[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Tue Sep 4 03:24:02 UTC 2018
The branch, master has been updated
via c86f6c2 s4: torture: Ensure we close the handle on the correct tree-id.
via 1799633 s4: torture: Ensure we can't exit without deleting our directory.
via f98f8e3 s4: torture: Ensure all notify tests use separate directories.
via fb047b3 Update Samba URLs from http:// to https://
via fc4df25 waf: Add -fstack-clash-protection
via 38e97f8 waf: Check for -fstack-protect-strong support
via 2099add s4:rpc_server/netlogon: don't treet trusted domains as primary in LogonGetDomainInfo()
via ef0b489 s4:rpc_server/netlogon: make use of talloc_zero_array() for the netr_OneDomainInfo array
via 61333f7 s4:rpc_server/netlogon: use samdb_domain_guid()/dsdb_trust_local_tdo_info() to build our netr_OneDomainInfo values
via 0e442e0 s4:dsdb/common: add samdb_domain_guid() helper function
via c1b0ac9 dsdb:util_trusts: add dsdb_trust_local_tdo_info() helper function
via f5f96f5 dsdb/util_trusts: domain_dn is an input parameter of dsdb_trust_crossref_tdo_info()
via d5dd8fd s4:torture/rpc/netlogon: verify the trusted domains output of LogonGetDomainInfo()
via dffc182 s4:torture/rpc/netlogon: assert that cli_credentials_get_{workstation,password} don't return NULL
from 05e618c dbwrap_tool: We don't do "listwatchers" anymore
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c86f6c2916c0c87efffe2d5b48f231a073b8c33e
Author: Jeremy Allison <jra at samba.org>
Date: Fri Aug 31 15:44:16 2018 -0700
s4: torture: Ensure we close the handle on the correct tree-id.
Otherwise we leave a directory behind on exit.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Sep 4 05:23:57 CEST 2018 on sn-devel-144
commit 1799633cb9ac574c8c3f44bbfebc59b8033243f1
Author: Jeremy Allison <jra at samba.org>
Date: Fri Aug 31 15:43:41 2018 -0700
s4: torture: Ensure we can't exit without deleting our directory.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit f98f8e3e8145cf117a133c429d6238a2ba91942e
Author: Jeremy Allison <jra at samba.org>
Date: Fri Aug 31 15:42:26 2018 -0700
s4: torture: Ensure all notify tests use separate directories.
Makes it much easier to find tests that error out whilst
leaving directories behind.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit fb047b3d0886cd45e142ae6b8f031ae2245b4505
Author: Robert Scheck <robert at fedoraproject.org>
Date: Sun Sep 2 01:19:50 2018 +0200
Update Samba URLs from http:// to https://
Reviewed-by: Volker Lendecke <Volker.Lendecke at SerNet.DE>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit fc4df251c88365142515a81bea1120b2b84cc4a0
Author: Andreas Schneider <asn at samba.org>
Date: Mon Sep 3 10:49:52 2018 +0200
waf: Add -fstack-clash-protection
https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13601
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 38e97f8b52e85bdfcf2d74a4fb3c848fa46ba371
Author: Andreas Schneider <asn at samba.org>
Date: Mon Sep 3 10:35:08 2018 +0200
waf: Check for -fstack-protect-strong support
The -fstack-protector* flags are compiler only flags, don't pass them to
the linker.
https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13601
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2099add0657126e4a5427ec2db0fe8025478b355
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Aug 28 12:52:31 2018 +0200
s4:rpc_server/netlogon: don't treet trusted domains as primary in LogonGetDomainInfo()
We need to handle trusted domains differently than our primary
domain. The most important part is that we don't return
NETR_TRUST_FLAG_PRIMARY for them.
NETR_TRUST_FLAG_{INBOUND,OUTBOUND,IN_FOREST} are the relavant flags
for trusts.
This is an example of what Windows returns in a complex trust
environment:
netr_LogonGetDomainInfo: struct netr_LogonGetDomainInfo
out: struct netr_LogonGetDomainInfo
return_authenticator : *
return_authenticator: struct netr_Authenticator
cred: struct netr_Credential
data : f48b51ff12ff8c6c
timestamp : Tue Aug 28 22:59:03 2018 CEST
info : *
info : union netr_DomainInfo(case 1)
domain_info : *
domain_info: struct netr_DomainInformation
primary_domain: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0014 (20)
size : 0x0016 (22)
string : *
string : 'W2012R2-L4'
dns_domainname: struct lsa_StringLarge
length : 0x0020 (32)
size : 0x0022 (34)
string : *
string : 'w2012r2-l4.base.'
dns_forestname: struct lsa_StringLarge
length : 0x0020 (32)
size : 0x0022 (34)
string : *
string : 'w2012r2-l4.base.'
domain_guid : 0a133c91-8eac-4df0-96ac-ede69044a38b
domain_sid : *
domain_sid : S-1-5-21-2930975464-1937418634-1288008815
trust_extension: struct netr_trust_extension_container
length : 0x0000 (0)
size : 0x0000 (0)
info : NULL
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domain_count : 0x00000006 (6)
trusted_domains : *
trusted_domains: ARRAY(6)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x000e (14)
size : 0x0010 (16)
string : *
string : 'FREEIPA'
dns_domainname: struct lsa_StringLarge
length : 0x0018 (24)
size : 0x001a (26)
string : *
string : 'freeipa.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 00000000-0000-0000-0000-000000000000
domain_sid : *
domain_sid : S-1-5-21-429948374-2562621466-335716826
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0016 (22)
size : 0x0018 (24)
string : *
string : 'S1-W2012-L4'
dns_domainname: struct lsa_StringLarge
length : 0x0036 (54)
size : 0x0038 (56)
string : *
string : 's1-w2012-l4.w2012r2-l4.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : afe7fbde-af82-46cf-88a2-2df6920fc33e
domain_sid : *
domain_sid : S-1-5-21-1368093395-3821428921-3924672915
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000023 (35)
1: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000004 (4)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000020 (32)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
1: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0006 (6)
size : 0x0008 (8)
string : *
string : 'BLA'
dns_domainname: struct lsa_StringLarge
length : 0x0010 (16)
size : 0x0012 (18)
string : *
string : 'bla.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 00000000-0000-0000-0000-000000000000
domain_sid : *
domain_sid : S-1-5-21-4053568372-2049667917-3384589010
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x000c (12)
size : 0x000e (14)
string : *
string : 'S4XDOM'
dns_domainname: struct lsa_StringLarge
length : 0x0016 (22)
size : 0x0018 (24)
string : *
string : 's4xdom.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 00000000-0000-0000-0000-000000000000
domain_sid : *
domain_sid : S-1-5-21-313966788-4060240134-2249344781
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000022 (34)
0: NETR_TRUST_FLAG_IN_FOREST
1: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
1: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000008 (8)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
1: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0014 (20)
size : 0x0016 (22)
string : *
string : 'W2012R2-L4'
dns_domainname: struct lsa_StringLarge
length : 0x001e (30)
size : 0x0020 (32)
string : *
string : 'w2012r2-l4.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 0a133c91-8eac-4df0-96ac-ede69044a38b
domain_sid : *
domain_sid : S-1-5-21-2930975464-1937418634-1288008815
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x0000001d (29)
1: NETR_TRUST_FLAG_IN_FOREST
0: NETR_TRUST_FLAG_OUTBOUND
1: NETR_TRUST_FLAG_TREEROOT
1: NETR_TRUST_FLAG_PRIMARY
1: NETR_TRUST_FLAG_NATIVE
0: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000000 (0)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000000 (0)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
trusted_domains: struct netr_OneDomainInfo
domainname: struct lsa_StringLarge
length : 0x0016 (22)
size : 0x0018 (24)
string : *
string : 'S2-W2012-L4'
dns_domainname: struct lsa_StringLarge
length : 0x004e (78)
size : 0x0050 (80)
string : *
string : 's2-w2012-l4.s1-w2012-l4.w2012r2-l4.base'
dns_forestname: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
domain_guid : 29daace6-cded-4ce3-a754-7482a4d9127c
domain_sid : *
domain_sid : S-1-5-21-167342819-981449877-2130266853
trust_extension: struct netr_trust_extension_container
length : 0x0010 (16)
size : 0x0010 (16)
info : *
info: struct netr_trust_extension
length : 0x00000008 (8)
dummy : 0x00000000 (0)
size : 0x00000008 (8)
flags : 0x00000001 (1)
1: NETR_TRUST_FLAG_IN_FOREST
0: NETR_TRUST_FLAG_OUTBOUND
0: NETR_TRUST_FLAG_TREEROOT
0: NETR_TRUST_FLAG_PRIMARY
0: NETR_TRUST_FLAG_NATIVE
0: NETR_TRUST_FLAG_INBOUND
0: NETR_TRUST_FLAG_MIT_KRB5
0: NETR_TRUST_FLAG_AES
parent_index : 0x00000001 (1)
trust_type : LSA_TRUST_TYPE_UPLEVEL (2)
trust_attributes : 0x00000000 (0)
0: LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY
0: LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN
0: LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE
0: LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION
0: LSA_TRUST_ATTRIBUTE_WITHIN_FOREST
0: LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL
0: LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_long1 : 0x00000000 (0)
dummy_long2 : 0x00000000 (0)
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
lsa_policy: struct netr_LsaPolicyInformation
policy_size : 0x00000000 (0)
policy : NULL
dns_hostname: struct lsa_StringLarge
length : 0x0036 (54)
size : 0x0038 (56)
string : *
string : 'torturetest.w2012r2-l4.base'
dummy_string2: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string3: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
dummy_string4: struct lsa_StringLarge
length : 0x0000 (0)
size : 0x0000 (0)
string : NULL
workstation_flags : 0x00000003 (3)
1: NETR_WS_FLAG_HANDLES_INBOUND_TRUSTS
1: NETR_WS_FLAG_HANDLES_SPN_UPDATE
supported_enc_types : 0x0000001f (31)
1: KERB_ENCTYPE_DES_CBC_CRC
1: KERB_ENCTYPE_DES_CBC_MD5
1: KERB_ENCTYPE_RC4_HMAC_MD5
1: KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96
1: KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96
0: KERB_ENCTYPE_FAST_SUPPORTED
0: KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED
0: KERB_ENCTYPE_CLAIMS_SUPPORTED
0: KERB_ENCTYPE_RESOURCE_SID_COMPRESSION_DISABLED
dummy_long3 : 0x00000000 (0)
dummy_long4 : 0x00000000 (0)
result : NT_STATUS_OK
Best viewed with: git show --histogram -w
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit ef0b489ad0d93199e08415dd895da5cfe2d1c11a
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Aug 28 16:30:17 2018 +0200
s4:rpc_server/netlogon: make use of talloc_zero_array() for the netr_OneDomainInfo array
It's much safer than having uninitialized memory when we hit an error
case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 61333f7787d78e3ec5c7bd2874d5a0f1f536275a
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Aug 28 11:46:16 2018 +0200
s4:rpc_server/netlogon: use samdb_domain_guid()/dsdb_trust_local_tdo_info() to build our netr_OneDomainInfo values
The logic for constructing the values for our own primary domain differs
from the values of trusted domains. In order to make the code easier to
understand we have a new fill_our_one_domain_info() helper that
only takes care of our primary domain.
The cleanup for the trust case will follow in a separate commit.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 0e442e094240abbf79aaca00a9d1a053a200a7e8
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Aug 28 11:52:27 2018 +0200
s4:dsdb/common: add samdb_domain_guid() helper function
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit c1b0ac95db5c6112d90356c7ada8c3d445e9b668
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Feb 1 23:09:26 2018 +0100
dsdb:util_trusts: add dsdb_trust_local_tdo_info() helper function
This is similar to dsdb_trust_xref_tdo_info(), but will also work
if we ever support more than one domain in our forest.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit f5f96f558b499770cdeb3d38998167a387e058b9
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Feb 1 23:08:08 2018 +0100
dsdb/util_trusts: domain_dn is an input parameter of dsdb_trust_crossref_tdo_info()
We should not overwrite it within the function.
Currently it doesn't matter as we don't have multiple domains
within our forest, but that will change in future.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit d5dd8fdc647d6a202c5da0451d395116c2cd92b9
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Aug 28 17:46:46 2018 +0200
s4:torture/rpc/netlogon: verify the trusted domains output of LogonGetDomainInfo()
This makes sure we don't treat trusted domains in the same way we treat
our primary domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit dffc182c6943d21513d8db9f6cf66bdc09206b17
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Sep 3 09:55:18 2018 +0200
s4:torture/rpc/netlogon: assert that cli_credentials_get_{workstation,password} don't return NULL
This is better that generating a segfault while dereferencing a NULL
pointer later.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11517
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
README | 22 +-
buildtools/wafsamba/samba_autoconf.py | 53 ++--
source4/dsdb/common/util.c | 55 ++++
source4/dsdb/common/util_trusts.c | 22 +-
source4/rpc_server/netlogon/dcerpc_netlogon.c | 234 ++++++++++-----
source4/torture/rpc/netlogon.c | 146 +++++++++-
source4/torture/smb2/notify.c | 392 +++++++++++++++-----------
7 files changed, 660 insertions(+), 264 deletions(-)
Changeset truncated at 500 lines:
diff --git a/README b/README
index bdc1cb2..14e14b1 100644
--- a/README
+++ b/README
@@ -11,7 +11,7 @@ NOTE: Installation instructions may be found
docs/htmldocs/Samba3-HOWTO/install.html
For the AD DC implementation a full HOWTO is provided at:
- http://wiki.samba.org/index.php/Samba4/HOWTO
+ https://wiki.samba.org/index.php/Samba4/HOWTO
This software is freely distributable under the GNU public license, a
copy of which you should have received with this software (in a file
@@ -36,7 +36,7 @@ both public specifications and widely implemented in desktop machines
by default.
The Common Internet File system (CIFS) is what the new SMB initiative
-is called. For details watch http://samba.org/cifs.
+is called. For details watch https://www.samba.org/cifs/.
WHY DO PEOPLE WANT TO USE SMB?
@@ -83,7 +83,7 @@ a complete replacement for Windows NT, Warp, NFS or Netware servers."
functionality, which can be used on Samba, NT workstation and NT server.
For a much better overview have a look at the web site at
-http://samba.org/samba, and browse the user survey.
+https://www.samba.org/samba/, and browse the user survey.
Related packages include:
@@ -118,16 +118,16 @@ CONTRIBUTIONS
2. If you want to contribute to the development of the software then
please join the mailing list. The Samba team accepts patches
-(preferably in "diff -u" format, see http://samba.org/samba/devel/
+(preferably in "diff -u" format, see https://www.samba.org/samba/devel/
for more details) and are always glad to receive feedback or
suggestions to the address samba at lists.samba.org. More information
-on the various Samba mailing lists can be found at http://lists.samba.org/.
+on the various Samba mailing lists can be found at https://lists.samba.org/.
You can also get the Samba sourcecode straight from the git repository - see
-http://wiki.samba.org/index.php/Using_Git_for_Samba_Development.
+https://wiki.samba.org/index.php/Using_Git_for_Samba_Development.
If you like a particular feature then look through the git change-log
-(on the web at http://gitweb.samba.org/?p=samba.git;a=summary) and see
+(on the web at https://gitweb.samba.org/?p=samba.git;a=summary) and see
who added it, then send them an email.
Remember that free software of this kind lives or dies by the response
@@ -159,15 +159,15 @@ MAILING LIST
Please do NOT send subscription/unsubscription requests to the lists!
There is a mailing list for discussion of Samba. For details go to
-<http://lists.samba.org/> or send mail to <samba-subscribe at lists.samba.org>
+<https://lists.samba.org/> or send mail to <samba-subscribe at lists.samba.org>
There is also an announcement mailing list where new versions are
-announced. To subscribe go to <http://lists.samba.org/> or send mail
+announced. To subscribe go to <https://lists.samba.org/> or send mail
to <samba-announce-subscribe at lists.samba.org>. All announcements also
go to the samba list, so you only need to be on one.
For details of other Samba mailing lists and for access to archives, see
-<http://lists.samba.org/>
+<https://lists.samba.org/>
MAILING LIST ETIQUETTE
@@ -220,7 +220,7 @@ WEB SITE
A Samba WWW site has been setup with lots of useful info. Connect to:
-http://samba.org/
+https://www.samba.org/
As well as general information and documentation, this also has searchable
archives of the mailing list and a user survey that shows who else is using
diff --git a/buildtools/wafsamba/samba_autoconf.py b/buildtools/wafsamba/samba_autoconf.py
index c4391d0..f2b3ec8 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -674,23 +674,42 @@ def SAMBA_CONFIG_H(conf, path=None):
return
# we need to build real code that can't be optimized away to test
- if conf.check(fragment='''
- #include <stdio.h>
-
- int main(void)
- {
- char t[100000];
- while (fgets(t, sizeof(t), stdin));
- return 0;
- }
- ''',
- execute=0,
- ccflags='-fstack-protector',
- ldflags='-fstack-protector',
- mandatory=False,
- msg='Checking if toolchain accepts -fstack-protector'):
- conf.ADD_CFLAGS('-fstack-protector')
- conf.ADD_LDFLAGS('-fstack-protector')
+ stack_protect_list = ['-fstack-protector-strong', '-fstack-protector']
+ for stack_protect_flag in stack_protect_list:
+ flag_supported = conf.check(fragment='''
+ #include <stdio.h>
+
+ int main(void)
+ {
+ char t[100000];
+ while (fgets(t, sizeof(t), stdin));
+ return 0;
+ }
+ ''',
+ execute=0,
+ ccflags=[ '-Werror', '-Wp,-D_FORTIFY_SOURCE=2', stack_protect_flag],
+ mandatory=False,
+ msg='Checking if compiler accepts %s' % (stack_protect_flag))
+ if flag_supported:
+ conf.ADD_CFLAGS('-Wp,-D_FORTIFY_SOURCE=2 %s' % (stack_protect_flag))
+ break
+
+ flag_supported = conf.check(fragment='''
+ #include <stdio.h>
+
+ int main(void)
+ {
+ char t[100000];
+ while (fgets(t, sizeof(t), stdin));
+ return 0;
+ }
+ ''',
+ execute=0,
+ ccflags=[ '-Werror', '-fstack-clash-protection'],
+ mandatory=False,
+ msg='Checking if compiler accepts -fstack-clash-protection')
+ if flag_supported:
+ conf.ADD_CFLAGS('-fstack-clash-protection')
if Options.options.debug:
conf.ADD_CFLAGS('-g', testflags=True)
diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
index 36c98df..193fa2a 100644
--- a/source4/dsdb/common/util.c
+++ b/source4/dsdb/common/util.c
@@ -1296,6 +1296,61 @@ failed:
return false;
}
+/*
+ work out the domain guid for the current open ldb
+*/
+const struct GUID *samdb_domain_guid(struct ldb_context *ldb)
+{
+ TALLOC_CTX *tmp_ctx = NULL;
+ struct GUID *domain_guid = NULL;
+ const char *attrs[] = {
+ "objectGUID",
+ NULL
+ };
+ struct ldb_result *res = NULL;
+ int ret;
+
+ /* see if we have a cached copy */
+ domain_guid = (struct GUID *)ldb_get_opaque(ldb, "cache.domain_guid");
+ if (domain_guid) {
+ return domain_guid;
+ }
+
+ tmp_ctx = talloc_new(ldb);
+ if (tmp_ctx == NULL) {
+ goto failed;
+ }
+
+ ret = ldb_search(ldb, tmp_ctx, &res, ldb_get_default_basedn(ldb), LDB_SCOPE_BASE, attrs, "objectGUID=*");
+ if (ret != LDB_SUCCESS) {
+ goto failed;
+ }
+
+ if (res->count != 1) {
+ goto failed;
+ }
+
+ domain_guid = talloc(tmp_ctx, struct GUID);
+ if (domain_guid == NULL) {
+ goto failed;
+ }
+ *domain_guid = samdb_result_guid(res->msgs[0], "objectGUID");
+
+ /* cache the domain_sid in the ldb */
+ if (ldb_set_opaque(ldb, "cache.domain_guid", domain_guid) != LDB_SUCCESS) {
+ goto failed;
+ }
+
+ talloc_steal(ldb, domain_guid);
+ talloc_free(tmp_ctx);
+
+ return domain_guid;
+
+failed:
+ talloc_free(tmp_ctx);
+ return NULL;
+}
+
bool samdb_set_ntds_settings_dn(struct ldb_context *ldb, struct ldb_dn *ntds_settings_dn_in)
{
TALLOC_CTX *tmp_ctx;
diff --git a/source4/dsdb/common/util_trusts.c b/source4/dsdb/common/util_trusts.c
index 7dcbea2..40777ec 100644
--- a/source4/dsdb/common/util_trusts.c
+++ b/source4/dsdb/common/util_trusts.c
@@ -482,12 +482,6 @@ static NTSTATUS dsdb_trust_crossref_tdo_info(TALLOC_CTX *mem_ctx,
*_trust_parent_tdo = NULL;
}
- domain_dn = ldb_get_default_basedn(sam_ctx);
- if (domain_dn == NULL) {
- TALLOC_FREE(frame);
- return NT_STATUS_INTERNAL_ERROR;
- }
-
partitions_dn = samdb_partitions_dn(sam_ctx, frame);
if (partitions_dn == NULL) {
TALLOC_FREE(frame);
@@ -834,6 +828,22 @@ static bool dsdb_trust_find_tln_ex_match(const struct lsa_ForestTrustInformation
return false;
}
+NTSTATUS dsdb_trust_local_tdo_info(TALLOC_CTX *mem_ctx,
+ struct ldb_context *sam_ctx,
+ struct lsa_TrustDomainInfoInfoEx **_tdo)
+{
+ struct ldb_dn *domain_dn = NULL;
+
+ domain_dn = ldb_get_default_basedn(sam_ctx);
+ if (domain_dn == NULL) {
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
+ return dsdb_trust_crossref_tdo_info(mem_ctx, sam_ctx,
+ domain_dn, NULL,
+ _tdo, NULL, NULL);
+}
+
NTSTATUS dsdb_trust_xref_tdo_info(TALLOC_CTX *mem_ctx,
struct ldb_context *sam_ctx,
struct lsa_TrustDomainInfoInfoEx **_tdo)
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index b4046bd..e96cd08 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -2192,57 +2192,122 @@ static WERROR dcesrv_netr_DsRGetSiteName(struct dcesrv_call_state *dce_call, TAL
/*
- fill in a netr_OneDomainInfo from a ldb search result
+ fill in a netr_OneDomainInfo from our own domain/forest
*/
-static NTSTATUS fill_one_domain_info(TALLOC_CTX *mem_ctx,
- struct loadparm_context *lp_ctx,
- struct ldb_context *sam_ctx,
- struct ldb_message *res,
- struct netr_OneDomainInfo *info,
- bool is_local, bool is_trust_list)
+static NTSTATUS fill_our_one_domain_info(TALLOC_CTX *mem_ctx,
+ const struct lsa_TrustDomainInfoInfoEx *our_tdo,
+ struct GUID domain_guid,
+ struct netr_OneDomainInfo *info,
+ bool is_trust_list)
{
ZERO_STRUCTP(info);
if (is_trust_list) {
+ struct netr_trust_extension *tei = NULL;
+
/* w2k8 only fills this on trusted domains */
- info->trust_extension.info = talloc_zero(mem_ctx, struct netr_trust_extension);
- info->trust_extension.length = 16;
- info->trust_extension.info->flags =
- NETR_TRUST_FLAG_TREEROOT |
- NETR_TRUST_FLAG_IN_FOREST |
- NETR_TRUST_FLAG_PRIMARY |
- NETR_TRUST_FLAG_NATIVE;
+ tei = talloc_zero(mem_ctx, struct netr_trust_extension);
+ if (tei == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ tei->flags |= NETR_TRUST_FLAG_PRIMARY;
- info->trust_extension.info->parent_index = 0; /* should be index into array
- of parent */
- info->trust_extension.info->trust_type = LSA_TRUST_TYPE_UPLEVEL; /* should be based on ldb search for trusts */
- info->trust_extension.info->trust_attributes = 0; /* TODO: base on ldb search? */
+ /*
+ * We're always within a native forest
+ */
+ tei->flags |= NETR_TRUST_FLAG_IN_FOREST;
+ tei->flags |= NETR_TRUST_FLAG_NATIVE;
+
+ /* For now we assume we're always the tree root */
+ tei->flags |= NETR_TRUST_FLAG_TREEROOT;
+ tei->parent_index = 0;
+
+ tei->trust_type = our_tdo->trust_type;
+ /*
+ * This needs to be 0 instead of our_tdo->trust_attributes
+ * It means LSA_TRUST_ATTRIBUTE_WITHIN_FOREST won't
+ * be set, while NETR_TRUST_FLAG_IN_FOREST is set above.
+ */
+ tei->trust_attributes = 0;
+
+ info->trust_extension.info = tei;
+ info->trust_extension.length = 16;
}
if (is_trust_list) {
+ info->dns_domainname.string = our_tdo->domain_name.string;
+
/* MS-NRPC 3.5.4.3.9 - must be set to NULL for trust list */
info->dns_forestname.string = NULL;
} else {
- info->dns_forestname.string = samdb_forest_name(sam_ctx, mem_ctx);
- NT_STATUS_HAVE_NO_MEMORY(info->dns_forestname.string);
- info->dns_forestname.string = talloc_asprintf(mem_ctx, "%s.", info->dns_forestname.string);
- NT_STATUS_HAVE_NO_MEMORY(info->dns_forestname.string);
+ info->dns_domainname.string = talloc_asprintf(mem_ctx, "%s.",
+ our_tdo->domain_name.string);
+ if (info->dns_domainname.string == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ info->dns_forestname.string = info->dns_domainname.string;
}
- if (is_local) {
- info->domainname.string = lpcfg_workgroup(lp_ctx);
- info->dns_domainname.string = lpcfg_dnsdomain(lp_ctx);
- info->domain_guid = samdb_result_guid(res, "objectGUID");
- info->domain_sid = samdb_result_dom_sid(mem_ctx, res, "objectSid");
- } else {
- info->domainname.string = ldb_msg_find_attr_as_string(res, "flatName", NULL);
- info->dns_domainname.string = ldb_msg_find_attr_as_string(res, "trustPartner", NULL);
- info->domain_guid = samdb_result_guid(res, "objectGUID");
- info->domain_sid = samdb_result_dom_sid(mem_ctx, res, "securityIdentifier");
+ info->domainname.string = our_tdo->netbios_name.string;
+ info->domain_sid = our_tdo->sid;
+ info->domain_guid = domain_guid;
+
+ return NT_STATUS_OK;
+}
+
+/*
+ fill in a netr_OneDomainInfo from a trust tdo
+*/
+static NTSTATUS fill_trust_one_domain_info(TALLOC_CTX *mem_ctx,
+ struct GUID domain_guid,
+ const struct lsa_TrustDomainInfoInfoEx *tdo,
+ struct netr_OneDomainInfo *info)
+{
+ struct netr_trust_extension *tei = NULL;
+
+ ZERO_STRUCTP(info);
+
+ /* w2k8 only fills this on trusted domains */
+ tei = talloc_zero(mem_ctx, struct netr_trust_extension);
+ if (tei == NULL) {
+ return NT_STATUS_NO_MEMORY;
}
- if (!is_trust_list) {
- info->dns_domainname.string = talloc_asprintf(mem_ctx, "%s.", info->dns_domainname.string);
+
+ if (tdo->trust_direction & LSA_TRUST_DIRECTION_INBOUND) {
+ tei->flags |= NETR_TRUST_FLAG_INBOUND;
+ }
+ if (tdo->trust_direction & LSA_TRUST_DIRECTION_OUTBOUND) {
+ tei->flags |= NETR_TRUST_FLAG_OUTBOUND;
}
+ if (tdo->trust_attributes & LSA_TRUST_ATTRIBUTE_WITHIN_FOREST) {
+ tei->flags |= NETR_TRUST_FLAG_IN_FOREST;
+ }
+
+ /*
+ * TODO: once we support multiple domains within our forest,
+ * we need to fill this correct (or let the caller do it
+ * for all domains marked with NETR_TRUST_FLAG_IN_FOREST).
+ */
+ tei->parent_index = 0;
+
+ tei->trust_type = tdo->trust_type;
+ tei->trust_attributes = tdo->trust_attributes;
+
+ info->trust_extension.info = tei;
+ info->trust_extension.length = 16;
+
+ info->domainname.string = tdo->netbios_name.string;
+ if (tdo->trust_type != LSA_TRUST_TYPE_DOWNLEVEL) {
+ info->dns_domainname.string = tdo->domain_name.string;
+ } else {
+ info->dns_domainname.string = NULL;
+ }
+ info->domain_sid = tdo->sid;
+ info->domain_guid = domain_guid;
+
+ /* MS-NRPC 3.5.4.3.9 - must be set to NULL for trust list */
+ info->dns_forestname.string = NULL;
return NT_STATUS_OK;
}
@@ -2258,19 +2323,29 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal
TALLOC_CTX *mem_ctx, struct netr_LogonGetDomainInfo *r)
{
struct netlogon_creds_CredentialState *creds;
- const char * const attrs[] = { "objectSid", "objectGUID", "flatName",
- "securityIdentifier", "trustPartner", NULL };
+ const char * const trusts_attrs[] = {
+ "securityIdentifier",
+ "flatName",
+ "trustPartner",
+ "trustAttributes",
+ "trustDirection",
+ "trustType",
+ NULL
+ };
const char * const attrs2[] = { "sAMAccountName", "dNSHostName",
"msDS-SupportedEncryptionTypes", NULL };
const char *sam_account_name, *old_dns_hostname, *prefix1, *prefix2;
struct ldb_context *sam_ctx;
- struct ldb_message **res1, **res2, **res3, *new_msg;
+ const struct GUID *our_domain_guid = NULL;
+ struct lsa_TrustDomainInfoInfoEx *our_tdo = NULL;
+ struct ldb_message **res1, *new_msg;
+ struct ldb_result *trusts_res = NULL;
struct ldb_dn *workstation_dn;
struct netr_DomainInformation *domain_info;
struct netr_LsaPolicyInformation *lsa_policy_info;
uint32_t default_supported_enc_types = 0xFFFFFFFF;
bool update_dns_hostname = true;
- int ret, ret3, i;
+ int ret, i;
NTSTATUS status;
status = dcesrv_netr_creds_server_step_check(dce_call,
@@ -2482,21 +2557,23 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal
/* Writes back the domain information */
- /* We need to do two searches. The first will pull our primary
- domain and the second will pull any trusted domains. Our
- primary domain is also a "trusted" domain, so we need to
- put the primary domain into the lists of returned trusts as
- well. */
- ret = gendb_search_dn(sam_ctx, mem_ctx, ldb_get_default_basedn(sam_ctx),
- &res2, attrs);
- if (ret != 1) {
+ our_domain_guid = samdb_domain_guid(sam_ctx);
+ if (our_domain_guid == NULL) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- ret3 = gendb_search(sam_ctx, mem_ctx, NULL, &res3, attrs,
- "(objectClass=trustedDomain)");
- if (ret3 == -1) {
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ status = dsdb_trust_local_tdo_info(mem_ctx, sam_ctx, &our_tdo);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ status = dsdb_trust_search_tdos(sam_ctx,
+ NULL, /* exclude */
+ trusts_attrs,
+ mem_ctx,
+ &trusts_res);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
domain_info = talloc(mem_ctx, struct netr_DomainInformation);
@@ -2506,31 +2583,52 @@ static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_cal
/* Informations about the local and trusted domains */
- status = fill_one_domain_info(mem_ctx,
- dce_call->conn->dce_ctx->lp_ctx,
- sam_ctx, res2[0], &domain_info->primary_domain,
- true, false);
- NT_STATUS_NOT_OK_RETURN(status);
+ status = fill_our_one_domain_info(mem_ctx,
+ our_tdo,
+ *our_domain_guid,
+ &domain_info->primary_domain,
+ false);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
- domain_info->trusted_domain_count = ret3 + 1;
--
Samba Shared Repository
More information about the samba-cvs
mailing list