[SCM] Samba Shared Repository - branch master updated
Günther Deschner
gd at samba.org
Tue Oct 20 07:28:55 MDT 2009
The branch, master has been updated
via c7023c5... s3-lsa: Allow to lookup 'NT AUTHORITY\Anonymous Logon' as well.
via 1f4d26c... s3-lsa: allow to lookup BUILTIN\ in lsa_LookupNames.
via 18dd626... s3-lsa: When looking up domains in LookupNames, do not strip the sid.
via b6d97a0... s3-lsa: allow to have NULL strings in lsa LookupName queries.
via d76e77c... s4-smbtorture: add stricter tests for LSA-LOOKUPNAMES replies.
via 80b512f... s4-smbtorture: move all LookupNames tests into RPC-LSA-LOOKUPNAMES.
from 4243e6e... s3:configure: add support for Solaris' ld -z ignore
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c7023c5a3dc1644e9b8ae667f7f9d6d1dfe49bb1
Author: Günther Deschner <gd at samba.org>
Date: Tue Oct 20 15:15:06 2009 +0200
s3-lsa: Allow to lookup 'NT AUTHORITY\Anonymous Logon' as well.
This is to finally pass RPC-LSA-LOOKUPNAMES test.
Guenther
commit 1f4d26c4870989c5a0aba773c97172f0c0185aba
Author: Günther Deschner <gd at samba.org>
Date: Tue Oct 20 15:13:56 2009 +0200
s3-lsa: allow to lookup BUILTIN\ in lsa_LookupNames.
Found by RPC-LSA-LOOKUPNAMES torture test.
Guenther
commit 18dd62616028cf202f63a12c20d5e21e390451b6
Author: Günther Deschner <gd at samba.org>
Date: Tue Oct 20 15:12:58 2009 +0200
s3-lsa: When looking up domains in LookupNames, do not strip the sid.
Found by RPC-LSA-LOOKUPNAMES torture test.
Guenther
commit b6d97a00b13fc338f6fef3c5587619821d86194c
Author: Günther Deschner <gd at samba.org>
Date: Tue Oct 20 15:11:58 2009 +0200
s3-lsa: allow to have NULL strings in lsa LookupName queries.
Found by RPC-LSA-LOOKUPNAMES torture test.
Guenther
commit d76e77ce9a72543727ff83eacbefed22f0c644b9
Author: Günther Deschner <gd at samba.org>
Date: Tue Oct 20 15:00:55 2009 +0200
s4-smbtorture: add stricter tests for LSA-LOOKUPNAMES replies.
Guenther
commit 80b512fe03e692f630375c39f84ae9f91f5b333a
Author: Günther Deschner <gd at samba.org>
Date: Thu Jul 16 00:52:28 2009 +0200
s4-smbtorture: move all LookupNames tests into RPC-LSA-LOOKUPNAMES.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/passdb/lookup_sid.c | 8 ++++++++
source3/passdb/util_wellknown.c | 1 +
source3/rpc_server/srv_lsa_nt.c | 11 +++++++++--
source4/torture/rpc/lsa.c | 31 +++++++++++++++++++++----------
4 files changed, 39 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index 4f8d6a4..1fcd94c 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -86,6 +86,14 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
if ((flags & LOOKUP_NAME_BUILTIN) &&
strequal(domain, builtin_domain_name()))
{
+ if (strlen(name) == 0) {
+ /* Swap domain and name */
+ tmp = name; name = domain; domain = tmp;
+ sid_copy(&sid, &global_sid_Builtin);
+ type = SID_NAME_DOMAIN;
+ goto ok;
+ }
+
/* Explicit request for a name in BUILTIN */
if (lookup_builtin_name(name, &rid)) {
sid_copy(&sid, &global_sid_Builtin);
diff --git a/source3/passdb/util_wellknown.c b/source3/passdb/util_wellknown.c
index 3a30ab0..2af68b7 100644
--- a/source3/passdb/util_wellknown.c
+++ b/source3/passdb/util_wellknown.c
@@ -50,6 +50,7 @@ static const struct rid_name_map nt_authority_users[] = {
{ 4, "Interactive"},
{ 6, "Service"},
{ 7, "AnonymousLogon"},
+ { 7, "Anonymous Logon"},
{ 8, "Proxy"},
{ 9, "ServerLogon"},
{ 10, "Self"},
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index cc5d23c..a3a1218 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -161,7 +161,10 @@ static NTSTATUS lookup_lsa_rids(TALLOC_CTX *mem_ctx,
full_name = name[i].string;
if (full_name == NULL) {
- return NT_STATUS_NO_MEMORY;
+ prid[i].sid_type = type;
+ prid[i].rid = 0;
+ prid[i].sid_index = (uint32_t)-1;
+ continue;
}
DEBUG(5, ("lookup_lsa_rids: looking up name %s\n", full_name));
@@ -192,7 +195,11 @@ static NTSTATUS lookup_lsa_rids(TALLOC_CTX *mem_ctx,
dom_idx = -1;
if (type != SID_NAME_UNKNOWN) {
- sid_split_rid(&sid, &rid);
+ if (type == SID_NAME_DOMAIN) {
+ rid = (uint32_t)-1;
+ } else {
+ sid_split_rid(&sid, &rid);
+ }
dom_idx = init_lsa_ref_domain_list(mem_ctx, ref, domain, &sid);
mapped_count++;
}
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index e4234c7..7b938f3 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -202,12 +202,22 @@ static bool test_LookupNames(struct dcerpc_pipe *p,
}
for (i=0;i< tnames->count;i++) {
- if (i < count && sids.sids[i].sid_type != tnames->names[i].sid_type) {
- torture_comment(tctx, "LookupName of %s got unexpected name type: %s\n",
- tnames->names[i].name.string, sid_type_lookup(sids.sids[i].sid_type));
+ if (i < count) {
+ if (sids.sids[i].sid_type != tnames->names[i].sid_type) {
+ torture_comment(tctx, "LookupName of %s got unexpected name type: %s\n",
+ tnames->names[i].name.string, sid_type_lookup(sids.sids[i].sid_type));
+ return false;
+ }
+ if ((sids.sids[i].sid_type == SID_NAME_DOMAIN) &&
+ (sids.sids[i].rid != (uint32_t)-1)) {
+ torture_comment(tctx, "LookupName of %s got unexpected rid: %d\n",
+ tnames->names[i].name.string, sids.sids[i].rid);
+ return false;
+ }
} else if (i >=count) {
torture_comment(tctx, "LookupName of %s failed to return a result\n",
tnames->names[i].name.string);
+ return false;
}
}
torture_comment(tctx, "\n");
@@ -2611,13 +2621,6 @@ bool torture_rpc_lsa(struct torture_context *tctx)
if (!join) {
ret = false;
}
- if (!test_LookupNames_wellknown(p, tctx, handle)) {
- ret = false;
- }
-
- if (!test_LookupNames_bogus(p, tctx, handle)) {
- ret = false;
- }
if (!test_LookupSids_async(p, tctx, handle)) {
ret = false;
@@ -2728,6 +2731,14 @@ static bool testcase_LookupNames(struct torture_context *tctx,
ret = false;
}
+ if (!test_LookupNames_wellknown(p, tctx, handle)) {
+ ret = false;
+ }
+
+ if (!test_LookupNames_bogus(p, tctx, handle)) {
+ ret = false;
+ }
+
if (!test_lsa_Close(p, tctx, handle)) {
ret = false;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list