[SCM] Samba Shared Repository - branch master updated

Matthieu Patou mat at samba.org
Tue Aug 9 17:06:02 MDT 2011 

The branch, master has been updated
       via  4a5e9cf s4:subtree_rename LDB module - fix the move/rename constraints
       via  4659b07 s4-drs: In dcesrv_drsuapi_DsRemoveDSServer use the subtree control to delete the NTDS entry
       via  dd90216 s4-dsdb: avoid printing a pointless debug line
       via  87e7802 s4-drsuapi: crackname search also for deleted objects
       via  1b97b2f s4: create a small script to test drsuapi/crackname
      from  fd33829 tevent: change the version to 0.9.14 after the tevent_queue changes

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 4a5e9cf0ed909faef1325efff4581a4c5ee8d736
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Fri Apr 29 11:38:56 2011 +0200

    s4:subtree_rename LDB module - fix the move/rename constraints
    
    s4:subtree_rename LDB module - fix the move/rename constraints
    
    By the inspiration of an email request by ekacnet I have rechecked the
    move/rename constraints and re-read the chapter 3.1.1.5.4.1 located in the
    MS-ADTS technical documentation.
    It really turns out that the constraint checking is only performed on
    the root object of a request.
    
    In addition add my copyright notice (I've written these constraint checks).
    
    Autobuild-User: Matthieu Patou <mat at samba.org>
    Autobuild-Date: Wed Aug 10 01:05:19 CEST 2011 on sn-devel-104

commit 4659b07eb9608acaf5b49d8919c98e224d2b805c
Author: Matthieu Patou <mat at matws.net>
Date:   Wed Aug 10 01:36:01 2011 +0400

    s4-drs: In dcesrv_drsuapi_DsRemoveDSServer use the subtree control to delete the NTDS entry
    
    This entry has most of the time subelements (connections between DCs)
    that will forbid a simple (non recursive) delete

commit dd902164d270be60ccafb296105f4c1d5edd87df
Author: Matthieu Patou <mat at matws.net>
Date:   Mon Aug 8 14:41:54 2011 +0400

    s4-dsdb: avoid printing a pointless debug line

commit 87e7802722e62b5df1d8f63d49f4a54eaf3f61cd
Author: Matthieu Patou <matthieu.patou at matws.net>
Date:   Sun Jul 31 00:54:01 2011 +0400

    s4-drsuapi: crackname search also for deleted objects

commit 1b97b2f8ffce2bd7c93155bab337dd90665f7013
Author: Matthieu Patou <mat at matws.net>
Date:   Sun Jul 31 00:48:06 2011 +0400

    s4: create a small script to test drsuapi/crackname

-----------------------------------------------------------------------

Summary of changes:
 source4/dsdb/samdb/cracknames.c                 |    5 +-
 source4/dsdb/samdb/ldb_modules/repl_meta_data.c |    2 +-
 source4/dsdb/samdb/ldb_modules/subtree_rename.c |   17 ++---
 source4/rpc_server/drsuapi/dcesrv_drsuapi.c     |    3 +-
 source4/scripting/devel/crackname               |   75 +++++++++++++++++++++++
 5 files changed, 89 insertions(+), 13 deletions(-)
 create mode 100755 source4/scripting/devel/crackname


Changeset truncated at 500 lines:

diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index d922482..21a473d 100644
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -839,13 +839,16 @@ static WERROR DsCrackNameOneFilter(struct ldb_context *sam_ctx, TALLOC_CTX *mem_
 			dsdb_flags = DSDB_SEARCH_SEARCH_ALL_PARTITIONS;
 			search_dn = ldb_get_root_basedn(sam_ctx);
 		}
+		if (format_desired == DRSUAPI_DS_NAME_FORMAT_GUID){
+			 dsdb_flags = dsdb_flags| DSDB_SEARCH_SHOW_DELETED;
+		}
 
 		/* search with the 'phantom root' flag */
 		ret = dsdb_search(sam_ctx, mem_ctx, &res,
 				  search_dn,
 				  LDB_SCOPE_SUBTREE,
 				  result_attrs,
-				  DSDB_SEARCH_SEARCH_ALL_PARTITIONS,
+				  dsdb_flags,
 				  "%s", result_filter);
 		if (ret != LDB_SUCCESS) {
 			DEBUG(2, ("DsCrackNameOneFilter phantom root search failed: %s",
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 706ca33..54741e6 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -4188,7 +4188,7 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a
 	 */
 	nrf_el->flags = LDB_FLAG_MOD_REPLACE;
 
-	if (DEBUGLVL(4)) {
+	if (CHECK_DEBUGLVL(4)) {
 		char *s = ldb_ldif_message_string(ldb, ar, LDB_CHANGETYPE_MODIFY, msg);
 		DEBUG(4, ("DRS replication uptodate modify message:\n%s\n", s));
 		talloc_free(s);
diff --git a/source4/dsdb/samdb/ldb_modules/subtree_rename.c b/source4/dsdb/samdb/ldb_modules/subtree_rename.c
index f26a99e..a4714ac 100644
--- a/source4/dsdb/samdb/ldb_modules/subtree_rename.c
+++ b/source4/dsdb/samdb/ldb_modules/subtree_rename.c
@@ -3,6 +3,7 @@
 
    Copyright (C) Andrew Bartlett <abartlet at samba.org> 2006-2007
    Copyright (C) Stefan Metzmacher <metze at samba.org> 2007
+   Copyright (C) Matthias Dieter Wallnöfer <mdw at samba.org> 2010-2011
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -319,9 +320,12 @@ static int subtree_rename_search_callback(struct ldb_request *req,
 	switch (ares->type) {
 	case LDB_REPLY_ENTRY:
 		if (ldb_dn_compare(ares->message->dn, ac->list->olddn) == 0) {
-			/* this was already stored by the
-			 * subtree_rename_search() */
-
+			/*
+			 * This is the root entry of the originating move
+			 * respectively rename request. It has been already
+			 * stored in the list using "subtree_rename_search()".
+			 * Only this one is subject to constraint checking.
+			 */
 			ret = check_constraints(ares->message, ac,
 						ac->list->olddn,
 						ac->list->newdn);
@@ -356,13 +360,6 @@ static int subtree_rename_search_callback(struct ldb_request *req,
 			return ldb_module_done(ac->req, NULL, NULL,
 						LDB_ERR_OPERATIONS_ERROR);
 		}
-
-		ret = check_constraints(ares->message, ac,
-					store->olddn, store->newdn);
-		if (ret != LDB_SUCCESS) {
-			return ldb_module_done(ac->req, NULL, NULL, ret);
-		}
-
 		break;
 
 	case LDB_REPLY_REFERRAL:
diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index 5dbb238..b170ec3 100644
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -25,6 +25,7 @@
 #include "rpc_server/dcerpc_server.h"
 #include "rpc_server/common/common.h"
 #include "dsdb/samdb/samdb.h"
+#include "dsdb/common/util.h"
 #include "libcli/security/security.h"
 #include "libcli/security/session.h"
 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
@@ -502,7 +503,7 @@ static WERROR dcesrv_drsuapi_DsRemoveDSServer(struct dcesrv_call_state *dce_call
 		}
 
 		if (r->in.req->req1.commit) {
-			ret = ldb_delete(b_state->sam_ctx, ntds_dn);
+			ret = dsdb_delete(b_state->sam_ctx, ntds_dn, DSDB_TREE_DELETE);
 			if (ret != LDB_SUCCESS) {
 				return WERR_FOOBAR;
 			}
diff --git a/source4/scripting/devel/crackname b/source4/scripting/devel/crackname
new file mode 100755
index 0000000..133b853
--- /dev/null
+++ b/source4/scripting/devel/crackname
@@ -0,0 +1,75 @@
+#!/usr/bin/env python
+
+# Copyright Matthieu Patou <mat at matws.net> 2011
+# script to call a DRSUAPI crackname
+# this is useful for plugfest testing and replication debug
+
+import sys
+from optparse import OptionParser
+
+sys.path.insert(0, "bin/python")
+
+import samba.getopt as options
+from samba.dcerpc import drsuapi, misc
+
+def do_DsBind(drs):
+    '''make a DsBind call, returning the binding handle'''
+    bind_info = drsuapi.DsBindInfoCtr()
+    bind_info.length = 28
+    bind_info.info = drsuapi.DsBindInfo28()
+    bind_info.info.supported_extensions	= 0
+    (info, handle) = drs.DsBind(misc.GUID(drsuapi.DRSUAPI_DS_BIND_GUID), bind_info)
+    return handle
+
+
+########### main code ###########
+if __name__ == "__main__":
+    parser = OptionParser("crackname server [options]")
+    sambaopts = options.SambaOptions(parser)
+    parser.add_option_group(sambaopts)
+    credopts = options.CredentialsOptionsDouble(parser)
+    parser.add_option_group(credopts)
+
+    parser.add_option("", "--name", type='str',
+                      default='{ED9F5546-9729-4B04-9385-3FCFE2B17BA1}', help="name to crack")
+    parser.add_option("", "--outformat", type='int',
+                      default=drsuapi.DRSUAPI_DS_NAME_FORMAT_FQDN_1779,
+                      help='format desired')
+    parser.add_option("", "--informat", type='int',
+                      default=drsuapi.DRSUAPI_DS_NAME_FORMAT_GUID,
+                      help='format offered')
+
+    (opts, args) = parser.parse_args()
+
+    lp = sambaopts.get_loadparm()
+    creds = credopts.get_credentials(lp)
+
+    if len(args) != 1:
+        parser.error("You must supply a server")
+
+    if creds.is_anonymous():
+        parser.error("You must supply credentials")
+
+    server = args[0]
+
+    binding_str = "ncacn_ip_tcp:%s[seal,print]" % server
+
+    drs = drsuapi.drsuapi(binding_str, lp, creds)
+    drs_handle = do_DsBind(drs)
+    print "DRS Handle: %s" % drs_handle
+
+    req = drsuapi.DsNameRequest1()
+    names = drsuapi.DsNameString()
+    names.str = opts.name
+
+    req.codepage = 1252
+    req.language = 1033
+    req.format_flags = 0
+    req.format_offered = opts.informat
+    req.format_desired = opts.outformat
+    req.count = 1
+    req.names = [names]
+
+    (result, ctr) = drs.DsCrackNames(drs_handle, 1, req)
+    print ctr.array[0].status
+    print ctr.array[0].result_name


-- 
Samba Shared Repository

More information about the samba-cvs mailing list