[SCM] Samba Shared Repository - branch master updated -
3d8323fbff85709ab64ea039044a555975821b7f
Jelmer Vernooij
jelmer at samba.org
Tue Sep 30 14:03:00 GMT 2008
The branch, master has been updated
via 3d8323fbff85709ab64ea039044a555975821b7f (commit)
via a36b6c5a42212e175ece8e9f5aa74f2741ec8868 (commit)
via 7f1c02cd7a8f4238041406acab061f34c587c69a (commit)
from ae385145347f8e7a10acd61a5217685c6c617661 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 3d8323fbff85709ab64ea039044a555975821b7f
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Tue Sep 30 16:02:21 2008 +0200
Compare sids in samba3sam tests.
commit a36b6c5a42212e175ece8e9f5aa74f2741ec8868
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Tue Sep 30 16:02:09 2008 +0200
Make Sid member variables accessible from Python.
commit 7f1c02cd7a8f4238041406acab061f34c587c69a
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Tue Sep 30 15:24:46 2008 +0200
Enable winreg Python tests - authentication works now.
-----------------------------------------------------------------------
Summary of changes:
source4/dsdb/samdb/ldb_modules/tests/samba3sam.py | 32 ++++--
source4/libcli/security/security.i | 6 +
source4/libcli/security/security.py | 4 +
source4/libcli/security/security_wrap.c | 118 ++++++++++++++++++++
source4/samba4-skip | 1 -
.../scripting/python/samba/tests/dcerpc/rpcecho.py | 3 +-
6 files changed, 151 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py b/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py
index 882376c..1fc5319 100644
--- a/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py
+++ b/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py
@@ -27,6 +27,9 @@ import ldb
from ldb import SCOPE_DEFAULT, SCOPE_BASE, SCOPE_SUBTREE
from samba import Ldb, substitute_var
from samba.tests import LdbTestCase, TestCaseInTempDir, cmdline_loadparm
+import samba.dcerpc.security
+import samba.security
+import samba.ndr
datadir = os.path.join(os.path.dirname(__file__),
"../../../../../testdata/samba3")
@@ -112,6 +115,18 @@ class MapBaseTestCase(TestCaseInTempDir):
os.unlink(self.samba4.file)
super(MapBaseTestCase, self).tearDown()
+ def assertSidEquals(self, text, ndr_sid):
+ sid_obj1 = samba.ndr.ndr_unpack(samba.dcerpc.security.dom_sid,
+ str(ndr_sid[0]))
+ sid_obj2 = samba.security.Sid(text)
+ # For now, this is the only way we can compare these since the
+ # classes are in different places. Should reconcile that at some point.
+ self.assertEquals(sid_obj1.sid_rev_num, sid_obj2.sid_rev_num)
+ self.assertEquals(sid_obj1.num_auths, sid_obj2.num_auths)
+ # FIXME: self.assertEquals(sid_obj1.id_auth, sid_obj2.id_auth)
+ # FIXME: self.assertEquals(sid_obj1.sub_auths[:sid_obj1.num_auths],
+ # sid_obj2.sub_auths[:sid_obj2.num_auths])
+
class Samba3SamTestCase(MapBaseTestCase):
@@ -150,10 +165,8 @@ class Samba3SamTestCase(MapBaseTestCase):
self.assertEquals(str(msg[0].dn),
"cn=Replicator,ou=Groups,dc=vernstok,dc=nl")
self.assertTrue("objectSid" in msg[0])
- # FIXME: NDR unpack msg[0]["objectSid"] before comparing:
- # self.assertEquals(msg[0]["objectSid"],
- # "S-1-5-21-4231626423-2410014848-2360679739-552")
- # Check mapping of objectClass
+ self.assertSidEquals("S-1-5-21-4231626423-2410014848-2360679739-552",
+ msg[0]["objectSid"])
oc = set(msg[0]["objectClass"])
self.assertEquals(oc, set(["group"]))
@@ -459,17 +472,14 @@ primaryGroupID: 1-5-21-4231626423-2410014848-2360679739-512
self.assertEquals(str(res[0].dn), self.samba4.dn("cn=X"))
self.assertEquals(res[0]["dnsHostName"], "x")
self.assertEquals(res[0]["lastLogon"], "x")
- # FIXME:Properly compare sid,requires converting between NDR encoding
- # and string
- #self.assertEquals(res[0]["objectSid"],
- # "S-1-5-21-4231626423-2410014848-2360679739-552")
+ self.assertSidEquals("S-1-5-21-4231626423-2410014848-2360679739-552",
+ res[0]["objectSid"])
self.assertTrue("objectSid" in res[0])
self.assertEquals(str(res[1].dn), self.samba4.dn("cn=A"))
self.assertTrue(not "dnsHostName" in res[1])
self.assertEquals(res[1]["lastLogon"], "x")
- # FIXME: Properly compare sid,see above
- #self.assertEquals(res[1]["objectSid"],
- # "S-1-5-21-4231626423-2410014848-2360679739-552")
+ self.assertSidEquals("S-1-5-21-4231626423-2410014848-2360679739-552",
+ res[1]["objectSid"])
self.assertTrue("objectSid" in res[1])
# Search by generated attribute
diff --git a/source4/libcli/security/security.i b/source4/libcli/security/security.i
index 6ba106b..420439d 100644
--- a/source4/libcli/security/security.i
+++ b/source4/libcli/security/security.i
@@ -105,6 +105,12 @@ typedef struct security_descriptor {
%talloctype(dom_sid);
typedef struct dom_sid {
+ %immutable;
+ uint8_t sid_rev_num;
+ int8_t num_auths;/* [range(0,15)] */
+ uint8_t id_auth[6];
+ uint32_t *sub_auths;
+ %mutable;
%extend {
dom_sid(TALLOC_CTX *mem_ctx, const char *text) {
return dom_sid_parse_talloc(mem_ctx, text);
diff --git a/source4/libcli/security/security.py b/source4/libcli/security/security.py
index c310dde..8afb3ed 100644
--- a/source4/libcli/security/security.py
+++ b/source4/libcli/security/security.py
@@ -147,6 +147,10 @@ security_descriptor_swigregister(security_descriptor)
class Sid(object):
thisown = _swig_property(lambda x: x.this.own(), lambda x, v: x.this.own(v), doc='The membership flag')
__repr__ = _swig_repr
+ sid_rev_num = _swig_property(_security.Sid_sid_rev_num_get)
+ num_auths = _swig_property(_security.Sid_num_auths_get)
+ id_auth = _swig_property(_security.Sid_id_auth_get)
+ sub_auths = _swig_property(_security.Sid_sub_auths_get)
def __init__(self, *args, **kwargs):
_security.Sid_swiginit(self,_security.new_Sid(*args, **kwargs))
def __repr__(self):
diff --git a/source4/libcli/security/security_wrap.c b/source4/libcli/security/security_wrap.c
index b7d66b5..f7e3c2f 100644
--- a/source4/libcli/security/security_wrap.c
+++ b/source4/libcli/security/security_wrap.c
@@ -2712,6 +2712,28 @@ SWIGINTERN void delete_security_token(security_token *self){ talloc_free(self);
SWIGINTERN security_descriptor *new_security_descriptor(TALLOC_CTX *mem_ctx){ return security_descriptor_initialise(mem_ctx); }
SWIGINTERN void delete_security_descriptor(security_descriptor *self){ talloc_free(self); }
+SWIGINTERNINLINE PyObject*
+SWIG_From_unsigned_SS_long (unsigned long value)
+{
+ return (value > LONG_MAX) ?
+ PyLong_FromUnsignedLong(value) : PyInt_FromLong((long)(value));
+}
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_From_unsigned_SS_char (unsigned char value)
+{
+ return SWIG_From_unsigned_SS_long (value);
+}
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_From_signed_SS_char (signed char value)
+{
+ return SWIG_From_long (value);
+}
+
+
SWIGINTERN swig_type_info*
SWIG_pchar_descriptor(void)
{
@@ -3337,6 +3359,98 @@ SWIGINTERN PyObject *security_descriptor_swiginit(PyObject *SWIGUNUSEDPARM(self)
return SWIG_Python_InitShadowInstance(args);
}
+SWIGINTERN PyObject *_wrap_Sid_sid_rev_num_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ dom_sid *arg1 = (dom_sid *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject *swig_obj[1] ;
+ uint8_t result;
+
+ if (!args) SWIG_fail;
+ swig_obj[0] = args;
+ res1 = SWIG_ConvertPtr(swig_obj[0], &argp1,SWIGTYPE_p_dom_sid, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "Sid_sid_rev_num_get" "', argument " "1"" of type '" "dom_sid *""'");
+ }
+ arg1 = (dom_sid *)(argp1);
+ result = (uint8_t) ((arg1)->sid_rev_num);
+ resultobj = SWIG_From_unsigned_SS_char((unsigned char)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_Sid_num_auths_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ dom_sid *arg1 = (dom_sid *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject *swig_obj[1] ;
+ int8_t result;
+
+ if (!args) SWIG_fail;
+ swig_obj[0] = args;
+ res1 = SWIG_ConvertPtr(swig_obj[0], &argp1,SWIGTYPE_p_dom_sid, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "Sid_num_auths_get" "', argument " "1"" of type '" "dom_sid *""'");
+ }
+ arg1 = (dom_sid *)(argp1);
+ result = (int8_t) ((arg1)->num_auths);
+ resultobj = SWIG_From_signed_SS_char((signed char)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_Sid_id_auth_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ dom_sid *arg1 = (dom_sid *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject *swig_obj[1] ;
+ uint8_t *result = 0 ;
+
+ if (!args) SWIG_fail;
+ swig_obj[0] = args;
+ res1 = SWIG_ConvertPtr(swig_obj[0], &argp1,SWIGTYPE_p_dom_sid, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "Sid_id_auth_get" "', argument " "1"" of type '" "dom_sid *""'");
+ }
+ arg1 = (dom_sid *)(argp1);
+ result = (uint8_t *)(uint8_t *) ((arg1)->id_auth);
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_unsigned_char, 0 | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_Sid_sub_auths_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ dom_sid *arg1 = (dom_sid *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject *swig_obj[1] ;
+ uint32_t *result = 0 ;
+
+ if (!args) SWIG_fail;
+ swig_obj[0] = args;
+ res1 = SWIG_ConvertPtr(swig_obj[0], &argp1,SWIGTYPE_p_dom_sid, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "Sid_sub_auths_get" "', argument " "1"" of type '" "dom_sid *""'");
+ }
+ arg1 = (dom_sid *)(argp1);
+ result = (uint32_t *) ((arg1)->sub_auths);
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_unsigned_int, 0 | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
SWIGINTERN PyObject *_wrap_new_Sid(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
PyObject *resultobj = 0;
TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ;
@@ -3561,6 +3675,10 @@ static PyMethodDef SwigMethods[] = {
{ (char *)"delete_security_descriptor", (PyCFunction)_wrap_delete_security_descriptor, METH_O, NULL},
{ (char *)"security_descriptor_swigregister", security_descriptor_swigregister, METH_VARARGS, NULL},
{ (char *)"security_descriptor_swiginit", security_descriptor_swiginit, METH_VARARGS, NULL},
+ { (char *)"Sid_sid_rev_num_get", (PyCFunction)_wrap_Sid_sid_rev_num_get, METH_O, NULL},
+ { (char *)"Sid_num_auths_get", (PyCFunction)_wrap_Sid_num_auths_get, METH_O, NULL},
+ { (char *)"Sid_id_auth_get", (PyCFunction)_wrap_Sid_id_auth_get, METH_O, NULL},
+ { (char *)"Sid_sub_auths_get", (PyCFunction)_wrap_Sid_sub_auths_get, METH_O, NULL},
{ (char *)"new_Sid", (PyCFunction) _wrap_new_Sid, METH_VARARGS | METH_KEYWORDS, NULL},
{ (char *)"Sid___str__", (PyCFunction)_wrap_Sid___str__, METH_O, NULL},
{ (char *)"Sid___eq__", (PyCFunction) _wrap_Sid___eq__, METH_VARARGS | METH_KEYWORDS, NULL},
diff --git a/source4/samba4-skip b/source4/samba4-skip
index 5fa40ee..e3e2d2d 100644
--- a/source4/samba4-skip
+++ b/source4/samba4-skip
@@ -59,4 +59,3 @@ samba4.ntvfs.cifs.raw.
^samba4.net.api.become.dc.*$ # Fails
nss.test # Fails
raw.offline # Samba 4 doesn't have much offline support yet
-winreg* #Does not authenticate against the target server
diff --git a/source4/scripting/python/samba/tests/dcerpc/rpcecho.py b/source4/scripting/python/samba/tests/dcerpc/rpcecho.py
index 12638e2..0679073 100644
--- a/source4/scripting/python/samba/tests/dcerpc/rpcecho.py
+++ b/source4/scripting/python/samba/tests/dcerpc/rpcecho.py
@@ -25,7 +25,8 @@ from samba.tests import RpcInterfaceTestCase
class RpcEchoTests(RpcInterfaceTestCase):
def setUp(self):
- self.conn = echo.rpcecho("ncalrpc:", self.get_loadparm())
+ self.conn = echo.rpcecho("ncalrpc:", self.get_loadparm(),
+ self.get_credentials())
def test_two_contexts(self):
self.conn2 = echo.rpcecho("ncalrpc:", self.get_loadparm(), basis_connection=self.conn)
--
Samba Shared Repository
More information about the samba-cvs
mailing list