[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Thu Jan 12 15:59:05 MST 2012
The branch, master has been updated
via 15cdbba s4:repl_cleartext_pwd.py: add optional 'clear_utf16_name' parameter
via 5efe29b s4:repl_cleartext_pwd.py: add 'attmode' parameter to convert the attname to utf8
via 9a8b72a s4:repl_cleartext_pwd.py: correctly compare attids as uint32_t values
from 103c1cb s3-waf: auth_netlogond depends on tldap.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 15cdbba25469d65fc0b74d1a8ada3f5f35bd7c29
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 10 15:14:08 2012 +0100
s4:repl_cleartext_pwd.py: add optional 'clear_utf16_name' parameter
Not all cleartext password (machine passwords) can be converted to utf8,
let's export the raw uint16_t array.
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Thu Jan 12 23:58:12 CET 2012 on sn-devel-104
commit 5efe29baed70b0cbe732350a02b24fc23016e552
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 10 15:15:19 2012 +0100
s4:repl_cleartext_pwd.py: add 'attmode' parameter to convert the attname to utf8
metze
commit 9a8b72a3180b6aa1beb4b153867d4f9f0df953a1
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jan 10 15:12:00 2012 +0100
s4:repl_cleartext_pwd.py: correctly compare attids as uint32_t values
metze
-----------------------------------------------------------------------
Summary of changes:
source4/scripting/devel/repl_cleartext_pwd.py | 62 +++++++++++++++++++------
1 files changed, 47 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/scripting/devel/repl_cleartext_pwd.py b/source4/scripting/devel/repl_cleartext_pwd.py
index ac650d9..840d281 100755
--- a/source4/scripting/devel/repl_cleartext_pwd.py
+++ b/source4/scripting/devel/repl_cleartext_pwd.py
@@ -71,30 +71,50 @@ class globals:
continue
self.global_objs = {}
+def attid_equal(a1,a2):
+ return (a1 & 0xffffffff) == (a2 & 0xffffffff)
+
########### main code ###########
if __name__ == "__main__":
- parser = OptionParser("repl_cleartext_pwd.py [options] server dn cookie_file cleartext_name [attid attname]")
+ parser = OptionParser("repl_cleartext_pwd.py [options] server dn cookie_file clear_utf8_name [attid attname attmode] [clear_utf16_name")
sambaopts = options.SambaOptions(parser)
credopts = options.CredentialsOptions(parser)
parser.add_option_group(credopts)
(opts, args) = parser.parse_args()
- if len(args) < 4 or len(args) == 5:
- parser.error("more arguments required")
+ if len(args) == 4:
+ pass
+ elif len(args) == 7:
+ pass
+ elif len(args) >= 8:
+ pass
+ else:
+ parser.error("more arguments required - given=%d" % (len(args)))
server = args[0]
dn = args[1]
cookie_file = args[2]
if len(cookie_file) == 0:
cookie_file = None
- cleartext_name = args[3]
- if len(args) >= 5:
- attid = int(args[4])
+ clear_utf8_name = args[3]
+ if len(args) >= 7:
+ try:
+ attid = int(args[4], 16)
+ except:
+ attid = int(args[4])
attname = args[5]
+ attmode = args[6]
+ if attmode not in ["raw", "utf8"]:
+ parser.error("attmode should be 'raw' or 'utf8'")
else:
attid = -1
attname = None
+ attmode = "raw"
+ if len(args) >= 8:
+ clear_utf16_name = args[7]
+ else:
+ clear_utf16_name = None
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
@@ -232,7 +252,7 @@ if __name__ == "__main__":
is_deleted = False
for i in range(0, obj.attribute_ctr.num_attributes):
attr = obj.attribute_ctr.attributes[i]
- if attr.attid == drsuapi.DRSUAPI_ATTID_isDeleted:
+ if attid_equal(attr.attid, drsuapi.DRSUAPI_ATTID_isDeleted):
is_deleted = True
if is_deleted:
obj_item = obj_item.next_object
@@ -242,19 +262,27 @@ if __name__ == "__main__":
attvals = None
for i in range(0, obj.attribute_ctr.num_attributes):
attr = obj.attribute_ctr.attributes[i]
- if attr.attid == attid:
+ if attid_equal(attr.attid, attid):
attvals = []
for j in range(0, attr.value_ctr.num_values):
assert attr.value_ctr.values[j].blob is not None
- attvals.append(attr.value_ctr.values[j].blob)
- if attr.attid != drsuapi.DRSUAPI_ATTID_supplementalCredentials:
+ val_raw = attr.value_ctr.values[j].blob
+ val = None
+ if attmode == "utf8":
+ val_unicode = unicode(val_raw, 'utf-16-le')
+ val = val_unicode.encode('utf-8')
+ elif attmode == "raw":
+ val = val_raw
+ else:
+ assert False, "attmode[%s]" % attmode
+ attvals.append(val)
+ if not attid_equal(attr.attid, drsuapi.DRSUAPI_ATTID_supplementalCredentials):
continue
assert attr.value_ctr.num_values <= 1
if attr.value_ctr.num_values == 0:
break
assert attr.value_ctr.values[0].blob is not None
spl_crypt = attr.value_ctr.values[0].blob
- break
if spl_crypt is None:
obj_item = obj_item.next_object
@@ -291,10 +319,14 @@ if __name__ == "__main__":
if cleartext_hex is not None:
cleartext_utf16 = binascii.a2b_hex(cleartext_hex)
- cleartext_unicode = unicode(cleartext_utf16, 'utf-16-le')
- cleartext_utf8 = cleartext_unicode.encode('utf-8')
-
- gls.add_attr(obj.identifier.dn, cleartext_name, [cleartext_utf8])
+ if clear_utf16_name is not None:
+ gls.add_attr(obj.identifier.dn, clear_utf16_name, [cleartext_utf16])
+ try:
+ cleartext_unicode = unicode(cleartext_utf16, 'utf-16-le')
+ cleartext_utf8 = cleartext_unicode.encode('utf-8')
+ gls.add_attr(obj.identifier.dn, clear_utf8_name, [cleartext_utf8])
+ except:
+ pass
if attvals is not None:
gls.add_attr(obj.identifier.dn, attname, attvals)
--
Samba Shared Repository
More information about the samba-cvs
mailing list