[SCM] Samba Shared Repository - branch master updated
Christian Ambach
ambi at samba.org
Tue May 1 03:08:02 MDT 2012
The branch, master has been updated
via b985c67 s3:selftest run LOCAL-IDMAP-TDB-COMMON in make test
via 55870b0 s3:torture: add idmap_tdb_common test code
via 0e06d94 s3:winbindd/idmap_tdb: use idmap_tdb_common code
via 15b12cb s3:winbindd/idmap_tdb2: fix logic error in set_mapping_action
via 627f46c s3:winbindd/idmap_tdb2: use idmap_tdb_common code
via e7576e8 s3:winbindd/autorid use idmap_tdb_common code in autorid
via c673237 s3:winbindd add idmap_tdb_common file to store common code of TDB idmap backends
via 7a07ce2 s3:util add sid_check_is_wellknown_builtin()
from 9705a70 move VERSION to alpha21
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit b985c672bf7b6f2b9e2b8b4757dad0cf4b3cd45c
Author: Christian Ambach <ambi at samba.org>
Date: Mon Apr 30 17:02:46 2012 +0200
s3:selftest run LOCAL-IDMAP-TDB-COMMON in make test
Autobuild-User: Christian Ambach <ambi at samba.org>
Autobuild-Date: Tue May 1 11:07:08 CEST 2012 on sn-devel-104
commit 55870b0bf9496a56dcbd3b439959b7347e61a088
Author: Christian Ambach <ambi at samba.org>
Date: Wed Feb 22 15:44:27 2012 +0100
s3:torture: add idmap_tdb_common test code
commit 0e06d944bc87c212713eee3c2d651321deb1c18c
Author: Christian Ambach <ambi at samba.org>
Date: Mon Feb 20 12:13:56 2012 +0100
s3:winbindd/idmap_tdb: use idmap_tdb_common code
commit 15b12cbc8ab31f4f8a547f27985f24d72c1f0055
Author: Christian Ambach <ambi at samba.org>
Date: Sun Feb 26 17:49:23 2012 +0100
s3:winbindd/idmap_tdb2: fix logic error in set_mapping_action
fix an endless loop
commit 627f46cf1f48d7f742f0cf3405dc7c4cab5349d6
Author: Christian Ambach <ambi at samba.org>
Date: Fri Feb 17 17:34:03 2012 +0100
s3:winbindd/idmap_tdb2: use idmap_tdb_common code
commit e7576e85c9ecb79c40d927733253a844c219064d
Author: Christian Ambach <ambi at samba.org>
Date: Wed Jan 25 19:06:16 2012 +0100
s3:winbindd/autorid use idmap_tdb_common code in autorid
- use common logic for the allocation pool
- add a idmap_tdb style 1on1 mapping for non-domain SIDs
like Everyone (S-1-1-0)
commit c673237785ad76c1638e8612218036f1080f4f3f
Author: Christian Ambach <ambi at samba.org>
Date: Mon Jan 16 17:21:38 2012 +0100
s3:winbindd add idmap_tdb_common file to store common code of TDB idmap backends
commit 7a07ce268038c51c0c8a219e21d657bae68d40cd
Author: Christian Ambach <ambi at samba.org>
Date: Tue Jan 17 13:59:56 2012 +0100
s3:util add sid_check_is_wellknown_builtin()
-----------------------------------------------------------------------
Summary of changes:
source3/Makefile.in | 10 +-
source3/include/proto.h | 1 +
source3/lib/util_builtin.c | 27 +
source3/selftest/tests.py | 1 +
source3/torture/proto.h | 1 +
source3/torture/test_idmap_tdb_common.c | 1028 +++++++++++++++++++++++++++++++
source3/torture/torture.c | 1 +
source3/winbindd/idmap_autorid.c | 313 +++++++---
source3/winbindd/idmap_tdb.c | 576 +-----------------
source3/winbindd/idmap_tdb2.c | 450 +++-----------
source3/winbindd/idmap_tdb_common.c | 654 ++++++++++++++++++++
source3/winbindd/idmap_tdb_common.h | 137 ++++
source3/winbindd/wscript_build | 2 +-
source3/wscript_build | 2 +
14 files changed, 2198 insertions(+), 1005 deletions(-)
create mode 100644 source3/torture/test_idmap_tdb_common.c
create mode 100644 source3/winbindd/idmap_tdb_common.c
create mode 100644 source3/winbindd/idmap_tdb_common.h
Changeset truncated at 500 lines:
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 37419de..8b02d64 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -1281,6 +1281,7 @@ SMBTORTURE_OBJ1 = torture/torture.o torture/nbio.o torture/scanner.o torture/uta
torture/test_msg.o \
torture/test_notify.o \
torture/test_dbwrap_watch.o \
+ torture/test_idmap_tdb_common.o \
torture/t_strappend.o
SMBTORTURE_OBJ = $(SMBTORTURE_OBJ1) $(PARAM_OBJ) $(TLDAP_OBJ) \
@@ -1374,7 +1375,12 @@ PAM_SMBPASS_OBJ = $(PAM_SMBPASS_OBJ_0) $(PARAM_OBJ) $(LIB_NONSMBD_OBJ) $(PASSDB_
IDMAP_RW_OBJ = winbindd/idmap_rw.o
-IDMAP_OBJ = winbindd/idmap.o winbindd/idmap_util.o $(IDMAP_RW_OBJ) @IDMAP_STATIC@
+IDMAP_TDB_COMMON_OBJ = winbindd/idmap_tdb_common.o
+
+IDMAP_UTIL_OBJ = winbindd/idmap_util.o $(IDMAP_RW_OBJ) \
+ $(IDMAP_TDB_COMMON_OBJ)
+
+IDMAP_OBJ = winbindd/idmap.o $(IDMAP_UTIL_OBJ) @IDMAP_STATIC@
NSS_INFO_OBJ = winbindd/nss_info.o @NSS_INFO_STATIC@
@@ -1965,7 +1971,7 @@ bin/nmblookup: $(BINARY_PREREQS) $(NMBLOOKUP_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LI
bin/smbtorture: $(BINARY_PREREQS) $(SMBTORTURE_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTDB) $(LIBWBCLIENT)
@echo Linking $@
- @$(CC) -o $@ $(SMBTORTURE_OBJ) $(LDFLAGS) $(DYNEXP) \
+ @$(CC) -o $@ $(SMBTORTURE_OBJ) $(IDMAP_UTIL_OBJ) $(LDFLAGS) $(DYNEXP) \
$(LIBS) $(KRB5LIBS) $(LDAP_LIBS) $(POPT_LIBS) $(LIBTALLOC_LIBS) \
$(LIBTDB_LIBS) $(ZLIB_LIBS) $(LIBWBCLIENT_LIBS)
diff --git a/source3/include/proto.h b/source3/include/proto.h
index c2c74fa..686b230 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -559,6 +559,7 @@ bool lookup_builtin_name(const char *name, uint32 *rid);
const char *builtin_domain_name(void);
bool sid_check_is_builtin(const struct dom_sid *sid);
bool sid_check_is_in_builtin(const struct dom_sid *sid);
+bool sid_check_is_wellknown_builtin(const struct dom_sid *sid);
/* The following definitions come from lib/util_file.c */
diff --git a/source3/lib/util_builtin.c b/source3/lib/util_builtin.c
index 3aae509..c87c849 100644
--- a/source3/lib/util_builtin.c
+++ b/source3/lib/util_builtin.c
@@ -129,3 +129,30 @@ bool sid_check_is_in_builtin(const struct dom_sid *sid)
return sid_check_is_builtin(&dom_sid);
}
+
+/********************************************************************
+ Check if the SID is one of the well-known builtin SIDs (S-1-5-32-x)
+*********************************************************************/
+
+bool sid_check_is_wellknown_builtin(const struct dom_sid *sid)
+{
+ struct dom_sid dom_sid;
+ const struct rid_name_map *aliases = builtin_aliases;
+ uint32_t rid;
+
+ sid_copy(&dom_sid, sid);
+ sid_split_rid(&dom_sid, &rid);
+
+ if (!sid_check_is_builtin(&dom_sid)) {
+ return false;
+ }
+
+ while (aliases->name != NULL) {
+ if (aliases->rid == rid) {
+ return True;
+ }
+ aliases++;
+ }
+
+ return False;
+}
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index c40f878..8073e99 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -105,6 +105,7 @@ local_tests=[
"LOCAL-TEVENT-SELECT",
"LOCAL-CONVERT-STRING",
"LOCAL-CONV-AUTH-INFO",
+ "LOCAL-IDMAP-TDB-COMMON",
"LOCAL-hex_encode_buf",
"LOCAL-sprintf_append"]
diff --git a/source3/torture/proto.h b/source3/torture/proto.h
index 4fde448..80618ce 100644
--- a/source3/torture/proto.h
+++ b/source3/torture/proto.h
@@ -109,5 +109,6 @@ bool run_msg_test(int dummy);
bool run_notify_bench2(int dummy);
bool run_notify_bench3(int dummy);
bool run_dbwrap_watch1(int dummy);
+bool run_idmap_tdb_common_test(int dummy);
#endif /* __TORTURE_H__ */
diff --git a/source3/torture/test_idmap_tdb_common.c b/source3/torture/test_idmap_tdb_common.c
new file mode 100644
index 0000000..e24fc21
--- /dev/null
+++ b/source3/torture/test_idmap_tdb_common.c
@@ -0,0 +1,1028 @@
+/*
+ Unix SMB/CIFS implementation.
+ IDMAP TDB common code tester
+
+ Copyright (C) Christian Ambach 2012
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "system/filesys.h"
+#include "torture/proto.h"
+#include "idmap.h"
+#include "winbindd/idmap_rw.h"
+#include "winbindd/idmap_tdb_common.h"
+#include "winbindd/winbindd.h"
+#include "winbindd/winbindd_proto.h"
+#include "dbwrap/dbwrap.h"
+#include "dbwrap/dbwrap_open.h"
+#include "../libcli/security/dom_sid.h"
+
+#define HWM_GROUP "GROUP HWM"
+#define HWM_USER "USER HWM"
+
+#define LOW_ID 100
+#define HIGH_ID 199
+
+#define TESTDB "/tmp/idmap_test.tdb"
+
+#define DOM_SID1 "S-1-5-21-1234-5678-9012"
+#define DOM_SID2 "S-1-5-21-0123-5678-9012"
+#define DOM_SID3 "S-1-5-21-0012-5678-9012"
+#define DOM_SID4 "S-1-5-21-0001-5678-9012"
+#define DOM_SID5 "S-1-5-21-2345-5678-9012"
+#define DOM_SID6 "S-1-5-21-3456-5678-9012"
+
+/* overwrite some winbind internal functions */
+struct winbindd_domain *find_domain_from_name(const char *domain_name)
+{
+ return NULL;
+}
+
+bool get_global_winbindd_state_offline(void) {
+ return false;
+}
+
+bool winbindd_use_idmap_cache(void) {
+ return false;
+}
+
+bool idmap_is_online(void)
+{
+ return true;
+}
+
+NTSTATUS idmap_backends_sid_to_unixid(const char *domain, struct id_map *id)
+{
+ return NT_STATUS_OK;
+}
+
+NTSTATUS idmap_backends_unixid_to_sid(const char *domname, struct id_map *id)
+{
+ return NT_STATUS_OK;
+}
+
+static bool open_db(struct idmap_tdb_common_context *ctx)
+{
+ NTSTATUS status;
+
+ if(ctx->db) {
+ /* already open */
+ return true;
+ }
+
+ unlink(TESTDB);
+
+ ctx->db = db_open(ctx, TESTDB, 0, TDB_DEFAULT,
+ O_RDWR | O_CREAT | O_EXCL, 0600,
+ DBWRAP_LOCK_ORDER_1);
+
+ if(dbwrap_transaction_start(ctx->db) != 0) {
+ DEBUG(0, ("Failed to start transaction!\n"));
+ return false;
+ }
+
+ status = dbwrap_store_uint32(ctx->db, ctx->hwmkey_uid, LOW_ID);
+ if(!NT_STATUS_IS_OK(status)) {
+ dbwrap_transaction_cancel(ctx->db);
+ return false;
+ }
+
+ status = dbwrap_store_uint32(ctx->db, ctx->hwmkey_gid, LOW_ID);
+ if(!NT_STATUS_IS_OK(status)) {
+ dbwrap_transaction_cancel(ctx->db);
+ return false;
+ }
+
+ if(dbwrap_transaction_commit(ctx->db) != 0) {
+ DEBUG(0, ("Failed to commit transaction!\n"));
+ return false;
+ }
+
+ return true;
+}
+
+static struct idmap_tdb_common_context *createcontext(TALLOC_CTX *memctx)
+{
+ struct idmap_tdb_common_context *ret;
+
+ ret = talloc_zero(memctx, struct idmap_tdb_common_context);
+ ret->rw_ops = talloc_zero(ret, struct idmap_rw_ops);
+
+ ret->max_id = HIGH_ID;
+ ret->hwmkey_uid = HWM_USER;
+ ret->hwmkey_gid = HWM_GROUP;
+
+ ret->rw_ops->get_new_id = idmap_tdb_common_get_new_id;
+ ret->rw_ops->set_mapping = idmap_tdb_common_set_mapping;
+
+ open_db(ret);
+
+ return ret;
+}
+
+static struct idmap_domain *createdomain(TALLOC_CTX *memctx)
+{
+ struct idmap_domain *dom;
+
+ dom = talloc_zero(memctx, struct idmap_domain);
+ dom->name = "*";
+ dom->low_id = LOW_ID;
+ dom->high_id = HIGH_ID;
+ dom->read_only = false;
+ dom->methods = talloc_zero(dom, struct idmap_methods);
+ dom->methods->sids_to_unixids = idmap_tdb_common_sids_to_unixids;
+ dom->methods->unixids_to_sids = idmap_tdb_common_unixids_to_sids;
+ dom->methods->allocate_id = idmap_tdb_common_get_new_id;
+
+ return dom;
+}
+
+static bool test_getnewid1(TALLOC_CTX *memctx, struct idmap_domain *dom)
+{
+ NTSTATUS status;
+ struct unixid id;
+
+ id.type = ID_TYPE_UID;
+
+ status = idmap_tdb_common_get_new_id(dom, &id);
+
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_getnewid1: Could not allocate id!\n"));
+ return false;
+ }
+
+ if(id.id == 0) {
+ DEBUG(0, ("test_getnewid1: Allocate returned "
+ "empty id!\n"));
+ return false;
+ }
+
+ if(id.id > HIGH_ID || id.id < LOW_ID) {
+ DEBUG(0, ("test_getnewid1: Allocate returned "
+ "out of range id!\n"));
+ return false;
+ }
+
+ DEBUG(0, ("test_getnewid1: PASSED!\n"));
+
+ return true;
+}
+
+static bool test_getnewid2(TALLOC_CTX *memctx, struct idmap_domain *dom)
+{
+ NTSTATUS status;
+ struct unixid id;
+ int i, left;
+
+ id.type = ID_TYPE_UID;
+
+ status = idmap_tdb_common_get_new_id(dom, &id);
+
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_getnewid2: Could not allocate id!\n"));
+ return false;
+ }
+
+ if(id.id == 0) {
+ DEBUG(0, ("test_getnewid2: Allocate returned "
+ "empty id!\n"));
+ return false;
+ }
+
+ if(id.id > HIGH_ID || id.id < LOW_ID) {
+ DEBUG(0, ("test_getnewid2: Allocate returned "
+ "out of range id!\n"));
+ return false;
+ }
+
+ /* how many ids are left? */
+
+ left = HIGH_ID - id.id;
+
+ /* consume them all */
+ for(i = 0; i<left; i++) {
+
+ status = idmap_tdb_common_get_new_id(dom, &id);
+
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_getnewid2: Allocate returned "
+ "error %s\n", nt_errstr(status)));
+ return false;
+ }
+
+ if(id.id > HIGH_ID) {
+ DEBUG(0, ("test_getnewid2: Allocate returned "
+ "out of range id (%d)!\n", id.id));
+ return false;
+ }
+ }
+
+ /* one more must fail */
+ status = idmap_tdb_common_get_new_id(dom, &id);
+
+ if(NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_getnewid2: Could allocate id (%d) from "
+ "depleted pool!\n", id.id));
+ return false;
+ }
+
+ DEBUG(0, ("test_getnewid2: PASSED!\n"));
+
+ return true;
+}
+
+static bool test_setmap1(TALLOC_CTX *memctx, struct idmap_domain *dom)
+{
+ NTSTATUS status;
+ struct id_map map;
+
+ ZERO_STRUCT(map);
+
+ /* test for correct return code with invalid data */
+
+ status = idmap_tdb_common_set_mapping(dom, NULL);
+ if(!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
+ DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
+ return false;
+ }
+
+ status = idmap_tdb_common_set_mapping(dom, &map);
+ if(!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
+ DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
+ return false;
+ }
+
+ map.sid = dom_sid_parse_talloc(memctx, DOM_SID1 "-100");
+
+ map.xid.type = ID_TYPE_NOT_SPECIFIED;
+ map.xid.id = 4711;
+
+ status = idmap_tdb_common_set_mapping(dom, &map);
+ if(!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
+ DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
+ return false;
+ }
+
+ /* now the good ones */
+ map.xid.type = ID_TYPE_UID;
+ map.xid.id = 0;
+
+ status = idmap_tdb_common_get_new_id(dom, &(map.xid));
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_setmap1: get_new_uid failed!\n"));
+ return false;
+ }
+
+ status = idmap_tdb_common_set_mapping(dom, &map);
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_setmap1: setting UID mapping failed!\n"));
+ return false;
+ }
+
+ /* try to set the same mapping again as group (must fail) */
+
+ map.xid.type = ID_TYPE_GID;
+ status = idmap_tdb_common_set_mapping(dom, &map);
+ if(NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_setmap1: could create map for "
+ "group and user!\n"));
+ return false;
+ }
+
+ /* now a group with a different SID*/
+ map.xid.id = 0;
+
+ map.sid = dom_sid_parse_talloc(memctx, DOM_SID1 "-101");
+
+ status = idmap_tdb_common_get_new_id(dom, &(map.xid));
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_setmap1: get_new_gid failed!\n"));
+ return false;
+ }
+
+ status = idmap_tdb_common_set_mapping(dom, &map);
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_setmap1: setting GID mapping failed!\n"));
+ return false;
+ }
+ DEBUG(0, ("test_setmap1: PASSED!\n"));
+
+ return true;
+}
+
+static bool test_sid2unixid1(TALLOC_CTX *memctx, struct idmap_domain *dom)
+{
+ NTSTATUS status1, status2, status3;
+ struct id_map map;
+
+ /* check for correct dealing with bad parameters */
+ status1 = idmap_tdb_common_sid_to_unixid(NULL, &map);
+ status2 = idmap_tdb_common_sid_to_unixid(dom, NULL);
+ status3 = idmap_tdb_common_sid_to_unixid(NULL, NULL);
+
+ if(!NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status1) ||
+ !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status2) ||
+ !NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status3)) {
+ DEBUG(0, ("test_setmap1: bad parameter handling!\n"));
+ return false;
+ }
+
+ DEBUG(0, ("test_unixid2sid1: PASSED!\n"));
+
+ return true;
+}
+
+static bool test_sid2unixid2(TALLOC_CTX *memctx, struct idmap_domain *dom)
+{
+ NTSTATUS status;
+ struct id_map uid_map, gid_map, test_map;
+ bool doagain = true;
+
+ ZERO_STRUCT(uid_map);
+ ZERO_STRUCT(gid_map);
+
+ /* create two mappings for a UID and GID */
+
+again:
+
+ uid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID2 "-1000");
+ uid_map.xid.type = ID_TYPE_UID;
+
+ gid_map.sid = dom_sid_parse_talloc(memctx, DOM_SID2 "-1001");
+ gid_map.xid.type = ID_TYPE_GID;
+
+ status = idmap_tdb_common_new_mapping(dom, &uid_map);
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_sid2unixid1: could not create uid map!\n"));
+ return false;
+ }
+
+ status = idmap_tdb_common_new_mapping(dom, &gid_map);
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_sid2unixid1: could not create gid map!\n"));
+ return false;
+ }
+
+ /* now read them back */
+ ZERO_STRUCT(test_map);
+ test_map.sid = uid_map.sid;
+
+ status = idmap_tdb_common_sid_to_unixid(dom, &test_map);
+ if(!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("test_sid2unixid1: sid2unixid failed for uid!\n"));
+ return false;
+ }
+
+ if(test_map.xid.id!=uid_map.xid.id) {
--
Samba Shared Repository
More information about the samba-cvs
mailing list