/expected-dbcheck-link-output.txt > $tmpfile.expected
+ diff -u $tmpfile.sorted $tmpfile.expected
if [ "$?" != "0" ]; then
return 1
fi
--
Samba Shared Repository
