[SCM] Samba Shared Repository - branch master updated
Volker Lendecke
vlendec at samba.org
Thu Jul 9 21:41:02 UTC 2020
The branch, master has been updated
via cd4122d91e9 winbind: Fix lookuprids cache problem
via 04eafce653a winbind: Add test for lookuprids cache problem
via 10ea0e0b3cf torture3: Align integer types
via 89d21f50728 torture3: Silence two signed/unsigned warnings
via 0bb1488d315 libcli/ldap: Fix decoding struct ldap_ExtendedResponse
via 60b0928945c libcli/ldap: Test decoding an exop response
from 92b1078e1e0 WHATSNEW: Start release notes for Samba 4.14.0pre1.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit cd4122d91e942ca465c03505d5e148117f505ba4
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jul 8 15:09:45 2020 +0200
winbind: Fix lookuprids cache problem
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Thu Jul 9 21:40:52 UTC 2020 on sn-devel-184
commit 04eafce653afcff517317d2b190acc4f0cbf4c61
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jul 8 15:00:49 2020 +0200
winbind: Add test for lookuprids cache problem
When reading entries from gencache, wb_cache_rids_to_names() can
return STATUS_SOME_UNMAPPED, which _wbint_LookupRids() does not handle
correctly.
This test enforces this situation by filling gencache with one wbinfo
-R and then erasing the winbindd_cache.tdb. This forces winbind to
enter the domain helper process, which will then read from gencache
filled with the previous wbinfo -R.
Without having the entries cached this does not happen because
wb_cache_rids_to_names() via the do_query: path calls deep inside
calls dcerpc_lsa_lookup_sids_noalloc(), which hides the
STATUS_SOME_UNMAPPED that came in as lsa_LookupSids result value.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 10ea0e0b3cf6cb4479f12cf85e1ae7fc7b217bd6
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jul 7 08:50:31 2020 +0200
torture3: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 89d21f507288408ca366350d13c1c106662f5941
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jul 7 08:48:58 2020 +0200
torture3: Silence two signed/unsigned warnings
A longer fix would be to change the callbacks to use "int" instead of
"unsigned". Arguably that might be cleaner, but as this is torture
code I opted for the minimum necessary change.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 0bb1488d315e93162eae433f869c1ddabea722c0
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jun 23 19:09:28 2020 +0200
libcli/ldap: Fix decoding struct ldap_ExtendedResponse
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 60b0928945c9be3785b5e2855b066f9f97beb2df
Author: Volker Lendecke <vl at samba.org>
Date: Tue Jun 23 19:14:37 2020 +0200
libcli/ldap: Test decoding an exop response
ldap-starttls-response.dat is a reply to a starttls extended
operation. Right now ldap_decode() does not handle this correctly.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
libcli/ldap/ldap_message.c | 6 ++-
libcli/ldap/tests/data/ldap-starttls-response.dat | Bin 0 -> 38 bytes
libcli/ldap/tests/ldap_message_test.c | 43 +++++++++++++++++++++
.../script/tests/test_wbinfo_lookuprids_cache.sh | 21 ++++++++++
source3/selftest/tests.py | 5 +++
source3/torture/test_notify.c | 7 ++--
source3/winbindd/winbindd_dual_srv.c | 3 +-
7 files changed, 79 insertions(+), 6 deletions(-)
create mode 100644 libcli/ldap/tests/data/ldap-starttls-response.dat
create mode 100755 source3/script/tests/test_wbinfo_lookuprids_cache.sh
Changeset truncated at 500 lines:
diff --git a/libcli/ldap/ldap_message.c b/libcli/ldap/ldap_message.c
index 69a48279532..c7d86844963 100644
--- a/libcli/ldap/ldap_message.c
+++ b/libcli/ldap/ldap_message.c
@@ -1540,7 +1540,8 @@ _PUBLIC_ NTSTATUS ldap_decode(struct asn1_data *data,
if (!ldap_decode_response(msg, data, &r->response)) goto prot_err;
if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(10))) {
- if (!asn1_read_ContextSimple(data, msg, 1, &tmp_blob)) goto prot_err;
+ if (!asn1_read_ContextSimple(data, msg, 10, &tmp_blob))
+ goto prot_err;
r->oid = blob2string_talloc(msg, tmp_blob);
data_blob_free(&tmp_blob);
if (!r->oid) {
@@ -1551,7 +1552,8 @@ _PUBLIC_ NTSTATUS ldap_decode(struct asn1_data *data,
}
if (asn1_peek_tag(data, ASN1_CONTEXT_SIMPLE(11))) {
- if (!asn1_read_ContextSimple(data, msg, 1, &tmp_blob)) goto prot_err;
+ if (!asn1_read_ContextSimple(data, msg, 11, &tmp_blob))
+ goto prot_err;
r->value = talloc(msg, DATA_BLOB);
if (!r->value) {
return NT_STATUS_LDAP(LDAP_OPERATIONS_ERROR);
diff --git a/libcli/ldap/tests/data/ldap-starttls-response.dat b/libcli/ldap/tests/data/ldap-starttls-response.dat
new file mode 100644
index 00000000000..d4294bf9173
Binary files /dev/null and b/libcli/ldap/tests/data/ldap-starttls-response.dat differ
diff --git a/libcli/ldap/tests/ldap_message_test.c b/libcli/ldap/tests/ldap_message_test.c
index f4b49bc47bc..53636828f93 100644
--- a/libcli/ldap/tests/ldap_message_test.c
+++ b/libcli/ldap/tests/ldap_message_test.c
@@ -261,6 +261,45 @@ static void test_recursion_depth_greater_than_max(void **state)
assert_ldap_status_equal(LDAP_PROTOCOL_ERROR, status);
}
+/*
+ * Check we can decode an exop response
+ */
+static void test_decode_exop_response(void **state)
+{
+ struct test_ctx *test_ctx = talloc_get_type_abort(
+ *state,
+ struct test_ctx);
+ struct asn1_data *asn1;
+ struct ldap_message *ldap_msg;
+ NTSTATUS status;
+ FILE *f = NULL;
+ uint8_t *buffer = NULL;
+ const size_t BUFF_SIZE = 1048576;
+ size_t len;
+ struct ldap_request_limits limits = {
+ .max_search_size = 256000,
+ };
+
+
+ buffer = talloc_zero_array(test_ctx, uint8_t, BUFF_SIZE);
+ f = fopen("./libcli/ldap/tests/data/ldap-starttls-response.dat", "r");
+ assert_not_ferror(f);
+ len = fread(buffer, sizeof(uint8_t), BUFF_SIZE, f);
+ assert_not_ferror(f);
+ assert_true(len > 0);
+
+ asn1 = asn1_init(test_ctx, 3);
+ assert_non_null(asn1);
+ asn1_load_nocopy(asn1, buffer, len);
+
+ ldap_msg = talloc(test_ctx, struct ldap_message);
+ assert_non_null(ldap_msg);
+
+ status = ldap_decode(
+ asn1, &limits, samba_ldap_control_handlers(), ldap_msg);
+ assert_true(NT_STATUS_IS_OK(status));
+}
+
int main(_UNUSED_ int argc, _UNUSED_ const char **argv)
{
const struct CMUnitTest tests[] = {
@@ -280,6 +319,10 @@ int main(_UNUSED_ int argc, _UNUSED_ const char **argv)
test_recursion_depth_greater_than_max,
setup,
teardown),
+ cmocka_unit_test_setup_teardown(
+ test_decode_exop_response,
+ setup,
+ teardown),
};
cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
diff --git a/source3/script/tests/test_wbinfo_lookuprids_cache.sh b/source3/script/tests/test_wbinfo_lookuprids_cache.sh
new file mode 100755
index 00000000000..0b21ffcd7c9
--- /dev/null
+++ b/source3/script/tests/test_wbinfo_lookuprids_cache.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+WBINFO="$VALGRIND ${WBINFO:-$BINDIR/wbinfo}"
+TDBTOOL="${TDBTOOL:-$BINDIR/tdbtool}"
+TDBDUMP="${TDBDUMP:-$BINDIR/tdbdump}"
+NET="$VALGRIND ${NET:-$BINDIR/net}"
+
+cache="$LOCK_DIR"/winbindd_cache.tdb
+
+incdir=`dirname $0`/../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+testit "flush" "$NET" "cache" "flush" || failed=`expr $failed + 1`
+testit "lookuprids1" "$WBINFO" "-R" "512,12345" || failed=`expr $failed + 1`
+
+key=$("$TDBDUMP" "$cache" | grep ^key.*NDR.*/16/ | cut -d\" -f2)
+
+testit "delete" "$TDBTOOL" "$cache" delete "$key"
+testit "lookuprids2" "$WBINFO" "-R" "512,12345" || failed=`expr $failed + 1`
+
+testok $0 $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index cfdfaa98c84..e2aebdcb6e2 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -365,6 +365,11 @@ env = "nt4_member:local"
plantestsuite("samba3.wbinfo_sids_to_xids", env,
[os.path.join(srcdir(),
"nsswitch/tests/test_wbinfo_sids_to_xids.sh")])
+plantestsuite(
+ "samba.wbinfo_lookuprids_cache",
+ env,
+ [os.path.join(samba3srcdir,
+ "script/tests/test_wbinfo_lookuprids_cache.sh")])
env = "ad_member"
t = "WBCLIENT-MULTI-PING"
diff --git a/source3/torture/test_notify.c b/source3/torture/test_notify.c
index 20b39d1e5db..33c2381fbbd 100644
--- a/source3/torture/test_notify.c
+++ b/source3/torture/test_notify.c
@@ -224,7 +224,7 @@ bool run_notify_bench2(int dummy)
}
}
- while (num_notifies < torture_nprocs * torture_numops) {
+ while (num_notifies < (unsigned)(torture_nprocs * torture_numops)) {
int ret;
ret = tevent_loop_once(ev);
if (ret != 0) {
@@ -641,7 +641,7 @@ bool run_notify_bench3(int dummy)
struct tevent_context *ev;
struct tevent_barrier *small;
struct tevent_barrier *large;
- unsigned i, j;
+ int i;
unsigned num_done = 0;
struct timeval ts, now;
@@ -680,6 +680,7 @@ bool run_notify_bench3(int dummy)
}
for (i=0; i<torture_nprocs; i++) {
+ int j;
for (j=0; j<torture_numops; j++) {
int idx = i * torture_numops + j;
struct tevent_req *req;
@@ -709,7 +710,7 @@ bool run_notify_bench3(int dummy)
}
}
- while (num_done < torture_nprocs * torture_numops) {
+ while (num_done < (unsigned)(torture_nprocs * torture_numops)) {
int ret;
ret = tevent_loop_once(ev);
if (ret != 0) {
diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c
index 6071bee6d65..b8694db3db9 100644
--- a/source3/winbindd/winbindd_dual_srv.c
+++ b/source3/winbindd/winbindd_dual_srv.c
@@ -673,7 +673,8 @@ NTSTATUS _wbint_LookupRids(struct pipes_struct *p, struct wbint_LookupRids *r)
r->in.rids->rids, r->in.rids->num_rids,
&domain_name, &names, &types);
reset_cm_connection_on_error(domain, NULL, status);
- if (!NT_STATUS_IS_OK(status)) {
+ if (!NT_STATUS_IS_OK(status) &&
+ !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
return status;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list