[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Thu May 30 08:28:04 UTC 2019
The branch, master has been updated
via 320a5c5425e samba-tool: add 'import samba.drs_utils' to fsmo.py
via 6a2e3a15585 samba-tool: use only one LDAP modify for dns partition fsmo role transfer
via 0fbb013bef8 s4:torture:fsmo.py: remove unused 'net_cmd' variable
via 4793f8ed584 samba-tool: fix replication after dns partition fsmo role transfer
via 5e000a8487d s4:torture:fsmo.py: test role transfers of dns partitions
via e1a4fb52916 s4 lib rpc pyrpc: Fix error message
via 7f48fbcf7ba ldb: Avoid read beyond buffer
from 0ae585db267 samba-tool dns: use bytes for inet_ntop
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 320a5c5425e6ced18b1a9bf19b4f361ee16821ed
Author: Björn Baumbach <bb at sernet.de>
Date: Tue May 28 14:52:36 2019 +0200
samba-tool: add 'import samba.drs_utils' to fsmo.py
On some systems we're seeing this:
ERROR(<type 'exceptions.AttributeError'>): uncaught exception - 'module' object has no attribute 'drs_utils'
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 185, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 533, in run
transfer_dns_role(self.outf, sambaopts, credopts, role, samdb)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/fsmo.py", line 136, in transfer_dns_role
except samba.drs_utils.drsException as e:
E.g. it happens on debian stretch (9.9) with python 2.7.13 (on 4.10.4)
While it doesn't happen on ubuntu 18.04 with python 2.7.15rc1 or
with python 3.6.7.
There were also some reports on the mailing lists, see:
https://lists.samba.org/archive/samba-technical/2019-May/133624.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bbaumbach at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu May 30 08:27:24 UTC 2019 on sn-devel-184
commit 6a2e3a15585086bcceb18283216978a2fcb30da3
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 28 14:54:19 2019 +0200
samba-tool: use only one LDAP modify for dns partition fsmo role transfer
We should not risk that we end with no role owner.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 0fbb013bef886e425602fdbbef14a4029719818f
Author: Björn Baumbach <bb at sernet.de>
Date: Tue May 28 14:57:15 2019 +0200
s4:torture:fsmo.py: remove unused 'net_cmd' variable
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973
Signed-off-by: Björn Baumbach <bbaumbach at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4793f8ed584a4e6d8a26b06b691ec636e77d8f2a
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 28 14:53:09 2019 +0200
samba-tool: fix replication after dns partition fsmo role transfer
The new role owner need to replicate from the old role owner.
Before we told the old role owner to replicate from itself.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 5e000a8487d788dd196980b77ec7299c8be74abf
Author: Björn Baumbach <bb at sernet.de>
Date: Fri May 24 15:46:17 2019 +0200
s4:torture:fsmo.py: test role transfers of dns partitions
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13973
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Björn Baumbach <bbaumbach at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit e1a4fb5291662ed07ce18d597816dd8d6c7787a5
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Mon May 27 12:56:08 2019 +1200
s4 lib rpc pyrpc: Fix error message
Fix the error message returned when unable to initialise an event context.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 7f48fbcf7bad06a6df7812bb4fd3b0fca8edb4ea
Author: Michael Hanselmann <public at hansmi.ch>
Date: Fri Apr 12 00:46:37 2019 +0200
ldb: Avoid read beyond buffer
Calling the "ldb_parse_tree" function with a filter consisting of
exactly a single space (" ") would trigger a read beyond the input
buffer. A unittest is included.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13900
Signed-off-by: Michael Hanselmann <public at hansmi.ch>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Tim Beale <timbeale at catalyst.net.nz>
-----------------------------------------------------------------------
Summary of changes:
lib/ldb/common/ldb_parse.c | 6 +--
lib/ldb/tests/ldb_parse_test.c | 93 ++++++++++++++++++++++++++++++++++++++
lib/ldb/wscript | 8 +++-
python/samba/netcmd/fsmo.py | 27 ++++-------
source4/librpc/rpc/pyrpc_util.c | 3 +-
source4/torture/drs/python/fsmo.py | 12 ++++-
6 files changed, 125 insertions(+), 24 deletions(-)
create mode 100644 lib/ldb/tests/ldb_parse_test.c
Changeset truncated at 500 lines:
diff --git a/lib/ldb/common/ldb_parse.c b/lib/ldb/common/ldb_parse.c
index db420091311..452c5830ed5 100644
--- a/lib/ldb/common/ldb_parse.c
+++ b/lib/ldb/common/ldb_parse.c
@@ -328,7 +328,7 @@ static enum ldb_parse_op ldb_parse_filtertype(TALLOC_CTX *mem_ctx, char **type,
if (*p == '=') {
filter = LDB_OP_EQUALITY;
- } else if (*(p + 1) == '=') {
+ } else if (*p != '\0' && *(p + 1) == '=') {
switch (*p) {
case '<':
filter = LDB_OP_LESS;
@@ -679,12 +679,12 @@ static struct ldb_parse_tree *ldb_parse_filter(TALLOC_CTX *mem_ctx, const char *
*/
struct ldb_parse_tree *ldb_parse_tree(TALLOC_CTX *mem_ctx, const char *s)
{
+ while (s && isspace((unsigned char)*s)) s++;
+
if (s == NULL || *s == 0) {
s = "(|(objectClass=*)(distinguishedName=*))";
}
- while (isspace((unsigned char)*s)) s++;
-
if (*s == '(') {
return ldb_parse_filter(mem_ctx, &s);
}
diff --git a/lib/ldb/tests/ldb_parse_test.c b/lib/ldb/tests/ldb_parse_test.c
new file mode 100644
index 00000000000..a739d7795d1
--- /dev/null
+++ b/lib/ldb/tests/ldb_parse_test.c
@@ -0,0 +1,93 @@
+/*
+ * Tests exercising the ldb parse operations.
+ *
+ * Copyright (C) Catalyst.NET Ltd 2017
+ * Copyright (C) Michael Hanselmann 2019
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <setjmp.h>
+#include <cmocka.h>
+
+#include "../include/ldb.h"
+
+struct test_ctx
+{
+};
+
+static int setup(void **state)
+{
+ struct test_ctx *ctx;
+
+ ctx = talloc_zero(NULL, struct test_ctx);
+ assert_non_null(ctx);
+
+ *state = ctx;
+
+ return 0;
+}
+
+static int teardown(void **state)
+{
+ struct test_ctx *ctx =
+ talloc_get_type_abort(*state, struct test_ctx);
+
+ talloc_free(ctx);
+
+ return 0;
+}
+
+static void test_roundtrip(TALLOC_CTX *mem_ctx, const char *filter, const char *expected)
+{
+ struct ldb_parse_tree *tree;
+ char *serialized;
+
+ assert_non_null(filter);
+ assert_non_null(expected);
+
+ tree = ldb_parse_tree(mem_ctx, filter);
+ assert_non_null(tree);
+
+ serialized = ldb_filter_from_tree(mem_ctx, tree);
+ assert_non_null(serialized);
+
+ assert_string_equal(serialized, expected);
+}
+
+static void test_parse_filtertype(void **state)
+{
+ struct test_ctx *ctx =
+ talloc_get_type_abort(*state, struct test_ctx);
+
+ test_roundtrip(ctx, "", "(|(objectClass=*)(distinguishedName=*))");
+ test_roundtrip(ctx, "a=value", "(a=value)");
+ test_roundtrip(ctx, "(|(foo=bar)(baz=hello))", "(|(foo=bar)(baz=hello))");
+ test_roundtrip(ctx, " ", "(|(objectClass=*)(distinguishedName=*))");
+}
+
+int main(int argc, const char **argv)
+{
+ const struct CMUnitTest tests[] = {
+ cmocka_unit_test_setup_teardown(test_parse_filtertype, setup, teardown),
+ };
+
+ cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
+
+ return cmocka_run_group_tests(tests, NULL, NULL);
+}
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 8b22e9b2c7a..52307e2321e 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -506,6 +506,11 @@ def build(bld):
deps='cmocka ldb ldb_tdb_err_map',
install=False)
+ bld.SAMBA_BINARY('ldb_parse_test',
+ source='tests/ldb_parse_test.c',
+ deps='cmocka ldb ldb_tdb_err_map',
+ install=False)
+
if bld.CONFIG_SET('HAVE_LMDB'):
bld.SAMBA_BINARY('ldb_mdb_mod_op_test',
source='tests/ldb_mod_op_test.c',
@@ -576,7 +581,8 @@ def test(ctx):
'ldb_tdb_kv_ops_test',
'ldb_tdb_test',
'ldb_match_test',
- 'ldb_key_value_test']
+ 'ldb_key_value_test',
+ 'ldb_parse_test']
if env.HAVE_LMDB:
test_exes += ['ldb_mdb_mod_op_test',
diff --git a/python/samba/netcmd/fsmo.py b/python/samba/netcmd/fsmo.py
index b916f9c97b8..643d0aec1b6 100644
--- a/python/samba/netcmd/fsmo.py
+++ b/python/samba/netcmd/fsmo.py
@@ -23,6 +23,7 @@ import ldb
from ldb import LdbError
from samba.dcerpc import drsuapi, misc
from samba.auth import system_session
+import samba.drs_utils
from samba.netcmd import (
Command,
CommandError,
@@ -65,6 +66,8 @@ def transfer_dns_role(outf, sambaopts, credopts, role, samdb):
forest_dn = samba.dn_from_dns_name(samdb.forest_dns_name())
role_object = "CN=Infrastructure,DC=ForestDnsZones," + forest_dn
+ new_host_dns_name = samdb.host_dns_name()
+
res = samdb.search(role_object,
attrs=["fSMORoleOwner"],
scope=ldb.SCOPE_BASE,
@@ -106,22 +109,12 @@ def transfer_dns_role(outf, sambaopts, credopts, role, samdb):
m = ldb.Message()
m.dn = ldb.Dn(samdb, role_object)
- m["fSMORoleOwner"] = ldb.MessageElement(master_owner,
- ldb.FLAG_MOD_DELETE,
- "fSMORoleOwner")
-
- try:
- samdb.modify(m)
- except LdbError as e4:
- (num, msg) = e4.args
- raise CommandError("Failed to delete role '%s': %s" %
- (role, msg))
-
- m = ldb.Message()
- m.dn = ldb.Dn(samdb, role_object)
- m["fSMORoleOwner"] = ldb.MessageElement(new_owner,
- ldb.FLAG_MOD_ADD,
- "fSMORoleOwner")
+ m["fSMORoleOwner_Del"] = ldb.MessageElement(master_owner,
+ ldb.FLAG_MOD_DELETE,
+ "fSMORoleOwner")
+ m["fSMORoleOwner_Add"] = ldb.MessageElement(new_owner,
+ ldb.FLAG_MOD_ADD,
+ "fSMORoleOwner")
try:
samdb.modify(m)
except LdbError as e5:
@@ -129,7 +122,7 @@ def transfer_dns_role(outf, sambaopts, credopts, role, samdb):
raise CommandError("Failed to add role '%s': %s" % (role, msg))
try:
- connection = samba.drs_utils.drsuapi_connect(samdb.host_dns_name(),
+ connection = samba.drs_utils.drsuapi_connect(new_host_dns_name,
lp, creds)
except samba.drs_utils.drsException as e:
raise CommandError("Drsuapi Connect failed", e)
diff --git a/source4/librpc/rpc/pyrpc_util.c b/source4/librpc/rpc/pyrpc_util.c
index 29e501cdfef..e6227eaa604 100644
--- a/source4/librpc/rpc/pyrpc_util.c
+++ b/source4/librpc/rpc/pyrpc_util.c
@@ -136,7 +136,8 @@ PyObject *py_dcerpc_interface_init_helper(PyTypeObject *type, PyObject *args, Py
ret->ev = s4_event_context_init(ret->mem_ctx);
if (ret->ev == NULL) {
- PyErr_SetString(PyExc_TypeError, "Expected loadparm context");
+ PyErr_SetString(PyExc_TypeError,
+ "Unable to initialise event context");
Py_DECREF(ret);
return NULL;
}
diff --git a/source4/torture/drs/python/fsmo.py b/source4/torture/drs/python/fsmo.py
index 744299cc610..f846ca71611 100644
--- a/source4/torture/drs/python/fsmo.py
+++ b/source4/torture/drs/python/fsmo.py
@@ -52,13 +52,15 @@ class DrsFsmoTestCase(drs_base.DrsBaseTestCase):
self.infrastructure_dn = "CN=Infrastructure," + self.domain_dn
self.naming_dn = "CN=Partitions," + self.config_dn
self.rid_dn = "CN=RID Manager$,CN=System," + self.domain_dn
+ self.domain_dns_dn = (
+ "CN=Infrastructure,DC=DomainDnsZones, %s" % self.domain_dn )
+ self.forest_dns_dn = (
+ "CN=Infrastructure,DC=ForestDnsZones, %s" % self.domain_dn )
def tearDown(self):
super(DrsFsmoTestCase, self).tearDown()
def _net_fsmo_role_transfer(self, DC, role, noop=False):
- # find out where is samba-tool command
- net_cmd = os.path.abspath("./bin/samba-tool")
# make command line credentials string
ccache_name = self.get_creds_ccache_name()
cmd_line_auth = "--krb5-ccache=%s" % ccache_name
@@ -143,3 +145,9 @@ class DrsFsmoTestCase(drs_base.DrsBaseTestCase):
def test_NamingMasterTransfer(self):
self._role_transfer(role="naming", role_dn=self.naming_dn)
+
+ def test_DomainDnsZonesMasterTransfer(self):
+ self._role_transfer(role="domaindns", role_dn=self.domain_dns_dn)
+
+ def test_ForestDnsZonesMasterTransfer(self):
+ self._role_transfer(role="forestdns", role_dn=self.forest_dns_dn)
--
Samba Shared Repository
More information about the samba-cvs
mailing list