[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Thu Oct 3 18:00:04 UTC 2019
The branch, master has been updated
via fe41238097f rpcclient: Remove unused global domain sid
via 8a094672212 rpcclient: Remove domain sid check
via cb0b54d9acb rpcclient: Make cmd_samr.c independent of global domain_sid
via dd108a171fe rpcclient: Fix a comment
via 3cac5c1bd4d rpcclient: Move rpccli_try_samr_connects() to cmd_samr.c
via f74442b4b79 rpcclient: Remove rpcclient_cli_state
via 8ca4fe65238 rpclient: Remove cmd_test
from 398cb8a56d8 s3: smbd: Fix the SMB2 server to pass SMB2-PATH-SLASH.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit fe41238097f4354f18130c43ea3c5db0293097c7
Author: Volker Lendecke <vl at samba.org>
Date: Fri Sep 27 19:24:18 2019 -0700
rpcclient: Remove unused global domain sid
For the auth_log tests using rpcclient this means one message less
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu Oct 3 17:59:13 UTC 2019 on sn-devel-184
commit 8a094672212eb49291ff6c8c9441a0a6c71c1561
Author: Volker Lendecke <vl at samba.org>
Date: Fri Sep 27 19:22:55 2019 -0700
rpcclient: Remove domain sid check
The samr calls can take care of this on their own
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit cb0b54d9acb4a0021a09f90299fec1bad3b63107
Author: Volker Lendecke <vl at samba.org>
Date: Fri Sep 27 19:20:17 2019 -0700
rpcclient: Make cmd_samr.c independent of global domain_sid
Pure SAMR allows us to figure out the domain sid, we don't need LSA
for this.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit dd108a171fe807b67fe8186cf96af18836bea451
Author: Volker Lendecke <vl at samba.org>
Date: Fri Sep 27 19:19:47 2019 -0700
rpcclient: Fix a comment
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 3cac5c1bd4d47d143071891a0f21e242a28bd99f
Author: Volker Lendecke <vl at samba.org>
Date: Fri Sep 27 18:49:33 2019 -0700
rpcclient: Move rpccli_try_samr_connects() to cmd_samr.c
That's the only user, make it static to cmd_samr.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit f74442b4b795d9c282cdf36e6e8ebc312bfe27ca
Author: Volker Lendecke <vl at samba.org>
Date: Fri Sep 27 17:32:31 2019 -0700
rpcclient: Remove rpcclient_cli_state
An unneeded global
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 8ca4fe65238f9b086cae842da13111596b9d0114
Author: Volker Lendecke <vl at samba.org>
Date: Fri Sep 27 17:25:55 2019 -0700
rpclient: Remove cmd_test
I can't even properly find why this went in. It's the only user of the
global rpcclient_cli_state, which can go if we remove this.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
python/samba/tests/auth_log.py | 22 +++++-----
source3/rpc_client/cli_samr.c | 21 ---------
source3/rpc_client/cli_samr.h | 5 ---
source3/rpcclient/cmd_samr.c | 93 +++++++++++++++++++++++++++++++++++++++-
source3/rpcclient/cmd_test.c | 95 -----------------------------------------
source3/rpcclient/rpcclient.c | 83 -----------------------------------
source3/rpcclient/rpcclient.h | 1 -
source3/rpcclient/wscript_build | 1 -
8 files changed, 102 insertions(+), 219 deletions(-)
delete mode 100644 source3/rpcclient/cmd_test.c
Changeset truncated at 500 lines:
diff --git a/python/samba/tests/auth_log.py b/python/samba/tests/auth_log.py
index daf088f2f32..06fb841a62b 100644
--- a/python/samba/tests/auth_log.py
+++ b/python/samba/tests/auth_log.py
@@ -1129,7 +1129,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
def test_samlogon_interactive_bad_password(self):
@@ -1162,7 +1162,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
def test_samlogon_interactive_bad_user(self):
@@ -1195,7 +1195,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
def test_samlogon_network(self):
@@ -1226,7 +1226,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
def test_samlogon_network_bad_password(self):
@@ -1258,7 +1258,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
def test_samlogon_network_bad_user(self):
@@ -1290,7 +1290,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
def test_samlogon_network_mschap(self):
@@ -1323,7 +1323,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
def test_samlogon_network_mschap_bad_password(self):
@@ -1357,7 +1357,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
def test_samlogon_network_mschap_bad_user(self):
@@ -1391,7 +1391,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
def test_samlogon_schannel_seal(self):
@@ -1422,7 +1422,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
# Check the second to last message it should be an Authorization
@@ -1465,7 +1465,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase):
messages = self.remove_netlogon_messages(messages)
received = len(messages)
self.assertIs(True,
- (received == 5 or received == 6),
+ (received == 4 or received == 5),
"Did not receive the expected number of messages")
# Check the second to last message it should be an Authorization
diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c
index 452e9593f6a..a3b24e7b164 100644
--- a/source3/rpc_client/cli_samr.c
+++ b/source3/rpc_client/cli_samr.c
@@ -503,25 +503,4 @@ NTSTATUS dcerpc_try_samr_connects(struct dcerpc_binding_handle *h,
return status;
}
-NTSTATUS rpccli_try_samr_connects(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- uint32_t access_mask,
- struct policy_handle *connect_pol)
-{
- NTSTATUS status;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- status = dcerpc_try_samr_connects(cli->binding_handle,
- mem_ctx,
- cli->srv_name_slash,
- access_mask,
- connect_pol,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- return result;
-}
-
/* vim: set ts=8 sw=8 noet cindent: */
diff --git a/source3/rpc_client/cli_samr.h b/source3/rpc_client/cli_samr.h
index 76993fb7c82..e6f4ee555c8 100644
--- a/source3/rpc_client/cli_samr.h
+++ b/source3/rpc_client/cli_samr.h
@@ -218,9 +218,4 @@ NTSTATUS dcerpc_try_samr_connects(struct dcerpc_binding_handle *h,
struct policy_handle *connect_pol,
NTSTATUS *presult);
-NTSTATUS rpccli_try_samr_connects(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- uint32_t access_mask,
- struct policy_handle *connect_pol);
-
#endif /* _CLI_SAMR_H */
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 0cd8b50058e..932688d7113 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -32,7 +32,7 @@
#include "rpc_client/init_lsa.h"
#include "../libcli/security/security.h"
-extern struct dom_sid domain_sid;
+static struct dom_sid domain_sid;
/****************************************************************************
display samr_user_info_7 structure
@@ -270,6 +270,95 @@ static void display_sam_info_5(struct samr_DispEntryAscii *r)
printf("Account: %s\n", r->account_name.string);
}
+static NTSTATUS rpccli_try_samr_connects(
+ struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ uint32_t access_mask,
+ struct policy_handle *connect_pol)
+{
+ struct dcerpc_binding_handle *b = cli->binding_handle;
+ NTSTATUS status;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ uint32_t start_idx = 0;
+ uint32_t i, num_entries;
+ struct samr_SamArray *sam = NULL;
+ struct dom_sid *domsid = NULL;
+
+ status = dcerpc_try_samr_connects(
+ b,
+ mem_ctx,
+ cli->srv_name_slash,
+ access_mask,
+ connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
+ }
+
+ if (!is_null_sid(&domain_sid)) {
+ return NT_STATUS_OK;
+ }
+
+ /*
+ * Look up the servers domain SID. Just pick the first
+ * non-builtin domain from samr_EnumDomains.
+ */
+
+ status = dcerpc_samr_EnumDomains(
+ b,
+ mem_ctx,
+ connect_pol,
+ &start_idx,
+ &sam,
+ 0xffff,
+ &num_entries,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto fail;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto fail;
+ }
+
+ for (i=0; i<num_entries; i++) {
+ if (!strequal(sam->entries[i].name.string, "builtin")) {
+ break;
+ }
+ }
+ if (i == num_entries) {
+ status = NT_STATUS_NOT_FOUND;
+ goto fail;
+ }
+
+ status = dcerpc_samr_LookupDomain(
+ b,
+ mem_ctx,
+ connect_pol,
+ &sam->entries[i].name,
+ &domsid,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto fail;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
+ goto fail;
+ }
+
+ sid_copy(&domain_sid, domsid);
+ TALLOC_FREE(domsid);
+
+ return NT_STATUS_OK;
+
+fail:
+ dcerpc_samr_Close(b, mem_ctx, connect_pol, &result);
+ return status;
+}
+
/****************************************************************************
****************************************************************************/
@@ -1172,7 +1261,7 @@ static NTSTATUS cmd_samr_enum_domains(struct rpc_pipe_client *cli,
goto done;
}
- /* Enumerate alias groups */
+ /* Enumerate domains */
start_idx = 0;
size = 0xffff;
diff --git a/source3/rpcclient/cmd_test.c b/source3/rpcclient/cmd_test.c
deleted file mode 100644
index 1b8a27234d1..00000000000
--- a/source3/rpcclient/cmd_test.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
- RPC pipe client
-
- Copyright (C) Volker Lendecke 2005
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "rpcclient.h"
-#include "../librpc/gen_ndr/ndr_lsa_c.h"
-#include "rpc_client/cli_lsarpc.h"
-#include "../librpc/gen_ndr/ndr_samr.h"
-#include "../librpc/gen_ndr/winreg.h"
-
-static NTSTATUS cmd_testme(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- int argc, const char **argv)
-{
- struct rpc_pipe_client *lsa_pipe = NULL, *samr_pipe = NULL;
- NTSTATUS status = NT_STATUS_UNSUCCESSFUL, result;
- struct policy_handle pol;
- struct dcerpc_binding_handle *b;
-
- d_printf("testme\n");
-
- status = cli_rpc_pipe_open_noauth(rpcclient_cli_state,
- &ndr_table_lsarpc,
- &lsa_pipe);
- if (!NT_STATUS_IS_OK(status)) {
- goto done;
- }
-
- status = cli_rpc_pipe_open_noauth(rpcclient_cli_state,
- &ndr_table_samr,
- &samr_pipe);
- if (!NT_STATUS_IS_OK(status)) {
- goto done;
- }
-
- b = lsa_pipe->binding_handle;
-
- status = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, False,
- KEY_QUERY_VALUE, &pol);
-
- if (!NT_STATUS_IS_OK(status))
- goto done;
-
- status = dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
-
- if (!NT_STATUS_IS_OK(status))
- goto done;
- if (!NT_STATUS_IS_OK(result)) {
- status = result;
- goto done;
- }
-
- done:
- TALLOC_FREE(lsa_pipe);
- TALLOC_FREE(samr_pipe);
-
- return status;
-}
-
-/* List of commands exported by this module */
-
-struct cmd_set test_commands[] = {
-
- {
- .name = "TESTING",
- },
-
- {
- .name = "testme",
- .returntype = RPC_RTYPE_NTSTATUS,
- .ntfn = cmd_testme,
- .description = "Sample test",
- .usage = "testme",
- },
-
- {
- .name = NULL,
- },
-};
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 8f1aa8d875d..9d4f16531c2 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -44,8 +44,6 @@ enum pipe_auth_type_spnego {
PIPE_AUTH_TYPE_SPNEGO_KRB5
};
-struct dom_sid domain_sid;
-
static enum dcerpc_AuthType pipe_default_auth_type = DCERPC_AUTH_TYPE_NONE;
static enum pipe_auth_type_spnego pipe_default_auth_spnego_type = 0;
static enum dcerpc_AuthLevel pipe_default_auth_level = DCERPC_AUTH_LEVEL_NONE;
@@ -53,7 +51,6 @@ static unsigned int timeout = 0;
static enum dcerpc_transport_t default_transport = NCACN_NP;
struct messaging_context *rpcclient_msg_ctx;
-struct cli_state *rpcclient_cli_state;
struct netlogon_creds_cli_context *rpcclient_netlogon_creds;
static const char *rpcclient_netlogon_domain;
@@ -155,74 +152,6 @@ static char *next_command (char **cmdstr)
return command;
}
-/* Fetch the SID for this computer */
-
-static void fetch_machine_sid(struct cli_state *cli)
-{
- struct policy_handle pol;
- NTSTATUS result = NT_STATUS_OK, status;
- static bool got_domain_sid;
- TALLOC_CTX *mem_ctx;
- struct rpc_pipe_client *lsapipe = NULL;
- union lsa_PolicyInformation *info = NULL;
- struct dcerpc_binding_handle *b;
-
- if (got_domain_sid) return;
-
- if (!(mem_ctx=talloc_init("fetch_machine_sid"))) {
- DEBUG(0,("fetch_machine_sid: talloc_init returned NULL!\n"));
- goto error;
- }
-
- result = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
- &lsapipe);
- if (!NT_STATUS_IS_OK(result)) {
- fprintf(stderr, "could not initialise lsa pipe. Error was %s\n", nt_errstr(result) );
- goto error;
- }
-
- b = lsapipe->binding_handle;
-
- result = rpccli_lsa_open_policy(lsapipe, mem_ctx, True,
- SEC_FLAG_MAXIMUM_ALLOWED,
- &pol);
- if (!NT_STATUS_IS_OK(result)) {
- goto error;
- }
-
- status = dcerpc_lsa_QueryInfoPolicy(b, mem_ctx,
- &pol,
- LSA_POLICY_INFO_ACCOUNT_DOMAIN,
- &info,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- result = status;
- goto error;
- }
- if (!NT_STATUS_IS_OK(result)) {
- goto error;
- }
-
- got_domain_sid = True;
- sid_copy(&domain_sid, info->account_domain.sid);
-
- dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
- TALLOC_FREE(lsapipe);
- talloc_destroy(mem_ctx);
-
- return;
-
- error:
-
- if (lsapipe) {
- TALLOC_FREE(lsapipe);
- }
-
- fprintf(stderr, "could not obtain sid from server\n");
-
- return;
-}
-
/* List the available commands on a given pipe */
static NTSTATUS cmd_listcommands(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
@@ -789,7 +718,6 @@ extern struct cmd_set ds_commands[];
extern struct cmd_set echo_commands[];
extern struct cmd_set epmapper_commands[];
extern struct cmd_set shutdown_commands[];
-extern struct cmd_set test_commands[];
extern struct cmd_set wkssvc_commands[];
extern struct cmd_set ntsvcs_commands[];
extern struct cmd_set drsuapi_commands[];
@@ -813,7 +741,6 @@ static struct cmd_set *rpcclient_command_list[] = {
echo_commands,
epmapper_commands,
shutdown_commands,
- test_commands,
wkssvc_commands,
ntsvcs_commands,
drsuapi_commands,
@@ -858,12 +785,6 @@ static NTSTATUS do_cmd(struct cli_state *cli,
TALLOC_CTX *mem_ctx;
- if (cmd_entry->table == &ndr_table_samr &&
- !dom_sid_is_valid_account_domain(&domain_sid))
- {
- return NT_STATUS_INVALID_DOMAIN_STATE;
- }
-
/* Create mem_ctx */
if (!(mem_ctx = talloc_stackframe())) {
@@ -1325,7 +1246,6 @@ out_free:
#endif
/* Load command lists */
- rpcclient_cli_state = cli;
timeout = 10000;
cli_set_timeout(cli, timeout);
@@ -1340,8 +1260,6 @@ out_free:
--
Samba Shared Repository
More information about the samba-cvs
mailing list