[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-3528-g2d98ad5
Michael Adam
obnox at samba.org
Fri Aug 1 15:17:33 GMT 2008
The branch, v3-3-test has been updated
via 2d98ad57f56ddd4318bc721929a3ca9ede189a25 (commit)
via 635baf6b7d2a1822ceb48aa4bc47569ef19d51cc (commit)
via 1072bd9f96ff3853e5ff58239123fc8c76a99063 (commit)
via 9391aec8d4600c685b14d3cd1624f8758f2cc80d (commit)
via 21385e1c635ea67215eb1da90e7dca97ae2f5d56 (commit)
via 12e884f227e240860e49f9e41d8c1f45e10ad3be (commit)
via a5f4e3ad95c26064881918f3866efa7556055a8f (commit)
via 6047f7b68548b33a2c132fc4333355a2c6abb19a (commit)
via f40eb8cc20a297c57f6db22e0c2457ce7425d00c (commit)
via d0bd9195f04ae0f45c2e571d31625b31347f13e9 (commit)
via 0f81111ea8c049eb60f98d4939e520a5a562d2e6 (commit)
via a013f926ae5aadf64e02ef9254306e32aea79e80 (commit)
via 50b1673289f5c147bdb4953f3511a7afe783758c (commit)
via 2360f0a19f0fb89798b814a02cfca335a4a35b6d (commit)
via 0ddde9aae88e6244276e1c143056a4bfc7c7fcca (commit)
via ec959b4609c3f4927a9f2811c46d738f9c78a914 (commit)
via 6e53dc2db882d88470be5dfa1155b420fac8e6c5 (commit)
via 012b33f1c52df086e4f20e7494248d98fbced76a (commit)
via 93cda1aa0a627e81eff46547b247801aec2880a3 (commit)
via 04fb9322d5f52d5cb3d9fe2a95dbfb2481ab7f9d (commit)
via 47c8b3391cb1bb9656f93b55f9ea39c78b74ed36 (commit)
via d745c1af405058ec23d7d0c139505576a99f9057 (commit)
via d4b36e447bce8692416e132ab9f53a6282f54cac (commit)
via 54e2dc1f4e0e2c7a6dcb171e51a608d831c8946e (commit)
via 3c463745445f6b64017918f442bf1021be219e83 (commit)
via d3354c3516b56f254583f3dd065302b27d02af2b (commit)
via 9fbc3d49035123ec11cc2248f0b14661dd1e9b2d (commit)
via 85c7e3ae29a6f25ed0b6917ff73baea9c6c905c6 (commit)
via c83e54f1eb3021d13fb0a3c3f6b556a338d2a8c3 (commit)
via 6913919e3a36ebff87a882ba589d36bcd0781ee6 (commit)
via 717bd6f6c3ec94e3b8b5845c43717a5fbd41c38f (commit)
via a6f61c05b270c82f4bfce8a6850f81a09ad29087 (commit)
via 344428d96c9be87eae1d715a8b8fcd6ad02142f8 (commit)
via 484b35f319178f360e406a1bc725dca2e9d95ee3 (commit)
via 7a1d526cba4c93bb858a60d04b6486507fc25398 (commit)
via d21ea83f9392c8fa002d5b924dddca4190e82d09 (commit)
via f3c110097f2f6c5dd329f2ca595644c6a368a552 (commit)
via cb91d07413430e0e0a16846d2c44aae8c165400e (commit)
via 447b8b1122a35d4bc0ec0f88fb46d18cddcf6eb9 (commit)
via 2b000a2acde8a09dabb538bdf89d7b885ce361d2 (commit)
via f4a01178a3d8d71f416a3b67ce6b872420f211c0 (commit)
via a2a88808df16d153f45337b740391d419d87e87a (commit)
via d75b7a2052f1e447f2b3b63fdb054abef4403edf (commit)
via 3a2a69137e69c4bd0faa6af22d17e11dac022049 (commit)
via 61b41aa615d5d46305653845584df7b1803f07ec (commit)
via bf17d6af6104d20019a43e5486257085b9786793 (commit)
via 7fabe2567d0bd12fe3ade1d00b94b6c403fe79b5 (commit)
via 01318fb27a1aa9e5fed0d4dd882a123ab568ac37 (commit)
via a51a60066b6703fc4e5db3536903abf1cdaca885 (commit)
via 61f071de92a7011c70f72dc31fef4430ffb1515a (commit)
via 7dd32b56a65574db95f4a0e136f54bd73862c59f (commit)
via e6f6e61da46f02bb2676c705974adc26bdfa2623 (commit)
via 79151db6eae234a1f9e5131b7776689a4f03a0ef (commit)
via c51c3339f35e3bd921080d2e226e2422fc23e1e6 (commit)
from f67b6fd97e177a527e896861f337c2e70541f697 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit 2d98ad57f56ddd4318bc721929a3ca9ede189a25
Author: Michael Adam <obnox at samba.org>
Date: Fri Aug 1 17:13:42 2008 +0200
libnet dssync: start memory allocation cleanup: use tmp ctx in libnet_dssync().
Don't leak temporary data to callers but use a temporary context
that is freed at the end.
Michael
commit 635baf6b7d2a1822ceb48aa4bc47569ef19d51cc
Author: Michael Adam <obnox at samba.org>
Date: Fri Aug 1 17:10:59 2008 +0200
libnet dssync: fix memory allocation for error/result messages.
Use the libnet_dssync_context as a talloc context for the
result_message and error_message string members.
Using the passed in mem_ctx makes the implicit assumption
that mem_ctx is at least as long-lived as the libnet_dssync_context,
which is wrong.
Michael
commit 1072bd9f96ff3853e5ff58239123fc8c76a99063
Author: Michael Adam <obnox at samba.org>
Date: Fri Aug 1 17:09:08 2008 +0200
dssync keytab: add comment header explaining add_to_keytab_entries().
Michael
commit 9391aec8d4600c685b14d3cd1624f8758f2cc80d
Author: Michael Adam <obnox at samba.org>
Date: Fri Aug 1 14:26:46 2008 +0200
libnet dssync: add my C after dssync keytab changes.
Michael
commit 21385e1c635ea67215eb1da90e7dca97ae2f5d56
Author: Michael Adam <obnox at samba.org>
Date: Fri Aug 1 00:12:18 2008 +0200
vampire keytab: add command line switch --clean-old-entries .
This allows to control cleaning the keytab.
It will only clean old occurences of keys that are replicated in
this run. So if you want to ensure things are cleaned up, combine
this switch with --force-full-repl or --single-obj-repl (+dn list).
Michael
commit 12e884f227e240860e49f9e41d8c1f45e10ad3be
Author: Michael Adam <obnox at samba.org>
Date: Fri Aug 1 00:09:28 2008 +0200
dssync: add clean_old_entries flag to dssync_ctx.
Initialize it to false.
And pass it down to the libnet_keytab context in
libnet_dssync_keytab.c:keytab_startup().
Unused yet.
Michael
Note: This might not be not 100% clean design to put this into the
toplevel dssync context while it is keytab specific. But then, on the
other hand, other imaginable backends might want to use this flag, too...
commit a5f4e3ad95c26064881918f3866efa7556055a8f
Author: Michael Adam <obnox at samba.org>
Date: Fri Aug 1 00:07:40 2008 +0200
libnet keytab: implement cleaning of old entries in libnet_keytab_add().
Triggered by the flag clean_old_entries from the libnet_keytab_contex
(unused yet...).
Michael
commit 6047f7b68548b33a2c132fc4333355a2c6abb19a
Author: Michael Adam <obnox at samba.org>
Date: Fri Aug 1 00:05:42 2008 +0200
libnet keytab: add parameter ingnore_kvno to libnet_keytab_remove_entries()
to allow for removing all entries with given principal and enctype without
repecting the kvno (i.e. cleaning "old" entries...)
This is called with ignore_kvno == false from libnet_keytab_add_entry() to
keep the original behaviour.
Michael
commit f40eb8cc20a297c57f6db22e0c2457ce7425d00c
Author: Michael Adam <obnox at samba.org>
Date: Fri Aug 1 00:03:10 2008 +0200
libnet keytab: add flag clean_old_entries to libnet_keytab_context.
Michael
commit d0bd9195f04ae0f45c2e571d31625b31347f13e9
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 31 23:15:35 2008 +0200
libnet keytab: use proper counter type (uint32_t) in libnet_keytab_add().
Michael
commit 0f81111ea8c049eb60f98d4939e520a5a562d2e6
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 31 23:05:45 2008 +0200
vampire keytab: introduce switch --single-obj-repl.
This controls whether single object replication is to be used.
This only has an effect when at least one object dn is given
on the commandline.
NOTE: Now the default is to use normal replication with uptodateness
vectors and use object dns given on the command line as a positive
write filter. Single object replication is only performed when this
new switch is specified.
Michael
commit a013f926ae5aadf64e02ef9254306e32aea79e80
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 31 22:53:41 2008 +0200
dssync keytab: when not in single object replication mode, use object dn list as write filter.
I.e. only the passwords and keys of those objects whose dns are provided
are written to the keytab file. Others are skippded.
Michael
commit 50b1673289f5c147bdb4953f3511a7afe783758c
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 31 12:25:06 2008 +0200
dssync keytab: support storing kerberos keys from supplemental credentials.
Michael
commit 2360f0a19f0fb89798b814a02cfca335a4a35b6d
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 30 17:53:28 2008 +0200
libnet dssync: rename flag single to single_object_replication
So that it is more obvious what this controls.
Michael
commit 0ddde9aae88e6244276e1c143056a4bfc7c7fcca
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 30 17:46:13 2008 +0200
net rpc vampire: rename --repl-nodiff to --force-full-repl.
This more clear.
Michael
commit ec959b4609c3f4927a9f2811c46d738f9c78a914
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 30 17:44:22 2008 +0200
libnet dssync: rename repl_nodiff flag to force_full_replication.
Michael
commit 6e53dc2db882d88470be5dfa1155b420fac8e6c5
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 30 13:02:36 2008 +0200
libnet dssync: support lists of dns (instead of one dn) for single object replication.
Just specify several DNs separated by spaces on the command line of
"net rpc vampire keytab" to get the passwords for each of these
accouns via single object replication.
Michael
commit 012b33f1c52df086e4f20e7494248d98fbced76a
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 30 12:35:45 2008 +0200
libnet dssync: move determination of request level into build_request()
...where it belongs.
Michael
commit 93cda1aa0a627e81eff46547b247801aec2880a3
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 30 12:32:30 2008 +0200
libnet dssync: refactor dsgetncchanges loop out into libnet_dssync_getncchanges().
Michael
commit 04fb9322d5f52d5cb3d9fe2a95dbfb2481ab7f9d
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 30 12:31:38 2008 +0200
libnet dssync: fix single object replication by adding one check.
Before, this used the old uptodate vector in the request...
Michael
commit 47c8b3391cb1bb9656f93b55f9ea39c78b74ed36
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 30 12:00:49 2008 +0200
libnet dssync: simplify logic of libnet_dssync_process() main loop.
Untangle parsing of results and processing.
Make loop logic more obvious.
Call finishing operation after the loop, not inside.
Michael
commit d745c1af405058ec23d7d0c139505576a99f9057
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 30 10:27:00 2008 +0200
libnet dssync: refactor creation of request out into new function
libnet_dssync_build_request().
Michael
commit d4b36e447bce8692416e132ab9f53a6282f54cac
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 22:52:59 2008 +0200
vampire keytab: add switch --repl-nodiff to trigger full replication.
I.e. replication without keeping track of the up to date vector.
Michael
commit 54e2dc1f4e0e2c7a6dcb171e51a608d831c8946e
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 18:07:07 2008 +0200
dssync keytab: store the samaccountname in the keytab for diff replication.
When retreiving a diff replication, the sAMAccountName attribute is usually
not replicated. So in order to build the principle, we need to store the
sAMAccounName in the keytab, referenced by the DN of the object, so that
it can be retrieved if necessary.
It is stored in the form of SAMACCOUNTNAME/object_dn at dns_domain_name
with kvno=0 and ENCTYPE_NONE.
Michael
commit 3c463745445f6b64017918f442bf1021be219e83
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 18:05:13 2008 +0200
dssync keytab: move handling of removal of duplicates to libnet_keytab_add_entry().
This makes libnet_keytab_remove_entries static and moves it up.
libnet_keytab_add_entry() now removes the duplicates in advance.
No special handling neede for the UTDV - this is also needed
for other entries...
Michael
commit d3354c3516b56f254583f3dd065302b27d02af2b
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 17:54:01 2008 +0200
libnet_keytab: add some debug statements to libnet_keytab_search().
Michael
commit 9fbc3d49035123ec11cc2248f0b14661dd1e9b2d
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 15:23:12 2008 +0200
dssync keytab: store the UpToDate vector with ENCTYPE_NULL.
Michael
commit 85c7e3ae29a6f25ed0b6917ff73baea9c6c905c6
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 15:21:30 2008 +0200
libnet keytab: use libnet_keytab_add_entry() in libnet_keytab_add().
This will in particular allow us to store ENCTYPE_NULL.
Michael
commit c83e54f1eb3021d13fb0a3c3f6b556a338d2a8c3
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 15:19:18 2008 +0200
libnet keytab: add function libnet_keytab_add_entry()
This is a stripped down version of smb_krb5_kt_add_entry() that
takes one explicit enctype instead of an array. And it does
not neither salting of keys nor cleanup of old entries.
Michael
commit 6913919e3a36ebff87a882ba589d36bcd0781ee6
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 14:15:07 2008 +0200
dssync keytab: log the DN of the object to be parsed.
For debugging purposes.
Michael
commit 717bd6f6c3ec94e3b8b5845c43717a5fbd41c38f
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 14:13:37 2008 +0200
dssync keytab: remove old UpToDateNess vectors from keytab before storing new one.
Michael
commit a6f61c05b270c82f4bfce8a6850f81a09ad29087
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 22 11:39:01 2008 +0200
libnet keytab: add function libnet_keytab_remove_entries().
This can be used to remove entries of given principal, kvno and enctype.
Michael
commit 344428d96c9be87eae1d715a8b8fcd6ad02142f8
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 14:39:40 2008 +0200
libnet_keytab: cleanup libnet_keytab_search().
Michael
commit 484b35f319178f360e406a1bc725dca2e9d95ee3
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 13:32:17 2008 +0200
libnet keytab: test for matching enctype in libnet_keytab_search().
Michael
commit 7a1d526cba4c93bb858a60d04b6486507fc25398
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 12:55:19 2008 +0200
dssync keytab: add parsing and logging of servicePrincipalName-s
As with the userPrincipalName, this is for debugging purposes only (for now..).
Michael
commit d21ea83f9392c8fa002d5b924dddca4190e82d09
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 12:54:46 2008 +0200
dssync keytab: fix comma placement in debug output
Michael
commit f3c110097f2f6c5dd329f2ca595644c6a368a552
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 10:17:15 2008 +0200
dssync keytab: add debugging output when skipping an object.
Michael
commit cb91d07413430e0e0a16846d2c44aae8c165400e
Author: Michael Adam <obnox at samba.org>
Date: Tue Jul 29 10:16:37 2008 +0200
libnet keytab: add enctype parameter to libnet_keytab_search().
Not really used yet.
Note: callers use ENCTYPE_ARCFOUR_HMAC enctype for UTDV (for now).
This is what is currently stored. This is to be changed
to ENCTYPE_NULL.
Michael
commit 447b8b1122a35d4bc0ec0f88fb46d18cddcf6eb9
Author: Michael Adam <obnox at samba.org>
Date: Mon Jul 28 14:42:30 2008 +0200
dssync keytab: add store enctypes in the libnet_keytype_entry structs.
Still unused by the libnet_keytab_add() function.
This will follow.
In preparation of supporting multiple encryption types in libnet_dssync_keytab.
Michael
commit 2b000a2acde8a09dabb538bdf89d7b885ce361d2
Author: Michael Adam <obnox at samba.org>
Date: Mon Jul 28 14:40:54 2008 +0200
libnet_keytab: add enctype field to libnet_keytab_entry struct.
In preparation of supporting more enctyption types in libnet_dssync_keytab.
Michael
commit f4a01178a3d8d71f416a3b67ce6b872420f211c0
Author: Michael Adam <obnox at samba.org>
Date: Fri Jul 18 00:18:40 2008 +0200
dssync: allow replications of a single obj with net rpc vampire keytab.
This is triggered by setting the new "single" flag in the dssync_context
and filling the "object_dn" member with the dn of the object to be
fetched.
This call is accomplished by specifying the DRSUAPI_EXOP_REPL_OBJ
extended operation in the DsGetNCCHanges request. This variant does
honor an up-to-date-ness vectore passed in, but the answer does not
return a new up-to-dateness vector.
Call this operation as "net rpc vampire keytab /path/keytab object_dn" .
Michael
commit a2a88808df16d153f45337b740391d419d87e87a
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 17 01:05:06 2008 +0200
dssync: pass uptodateness vector into and out of DsGetNCChanges request.
Also store the new uptodateness vector in the backend after completion
and retrieve the old vector before sending the DsGetNCChanges request.
This effectively accomplishes differential replication.
Michael
commit d75b7a2052f1e447f2b3b63fdb054abef4403edf
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 17 13:32:19 2008 +0200
dssync: skip analysis of the msDS_KeyVersionNumber attribute:
It is a calculated attribute that won't get distributed via replication.
Michael
commit 3a2a69137e69c4bd0faa6af22d17e11dac022049
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 17 13:05:43 2008 +0200
dssync: either use the req5 or the req8 request, depending on the supported_extenstion
that have been recorded in the remote_info28 in the dssync_context.
Michael
commit 61b41aa615d5d46305653845584df7b1803f07ec
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 17 13:04:04 2008 +0200
dssync: record the bind info in the new remote_info28 in libnet_dssync_bind().
This extracts the info24 data in case this is what was returned (instead of info28).
E.g. windows 2000 returns info24.
Michael
commit bf17d6af6104d20019a43e5486257085b9786793
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 17 13:02:31 2008 +0200
dssync: add a drsuapi_DsBindInfo28 struct to the dssync_context struct
to keep track of what the server told us upon DsBind.
Michael
commit 7fabe2567d0bd12fe3ade1d00b94b6c403fe79b5
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 17 11:54:32 2008 +0200
dssync keytab: wrap printing of the uptodate vector in DEBUGLEVEL >= 10 checks
Michael
commit 01318fb27a1aa9e5fed0d4dd882a123ab568ac37
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 17 00:54:35 2008 +0200
dssync keytab: add support for keeping track of the up-to-date-ness vector.
The startup operation should get the old up-to-date-ness vector from the backend
and the finish operation should store the new vector to the backend after replication.
This adds the change of the signatures of the operations ot the dssync_ops struct
and the implementation for the keytab ops. The up-to-date-ness vector is stored
under the principal constructed as UTDV/$naming_context_dn@$dns_domain_name.
The vector is still uninterpreted in libnet_dssync_process().
This will be the next step...
This code is essentially by Metze.
Michael
commit a51a60066b6703fc4e5db3536903abf1cdaca885
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 17 00:53:13 2008 +0200
libnet_keytab: add a libnet_keytab_search() function
that searches and fetches an entry from a keytab file by principal and kvno.
This code is by metze.
Michael
commit 61f071de92a7011c70f72dc31fef4430ffb1515a
Author: Michael Adam <obnox at samba.org>
Date: Thu Jul 24 00:30:07 2008 +0200
dssync keytab: use add_to_keytab_entries() for pwd history in parse_object().
Michael
commit 7dd32b56a65574db95f4a0e136f54bd73862c59f
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 16 23:12:31 2008 +0200
dssync keytab: add prefix parameter to add_to_keytab_entries() for flexibility.
This will allow to construct principals of the form PREFIX/name at domain
Michael
commit e6f6e61da46f02bb2676c705974adc26bdfa2623
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 16 23:10:20 2008 +0200
dssync keytab: add check for success of ADD_TO_ARRAY().
Michael
commit 79151db6eae234a1f9e5131b7776689a4f03a0ef
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 16 23:08:40 2008 +0200
dssync keytab: refactor adding entry to keytab_context out into new function
add_to_keytab_entries()
Michael
commit c51c3339f35e3bd921080d2e226e2422fc23e1e6
Author: Michael Adam <obnox at samba.org>
Date: Wed Jul 16 17:12:04 2008 +0200
dssync: replace the processing_fn by startup/process/finish ops.
This remove static a variable for the keytab context in the keytab
processing function and simplifies the signature. The keytab context
is instead in the new private data member of the dssync_context struct.
This is in preparation of adding support for keeping track of the
up-to-date-ness vector, in order to be able to sync diffs instead
of the whole database.
Michael
-----------------------------------------------------------------------
Summary of changes:
source/include/smb.h | 1 +
source/libnet/libnet_dssync.c | 395 +++++++++++++++++++------
source/libnet/libnet_dssync.h | 32 ++-
source/libnet/libnet_dssync_keytab.c | 549 +++++++++++++++++++++++++++++-----
source/libnet/libnet_keytab.c | 289 +++++++++++++++++-
source/libnet/libnet_keytab.h | 2 +
source/libnet/libnet_proto.h | 5 +
source/utils/net.c | 4 +
source/utils/net.h | 3 +
source/utils/net_rpc_samsync.c | 11 +-
10 files changed, 1096 insertions(+), 195 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/smb.h b/source/include/smb.h
index d79439f..b8ff34f 100644
--- a/source/include/smb.h
+++ b/source/include/smb.h
@@ -279,6 +279,7 @@ extern const DATA_BLOB data_blob_null;
#include "librpc/gen_ndr/ntsvcs.h"
#include "librpc/gen_ndr/nbt.h"
#include "librpc/gen_ndr/drsuapi.h"
+#include "librpc/gen_ndr/drsblobs.h"
struct lsa_dom_info {
bool valid;
diff --git a/source/libnet/libnet_dssync.c b/source/libnet/libnet_dssync.c
index b55e6d1..684a2cc 100644
--- a/source/libnet/libnet_dssync.c
+++ b/source/libnet/libnet_dssync.c
@@ -3,6 +3,7 @@
Copyright (C) Stefan (metze) Metzmacher 2005
Copyright (C) Guenther Deschner 2008
+ Copyright (C) Michael Adam 2008
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -50,6 +51,7 @@ NTSTATUS libnet_dssync_init_context(TALLOC_CTX *mem_ctx,
NT_STATUS_HAVE_NO_MEMORY(ctx);
talloc_set_destructor(ctx, libnet_dssync_free_context);
+ ctx->clean_old_entries = false;
*ctx_p = ctx;
@@ -241,6 +243,35 @@ static NTSTATUS libnet_dssync_bind(TALLOC_CTX *mem_ctx,
return werror_to_ntstatus(werr);
}
+ ZERO_STRUCT(ctx->remote_info28);
+ switch (bind_info.length) {
+ case 24: {
+ struct drsuapi_DsBindInfo24 *info24;
+ info24 = &bind_info.info.info24;
+ ctx->remote_info28.site_guid = info24->site_guid;
+ ctx->remote_info28.supported_extensions = info24->supported_extensions;
+ ctx->remote_info28.pid = info24->pid;
+ ctx->remote_info28.repl_epoch = 0;
+ break;
+ }
+ case 28:
+ ctx->remote_info28 = bind_info.info.info28;
+ break;
+ case 48: {
+ struct drsuapi_DsBindInfo48 *info48;
+ info48 = &bind_info.info.info48;
+ ctx->remote_info28.site_guid = info48->site_guid;
+ ctx->remote_info28.supported_extensions = info48->supported_extensions;
+ ctx->remote_info28.pid = info48->pid;
+ ctx->remote_info28.repl_epoch = info48->repl_epoch;
+ break;
+ }
+ default:
+ DEBUG(1, ("Warning: invalid info length in bind info: %d\n",
+ bind_info.length));
+ break;
+ }
+
return status;
}
@@ -277,7 +308,7 @@ static NTSTATUS libnet_dssync_lookup_nc(TALLOC_CTX *mem_ctx,
&ctr,
&werr);
if (!NT_STATUS_IS_OK(status)) {
- ctx->error_message = talloc_asprintf(mem_ctx,
+ ctx->error_message = talloc_asprintf(ctx,
"Failed to lookup DN for domain name: %s",
get_friendly_werror_msg(werr));
return status;
@@ -330,59 +361,171 @@ static NTSTATUS libnet_dssync_init(TALLOC_CTX *mem_ctx,
/****************************************************************
****************************************************************/
-static NTSTATUS libnet_dssync_process(TALLOC_CTX *mem_ctx,
- struct dssync_context *ctx)
+static NTSTATUS libnet_dssync_build_request(TALLOC_CTX *mem_ctx,
+ struct dssync_context *ctx,
+ const char *dn,
+ struct replUpToDateVectorBlob *utdv,
+ int32_t *plevel,
+ union drsuapi_DsGetNCChangesRequest *preq)
{
NTSTATUS status;
- WERROR werr;
-
- int32_t level = 8;
- int32_t level_out = 0;
+ uint32_t count;
+ int32_t level;
union drsuapi_DsGetNCChangesRequest req;
- union drsuapi_DsGetNCChangesCtr ctr;
- struct drsuapi_DsReplicaObjectIdentifier nc;
struct dom_sid null_sid;
+ enum drsuapi_DsExtendedOperation extended_op;
+ struct drsuapi_DsReplicaObjectIdentifier *nc = NULL;
+ struct drsuapi_DsReplicaCursorCtrEx *cursors = NULL;
- struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL;
- struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL;
- int32_t out_level = 0;
- int y;
+ uint32_t replica_flags = DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE |
+ DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP |
+ DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS |
+ DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS |
+ DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED;
ZERO_STRUCT(null_sid);
ZERO_STRUCT(req);
- nc.dn = ctx->nc_dn;
- nc.guid = GUID_zero();
- nc.sid = null_sid;
+ if (ctx->remote_info28.supported_extensions
+ & DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8)
+ {
+ level = 8;
+ } else {
+ level = 5;
+ }
+
+ nc = TALLOC_ZERO_P(mem_ctx, struct drsuapi_DsReplicaObjectIdentifier);
+ if (!nc) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+ nc->dn = dn;
+ nc->guid = GUID_zero();
+ nc->sid = null_sid;
+
+ if (!ctx->single_object_replication &&
+ !ctx->force_full_replication && utdv)
+ {
+ cursors = TALLOC_ZERO_P(mem_ctx,
+ struct drsuapi_DsReplicaCursorCtrEx);
+ if (!cursors) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+
+ switch (utdv->version) {
+ case 1:
+ cursors->count = utdv->ctr.ctr1.count;
+ cursors->cursors = utdv->ctr.ctr1.cursors;
+ break;
+ case 2:
+ cursors->count = utdv->ctr.ctr2.count;
+ cursors->cursors = talloc_array(cursors,
+ struct drsuapi_DsReplicaCursor,
+ cursors->count);
+ if (!cursors->cursors) {
+ status = NT_STATUS_NO_MEMORY;
+ goto fail;
+ }
+ for (count = 0; count < cursors->count; count++) {
+ cursors->cursors[count].source_dsa_invocation_id =
+ utdv->ctr.ctr2.cursors[count].source_dsa_invocation_id;
+ cursors->cursors[count].highest_usn =
+ utdv->ctr.ctr2.cursors[count].highest_usn;
+ }
+ break;
+ }
+ }
+
+ if (ctx->single_object_replication) {
+ extended_op = DRSUAPI_EXOP_REPL_OBJ;
+ } else {
+ extended_op = DRSUAPI_EXOP_NONE;
+ }
+
+ if (level == 8) {
+ req.req8.naming_context = nc;
+ req.req8.replica_flags = replica_flags;
+ req.req8.max_object_count = 402;
+ req.req8.max_ndr_size = 402116;
+ req.req8.uptodateness_vector = cursors;
+ req.req8.extended_op = extended_op;
+ } else if (level == 5) {
+ req.req5.naming_context = nc;
+ req.req5.replica_flags = replica_flags;
+ req.req5.max_object_count = 402;
+ req.req5.max_ndr_size = 402116;
+ req.req5.uptodateness_vector = cursors;
+ req.req5.extended_op = extended_op;
+ } else {
+ status = NT_STATUS_INVALID_PARAMETER;
+ goto fail;
+ }
+
+ if (plevel) {
+ *plevel = level;
+ }
+
+ if (preq) {
+ *preq = req;
+ }
+
+ return NT_STATUS_OK;
+
+fail:
+ TALLOC_FREE(nc);
+ TALLOC_FREE(cursors);
+ return status;
+}
- req.req8.naming_context = &nc;
- req.req8.replica_flags = DRSUAPI_DS_REPLICA_NEIGHBOUR_WRITEABLE |
- DRSUAPI_DS_REPLICA_NEIGHBOUR_SYNC_ON_STARTUP |
- DRSUAPI_DS_REPLICA_NEIGHBOUR_DO_SCHEDULED_SYNCS |
- DRSUAPI_DS_REPLICA_NEIGHBOUR_RETURN_OBJECT_PARENTS |
- DRSUAPI_DS_REPLICA_NEIGHBOUR_NEVER_SYNCED;
- req.req8.max_object_count = 402;
- req.req8.max_ndr_size = 402116;
+static NTSTATUS libnet_dssync_getncchanges(TALLOC_CTX *mem_ctx,
+ struct dssync_context *ctx,
+ int32_t level,
+ union drsuapi_DsGetNCChangesRequest *req,
+ struct replUpToDateVectorBlob **pnew_utdv)
+{
+ NTSTATUS status;
+ WERROR werr;
+ union drsuapi_DsGetNCChangesCtr ctr;
+ struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL;
+ struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL;
+ struct replUpToDateVectorBlob *new_utdv = NULL;
+ int32_t level_out = 0;
+ int32_t out_level = 0;
+ int y;
+ bool last_query;
- for (y=0; ;y++) {
+ if (!ctx->single_object_replication) {
+ new_utdv = TALLOC_ZERO_P(mem_ctx, struct replUpToDateVectorBlob);
+ if (!new_utdv) {
+ status = NT_STATUS_NO_MEMORY;
+ goto out;
+ }
+ }
- bool last_query = true;
+ for (y=0, last_query = false; !last_query; y++) {
+ struct drsuapi_DsReplicaObjectListItemEx *first_object;
+ struct drsuapi_DsReplicaOIDMapping_Ctr *mapping_ctr;
if (level == 8) {
DEBUG(1,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
- (long long)req.req8.highwatermark.tmp_highest_usn,
- (long long)req.req8.highwatermark.highest_usn));
+ (long long)req->req8.highwatermark.tmp_highest_usn,
+ (long long)req->req8.highwatermark.highest_usn));
+ } else if (level == 5) {
+ DEBUG(1,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
+ (long long)req->req5.highwatermark.tmp_highest_usn,
+ (long long)req->req5.highwatermark.highest_usn));
}
status = rpccli_drsuapi_DsGetNCChanges(ctx->cli, mem_ctx,
&ctx->bind_handle,
level,
- &req,
+ req,
&level_out,
&ctr,
&werr);
if (!NT_STATUS_IS_OK(status)) {
- ctx->error_message = talloc_asprintf(mem_ctx,
+ ctx->error_message = talloc_asprintf(ctx,
"Failed to get NC Changes: %s",
get_friendly_werror_msg(werr));
goto out;
@@ -399,14 +542,14 @@ static NTSTATUS libnet_dssync_process(TALLOC_CTX *mem_ctx,
} else if (level_out == 2) {
out_level = 1;
ctr1 = ctr.ctr2.ctr.mszip1.ctr1;
- }
-
- status = cli_get_session_key(mem_ctx, ctx->cli, &ctx->session_key);
- if (!NT_STATUS_IS_OK(status)) {
- ctx->error_message = talloc_asprintf(mem_ctx,
- "Failed to get Session Key: %s",
- nt_errstr(status));
- return status;
+ } else if (level_out == 6) {
+ out_level = 6;
+ ctr6 = &ctr.ctr6;
+ } else if (level_out == 7
+ && ctr.ctr7.level == 6
+ && ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP) {
+ out_level = 6;
+ ctr6 = ctr.ctr7.ctr.mszip6.ctr6;
}
if (out_level == 1) {
@@ -414,78 +557,132 @@ static NTSTATUS libnet_dssync_process(TALLOC_CTX *mem_ctx,
(long long)ctr1->new_highwatermark.tmp_highest_usn,
(long long)ctr1->new_highwatermark.highest_usn));
- libnet_dssync_decrypt_attributes(mem_ctx,
- &ctx->session_key,
- ctr1->first_object);
+ first_object = ctr1->first_object;
+ mapping_ctr = &ctr1->mapping_ctr;
if (ctr1->more_data) {
- req.req5.highwatermark = ctr1->new_highwatermark;
- last_query = false;
+ req->req5.highwatermark = ctr1->new_highwatermark;
+ } else {
+ last_query = true;
+ if (ctr1->uptodateness_vector &&
+ !ctx->single_object_replication)
+ {
+ new_utdv->version = 1;
+ new_utdv->ctr.ctr1.count =
+ ctr1->uptodateness_vector->count;
+ new_utdv->ctr.ctr1.cursors =
+ ctr1->uptodateness_vector->cursors;
+ }
}
+ } else if (out_level == 6) {
+ DEBUG(1,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
+ (long long)ctr6->new_highwatermark.tmp_highest_usn,
+ (long long)ctr6->new_highwatermark.highest_usn));
- if (ctx->processing_fn) {
- status = ctx->processing_fn(mem_ctx,
- ctr1->first_object,
- &ctr1->mapping_ctr,
- last_query,
- ctx);
- if (!NT_STATUS_IS_OK(status)) {
- ctx->error_message = talloc_asprintf(mem_ctx,
- "Failed to call processing function: %s",
- nt_errstr(status));
- goto out;
+ first_object = ctr6->first_object;
+ mapping_ctr = &ctr6->mapping_ctr;
+
+ if (ctr6->more_data) {
+ req->req8.highwatermark = ctr6->new_highwatermark;
+ } else {
+ last_query = true;
+ if (ctr6->uptodateness_vector &&
+ !ctx->single_object_replication)
+ {
+ new_utdv->version = 2;
+ new_utdv->ctr.ctr2.count =
+ ctr6->uptodateness_vector->count;
+ new_utdv->ctr.ctr2.cursors =
+ ctr6->uptodateness_vector->cursors;
}
}
+ }
- if (!last_query) {
- continue;
- }
+ status = cli_get_session_key(mem_ctx, ctx->cli, &ctx->session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ ctx->error_message = talloc_asprintf(ctx,
+ "Failed to get Session Key: %s",
+ nt_errstr(status));
+ goto out;
}
- if (level_out == 6) {
- out_level = 6;
- ctr6 = &ctr.ctr6;
- } else if (level_out == 7
- && ctr.ctr7.level == 6
- && ctr.ctr7.type == DRSUAPI_COMPRESSION_TYPE_MSZIP) {
- out_level = 6;
- ctr6 = ctr.ctr7.ctr.mszip6.ctr6;
+ libnet_dssync_decrypt_attributes(mem_ctx,
+ &ctx->session_key,
+ first_object);
+
+ if (ctx->ops->process_objects) {
+ status = ctx->ops->process_objects(ctx, mem_ctx,
+ first_object,
+ mapping_ctr);
+ if (!NT_STATUS_IS_OK(status)) {
+ ctx->error_message = talloc_asprintf(ctx,
+ "Failed to call processing function: %s",
+ nt_errstr(status));
+ goto out;
+ }
}
+ }
- if (out_level == 6) {
- DEBUG(1,("end[%d] tmp_highest_usn: %llu , highest_usn: %llu\n",y,
- (long long)ctr6->new_highwatermark.tmp_highest_usn,
- (long long)ctr6->new_highwatermark.highest_usn));
+ *pnew_utdv = new_utdv;
- libnet_dssync_decrypt_attributes(mem_ctx,
- &ctx->session_key,
- ctr6->first_object);
+out:
+ return status;
+}
- if (ctr6->more_data) {
- req.req8.highwatermark = ctr6->new_highwatermark;
- last_query = false;
- }
+static NTSTATUS libnet_dssync_process(TALLOC_CTX *mem_ctx,
+ struct dssync_context *ctx)
+{
+ NTSTATUS status;
- if (ctx->processing_fn) {
- status = ctx->processing_fn(mem_ctx,
- ctr6->first_object,
- &ctr6->mapping_ctr,
- last_query,
- ctx);
- if (!NT_STATUS_IS_OK(status)) {
- ctx->error_message = talloc_asprintf(mem_ctx,
- "Failed to call processing function: %s",
- nt_errstr(status));
- goto out;
- }
- }
+ int32_t level;
+ union drsuapi_DsGetNCChangesRequest req;
+ struct replUpToDateVectorBlob *old_utdv = NULL;
+ struct replUpToDateVectorBlob *pnew_utdv = NULL;
+ const char **dns;
+ uint32_t dn_count;
+ uint32_t count;
- if (!last_query) {
- continue;
- }
+ status = ctx->ops->startup(ctx, mem_ctx, &old_utdv);
+ if (!NT_STATUS_IS_OK(status)) {
+ ctx->error_message = talloc_asprintf(ctx,
+ "Failed to call startup operation: %s",
+ nt_errstr(status));
+ goto out;
+ }
+
+ if (ctx->single_object_replication && ctx->object_dns) {
+ dns = ctx->object_dns;
+ dn_count = ctx->object_count;
+ } else {
+ dns = &ctx->nc_dn;
+ dn_count = 1;
+ }
+
+ for (count=0; count < dn_count; count++) {
+ status = libnet_dssync_build_request(mem_ctx, ctx,
+ dns[count],
+ old_utdv, &level,
+ &req);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto out;
}
- break;
+ status = libnet_dssync_getncchanges(mem_ctx, ctx, level, &req,
+ &pnew_utdv);
+ if (!NT_STATUS_IS_OK(status)) {
+ ctx->error_message = talloc_asprintf(ctx,
+ "Failed to call DsGetNCCHanges: %s",
+ nt_errstr(status));
+ goto out;
+ }
+ }
+
+ status = ctx->ops->finish(ctx, mem_ctx, pnew_utdv);
+ if (!NT_STATUS_IS_OK(status)) {
+ ctx->error_message = talloc_asprintf(ctx,
+ "Failed to call finishing operation: %s",
+ nt_errstr(status));
+ goto out;
}
out:
@@ -499,17 +696,25 @@ NTSTATUS libnet_dssync(TALLOC_CTX *mem_ctx,
struct dssync_context *ctx)
{
NTSTATUS status;
+ TALLOC_CTX *tmp_ctx;
- status = libnet_dssync_init(mem_ctx, ctx);
+ tmp_ctx = talloc_new(mem_ctx);
+ if (!tmp_ctx) {
+ return NT_STATUS_NO_MEMORY;
+ }
--
Samba Shared Repository
More information about the samba-cvs
mailing list