[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Wed Apr 27 22:19:02 MDT 2011
The branch, master has been updated
via 123097e selftest: Print a better warning warning message when smbcacls fails.
via b44f432 selftest: Don't die() when the join fails
via fb5e1f4 selftest: s3member admember test to confirm s3/s4 interopability
via a427652 s3-libads: Use ldap_init_fd() to connect to AD server in socket_wrapper
via ab46d66 selftest: Make overwrite of $env->{target} optional
via 818ec32 s3-libads Pass a struct sockaddr_storage to cldap routines
via aa8406c s3-selftest: Use default name resolution methods (now that dns is emulated)
via 0df4061 lib/util/charset Merge talloc-based pull and push charset functions
from ea95e09 s3-test: log to stdout for smbd/nmbd/winbindd
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 123097e8796bd21a7d6856683a17043fc933475e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Apr 28 12:25:03 2011 +1000
selftest: Print a better warning warning message when smbcacls fails.
These tests can't run on systems without posix ACLs.
Autobuild-User: Andrew Bartlett <abartlet at samba.org>
Autobuild-Date: Thu Apr 28 06:18:59 CEST 2011 on sn-devel-104
commit b44f4325bb454b10323f1d4576343a9d3e6260ab
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Apr 27 22:18:18 2011 +1000
selftest: Don't die() when the join fails
This kills off everything without a proper shutdown, and is difficult
to debug.
Andrew Bartlett
commit fb5e1f4a65042b89c74e545cb739f1720565807d
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Apr 19 16:38:46 2011 +1000
selftest: s3member admember test to confirm s3/s4 interopability
This checks that Samba3 joins Samba4 correctly, and allows NTLM and
Kerberos logons from a live Samba4 DC.
This needs the common krb5.conf generation logic, and because we now
override KRB5_CONFIG we must update ktest to have a valid krb5.conf.
Based on an original patch by metze
Andrew Bartlett
commit a427652010820fdf8fa82cf425f5162cc70348e0
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Apr 26 13:53:45 2011 +1000
s3-libads: Use ldap_init_fd() to connect to AD server in socket_wrapper
This means that we control the connection setup, don't rely on signals
for timeouts and the connection uses socket_wrapper where that is
required in our test environment.
According to bug reports, this method is also used by curl and other
tools, so we are not the first to (ab)use the OpenLDAP libs in this
way.
It is ONLY enabled for socket_wrapper at this time, as this is the
best way to get 'make test' working for S3 winbind tests in an S4
domain.
Andrew Bartlett
commit ab46d6610104b899ca8ac7cb695d8d18e5dc34ed
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Apr 27 12:10:12 2011 +1000
selftest: Make overwrite of $env->{target} optional
This allows a target to be a mix of Samba3 and Samba4, and chose it's
own backend for check_env and get_log_env.
Andrew Bartlett
commit 818ec32d0c4dde545199b4462da30b49a19ecc87
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Apr 26 17:03:32 2011 +1000
s3-libads Pass a struct sockaddr_storage to cldap routines
This avoids these routines doing a DNS lookup that has already been
done, and ensures that the emulated DNS lookup isn't thrown away.
Andrew Bartlett
commit aa8406cadf62ea676ffb7a6239a8b3f4fe71abbf
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Apr 26 11:42:55 2011 +1000
s3-selftest: Use default name resolution methods (now that dns is emulated)
Now that we have emulated DNS, we can test Samba with the default name
resolve order.
Andrew Bartlett
commit 0df4061cffd32d4a989c5fd177136c2cc3730e7c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Thu Apr 28 11:41:31 2011 +1000
lib/util/charset Merge talloc-based pull and push charset functions
These were copied from source3/lib/charcnv.c
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
lib/util/charset/pull_push.c | 150 +++++++++++++++++++++++++++++++++
lib/util/charset/util_unistr.c | 94 --------------------
lib/util/charset/wscript_build | 2 +-
selftest/target/Samba.pm | 64 ++++++++++++++-
selftest/target/Samba3.pm | 103 ++++++++++++++++++++++-
selftest/target/Samba4.pm | 76 +++++------------
source3/Makefile.in | 4 +-
source3/include/proto.h | 10 --
source3/include/smb_ldap.h | 9 ++-
source3/lib/charcnv.c | 115 -------------------------
source3/libads/cldap.c | 14 +--
source3/libads/cldap.h | 4 +-
source3/libads/ldap.c | 77 ++++++++++-------
source3/libsmb/dsgetdcname.c | 3 +-
source3/utils/net_ads.c | 7 +-
source3/winbindd/idmap_adex/gc_util.c | 12 +++-
source3/winbindd/winbindd_msrpc.c | 6 +-
source3/wscript | 4 +-
source4/selftest/tests.py | 8 +-
19 files changed, 423 insertions(+), 339 deletions(-)
create mode 100644 lib/util/charset/pull_push.c
Changeset truncated at 500 lines:
diff --git a/lib/util/charset/pull_push.c b/lib/util/charset/pull_push.c
new file mode 100644
index 0000000..b7a5bcd
--- /dev/null
+++ b/lib/util/charset/pull_push.c
@@ -0,0 +1,150 @@
+/*
+ Unix SMB/CIFS implementation.
+ Character set conversion Extensions
+ Copyright (C) Igor Vergeichik <iverg at mail.ru> 2001
+ Copyright (C) Andrew Tridgell 2001
+ Copyright (C) Simo Sorce 2001
+ Copyright (C) Martin Pool 2003
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+*/
+
+#include "includes.h"
+#include "system/locale.h"
+
+/**
+ * Copy a string from a unix char* src to a UCS2 destination,
+ * allocating a buffer using talloc().
+ *
+ * @param dest always set at least to NULL
+ * @parm converted_size set to the number of bytes occupied by the string in
+ * the destination on success.
+ *
+ * @return true if new buffer was correctly allocated, and string was
+ * converted.
+ **/
+bool push_ucs2_talloc(TALLOC_CTX *ctx, smb_ucs2_t **dest, const char *src,
+ size_t *converted_size)
+{
+ size_t src_len = strlen(src)+1;
+
+ *dest = NULL;
+ return convert_string_talloc(ctx, CH_UNIX, CH_UTF16LE, src, src_len,
+ (void **)dest, converted_size);
+}
+
+/**
+ * Copy a string from a unix char* src to a UTF-8 destination, allocating a buffer using talloc
+ *
+ * @param dest always set at least to NULL
+ * @parm converted_size set to the number of bytes occupied by the string in
+ * the destination on success.
+ *
+ * @return true if new buffer was correctly allocated, and string was
+ * converted.
+ **/
+
+bool push_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
+ size_t *converted_size)
+{
+ size_t src_len = strlen(src)+1;
+
+ *dest = NULL;
+ return convert_string_talloc(ctx, CH_UNIX, CH_UTF8, src, src_len,
+ (void**)dest, converted_size);
+}
+
+/**
+ * Copy a string from a unix char* src to an ASCII destination,
+ * allocating a buffer using talloc().
+ *
+ * @param dest always set at least to NULL
+ *
+ * @param converted_size The number of bytes occupied by the string in the destination
+ * @returns boolean indicating if the conversion was successful
+ **/
+bool push_ascii_talloc(TALLOC_CTX *mem_ctx, char **dest, const char *src, size_t *converted_size)
+{
+ size_t src_len = strlen(src)+1;
+
+ *dest = NULL;
+ return convert_string_talloc(mem_ctx, CH_UNIX, CH_DOS, src, src_len,
+ (void **)dest, converted_size);
+}
+
+/**
+ * Copy a string from a UCS2 src to a unix char * destination, allocating a buffer using talloc
+ *
+ * @param dest always set at least to NULL
+ * @parm converted_size set to the number of bytes occupied by the string in
+ * the destination on success.
+ *
+ * @return true if new buffer was correctly allocated, and string was
+ * converted.
+ **/
+
+bool pull_ucs2_talloc(TALLOC_CTX *ctx, char **dest, const smb_ucs2_t *src,
+ size_t *converted_size)
+{
+ size_t src_len = (strlen_w(src)+1) * sizeof(smb_ucs2_t);
+
+ *dest = NULL;
+ return convert_string_talloc(ctx, CH_UTF16LE, CH_UNIX, src, src_len,
+ (void **)dest, converted_size);
+}
+
+
+/**
+ * Copy a string from a UTF-8 src to a unix char * destination, allocating a buffer using talloc
+ *
+ * @param dest always set at least to NULL
+ * @parm converted_size set to the number of bytes occupied by the string in
+ * the destination on success.
+ *
+ * @return true if new buffer was correctly allocated, and string was
+ * converted.
+ **/
+
+bool pull_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
+ size_t *converted_size)
+{
+ size_t src_len = strlen(src)+1;
+
+ *dest = NULL;
+ return convert_string_talloc(ctx, CH_UTF8, CH_UNIX, src, src_len,
+ (void **)dest, converted_size);
+}
+
+
+/**
+ * Copy a string from a DOS src to a unix char * destination, allocating a buffer using talloc
+ *
+ * @param dest always set at least to NULL
+ * @parm converted_size set to the number of bytes occupied by the string in
+ * the destination on success.
+ *
+ * @return true if new buffer was correctly allocated, and string was
+ * converted.
+ **/
+
+bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src,
+ size_t *converted_size)
+{
+ size_t src_len = strlen(src)+1;
+
+ *dest = NULL;
+ return convert_string_talloc(ctx, CH_DOS, CH_UNIX, src, src_len,
+ (void **)dest, converted_size);
+}
diff --git a/lib/util/charset/util_unistr.c b/lib/util/charset/util_unistr.c
index 895d958..a585022 100644
--- a/lib/util/charset/util_unistr.c
+++ b/lib/util/charset/util_unistr.c
@@ -297,23 +297,6 @@ static bool push_ascii(void *dest, const char *src, size_t dest_len, int flags,
}
/**
- * Copy a string from a unix char* src to an ASCII destination,
- * allocating a buffer using talloc().
- *
- * @param dest always set at least to NULL
- *
- * @returns The number of bytes occupied by the string in the destination
- * or -1 in case of error.
- **/
-_PUBLIC_ bool push_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src, size_t *converted_size)
-{
- size_t src_len = strlen(src)+1;
- *dest = NULL;
- return convert_string_talloc(ctx, CH_UNIX, CH_DOS, src, src_len, (void **)dest, converted_size);
-}
-
-
-/**
* Copy a string from a dos codepage source to a unix char* destination.
*
* The resulting string in "dest" is always null terminated.
@@ -411,38 +394,6 @@ static ssize_t push_ucs2(void *dest, const char *src, size_t dest_len, int flags
/**
- * Copy a string from a unix char* src to a UCS2 destination,
- * allocating a buffer using talloc().
- *
- * @param dest always set at least to NULL
- *
- * @returns The number of bytes occupied by the string in the destination
- * or -1 in case of error.
- **/
-_PUBLIC_ bool push_ucs2_talloc(TALLOC_CTX *ctx, smb_ucs2_t **dest, const char *src, size_t *converted_size)
-{
- size_t src_len = strlen(src)+1;
- *dest = NULL;
- return convert_string_talloc(ctx, CH_UNIX, CH_UTF16, src, src_len, (void **)dest, converted_size);
-}
-
-
-/**
- * Copy a string from a unix char* src to a UTF-8 destination, allocating a buffer using talloc
- *
- * @param dest always set at least to NULL
- *
- * @returns The number of bytes occupied by the string in the destination
- **/
-
-_PUBLIC_ bool push_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src, size_t *converted_size)
-{
- size_t src_len = strlen(src)+1;
- *dest = NULL;
- return convert_string_talloc(ctx, CH_UNIX, CH_UTF8, src, src_len, (void **)dest, converted_size);
-}
-
-/**
Copy a string from a ucs2 source to a unix char* destination.
Flags can have:
STR_TERMINATE means the string in src is null terminated.
@@ -484,51 +435,6 @@ static size_t pull_ucs2(char *dest, const void *src, size_t dest_len, size_t src
}
/**
- * Copy a string from a ASCII src to a unix char * destination, allocating a buffer using talloc
- *
- * @param dest always set at least to NULL
- *
- * @returns The number of bytes occupied by the string in the destination
- **/
-
-_PUBLIC_ bool pull_ascii_talloc(TALLOC_CTX *ctx, char **dest, const char *src, size_t *converted_size)
-{
- size_t src_len = strlen(src)+1;
- *dest = NULL;
- return convert_string_talloc(ctx, CH_DOS, CH_UNIX, src, src_len, (void **)dest, converted_size);
-}
-
-/**
- * Copy a string from a UCS2 src to a unix char * destination, allocating a buffer using talloc
- *
- * @param dest always set at least to NULL
- *
- * @returns The number of bytes occupied by the string in the destination
- **/
-
-_PUBLIC_ bool pull_ucs2_talloc(TALLOC_CTX *ctx, char **dest, const smb_ucs2_t *src, size_t *converted_size)
-{
- size_t src_len = utf16_len(src);
- *dest = NULL;
- return convert_string_talloc(ctx, CH_UTF16, CH_UNIX, src, src_len, (void **)dest, converted_size);
-}
-
-/**
- * Copy a string from a UTF-8 src to a unix char * destination, allocating a buffer using talloc
- *
- * @param dest always set at least to NULL
- *
- * @returns The number of bytes occupied by the string in the destination
- **/
-
-_PUBLIC_ bool pull_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src, size_t *converted_size)
-{
- size_t src_len = strlen(src)+1;
- *dest = NULL;
- return convert_string_talloc(ctx, CH_UTF8, CH_UNIX, src, src_len, (void **)dest, converted_size);
-}
-
-/**
Copy a string from a char* src to a unicode or ascii
dos codepage destination choosing unicode or ascii based on the
flags in the SMB buffer starting at base_ptr.
diff --git a/lib/util/charset/wscript_build b/lib/util/charset/wscript_build
index 80a6499..771ff5d 100644
--- a/lib/util/charset/wscript_build
+++ b/lib/util/charset/wscript_build
@@ -13,6 +13,6 @@ bld.SAMBA_SUBSYSTEM('ICONV_WRAPPER',
public_deps='iconv replace talloc')
bld.SAMBA_SUBSYSTEM('CODEPOINTS',
- source='codepoints.c convert_string.c util_str.c util_unistr_w.c charcnv.c',
+ source='codepoints.c convert_string.c util_str.c util_unistr_w.c charcnv.c pull_push.c',
deps='DYNCONFIG ICONV_WRAPPER'
)
diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index ec8ab2b..cec12e5 100644
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -28,11 +28,15 @@ sub setup_env($$$)
my $env = $self->{samba4}->setup_env($envname, $path);
if (defined($env)) {
- $env->{target} = $self->{samba4};
+ if (not defined($env->{target})) {
+ $env->{target} = $self->{samba4};
+ }
} else {
$env = $self->{samba3}->setup_env($envname, $path);
if (defined($env)) {
- $env->{target} = $self->{samba3};
+ if (not defined($env->{target})) {
+ $env->{target} = $self->{samba3};
+ }
}
}
if (not defined $env) {
@@ -55,4 +59,60 @@ sub bindir_path($$) {
return $path;
}
+sub mk_krb5_conf($)
+{
+ my ($ctx) = @_;
+
+ unless (open(KRB5CONF, ">$ctx->{krb5_conf}")) {
+ die("can't open $ctx->{krb5_conf}$?");
+ return undef;
+ }
+ print KRB5CONF "
+#Generated krb5.conf for $ctx->{realm}
+
+[libdefaults]
+ default_realm = $ctx->{realm}
+ dns_lookup_realm = false
+ dns_lookup_kdc = false
+ ticket_lifetime = 24h
+ forwardable = yes
+ allow_weak_crypto = yes
+
+[realms]
+ $ctx->{realm} = {
+ kdc = $ctx->{kdc_ipv4}:88
+ admin_server = $ctx->{kdc_ipv4}:88
+ default_domain = $ctx->{dnsname}
+ }
+ $ctx->{dnsname} = {
+ kdc = $ctx->{kdc_ipv4}:88
+ admin_server = $ctx->{kdc_ipv4}:88
+ default_domain = $ctx->{dnsname}
+ }
+ $ctx->{domain} = {
+ kdc = $ctx->{kdc_ipv4}:88
+ admin_server = $ctx->{kdc_ipv4}:88
+ default_domain = $ctx->{dnsname}
+ }
+
+[domain_realm]
+ .$ctx->{dnsname} = $ctx->{realm}
+";
+
+ if (defined($ctx->{tlsdir})) {
+ print KRB5CONF "
+
+[appdefaults]
+ pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem
+
+[kdc]
+ enable-pkinit = true
+ pkinit_identity = FILE:$ctx->{tlsdir}/kdc.pem,$ctx->{tlsdir}/key.pem
+ pkinit_anchors = FILE:$ctx->{tlsdir}/ca.pem
+
+";
+ }
+ close(KRB5CONF);
+}
+
1;
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 4b05945..6312d65 100644
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -178,7 +178,10 @@ sub setup_member($$$)
$cmd .= "$net join $ret->{CONFIGURATION} $s3dcvars->{DOMAIN} member";
$cmd .= " -U$s3dcvars->{USERNAME}\%$s3dcvars->{PASSWORD}";
- system($cmd) == 0 or die("Join failed\n$cmd");
+ if (system($cmd) != 0) {
+ warn("Join failed\n$cmd");
+ return undef;
+ }
$self->check_or_start($ret, "yes", "yes", "yes");
@@ -195,6 +198,85 @@ sub setup_member($$$)
return $ret;
}
+sub setup_admember($$$$)
+{
+ my ($self, $prefix, $dcvars, $iface) = @_;
+
+ print "PROVISIONING S3 AD MEMBER$iface...";
+
+ my $member_options = "
+ security = ads
+ server signing = on
+ workgroup = $dcvars->{DOMAIN}
+ realm = $dcvars->{REALM}
+";
+
+ my $ret = $self->provision($prefix,
+ "LOCALADMEMBER$iface",
+ $iface,
+ "loCalMember${iface}Pass",
+ $member_options);
+
+ $ret or return undef;
+
+ close(USERMAP);
+ $ret->{DOMAIN} = $dcvars->{DOMAIN};
+ $ret->{REALM} = $dcvars->{REALM};
+
+ my $ctx;
+ my $prefix_abs = abs_path($prefix);
+ $ctx = {};
+ $ctx->{krb5_conf} = "$prefix_abs/lib/krb5.conf";
+ $ctx->{domain} = $dcvars->{DOMAIN};
+ $ctx->{realm} = $dcvars->{REALM};
+ $ctx->{dnsname} = lc($dcvars->{REALM});
+ $ctx->{kdc_ipv4} = $dcvars->{SERVER_IP};
+ Samba::mk_krb5_conf($ctx);
+
+ $ret->{KRB5_CONFIG} = $ctx->{krb5_conf};
+
+ my $net = Samba::bindir_path($self, "net");
+ my $cmd = "";
+ $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+ $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+ $cmd .= "$net join $ret->{CONFIGURATION}";
+ $cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}";
+
+ if (system($cmd) != 0) {
+ warn("Join failed\n$cmd");
+ return undef;
+ }
+
+ $self->check_or_start($ret,
+ "yes", "yes", "yes");
+
+ $self->wait_for_start($ret);
+
+ my $smbcacls = Samba::bindir_path($self, "smbcacls");
+ #Allow domain users to manipulate the share
+ $cmd = "";
+ $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+ $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+ $cmd .= "$smbcacls $ret->{CONFIGURATION} //127.0.0.29/tmp / -U$ret->{USERNAME}%$ret->{PASSWORD} ";
+ $cmd .= "-S ACL:$dcvars->{DOMAIN}\\\\Domain\\ Users:ALLOWED/0x0/FULL";
+
+ if (system($cmd) != 0) {
+ warn("smbcacls failed, your filesystem may not support ACLs. Try mount $prefix_abs -oremount,acl\nThis support is required for S3 member in S4 tests\n$cmd");
+ return undef;
+ }
+
+ $ret->{DC_SERVER} = $dcvars->{SERVER};
+ $ret->{DC_SERVER_IP} = $dcvars->{SERVER_IP};
+ $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME};
+ $ret->{DC_USERNAME} = $dcvars->{USERNAME};
+ $ret->{DC_PASSWORD} = $dcvars->{PASSWORD};
+
+ # Special case, this is called from Samba4.pm but needs to use the Samba3 check_env and get_log_env
+ $ret->{target} = $self;
+
+ return $ret;
+}
+
sub setup_secshare($$)
{
my ($self, $path) = @_;
@@ -261,7 +343,7 @@ sub setup_secserver($$$)
sub setup_ktest($$$)
{
- my ($self, $prefix, $s3dcvars) = @_;
+ my ($self, $prefix) = @_;
print "PROVISIONING server with security=ads...";
@@ -280,6 +362,18 @@ sub setup_ktest($$$)
$ret or return undef;
+ my $ctx;
+ my $prefix_abs = abs_path($prefix);
+ $ctx = {};
+ $ctx->{krb5_conf} = "$prefix_abs/lib/krb5.conf";
+ $ctx->{domain} = "KTEST";
+ $ctx->{realm} = "KTEST.SAMBA.EXAMPLE.COM";
+ $ctx->{dnsname} = lc($ctx->{realm});
+ $ctx->{kdc_ipv4} = "0.0.0.0";
+ Samba::mk_krb5_conf($ctx);
+
+ $ret->{KRB5_CONFIG} = $ctx->{krb5_conf};
+
open(USERMAP, ">$prefix/lib/username.map") or die("Unable to open $prefix/lib/username.map");
print USERMAP "
$ret->{USERNAME} = KTEST\\Administrator
--
Samba Shared Repository
More information about the samba-cvs
mailing list