[SCM] Samba Shared Repository - branch master updated

Stefan Metzmacher metze at samba.org
Fri Feb 22 03:07:02 MST 2013 

The branch, master has been updated
       via  e4d85fa dsdb-descriptor: Avoid segfault copying an SD without an owner or group
       via  87db233 dsdb-descriptor: Spell out security descriptor flags as constants
       via  a166a34 torture-drs: Fix comment in replica_sync test
       via  59e8321 torture-drs: Make the samba4.drs.repl_schema.python emit failures, not errors on add failure
       via  c89df54 ldb: Add missing dependency on replace for ldb
       via  613f49a build: Remove includes.h dep in winbind client libraries
       via  f2c7f2c build: Remove unused includes.h reference to avoid build-time talloc dep
      from  46ab33d build:autoconf: fix output of syslog-facility check

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit e4d85fa73d3ce1f397fdd416af6b8c903a473824
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Feb 11 14:46:43 2013 +1100

    dsdb-descriptor: Avoid segfault copying an SD without an owner or group
    
    This is an unusual SD, but it does exist is some very old upgraded databases.
    
    Andrew Bartlett
    
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    
    Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
    Autobuild-Date(master): Fri Feb 22 11:06:17 CET 2013 on sn-devel-104

commit 87db2331fc855473d8b3cad1c4149807823aa3c4
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Mon Feb 11 14:45:57 2013 +1100

    dsdb-descriptor: Spell out security descriptor flags as constants
    
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

commit a166a3484a68dc5328ee1d3e65221c30c081204b
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Wed Jan 16 08:52:41 2013 +1100

    torture-drs: Fix comment in replica_sync test
    
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

commit 59e8321324fe6b652724e71ba1df9da80f30cc67
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Thu Feb 7 19:35:15 2013 +1100

    torture-drs: Make the samba4.drs.repl_schema.python emit failures, not errors on add failure
    
    This then allows this particular failure to be masked with a knownfail.
    
    Andrew Bartlett
    
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

commit c89df544239dbaedbb7f231f4556aff8e4a3f288
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Fri Feb 15 13:32:06 2013 +1100

    ldb: Add missing dependency on replace for ldb
    
    This brings in rep_timegm() on Solaris for example.
    
    Andrew Bartlett
    
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

commit 613f49ab8bf0bdcc7cd1e2c39bd624586a87cff3
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Feb 19 11:44:19 2013 +1100

    build: Remove includes.h dep in winbind client libraries
    
    Our LGPL winbind client libs do not link against our server-side code, and
    should not use the server-side includes.h.
    
    This removes a build-time dep on talloc that was brought in via includes.h as
    this code also does not use talloc.
    
    Andrew Bartlett
    
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

commit f2c7f2c93d54c77753e2a1b0663813e9778172a4
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Feb 19 11:15:20 2013 +1100

    build: Remove unused includes.h reference to avoid build-time talloc dep
    
    talloc is not a dependency of this library, but is required by includes.h.
    
    By not including includes.h, we avoid needing to add an otherwise false talloc dep.
    
    (this comes up if talloc.h is not installed as a system package).
    
    Andrew Bartlett
    
    Reviewed-by: Stefan Metzmacher <metze at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/ldb/wscript                             |    2 +-
 lib/util/setid.c                            |    1 -
 nsswitch/winbind_nss_solaris.c              |    1 -
 source4/dsdb/samdb/ldb_modules/acl_util.c   |    2 +-
 source4/dsdb/samdb/ldb_modules/descriptor.c |   18 +++++++++++++-----
 source4/torture/drs/python/repl_schema.py   |    6 +++++-
 source4/torture/drs/python/replica_sync.py  |    2 +-
 7 files changed, 21 insertions(+), 11 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 1ae5438..fbed6fd 100755
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -133,7 +133,7 @@ def build(bld):
 
         bld.SAMBA_LIBRARY('ldb',
                           COMMON_SRC + ' ' + LDB_MAP_SRC,
-                          deps='tevent LIBLDB_MAIN',
+                          deps='tevent LIBLDB_MAIN replace',
                           includes='include',
                           public_headers='include/ldb.h include/ldb_errors.h '\
                           'include/ldb_module.h include/ldb_handlers.h',
diff --git a/lib/util/setid.c b/lib/util/setid.c
index ed86155..c5ee644 100644
--- a/lib/util/setid.c
+++ b/lib/util/setid.c
@@ -20,7 +20,6 @@
 #ifndef AUTOCONF_TEST
 #include "replace.h"
 #include "system/passwd.h"
-#include "include/includes.h"
 
 #ifdef UID_WRAPPER_REPLACE
 
diff --git a/nsswitch/winbind_nss_solaris.c b/nsswitch/winbind_nss_solaris.c
index 92da859..6d3c8a9 100644
--- a/nsswitch/winbind_nss_solaris.c
+++ b/nsswitch/winbind_nss_solaris.c
@@ -33,7 +33,6 @@
 #include <sys/param.h>
 #include <string.h>
 #include <pwd.h>
-#include "includes.h"
 #include <syslog.h>
 
 #if !defined(HPUX)
diff --git a/source4/dsdb/samdb/ldb_modules/acl_util.c b/source4/dsdb/samdb/ldb_modules/acl_util.c
index 9be376d..1f64ab1 100644
--- a/source4/dsdb/samdb/ldb_modules/acl_util.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_util.c
@@ -272,7 +272,7 @@ uint32_t dsdb_request_sd_flags(struct ldb_request *req, bool *explicit)
 	 * equals all 4 bits
 	 */
 	if (sd_flags == 0) {
-		sd_flags = 0xF;
+		sd_flags = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL | SECINFO_SACL;
 	}
 
 	return sd_flags;
diff --git a/source4/dsdb/samdb/ldb_modules/descriptor.c b/source4/dsdb/samdb/ldb_modules/descriptor.c
index d9bc89f..7743baa 100644
--- a/source4/dsdb/samdb/ldb_modules/descriptor.c
+++ b/source4/dsdb/samdb/ldb_modules/descriptor.c
@@ -181,20 +181,28 @@ static struct security_descriptor *descr_handle_sd_flags(TALLOC_CTX *mem_ctx,
 	final_sd->type = SEC_DESC_SELF_RELATIVE;
 
 	if (sd_flags & (SECINFO_OWNER)) {
-		final_sd->owner_sid = talloc_memdup(mem_ctx, new_sd->owner_sid, sizeof(struct dom_sid));
+		if (new_sd->owner_sid) {
+			final_sd->owner_sid = talloc_memdup(mem_ctx, new_sd->owner_sid, sizeof(struct dom_sid));
+		}
 		final_sd->type |= new_sd->type & SEC_DESC_OWNER_DEFAULTED;
 	}
 	else if (old_sd) {
-		final_sd->owner_sid = talloc_memdup(mem_ctx, old_sd->owner_sid, sizeof(struct dom_sid));
+		if (old_sd->owner_sid) {
+			final_sd->owner_sid = talloc_memdup(mem_ctx, old_sd->owner_sid, sizeof(struct dom_sid));
+		}
 		final_sd->type |= old_sd->type & SEC_DESC_OWNER_DEFAULTED;
 	}
 
 	if (sd_flags & (SECINFO_GROUP)) {
-		final_sd->group_sid = talloc_memdup(mem_ctx, new_sd->group_sid, sizeof(struct dom_sid));
+		if (new_sd->group_sid) {
+			final_sd->group_sid = talloc_memdup(mem_ctx, new_sd->group_sid, sizeof(struct dom_sid));
+		}
 		final_sd->type |= new_sd->type & SEC_DESC_GROUP_DEFAULTED;
 	} 
 	else if (old_sd) {
-		final_sd->group_sid = talloc_memdup(mem_ctx, old_sd->group_sid, sizeof(struct dom_sid));
+		if (old_sd->group_sid) {
+			final_sd->group_sid = talloc_memdup(mem_ctx, old_sd->group_sid, sizeof(struct dom_sid));
+		}
 		final_sd->type |= old_sd->type & SEC_DESC_GROUP_DEFAULTED;
 	}
 
@@ -643,7 +651,7 @@ static int descriptor_add(struct ldb_module *module, struct ldb_request *req)
 	 * The SD_FLAG control is ignored on add
 	 * and we default to all bits set.
 	 */
-	sd_flags = 0xF;
+	sd_flags = SECINFO_OWNER|SECINFO_GROUP|SECINFO_SACL|SECINFO_DACL;
 
 	sd = get_new_descriptor(module, dn, req,
 				objectclass, parent_sd,
diff --git a/source4/torture/drs/python/repl_schema.py b/source4/torture/drs/python/repl_schema.py
index 166a0eb..cbed640 100644
--- a/source4/torture/drs/python/repl_schema.py
+++ b/source4/torture/drs/python/repl_schema.py
@@ -84,7 +84,11 @@ class DrsReplSchemaTestCase(drs_base.DrsBaseTestCase):
         if not attrs is None:
             rec.update(attrs)
         # add it to the Schema
-        ldb_ctx.add(rec)
+        try:
+            ldb_ctx.add(rec)
+        except LdbError, (enum, estr):
+            self.fail("Adding record failed with %d/%s" % (enum, estr))
+
         self._ldap_schemaUpdateNow(ldb_ctx)
         return (rec["lDAPDisplayName"], rec["dn"])
 
diff --git a/source4/torture/drs/python/replica_sync.py b/source4/torture/drs/python/replica_sync.py
index 89834a3..8839421 100644
--- a/source4/torture/drs/python/replica_sync.py
+++ b/source4/torture/drs/python/replica_sync.py
@@ -63,7 +63,7 @@ class DrsReplicaSyncTestCase(drs_base.DrsBaseTestCase):
             self.fail("'drs replicate' command should have failed!")
 
     def test_ReplDisabledForced(self):
-        """Tests we cann't replicate when replication is disabled"""
+        """Tests we can force replicate when replication is disabled"""
         self._disable_inbound_repl(self.dnsname_dc1)
         out = self._net_drs_replicate(DC=self.dnsname_dc1, fromDC=self.dnsname_dc2, forced=True)
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list