The branch, master has been updated via 30d505e91bb selftest: Only set clockskew to 5 seconds for MIT Kerberos via c9fa0a05d90 wafsamba/samba_utils.py: override symlink to allow force link via 22c016b1214 selftest: Change backup/restore testenvs to use 1 prefork child via 85a7b4bf704 selftest: Use default 'prefork children' smb.conf setting via d21801b8887 ldb_dn: don't free a known NULL pointer via d4ebe006885 ldb_dn: remove unreachable code in dn_explode via cb502997b37 replmd: move a if (ret) closer to ret source via c874b62556b dsdb: check NULL guid strings in la_fix_links via a086a6457b4 dsdb: linked attrs: check a talloc_new() via 5b0a9818ffd dsdb: make get_parsed_dns_trusted() a common helper function via d0e26ea67fb spelling of associated from f8a85ed5693 s3:utils: Add missing NULL check in rpc_fetch_domain_aliases()
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 30d505e91bbf8e08d6f80314798e4e1a48ae43f9 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Feb 12 09:34:54 2019 +1300 selftest: Only set clockskew to 5 seconds for MIT Kerberos This was added in ac5427c6eba09134411f76a5e6f7e2643fa74eed as part of the MIT KDC effort, but makes some tests much less reliable under high load. As the Heimdal build does not need this, only specify for the MIT build. Tested with an MIT AD DC build with: make test TESTS="samba3.raw.session samba3.smb2.session" Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Wed Feb 13 05:49:43 CET 2019 on sn-devel-144 commit c9fa0a05d90f8c1d84c41efe32a6938c026dc328 Author: Joe Guo <j...@catalyst.net.nz> Date: Tue Feb 12 19:16:06 2019 +1300 wafsamba/samba_utils.py: override symlink to allow force link if bin is not empty and I have been sharing the samba tree into a Vagrant environment and we run make, we get annoying linking error like this: File "~/samba/lib/tevent/wscript", line 130, in build installdir='python') File "./buildtools/wafsamba/wafsamba.py", line 745, in SAMBA_SCRIPT os.symlink(link_src, link_dst) FileExistsError: [Errno 17] File exists: '~/samba/lib/tevent/tevent.py' -> '~/samba/bin/default/../python/tevent.py' Makefile:7: recipe for target 'all' failed Override the symlink method to allow force linking. Signed-off-by: Joe Guo <j...@catalyst.net.nz> Reviewed-by: Gary Lockyer <g...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 22c016b12142e675c5b8ef0ea1f450385f555268 Author: Tim Beale <timbe...@catalyst.net.nz> Date: Tue Feb 5 12:23:43 2019 +1300 selftest: Change backup/restore testenvs to use 1 prefork child Recently the gitlab CI jobs were hitting memory resource limits and using swap, which then caused test failures. The process model used in the testenvs seemed to be contributing to this problem. We can reduce the memory overhead of the restore/backup testenvs by using 1 prefork child process instead of the default of 4 (kudos to Garming for the idea). The tests run against these testenvs are basic sanity-checks, rather than heavy-duty stress tests, so the number of prefork workers shouldn't matter. This is a bit of a tradeoff between testing the defaults that will actually be used in production vs using limited resources efficiently on shared CI runner machines. Signed-off-by: Tim Beale <timbe...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 85a7b4bf7040b0c95edc2f5a13252830c8c0d378 Author: Tim Beale <timbe...@catalyst.net.nz> Date: Tue Feb 5 12:18:38 2019 +1300 selftest: Use default 'prefork children' smb.conf setting The default setting should be 4, so there should be no need to specify this in the testenv smb.conf. Signed-off-by: Tim Beale <timbe...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d21801b88877629dfe04bf552d5dbffb2143400a Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Fri Feb 8 15:49:56 2019 +1300 ldb_dn: don't free a known NULL pointer Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d4ebe006885e100da6797e210f9331fabffec8d4 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Feb 7 13:39:09 2019 +1300 ldb_dn: remove unreachable code in dn_explode Every time I look at this file, I spend a few minutes wondering how these bits of code are ever run. Never again. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit cb502997b377f3aea05635c4c658754f70b34fd6 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Wed Jan 16 17:35:48 2019 +1300 replmd: move a if (ret) closer to ret source Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit c874b62556b711082b62451f937f6102abdc3761 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Thu Jan 10 12:55:19 2019 +1300 dsdb: check NULL guid strings in la_fix_links Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit a086a6457b421c36562275a425ce2bbd32336f8f Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Wed Jan 9 17:55:38 2019 +1300 dsdb: linked attrs: check a talloc_new() Also we can defer it past a thing that doesn't need or check for it. Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 5b0a9818ffd88d495ffbd7387d51d30d5594133d Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Wed Jan 9 15:12:43 2019 +1300 dsdb: make get_parsed_dns_trusted() a common helper function We are already using it in two places, and are about to add a third. The version in repl_meta_data.c did more work in the case that the parsed_dns can't really be trusted to conform to the expected format; this is now a wrapper called get_parsed_dns_trusted_fallback(). Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit d0e26ea67fbad4b4e142881c8ae3fca7dd7547a3 Author: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Date: Wed Jan 16 11:24:34 2019 +1300 spelling of associated Signed-off-by: Douglas Bagnall <douglas.bagn...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: buildtools/wafsamba/samba_utils.py | 13 ++++ buildtools/wafsamba/wafsamba.py | 5 +- ctdb/common/comm.h | 2 +- lib/ldb/common/ldb_dn.c | 14 +---- python/samba/netcmd/processes.py | 2 +- selftest/target/Samba.pm | 14 +++-- selftest/target/Samba4.pm | 14 +++-- source4/dsdb/common/util_links.c | 19 ++++++ source4/dsdb/common/util_links.h | 5 ++ source4/dsdb/samdb/ldb_modules/linked_attributes.c | 21 +++++-- source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 71 +++++++++++----------- source4/rpc_server/drsuapi/getncchanges.c | 29 +-------- source4/smb_server/session.c | 6 +- 13 files changed, 119 insertions(+), 96 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_utils.py b/buildtools/wafsamba/samba_utils.py index 93ce317f114..ad97de1859b 100644 --- a/buildtools/wafsamba/samba_utils.py +++ b/buildtools/wafsamba/samba_utils.py @@ -1,6 +1,7 @@ # a waf tool to add autoconf-like macros to the configure section # and for SAMBA_ macros for building libraries, binaries etc +import errno import os, sys, re, fnmatch, shlex, inspect from optparse import SUPPRESS_HELP from waflib import Build, Options, Utils, Task, Logs, Configure, Errors, Context @@ -289,6 +290,18 @@ def recursive_dirlist(dir, relbase, pattern=None): return ret +def symlink(src, dst, force=True): + """Can create symlink by force""" + try: + os.symlink(src, dst) + except OSError as exc: + if exc.errno == errno.EEXIST and force: + os.remove(dst) + os.symlink(src, dst) + else: + raise + + def mkdir_p(dir): '''like mkdir -p''' if not dir: diff --git a/buildtools/wafsamba/wafsamba.py b/buildtools/wafsamba/wafsamba.py index 9d8251d60bf..70ab736e2a7 100644 --- a/buildtools/wafsamba/wafsamba.py +++ b/buildtools/wafsamba/wafsamba.py @@ -10,6 +10,7 @@ TaskGen.task_gen.apply_verif = Utils.nada # bring in the other samba modules from samba_utils import * +from samba_utils import symlink from samba_version import * from samba_autoconf import * from samba_patterns import * @@ -61,7 +62,7 @@ def SAMBA_BUILD_ENV(conf): for (source, target) in [('shared', 'shared'), ('modules', 'modules'), ('python', 'python')]: link_target = os.path.join(conf.env.BUILD_DIRECTORY, 'default/' + target) if not os.path.lexists(link_target): - os.symlink('../' + source, link_target) + symlink('../' + source, link_target) # get perl to put the blib files in the build directory blib_bld = os.path.join(conf.env.BUILD_DIRECTORY, 'default/pidl/blib') @@ -742,7 +743,7 @@ def SAMBA_SCRIPT(bld, name, pattern, installdir, installname=None): if os.path.exists(link_dst): os.unlink(link_dst) Logs.info("symlink: %s -> %s/%s" % (s, installdir, iname)) - os.symlink(link_src, link_dst) + symlink(link_src, link_dst) Build.BuildContext.SAMBA_SCRIPT = SAMBA_SCRIPT diff --git a/ctdb/common/comm.h b/ctdb/common/comm.h index 27021e945af..e11d38e93b2 100644 --- a/ctdb/common/comm.h +++ b/ctdb/common/comm.h @@ -57,7 +57,7 @@ struct comm_context; * @brief Initialize the communication endpoint * * This return a new communication context. Freeing this context will free all - * memory assoicated with it. + * memory associated with it. * * @param[in] mem_ctx Talloc memory context * @param[in] ev Tevent context diff --git a/lib/ldb/common/ldb_dn.c b/lib/ldb/common/ldb_dn.c index 3bd655adbd5..a2122a8a80a 100644 --- a/lib/ldb/common/ldb_dn.c +++ b/lib/ldb/common/ldb_dn.c @@ -325,12 +325,9 @@ static bool ldb_dn_explode(struct ldb_dn *dn) return true; } - /* make sure we free this if allocated previously before replacing */ - LDB_FREE(dn->components); - dn->comp_num = 0; - LDB_FREE(dn->ext_components); dn->ext_comp_num = 0; + dn->comp_num = 0; /* in the common case we have 3 or more components */ /* make sure all components are zeroed, other functions depend on it */ @@ -359,9 +356,6 @@ static bool ldb_dn_explode(struct ldb_dn *dn) ex_name = d; in_ex_name = true; continue; - } else if (p[0] == '\0') { - p++; - continue; } else { in_extended = false; in_attr = true; @@ -474,12 +468,6 @@ static bool ldb_dn_explode(struct ldb_dn *dn) continue; } - if (trim && (*p != '=')) { - /* spaces/tabs are not allowed */ - ldb_dn_mark_invalid(dn); - goto failed; - } - if (*p == '=') { /* attribute terminated */ in_attr = false; diff --git a/python/samba/netcmd/processes.py b/python/samba/netcmd/processes.py index 0406b1859ca..09b8529448c 100644 --- a/python/samba/netcmd/processes.py +++ b/python/samba/netcmd/processes.py @@ -44,7 +44,7 @@ class cmd_processes(Command): Option("--name", type=str, help="Return only processes associated with one particular name"), Option("--pid", type=int, - help="Return only names assoicated with one particular PID"), + help="Return only names associated with one particular PID"), ] takes_args = [] diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm index 3fe53f94a2c..d74a4438ba4 100644 --- a/selftest/target/Samba.pm +++ b/selftest/target/Samba.pm @@ -250,16 +250,22 @@ sub mk_krb5_conf($$) ticket_lifetime = 24h forwardable = yes allow_weak_crypto = yes - # Set the grace clocskew to 5 seconds - # This is especially required by samba3.raw.session krb5 and - # reauth tests - clockskew = 5 + # We are running on the same machine, do not correct # system clock differences kdc_timesync = 0 "; + if (defined($ENV{MITKRB5})) { + print KRB5CONF " + # Set the grace clocskew to 5 seconds + # This is especially required by samba3.raw.session krb5 and + # reauth tests when not using Heimdal + clockskew = 5 + "; + } + if (defined($ctx->{krb5_ccname})) { print KRB5CONF " default_ccache_name = $ctx->{krb5_ccname} diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index d8e066f6f44..647e1f14467 100755 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -794,8 +794,6 @@ sub provision_raw_step1($$) dreplsrv:periodic_startup_interval = 0 dsdb:schema update allowed = yes - prefork children = 4 - vfs objects = dfs_samba4 acl_xattr fake_acls xattr_tdb streams_depot idmap_ldb:use rfc2307=yes @@ -3083,7 +3081,8 @@ sub setup_restoredc # we arbitrarily designate the restored DC as having SMBv1 disabled my $extra_conf = " server min protocol = SMB2 - client min protocol = SMB2"; + client min protocol = SMB2 + prefork children = 1"; my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "restoredc", $dcvars->{DOMAIN}, @@ -3126,11 +3125,12 @@ sub setup_renamedc # note: dcvars contains the env info for the dependent testenv ('backupfromdc') my ($self, $prefix, $dcvars) = @_; print "Preparing RENAME DC...\n"; + my $extra_conf = "prefork children = 1"; my $realm = "renamedom.samba.example.com"; my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "renamedc", "RENAMEDOMAIN", $realm, - $dcvars->{PASSWORD}, ""); + $dcvars->{PASSWORD}, $extra_conf); # create a backup of the 'backupfromdc' which renames the domain my $backupdir = File::Temp->newdir(); @@ -3173,11 +3173,12 @@ sub setup_offlinebackupdc # note: dcvars contains the env info for the dependent testenv ('backupfromdc') my ($self, $prefix, $dcvars) = @_; print "Preparing OFFLINE BACKUP DC...\n"; + my $extra_conf = "prefork children = 1"; my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "offlinebackupdc", $dcvars->{DOMAIN}, $dcvars->{REALM}, - $dcvars->{PASSWORD}, ""); + $dcvars->{PASSWORD}, $extra_conf); # create an offline backup of the 'backupfromdc' target my $backupdir = File::Temp->newdir(); @@ -3217,11 +3218,12 @@ sub setup_labdc # note: dcvars contains the env info for the dependent testenv ('backupfromdc') my ($self, $prefix, $dcvars) = @_; print "Preparing LAB-DOMAIN DC...\n"; + my $extra_conf = "prefork children = 1"; my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "labdc", "LABDOMAIN", "labdom.samba.example.com", - $dcvars->{PASSWORD}, ""); + $dcvars->{PASSWORD}, $extra_conf); # create a backup of the 'backupfromdc' which renames the domain and uses # the --no-secrets option to scrub any sensitive info diff --git a/source4/dsdb/common/util_links.c b/source4/dsdb/common/util_links.c index cf1f4be58bd..daa4b2f43a6 100644 --- a/source4/dsdb/common/util_links.c +++ b/source4/dsdb/common/util_links.c @@ -110,6 +110,25 @@ int really_parse_trusted_dn(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, } +int get_parsed_dns_trusted(TALLOC_CTX *mem_ctx, struct ldb_message_element *el, + struct parsed_dn **pdn) +{ + /* Here we get a list of 'struct parsed_dns' without the parsing */ + int i; + *pdn = talloc_zero_array(mem_ctx, struct parsed_dn, + el->num_values); + if (!*pdn) { + return LDB_ERR_OPERATIONS_ERROR; + } + + for (i = 0; i < el->num_values; i++) { + (*pdn)[i].v = &el->values[i]; + } + + return LDB_SUCCESS; +} + + int parsed_dn_find(struct ldb_context *ldb, struct parsed_dn *pdn, unsigned int count, const struct GUID *guid, diff --git a/source4/dsdb/common/util_links.h b/source4/dsdb/common/util_links.h index c529cb54251..e6dc41b636f 100644 --- a/source4/dsdb/common/util_links.h +++ b/source4/dsdb/common/util_links.h @@ -40,4 +40,9 @@ struct parsed_dn { struct ldb_val *v; }; + +int get_parsed_dns_trusted(TALLOC_CTX *mem_ctx, + struct ldb_message_element *el, + struct parsed_dn **pdn); + #endif /* __DSDB_COMMON_UTIL_LINKS_H__ */ diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c index 2568d4d1790..a88cd173442 100644 --- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c +++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c @@ -695,7 +695,7 @@ static int linked_attributes_fix_links(struct ldb_module *module, struct ldb_request *parent) { unsigned int i, j; - TALLOC_CTX *tmp_ctx = talloc_new(module); + TALLOC_CTX *tmp_ctx = NULL; struct ldb_context *ldb = ldb_module_get_ctx(module); const struct dsdb_attribute *target; const char *attrs[2]; @@ -707,6 +707,11 @@ static int linked_attributes_fix_links(struct ldb_module *module, return LDB_SUCCESS; } + tmp_ctx = talloc_new(module); + if (tmp_ctx == NULL) { + return LDB_ERR_OPERATIONS_ERROR; + } + attrs[0] = target->lDAPDisplayName; attrs[1] = NULL; @@ -716,6 +721,7 @@ static int linked_attributes_fix_links(struct ldb_module *module, struct ldb_message *msg; struct ldb_message_element *el2; struct GUID link_guid; + char *link_guid_str = NULL; dsdb_dn = dsdb_dn_parse(tmp_ctx, ldb, &el->values[i], schema_attr->syntax->ldap_oid); if (dsdb_dn == NULL) { @@ -734,11 +740,18 @@ static int linked_attributes_fix_links(struct ldb_module *module, return ret; } + link_guid_str = GUID_string(tmp_ctx, &link_guid); + if (link_guid_str == NULL) { + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + /* * get the existing message from the db for the object with * this GUID, returning attribute being modified. We will then * use this msg as the basis for a modify call */ + ret = dsdb_module_search(module, tmp_ctx, &res, NULL, LDB_SCOPE_SUBTREE, attrs, DSDB_FLAG_NEXT_MODULE | DSDB_SEARCH_SEARCH_ALL_PARTITIONS | @@ -746,13 +759,13 @@ static int linked_attributes_fix_links(struct ldb_module *module, DSDB_SEARCH_SHOW_DN_IN_STORAGE_FORMAT | DSDB_SEARCH_REVEAL_INTERNALS, parent, - "objectGUID=%s", GUID_string(tmp_ctx, &link_guid)); + "objectGUID=%s", link_guid_str); if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Linked attribute %s->%s between %s and %s - target GUID %s not found - %s", el->name, target->lDAPDisplayName, ldb_dn_get_linearized(old_dn), ldb_dn_get_linearized(dsdb_dn->dn), - GUID_string(tmp_ctx, &link_guid), + link_guid_str, ldb_errstring(ldb)); talloc_free(tmp_ctx); return ret; @@ -766,7 +779,7 @@ static int linked_attributes_fix_links(struct ldb_module *module, el->name, target->lDAPDisplayName, ldb_dn_get_linearized(old_dn), ldb_dn_get_linearized(dsdb_dn->dn), - GUID_string(tmp_ctx, &link_guid)); + link_guid_str); talloc_free(tmp_ctx); return LDB_ERR_OPERATIONS_ERROR; } diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index cfa63af7066..1fcd19110c8 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -2142,15 +2142,14 @@ static int get_parsed_dns(struct ldb_module *module, TALLOC_CTX *mem_ctx, * We also ensure that the links are in the Functional Level 2003 * linked attributes format. */ -static int get_parsed_dns_trusted(struct ldb_module *module, - struct replmd_private *replmd_private, - TALLOC_CTX *mem_ctx, - struct ldb_message_element *el, - struct parsed_dn **pdn, - const char *ldap_oid, - struct ldb_request *parent) +static int get_parsed_dns_trusted_fallback(struct ldb_module *module, + struct replmd_private *replmd_private, + TALLOC_CTX *mem_ctx, + struct ldb_message_element *el, + struct parsed_dn **pdn, + const char *ldap_oid, + struct ldb_request *parent) { - unsigned int i; int ret; if (el == NULL) { *pdn = NULL; @@ -2167,17 +2166,11 @@ static int get_parsed_dns_trusted(struct ldb_module *module, return ret; } } else { - /* Here we get a list of 'struct parsed_dns' without the parsing */ - *pdn = talloc_zero_array(mem_ctx, struct parsed_dn, - el->num_values); - if (!*pdn) { + ret = get_parsed_dns_trusted(mem_ctx, el, pdn); + if (ret != LDB_SUCCESS) { ldb_module_oom(module); return LDB_ERR_OPERATIONS_ERROR; } - - for (i = 0; i < el->num_values; i++) { - (*pdn)[i].v = &el->values[i]; - } } /* @@ -2318,10 +2311,10 @@ static int replmd_check_upgrade_links(struct ldb_context *ldb, /* * This sort() is critical for the operation of - * get_parsed_dns_trusted() because callers of this function + * get_parsed_dns_trusted_fallback() because callers of this function * expect a sorted list, and FL2000 style links are not * sorted. In particular, as well as the upgrade case, - * get_parsed_dns_trusted() is called from + * get_parsed_dns_trusted_fallback() is called from * replmd_delete_remove_link() even in FL2000 mode * * We do not normally pay the cost of the qsort() due to the @@ -2496,9 +2489,10 @@ static int replmd_modify_la_add(struct ldb_module *module, } /* get the existing DNs, lazily parsed */ - ret = get_parsed_dns_trusted(module, replmd_private, - tmp_ctx, old_el, &old_dns, - schema_attr->syntax->ldap_oid, parent); + ret = get_parsed_dns_trusted_fallback(module, replmd_private, + tmp_ctx, old_el, &old_dns, + schema_attr->syntax->ldap_oid, + parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -2820,9 +2814,10 @@ static int replmd_modify_la_delete(struct ldb_module *module, return ret; } - ret = get_parsed_dns_trusted(module, replmd_private, - tmp_ctx, old_el, &old_dns, - schema_attr->syntax->ldap_oid, parent); + ret = get_parsed_dns_trusted_fallback(module, replmd_private, + tmp_ctx, old_el, &old_dns, + schema_attr->syntax->ldap_oid, + parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -3376,7 +3371,11 @@ static int replmd_modify_handle_linked_attribs(struct ldb_module *module, el->flags, el->name); return LDB_ERR_UNWILLING_TO_PERFORM; } - if (dsdb_check_single_valued_link(schema_attr, el) != LDB_SUCCESS) { + if (ret != LDB_SUCCESS) { + return ret; + } + ret = dsdb_check_single_valued_link(schema_attr, el); + if (ret != LDB_SUCCESS) { ldb_asprintf_errstring(ldb, "Attribute %s is single valued but more than one value has been supplied", el->name); @@ -3390,9 +3389,6 @@ static int replmd_modify_handle_linked_attribs(struct ldb_module *module, el->flags |= LDB_FLAG_INTERNAL_DISABLE_SINGLE_VALUE_CHECK; } - if (ret != LDB_SUCCESS) { - return ret; - } if (old_el) { ldb_msg_remove_attr(old_msg, el->name); } @@ -4086,9 +4082,11 @@ static int replmd_delete_remove_link(struct ldb_module *module, * this is safe to call in FL2000 or on databases that * have been run at that level in the past. */ - ret = get_parsed_dns_trusted(module, replmd_private, tmp_ctx, - link_el, &link_dns, - target_attr->syntax->ldap_oid, parent); + ret = get_parsed_dns_trusted_fallback(module, replmd_private, + tmp_ctx, + link_el, &link_dns, + target_attr->syntax->ldap_oid, + parent); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); return ret; @@ -8333,11 +8331,12 @@ static int replmd_process_la_group(struct ldb_module *module, * group, so we try to minimize the times we do it) */ if (pdn_list == NULL) { - ret = get_parsed_dns_trusted(module, replmd_private, - tmp_ctx, old_el, - &pdn_list, - attr->syntax->ldap_oid, - NULL); + ret = get_parsed_dns_trusted_fallback(module, + replmd_private, + tmp_ctx, old_el, + &pdn_list, + attr->syntax->ldap_oid, + NULL); if (ret != LDB_SUCCESS) { return ret; diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c index 9c6b9801d7f..9a4da547e04 100644 --- a/source4/rpc_server/drsuapi/getncchanges.c +++ b/source4/rpc_server/drsuapi/getncchanges.c @@ -225,28 +225,6 @@ fail: } } -/* - * Similar to function in repl_meta_data without the extra - * dependencies. -- Samba Shared Repository