[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Wed Jan 4 12:07:04 MST 2012
The branch, master has been updated
via 6ee6283 LDAP-CLDAP: demonstrate that pdc name is not an unc path
via 55db691 s4:torture/nbt/dgram.c - NBT samlogon requests don't return the PDC name as UNC path
via 6b3404a s4:cldap_server/netlogon.c: it is wrong to specify "\" in front of the hostname
from b9d208b s3-winbind: Fix segfault if we can't map the last user.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 6ee628341fe25c258c49b43a111ff96b05dcd07b
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jan 4 11:46:47 2012 +0100
LDAP-CLDAP: demonstrate that pdc name is not an unc path
For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX,
pdc name is not in unc path form.
[MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form,
while NetbiosComputerName is not in unc form.
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Wed Jan 4 20:06:14 CET 2012 on sn-devel-104
commit 55db69198b76daaaba4a1e3d5c7195e4056ebb2c
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date: Thu Dec 22 17:05:29 2011 +0100
s4:torture/nbt/dgram.c - NBT samlogon requests don't return the PDC name as UNC path
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 6b3404ad95998351127a5d1b181a2825827c7bd5
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Nov 23 10:09:51 2011 +0100
s4:cldap_server/netlogon.c: it is wrong to specify "\\" in front of the hostname
For LOGON_SAM_LOGON_RESPONSE_EX and LOGON_SAM_LOGON_USER_UNKNOWN_EX,
pdc name is not in unc path form.
[MS-ADTS] 7.3.1.* uses UnicodeLogonServer, which seems to be in unc form,
while NetbiosComputerName is not in unc form.
Bases on a patch from Matthias Dieter Wallnöfer <mdw at samba.org>.
metze
-----------------------------------------------------------------------
Summary of changes:
source4/cldap_server/netlogon.c | 8 ++++++--
source4/torture/ldap/cldap.c | 9 +++++++++
source4/torture/nbt/dgram.c | 5 +++++
3 files changed, 20 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/cldap_server/netlogon.c b/source4/cldap_server/netlogon.c
index 9d9f45e..4777fcc 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/cldap_server/netlogon.c
@@ -250,9 +250,13 @@ NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
server_type |= DS_SERVER_WRITABLE;
}
- pdc_name = talloc_asprintf(mem_ctx, "\\\\%s",
+ if (version & (NETLOGON_NT_VERSION_5EX|NETLOGON_NT_VERSION_5EX_WITH_IP)) {
+ pdc_name = lpcfg_netbios_name(lp_ctx);
+ } else {
+ pdc_name = talloc_asprintf(mem_ctx, "\\\\%s",
lpcfg_netbios_name(lp_ctx));
- NT_STATUS_HAVE_NO_MEMORY(pdc_name);
+ NT_STATUS_HAVE_NO_MEMORY(pdc_name);
+ }
domain_uuid = samdb_result_guid(dom_res->msgs[0], "objectGUID");
dns_domain = lpcfg_dnsdomain(lp_ctx);
forest_domain = samdb_forest_name(sam_ctx, mem_ctx);
diff --git a/source4/torture/ldap/cldap.c b/source4/torture/ldap/cldap.c
index b3f6276..fc8c337 100644
--- a/source4/torture/ldap/cldap.c
+++ b/source4/torture/ldap/cldap.c
@@ -105,6 +105,9 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX);
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, "");
+ torture_assert(tctx,
+ strstr(search.out.netlogon.data.nt5_ex.pdc_name, "\\\\") == NULL,
+ "PDC name should not be in UNC form");
printf("Trying with User=Administrator\n");
search.in.user = "Administrator";
@@ -112,6 +115,9 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX);
CHECK_STRING(search.out.netlogon.data.nt5_ex.user_name, search.in.user);
+ torture_assert(tctx,
+ strstr(search.out.netlogon.data.nt5_ex.pdc_name, "\\\\") == NULL,
+ "PDC name should not be in UNC form");
search.in.version = NETLOGON_NT_VERSION_5;
status = cldap_netlogon(cldap, tctx, &search);
@@ -146,6 +152,9 @@ static bool test_cldap_netlogon(struct torture_context *tctx, const char *dest)
CHECK_STATUS(status, NT_STATUS_OK);
CHECK_VAL(search.out.netlogon.data.nt5_ex.command, LOGON_SAM_LOGON_USER_UNKNOWN_EX);
CHECK_STRING(GUID_string(tctx, &search.out.netlogon.data.nt5_ex.domain_uuid), search.in.domain_guid);
+ torture_assert(tctx,
+ strstr(search.out.netlogon.data.nt5_ex.pdc_name, "\\\\") == NULL,
+ "PDC name should not be in UNC form");
printf("Trying with a incorrect GUID\n");
guid = GUID_random();
diff --git a/source4/torture/nbt/dgram.c b/source4/torture/nbt/dgram.c
index d25724e..9e0027c 100644
--- a/source4/torture/nbt/dgram.c
+++ b/source4/torture/nbt/dgram.c
@@ -246,8 +246,13 @@ static bool nbt_test_netlogon2(struct torture_context *tctx)
map_netlogon_samlogon_response(&response->data.samlogon);
torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.command, LOGON_SAM_LOGON_RESPONSE_EX, "Got incorrect netlogon response command");
+
torture_assert_int_equal(tctx, response->data.samlogon.data.nt5_ex.nt_version, NETLOGON_NT_VERSION_5EX_WITH_IP|NETLOGON_NT_VERSION_5EX|NETLOGON_NT_VERSION_1, "Got incorrect netlogon response command");
+ torture_assert(tctx,
+ strstr(response->data.samlogon.data.nt5_ex.pdc_name, "\\\\") == NULL,
+ "PDC name should not be in UNC form");
+
/* setup (another) temporary mailslot listener for replies */
dgmslot = dgram_mailslot_temp(dgmsock, NBT_MAILSLOT_GETDC,
netlogon_handler, NULL);
--
Samba Shared Repository
More information about the samba-cvs
mailing list