The branch, master has been updated via bc1583d3689 selftest: correcting empty attribute usage in requests via 64bccb9bca7 ldap: test for empty attributes list from ad3af7cdffb lib util debug: Increase format buffer to 4KiB
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit bc1583d368902c2e384ed0080c8de003b982a6f7 Author: Aaron Haslett <aaronhasl...@catalyst.net.nz> Date: Thu Mar 28 15:54:06 2019 +1300 selftest: correcting empty attribute usage in requests Many parts of Samba use an empty attribute list in requests expecting all attributes to be returned in the response, which is incorrect. This patch corrects the instances found by current CI tests. Static analysis and debugging will need to be done before changing ildap to the correct semantics. Signed-off-by: Aaron Haslett <aaronhasl...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Garming Sam <garm...@samba.org> Autobuild-Date(master): Mon May 6 05:45:55 UTC 2019 on sn-devel-184 commit 64bccb9bca77b0b7b46f645267f81f879f31e3d1 Author: Aaron Haslett <aaronhasl...@catalyst.net.nz> Date: Wed Mar 20 19:17:07 2019 +1300 ldap: test for empty attributes list Test for LDAP request with an empty attribute list. LDB responds with no attributes, but LDAP responds with all attributes. Fix is attached to the bug below but we can't push it upstream until we've found all instances of incorrect empty attribute list usage in Samba. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13852 Signed-off-by: Aaron Haslett <aaronhasl...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: python/samba/tests/samba_tool/computer.py | 2 +- python/samba/tests/samba_tool/group.py | 3 +-- python/samba/tests/samba_tool/ou.py | 3 +-- python/samba/tests/samba_tool/user.py | 2 +- selftest/knownfail.d/ldap | 3 ++- source4/dsdb/tests/python/ldap.py | 17 +++++++++++++++++ source4/dsdb/tests/python/sec_descriptor.py | 2 +- 7 files changed, 24 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/python/samba/tests/samba_tool/computer.py b/python/samba/tests/samba_tool/computer.py index 38ea5f774c4..6b06d4f32f6 100644 --- a/python/samba/tests/samba_tool/computer.py +++ b/python/samba/tests/samba_tool/computer.py @@ -282,7 +282,7 @@ class ComputerCmdTestCase(SambaToolCmdTest): self.samdb.domain_dn())) computerlist = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, - expression=search_filter, attrs=[]) + expression=search_filter) if computerlist: return computerlist[0] else: diff --git a/python/samba/tests/samba_tool/group.py b/python/samba/tests/samba_tool/group.py index 9862251ff01..e521c720b77 100644 --- a/python/samba/tests/samba_tool/group.py +++ b/python/samba/tests/samba_tool/group.py @@ -243,8 +243,7 @@ class GroupCmdTestCase(SambaToolCmdTest): self.samdb.domain_dn())) grouplist = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, - expression=search_filter, - attrs=[]) + expression=search_filter) if grouplist: return grouplist[0] else: diff --git a/python/samba/tests/samba_tool/ou.py b/python/samba/tests/samba_tool/ou.py index d318fd3ff85..39b0cad4250 100644 --- a/python/samba/tests/samba_tool/ou.py +++ b/python/samba/tests/samba_tool/ou.py @@ -264,8 +264,7 @@ class OUCmdTestCase(SambaToolCmdTest): self.samdb.domain_dn())) oulist = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, - expression=search_filter, - attrs=[]) + expression=search_filter) if oulist: return oulist[0] else: diff --git a/python/samba/tests/samba_tool/user.py b/python/samba/tests/samba_tool/user.py index 1816b895de4..7ae80876b2a 100644 --- a/python/samba/tests/samba_tool/user.py +++ b/python/samba/tests/samba_tool/user.py @@ -592,7 +592,7 @@ sAMAccountName: %s search_filter = "(&(sAMAccountName=%s)(objectCategory=%s,%s))" % (ldb.binary_encode(name), "CN=Person,CN=Schema,CN=Configuration", self.samdb.domain_dn()) userlist = self.samdb.search(base=self.samdb.domain_dn(), scope=ldb.SCOPE_SUBTREE, - expression=search_filter, attrs=[]) + expression=search_filter) if userlist: return userlist[0] else: diff --git a/selftest/knownfail.d/ldap b/selftest/knownfail.d/ldap index 5bb01bc38bf..0331d3687d4 100644 --- a/selftest/knownfail.d/ldap +++ b/selftest/knownfail.d/ldap @@ -1,2 +1,3 @@ # the attributes too long test returns the wrong error -^samba4.ldap.python.+test_attribute_ranges_too_long \ No newline at end of file +^samba4.ldap.python.+test_attribute_ranges_too_long +samba4.ldap.python\(ad_dc_default\).*__main__.BasicTests.test_ldapSearchNoAttributes diff --git a/source4/dsdb/tests/python/ldap.py b/source4/dsdb/tests/python/ldap.py index b46d3a1a4b7..9b43daa5891 100755 --- a/source4/dsdb/tests/python/ldap.py +++ b/source4/dsdb/tests/python/ldap.py @@ -3175,6 +3175,23 @@ nTSecurityDescriptor:: """ + desc_base64 self.assertTrue(len(res[0]["msTSExpireDate"]) == 1) self.assertEquals(str(res[0]["msTSExpireDate"][0]), v_get) + def test_ldapSearchNoAttributes(self): + """Testing ldap search with no attributes""" + + user_name = "testemptyattributesuser" + user_dn = "CN=%s,%s" % (user_name, self.base_dn) + delete_force(self.ldb, user_dn) + + self.ldb.add({"dn": user_dn, + "objectClass": "user", + "sAMAccountName": user_name}) + + res = self.ldb.search(user_dn, scope=SCOPE_BASE, attrs=[]) + delete_force(self.ldb, user_dn) + + self.assertEqual(len(res), 1) + self.assertEqual(len(res[0]), 0) + class BaseDnTests(samba.tests.TestCase): diff --git a/source4/dsdb/tests/python/sec_descriptor.py b/source4/dsdb/tests/python/sec_descriptor.py index 5e0f1453423..a495356ac48 100755 --- a/source4/dsdb/tests/python/sec_descriptor.py +++ b/source4/dsdb/tests/python/sec_descriptor.py @@ -1847,7 +1847,7 @@ class SdFlagsDescriptorTests(DescriptorTests): self.assertFalse("nTSecurityDescriptor" in res[0]) res = self.ldb_admin.search(self.base_dn, SCOPE_BASE, None, - [], controls=["sd_flags:1:%d" % (sd_flags)]) + controls=["sd_flags:1:%d" % (sd_flags)]) self.assertTrue("nTSecurityDescriptor" in res[0]) tmp = res[0]["nTSecurityDescriptor"][0] sd = ndr_unpack(security.descriptor, tmp) -- Samba Shared Repository