[SCM] Samba Shared Repository - branch master updated

Andrew Tridgell tridge at samba.org
Mon Oct 19 03:03:27 MDT 2009 

The branch, master has been updated
       via  89ba043... s4-libnet: fixed privilege handling in samsync to use the right db
       via  4828f92... s4-pvfs: fill in alignment_requirement (valgrind error)
      from  b7b5484... s4:test: Fix typo.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 89ba043c7d9d95a02723efe18c415fd47a02b26d
Author: Andrew Tridgell <tridge at samba.org>
Date:   Mon Oct 19 19:16:39 2009 +1100

    s4-libnet: fixed privilege handling in samsync to use the right db
    
    I only noticed this one because of Karolins spelling fix :-)

commit 4828f92754ddd7dce987287806d33bdd612d776b
Author: Andrew Tridgell <tridge at samba.org>
Date:   Mon Oct 19 18:46:02 2009 +1100

    s4-pvfs: fill in alignment_requirement (valgrind error)

-----------------------------------------------------------------------

Summary of changes:
 source4/libnet/libnet_samsync_ldb.c  |   59 ++++++++++++++++-----------------
 source4/ntvfs/posix/pvfs_qfileinfo.c |    1 +
 2 files changed, 30 insertions(+), 30 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c
index 041ab7d..164e806 100644
--- a/source4/libnet/libnet_samsync_ldb.c
+++ b/source4/libnet/libnet_samsync_ldb.c
@@ -52,7 +52,7 @@ struct samsync_ldb_state {
 	const struct libnet_SamSync_state *samsync_state;
 
 	struct dom_sid *dom_sid[3];
-	struct ldb_context *sam_ldb, *remote_ldb;
+	struct ldb_context *sam_ldb, *remote_ldb, *pdb;
 	struct ldb_dn *base_dn[3];
 	struct samsync_ldb_secret *secrets;
 	struct samsync_ldb_trusted_domain *trusted_domains;
@@ -949,50 +949,39 @@ static NTSTATUS samsync_ldb_handle_account(TALLOC_CTX *mem_ctx,
 	struct netr_DELTA_ACCOUNT *account = delta->delta_union.account;
 
 	struct ldb_message *msg;
-	struct ldb_message **msgs;
-	struct ldb_dn *privilege_dn;
 	int ret;
-	const char *attrs[] = { NULL };
 	int i;
+	char *dnstr, *sidstr;
 
 	msg = ldb_msg_new(mem_ctx);
 	if (msg == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	/* search for the account, by sid, in the top basedn */
-	ret = gendb_search(state->sam_ldb, mem_ctx, state->base_dn[SAM_DATABASE_DOMAIN], &msgs, attrs,
-			   "(objectSid=%s)", ldap_encode_ndr_dom_sid(mem_ctx, sid)); 
+	sidstr = dom_sid_string(msg, sid);
+	NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sidstr, msg);
 
-	if (ret == -1) {
-		*error_string = talloc_asprintf(mem_ctx, "gendb_search failed: %s", ldb_errstring(state->sam_ldb));
-		return NT_STATUS_INTERNAL_DB_CORRUPTION;
-	} else if (ret == 0) {
-		NTSTATUS nt_status;
-		nt_status = samsync_ldb_add_foreignSecurityPrincipal(mem_ctx, state,
-								     sid,
-								     &privilege_dn,
-								     error_string);
-		privilege_dn = talloc_steal(msg, privilege_dn);
-		if (!NT_STATUS_IS_OK(nt_status)) {
-			return nt_status;
-		}
-	} else if (ret > 1) {
-		*error_string = talloc_asprintf(mem_ctx, "More than one account with SID: %s", 
-						dom_sid_string(mem_ctx, sid));
-		return NT_STATUS_INTERNAL_DB_CORRUPTION;
-	} else {
-		privilege_dn = talloc_steal(msg, msgs[0]->dn);
-	}
+	dnstr = talloc_asprintf(msg, "sid=%s", sidstr);
+	NT_STATUS_HAVE_NO_MEMORY_AND_FREE(dnstr, msg);
 
-	msg->dn = privilege_dn;
+	msg->dn = ldb_dn_new(msg, state->pdb, dnstr);
+	NT_STATUS_HAVE_NO_MEMORY_AND_FREE(msg->dn, msg);
 
 	for (i=0; i< account->privilege_entries; i++) {
-		samdb_msg_add_string(state->sam_ldb, mem_ctx, msg, "privilege",
+		samdb_msg_add_string(state->pdb, mem_ctx, msg, "privilege",
 				     account->privilege_name[i].string);
 	}
 
-	ret = samdb_replace(state->sam_ldb, mem_ctx, msg);
+	ret = samdb_replace(state->pdb, mem_ctx, msg);
+	if (ret == LDB_ERR_NO_SUCH_OBJECT) {
+		if (samdb_msg_add_dom_sid(state->pdb, msg, msg, "objectSid", sid) != LDB_SUCCESS) {
+			talloc_free(msg);
+			return NT_STATUS_NO_MEMORY;
+		}
+		samdb_msg_add_string(state->pdb, msg, msg, "comment", "added via samsync");
+		ret = ldb_add(state->pdb, msg);		
+	}
+
 	if (ret != 0) {
 		*error_string = talloc_asprintf(mem_ctx, "Failed to modify privilege record %s",
 						ldb_dn_get_linearized(msg->dn));
@@ -1230,6 +1219,16 @@ NTSTATUS libnet_samsync_ldb(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, str
 					       ctx->event_ctx,
 					       ctx->lp_ctx, 
 					       r->in.session_info);
+	if (!state->sam_ldb) {
+		return NT_STATUS_INTERNAL_DB_ERROR;
+	}
+
+	state->pdb             = privilege_connect(mem_ctx, 
+						   ctx->event_ctx,
+						   ctx->lp_ctx);
+	if (!state->pdb) {
+		return NT_STATUS_INTERNAL_DB_ERROR;
+	}
 
 	r2.out.error_string    = NULL;
 	r2.in.binding_string   = r->in.binding_string;
diff --git a/source4/ntvfs/posix/pvfs_qfileinfo.c b/source4/ntvfs/posix/pvfs_qfileinfo.c
index 713925d..b6c1d4f 100644
--- a/source4/ntvfs/posix/pvfs_qfileinfo.c
+++ b/source4/ntvfs/posix/pvfs_qfileinfo.c
@@ -323,6 +323,7 @@ static NTSTATUS pvfs_map_fileinfo(struct pvfs_state *pvfs,
 		info->all_info2.out.access_mask    = 0; /* only set by qfileinfo */
 		info->all_info2.out.position       = 0; /* only set by qfileinfo */
 		info->all_info2.out.mode           = 0; /* only set by qfileinfo */
+		info->all_info2.out.alignment_requirement = 0;
 		/* windows wants the full path on disk for this
 		   result, but I really don't want to expose that on
 		   the wire, so I'll give the path with a share


-- 
Samba Shared Repository

More information about the samba-cvs mailing list