[SCM] Samba Shared Repository - branch master updated

Andrew Bartlett abartlet at samba.org
Tue Aug 21 19:09:05 MDT 2012


The branch, master has been updated
       via  1219eaf s4-python: Complete python bindings for idmap.idl
       via  125e93c s3-pysmbd: Correct the python type for smb_acl_t
       via  10267f1 s4-python: complete python bindigns for smb_acls.idl
       via  450fcd7 s3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA
       via  2b40446 selftest: Pass --use-ntvfs to provison in renamedc test
       via  9170f9c selftest: Specify --use-ntvfs to provision in test scripts
       via  97b1379 s4-classicupgrade: Add --use-ntvfs option
       via  b5c2747 s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire
       via  c4b9c3a s4:samldb LDB module - remove unused "member" attribute from search filter
       via  32cd618 LDB:ldb_tdb.c - deny multi-valued attributes manipulation with doublets
       via  cb63b34 LDB:ldbsearch - add search filter tests
       via  6a8c697 LDB:ldbsearch - search filters do not only contain "="
       via  c8bfb8e s4:dsdb - always fail if a search filter could not be parsed
       via  536c082 LDB:ldif_handlers.c - LDB_OP_GREATER/LDB_OP_LESS are thought as ">=" or "<="
       via  5f8006c s4:dsdb_sort_objectClass_attr - simplify memory context handling
       via  166a7d3 s4:dsdb_sort_objectClass_attr - use "data_blob_string_const" for setting values
      from  db075b0 libcli: fix value of NT_STATUS_FILE_NOT_AVAILABLE

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 1219eaffbe60ea875306f84d3ce7965ce4ae6384
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Aug 21 23:21:41 2012 +1000

    s4-python: Complete python bindings for idmap.idl
    
    Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
    Autobuild-Date(master): Wed Aug 22 03:08:51 CEST 2012 on sn-devel-104

commit 125e93cdde0798f306cd8a5778ecbf985aa63d3e
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Aug 21 22:41:13 2012 +1000

    s3-pysmbd: Correct the python type for smb_acl_t
    
    The t is weird, but the python bindings trim the traditional IDL name
    prefix of each element, as it is usually rudundent.
    
    Andrew Bartlett

commit 10267f153c590838d2440e71b535e55874d82d9c
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Aug 21 22:40:12 2012 +1000

    s4-python: complete python bindigns for smb_acls.idl

commit 450fcd79c795698c33ef2e0e4e85460128ba7bfd
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Aug 21 21:22:31 2012 +1000

    s3-vfs: Remove extra calls to SMB_VFS_HANDLE_GET_DATA
    
    Found by the talloc_stackframe() out of order checker!
    
    Andrew Bartlett

commit 2b404462f5b055843ecc7af27bfd05d5d11d09e4
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Wed Aug 22 07:25:59 2012 +1000

    selftest: Pass --use-ntvfs to provison in renamedc test
    
    Also fix test prefix to match the test
    
    Andrew Bartlett

commit 9170f9ce95583f30d108d4a2d23b05f246a3514c
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Aug 21 20:04:16 2012 +1000

    selftest: Specify --use-ntvfs to provision in test scripts
    
    Because these run as non-root, we need to avoid doing things that will
    fail during the provision.  The main test of the s3fs provision is the
    plugin_s4_dc environment with a smb.conf that specifies vfs_fake_acls.
    
    Andrew Bartlett

commit 97b13799ce4786f03602fba8eb6ad5da7023bb5c
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Wed Aug 22 06:58:19 2012 +1000

    s4-classicupgrade: Add --use-ntvfs option
    
    This is an odd option, but is needed because I wish to add assertions about
    ACL setting that will not work in make test without the vfs_fake_acls module
    loaded.
    
    Andrew Bartlett

commit b5c2747cad0f9bbb69cceb4b90aab20546a5cf66
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Aug 21 19:58:18 2012 +1000

    s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire
    
    None of these cases need the complexity of the s3fs backend.
    
    Andrew Bartlett

commit c4b9c3aba8a448812d401fc28ad65ac818af5b04
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Fri May 11 11:53:46 2012 +0200

    s4:samldb LDB module - remove unused "member" attribute from search filter
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>

commit 32cd618e6c0d44e0f64409ceda8451cc4665e625
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Thu May 10 16:18:37 2012 +0200

    LDB:ldb_tdb.c - deny multi-valued attributes manipulation with doublets
    
    This refers to LDB add operations as well, we have only to be careful on
    "@ATTRIBUTES" entries.
    
    E.g.
    
    dn: cn=testperson,cn=users,dc=...,dc=...
    objectClass: person
    url: www.example.com
    url: www.example.com
    
    should not work.
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>

commit cb63b34b053119fcab093e95f555840afa9cfdcf
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Thu May 10 10:11:51 2012 +0200

    LDB:ldbsearch - add search filter tests
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>

commit 6a8c6979544594f9fadec768392888793e7eb74f
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Fri May 4 11:59:22 2012 +0200

    LDB:ldbsearch - search filters do not only contain "="
    
    Also "<=", ">=", "~"... are allowed as well. Enumeration taken from
    ldb_parse_filtertype().
    This was the cause of not identifying the search filter as described in bug
    https://bugzilla.samba.org/show_bug.cgi?id=8647.
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>

commit c8bfb8eb094e5bb80de8f5fa991910954d47b351
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Fri May 4 11:42:14 2012 +0200

    s4:dsdb - always fail if a search filter could not be parsed
    
    A NULL string/expression returns the generic "(objectClass=*)" filter
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>

commit 536c082505fea55eb12056791e170c8cf80b36cb
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Fri May 4 11:41:03 2012 +0200

    LDB:ldif_handlers.c - LDB_OP_GREATER/LDB_OP_LESS are thought as ">=" or "<="
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>

commit 5f8006cb64c6537f3004e91319d071a603e4468e
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Fri May 4 08:51:41 2012 +0200

    s4:dsdb_sort_objectClass_attr - simplify memory context handling
    
    Do only require the out memory context and build the temporary one in
    the body of the function. This greatly simplifies the callers.
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>

commit 166a7d37f7bfc7b22163e1d38a0bb0e47c2f6622
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Fri May 4 08:46:29 2012 +0200

    s4:dsdb_sort_objectClass_attr - use "data_blob_string_const" for setting values
    
    As shown in commit c8e6d8b487 this looks easier and in any case we can
    treat schema context data like global data.
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/ldb-samba/ldif_handlers.c                      |    4 +-
 lib/ldb/common/ldb_parse.c                         |    2 +-
 lib/ldb/ldb_tdb/ldb_tdb.c                          |   19 +++++++++-
 lib/ldb/tests/test-generic.sh                      |    2 +
 lib/ldb/tools/ldbsearch.c                          |    2 +-
 librpc/wscript_build                               |   10 +++++
 selftest/target/Samba4.pm                          |   38 ++++++++++---------
 source3/modules/vfs_xattr_tdb.c                    |    6 ---
 source3/smbd/pysmbd.c                              |    4 +-
 source4/dsdb/pydsdb.c                              |    3 +-
 source4/dsdb/samdb/ldb_modules/objectclass.c       |   29 ++-------------
 source4/dsdb/samdb/ldb_modules/proxy.c             |    3 ++
 source4/dsdb/samdb/ldb_modules/samldb.c            |    2 +-
 source4/dsdb/schema/schema_query.c                 |   35 ++++++++++--------
 source4/libcli/ldap/ldap_ildap.c                   |    6 +++-
 source4/libnet/libnet_vampire.c                    |    2 +-
 source4/librpc/wscript_build                       |   12 ++++++
 source4/param/provision.c                          |    2 +
 source4/param/provision.h                          |    1 +
 source4/scripting/python/samba/netcmd/domain.py    |    6 ++-
 .../scripting/python/samba/provision/__init__.py   |    4 +-
 source4/scripting/python/samba/upgrade.py          |    6 ++-
 source4/setup/tests/blackbox_provision.sh          |   18 +++++-----
 source4/setup/tests/blackbox_s3upgrade.sh          |    6 ++--
 source4/setup/tests/blackbox_setpassword.sh        |    2 +-
 source4/setup/tests/blackbox_upgradeprovision.sh   |    4 +-
 source4/torture/local/torture.c                    |    1 +
 testprogs/blackbox/renamedc.sh                     |   10 +++---
 28 files changed, 136 insertions(+), 103 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/ldb-samba/ldif_handlers.c b/lib/ldb-samba/ldif_handlers.c
index af66623..1cf7df7 100644
--- a/lib/ldb-samba/ldif_handlers.c
+++ b/lib/ldb-samba/ldif_handlers.c
@@ -1139,9 +1139,9 @@ static int samba_syntax_operator_fn(struct ldb_context *ldb, enum ldb_parse_op o
 		ret = a->syntax->comparison_fn(ldb, tmp_ctx, v1, v2);
 		talloc_free(tmp_ctx);
 		if (operation == LDB_OP_GREATER) {
-			*matched = (ret > 0);
+			*matched = (ret >= 0);
 		} else if (operation == LDB_OP_LESS) {
-			*matched = (ret < 0);
+			*matched = (ret <= 0);
 		} else {
 			*matched = (ret == 0);
 		}
diff --git a/lib/ldb/common/ldb_parse.c b/lib/ldb/common/ldb_parse.c
index 47145a2..cfa2959 100644
--- a/lib/ldb/common/ldb_parse.c
+++ b/lib/ldb/common/ldb_parse.c
@@ -343,7 +343,7 @@ static enum ldb_parse_op ldb_parse_filtertype(TALLOC_CTX *mem_ctx, char **type,
 	}
 	if (!filter) {
 		talloc_free(name);
-		return filter;
+		return 0;
 	}
 	p++;
 
diff --git a/lib/ldb/ldb_tdb/ldb_tdb.c b/lib/ldb/ldb_tdb/ldb_tdb.c
index cc1586d..3c18150 100644
--- a/lib/ldb/ldb_tdb/ldb_tdb.c
+++ b/lib/ldb/ldb_tdb/ldb_tdb.c
@@ -318,7 +318,7 @@ static int ltdb_add_internal(struct ldb_module *module,
 {
 	struct ldb_context *ldb = ldb_module_get_ctx(module);
 	int ret = LDB_SUCCESS;
-	unsigned int i;
+	unsigned int i, j;
 
 	for (i=0;i<msg->num_elements;i++) {
 		struct ldb_message_element *el = &msg->elements[i];
@@ -336,6 +336,22 @@ static int ltdb_add_internal(struct ldb_module *module,
 					       el->name, ldb_dn_get_linearized(msg->dn));
 			return LDB_ERR_CONSTRAINT_VIOLATION;
 		}
+
+		/* Do not check "@ATTRIBUTES" for duplicated values */
+		if (ldb_dn_is_special(msg->dn) &&
+		    ldb_dn_check_special(msg->dn, LTDB_ATTRIBUTES)) {
+			continue;
+		}
+
+		/* TODO: This is O(n^2) - replace with more efficient check */
+		for (j=0; j<el->num_values; j++) {
+			if (ldb_msg_find_val(el, &el->values[j]) != &el->values[j]) {
+				ldb_asprintf_errstring(ldb,
+						       "attribute '%s': value #%u on '%s' provided more than once",
+						       el->name, j, ldb_dn_get_linearized(msg->dn));
+				return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
+			}
+		}
 	}
 
 	ret = ltdb_store(module, msg, TDB_INSERT);
@@ -761,6 +777,7 @@ int ltdb_modify_internal(struct ldb_module *module,
 
 				/* Check that values don't exist yet on multi-
 				   valued attributes or aren't provided twice */
+				/* TODO: This is O(n^2) - replace with more efficient check */
 				for (j = 0; j < el->num_values; j++) {
 					if (ldb_msg_find_val(el2, &el->values[j]) != NULL) {
 						if (control_permissive) {
diff --git a/lib/ldb/tests/test-generic.sh b/lib/ldb/tests/test-generic.sh
index 69f901b..e1f8e79 100755
--- a/lib/ldb/tests/test-generic.sh
+++ b/lib/ldb/tests/test-generic.sh
@@ -123,12 +123,14 @@ if [ $count != 2 ]; then
     echo returned $count records - expected 2
     echo "this fails on openLdap ..."
 fi
+$VALGRIND ldbsearch '(cn>t)' cn && exit 1 # strictly greater should not work
 
 count=`$VALGRIND ldbsearch '(cn<=t)' cn | grep '^dn' | wc -l`
 if [ $count != 13 ]; then
     echo returned $count records - expected 13
     echo "this fails on openLdap ..."
 fi
+$VALGRIND ldbsearch '(cn<t)' cn && exit 1 # strictly less should not work
 
 checkcount() {
     count=$1
diff --git a/lib/ldb/tools/ldbsearch.c b/lib/ldb/tools/ldbsearch.c
index 2da7072..a030a5a 100644
--- a/lib/ldb/tools/ldbsearch.c
+++ b/lib/ldb/tools/ldbsearch.c
@@ -305,7 +305,7 @@ int main(int argc, const char **argv)
 	/* the check for '=' is for compatibility with ldapsearch */
 	if (!options->interactive &&
 	    options->argc > 0 && 
-	    strchr(options->argv[0], '=')) {
+	    strpbrk(options->argv[0], "=<>~:")) {
 		expression = options->argv[0];
 		options->argv++;
 		options->argc--;
diff --git a/librpc/wscript_build b/librpc/wscript_build
index 8dbbe2d..ee8483b 100644
--- a/librpc/wscript_build
+++ b/librpc/wscript_build
@@ -377,6 +377,16 @@ bld.SAMBA_SUBSYSTEM('RPC_NDR_XATTR',
     public_deps='NDR_XATTR dcerpc-binding'
     )
 
+bld.SAMBA_SUBSYSTEM('RPC_NDR_IDMAP',
+    source='gen_ndr/ndr_idmap_c.c',
+    public_deps='NDR_IDMAP dcerpc-binding'
+    )
+
+bld.SAMBA_SUBSYSTEM('RPC_NDR_SMB_ACL',
+    source='gen_ndr/ndr_smb_acl_c.c',
+    public_deps='NDR_SMB_ACL dcerpc-binding'
+    )
+
 bld.SAMBA_SUBSYSTEM('RPC_NDR_ROT',
     source='gen_ndr/ndr_rot_c.c',
     public_deps='NDR_ROT dcerpc-binding'
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 17f3a32..b8d245c 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -420,11 +420,11 @@ Wfz/8alZ5aMezCQzXJyIaJsCLeKABosSwHcpAFmxlQ==
 EOF
 }
 
-sub provision_raw_prepare($$$$$$$$$)
+sub provision_raw_prepare($$$$$$$$$$)
 {
 	my ($self, $prefix, $server_role, $hostname,
 	    $domain, $realm, $functional_level,
-	    $password, $kdc_ipv4) = @_;
+	    $password, $kdc_ipv4, $use_ntvfs) = @_;
 	my $ctx;
 	my $netbiosname = uc($hostname);
 
@@ -534,7 +534,9 @@ sub provision_raw_prepare($$$$$$$$$)
 	push (@provision_options, "--server-role=\"$ctx->{server_role}\"");
 	push (@provision_options, "--function-level=\"$ctx->{functional_level}\"");
 	push (@provision_options, "--dns-backend=BIND9_DLZ");
-	push (@provision_options, "--use-ntvfs");
+	if ($use_ntvfs) {
+	    push (@provision_options, "--use-ntvfs");
+	}
 
 	@{$ctx->{provision_options}} = @provision_options;
 
@@ -698,16 +700,16 @@ sub provision_raw_step2($$$)
 	return $ret;
 }
 
-sub provision($$$$$$$$)
+sub provision($$$$$$$$$)
 {
 	my ($self, $prefix, $server_role, $hostname,
 	    $domain, $realm, $functional_level,
-	    $password, $kdc_ipv4, $extra_smbconf_options, $extra_smbconf_shares) = @_;
+	    $password, $kdc_ipv4, $extra_smbconf_options, $extra_smbconf_shares, $use_ntvfs) = @_;
 
 	my $ctx = $self->provision_raw_prepare($prefix, $server_role,
 					       $hostname,
 					       $domain, $realm, $functional_level,
-					       $password, $kdc_ipv4);
+					       $password, $kdc_ipv4, $use_ntvfs);
 
 	$ctx->{share} = "$ctx->{prefix_abs}/share";
 	push(@{$ctx->{directories}}, "$ctx->{share}");
@@ -841,7 +843,7 @@ sub provision_member($$$)
 				   "2008",
 				   "locMEMpass3",
 				   $dcvars->{SERVER_IP},
-				   "", "");
+				   "", "", 1);
 	unless ($ret) {
 		return undef;
 	}
@@ -906,7 +908,7 @@ sub provision_rpc_proxy($$$)
 				   "2008",
 				   "locRPCproxypass4",
 				   $dcvars->{SERVER_IP},
-				   $extra_smbconf_options, "");
+				   $extra_smbconf_options, "", 1);
 
 	unless ($ret) {
 		return undef;
@@ -978,7 +980,7 @@ sub provision_promoted_vampire_dc($$$)
 					       "samba.example.com",
 					       "2008",
 					       $dcvars->{PASSWORD},
-					       $dcvars->{SERVER_IP});
+					       $dcvars->{SERVER_IP}, 1);
 
 	$ctx->{smb_conf_extra_options} = "
 	max xmit = 32K
@@ -1050,7 +1052,7 @@ sub provision_vampire_dc($$$)
 					       "samba.example.com",
 					       "2008",
 					       $dcvars->{PASSWORD},
-					       $dcvars->{SERVER_IP});
+					       $dcvars->{SERVER_IP}, 1);
 
 	$ctx->{smb_conf_extra_options} = "
 	max xmit = 32K
@@ -1109,7 +1111,7 @@ sub provision_subdom_dc($$$)
 					       "sub.samba.example.com",
 					       "2008",
 					       $dcvars->{PASSWORD},
-					       undef);
+					       undef, 1);
 
 	$ctx->{smb_conf_extra_options} = "
 	max xmit = 32K
@@ -1174,7 +1176,7 @@ allow dns updates = True";
 				   "samba.example.com",
 				   "2008",
 				   "locDCpass1",
-				   undef, $extra_conf_options, "");
+				   undef, $extra_conf_options, "", 1);
 
 	return undef unless(defined $ret);
 	unless($self->add_wins_config("$prefix/private")) {
@@ -1203,7 +1205,7 @@ sub provision_fl2000dc($$)
 				   "samba2000.example.com",
 				   "2000",
 				   "locDCpass5",
-				   undef, "");
+				   undef, "", 1);
 
 	unless($self->add_wins_config("$prefix/private")) {
 		warn("Unable to add wins configuration");
@@ -1225,7 +1227,7 @@ sub provision_fl2003dc($$)
 				   "samba2003.example.com",
 				   "2003",
 				   "locDCpass6",
-				   undef, "", "");
+				   undef, "", "", 1);
 
 	unless($self->add_wins_config("$prefix/private")) {
 		warn("Unable to add wins configuration");
@@ -1247,7 +1249,7 @@ sub provision_fl2008r2dc($$)
 				   "samba2008R2.example.com",
 				   "2008_R2",
 				   "locDCpass7",
-				   undef, "", "");
+				   undef, "", "", 1);
 
 	unless ($self->add_wins_config("$prefix/private")) {
 		warn("Unable to add wins configuration");
@@ -1270,7 +1272,7 @@ sub provision_rodc($$$)
 					       "samba.example.com",
 					       "2008",
 					       $dcvars->{PASSWORD},
-					       $dcvars->{SERVER_IP});
+					       $dcvars->{SERVER_IP}, 1);
 	unless ($ctx) {
 		return undef;
 	}
@@ -1411,7 +1413,7 @@ sub provision_plugin_s4_dc($$)
 				   "2008",
 				   "locDCpass1",
 				   undef, $extra_smbconf_options,
-                                   $extra_smbconf_shares);
+                                   $extra_smbconf_shares, 0);
 
 	return undef unless(defined $ret);
 	unless($self->add_wins_config("$prefix/private")) {
@@ -1440,7 +1442,7 @@ sub provision_chgdcpass($$)
 				   "chgdcpassword.samba.example.com",
 				   "2008",
 				   "chgDCpass1",
-				   undef);
+				   undef, 1);
 
 	return undef unless(defined $ret);
 	unless($self->add_wins_config("$prefix/private")) {
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index 36e113e..c0debed 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -150,8 +150,6 @@ static int xattr_tdb_setxattr(struct vfs_handle_struct *handle,
 					TALLOC_FREE(frame); return -1;
 				});
 
-	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
-
 	ret = xattr_tdb_get_file_id(handle, path, &id);
 	if (ret == -1) {
 		TALLOC_FREE(frame);
@@ -207,8 +205,6 @@ static ssize_t xattr_tdb_listxattr(struct vfs_handle_struct *handle,
 					TALLOC_FREE(frame); return -1;
 				});
 
-	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
-
 	ret = xattr_tdb_get_file_id(handle, path, &id);
 	if (ret == -1) {
 		TALLOC_FREE(frame);
@@ -263,8 +259,6 @@ static int xattr_tdb_removexattr(struct vfs_handle_struct *handle,
 					TALLOC_FREE(frame); return -1;
 				});
 
-	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, TALLOC_FREE(frame); return -1);
-
 	ret = xattr_tdb_get_file_id(handle, path, &id);
 	if (ret == -1) {
 		TALLOC_FREE(frame);
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 8fca4e7..6456797 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -398,7 +398,7 @@ static PyObject *py_smbd_set_sys_acl(PyObject *self, PyObject *args)
 	if (!PyArg_ParseTuple(args, "siO", &fname, &acl_type, &py_acl))
 		return NULL;
 
-	if (!py_check_dcerpc_type(py_acl, "samba.dcerpc.smb_acl", "sys_acl_t")) {
+	if (!py_check_dcerpc_type(py_acl, "samba.dcerpc.smb_acl", "t")) {
 		return NULL;
 	}
 
@@ -460,7 +460,7 @@ static PyObject *py_smbd_get_sys_acl(PyObject *self, PyObject *args)
 	talloc_steal(frame, acl);
 	conn_free(conn);
 
-	py_acl = py_return_ndr_struct("samba.dcerpc.smb_acl", "sys_acl_t", acl, acl);
+	py_acl = py_return_ndr_struct("samba.dcerpc.smb_acl", "t", acl, acl);
 
 	TALLOC_FREE(frame);
 
diff --git a/source4/dsdb/pydsdb.c b/source4/dsdb/pydsdb.c
index 39229f4..99e239e 100644
--- a/source4/dsdb/pydsdb.c
+++ b/source4/dsdb/pydsdb.c
@@ -681,8 +681,7 @@ static PyObject *py_dsdb_normalise_attributes(PyObject *self, PyObject *args)
 	/* Normalise "objectClass" attribute if needed */
 	if (ldb_attr_cmp(a->lDAPDisplayName, "objectClass") == 0) {
 		int iret;
-		iret = dsdb_sort_objectClass_attr(ldb, schema, tmp_ctx, el,
-						 tmp_ctx, el);
+		iret = dsdb_sort_objectClass_attr(ldb, schema, el, tmp_ctx, el);
 		if (iret != LDB_SUCCESS) {
 			PyErr_SetString(PyExc_RuntimeError, ldb_errstring(ldb));
 			talloc_free(tmp_ctx);
diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index 7d34b4e..0743600 100644
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -383,7 +383,6 @@ static int objectclass_do_add(struct oc_context *ac)
 	struct ldb_request *add_req;
 	struct ldb_message_element *objectclass_element, *el;
 	struct ldb_message *msg;
-	TALLOC_CTX *mem_ctx;
 	const char *rdn_name = NULL;
 	char *value;
 	const struct dsdb_class *objectclass;
@@ -448,22 +447,14 @@ static int objectclass_do_add(struct oc_context *ac)
 			return LDB_ERR_CONSTRAINT_VIOLATION;
 		}
 
-		mem_ctx = talloc_new(ac);
-		if (mem_ctx == NULL) {
-			return ldb_module_oom(ac->module);
-		}
-
 		/* Now do the sorting */
-		ret = dsdb_sort_objectClass_attr(ldb, ac->schema, mem_ctx,
+		ret = dsdb_sort_objectClass_attr(ldb, ac->schema,
 						 objectclass_element, msg,
 						 objectclass_element);
 		if (ret != LDB_SUCCESS) {
-			talloc_free(mem_ctx);
 			return ret;
 		}
 
-		talloc_free(mem_ctx);
-
 		/*
 		 * Get the new top-most structural object class and check for
 		 * unrelated structural classes
@@ -823,7 +814,6 @@ static int objectclass_do_mod(struct oc_context *ac)
 	struct ldb_message_element *oc_el_entry, *oc_el_change;
 	struct ldb_val *vals;
 	struct ldb_message *msg;
-	TALLOC_CTX *mem_ctx;
 	const struct dsdb_class *objectclass;
 	unsigned int i, j, k;
 	bool found;
@@ -851,11 +841,6 @@ static int objectclass_do_mod(struct oc_context *ac)
 
 	msg->dn = ac->req->op.mod.message->dn;
 
-	mem_ctx = talloc_new(ac);
-	if (mem_ctx == NULL) {
-		return ldb_module_oom(ac->module);
-	}
-
 	/* We've to walk over all "objectClass" message elements */
 	for (k = 0; k < ac->req->op.mod.message->num_elements; k++) {
 		if (ldb_attr_cmp(ac->req->op.mod.message->elements[k].name,
@@ -876,7 +861,6 @@ static int objectclass_do_mod(struct oc_context *ac)
 								       "objectclass: cannot re-add an existing objectclass: '%.*s'!",
 								       (int)oc_el_change->values[i].length,
 								       (const char *)oc_el_change->values[i].data);
-						talloc_free(mem_ctx);
 						return LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS;
 					}
 				}
@@ -886,7 +870,6 @@ static int objectclass_do_mod(struct oc_context *ac)
 						      struct ldb_val,
 						      oc_el_entry->num_values + 1);
 				if (vals == NULL) {
-					talloc_free(mem_ctx);
 					return ldb_module_oom(ac->module);
 				}
 				oc_el_entry->values = vals;
@@ -933,7 +916,6 @@ static int objectclass_do_mod(struct oc_context *ac)
 							       "objectclass: cannot delete this objectclass: '%.*s'!",
 							       (int)oc_el_change->values[i].length,
 							       (const char *)oc_el_change->values[i].data);
-					talloc_free(mem_ctx);
 					return LDB_ERR_NO_SUCH_ATTRIBUTE;
 				}
 			}
@@ -942,10 +924,9 @@ static int objectclass_do_mod(struct oc_context *ac)
 		}
 
 		/* Now do the sorting */
-		ret = dsdb_sort_objectClass_attr(ldb, ac->schema, mem_ctx,
-						 oc_el_entry, msg, oc_el_entry);
+		ret = dsdb_sort_objectClass_attr(ldb, ac->schema, oc_el_entry,
+						 msg, oc_el_entry);
 		if (ret != LDB_SUCCESS) {
-			talloc_free(mem_ctx);
 			return ret;
 		}
 
@@ -958,7 +939,6 @@ static int objectclass_do_mod(struct oc_context *ac)
 		if (objectclass == NULL) {
 			ldb_set_errstring(ldb,
 					  "objectclass: cannot delete all structural objectclasses!");
-			talloc_free(mem_ctx);
 			return LDB_ERR_OBJECT_CLASS_VIOLATION;
 		}
 
@@ -967,13 +947,10 @@ static int objectclass_do_mod(struct oc_context *ac)
 						    objectclass,
 						    oc_el_entry);
 		if (ret != LDB_SUCCESS) {
-			talloc_free(mem_ctx);
 			return ret;
 		}
 	}
 
-	talloc_free(mem_ctx);
-
 	/* Now add the new object class attribute to the change message */
 	ret = ldb_msg_add(msg, oc_el_entry, LDB_FLAG_MOD_REPLACE);
 	if (ret != LDB_SUCCESS) {
diff --git a/source4/dsdb/samdb/ldb_modules/proxy.c b/source4/dsdb/samdb/ldb_modules/proxy.c
index 5f6e56f..c3f12ba 100644
--- a/source4/dsdb/samdb/ldb_modules/proxy.c
+++ b/source4/dsdb/samdb/ldb_modules/proxy.c
@@ -339,6 +339,9 @@ static int proxy_search_bytree(struct ldb_module *module, struct ldb_request *re
 #endif
 
 	newtree = proxy_convert_tree(ac, proxy, req->op.search.tree);
+	if (newtree == NULL) {
+		goto failed;
+	}
 
 	/* convert the basedn of this search */
 	base = ldb_dn_copy(ac, req->op.search.base);
diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
index bb30605..da9c966 100644
--- a/source4/dsdb/samdb/ldb_modules/samldb.c
+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
@@ -1734,7 +1734,7 @@ static int samldb_sam_accountname_check(struct samldb_ctx *ac)
 
 static int samldb_member_check(struct samldb_ctx *ac)
 {
-	const char * const attrs[] = { "objectSid", "member", NULL };
+	const char * const attrs[] = { "objectSid", NULL };
 	struct ldb_context *ldb = ldb_module_get_ctx(ac->module);
 	struct ldb_message_element *el;
 	struct ldb_dn *member_dn;
diff --git a/source4/dsdb/schema/schema_query.c b/source4/dsdb/schema/schema_query.c
index d16711a..013878d 100644
--- a/source4/dsdb/schema/schema_query.c
+++ b/source4/dsdb/schema/schema_query.c
@@ -451,14 +451,12 @@ const struct GUID *attribute_schemaid_guid_by_lDAPDisplayName(const struct dsdb_
  * into correct order and validate that all object classes specified actually
  * exist in the schema.
  * The output is written in an existing LDB message element


-- 
Samba Shared Repository


More information about the samba-cvs mailing list