[SCM] Samba Shared Repository - branch master updated
Ralph Böhme
slow at samba.org
Tue Jun 28 20:36:02 UTC 2016
The branch, master has been updated
via ed4af82 s4/selftests: test net ads dns register/unregister.
via 4e20d24 ldb: Fix CID 1362935: CHECKED_RETURN
via 874a9d9 libnet: Fix CID 1362934: CHECKED_RETURN
from 6318615 s3: tldap: Make tldap_gensec_bind_send()/tldap_gensec_bind_recv() static.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ed4af82a4f1018884b534232ccfbe3fff8b7bdef
Author: Richard Sharpe <rsharpe at samba.org>
Date: Sat Jun 18 21:51:26 2016 -0700
s4/selftests: test net ads dns register/unregister.
Add a new test for the net ads dns commands and the needed self test
setup. Currently tests that we can register a name and that it
turns up. Also, tests that we can register with -P.
Signed-off-by: Richard Sharpe <rsharpe at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Ralph Böhme <slow at samba.org>
Autobuild-Date(master): Tue Jun 28 22:35:35 CEST 2016 on sn-devel-144
commit 4e20d2448e2d43f2bb36ea8a131c7677befed242
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jun 28 14:41:19 2016 +0200
ldb: Fix CID 1362935: CHECKED_RETURN
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 874a9d9c87c69b5dd62494c6372aa196daadc325
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jun 28 14:38:57 2016 +0200
libnet: Fix CID 1362934: CHECKED_RETURN
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/ldb/ldb_map/ldb_map.c | 7 ++-
source4/libnet/libnet_samsync_ldb.c | 7 ++-
source4/selftest/tests.py | 1 +
testprogs/blackbox/test_net_ads_dns.sh | 81 ++++++++++++++++++++++++++++++++++
4 files changed, 94 insertions(+), 2 deletions(-)
create mode 100755 testprogs/blackbox/test_net_ads_dns.sh
Changeset truncated at 500 lines:
diff --git a/lib/ldb/ldb_map/ldb_map.c b/lib/ldb/ldb_map/ldb_map.c
index 66b0059..f2a86fe 100644
--- a/lib/ldb/ldb_map/ldb_map.c
+++ b/lib/ldb/ldb_map/ldb_map.c
@@ -727,6 +727,7 @@ static void map_objectclass_generate_remote(struct ldb_module *module, const cha
struct ldb_val val;
bool found_extensibleObject = false;
unsigned int i;
+ int ret;
ldb = ldb_module_get_ctx(module);
@@ -774,7 +775,11 @@ static void map_objectclass_generate_remote(struct ldb_module *module, const cha
}
/* Add new objectClass to remote message */
- ldb_msg_add(remote, el, 0);
+ ret = ldb_msg_add(remote, el, 0);
+ if (ret != LDB_SUCCESS) {
+ ldb_oom(ldb);
+ return;
+ }
}
/* Map an objectClass into the local partition. */
diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c
index f3a45b8..5fdef79 100644
--- a/source4/libnet/libnet_samsync_ldb.c
+++ b/source4/libnet/libnet_samsync_ldb.c
@@ -414,7 +414,12 @@ static NTSTATUS samsync_ldb_handle_user(TALLOC_CTX *mem_ctx,
samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg,
remote_attrs[i]);
} else {
- ldb_msg_add(msg, el, LDB_FLAG_MOD_REPLACE);
+ ret = ldb_msg_add(msg, el, LDB_FLAG_MOD_REPLACE);
+ if (ret != LDB_SUCCESS) {
+ *error_string = talloc_strdup(
+ mem_ctx, "ldb_msg_add failed");
+ return NT_STATUS_NO_MEMORY;
+ }
}
}
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index c3a3914..87abcff 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -405,6 +405,7 @@ plantestsuite("samba4.blackbox.rfc2307_mapping(ad_dc_ntvfs:local)", "ad_dc_ntvfs
plantestsuite("samba4.blackbox.chgdcpass", "chgdcpass", [os.path.join(bbdir, "test_chgdcpass.sh"), '$SERVER', "CHGDCPASS\$", '$REALM', '$DOMAIN', '$PREFIX', "aes256-cts-hmac-sha1-96", '$SELFTEST_PREFIX/chgdcpass', smbclient4])
plantestsuite("samba4.blackbox.samba_upgradedns(chgdcpass:local)", "chgdcpass:local", [os.path.join(bbdir, "test_samba_upgradedns.sh"), '$SERVER', '$REALM', '$PREFIX', '$SELFTEST_PREFIX/chgdcpass'])
plantestsuite("samba4.blackbox.net_ads(ad_member:client)", "ad_member:client", [os.path.join(bbdir, "test_net_ads.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS'])
+plantestsuite("samba4.blackbox.net_ads_dns(ad_member:local)", "ad_member:local", [os.path.join(bbdir, "test_net_ads_dns.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$REALM', '$USERNAME', '$PASSWORD'])
plantestsuite_loadlist("samba4.rpc.echo against NetBIOS alias", "ad_dc_ntvfs", [valgrindify(smbtorture4), "$LISTOPT", "$LOADLIST", 'ncacn_np:$NETBIOSALIAS', '-U$DOMAIN/$USERNAME%$PASSWORD', 'rpc.echo'])
# Tests using the "Simple" NTVFS backend
diff --git a/testprogs/blackbox/test_net_ads_dns.sh b/testprogs/blackbox/test_net_ads_dns.sh
new file mode 100755
index 0000000..41bc63d
--- /dev/null
+++ b/testprogs/blackbox/test_net_ads_dns.sh
@@ -0,0 +1,81 @@
+#!/bin/sh
+# Blackbox tests for net ads dns register etc.
+# Copyright (C) 2006-2007 Jelmer Vernooij <jelmer at samba.org>
+# Copyright (C) 2006-2008 Andrew Bartlett <abartlet at samba.org>
+
+if [ $# -lt 4 ]; then
+cat <<EOF
+Usage: test_net_ads_dns.sh SERVER DC_USERNAME DC_PASSWORD REALM USER PASS
+EOF
+exit 1;
+fi
+
+SERVER=$1
+DC_USERNAME=$2
+DC_PASSWORD=$3
+REALM=$4
+USERNAME=$5
+PASSWORD=$6
+shift 6
+failed=0
+
+samba4bindir="$BINDIR"
+samba4kinit=kinit
+if test -x $BINDIR/samba4kinit; then
+ samba4kinit=$BINDIR/samba4kinit
+fi
+
+samba_tool="$samba4bindir/samba-tool"
+net_tool="$samba4bindir/net"
+smbpasswd="$samba4bindir/smbpasswd"
+texpect="$samba4bindir/texpect"
+samba4kpasswd=kpasswd
+if test -x $BINDIR/samba4kpasswd; then
+ samba4kpasswd=$BINDIR/samba4kpasswd
+fi
+
+newuser="$samba_tool user create"
+groupaddmem="$samba_tool group addmembers"
+
+. `dirname $0`/subunit.sh
+
+UID_WRAPPER_ROOT=1
+export UID_WRAPPER_ROOT
+
+IPADDRESS=10.1.4.111
+IPADDRMAC=10.1.4.124
+NAME=testname
+
+# These tests check that privileged users can add DNS names and that
+# unprivileged users cannot do so.
+echo "Starting ..."
+
+testit "admin user should be able to add a DNS entry $NAME.$REALM $IPADDRESS" $VALGRIND $net_tool ads dns register $NAME.$REALM $IPADDRESS -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+
+# The complicated pipeline is to ensure that we remove exclamation points
+# and spaces from the output. Thew will screw up the comparison syntax.
+testit "We should be able to see the new name $NAME.$REALM" [ X"`$VALGRIND $net_tool ads dns gethostbyname $SERVER $NAME.$REALM -U$DC_USERNAME%$DC_PASSWORD | tr \! N | tr " " B`" = X"$IPADDRESS" ] || failed=`expr $failed + 1`
+
+testit "We should be able to unregister the name $NAME.$REALM $IPADDRESS" $VALGRIND $net_tool ads dns unregister $NAME.$REALM -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+
+# The complicated pipeline is to ensure that we remove exclamation points
+# and spaces from the output. Thew will screw up the comparison syntax.
+testit "The name $NAME.$REALM should not be there any longer" test X"`$net_tool ads dns gethostbyname $SERVER $NAME.$REALM -U$DC_USERNAME%$DC_PASSWORD | tr " " B | tr \! N`" != X"$IPADDRESS" || failed=`expr $failed + 1`
+
+# This should be an expect_failure test ...
+# testit "unprivileged users should not be able to add a DNS entry" $VALGRIND $net_tool ads dns register funnyname2.$REALM 10.1.4.112 -U$USERNAME%$PASSWORD && failed=`expr $failed + 1`
+
+# This should work as well
+testit "machine account should be able to add a DNS entry net ads dns register membername.$REALM $IPADDRMAC -P " $net_tool ads dns register membername.$REALM $IPADDRMAC -P || failed=`expr $failed + 1`
+
+# The complicated pipeline is to ensure that we remove exclamation points
+# and spaces from the output. Thew will screw up the comparison syntax.
+testit "We should be able to see the new name membername.$REALM using -P" [ X"`$VALGRIND $net_tool ads dns gethostbyname $SERVER membername.$REALM -P | tr \! N | tr " " B`" = X"$IPADDRMAC" ] || failed=`expr $failed + 1`
+
+testit "We should be able to unregister the name $NAME.$REALM $IPADDRESS" $VALGRIND $net_tool ads dns unregister $NAME.$REALM -P || failed=`expr $failed + 1`
+
+# The complicated pipeline is to ensure that we remove exclamation points
+# and spaces from the output. Thew will screw up the comparison syntax.
+testit "The name $NAME.$REALM should not be there any longer" test X"`$net_tool ads dns gethostbyname $SERVER $NAME.$REALM -P | tr " " B | tr \! N`" != X"$IPADDRESS" || failed=`expr $failed + 1`
+
+exit $failed
--
Samba Shared Repository
More information about the samba-cvs
mailing list