[SCM] Samba Shared Repository - branch master updated

Andreas Schneider asn at samba.org
Thu Nov 30 00:48:03 UTC 2017 

The branch, master has been updated
       via  9f9c5d3 testprogs: Fix a typo in the net ads test
       via  4be05c8 testprogs: Test net ads keytab list
       via  3048ae3 s3:libads: net ads keytab list fails with "Key table name malformed"
      from  926b8be winbindd: Name<->SID cache is not sequence number based anymore

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 9f9c5d33c434b192d38a9758067fb0513041c0f0
Author: Noel Power <noel.power at suse.com>
Date:   Wed Nov 29 13:52:32 2017 +0100

    testprogs: Fix a typo in the net ads test
    
    Signed-off-by: Noel Power <noel.power at suse.com>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    
    Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
    Autobuild-Date(master): Thu Nov 30 01:47:24 CET 2017 on sn-devel-144

commit 4be05c835e9d8b8f13856d592aaf42b40ce397c2
Author: Noel Power <noel.power at suse.com>
Date:   Fri Nov 24 07:06:27 2017 +0000

    testprogs: Test net ads keytab list
    
    Test that correct keytab is picked up.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13166
    
    Signed-off-by: Noel Power <noel.power at suse.com>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit 3048ae318fc8b4d1b7663826972306372430a463
Author: Noel Power <noel.power at suse.com>
Date:   Thu Nov 23 15:55:21 2017 +0000

    s3:libads: net ads keytab list fails with "Key table name malformed"
    
    When keytab_name is NULL don't call smb_krb5_kt_open use ads_keytab_open
    instead, this function will determine the correct keytab to use.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13166
    
    Signed-off-by: Noel Power <noel.power at suse.com>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/libads/kerberos_keytab.c   |  6 +++++-
 testprogs/blackbox/test_net_ads.sh | 15 ++++++++++++++-
 2 files changed, 19 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index ff12ec0..ffd100c 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -639,7 +639,11 @@ int ads_keytab_list(const char *keytab_name)
 		return ret;
 	}
 
-	ret = smb_krb5_kt_open(context, keytab_name, False, &keytab);
+	if (keytab_name == NULL) {
+		ret = ads_keytab_open(context, &keytab);
+	} else {
+		ret = smb_krb5_kt_open(context, keytab_name, False, &keytab);
+	}
 	if (ret) {
 		DEBUG(1, ("smb_krb5_kt_open failed (%s)\n",
 			  error_message(ret)));
diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh
index bbd99b6..16f77f5 100755
--- a/testprogs/blackbox/test_net_ads.sh
+++ b/testprogs/blackbox/test_net_ads.sh
@@ -39,13 +39,26 @@ testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || fail
 
 # Test with kerberos method = secrets and keytab
 dedicated_keytab_file="$PREFIX_ABS/test_net_ads_dedicated_krb5.keytab"
-testit "join (decicated keytab)" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
+testit "join (dedicated keytab)" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
 
 testit "testjoin (dedicated keytab)" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
 
 testit "changetrustpw (dedicated keytab)" $VALGRIND $net_tool ads changetrustpw || failed=`expr $failed + 1`
 
 testit "leave (dedicated keytab)" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+
+# if there is no keytab, try and create it
+if [ ! -f $dedicated_keytab_file ]; then
+  if [ $(command -v ktutil) >/dev/null ]; then
+    printf "addent -password -p $DC_USERNAME@$REALM -k 1 -e rc4-hmac\n$DC_PASSWORD\nwkt $dedicated_keytab_file\n" | ktutil
+  fi
+fi
+
+if [  -f $dedicated_keytab_file ]; then
+  testit "keytab list (dedicated keytab)" $VALGRIND $net_tool ads keytab list --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
+  testit "keytab list keytab specified on cmdline" $VALGRIND $net_tool ads keytab list $dedicated_keytab_file || failed=`expr $failed + 1`
+fi
+
 rm -f $dedicated_keytab_file
 
 testit_expect_failure "testjoin(not joined)" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`


-- 
Samba Shared Repository

More information about the samba-cvs mailing list