[SCM] Samba Shared Repository - branch master updated

Isaac Boukris iboukris at samba.org
Thu Jun 18 16:44:02 UTC 2020


The branch, master has been updated
       via  9a447fb7e07 Properly handle msDS-AdditionalDnsHostName returned from Windows DC
       via  4605d7aec5c selftest: add tests for binary msDS-AdditionalDnsHostName
       via  4e51e832176 Fix a typo in recent net man page changes
      from  53e3a959b95 s3:lib:tls: Use better priority lists for modern GnuTLS

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 9a447fb7e0701bf8b2fd922aed44d89f40420251
Author: Isaac Boukris <iboukris at gmail.com>
Date:   Thu Jun 11 16:51:27 2020 +0300

    Properly handle msDS-AdditionalDnsHostName returned from Windows DC
    
    Windows DC adds short names for each specified msDS-AdditionalDnsHostName
    attribute, but these have a suffix of "\0$" and thus fail with
    ldap_get_values(), use ldap_get_values_len() instead.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406
    
    Signed-off-by: Isaac Boukris <iboukris at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    
    Autobuild-User(master): Isaac Boukris <iboukris at samba.org>
    Autobuild-Date(master): Thu Jun 18 16:43:47 UTC 2020 on sn-devel-184

commit 4605d7aec5caf494a23f2c9800d6689f710ffbce
Author: Isaac Boukris <iboukris at gmail.com>
Date:   Tue Jun 16 22:01:49 2020 +0300

    selftest: add tests for binary msDS-AdditionalDnsHostName
    
    Like the short names added implicitly by Windows DC.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406
    
    Signed-off-by: Isaac Boukris <iboukris at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

commit 4e51e832176a99f2a841c7a0d78fb0424f02956e
Author: Isaac Boukris <iboukris at gmail.com>
Date:   Thu Jun 11 21:05:07 2020 +0300

    Fix a typo in recent net man page changes
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406
    
    Signed-off-by: Isaac Boukris <iboukris at samba.org>
    Reviewed-by: Andreas Schneider <asn at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 docs-xml/manpages/net.8.xml        |  2 +-
 source3/libads/ldap.c              | 38 +++++++++++++++++++++++++++++++++++---
 testprogs/blackbox/test_net_ads.sh | 22 ++++++++++++++++++++++
 3 files changed, 58 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml
index cbab9c63a5e..951ddcd7c3a 100644
--- a/docs-xml/manpages/net.8.xml
+++ b/docs-xml/manpages/net.8.xml
@@ -497,7 +497,7 @@ joining the domain.
 </para>
 
 <para>
-[FQDN] (ADS only) set the dnsHosName attribute during the join.
+[FQDN] (ADS only) set the dnsHostName attribute during the join.
 The default format is netbiosname.dnsdomain.
 </para>
 
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index d443e3ee20c..51ceb447254 100755
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -3685,6 +3685,40 @@ out:
 /********************************************************************
 ********************************************************************/
 
+static char **get_addl_hosts(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
+			      LDAPMessage *msg, size_t *num_values)
+{
+	const char *field = "msDS-AdditionalDnsHostName";
+	struct berval **values = NULL;
+	char **ret = NULL;
+	size_t i, converted_size;
+
+	values = ldap_get_values_len(ads->ldap.ld, msg, field);
+	if (values == NULL) {
+		return NULL;
+	}
+
+	*num_values = ldap_count_values_len(values);
+
+	ret = talloc_array(mem_ctx, char *, *num_values + 1);
+	if (ret == NULL) {
+		ldap_value_free_len(values);
+		return NULL;
+	}
+
+	for (i = 0; i < *num_values; i++) {
+		if (!pull_utf8_talloc(mem_ctx, &ret[i], values[i]->bv_val,
+				      &converted_size)) {
+			ldap_value_free_len(values);
+			return NULL;
+		}
+	}
+	ret[i] = NULL;
+
+	ldap_value_free_len(values);
+	return ret;
+}
+
 ADS_STATUS ads_get_additional_dns_hostnames(TALLOC_CTX *mem_ctx,
 					    ADS_STRUCT *ads,
 					    const char *machine_name,
@@ -3710,9 +3744,7 @@ ADS_STATUS ads_get_additional_dns_hostnames(TALLOC_CTX *mem_ctx,
 		goto done;
 	}
 
-	*hostnames_array = ads_pull_strings(ads, mem_ctx, res,
-					    "msDS-AdditionalDnsHostName",
-					    num_hostnames);
+	*hostnames_array = get_addl_hosts(ads, mem_ctx, res, num_hostnames);
 	if (*hostnames_array == NULL) {
 		DEBUG(1, ("Host account for %s does not have msDS-AdditionalDnsHostName.\n",
 			  machine_name));
diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh
index 85257f445d8..eef4a31a6a7 100755
--- a/testprogs/blackbox/test_net_ads.sh
+++ b/testprogs/blackbox/test_net_ads.sh
@@ -41,6 +41,11 @@ if [ -x "$BINDIR/ldbdel" ]; then
 	ldbdel="$BINDIR/ldbdel"
 fi
 
+ldbmodify="ldbmodify"
+if [ -x "$BINDIR/ldbmodify" ]; then
+	ldbmodify="$BINDIR/ldbmodify"
+fi
+
 # Load test functions
 . `dirname $0`/subunit.sh
 
@@ -217,12 +222,29 @@ testit_grep "dns alias SPN" $dns_alias2 $VALGRIND $net_tool ads search -P samacc
 testit_grep "dns alias addl" $dns_alias1 $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ msDS-AdditionalDnsHostName || failed=`expr $failed + 1`
 testit_grep "dns alias addl" $dns_alias2 $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ msDS-AdditionalDnsHostName || failed=`expr $failed + 1`
 
+# Test binary msDS-AdditionalDnsHostName like ones added by Windows DC
+short_alias_file="$PREFIX_ABS/short_alias_file"
+printf 'short_alias\0$' > $short_alias_file
+cat > $PREFIX_ABS/tmpldbmodify <<EOF
+dn: CN=$HOSTNAME,$computers_dn
+changetype: modify
+add: msDS-AdditionalDnsHostName
+msDS-AdditionalDnsHostName:< file://$short_alias_file
+EOF
+
+testit "add binary msDS-AdditionalDnsHostName" $VALGRIND $ldbmodify -k yes -U$DC_USERNAME%$DC_PASSWORD -H ldap://$SERVER.$REALM $PREFIX_ABS/tmpldbmodify || failed=`expr $failed + 1`
+
+testit_grep "addl short alias" short_alias $ldbsearch --show-binary -U$DC_USERNAME%$DC_PASSWORD -H ldap://$SERVER.$REALM -s base -b "CN=$HOSTNAME,CN=Computers,$base_dn" msDS-AdditionalDnsHostName || failed=`expr $failed + 1`
+
+rm -f $PREFIX_ABS/tmpldbmodify $short_alias_file
+
 dedicated_keytab_file="$PREFIX_ABS/test_dns_aliases_dedicated_krb5.keytab"
 
 testit "dns alias create_keytab" $VALGRIND $net_tool ads keytab create --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
 
 testit_grep "dns alias1 check keytab" "host/${dns_alias1}@$REALM" $net_tool ads keytab list --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
 testit_grep "dns alias2 check keytab" "host/${dns_alias2}@$REALM" $net_tool ads keytab list --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
+testit_grep "addl short check keytab" "host/short_alias@$REALM" $net_tool ads keytab list --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
 
 rm -f $dedicated_keytab_file
 


-- 
Samba Shared Repository



More information about the samba-cvs mailing list