[SCM] Samba Shared Repository - branch master updated
Christof Schmitt
cs at samba.org
Thu Apr 18 18:21:02 UTC 2019
The branch, master has been updated
via f7082723503 nsswitch: Fix usage information of test_wbinfo_name_lookup.sh
via aec9bda25f1 winbind: Use domain name from lsa query for sid_to_name cache entry
via 640e0ef4fd3 winbind: Return queried domain name from name_to_sid
via 32e3f0663be winbind: Query domain from winbind sam_name_to_sid
via 562551c0886 winbind: Query domain from winbind rpc name_to_sid
via 60b0e912371 winbind: Query domain from msrpc name_to_sid
via d006c769a9c nsswitch: Add testcase for checking output of wbinfo --sid-to-name
from 84f6fdcef3b .gitlab-ci.yml: run the samba-o3 job on each working container image
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit f708272350321a7c307f3ad86946de606c0b1377
Author: Christof Schmitt <cs at samba.org>
Date: Mon Mar 11 16:25:42 2019 -0700
nsswitch: Fix usage information of test_wbinfo_name_lookup.sh
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Christof Schmitt <cs at samba.org>
Autobuild-Date(master): Thu Apr 18 18:20:26 UTC 2019 on sn-devel-144
commit aec9bda25f10ca2710d91fb680cca7904e92f9de
Author: Christof Schmitt <cs at samba.org>
Date: Mon Mar 11 16:14:02 2019 -0700
winbind: Use domain name from lsa query for sid_to_name cache entry
When winbindd is asked to map a name like realm.com\name to a SID ,that
is sucessfully resolved through the lsa lookup name call. The same call
also returns the short domain name (netbios name of the domain). Use
that short domain name for the sid_to_name cache entry, so that
subsequent sid_to_name queries return the expected netbiosname\name
result and not realm.com\name.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13831
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
commit 640e0ef4fd338ddf03b813a8d45cce67c7ec7a01
Author: Christof Schmitt <cs at samba.org>
Date: Mon Mar 11 16:11:01 2019 -0700
winbind: Return queried domain name from name_to_sid
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13831
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
commit 32e3f0663be39cf4a81639c818fc88e959791673
Author: Christof Schmitt <cs at samba.org>
Date: Thu Mar 14 10:30:45 2019 -0700
winbind: Query domain from winbind sam_name_to_sid
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13831
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
commit 562551c0886bdef1f97059e16d375c2e97452b45
Author: Christof Schmitt <cs at samba.org>
Date: Mon Mar 11 15:54:21 2019 -0700
winbind: Query domain from winbind rpc name_to_sid
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13831
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
commit 60b0e91237179b8782c4bd83b9579f51d5af2928
Author: Christof Schmitt <cs at samba.org>
Date: Mon Mar 11 15:53:51 2019 -0700
winbind: Query domain from msrpc name_to_sid
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13831
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
commit d006c769a9cad275339b18b08e13d48acb29d7fc
Author: Christof Schmitt <cs at samba.org>
Date: Mon Mar 11 16:26:48 2019 -0700
nsswitch: Add testcase for checking output of wbinfo --sid-to-name
The username should always be returned in the DOMAISHORTNAME/USERNAME
format.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13831
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
-----------------------------------------------------------------------
Summary of changes:
nsswitch/tests/test_wbinfo_name_lookup.sh | 19 +++++++++++++++++--
source3/winbindd/winbindd.h | 1 +
source3/winbindd/winbindd_ads.c | 3 ++-
source3/winbindd/winbindd_cache.c | 5 +++--
source3/winbindd/winbindd_msrpc.c | 15 ++++++++++++++-
source3/winbindd/winbindd_reconnect.c | 5 +++--
source3/winbindd/winbindd_reconnect_ads.c | 5 +++--
source3/winbindd/winbindd_rpc.c | 15 ++++++++++++++-
source3/winbindd/winbindd_rpc.h | 1 +
source3/winbindd/winbindd_samr.c | 11 +++++++++++
10 files changed, 69 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/tests/test_wbinfo_name_lookup.sh b/nsswitch/tests/test_wbinfo_name_lookup.sh
index c1d39c1a602..6cc52f8094c 100755
--- a/nsswitch/tests/test_wbinfo_name_lookup.sh
+++ b/nsswitch/tests/test_wbinfo_name_lookup.sh
@@ -1,8 +1,8 @@
#!/bin/sh
# Blackbox test for wbinfo name lookup
-if [ $# -lt 2 ]; then
+if [ $# -lt 3 ]; then
cat <<EOF
-Usage: test_wbinfo.sh DOMAIN DC_USERNAME
+Usage: test_wbinfo.sh DOMAIN REALM DC_USERNAME
EOF
exit 1;
fi
@@ -31,6 +31,21 @@ testit "name-to-sid.upn" \
$wbinfo -n $DC_USERNAME@$REALM || \
failed=$(expr $failed + 1)
+testit "name-to-sid.realm-user" \
+ $wbinfo -n $REALM/$DC_USERNAME || \
+ failed=$(expr $failed + 1)
+
+# For the name-to-sid.realm-user query, ensure
+# that this does not change subsequent sid-to-name
+# queries.
+sid=$($wbinfo -n $REALM/$DC_USERNAME | sed -e 's/ .*//')
+out=$($wbinfo -s $sid | sed -e 's/ .//')
+# winbindd returns usernames in lowercase
+lcuser=$(echo $DC_USERNAME | tr A-Z a-z)
+testit "Verify DOMAIN/USER output" \
+ test "$out" = "$DOMAIN/$lcuser" || \
+ failed=$(expr $failed + 1)
+
# Two separator characters should fail
testit_expect_failure "name-to-sid.double-separator" \
$wbinfo -n $DOMAIN//$DC_USERNAME || \
diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h
index 7490d62a705..a72d6aa7830 100644
--- a/source3/winbindd/winbindd.h
+++ b/source3/winbindd/winbindd.h
@@ -225,6 +225,7 @@ struct winbindd_methods {
const char *domain_name,
const char *name,
uint32_t flags,
+ const char **pdom_name,
struct dom_sid *sid,
enum lsa_SidType *type);
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 4b5966dc237..5f20cfb7f76 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -558,11 +558,12 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain,
const char *domain_name,
const char *name,
uint32_t flags,
+ const char **pdom_name,
struct dom_sid *sid,
enum lsa_SidType *type)
{
return msrpc_methods.name_to_sid(domain, mem_ctx, domain_name, name,
- flags, sid, type);
+ flags, pdom_name, sid, type);
}
/* convert a domain SID to a user or group name - use rpc methods */
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index c686089d517..abdfd11dc53 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -1794,6 +1794,7 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain,
{
NTSTATUS status;
bool old_status;
+ const char *dom_name;
old_status = domain->online;
@@ -1820,7 +1821,7 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain,
winbindd_domain_init_backend(domain);
status = domain->backend->name_to_sid(domain, mem_ctx, domain_name,
- name, flags, sid, type);
+ name, flags, &dom_name, sid, type);
if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT) ||
NT_STATUS_EQUAL(status, NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND)) {
@@ -1855,7 +1856,7 @@ NTSTATUS wb_cache_name_to_sid(struct winbindd_domain *domain,
}
(void)strlower_m(discard_const_p(char, name));
wcache_save_sid_to_name(domain, status, sid,
- domain_name, name, save_type);
+ dom_name, name, save_type);
}
}
diff --git a/source3/winbindd/winbindd_msrpc.c b/source3/winbindd/winbindd_msrpc.c
index 203fbc6b56a..342f22cfde3 100644
--- a/source3/winbindd/winbindd_msrpc.c
+++ b/source3/winbindd/winbindd_msrpc.c
@@ -218,6 +218,7 @@ static NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain,
const char *domain_name,
const char *name,
uint32_t flags,
+ const char **pdom_name,
struct dom_sid *sid,
enum lsa_SidType *type)
{
@@ -226,6 +227,7 @@ static NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain,
enum lsa_SidType *types = NULL;
char *full_name = NULL;
const char *names[1];
+ const char **domains;
NTSTATUS name_map_status = NT_STATUS_UNSUCCESSFUL;
char *mapped_name = NULL;
@@ -260,13 +262,24 @@ static NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain,
names[0] = full_name;
result = winbindd_lookup_names(mem_ctx, domain, 1,
- names, NULL,
+ names, &domains,
&sids, &types);
if (!NT_STATUS_IS_OK(result))
return result;
/* Return rid and type if lookup successful */
+ if (pdom_name != NULL) {
+ const char *dom_name;
+
+ dom_name = talloc_strdup(mem_ctx, domains[0]);
+ if (dom_name == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ *pdom_name = dom_name;
+ }
+
sid_copy(sid, &sids[0]);
*type = types[0];
diff --git a/source3/winbindd/winbindd_reconnect.c b/source3/winbindd/winbindd_reconnect.c
index 1d0e8e6d472..56741d4670e 100644
--- a/source3/winbindd/winbindd_reconnect.c
+++ b/source3/winbindd/winbindd_reconnect.c
@@ -131,18 +131,19 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain,
const char *domain_name,
const char *name,
uint32_t flags,
+ const char **pdom_name,
struct dom_sid *sid,
enum lsa_SidType *type)
{
NTSTATUS result;
result = msrpc_methods.name_to_sid(domain, mem_ctx, domain_name, name,
- flags, sid, type);
+ flags, pdom_name, sid, type);
if (reconnect_need_retry(result, domain))
result = msrpc_methods.name_to_sid(domain, mem_ctx,
domain_name, name, flags,
- sid, type);
+ pdom_name, sid, type);
return result;
}
diff --git a/source3/winbindd/winbindd_reconnect_ads.c b/source3/winbindd/winbindd_reconnect_ads.c
index 0a0a14f6dd0..f77430572d0 100644
--- a/source3/winbindd/winbindd_reconnect_ads.c
+++ b/source3/winbindd/winbindd_reconnect_ads.c
@@ -137,18 +137,19 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain,
const char *domain_name,
const char *name,
uint32_t flags,
+ const char **pdom_name,
struct dom_sid *sid,
enum lsa_SidType *type)
{
NTSTATUS result;
result = ads_methods.name_to_sid(domain, mem_ctx, domain_name, name,
- flags, sid, type);
+ flags, pdom_name, sid, type);
if (reconnect_need_retry(result, domain)) {
result = ads_methods.name_to_sid(domain, mem_ctx,
domain_name, name, flags,
- sid, type);
+ pdom_name, sid, type);
}
return result;
diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c
index 6f7cb07f4e3..ffbaabcfe49 100644
--- a/source3/winbindd/winbindd_rpc.c
+++ b/source3/winbindd/winbindd_rpc.c
@@ -247,6 +247,7 @@ NTSTATUS rpc_name_to_sid(TALLOC_CTX *mem_ctx,
const char *domain_name,
const char *name,
uint32_t flags,
+ const char **pdom_name,
struct dom_sid *sid,
enum lsa_SidType *type)
{
@@ -254,6 +255,7 @@ NTSTATUS rpc_name_to_sid(TALLOC_CTX *mem_ctx,
struct dom_sid *sids = NULL;
char *full_name = NULL;
const char *names[1];
+ const char **domains;
char *mapped_name = NULL;
NTSTATUS status;
@@ -290,7 +292,7 @@ NTSTATUS rpc_name_to_sid(TALLOC_CTX *mem_ctx,
lsa_policy,
1, /* num_names */
names,
- NULL, /* domains */
+ &domains,
1, /* level */
&sids,
&types);
@@ -300,6 +302,17 @@ NTSTATUS rpc_name_to_sid(TALLOC_CTX *mem_ctx,
return status;
}
+ if (pdom_name != NULL) {
+ const char *dom_name;
+
+ dom_name = talloc_strdup(mem_ctx, domains[0]);
+ if (dom_name == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ *pdom_name = dom_name;
+ }
+
sid_copy(sid, &sids[0]);
*type = types[0];
diff --git a/source3/winbindd/winbindd_rpc.h b/source3/winbindd/winbindd_rpc.h
index 162f1ef3329..a5cfe77f289 100644
--- a/source3/winbindd/winbindd_rpc.h
+++ b/source3/winbindd/winbindd_rpc.h
@@ -53,6 +53,7 @@ NTSTATUS rpc_name_to_sid(TALLOC_CTX *mem_ctx,
const char *domain_name,
const char *name,
uint32_t flags,
+ const char **pdom_name,
struct dom_sid *psid,
enum lsa_SidType *ptype);
diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c
index 3727e8fa39f..396e2c97709 100644
--- a/source3/winbindd/winbindd_samr.c
+++ b/source3/winbindd/winbindd_samr.c
@@ -581,12 +581,14 @@ static NTSTATUS sam_name_to_sid(struct winbindd_domain *domain,
const char *domain_name,
const char *name,
uint32_t flags,
+ const char **pdom_name,
struct dom_sid *psid,
enum lsa_SidType *ptype)
{
struct rpc_pipe_client *lsa_pipe;
struct policy_handle lsa_policy = { 0 };
struct dom_sid sid;
+ const char *dom_name;
enum lsa_SidType type;
TALLOC_CTX *tmp_ctx;
NTSTATUS status;
@@ -615,6 +617,7 @@ again:
domain_name,
name,
flags,
+ &dom_name,
&sid,
&type);
@@ -627,6 +630,14 @@ again:
goto done;
}
+ if (pdom_name != NULL) {
+ *pdom_name = talloc_strdup(mem_ctx, dom_name);
+ if (*pdom_name == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+ }
+
if (psid) {
sid_copy(psid, &sid);
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list