[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Sat Nov 6 07:31:01 MDT 2010
The branch, master has been updated
via 0980a34 s4:DRS-RPC-DSSYNC: don't try to decrypt secret attributes twice
from ce203c0 s4-cldap: fixed debug message to match content
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 0980a3471ed8fcc3a37296857285dc0235e0e0d2
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat Nov 6 13:41:34 2010 +0100
s4:DRS-RPC-DSSYNC: don't try to decrypt secret attributes twice
dsdb_extended_replicated_objects_convert() already decrypts the
attributes in place.
This fixes the usage of --option="dssync:print_pwd_blobs=yes".
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Sat Nov 6 13:30:16 UTC 2010 on sn-devel-104
-----------------------------------------------------------------------
Summary of changes:
source4/torture/drs/rpc/dssync.c | 22 +++-------------------
1 files changed, 3 insertions(+), 19 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/drs/rpc/dssync.c b/source4/torture/drs/rpc/dssync.c
index 522123c..7d1c4ff 100644
--- a/source4/torture/drs/rpc/dssync.c
+++ b/source4/torture/drs/rpc/dssync.c
@@ -534,8 +534,6 @@ static bool test_analyse_objects(struct torture_context *tctx,
for (i=0; i < cur->object.attribute_ctr.num_attributes; i++) {
WERROR werr;
const char *name = NULL;
- bool rcrypt = false;
- DATA_BLOB *enc_data = NULL;
DATA_BLOB plain_data;
struct drsuapi_DsReplicaAttribute *attr;
ndr_pull_flags_fn_t pull_fn = NULL;
@@ -546,19 +544,15 @@ static bool test_analyse_objects(struct torture_context *tctx,
switch (attr->attid) {
case DRSUAPI_ATTID_dBCSPwd:
name = "dBCSPwd";
- rcrypt = true;
break;
case DRSUAPI_ATTID_unicodePwd:
name = "unicodePwd";
- rcrypt = true;
break;
case DRSUAPI_ATTID_ntPwdHistory:
name = "ntPwdHistory";
- rcrypt = true;
break;
case DRSUAPI_ATTID_lmPwdHistory:
name = "lmPwdHistory";
- rcrypt = true;
break;
case DRSUAPI_ATTID_supplementalCredentials:
name = "supplementalCredentials";
@@ -598,23 +592,15 @@ static bool test_analyse_objects(struct torture_context *tctx,
if (!attr->value_ctr.values[0].blob) continue;
- enc_data = attr->value_ctr.values[0].blob;
- ZERO_STRUCT(plain_data);
+ plain_data = *attr->value_ctr.values[0].blob;
- werr = drsuapi_decrypt_attribute_value(ctx, gensec_skey, rcrypt,
- rid,
- enc_data, &plain_data);
- if (!W_ERROR_IS_OK(werr)) {
- DEBUG(0, ("Failed to decrypt %s\n", name));
- continue;
- }
if (!dn_printed) {
object_id++;
DEBUG(0,("DN[%u] %s\n", object_id, dn));
dn_printed = true;
}
- DEBUGADD(0,("ATTR: %s enc.length=%lu plain.length=%lu\n",
- name, (long)enc_data->length, (long)plain_data.length));
+ DEBUGADD(0,("ATTR: %s plain.length=%lu\n",
+ name, (long)plain_data.length));
if (plain_data.length) {
enum ndr_err_code ndr_err;
dump_data(0, plain_data.data, plain_data.length);
@@ -643,8 +629,6 @@ static bool test_analyse_objects(struct torture_context *tctx,
DEBUG(0, ("Failed to decode %s\n", name));
}
}
- } else {
- dump_data(0, enc_data->data, enc_data->length);
}
talloc_free(ptr);
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list