[SCM] Samba Shared Repository - branch master updated

Günther Deschner gd at samba.org
Mon Jan 9 04:07:03 MST 2012 

The branch, master has been updated
       via  aa3fcbb s3-waf: rpcclient does not need libads.so.
       via  ab269de s3-passdb: remove a forward declaration.
       via  3583419 s3-libads: pretty print a keytab list.
       via  4c03f08 s3-pdbtest: only test trusted domains when pdb backends offers trusted domain support.
       via  c3f9e01 s3-libads: fix malloc/talloc mismatch in ads_keytab_verify_ticket().
      from  507e75e s4:python/samba/ndr.py: add an optional 'allow_remaining' to ndr_unpack()

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit aa3fcbbd75d9475b8f215cac02ab91c2665d9bc5
Author: Günther Deschner <gd at samba.org>
Date:   Fri Jan 6 17:50:50 2012 +0100

    s3-waf: rpcclient does not need libads.so.
    
    Guenther
    
    Autobuild-User: Günther Deschner <gd at samba.org>
    Autobuild-Date: Mon Jan  9 12:06:06 CET 2012 on sn-devel-104

commit ab269deb5e9db1f216ec410ef26e671c5fcb28cd
Author: Günther Deschner <gd at samba.org>
Date:   Fri Jan 6 17:49:31 2012 +0100

    s3-passdb: remove a forward declaration.
    
    Guenther

commit 3583419b98826066e7ba9a31ad1b692d3837542b
Author: Günther Deschner <gd at samba.org>
Date:   Fri Jan 6 17:48:58 2012 +0100

    s3-libads: pretty print a keytab list.
    
    Guenther

commit 4c03f08c0d46f6482bf9a3f2eec59b0099d9aa7d
Author: Günther Deschner <gd at samba.org>
Date:   Fri Jan 6 17:27:03 2012 +0100

    s3-pdbtest: only test trusted domains when pdb backends offers trusted domain support.
    
    Guenther

commit c3f9e011edbab66f317df97b9ceca7b70f45d739
Author: Günther Deschner <gd at samba.org>
Date:   Fri Jan 6 16:10:55 2012 +0100

    s3-libads: fix malloc/talloc mismatch in ads_keytab_verify_ticket().
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/include/passdb.h         |   13 ++--
 source3/libads/kerberos_keytab.c |    4 +-
 source3/libads/kerberos_verify.c |    2 +-
 source3/torture/pdbtest.c        |  163 +++++++++++++++++++++-----------------
 source3/wscript_build            |    2 +-
 5 files changed, 99 insertions(+), 85 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index 5980364..2a3844d 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -48,6 +48,12 @@ typedef struct _GROUP_MAP {
 	char *comment;
 } GROUP_MAP;
 
+struct acct_info {
+	char *acct_name; /* account name */
+	char *acct_desc; /* account name */
+	uint32_t rid; /* domain-relative RID */
+};
+
 /* The following definitions come from groupdb/mapping.c  */
 
 NTSTATUS add_initial_entry(gid_t gid, const char *sid, enum lsa_SidType sid_name_use, const char *nt_name, const char *comment);
@@ -79,7 +85,6 @@ NTSTATUS pdb_default_create_alias(struct pdb_methods *methods,
 				  const char *name, uint32_t *rid);
 NTSTATUS pdb_default_delete_alias(struct pdb_methods *methods,
 				  const struct dom_sid *sid);
-struct acct_info;
 NTSTATUS pdb_default_get_aliasinfo(struct pdb_methods *methods,
 				   const struct dom_sid *sid,
 				   struct acct_info *info);
@@ -312,12 +317,6 @@ struct samu {
 	struct passwd *unix_pw;
 };
 
-struct acct_info {
-	char *acct_name; /* account name */
-	char *acct_desc; /* account name */
-	uint32_t rid; /* domain-relative RID */
-};
-
 struct samr_displayentry {
 	uint32_t idx;
 	uint32_t rid;
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index 7654c66..0e23a6a 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -764,7 +764,7 @@ int ads_keytab_list(const char *keytab_name)
 		goto out;
 	}
 
-	printf("Vno  Type        Principal\n");
+	printf("Vno  Type                                        Principal\n");
 
 	while (krb5_kt_next_entry(context, keytab, &kt_entry, &cursor) == 0) {
 
@@ -787,7 +787,7 @@ int ads_keytab_list(const char *keytab_name)
 			goto out;
 		}
 
-		printf("%3d  %s\t\t %s\n", kt_entry.vno, etype_s, princ_s);
+		printf("%3d  %-43s %s\n", kt_entry.vno, etype_s, princ_s);
 
 		TALLOC_FREE(princ_s);
 		SAFE_FREE(etype_s);
diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index f11ea88..6fa8f43 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -298,7 +298,7 @@ out:
 		}
 	}
 
-	SAFE_FREE(entry_princ_s);
+	TALLOC_FREE(entry_princ_s);
 
 	{
 		krb5_keytab_entry zero_kt_entry;
diff --git a/source3/torture/pdbtest.c b/source3/torture/pdbtest.c
index 2f4909a..9f9ca0c 100644
--- a/source3/torture/pdbtest.c
+++ b/source3/torture/pdbtest.c
@@ -230,6 +230,90 @@ static bool samu_correct(struct samu *s1, struct samu *s2)
 	return ret;	
 }
 
+static bool test_trusted_domains(TALLOC_CTX *ctx,
+				 struct pdb_methods *pdb,
+				 bool *error)
+{
+	NTSTATUS rv;
+	/* test trustdom calls */
+	struct pdb_trusted_domain *td;
+	struct pdb_trusted_domain *new_td;
+	struct trustAuthInOutBlob taiob;
+	struct AuthenticationInformation aia;
+	enum ndr_err_code ndr_err;
+
+	td = talloc_zero(ctx ,struct pdb_trusted_domain);
+	if (!td) {
+		fprintf(stderr, "talloc failed\n");
+		return false;
+	}
+
+	td->domain_name = talloc_strdup(td, TRUST_DOM);
+	td->netbios_name = talloc_strdup(td, TRUST_DOM);
+	if (!td->domain_name || !td->netbios_name) {
+		fprintf(stderr, "talloc failed\n");
+		return false;
+	}
+
+	td->trust_auth_incoming = data_blob_null;
+
+	ZERO_STRUCT(taiob);
+	ZERO_STRUCT(aia);
+	taiob.count = 1;
+	taiob.current.count = 1;
+	taiob.current.array = &aia;
+	unix_to_nt_time(&aia.LastUpdateTime, time(NULL));
+	aia.AuthType = TRUST_AUTH_TYPE_CLEAR;
+	aia.AuthInfo.clear.password = (uint8_t *) talloc_strdup(ctx, TRUST_PWD);
+	aia.AuthInfo.clear.size = strlen(TRUST_PWD);
+
+	taiob.previous.count = 0;
+	taiob.previous.array = NULL;
+
+	ndr_err = ndr_push_struct_blob(&td->trust_auth_outgoing,
+					td, &taiob,
+			(ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob);
+	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+		fprintf(stderr, "ndr_push_struct_blob failed.\n");
+		return false;
+	}
+
+	td->trust_direction = LSA_TRUST_DIRECTION_OUTBOUND;
+	td->trust_type = LSA_TRUST_TYPE_DOWNLEVEL;
+	td->trust_attributes = 0;
+	td->trust_forest_trust_info = data_blob_null;
+
+	rv = pdb->set_trusted_domain(pdb, TRUST_DOM, td);
+	if (!NT_STATUS_IS_OK(rv)) {
+		fprintf(stderr, "Error in set_trusted_domain %s\n",
+				get_friendly_nt_error_msg(rv));
+		*error = true;
+	}
+
+	rv = pdb->get_trusted_domain(pdb, ctx, TRUST_DOM, &new_td);
+	if (!NT_STATUS_IS_OK(rv)) {
+		fprintf(stderr, "Error in set_trusted_domain %s\n",
+				get_friendly_nt_error_msg(rv));
+		*error = true;
+	}
+
+	if (!strequal(td->domain_name, new_td->domain_name) ||
+	    !strequal(td->netbios_name, new_td->netbios_name) ||
+	    !dom_sid_equal(&td->security_identifier,
+			   &new_td->security_identifier) ||
+	    td->trust_direction != new_td->trust_direction ||
+	    td->trust_type != new_td->trust_type ||
+	    td->trust_attributes != new_td->trust_attributes ||
+	    td->trust_auth_incoming.length != new_td->trust_auth_incoming.length ||
+	    td->trust_forest_trust_info.length != new_td->trust_forest_trust_info.length ||
+	    data_blob_cmp(&td->trust_auth_outgoing, &new_td->trust_auth_outgoing) != 0) {
+		fprintf(stderr, "Old and new trusdet domain data do not match\n");
+		*error = true;
+	}
+
+	return true;
+}
+
 
 int main(int argc, char **argv)
 {
@@ -255,13 +339,6 @@ int main(int argc, char **argv)
 		POPT_TABLEEND
 	};
 
-	/* test trustdom calls */
-	struct pdb_trusted_domain *td;
-	struct pdb_trusted_domain *new_td;
-	struct trustAuthInOutBlob taiob;
-	struct AuthenticationInformation aia;
-	enum ndr_err_code ndr_err;
-
 	load_case_tables();
 
 	pc = poptGetContext("pdbtest", argc, (const char **) argv,
@@ -381,73 +458,11 @@ int main(int argc, char **argv)
 					get_friendly_nt_error_msg(rv));
 	}
 
-	td = talloc_zero(ctx ,struct pdb_trusted_domain);
-	if (!td) {
-		fprintf(stderr, "talloc failed\n");
-		exit(1);
-	}
-
-	td->domain_name = talloc_strdup(td, TRUST_DOM);
-	td->netbios_name = talloc_strdup(td, TRUST_DOM);
-	if (!td->domain_name || !td->netbios_name) {
-		fprintf(stderr, "talloc failed\n");
-		exit(1);
-	}
-
-	td->trust_auth_incoming = data_blob_null;
-
-	ZERO_STRUCT(taiob);
-	ZERO_STRUCT(aia);
-	taiob.count = 1;
-	taiob.current.count = 1;
-	taiob.current.array = &aia;
-	unix_to_nt_time(&aia.LastUpdateTime, time(NULL));
-	aia.AuthType = TRUST_AUTH_TYPE_CLEAR;
-	aia.AuthInfo.clear.password = (uint8_t *) talloc_strdup(ctx, TRUST_PWD);
-	aia.AuthInfo.clear.size = strlen(TRUST_PWD);
-
-	taiob.previous.count = 0;
-	taiob.previous.array = NULL;
-
-	ndr_err = ndr_push_struct_blob(&td->trust_auth_outgoing,
-					td, &taiob,
-			(ndr_push_flags_fn_t) ndr_push_trustAuthInOutBlob);
-	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-		fprintf(stderr, "ndr_push_struct_blob failed.\n");
-		exit(1);
-	}
-
-	td->trust_direction = LSA_TRUST_DIRECTION_OUTBOUND;
-	td->trust_type = LSA_TRUST_TYPE_DOWNLEVEL;
-	td->trust_attributes = 0;
-	td->trust_forest_trust_info = data_blob_null;
-
-	rv = pdb->set_trusted_domain(pdb, TRUST_DOM, td);
-	if (!NT_STATUS_IS_OK(rv)) {
-		fprintf(stderr, "Error in set_trusted_domain %s\n",
-				get_friendly_nt_error_msg(rv));
-		error = True;
-	}
-
-	rv = pdb->get_trusted_domain(pdb, ctx, TRUST_DOM, &new_td);
-	if (!NT_STATUS_IS_OK(rv)) {
-		fprintf(stderr, "Error in set_trusted_domain %s\n",
-				get_friendly_nt_error_msg(rv));
-		error = True;
-	}
-
-	if (!strequal(td->domain_name, new_td->domain_name) ||
-	    !strequal(td->netbios_name, new_td->netbios_name) ||
-	    !dom_sid_equal(&td->security_identifier,
-			   &new_td->security_identifier) ||
-	    td->trust_direction != new_td->trust_direction ||
-	    td->trust_type != new_td->trust_type ||
-	    td->trust_attributes != new_td->trust_attributes ||
-	    td->trust_auth_incoming.length != new_td->trust_auth_incoming.length ||
-	    td->trust_forest_trust_info.length != new_td->trust_forest_trust_info.length ||
-	    data_blob_cmp(&td->trust_auth_outgoing, &new_td->trust_auth_outgoing) != 0) {
-		fprintf(stderr, "Old and new trusdet domain data do not match\n");
-		error = True;
+	if (pdb_capabilities() & PDB_CAP_TRUSTED_DOMAINS_EX) {
+		if (!test_trusted_domains(ctx, pdb, &error)) {
+			fprintf(stderr, "failed testing trusted domains.\n");
+			exit(1);
+		}
 	}
 
 	TALLOC_FREE(ctx);
diff --git a/source3/wscript_build b/source3/wscript_build
index e6b23f8..c6f7424 100755
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -1162,7 +1162,7 @@ bld.SAMBA3_BINARY('rpcclient/rpcclient',
                  source=RPCCLIENT_SRC,
                  deps='''talloc tdb_compat cap popt_samba3 pdb libsmb smbd_shim
                  param wbclient param KRBCLIENT LIBMSRPC_GEN msrpc3
-                 ads SMBREADLINE trusts_util RPC_NDR_WINREG RPC_NDR_ECHO
+                 SMBREADLINE trusts_util RPC_NDR_WINREG RPC_NDR_ECHO
                  RPC_CLIENT_SCHANNEL
                  LIBCLI_SAMR libcli_lsa3 libcli_netlogon3 cli_spoolss
                  RPC_NDR_SRVSVC RPC_NDR_WKSSVC RPC_NDR_DSSETUP RPC_NDR_DFS


-- 
Samba Shared Repository

More information about the samba-cvs mailing list