[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Tue Aug 21 19:09:05 MDT 2012
The branch, master has been updated
via 1219eaf s4-python: Complete python bindings for idmap.idl
via 125e93c s3-pysmbd: Correct the python type for smb_acl_t
via 10267f1 s4-python: complete python bindigns for smb_acls.idl
via 450fcd7 s3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA
via 2b40446 selftest: Pass --use-ntvfs to provison in renamedc test
via 9170f9c selftest: Specify --use-ntvfs to provision in test scripts
via 97b1379 s4-classicupgrade: Add --use-ntvfs option
via b5c2747 s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire
via c4b9c3a s4:samldb LDB module - remove unused "member" attribute from search filter
via 32cd618 LDB:ldb_tdb.c - deny multi-valued attributes manipulation with doublets
via cb63b34 LDB:ldbsearch - add search filter tests
via 6a8c697 LDB:ldbsearch - search filters do not only contain "="
via c8bfb8e s4:dsdb - always fail if a search filter could not be parsed
via 536c082 LDB:ldif_handlers.c - LDB_OP_GREATER/LDB_OP_LESS are thought as ">=" or "<="
via 5f8006c s4:dsdb_sort_objectClass_attr - simplify memory context handling
via 166a7d3 s4:dsdb_sort_objectClass_attr - use "data_blob_string_const" for setting values
from db075b0 libcli: fix value of NT_STATUS_FILE_NOT_AVAILABLE
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1219eaffbe60ea875306f84d3ce7965ce4ae6384
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 21 23:21:41 2012 +1000
s4-python: Complete python bindings for idmap.idl
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Wed Aug 22 03:08:51 CEST 2012 on sn-devel-104
commit 125e93cdde0798f306cd8a5778ecbf985aa63d3e
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 21 22:41:13 2012 +1000
s3-pysmbd: Correct the python type for smb_acl_t
The t is weird, but the python bindings trim the traditional IDL name
prefix of each element, as it is usually rudundent.
Andrew Bartlett
commit 10267f153c590838d2440e71b535e55874d82d9c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 21 22:40:12 2012 +1000
s4-python: complete python bindigns for smb_acls.idl
commit 450fcd79c795698c33ef2e0e4e85460128ba7bfd
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 21 21:22:31 2012 +1000
s3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA
Found by the talloc_stackframe() out of order checker!
Andrew Bartlett
commit 2b404462f5b055843ecc7af27bfd05d5d11d09e4
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 22 07:25:59 2012 +1000
selftest: Pass --use-ntvfs to provison in renamedc test
Also fix test prefix to match the test
Andrew Bartlett
commit 9170f9ce95583f30d108d4a2d23b05f246a3514c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 21 20:04:16 2012 +1000
selftest: Specify --use-ntvfs to provision in test scripts
Because these run as non-root, we need to avoid doing things that will
fail during the provision. The main test of the s3fs provision is the
plugin_s4_dc environment with a smb.conf that specifies vfs_fake_acls.
Andrew Bartlett
commit 97b13799ce4786f03602fba8eb6ad5da7023bb5c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Wed Aug 22 06:58:19 2012 +1000
s4-classicupgrade: Add --use-ntvfs option
This is an odd option, but is needed because I wish to add assertions about
ACL setting that will not work in make test without the vfs_fake_acls module
loaded.
Andrew Bartlett
commit b5c2747cad0f9bbb69cceb4b90aab20546a5cf66
Author: Andrew Bartlett <abartlet at samba.org>
Date: Tue Aug 21 19:58:18 2012 +1000
s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire
None of these cases need the complexity of the s3fs backend.
Andrew Bartlett
commit c4b9c3aba8a448812d401fc28ad65ac818af5b04
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Fri May 11 11:53:46 2012 +0200
s4:samldb LDB module - remove unused "member" attribute from search filter
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 32cd618e6c0d44e0f64409ceda8451cc4665e625
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Thu May 10 16:18:37 2012 +0200
LDB:ldb_tdb.c - deny multi-valued attributes manipulation with doublets
This refers to LDB add operations as well, we have only to be careful on
"@ATTRIBUTES" entries.
E.g.
dn: cn=testperson,cn=users,dc=...,dc=...
objectClass: person
url: www.example.com
url: www.example.com
should not work.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit cb63b34b053119fcab093e95f555840afa9cfdcf
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Thu May 10 10:11:51 2012 +0200
LDB:ldbsearch - add search filter tests
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 6a8c6979544594f9fadec768392888793e7eb74f
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Fri May 4 11:59:22 2012 +0200
LDB:ldbsearch - search filters do not only contain "="
Also "<=", ">=", "~"... are allowed as well. Enumeration taken from
ldb_parse_filtertype().
This was the cause of not identifying the search filter as described in bug
https://bugzilla.samba.org/show_bug.cgi?id=8647.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit c8bfb8eb094e5bb80de8f5fa991910954d47b351
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Fri May 4 11:42:14 2012 +0200
s4:dsdb - always fail if a search filter could not be parsed
A NULL string/expression returns the generic "(objectClass=*)" filter
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 536c082505fea55eb12056791e170c8cf80b36cb
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Fri May 4 11:41:03 2012 +0200
LDB:ldif_handlers.c - LDB_OP_GREATER/LDB_OP_LESS are thought as ">=" or "<="
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 5f8006cb64c6537f3004e91319d071a603e4468e
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Fri May 4 08:51:41 2012 +0200
s4:dsdb_sort_objectClass_attr - simplify memory context handling
Do only require the out memory context and build the temporary one in
the body of the function. This greatly simplifies the callers.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
commit 166a7d37f7bfc7b22163e1d38a0bb0e47c2f6622
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Fri May 4 08:46:29 2012 +0200
s4:dsdb_sort_objectClass_attr - use "data_blob_string_const" for setting values
As shown in commit c8e6d8b487 this looks easier and in any case we can
treat schema context data like global data.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/ldb-samba/ldif_handlers.c | 4 +-
lib/ldb/common/ldb_parse.c | 2 +-
lib/ldb/ldb_tdb/ldb_tdb.c | 19 +++++++++-
lib/ldb/tests/test-generic.sh | 2 +
lib/ldb/tools/ldbsearch.c | 2 +-
librpc/wscript_build | 10 +++++
selftest/target/Samba4.pm | 38 ++++++++++---------
source3/modules/vfs_xattr_tdb.c | 6 ---
source3/smbd/pysmbd.c | 4 +-
source4/dsdb/pydsdb.c | 3 +-
source4/dsdb/samdb/ldb_modules/objectclass.c | 29 ++-------------
source4/dsdb/samdb/ldb_modules/proxy.c | 3 ++
source4/dsdb/samdb/ldb_modules/samldb.c | 2 +-
source4/dsdb/schema/schema_query.c | 35 ++++++++++--------
source4/libcli/ldap/ldap_ildap.c | 6 +++-
source4/libnet/libnet_vampire.c | 2 +-
source4/librpc/wscript_build | 12 ++++++
source4/param/provision.c | 2 +
source4/param/provision.h | 1 +
source4/scripting/python/samba/netcmd/domain.py | 6 ++-
.../scripting/python/samba/provision/__init__.py | 4 +-
source4/scripting/python/samba/upgrade.py | 6 ++-
source4/setup/tests/blackbox_provision.sh | 18 +++++-----
source4/setup/tests/blackbox_s3upgrade.sh | 6 ++--
source4/setup/tests/blackbox_setpassword.sh | 2 +-
source4/setup/tests/blackbox_upgradeprovision.sh | 4 +-
source4/torture/local/torture.c | 1 +
testprogs/blackbox/renamedc.sh | 10 +++---
28 files changed, 136 insertions(+), 103 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/ldb-samba/ldif_handlers.c b/lib/ldb-samba/ldif_handlers.c
index af66623..1cf7df7 100644
--- a/lib/ldb-samba/ldif_handlers.c
+++ b/lib/ldb-samba/ldif_handlers.c
@@ -1139,9 +1139,9 @@ static int samba_syntax_operator_fn(struct ldb_context *ldb, enum ldb_parse_op o
ret = a->syntax->comparison_fn(ldb, tmp_ctx, v1, v2);
talloc_free(tmp_ctx);
if (operation == LDB_OP_GREATER) {
- *matched = (ret > 0);
+ *matched = (ret >= 0);
} else if (operation == LDB_OP_LESS) {
- *matched = (ret < 0);
+ *matched = (ret <= 0);
} else {
*matched = (ret == 0);
}
diff --git a/lib/ldb/common/ldb_parse.c b/lib/ldb/common/ldb_parse.c
index 47145a2..cfa2959 100644
--- a/lib/ldb/common/ldb_parse.c
+++ b/lib/ldb/common/ldb_parse.c
@@ -343,7 +343,7 @@ static enum ldb_parse_op ldb_parse_filtertype(TALLOC_CTX *mem_ctx, char **type,
}
if (!filter) {
talloc_free(name);
- return filter;
+ return 0;
}
p++;
diff --git a/lib/ldb/ldb_tdb/ldb_tdb.c b/lib/ldb/ldb_tdb/ldb_tdb.c
index cc1586d..3c18150 100644
--- a/lib/ldb/ldb_tdb/ldb_tdb.c
+++ b/lib/ldb/ldb_tdb/ldb_tdb.c
@@ -318,7 +318,7 @@ static int ltdb_add_internal(struct ldb_module *module,
{
struct ldb_context *ldb = ldb_module_get_ctx(module);
int ret = LDB_SUCCESS;
- unsigned int i;
+ unsigned int i, j;
for (i=0;i<msg->num_elements;i++) {
struct ldb_message_element *el = &msg->elements[i];
@@ -336,6 +336,22 @@ static int ltdb_add_internal(struct ldb_module *module,
el->name, ldb_dn_get_linearized(msg->dn));
return LDB_ERR_CONSTRAINT_VIOLATION;
}
+
+ /* Do not check "@ATTRIBUTES" for duplicated values */
+ if (ldb_dn_is_special(msg->dn) &&
+ ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
+ continue;
+ }
+
+ /* TODO: This is O(n^2) - replace with more efficient check */
+ for (j=0; j<el->num_values; j++) {
+ if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
+ ldb_asprintf_errstring(ldb,
+ "attribute '%s': value #%u on '%s' provided more than once",
+ el->name, j, ldb_dn_get_linearized(msg->dn));
+ return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
+ }
+ }
}
ret = ltdb_store(module, msg, TDB_INSERT);
@@ -761,6 +777,7 @@ int ltdb_modify_internal(struct ldb_module *module,
/* Check that values don't exist yet on multi-
valued attributes or aren't provided twice */
+ /* TODO: This is O(n^2) - replace with more efficient check */
for (j = 0; j < el->num_values; j++) {
if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
if (control_permissive) {
diff --git a/lib/ldb/tests/test-generic.sh b/lib/ldb/tests/test-generic.sh
index 69f901b..e1f8e79 100755
--- a/lib/ldb/tests/test-generic.sh
+++ b/lib/ldb/tests/test-generic.sh
@@ -123,12 +123,14 @@ if [ $count != 2 ]; then
echo returned $count records - expected 2
echo "this fails on openLdap ..."
fi
+$VALGRIND ldbsearch '(cn>t)' cn && exit 1 # strictly greater should not work
count=`$VALGRIND ldbsearch '(cn<=t)' cn | grep '^dn' | wc -l`
if [ $count != 13 ]; then
echo returned $count records - expected 13
echo "this fails on openLdap ..."
fi
+$VALGRIND ldbsearch '(cn<t)' cn && exit 1 # strictly less should not work
checkcount() {
count=$1
diff --git a/lib/ldb/tools/ldbsearch.c b/lib/ldb/tools/ldbsearch.c
index 2da7072..a030a5a 100644
--- a/lib/ldb/tools/ldbsearch.c
+++ b/lib/ldb/tools/ldbsearch.c
@@ -305,7 +305,7 @@ int main(int argc, const char **argv)
/* the check for '=' is for compatibility with ldapsearch */
if (!options->interactive &&
options->argc > 0 &&
- strchr(options->argv[0], '=')) {
+ strpbrk(options->argv[0], "=<>~:")) {
expression = options->argv[0];
options->argv++;
options->argc--;
diff --git a/librpc/wscript_build b/librpc/wscript_build
index 8dbbe2d..ee8483b 100644
--- a/librpc/wscript_build
+++ b/librpc/wscript_build
@@ -377,6 +377,16 @@ bld.SAMBA_SUBSYSTEM('RPC_NDR_XATTR',
public_deps='NDR_XATTR dcerpc-binding'
)
+bld.SAMBA_SUBSYSTEM('RPC_NDR_IDMAP',
+ source='gen_ndr/ndr_idmap_c.c',
+ public_deps='NDR_IDMAP dcerpc-binding'
+ )
+
+bld.SAMBA_SUBSYSTEM('RPC_NDR_SMB_ACL',
+ source='gen_ndr/ndr_smb_acl_c.c',
+ public_deps='NDR_SMB_ACL dcerpc-binding'
+ )
+
bld.SAMBA_SUBSYSTEM('RPC_NDR_ROT',
source='gen_ndr/ndr_rot_c.c',
public_deps='NDR_ROT dcerpc-binding'
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 17f3a32..b8d245c 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -420,11 +420,11 @@ Wfz/8alZ5aMezCQzXJyIaJsCLeKABosSwHcpAFmxlQ==
EOF
}
-sub provision_raw_prepare($$$$$$$$$)
+sub provision_raw_prepare($$$$$$$$$$)
{
my ($self, $prefix, $server_role, $hostname,
$domain, $realm, $functional_level,
- $password, $kdc_ipv4) = @_;
+ $password, $kdc_ipv4, $use_ntvfs) = @_;
my $ctx;
my $netbiosname = uc($hostname);
@@ -534,7 +534,9 @@ sub provision_raw_prepare($$$$$$$$$)
push (@provision_options, "--server-role=\"$ctx->{server_role}\"");
push (@provision_options, "--function-level=\"$ctx->{functional_level}\"");
push (@provision_options, "--dns-backend=BIND9_DLZ");
- push (@provision_options, "--use-ntvfs");
+ if ($use_ntvfs) {
+ push (@provision_options, "--use-ntvfs");
+ }
@{$ctx->{provision_options}} = @provision_options;
@@ -698,16 +700,16 @@ sub provision_raw_step2($$$)
return $ret;
}
-sub provision($$$$$$$$)
+sub provision($$$$$$$$$)
{
my ($self, $prefix, $server_role, $hostname,
$domain, $realm, $functional_level,
- $password, $kdc_ipv4, $extra_smbconf_options, $extra_smbconf_shares) = @_;
+ $password, $kdc_ipv4, $extra_smbconf_options, $extra_smbconf_shares, $use_ntvfs) = @_;
my $ctx = $self->provision_raw_prepare($prefix, $server_role,
$hostname,
$domain, $realm, $functional_level,
- $password, $kdc_ipv4);
+ $password, $kdc_ipv4, $use_ntvfs);
$ctx->{share} = "$ctx->{prefix_abs}/share";
push(@{$ctx->{directories}}, "$ctx->{share}");
@@ -841,7 +843,7 @@ sub provision_member($$$)
"2008",
"locMEMpass3",
$dcvars->{SERVER_IP},
- "", "");
+ "", "", 1);
unless ($ret) {
return undef;
}
@@ -906,7 +908,7 @@ sub provision_rpc_proxy($$$)
"2008",
"locRPCproxypass4",
$dcvars->{SERVER_IP},
- $extra_smbconf_options, "");
+ $extra_smbconf_options, "", 1);
unless ($ret) {
return undef;
@@ -978,7 +980,7 @@ sub provision_promoted_vampire_dc($$$)
"samba.example.com",
"2008",
$dcvars->{PASSWORD},
- $dcvars->{SERVER_IP});
+ $dcvars->{SERVER_IP}, 1);
$ctx->{smb_conf_extra_options} = "
max xmit = 32K
@@ -1050,7 +1052,7 @@ sub provision_vampire_dc($$$)
"samba.example.com",
"2008",
$dcvars->{PASSWORD},
- $dcvars->{SERVER_IP});
+ $dcvars->{SERVER_IP}, 1);
$ctx->{smb_conf_extra_options} = "
max xmit = 32K
@@ -1109,7 +1111,7 @@ sub provision_subdom_dc($$$)
"sub.samba.example.com",
"2008",
$dcvars->{PASSWORD},
- undef);
+ undef, 1);
$ctx->{smb_conf_extra_options} = "
max xmit = 32K
@@ -1174,7 +1176,7 @@ allow dns updates = True";
"samba.example.com",
"2008",
"locDCpass1",
- undef, $extra_conf_options, "");
+ undef, $extra_conf_options, "", 1);
return undef unless(defined $ret);
unless($self->add_wins_config("$prefix/private")) {
@@ -1203,7 +1205,7 @@ sub provision_fl2000dc($$)
"samba2000.example.com",
"2000",
"locDCpass5",
- undef, "");
+ undef, "", 1);
unless($self->add_wins_config("$prefix/private")) {
warn("Unable to add wins configuration");
@@ -1225,7 +1227,7 @@ sub provision_fl2003dc($$)
"samba2003.example.com",
"2003",
"locDCpass6",
- undef, "", "");
+ undef, "", "", 1);
unless($self->add_wins_config("$prefix/private")) {
warn("Unable to add wins configuration");
@@ -1247,7 +1249,7 @@ sub provision_fl2008r2dc($$)
"samba2008R2.example.com",
"2008_R2",
"locDCpass7",
- undef, "", "");
+ undef, "", "", 1);
unless ($self->add_wins_config("$prefix/private")) {
warn("Unable to add wins configuration");
@@ -1270,7 +1272,7 @@ sub provision_rodc($$$)
"samba.example.com",
"2008",
$dcvars->{PASSWORD},
- $dcvars->{SERVER_IP});
+ $dcvars->{SERVER_IP}, 1);
unless ($ctx) {
return undef;
}
@@ -1411,7 +1413,7 @@ sub provision_plugin_s4_dc($$)
"2008",
"locDCpass1",
undef, $extra_smbconf_options,
- $extra_smbconf_shares);
+ $extra_smbconf_shares, 0);
return undef unless(defined $ret);
unless($self->add_wins_config("$prefix/private")) {
@@ -1440,7 +1442,7 @@ sub provision_chgdcpass($$)
"chgdcpassword.samba.example.com",
"2008",
"chgDCpass1",
- undef);
+ undef, 1);
return undef unless(defined $ret);
unless($self->add_wins_config("$prefix/private")) {
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index 36e113e..c0debed 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -150,8 +150,6 @@ static int xattr_tdb_setxattr(struct vfs_handle_struct *handle,
TALLOC_FREE(frame); return -1;
});
- SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
-
ret = xattr_tdb_get_file_id(handle, path, &id);
if (ret == -1) {
TALLOC_FREE(frame);
@@ -207,8 +205,6 @@ static ssize_t xattr_tdb_listxattr(struct vfs_handle_struct *handle,
TALLOC_FREE(frame); return -1;
});
- SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
-
ret = xattr_tdb_get_file_id(handle, path, &id);
if (ret == -1) {
TALLOC_FREE(frame);
@@ -263,8 +259,6 @@ static int xattr_tdb_removexattr(struct vfs_handle_struct *handle,
TALLOC_FREE(frame); return -1;
});
- SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, TALLOC_FREE(frame); return -1);
-
ret = xattr_tdb_get_file_id(handle, path, &id);
if (ret == -1) {
TALLOC_FREE(frame);
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 8fca4e7..6456797 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -398,7 +398,7 @@ static PyObject *py_smbd_set_sys_acl(PyObject *self, PyObject *args)
if (!PyArg_ParseTuple(args, "siO", &fname, &acl_type, &py_acl))
return NULL;
- if (!py_check_dcerpc_type(py_acl, "samba.dcerpc.smb_acl", "sys_acl_t")) {
+ if (!py_check_dcerpc_type(py_acl, "samba.dcerpc.smb_acl", "t")) {
return NULL;
}
@@ -460,7 +460,7 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args)
talloc_steal(frame, acl);
conn_free(conn);
- py_acl = py_return_ndr_struct("samba.dcerpc.smb_acl", "sys_acl_t", acl, acl);
+ py_acl = py_return_ndr_struct("samba.dcerpc.smb_acl", "t", acl, acl);
TALLOC_FREE(frame);
diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c
index 39229f4..99e239e 100644
--- a/source4/dsdb/pydsdb.c
+++ b/source4/dsdb/pydsdb.c
@@ -681,8 +681,7 @@ static PyObject *py_dsdb_normalise_attributes(PyObject *self, PyObject *args)
/* Normalise "objectClass" attribute if needed */
if (ldb_attr_cmp(a->lDAPDisplayName, "objectClass") == 0) {
int iret;
- iret = dsdb_sort_objectClass_attr(ldb, schema, tmp_ctx, el,
- tmp_ctx, el);
+ iret = dsdb_sort_objectClass_attr(ldb, schema, el, tmp_ctx, el);
if (iret != LDB_SUCCESS) {
PyErr_SetString(PyExc_RuntimeError, ldb_errstring(ldb));
talloc_free(tmp_ctx);
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 7d34b4e..0743600 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -383,7 +383,6 @@ static int objectclass_do_add(struct oc_context *ac)
struct ldb_request *add_req;
struct ldb_message_element *objectclass_element, *el;
struct ldb_message *msg;
- TALLOC_CTX *mem_ctx;
const char *rdn_name = NULL;
char *value;
const struct dsdb_class *objectclass;
@@ -448,22 +447,14 @@ static int objectclass_do_add(struct oc_context *ac)
return LDB_ERR_CONSTRAINT_VIOLATION;
}
- mem_ctx = talloc_new(ac);
- if (mem_ctx == NULL) {
- return ldb_module_oom(ac->module);
- }
-
/* Now do the sorting */
- ret = dsdb_sort_objectClass_attr(ldb, ac->schema, mem_ctx,
+ ret = dsdb_sort_objectClass_attr(ldb, ac->schema,
objectclass_element, msg,
objectclass_element);
if (ret != LDB_SUCCESS) {
- talloc_free(mem_ctx);
return ret;
}
- talloc_free(mem_ctx);
-
/*
* Get the new top-most structural object class and check for
* unrelated structural classes
@@ -823,7 +814,6 @@ static int objectclass_do_mod(struct oc_context *ac)
struct ldb_message_element *oc_el_entry, *oc_el_change;
struct ldb_val *vals;
struct ldb_message *msg;
- TALLOC_CTX *mem_ctx;
const struct dsdb_class *objectclass;
unsigned int i, j, k;
bool found;
@@ -851,11 +841,6 @@ static int objectclass_do_mod(struct oc_context *ac)
msg->dn = ac->req->op.mod.message->dn;
- mem_ctx = talloc_new(ac);
- if (mem_ctx == NULL) {
- return ldb_module_oom(ac->module);
- }
-
/* We've to walk over all "objectClass" message elements */
for (k = 0; k < ac->req->op.mod.message->num_elements; k++) {
if (ldb_attr_cmp(ac->req->op.mod.message->elements[k].name,
@@ -876,7 +861,6 @@ static int objectclass_do_mod(struct oc_context *ac)
"objectclass: cannot re-add an existing objectclass: '%.*s'!",
(int)oc_el_change->values[i].length,
(const char *)oc_el_change->values[i].data);
- talloc_free(mem_ctx);
return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
}
}
@@ -886,7 +870,6 @@ static int objectclass_do_mod(struct oc_context *ac)
struct ldb_val,
oc_el_entry->num_values + 1);
if (vals == NULL) {
- talloc_free(mem_ctx);
return ldb_module_oom(ac->module);
}
oc_el_entry->values = vals;
@@ -933,7 +916,6 @@ static int objectclass_do_mod(struct oc_context *ac)
"objectclass: cannot delete this objectclass: '%.*s'!",
(int)oc_el_change->values[i].length,
(const char *)oc_el_change->values[i].data);
- talloc_free(mem_ctx);
return LDB_ERR_NO_SUCH_ATTRIBUTE;
}
}
@@ -942,10 +924,9 @@ static int objectclass_do_mod(struct oc_context *ac)
}
/* Now do the sorting */
- ret = dsdb_sort_objectClass_attr(ldb, ac->schema, mem_ctx,
- oc_el_entry, msg, oc_el_entry);
+ ret = dsdb_sort_objectClass_attr(ldb, ac->schema, oc_el_entry,
+ msg, oc_el_entry);
if (ret != LDB_SUCCESS) {
- talloc_free(mem_ctx);
return ret;
}
@@ -958,7 +939,6 @@ static int objectclass_do_mod(struct oc_context *ac)
if (objectclass == NULL) {
ldb_set_errstring(ldb,
"objectclass: cannot delete all structural objectclasses!");
- talloc_free(mem_ctx);
return LDB_ERR_OBJECT_CLASS_VIOLATION;
}
@@ -967,13 +947,10 @@ static int objectclass_do_mod(struct oc_context *ac)
objectclass,
oc_el_entry);
if (ret != LDB_SUCCESS) {
- talloc_free(mem_ctx);
return ret;
}
}
- talloc_free(mem_ctx);
-
/* Now add the new object class attribute to the change message */
ret = ldb_msg_add(msg, oc_el_entry, LDB_FLAG_MOD_REPLACE);
if (ret != LDB_SUCCESS) {
diff --git a/source4/dsdb/samdb/ldb_modules/proxy.c b/source4/dsdb/samdb/ldb_modules/proxy.c
index 5f6e56f..c3f12ba 100644
--- a/source4/dsdb/samdb/ldb_modules/proxy.c
+++ b/source4/dsdb/samdb/ldb_modules/proxy.c
@@ -339,6 +339,9 @@ static int proxy_search_bytree(struct ldb_module *module, struct ldb_request *re
#endif
newtree = proxy_convert_tree(ac, proxy, req->op.search.tree);
+ if (newtree == NULL) {
+ goto failed;
+ }
/* convert the basedn of this search */
base = ldb_dn_copy(ac, req->op.search.base);
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index bb30605..da9c966 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -1734,7 +1734,7 @@ static int samldb_sam_accountname_check(struct samldb_ctx *ac)
static int samldb_member_check(struct samldb_ctx *ac)
{
- const char * const attrs[] = { "objectSid", "member", NULL };
+ const char * const attrs[] = { "objectSid", NULL };
struct ldb_context *ldb = ldb_module_get_ctx(ac->module);
struct ldb_message_element *el;
struct ldb_dn *member_dn;
diff --git a/source4/dsdb/schema/schema_query.c b/source4/dsdb/schema/schema_query.c
index d16711a..013878d 100644
--- a/source4/dsdb/schema/schema_query.c
+++ b/source4/dsdb/schema/schema_query.c
@@ -451,14 +451,12 @@ const struct GUID *attribute_schemaid_guid_by_lDAPDisplayName(const struct dsdb_
* into correct order and validate that all object classes specified actually
* exist in the schema.
* The output is written in an existing LDB message element
--
Samba Shared Repository
More information about the samba-cvs
mailing list