[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Thu Sep 23 01:18:07 MDT 2010
The branch, master has been updated
via 8ccbbe0 lib-subunit: fixed build on systems without subunit devel library
via d2008fb s4-kcc: the kcc should not be setting the repsTo attribute
via 7a05e04 s4-gensec: fixed a client side bug in GENSEC/SASL/SSF negotiation
via c0ff93b s4-drs: we don't need to decode to utf8 in python dcerpc strings any more
via bf1f2d4 s4-gensec: prevent a double free in the error path of GSSAPI auth
via 202525d s4-gensec: fixed a GSSAPI SASL negotiation bug
via d1cbd68 s4-kcc: added service->am_rodc
via c166b44 s4-kcc: pass the service context into the kcc connection code
from b6f149e s3-waf: add all remaining binaries from the make build.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8ccbbe042b7fed310de9a75ddccc69e51bae72d4
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 22 23:21:56 2010 -0700
lib-subunit: fixed build on systems without subunit devel library
Pair-Programmed-With: Jelmer Vernooij <jelmer at samba.org>
commit d2008fbbb951a941d380b4efa0eaf9f3cfe54e13
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 22 22:50:05 2010 -0700
s4-kcc: the kcc should not be setting the repsTo attribute
repsTo is set by other DCs, when they ask to be notified about changes
in a partition
commit 7a05e04dfc81d20aff92e17c61af81bbe66d2492
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 22 22:41:02 2010 -0700
s4-gensec: fixed a client side bug in GENSEC/SASL/SSF negotiation
this is the client side equivalent change for the previous fix
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit c0ff93b033da632d5ad4a004d6fff05d08f5cf78
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 22 22:35:28 2010 -0700
s4-drs: we don't need to decode to utf8 in python dcerpc strings any more
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit bf1f2d4eb8c35ca4547993f33a1e19ff0c3c03c2
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 22 22:28:58 2010 -0700
s4-gensec: prevent a double free in the error path of GSSAPI auth
the caller frees mem_ctx, so we shouldn't
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit 202525db1339805af5d5e837712b0aa834e8f5e0
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 22 22:20:30 2010 -0700
s4-gensec: fixed a GSSAPI SASL negotiation bug
Fixed a bug that affected mismatched negotiation between the GSSAPI
layer and the SASL SSF subsequent negotiation. This caused some ldap
clients to hang when trying to authentication with a Samba LDAP
server. The client thought the connection should be signed, the server
thought it should be in plain text
Pair-Programmed-With: Andrew Bartlett <abartlet at samba.org>
commit d1cbd68bb12c6d5193e864e5b0bae16c7ec4c5f4
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 22 11:18:04 2010 -0700
s4-kcc: added service->am_rodc
use a rodc flag on the service instead of calling samdb_rodc each time
commit c166b44b4756c2e038ebbbe27898aff0a5c954da
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Sep 22 11:15:56 2010 -0700
s4-kcc: pass the service context into the kcc connection code
this will be used for the RODC changes needed for the kcc
-----------------------------------------------------------------------
Summary of changes:
lib/torture/wscript_build | 6 +-
source4/auth/gensec/gensec_gssapi.c | 42 +++++----
source4/auth/gensec/socket.c | 1 -
source4/dsdb/kcc/kcc_connection.c | 4 +-
source4/dsdb/kcc/kcc_periodic.c | 41 ++------
source4/dsdb/kcc/kcc_service.c | 5 +
source4/dsdb/kcc/kcc_service.h | 2 +
source4/dsdb/kcc/kcc_topology.c | 146 ++++++++++++---------------
source4/scripting/python/samba/drs_utils.py | 2 +-
source4/wscript_build | 1 +
10 files changed, 109 insertions(+), 141 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/torture/wscript_build b/lib/torture/wscript_build
index 7830b3a..a3ba605 100644
--- a/lib/torture/wscript_build
+++ b/lib/torture/wscript_build
@@ -1,11 +1,9 @@
#!/usr/bin/env python
-
bld.SAMBA_LIBRARY('torture',
- source='torture.c subunit.c ../subunit/c/lib/child.c',
+ source='torture.c subunit.c',
vnum='0.0.1',
pc_files='torture.pc',
- public_deps='LIBSAMBA-HOSTCONFIG LIBSAMBA-UTIL LIBSAMBA-ERRORS talloc tevent',
+ public_deps='LIBSAMBA-HOSTCONFIG LIBSAMBA-UTIL LIBSAMBA-ERRORS talloc tevent subunit',
public_headers='torture.h'
)
-
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index d2f19e9..ecf2a73 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -632,18 +632,21 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
gensec_gssapi_state->max_wrap_buf_size = MIN(RIVAL(maxlength_proposed, 0),
gensec_gssapi_state->max_wrap_buf_size);
gensec_gssapi_state->sasl_protection = 0;
- if (gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) {
- if (security_supported & NEG_SEAL) {
+ if (security_supported & NEG_SEAL) {
+ if (gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) {
gensec_gssapi_state->sasl_protection |= NEG_SEAL;
}
- } else if (gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
- if (security_supported & NEG_SIGN) {
+ }
+ if (security_supported & NEG_SIGN) {
+ if (gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
gensec_gssapi_state->sasl_protection |= NEG_SIGN;
}
- } else if (security_supported & NEG_NONE) {
+ }
+ if (security_supported & NEG_NONE) {
gensec_gssapi_state->sasl_protection |= NEG_NONE;
- } else {
- DEBUG(1, ("Remote server does not support unprotected connections"));
+ }
+ if (gensec_gssapi_state->sasl_protection == 0) {
+ DEBUG(1, ("Remote server does not support unprotected connections\n"));
return NT_STATUS_ACCESS_DENIED;
}
@@ -777,25 +780,28 @@ static NTSTATUS gensec_gssapi_update(struct gensec_security *gensec_security,
/* first byte is the proposed security */
security_accepted = maxlength_accepted[0];
maxlength_accepted[0] = '\0';
-
+
/* Rest is the proposed max wrap length */
gensec_gssapi_state->max_wrap_buf_size = MIN(RIVAL(maxlength_accepted, 0),
gensec_gssapi_state->max_wrap_buf_size);
gensec_gssapi_state->sasl_protection = 0;
- if (gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) {
- if (security_accepted & NEG_SEAL) {
- gensec_gssapi_state->sasl_protection |= NEG_SEAL;
+ if (security_accepted & NEG_SEAL) {
+ if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SEAL)) {
+ DEBUG(1, ("Remote client wanted seal, but gensec refused\n"));
+ return NT_STATUS_ACCESS_DENIED;
}
- } else if (gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
- if (security_accepted & NEG_SIGN) {
- gensec_gssapi_state->sasl_protection |= NEG_SIGN;
+ gensec_gssapi_state->sasl_protection |= NEG_SEAL;
+ }
+ if (security_accepted & NEG_SIGN) {
+ if (!gensec_have_feature(gensec_security, GENSEC_FEATURE_SIGN)) {
+ DEBUG(1, ("Remote client wanted sign, but gensec refused\n"));
+ return NT_STATUS_ACCESS_DENIED;
}
- } else if (security_accepted & NEG_NONE) {
+ gensec_gssapi_state->sasl_protection |= NEG_SIGN;
+ }
+ if (security_accepted & NEG_NONE) {
gensec_gssapi_state->sasl_protection |= NEG_NONE;
- } else {
- DEBUG(1, ("Remote client does not support unprotected connections, but we failed to negotiate anything better"));
- return NT_STATUS_ACCESS_DENIED;
}
/* quirk: This changes the value that gensec_have_feature returns, to be that after SASL negotiation */
diff --git a/source4/auth/gensec/socket.c b/source4/auth/gensec/socket.c
index 6a03f0b..8ee6cbc 100644
--- a/source4/auth/gensec/socket.c
+++ b/source4/auth/gensec/socket.c
@@ -77,7 +77,6 @@ _PUBLIC_ NTSTATUS gensec_wrap_packets(struct gensec_security *gensec_security,
mem_ctx,
&unwrapped, &wrapped);
if (!NT_STATUS_IS_OK(nt_status)) {
- talloc_free(mem_ctx);
return nt_status;
}
diff --git a/source4/dsdb/kcc/kcc_connection.c b/source4/dsdb/kcc/kcc_connection.c
index 76b07b6..48c6325 100644
--- a/source4/dsdb/kcc/kcc_connection.c
+++ b/source4/dsdb/kcc/kcc_connection.c
@@ -25,8 +25,8 @@
#include "auth/auth.h"
#include "smbd/service.h"
#include "lib/messaging/irpc.h"
-#include "dsdb/kcc/kcc_connection.h"
#include "dsdb/kcc/kcc_service.h"
+#include "dsdb/kcc/kcc_connection.h"
#include "lib/ldb/include/ldb_errors.h"
#include "../lib/util/dlinklist.h"
#include "librpc/gen_ndr/ndr_misc.h"
@@ -177,7 +177,7 @@ struct kcc_connection_list *kccsrv_find_connections(struct kccsrv_service *s,
const char *attrs[] = { "objectGUID", "fromServer", NULL };
struct kcc_connection_list *list;
- kcctpl_test(s->samdb);
+ kcctpl_test(s);
base_dn = samdb_ntds_settings_dn(s->samdb);
if (!base_dn) {
diff --git a/source4/dsdb/kcc/kcc_periodic.c b/source4/dsdb/kcc/kcc_periodic.c
index c396912..447ef1e 100644
--- a/source4/dsdb/kcc/kcc_periodic.c
+++ b/source4/dsdb/kcc/kcc_periodic.c
@@ -165,8 +165,8 @@ static NTSTATUS kccsrv_add_repsFrom(struct kccsrv_service *s, TALLOC_CTX *mem_ct
/* update the repsFrom on all partitions */
for (p=s->partitions; p; p=p->next) {
- struct repsFromToBlob *old_reps, *reps_to;
- uint32_t old_count, to_count;
+ struct repsFromToBlob *old_reps;
+ uint32_t old_count;
WERROR werr;
uint32_t i;
bool modified = false;
@@ -213,36 +213,6 @@ static NTSTATUS kccsrv_add_repsFrom(struct kccsrv_service *s, TALLOC_CTX *mem_ct
/* dreplsrv should refresh its state */
notify_dreplsrv = true;
}
-
- werr = dsdb_loadreps(s->samdb, mem_ctx, p->dn, "repsTo", &reps_to, &to_count);
- if (!W_ERROR_IS_OK(werr)) {
- DEBUG(0,(__location__ ": Failed to load repsTo from %s - %s\n",
- ldb_dn_get_linearized(p->dn), ldb_errstring(s->samdb)));
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
-
- modified = false;
- /* add any new ones */
- for (i=0; i<old_count; i++) {
- if (!reps_in_list(&old_reps[i], reps_to, to_count)) {
- reps_to = talloc_realloc(mem_ctx, reps_to, struct repsFromToBlob, to_count+1);
- NT_STATUS_HAVE_NO_MEMORY(reps_to);
- reps_to[to_count] = old_reps[i];
- to_count++;
- modified = true;
- }
- }
-
- if (modified) {
- werr = dsdb_savereps(s->samdb, mem_ctx, p->dn, "repsTo", reps_to, to_count);
- if (!W_ERROR_IS_OK(werr)) {
- DEBUG(0,(__location__ ": Failed to save repsTo to %s - %s\n",
- ldb_dn_get_linearized(p->dn), ldb_errstring(s->samdb)));
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
- /* dreplsrv should refresh its state */
- notify_dreplsrv = true;
- }
}
/* notify dreplsrv toplogy has changed */
@@ -307,9 +277,12 @@ NTSTATUS kccsrv_simple_update(struct kccsrv_service *s, TALLOC_CTX *mem_ctx)
r1->source_dsa_obj_guid = ntds_guid;
r1->source_dsa_invocation_id = invocation_id;
r1->replica_flags =
- DRSUAPI_DRS_WRIT_REP |
DRSUAPI_DRS_INIT_SYNC |
- DRSUAPI_DRS_PER_SYNC;
+ DRSUAPI_DRS_PER_SYNC |
+ DRSUAPI_DRS_ADD_REF;
+ if (!s->am_rodc) {
+ r1->replica_flags |= DRSUAPI_DRS_WRIT_REP;
+ }
memset(r1->schedule, 0x11, sizeof(r1->schedule));
dsa_conn->servers = talloc_realloc(dsa_conn, dsa_conn->servers,
diff --git a/source4/dsdb/kcc/kcc_service.c b/source4/dsdb/kcc/kcc_service.c
index 9bacca9..0d78443 100644
--- a/source4/dsdb/kcc/kcc_service.c
+++ b/source4/dsdb/kcc/kcc_service.c
@@ -67,6 +67,11 @@ static WERROR kccsrv_connect_samdb(struct kccsrv_service *service, struct loadpa
service->ntds_guid = *ntds_guid;
+ if (samdb_rodc(service->samdb, &service->am_rodc) != LDB_SUCCESS) {
+ DEBUG(0,(__location__ ": Failed to determine RODC status\n"));
+ return WERR_DS_UNAVAILABLE;
+ }
+
return WERR_OK;
}
diff --git a/source4/dsdb/kcc/kcc_service.h b/source4/dsdb/kcc/kcc_service.h
index 64c78a3..f564885 100644
--- a/source4/dsdb/kcc/kcc_service.h
+++ b/source4/dsdb/kcc/kcc_service.h
@@ -80,6 +80,8 @@ struct kccsrv_service {
} periodic;
time_t last_deleted_check;
+
+ bool am_rodc;
};
struct kcc_connection_list;
diff --git a/source4/dsdb/kcc/kcc_topology.c b/source4/dsdb/kcc/kcc_topology.c
index 215cc4d..fbf2885 100644
--- a/source4/dsdb/kcc/kcc_topology.c
+++ b/source4/dsdb/kcc/kcc_topology.c
@@ -24,6 +24,7 @@
#include "dsdb/samdb/samdb.h"
#include "lib/messaging/irpc.h"
#include "librpc/gen_ndr/ndr_misc.h"
+#include "dsdb/kcc/kcc_service.h"
#define FLAG_CR_NTDS_NC 0x00000001
#define FLAG_CR_NTDS_DOMAIN 0x00000002
@@ -1057,7 +1058,7 @@ static NTSTATUS kcctpl_bridgehead_dc_failed(struct ldb_context *ldb,
/**
* get all bridgehead DCs satisfying the given criteria.
*/
-static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
+static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct kccsrv_service *service,
TALLOC_CTX *mem_ctx,
struct GUID site_guid,
struct ldb_message *cross_ref,
@@ -1076,7 +1077,6 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
const char * const dc_attrs[] = { "objectGUID", "options", NULL };
struct ldb_message_element *el;
unsigned int i;
- bool rodc;
const char *transport_name, *transport_address_attr;
uint64_t site_opts;
@@ -1085,7 +1085,7 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
tmp_ctx = talloc_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
- sites_dn = samdb_sites_dn(ldb, tmp_ctx);
+ sites_dn = samdb_sites_dn(service->samdb, tmp_ctx);
if (!sites_dn) {
DEBUG(1, (__location__ ": failed to find our own Sites DN\n"));
@@ -1093,7 +1093,7 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- ret = ldb_search(ldb, tmp_ctx, &res, sites_dn, LDB_SCOPE_ONELEVEL,
+ ret = ldb_search(service->samdb, tmp_ctx, &res, sites_dn, LDB_SCOPE_ONELEVEL,
attrs, "(&(objectClass=site)(objectGUID=%s))",
GUID_string(tmp_ctx, &site_guid));
if (ret != LDB_SUCCESS) {
@@ -1113,7 +1113,7 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
}
site = res->msgs[0];
- schemas_dn = ldb_get_schema_basedn(ldb);
+ schemas_dn = ldb_get_schema_basedn(service->samdb);
if (!schemas_dn) {
DEBUG(1, (__location__ ": failed to find our own Schemas DN\n"));
@@ -1121,7 +1121,7 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- ret = ldb_search(ldb, tmp_ctx, &res, schemas_dn, LDB_SCOPE_SUBTREE,
+ ret = ldb_search(service->samdb, tmp_ctx, &res, schemas_dn, LDB_SCOPE_SUBTREE,
NULL,
"(&(lDAPDisplayName=nTDSDSA)(objectClass=classSchema))");
if (ret != LDB_SUCCESS) {
@@ -1142,7 +1142,7 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
ZERO_STRUCT(all_dcs_in_site);
- ret = ldb_search(ldb, tmp_ctx, &res, site->dn, LDB_SCOPE_SUBTREE,
+ ret = ldb_search(service->samdb, tmp_ctx, &res, site->dn, LDB_SCOPE_SUBTREE,
dc_attrs, "objectCategory=%s",
ldb_dn_get_linearized(schema->dn));
if (ret != LDB_SUCCESS) {
@@ -1155,14 +1155,6 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
el = ldb_msg_find_element(transport, "bridgeheadServerListBL");
- ret = samdb_rodc(ldb, &rodc);
- if (ret != LDB_SUCCESS) {
- DEBUG(1, (__location__ ": unable to tell if we are an RODC: %s\n",
- ldb_strerror(ret)));
- talloc_free(tmp_ctx);
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
-
transport_name = samdb_result_string(transport, "name", NULL);
if (!transport_name) {
DEBUG(1, (__location__ ": failed to find name attribute of "
@@ -1220,7 +1212,7 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
val = el->values[j];
- dn = ldb_dn_from_ldb_val(tmp_ctx, ldb, &val);
+ dn = ldb_dn_from_ldb_val(tmp_ctx, service->samdb, &val);
if (!dn) {
DEBUG(1, (__location__ ": failed to read a DN "
"from bridgeheadServerListBL "
@@ -1263,11 +1255,11 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
behavior_version = samdb_result_int64(dc,
"msDS-Behavior-Version", 0);
/* TODO: cr!nCName corresponds to default NC */
- if (rodc && true && behavior_version < DS_BEHAVIOR_WIN2008) {
+ if (service->am_rodc && true && behavior_version < DS_BEHAVIOR_WIN2008) {
continue;
}
- ret = ldb_search(ldb, tmp_ctx, &parent_res, parent_dn,
+ ret = ldb_search(service->samdb, tmp_ctx, &parent_res, parent_dn,
LDB_SCOPE_BASE, parent_attrs , NULL);
dc_transport_address = samdb_result_string(parent_res->msgs[0],
@@ -1281,7 +1273,7 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
dc_guid = samdb_result_guid(dc, "objectGUID");
- status = kcctpl_bridgehead_dc_failed(ldb, dc_guid,
+ status = kcctpl_bridgehead_dc_failed(service->samdb, dc_guid,
detect_failed_dcs,
&failed);
if (NT_STATUS_IS_ERR(status)) {
@@ -1322,7 +1314,7 @@ static NTSTATUS kcctpl_get_all_bridgehead_dcs(struct ldb_context *ldb,
/**
* get a bridgehead DC.
*/
-static NTSTATUS kcctpl_get_bridgehead_dc(struct ldb_context *ldb,
+static NTSTATUS kcctpl_get_bridgehead_dc(struct kccsrv_service *service,
TALLOC_CTX *mem_ctx,
struct GUID site_guid,
struct ldb_message *cross_ref,
@@ -1334,7 +1326,7 @@ static NTSTATUS kcctpl_get_bridgehead_dc(struct ldb_context *ldb,
struct message_list dsa_list;
NTSTATUS status;
- status = kcctpl_get_all_bridgehead_dcs(ldb, mem_ctx,
+ status = kcctpl_get_all_bridgehead_dcs(service, mem_ctx,
site_guid, cross_ref, transport,
partial_replica_okay,
detect_failed_dcs, &dsa_list);
@@ -1352,7 +1344,7 @@ static NTSTATUS kcctpl_get_bridgehead_dc(struct ldb_context *ldb,
/*
* color each vertex to indicate which kinds of NC replicas it contains.
*/
-static NTSTATUS kcctpl_color_vertices(struct ldb_context *ldb,
+static NTSTATUS kcctpl_color_vertices(struct kccsrv_service *service,
struct kcctpl_graph *graph,
struct ldb_message *cross_ref,
bool detect_failed_dcs,
@@ -1370,10 +1362,10 @@ static NTSTATUS kcctpl_color_vertices(struct ldb_context *ldb,
found_failed_dcs = false;
- tmp_ctx = talloc_new(ldb);
+ tmp_ctx = talloc_new(service);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
- sites_dn = samdb_sites_dn(ldb, tmp_ctx);
+ sites_dn = samdb_sites_dn(service->samdb, tmp_ctx);
if (!sites_dn) {
DEBUG(1, (__location__ ": failed to find our own Sites DN\n"));
@@ -1389,7 +1381,7 @@ static NTSTATUS kcctpl_color_vertices(struct ldb_context *ldb,
vertex = &graph->vertices.data[i];
- ret = ldb_search(ldb, tmp_ctx, &res, sites_dn,
+ ret = ldb_search(service->samdb, tmp_ctx, &res, sites_dn,
LDB_SCOPE_SUBTREE, attrs, "objectGUID=%s",
GUID_string(tmp_ctx, &vertex->id));
if (ret != LDB_SUCCESS) {
@@ -1409,7 +1401,7 @@ static NTSTATUS kcctpl_color_vertices(struct ldb_context *ldb,
}
site = res->msgs[0];
- nc_name = samdb_result_dn(ldb, tmp_ctx, cross_ref,
+ nc_name = samdb_result_dn(service->samdb, tmp_ctx, cross_ref,
"nCName", NULL);
if (!nc_name) {
DEBUG(1, (__location__ ": failed to find nCName "
@@ -1431,7 +1423,7 @@ static NTSTATUS kcctpl_color_vertices(struct ldb_context *ldb,
}
}
- site = kcctpl_local_site(ldb, tmp_ctx);
+ site = kcctpl_local_site(service->samdb, tmp_ctx);
if (!site) {
DEBUG(1, (__location__ ": failed to find our own local DC's "
"site\n"));
@@ -1464,7 +1456,7 @@ static NTSTATUS kcctpl_color_vertices(struct ldb_context *ldb,
vertex = &graph->vertices.data[i];
- transports_dn = kcctpl_transports_dn(ldb, tmp_ctx);
+ transports_dn = kcctpl_transports_dn(service->samdb, tmp_ctx);
if (!transports_dn) {
DEBUG(1, (__location__ ": failed to find our own "
"Inter-Site Transports DN\n"));
@@ -1473,7 +1465,7 @@ static NTSTATUS kcctpl_color_vertices(struct ldb_context *ldb,
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- ret = ldb_search(ldb, tmp_ctx, &res, transports_dn,
+ ret = ldb_search(service->samdb, tmp_ctx, &res, transports_dn,
LDB_SCOPE_ONELEVEL, attrs,
"objectClass=interSiteTransport");
if (ret != LDB_SUCCESS) {
@@ -1519,7 +1511,7 @@ static NTSTATUS kcctpl_color_vertices(struct ldb_context *ldb,
continue;
}
- status = kcctpl_get_bridgehead_dc(ldb, tmp_ctx,
+ status = kcctpl_get_bridgehead_dc(service, tmp_ctx,
site_vertex->id,
cross_ref, transport,
partial_replica_okay,
@@ -1655,7 +1647,7 @@ static struct GUID kcctpl_get_component_id(struct kcctpl_graph *graph,
* copy all spanning tree edges from 'output_edges' that contain the vertex for
* DCs in the local DC's site.
*/
-static NTSTATUS kcctpl_copy_output_edges(struct ldb_context *ldb,
+static NTSTATUS kcctpl_copy_output_edges(struct kccsrv_service *service,
TALLOC_CTX *mem_ctx,
struct kcctpl_graph *graph,
struct kcctpl_multi_edge_list output_edges,
@@ -1669,10 +1661,10 @@ static NTSTATUS kcctpl_copy_output_edges(struct ldb_context *ldb,
ZERO_STRUCT(copy);
- tmp_ctx = talloc_new(ldb);
+ tmp_ctx = talloc_new(service);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
- site = kcctpl_local_site(ldb, tmp_ctx);
+ site = kcctpl_local_site(service->samdb, tmp_ctx);
if (!site) {
DEBUG(1, (__location__ ": failed to find our own local DC's "
"site\n"));
@@ -2533,7 +2525,7 @@ static uint32_t kcctpl_count_components(struct kcctpl_graph *graph)
* calculate the spanning tree and return the edges that include the vertex for
* the local site.
*/
-static NTSTATUS kcctpl_get_spanning_tree_edges(struct ldb_context *ldb,
+static NTSTATUS kcctpl_get_spanning_tree_edges(struct kccsrv_service *service,
TALLOC_CTX *mem_ctx,
struct kcctpl_graph *graph,
uint32_t *_component_count,
@@ -2691,7 +2683,7 @@ static NTSTATUS kcctpl_get_spanning_tree_edges(struct ldb_context *ldb,
component_count = kcctpl_count_components(graph);
- status = kcctpl_copy_output_edges(ldb, tmp_ctx, graph, output_edges,
+ status = kcctpl_copy_output_edges(service, tmp_ctx, graph, output_edges,
&st_edge_list);
if (NT_STATUS_IS_ERR(status)) {
DEBUG(1, (__location__ ": failed to copy edge list: %s\n",
@@ -2712,7 +2704,7 @@ static NTSTATUS kcctpl_get_spanning_tree_edges(struct ldb_context *ldb,
* creat an nTDSConnection object with the given parameters if one does not
* already exist.
*/
-static NTSTATUS kcctpl_create_connection(struct ldb_context *ldb,
+static NTSTATUS kcctpl_create_connection(struct kccsrv_service *service,
TALLOC_CTX *mem_ctx,
struct ldb_message *cross_ref,
struct ldb_message *r_bridgehead,
@@ -2739,7 +2731,7 @@ static NTSTATUS kcctpl_create_connection(struct ldb_context *ldb,
unsigned int i, valid_connections;
struct GUID_list keep_connections;
- tmp_ctx = talloc_new(ldb);
+ tmp_ctx = talloc_new(service);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
r_site_dn = ldb_dn_copy(tmp_ctx, r_bridgehead->dn);
@@ -2751,7 +2743,7 @@ static NTSTATUS kcctpl_create_connection(struct ldb_context *ldb,
return NT_STATUS_NO_MEMORY;
}
- ret = dsdb_find_guid_by_dn(ldb, r_site_dn, &r_site_guid);
--
Samba Shared Repository
More information about the samba-cvs
mailing list