[SCM] Samba Shared Repository - branch v3-6-test updated
Jeremy Allison
jra at samba.org
Wed Feb 2 15:19:23 MST 2011
The branch, v3-6-test has been updated
via a651b96 s3-waf: no need to call pidl with --samba3-ndr-client anymore.
via 92c9a35 s3-build: remove --samba3-ndr-client from build_idl.sh script.
via 62153fb s3-waf: remove RPCCLI_LSA subsystem.
via 2d48a94 s3-build: remove RPCCLI_LSA subsystem.
via 44241c2 s3-winbind: prefer dcerpc_lsa_X functions in winbindd/winbindd_rpc.c.
via 42c3818 s3-winbind: prefer dcerpc_lsa_X functions in winbindd/winbindd_samr.c.
via 055761b s3-winbind: prefer dcerpc_lsa_X functions in winbindd/winbind_cm.c
via 90dfdd9 s3-dssync-passdb: implement accounts, aliases and groups
via 0307141 s3-dssync-passdb: fill in passdb_process_objects
via d55466e s3-dssync-passdb: fill in passdb_finish.
via 20a0346 s3-dssync-passdb: fill in passdb_startup.
via 3b86275 s3-dssync-passdb: add basic routines and net function.
via 2ab85a5 s3:net: make some net_rpc_samsync.c functions static
via 6604de8 s3:net: "net rpc vampire" is an alias for "net rpc vampire passdb"
via dfaf05c s3:libnet: add 'process_links' to dssync_ops
via 67bbb6f s3:groupdb: allow machine accounts as members.
via a699ac5 s3:winbindd: catch lookup_names/sids schannel errors over ncacn_ip_tcp (bug #7944)
from 37a9ed0 pidl:Samba4/NDR/Parser: add support for 'ms_union' style aligment
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -----------------------------------------------------------------
commit a651b96e59fc69edf5dbf4dd60aa15b82e08ae53
Author: Günther Deschner <gd at samba.org>
Date: Wed Feb 2 18:51:45 2011 +0100
s3-waf: no need to call pidl with --samba3-ndr-client anymore.
Guenther
Autobuild-User: Günther Deschner <gd at samba.org>
Autobuild-Date: Wed Feb 2 21:38:23 CET 2011 on sn-devel-104
(cherry picked from commit 885887ac1b7de1dbbc3da63843600d69efd5f6e8)
commit 92c9a355c876b30ca903b71a6941aed964e9f6df
Author: Günther Deschner <gd at samba.org>
Date: Wed Feb 2 18:53:54 2011 +0100
s3-build: remove --samba3-ndr-client from build_idl.sh script.
Guenther
(cherry picked from commit 2534e01a3ac187f42c0d359da2fd72b11ea0f5ae)
commit 62153fb407e49ef2a2b1442e765485a519f3a644
Author: Günther Deschner <gd at samba.org>
Date: Tue Jan 18 18:07:04 2011 +0100
s3-waf: remove RPCCLI_LSA subsystem.
Guenther
(cherry picked from commit d57ddc64c5a0551554756de01acb5135d4cb3a6f)
commit 2d48a9423e84ecd7c48ba7f49ac2d5a7d45993ed
Author: Günther Deschner <gd at samba.org>
Date: Tue Jan 18 18:06:52 2011 +0100
s3-build: remove RPCCLI_LSA subsystem.
Guenther
(cherry picked from commit ad15128d78065e56f1a2c630dd96cc4aa115d3d0)
commit 44241c2494ecb2f6c13d21a3651f67129da8e366
Author: Günther Deschner <gd at samba.org>
Date: Tue Jan 18 18:05:49 2011 +0100
s3-winbind: prefer dcerpc_lsa_X functions in winbindd/winbindd_rpc.c.
Guenther
(cherry picked from commit 387d1543ed8ac16389ace7a09cb9a452e2d220db)
commit 42c3818198ff3bf1f137a40a859f372362e4ee42
Author: Günther Deschner <gd at samba.org>
Date: Tue Jan 18 18:02:27 2011 +0100
s3-winbind: prefer dcerpc_lsa_X functions in winbindd/winbindd_samr.c.
Guenther
(cherry picked from commit 04ac046a46fe59b0551e2898ebc8940da601c406)
commit 055761b4a7b3742862d0dbf0ca0434d2694163af
Author: Günther Deschner <gd at samba.org>
Date: Tue Jan 18 17:54:24 2011 +0100
s3-winbind: prefer dcerpc_lsa_X functions in winbindd/winbind_cm.c
Guenther
(cherry picked from commit a85b20a1649980e17077e64de4d474fe6cd6f202)
commit 90dfdd9cae4415f81398f7a7056a75403b30a28e
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jan 5 16:56:14 2011 +0100
s3-dssync-passdb: implement accounts, aliases and groups
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Wed Feb 2 16:30:26 CET 2011 on sn-devel-104
(cherry picked from commit 8ddfe78a5fdbae99856fd935a3103fad9df812f2)
commit 0307141bf81d80f09044350db4978a7f94bd18e6
Author: Günther Deschner <gd at samba.org>
Date: Sat Nov 22 00:35:20 2008 +0100
s3-dssync-passdb: fill in passdb_process_objects
Guenther
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 6e0498d0e289ed596a86a1b084475bdeec9b7105)
commit d55466e4d7129645bf3df444fc7eb6d1b2c65464
Author: Günther Deschner <gd at samba.org>
Date: Fri Nov 21 23:59:55 2008 +0100
s3-dssync-passdb: fill in passdb_finish.
Guenther
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 41ba1d3a1cdb1ecf3f3e607cea73c35dc19a3deb)
commit 20a03465da45232ae7ff75174d1eadb307388e5e
Author: Günther Deschner <gd at samba.org>
Date: Fri Nov 21 23:58:42 2008 +0100
s3-dssync-passdb: fill in passdb_startup.
Guenther
Signed-off-by: Stefan Metzmacher <metze at samba.org>
(cherry picked from commit 1f884cfbcb126c8f8bfeeabd349e082ae8fae3b6)
commit 3b86275cb6ba7aae675963ef73db45195a96a4b7
Author: Günther Deschner <gd at samba.org>
Date: Fri Nov 21 23:48:45 2008 +0100
s3-dssync-passdb: add basic routines and net function.
Guenther
(cherry picked from commit 91e6dad7494421c764c2fd701931f7053f15bda1)
commit 2ab85a58fe7d61ee240f0c68d429519db2a84e1e
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 4 13:02:35 2011 +0100
s3:net: make some net_rpc_samsync.c functions static
metze
(cherry picked from commit 1c1aebae827d68feb5a94247787e97c9f4ba43a3)
commit 6604de80e731c7ae845ce6563089310a20b946ba
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 4 08:50:20 2011 +0100
s3:net: "net rpc vampire" is an alias for "net rpc vampire passdb"
The should use exactly the same code path for both.
metze
(cherry picked from commit 0313969aed6b6a5c7d75a3ec92b1797362a99046)
commit dfaf05cfe7da34b61743f03b8bb2f3600685190a
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jan 13 17:18:24 2011 +0100
s3:libnet: add 'process_links' to dssync_ops
This allows the backend to handle linked attributes.
metze
(cherry picked from commit bf7a27c3975c3822e0de8ff15730e6d6d1f46457)
commit 67bbb6f700345dc46ff79ca85bba6822a5dcf33a
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jan 21 11:55:10 2011 +0100
s3:groupdb: allow machine accounts as members.
metze
(cherry picked from commit cecf54b32bf15b0e05af899ab12f06f110dd45ec)
commit a699ac50f7c9a5eeb57215879e17631c9a1f534f
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Feb 1 18:46:57 2011 +0100
s3:winbindd: catch lookup_names/sids schannel errors over ncacn_ip_tcp (bug #7944)
If winbindd connects to a domain controller it doesn't establish the lsa
connection over ncacn_ip_tcp direct. This happens only on demand.
If someone does a 'net rpc testjoin' and then a
wbinfo -n DOMAIN\\administrator, we'll get DCERPC faults with
ACCESS_DENIED/SEC_PKG_ERROR, because winbindd's in memory copy
of the schannel session key is invalidated.
This problem can also happen on other calls, but the
lookup_names/sids calls on thet lsa ncacn_ip_tcp connection
are the most important ones.
The long term fix is to store the schannel client state in a
tdb, but for now it's enough to catch the error and invalidate
the all connections to the dc and reestablish the schannel
session key.
The fix for bug 7568 (commit be396411a4e1f3a174f8a44b6c062d834135e70a)
made this worse, as it assumes winbindd's in memory session key is
always the current one.
metze
(cherry picked from commit 255f2e06991aa543cd2c6f4d0123664b2a76c99d)
-----------------------------------------------------------------------
Summary of changes:
librpc/build_idl.sh | 6 +-
librpc/idl/wscript_build | 4 +-
source3/Makefile.in | 4 +-
source3/groupdb/mapping.c | 8 +-
source3/libnet/libnet_dssync.c | 22 +
source3/libnet/libnet_dssync.h | 6 +
source3/libnet/libnet_dssync_passdb.c | 1880 +++++++++++++++++++++++++++++++++
source3/librpc/idl/wscript_build | 9 +-
source3/script/build_idl.sh | 6 +-
source3/utils/net_proto.h | 24 -
source3/utils/net_rpc.c | 5 +-
source3/utils/net_rpc_samsync.c | 146 +++-
source3/winbindd/winbindd_cm.c | 64 +-
source3/winbindd/winbindd_msrpc.c | 28 +
source3/winbindd/winbindd_rpc.c | 19 +-
source3/winbindd/winbindd_samr.c | 38 +-
source3/wscript_build | 6 +-
17 files changed, 2151 insertions(+), 124 deletions(-)
create mode 100644 source3/libnet/libnet_dssync_passdb.c
Changeset truncated at 500 lines:
diff --git a/librpc/build_idl.sh b/librpc/build_idl.sh
index c335557..afab910 100755
--- a/librpc/build_idl.sh
+++ b/librpc/build_idl.sh
@@ -7,7 +7,7 @@ else
FULL=0
fi
-ARGS="--outputdir $PIDL_OUTPUTDIR --header --ndr-parser --samba3-ndr-server --samba3-ndr-client --server --client --python --dcom-proxy --com-header $PIDL_ARGS --"
+ARGS="--outputdir $PIDL_OUTPUTDIR --header --ndr-parser --samba3-ndr-server --server --client --python --dcom-proxy --com-header $PIDL_ARGS --"
IDL_FILES="$*"
oldpwd=`pwd`
@@ -30,8 +30,8 @@ fi
list=""
for f in ${IDL_FILES}; do
b=`basename $f .idl`
- outfiles="cli_$b.c $b.h ndr_${b}_c.c ndr_$b.h ndr_${b}_s.c srv_$b.c"
- outfiles="$outfiles cli_$b.h ndr_$b.c ndr_${b}_c.h py_$b.c srv_$b.h"
+ outfiles="$b.h ndr_${b}_c.c ndr_$b.h ndr_${b}_s.c srv_$b.c"
+ outfiles="$outfiles ndr_$b.c ndr_${b}_c.h py_$b.c srv_$b.h"
for o in $outfiles; do
[ -f $PIDL_OUTPUTDIR/$o ] || {
diff --git a/librpc/idl/wscript_build b/librpc/idl/wscript_build
index 7342228..6fdd5f3 100644
--- a/librpc/idl/wscript_build
+++ b/librpc/idl/wscript_build
@@ -11,12 +11,12 @@ bld.SAMBA_PIDL_LIST('PIDL',
oxidresolver.idl samr.idl srvsvc.idl winreg.idl dcerpc.idl
drsblobs.idl efs.idl frstrans.idl mgmt.idl netlogon.idl
policyagent.idl scerpc.idl svcctl.idl wkssvc.idl eventlog6.idl backupkey.idl''',
- options='--header --ndr-parser --samba3-ndr-server --samba3-ndr-client --server --client --python',
+ options='--header --ndr-parser --samba3-ndr-server --server --client --python',
output_dir='../gen_ndr')
bld.SAMBA_PIDL_LIST('PIDL',
'wmi.idl dcom.idl',
- options='--header --ndr-parser --samba3-ndr-server --samba3-ndr-client --server --client --python --dcom-proxy --com-header',
+ options='--header --ndr-parser --server --client --python --dcom-proxy --com-header',
output_dir='../gen_ndr')
bld.SAMBA_PIDL_LIST('PIDL',
diff --git a/source3/Makefile.in b/source3/Makefile.in
index e4bf627..6c2d8fb 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -367,8 +367,7 @@ LIBCLI_WKSSVC_OBJ = librpc/gen_ndr/ndr_wkssvc_c.o
LIBCLI_SRVSVC_OBJ = librpc/gen_ndr/ndr_srvsvc_c.o
-LIBCLI_LSA_OBJ = librpc/gen_ndr/cli_lsa.o \
- librpc/gen_ndr/ndr_lsa_c.o \
+LIBCLI_LSA_OBJ = librpc/gen_ndr/ndr_lsa_c.o \
rpc_client/cli_lsarpc.o \
rpc_client/init_lsa.o
@@ -1115,6 +1114,7 @@ LIBNET_OBJ = libnet/libnet_join.o \
librpc/gen_ndr/ndr_libnet_join.o
LIBNET_DSSYNC_OBJ = libnet/libnet_dssync.o \
+ libnet/libnet_dssync_passdb.o \
libnet/libnet_dssync_keytab.o \
../libcli/drsuapi/repl_decrypt.o
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 0c6da8c..837f84a 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -324,8 +324,8 @@ int smb_add_user_group(const char *unix_group, const char *unix_user)
if (!add_script) {
return -1;
}
- add_script = talloc_string_sub(ctx,
- add_script, "%u", unix_user);
+ add_script = talloc_string_sub2(ctx,
+ add_script, "%u", unix_user, true, false, true);
if (!add_script) {
return -1;
}
@@ -364,8 +364,8 @@ int smb_delete_user_group(const char *unix_group, const char *unix_user)
if (!del_script) {
return -1;
}
- del_script = talloc_string_sub(ctx,
- del_script, "%u", unix_user);
+ del_script = talloc_string_sub2(ctx,
+ del_script, "%u", unix_user, true, false, true);
if (!del_script) {
return -1;
}
diff --git a/source3/libnet/libnet_dssync.c b/source3/libnet/libnet_dssync.c
index 3aed8b6..64a4df0 100644
--- a/source3/libnet/libnet_dssync.c
+++ b/source3/libnet/libnet_dssync.c
@@ -451,6 +451,8 @@ static NTSTATUS libnet_dssync_getncchanges(TALLOC_CTX *mem_ctx,
for (y=0, last_query = false; !last_query; y++) {
struct drsuapi_DsReplicaObjectListItemEx *first_object = NULL;
struct drsuapi_DsReplicaOIDMapping_Ctr *mapping_ctr = NULL;
+ uint32_t linked_attributes_count = 0;
+ struct drsuapi_DsReplicaLinkedAttribute *linked_attributes = NULL;
if (level == 8) {
DEBUG(1,("start[%d] tmp_higest_usn: %llu , highest_usn: %llu\n",y,
@@ -537,6 +539,9 @@ static NTSTATUS libnet_dssync_getncchanges(TALLOC_CTX *mem_ctx,
first_object = ctr6->first_object;
mapping_ctr = &ctr6->mapping_ctr;
+ linked_attributes = ctr6->linked_attributes;
+ linked_attributes_count = ctr6->linked_attributes_count;
+
if (ctr6->more_data) {
req->req8.highwatermark = ctr6->new_highwatermark;
} else {
@@ -576,6 +581,23 @@ static NTSTATUS libnet_dssync_getncchanges(TALLOC_CTX *mem_ctx,
goto out;
}
}
+
+ if (linked_attributes_count == 0) {
+ continue;
+ }
+
+ if (ctx->ops->process_links) {
+ status = ctx->ops->process_links(ctx, mem_ctx,
+ linked_attributes_count,
+ linked_attributes,
+ mapping_ctr);
+ if (!NT_STATUS_IS_OK(status)) {
+ ctx->error_message = talloc_asprintf(ctx,
+ "Failed to call processing function: %s",
+ nt_errstr(status));
+ goto out;
+ }
+ }
}
*pnew_utdv = new_utdv;
diff --git a/source3/libnet/libnet_dssync.h b/source3/libnet/libnet_dssync.h
index 91f48f5..d426d8b 100644
--- a/source3/libnet/libnet_dssync.h
+++ b/source3/libnet/libnet_dssync.h
@@ -30,6 +30,11 @@ struct dssync_ops {
TALLOC_CTX *mem_ctx,
struct drsuapi_DsReplicaObjectListItemEx *objects,
struct drsuapi_DsReplicaOIDMapping_Ctr *mappings);
+ NTSTATUS (*process_links)(struct dssync_context *ctx,
+ TALLOC_CTX *mem_ctx,
+ uint32_t count,
+ struct drsuapi_DsReplicaLinkedAttribute *links,
+ struct drsuapi_DsReplicaOIDMapping_Ctr *mappings);
NTSTATUS (*finish)(struct dssync_context *ctx, TALLOC_CTX *mem_ctx,
struct replUpToDateVectorBlob *new_utdv);
};
@@ -58,6 +63,7 @@ struct dssync_context {
};
extern const struct dssync_ops libnet_dssync_keytab_ops;
+extern const struct dssync_ops libnet_dssync_passdb_ops;
/* The following definitions come from libnet/libnet_dssync.c */
diff --git a/source3/libnet/libnet_dssync_passdb.c b/source3/libnet/libnet_dssync_passdb.c
new file mode 100644
index 0000000..585428a
--- /dev/null
+++ b/source3/libnet/libnet_dssync_passdb.c
@@ -0,0 +1,1880 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ Copyright (C) Guenther Deschner <gd at samba.org> 2008
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "libnet/libnet_dssync.h"
+#include "libnet/libnet_samsync.h"
+#include "../libcli/security/security.h"
+#include "../libds/common/flags.h"
+#include "../librpc/gen_ndr/ndr_drsuapi.h"
+#include "dbwrap.h"
+
+/****************************************************************
+****************************************************************/
+
+struct dssync_passdb {
+ struct pdb_methods *methods;
+ struct db_context *all;
+ struct db_context *aliases;
+ struct db_context *groups;
+};
+
+struct dssync_passdb_obj {
+ struct dssync_passdb_obj *self;
+ uint32_t type;
+ struct drsuapi_DsReplicaObjectListItemEx *cur;
+ TDB_DATA key;
+ TDB_DATA data;
+ struct db_context *members;
+};
+
+struct dssync_passdb_mem {
+ struct dssync_passdb_mem *self;
+ bool active;
+ struct drsuapi_DsReplicaObjectIdentifier3 *cur;
+ struct dssync_passdb_obj *obj;
+ TDB_DATA key;
+ TDB_DATA data;
+};
+
+static NTSTATUS dssync_insert_obj(struct dssync_passdb *pctx,
+ struct db_context *db,
+ struct dssync_passdb_obj *obj)
+{
+ NTSTATUS status;
+ struct db_record *rec;
+
+ rec = db->fetch_locked(db, talloc_tos(), obj->key);
+ if (rec == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ if (rec->value.dsize != 0) {
+ abort();
+ }
+
+ status = rec->store(rec, obj->data, TDB_INSERT);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(rec);
+ return status;
+ }
+ TALLOC_FREE(rec);
+ return NT_STATUS_OK;
+}
+
+static struct dssync_passdb_obj *dssync_parse_obj(const TDB_DATA data)
+{
+ struct dssync_passdb_obj *obj;
+
+ if (data.dsize != sizeof(obj)) {
+ return NULL;
+ }
+
+ /*
+ * we need to copy the pointer to avoid alignment problems
+ * on some systems.
+ */
+ memcpy(&obj, data.dptr, sizeof(obj));
+
+ return talloc_get_type_abort(obj, struct dssync_passdb_obj);
+}
+
+static struct dssync_passdb_obj *dssync_search_obj_by_guid(struct dssync_passdb *pctx,
+ struct db_context *db,
+ const struct GUID *guid)
+{
+ struct dssync_passdb_obj *obj;
+ int ret;
+ TDB_DATA key;
+ TDB_DATA data;
+
+ key = make_tdb_data((const uint8_t *)(void *)guid,
+ sizeof(*guid));
+
+ ret = db->fetch(db, talloc_tos(), key, &data);
+ if (ret != 0) {
+ return NULL;
+ }
+
+ obj = dssync_parse_obj(data);
+ return obj;
+}
+
+static NTSTATUS dssync_create_obj(struct dssync_passdb *pctx,
+ struct db_context *db,
+ uint32_t type,
+ struct drsuapi_DsReplicaObjectListItemEx *cur,
+ struct dssync_passdb_obj **_obj)
+{
+ NTSTATUS status;
+ struct dssync_passdb_obj *obj;
+
+ obj = talloc_zero(pctx, struct dssync_passdb_obj);
+ if (obj == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ obj->self = obj;
+ obj->cur = cur;
+ obj->type = type;
+ obj->key = make_tdb_data((const uint8_t *)(void *)&cur->object.identifier->guid,
+ sizeof(cur->object.identifier->guid));
+ obj->data = make_tdb_data((const uint8_t *)(void *)&obj->self,
+ sizeof(obj->self));
+
+ obj->members = db_open_rbt(obj);
+ if (obj->members == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ status = dssync_insert_obj(pctx, db, obj);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(obj);
+ return status;
+ }
+ *_obj = obj;
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS dssync_insert_mem(struct dssync_passdb *pctx,
+ struct dssync_passdb_obj *obj,
+ struct dssync_passdb_mem *mem)
+{
+ NTSTATUS status;
+ struct db_record *rec;
+
+ rec = obj->members->fetch_locked(obj->members, talloc_tos(), mem->key);
+ if (rec == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ if (rec->value.dsize != 0) {
+ abort();
+ }
+
+ status = rec->store(rec, mem->data, TDB_INSERT);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(rec);
+ return status;
+ }
+ TALLOC_FREE(rec);
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS dssync_create_mem(struct dssync_passdb *pctx,
+ struct dssync_passdb_obj *obj,
+ bool active,
+ struct drsuapi_DsReplicaObjectIdentifier3 *cur,
+ struct dssync_passdb_mem **_mem)
+{
+ NTSTATUS status;
+ struct dssync_passdb_mem *mem;
+
+ mem = talloc_zero(pctx, struct dssync_passdb_mem);
+ if (mem == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ mem->self = mem;
+ mem->cur = cur;
+ mem->active = active;
+ mem->obj = NULL;
+ mem->key = make_tdb_data((const uint8_t *)(void *)&cur->guid,
+ sizeof(cur->guid));
+ mem->data = make_tdb_data((const uint8_t *)(void *)&mem->self,
+ sizeof(mem->self));
+
+ status = dssync_insert_mem(pctx, obj, mem);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(obj);
+ return status;
+ }
+ *_mem = mem;
+ return NT_STATUS_OK;
+}
+
+static struct dssync_passdb_mem *dssync_parse_mem(const TDB_DATA data)
+{
+ struct dssync_passdb_mem *mem;
+
+ if (data.dsize != sizeof(mem)) {
+ return NULL;
+ }
+
+ /*
+ * we need to copy the pointer to avoid alignment problems
+ * on some systems.
+ */
+ memcpy(&mem, data.dptr, sizeof(mem));
+
+ return talloc_get_type_abort(mem, struct dssync_passdb_mem);
+}
+
+static NTSTATUS passdb_startup(struct dssync_context *ctx, TALLOC_CTX *mem_ctx,
+ struct replUpToDateVectorBlob **pold_utdv)
+{
+ NTSTATUS status;
+ struct dssync_passdb *pctx;
+
+ pctx = talloc_zero(mem_ctx, struct dssync_passdb);
+ if (pctx == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (ctx->output_filename) {
+ status = make_pdb_method_name(&pctx->methods, ctx->output_filename);
+ } else {
+ status = make_pdb_method_name(&pctx->methods, lp_passdb_backend());
+ }
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ pctx->all = db_open_rbt(pctx);
+ if (pctx->all == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ pctx->aliases = db_open_rbt(pctx);
+ if (pctx->aliases == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ pctx->groups = db_open_rbt(pctx);
+ if (pctx->groups == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ ctx->private_data = pctx;
+
+ return status;
+}
+
+/****************************************************************
+****************************************************************/
+
+struct dssync_passdb_traverse_amembers {
+ struct dssync_context *ctx;
+ struct dssync_passdb_obj *obj;
+ const char *name;
+ uint32_t idx;
+};
+
+struct dssync_passdb_traverse_aliases {
+ struct dssync_context *ctx;
+ const char *name;
+ uint32_t idx;
+};
+
+static int dssync_passdb_traverse_amembers(struct db_record *rec,
+ void *private_data)
+{
+ struct dssync_passdb_traverse_amembers *state =
+ (struct dssync_passdb_traverse_amembers *)private_data;
+ struct dssync_passdb *pctx =
+ talloc_get_type_abort(state->ctx->private_data,
+ struct dssync_passdb);
+ struct dssync_passdb_mem *mem;
+ NTSTATUS status;
+ struct dom_sid alias_sid;
+ struct dom_sid member_sid;
+ const char *member_dn;
+ size_t num_members;
+ size_t i;
+ struct dom_sid *members;
+ bool is_member = false;
+ const char *action;
+
+ state->idx++;
+
+ alias_sid = state->obj->cur->object.identifier->sid;
+
+ mem = dssync_parse_mem(rec->value);
+ if (mem == NULL) {
+ return -1;
+ }
+
+ member_sid = mem->cur->sid;
+ member_dn = mem->cur->dn;
+
+ mem->obj = dssync_search_obj_by_guid(pctx, pctx->all, &mem->cur->guid);
+ if (mem->obj == NULL) {
+ DEBUG(0,("alias[%s] member[%s] can't resolve member - ignoring\n",
+ sid_string_dbg(&alias_sid),
+ is_null_sid(&member_sid)?
+ sid_string_dbg(&member_sid):
+ member_dn));
+ return 0;
+ }
+
+ switch (mem->obj->type) {
+ case ATYPE_DISTRIBUTION_LOCAL_GROUP:
+ case ATYPE_DISTRIBUTION_GLOBAL_GROUP:
+ DEBUG(0, ("alias[%s] ignore distribution group [%s]\n",
+ sid_string_dbg(&alias_sid),
+ member_dn));
+ return 0;
+ default:
+ break;
+ }
+
+ DEBUG(0,("alias[%s] member[%s]\n",
--
Samba Shared Repository
More information about the samba-cvs
mailing list