[SCM] Samba Shared Repository - branch master updated
Tim Beale
timbeale at samba.org
Tue Nov 6 06:16:02 UTC 2018
The branch, master has been updated
via 2229f46 drs_utils: Avoid invalid dereference of v8 requests
via 63bfdb3 drs_utils: Fix some long lines
via c21a8ed libnet: Reset debug counters after replicating critical objects
via 02d41fe join: Fix join large-DB timeout against Windows
from e355a6b s4/selftest: enable samba.tests.samba_tool.gpo for PY3
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 2229f4620d563ce0f0ea256dd89ce248c6656b9e
Author: Tim Beale <timbeale at catalyst.net.nz>
Date: Mon Nov 5 17:01:55 2018 +1300
drs_utils: Avoid invalid dereference of v8 requests
req.more_flags only exists for v10 requests, so we throw an exception if
we try to dereference that field on a v8 (or v5) request. Unfortunately,
we were checking that we support v10 *after* we had tried to access the
more_flags. This patch fixes up the order of the checks.
This may be a problem trying to replicate with an older Windows DC
(pre-2008R2), and was reported on the samba mailing-list at one point:
https://lists.samba.org/archive/samba/2018-June/216541.html
Unfortunately this patch doesn't help the overall situation at all (the
join will fail because we can't resolve the link target and we can't use
GET_TGT). But it now gives you a more meaningful error, i.e.
ERROR(runtime): uncaught exception - (8639, "Failed to process 'chunk'
of DRS replicated objects: DOS code 0x000021bf"
instead of:
ERROR(<type 'exceptions.AttributeError'>): uncaught exception -
'drsuapi.DsGetNCChangesRequest8' object has no attribute 'more_flags'
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Tim Beale <timbeale at samba.org>
Autobuild-Date(master): Tue Nov 6 07:15:33 CET 2018 on sn-devel-144
commit 63bfdb3c1150eec64bf3d78e1f2b9749ef077831
Author: Tim Beale <timbeale at catalyst.net.nz>
Date: Mon Nov 5 16:54:05 2018 +1300
drs_utils: Fix some long lines
Tweak the code slightly to avoid some 80+ character lines.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit c21a8ed5948d04881a8900e41386dcdfbdeef326
Author: Tim Beale <timbeale at catalyst.net.nz>
Date: Mon Nov 5 16:34:15 2018 +1300
libnet: Reset debug counters after replicating critical objects
Reset the debug counters once we have finished replicating a given
partition. This helps if we replicate the same partition immediately
afterward with different options.
This helps the DC join debug look less weird. Because it replicates the
critical objects first, and then the base partition, previously it
always ended up overcounting, e.g.
Partition[DC=addom,DC=samba,DC=example,DC=com] objects[314/218]
linked_values[48/24]
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 02d41fea33e3ad521fbef2d4f00af2db35edd9d9
Author: Tim Beale <timbeale at catalyst.net.nz>
Date: Mon Nov 5 14:30:14 2018 +1300
join: Fix join large-DB timeout against Windows
The LDAP connection can also timeout when trying to join a Windows DC
with a very large database. However, in this case Windows gives a
slightly different error message (NT_STATUS_CONNECTION_RESET instead of
NT_STATUS_CONNECTION_DISCONNECTED).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13612
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
python/samba/drs_utils.py | 15 +++++++++------
python/samba/join.py | 3 ++-
source4/libnet/libnet_vampire.c | 6 ++++++
3 files changed, 17 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/drs_utils.py b/python/samba/drs_utils.py
index dcd4d73..43d1b4a 100644
--- a/python/samba/drs_utils.py
+++ b/python/samba/drs_utils.py
@@ -25,7 +25,9 @@ from samba import werror
from samba import WERRORError
import samba
import ldb
-from samba.dcerpc.drsuapi import DRSUAPI_ATTID_name
+from samba.dcerpc.drsuapi import (DRSUAPI_ATTID_name,
+ DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8,
+ DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10)
import re
@@ -204,7 +206,7 @@ class drs_Replicate(object):
def __init__(self, binding_string, lp, creds, samdb, invocation_id):
self.drs = drsuapi.drsuapi(binding_string, lp, creds)
- (self.drs_handle, self.supported_extensions) = drs_DsBind(self.drs)
+ (self.drs_handle, self.supports_ext) = drs_DsBind(self.drs)
self.net = Net(creds=creds, lp=lp)
self.samdb = samdb
if not isinstance(invocation_id, misc.GUID):
@@ -219,13 +221,14 @@ class drs_Replicate(object):
# If the error indicates we fail to resolve a target object for a
# linked attribute, then we should retry the request with GET_TGT
# (if we support it and haven't already tried that)
+ supports_ext = self.supports_ext
# TODO fix up the below line when we next update werror_err_table.txt
# and pull in the new error-code
# return (error_code == werror.WERR_DS_DRA_RECYCLED_TARGET and
return (error_code == 0x21bf and
- (req.more_flags & drsuapi.DRSUAPI_DRS_GET_TGT) == 0 and
- self.supported_extensions & drsuapi.DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10)
+ supports_ext & DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10 and
+ (req.more_flags & drsuapi.DRSUAPI_DRS_GET_TGT) == 0)
def process_chunk(self, level, ctr, schema, req_level, req, first_chunk):
'''Processes a single chunk of received replication data'''
@@ -239,7 +242,7 @@ class drs_Replicate(object):
'''replicate a single DN'''
# setup for a GetNCChanges call
- if self.supported_extensions & drsuapi.DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10:
+ if self.supports_ext & DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10:
req = drsuapi.DsGetNCChangesRequest10()
req.more_flags = (more_flags | self.more_flags)
req_level = 10
@@ -319,7 +322,7 @@ class drs_Replicate(object):
if not schema and rodc:
req.partial_attribute_set = drs_get_rodc_partial_attribute_set(self.samdb)
- if not self.supported_extensions & drsuapi.DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8:
+ if not self.supports_ext & DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8:
req_level = 5
req5 = drsuapi.DsGetNCChangesRequest5()
for a in dir(req5):
diff --git a/python/samba/join.py b/python/samba/join.py
index c2d9254..343b1a5 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -1031,7 +1031,8 @@ class DCJoinContext(object):
# if the connection was disconnected, then reconnect
if (enum == ldb.ERR_OPERATIONS_ERROR and
- 'NT_STATUS_CONNECTION_DISCONNECTED' in estr):
+ ('NT_STATUS_CONNECTION_DISCONNECTED' in estr or
+ 'NT_STATUS_CONNECTION_RESET' in estr)):
ctx.logger.warning("LDB connection disconnected. Reconnecting")
ctx.samdb = SamDB(url="ldap://%s" % ctx.server,
session_info=system_session(),
diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c
index 5bd8df1..6167493 100644
--- a/source4/libnet/libnet_vampire.c
+++ b/source4/libnet/libnet_vampire.c
@@ -781,6 +781,12 @@ WERROR libnet_vampire_cb_store_chunk(void *private_data,
return status;
}
+ /* reset debug counters once we've finished replicating the partition */
+ if (!c->partition->more_data) {
+ s->total_objects = 0;
+ s->total_links = 0;
+ }
+
talloc_free(s_dsa);
talloc_free(objs);
--
Samba Shared Repository
More information about the samba-cvs
mailing list