[SCM] Samba Shared Repository - branch v4-12-test updated

Karolin Seeger kseeger at samba.org
Mon May 25 07:53:03 UTC 2020


The branch, v4-12-test has been updated
       via  f02893f5360 winbindd: Fix a use-after-free when winbind clients exit
       via  572eb426f3f s3: lib: Paranoia around use of snprintf copying into a fixed-size buffer from a getenv() pointer.
       via  eae0ae3cae3 s3:gencache: Allow to open gencache as read-only
       via  b91925075ef lib:util: Add test for path_expand_tilde()
       via  f0654fa47e0 lib:util: Add path_expand_tilde()
       via  76c8a9deaa7 s4/rpc_server/dnsserver: Allow parsing of dnsProperty to fail gracefully
       via  0acfdab2a6a selftest: Add test for handling of "short" dnsProperty records
       via  50653906976 librpc/idl: Add dnsp_DnsProperty_short
      from  11abc955736 VERSION: Bump version up to 4.12.4...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-12-test


- Log -----------------------------------------------------------------
commit f02893f536005157b214e962497914c5d078e52a
Author: Volker Lendecke <vl at samba.org>
Date:   Fri May 15 15:19:45 2020 +0200

    winbindd: Fix a use-after-free when winbind clients exit
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=14382
    
    Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Signed-off-by: Stefan Metzmacher <metze at samba.org>
    
    Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
    Autobuild-Date(master): Tue May 19 10:45:06 UTC 2020 on sn-devel-184
    
    (cherry picked from commit 68380ebaa60c64311cc1081f700d571abbf69f4f)
    
    Autobuild-User(v4-12-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-12-test): Mon May 25 07:52:12 UTC 2020 on sn-devel-184

commit 572eb426f3fcbf99924be0b294e2e38bff2d04d8
Author: Jeremy Allison <jra at samba.org>
Date:   Fri May 15 12:18:02 2020 -0700

    s3: lib: Paranoia around use of snprintf copying into a fixed-size buffer from a getenv() pointer.
    
    Post checks for overflow/error.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Mon May 18 23:42:57 UTC 2020 on sn-devel-184
    
    (cherry picked from commit dd1f750293ef4361455a5d5b63fc7a89495715b7)

commit eae0ae3cae31a130bba322620241c23e6f97fecd
Author: Andreas Schneider <asn at samba.org>
Date:   Wed May 6 17:10:51 2020 +0200

    s3:gencache: Allow to open gencache as read-only
    
    This allows client tools to access the cache for ready-only operations
    as a normal user.
    
    Example:
        net ads status
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    
    Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
    Autobuild-Date(master): Fri May 15 14:40:32 UTC 2020 on sn-devel-184
    
    (cherry picked from commit 04f0c45475de383a0be4ca355ab9aa7784e61c27)

commit b91925075ef34df7aabbe3512d3c93d3ce726455
Author: Andreas Schneider <asn at samba.org>
Date:   Mon May 11 12:50:11 2020 +0200

    lib:util: Add test for path_expand_tilde()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (backported from commit a15bd5493b696c66c6803d8ca65bc13f1cfcdf0a)

commit f0654fa47e07a2b756d3640f29e523161288e60f
Author: Andreas Schneider <asn at samba.org>
Date:   Thu May 7 12:25:24 2020 +0200

    lib:util: Add path_expand_tilde()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Stefan Metzmacher <metze at samba.org>
    (cherry picked from commit 15457254be0ab1235c327bd305dfeee19b2ea7a1)

commit 76c8a9deaa777cda273c9e9ebda91590b2ab68f7
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Wed May 13 12:01:05 2020 +1200

    s4/rpc_server/dnsserver: Allow parsing of dnsProperty to fail gracefully
    
    On (eg) the
    
    DC=_msdcs.X.Y,CN=MicrosoftDNS,DC=ForestDnsZones,DC=X,DC=Y
    
    record, in domains that have had a Microsoft Windows DC an attribute:
    
    dNSProperty:: AAAAAAAAAAAAAAAAAQAAAJIAAAAAAAAA
    
    000000 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00  >................<
    000010 92 00 00 00 00 00 00 00                          >........<
    000018
    
    We, until samba 4.12, would parse this as:
    
    pull returned Success
        dnsp_DnsProperty: struct dnsp_DnsProperty
            wDataLength              : 0x00000000 (0)
            namelength               : 0x00000000 (0)
            flag                     : 0x00000000 (0)
            version                  : 0x00000001 (1)
            id                       : DSPROPERTY_ZONE_NS_SERVERS_DA (146)
            data                     : union dnsPropertyData(case 0)
            name                     : 0x00000000 (0)
    dump OK
    
    However, the wDataLength is 0.  There is not anything in
    [MS-DNSP] 2.3.2.1 dnsProperty to describe any special behaviour
    for when the id suggests that there is a value, but wDataLength is 0.
    
    https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dnsp/445c7843-e4a1-4222-8c0f-630c230a4c80
    
    We now fail to parse it, because we expect an entry with id DSPROPERTY_ZONE_NS_SERVERS_DA
    to therefore have a valid DNS_ADDR_ARRAY (section 2.2.3.2.3).
    
    As context we changed it in our commit fee5c6a4247aeac71318186bbff7708d25de5912
    because of bug https://bugzilla.samba.org/show_bug.cgi?id=14206
    which was due to the artificial environment of the fuzzer.
    
    Microsoft advises that Windows also fails to parse this, but
    instead of failing the operation, the value is ignored.
    
    Reported by Alex MacCuish.  Many thanks for your assistance in
    tracking down the issue.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310
    RN: Can't use DNS functionality after a Windows DC has been in domain
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
    
    Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
    Autobuild-Date(master): Fri May 15 07:29:17 UTC 2020 on sn-devel-184
    
    (cherry picked from commit 004e7a1fee766102de302e83f4dc5f4d977aef32)

commit 0acfdab2a6ac113652556439c5bbd09b8caf8e72
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Thu May 14 10:19:45 2020 +1200

    selftest: Add test for handling of "short" dnsProperty records
    
    These have been known to be given by Windows DCs that share the same domain
    as while invalid, they are not format-checked inbound when set by the DNS
    Manager MMC applet over the dnsserver pipe to Windows.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
    (cherry picked from commit 6eb2a48f5a998b82bb071ef42d00d2f34a2b0ed8)

commit 50653906976f6c28a7efc36be09e13ef3100cc8f
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Thu May 14 10:21:19 2020 +1200

    librpc/idl: Add dnsp_DnsProperty_short
    
    This will be used by a test and the DNS server code to parse short dnsProperty
    records which come from Windows servers.
    
    This example is from the value that caused Samba to fail as it
    can not be parsed as a normal dnsp_DnsProperty
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14310
    
    Signed-off-by: Andrew Bartlett <abartlet at samba.org>
    Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
    (backported to 4.12 from commit 87bf1d687fe7b48a7b6d511dfc7f5414db16119c)
    
    [abartlet at samba.org: resolve conflict due to less ndrdump tests in 4.12]

-----------------------------------------------------------------------

Summary of changes:
 lib/util/tests/test_util_paths.c       | 127 +++++++++++++++++++++++++++++++++
 lib/util/util_paths.c                  |  76 ++++++++++++++++++++
 lib/util/util_paths.h                  |   9 +++
 lib/util/wscript_build                 |   6 ++
 librpc/idl/dnsp.idl                    |  16 +++++
 python/samba/tests/blackbox/ndrdump.py |  21 ++++++
 python/samba/tests/dns.py              |  51 +++++++++++++
 selftest/knownfail.d/dns               |   7 ++
 selftest/tests.py                      |   2 +
 source3/lib/gencache.c                 |  63 +++++++++++++++-
 source3/winbindd/winbindd_dual.c       |  28 +++++++-
 source4/dns_server/dnsserver_common.c  |   9 ++-
 source4/rpc_server/dnsserver/dnsdb.c   |  72 +++++++++++++++++--
 13 files changed, 475 insertions(+), 12 deletions(-)
 create mode 100644 lib/util/tests/test_util_paths.c


Changeset truncated at 500 lines:

diff --git a/lib/util/tests/test_util_paths.c b/lib/util/tests/test_util_paths.c
new file mode 100644
index 00000000000..b89abf0aea1
--- /dev/null
+++ b/lib/util/tests/test_util_paths.c
@@ -0,0 +1,127 @@
+/*
+ * Unix SMB/CIFS implementation.
+ *
+ * Copyright (C) 2020      Andreas Schneider <asn at samba.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <setjmp.h>
+#include <cmocka.h>
+
+#include <talloc.h>
+
+#include "lib/replace/replace.h"
+#include "lib/util/util_paths.c"
+
+static int setup(void **state)
+{
+	TALLOC_CTX *mem_ctx = talloc_new(NULL);
+
+	assert_non_null(mem_ctx);
+	*state = mem_ctx;
+
+	return 0;
+}
+
+static int teardown(void **state)
+{
+	TALLOC_CTX *mem_ctx = *state;
+	TALLOC_FREE(mem_ctx);
+
+    return 0;
+}
+
+static void test_get_user_home_dir(void **state)
+{
+	TALLOC_CTX *mem_ctx = *state;
+	struct passwd *pwd = getpwuid(getuid());
+	char *user;
+
+	user = get_user_home_dir(mem_ctx);
+	assert_non_null(user);
+	assert_string_equal(user, pwd->pw_dir);
+
+	TALLOC_FREE(user);
+}
+
+static void test_path_expand_tilde(void **state)
+{
+	TALLOC_CTX *mem_ctx = *state;
+	char h[256] = {0};
+	char *d = NULL;
+	const char *user = NULL;
+	char *home = NULL;
+
+	user = getenv("USER");
+	if (user == NULL){
+		user = getenv("LOGNAME");
+	}
+
+	/* In certain CIs there no such variables */
+	if (user == NULL) {
+		struct passwd *pw = getpwuid(getuid());
+		if (pw){
+			user = pw->pw_name;
+		}
+	}
+
+	home = getenv("HOME");
+	assert_non_null(home);
+	snprintf(h, sizeof(h), "%s/.cache", home);
+
+	d = path_expand_tilde(mem_ctx, "~/.cache");
+	assert_non_null(d);
+	assert_string_equal(d, h);
+	TALLOC_FREE(d);
+
+	snprintf(h, sizeof(h), "%s/.cache/X~", home);
+	d = path_expand_tilde(mem_ctx, "~/.cache/X~");
+	assert_string_equal(d, h);
+	TALLOC_FREE(d);
+
+	d = path_expand_tilde(mem_ctx, "/guru/meditation");
+	assert_non_null(d);
+	assert_string_equal(d, "/guru/meditation");
+	TALLOC_FREE(d);
+
+	snprintf(h, sizeof(h), "~%s/.cache", user);
+	d = path_expand_tilde(mem_ctx, h);
+	assert_non_null(d);
+
+	snprintf(h, sizeof(h), "%s/.cache", home);
+	assert_string_equal(d, h);
+	TALLOC_FREE(d);
+}
+
+int main(int argc, char *argv[])
+{
+	int rc;
+	const struct CMUnitTest tests[] = {
+		cmocka_unit_test(test_get_user_home_dir),
+		cmocka_unit_test(test_path_expand_tilde),
+	};
+
+	if (argc == 2) {
+		cmocka_set_test_filter(argv[1]);
+	}
+	cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
+
+	rc = cmocka_run_group_tests(tests, setup, teardown);
+
+	return rc;
+}
diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c
index 0473557dfc6..c0ee5c32c30 100644
--- a/lib/util/util_paths.c
+++ b/lib/util/util_paths.c
@@ -6,6 +6,7 @@
    Copyright (C) Simo Sorce 2001
    Copyright (C) Jim McDonough <jmcd at us.ibm.com> 2003
    Copyright (C) James Peach 2006
+   Copyright (c) 2020      Andreas Schneider <asn at samba.org>
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -24,6 +25,7 @@
 #include "includes.h"
 #include "dynconfig/dynconfig.h"
 #include "lib/util/util_paths.h"
+#include "system/passwd.h"
 
 /**
  * @brief Returns an absolute path to a file in the Samba modules directory.
@@ -62,3 +64,77 @@ const char *shlib_ext(void)
 	return get_dyn_SHLIBEXT();
 }
 
+static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
+{
+	struct passwd pwd = {0};
+	struct passwd *pwdbuf = NULL;
+	char buf[NSS_BUFLEN_PASSWD] = {0};
+	int rc;
+
+	rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
+	if (rc != 0 || pwdbuf == NULL ) {
+		int len_written;
+		const char *szPath = getenv("HOME");
+		if (szPath == NULL) {
+			return NULL;
+		}
+		len_written = snprintf(buf, sizeof(buf), "%s", szPath);
+		if (len_written >= sizeof(buf) || len_written < 0) {
+			/* Output was truncated or an error. */
+			return NULL;
+		}
+		return talloc_strdup(mem_ctx, buf);
+	}
+
+	return talloc_strdup(mem_ctx, pwd.pw_dir);
+}
+
+char *path_expand_tilde(TALLOC_CTX *mem_ctx, const char *d)
+{
+	char *h = NULL, *r = NULL;
+	const char *p = NULL;
+	struct stat sb = {0};
+	int rc;
+
+	if (d[0] != '~') {
+		return talloc_strdup(mem_ctx, d);
+	}
+	d++;
+
+	/* handle ~user/path */
+	p = strchr(d, '/');
+	if (p != NULL && p > d) {
+		struct passwd *pw;
+		size_t s = p - d;
+		char u[128];
+
+		if (s >= sizeof(u)) {
+			return NULL;
+		}
+		memcpy(u, d, s);
+		u[s] = '\0';
+
+		pw = getpwnam(u);
+		if (pw == NULL) {
+			return NULL;
+		}
+		h = talloc_strdup(mem_ctx, pw->pw_dir);
+	} else {
+		p = d;
+		h = get_user_home_dir(mem_ctx);
+	}
+	if (h == NULL) {
+		return NULL;
+	}
+
+	rc = stat(h, &sb);
+	if (rc != 0) {
+		TALLOC_FREE(h);
+		return NULL;
+	}
+
+	r = talloc_asprintf(mem_ctx, "%s%s", h, p);
+	TALLOC_FREE(h);
+
+	return r;
+}
diff --git a/lib/util/util_paths.h b/lib/util/util_paths.h
index 80e8aaac6e9..cf34f691e5f 100644
--- a/lib/util/util_paths.h
+++ b/lib/util/util_paths.h
@@ -51,4 +51,13 @@ char *data_path(TALLOC_CTX *mem_ctx, const char *name);
  **/
 const char *shlib_ext(void);
 
+/**
+ * @brief Expand a directory starting with a tilde '~'
+ *
+ * @param[in]  d        The directory to expand.
+ *
+ * @return              The expanded directory, NULL on error.
+ */
+char *path_expand_tilde(TALLOC_CTX *mem_ctx, const char *d);
+
 #endif
diff --git a/lib/util/wscript_build b/lib/util/wscript_build
index a827eea3ed9..608f7b3dd73 100644
--- a/lib/util/wscript_build
+++ b/lib/util/wscript_build
@@ -288,3 +288,9 @@ else:
                      deps='cmocka replace samba-util',
                      local_include=False,
                      for_selftest=True)
+
+    bld.SAMBA_BINARY('test_util_paths',
+                     source='tests/test_util_paths.c',
+                     deps='cmocka replace talloc samba-util',
+                     local_include=False,
+                     for_selftest=True)
diff --git a/librpc/idl/dnsp.idl b/librpc/idl/dnsp.idl
index 814d573cddf..2fb45a217a4 100644
--- a/librpc/idl/dnsp.idl
+++ b/librpc/idl/dnsp.idl
@@ -260,4 +260,20 @@ interface dnsp
 		[switch_is(id)]     dnsPropertyData data;
 		uint32              name;
 	} dnsp_DnsProperty;
+
+	/*
+	 * this is the format for the dnsProperty attribute in the DNS
+	 * partitions in AD when the wDataLength is 0.  This is an
+	 * invalid format seen from some Windows servers in the same
+	 * domain.
+	 */
+	typedef [flag(NDR_NOALIGN),public] struct {
+		[range(0, 0), value(0)] uint32         wDataLength;
+		uint32   		               namelength;
+		[value(0)] uint32                      flag;
+		[value(1)] uint32                      version;
+		dns_property_id                        id;
+		[switch_is(DSPROPERTY_ZONE_EMPTY)]     dnsPropertyData data;
+		uint32                                 name;
+	} dnsp_DnsProperty_short;
 }
diff --git a/python/samba/tests/blackbox/ndrdump.py b/python/samba/tests/blackbox/ndrdump.py
index b3c837819b1..6795aed41b7 100644
--- a/python/samba/tests/blackbox/ndrdump.py
+++ b/python/samba/tests/blackbox/ndrdump.py
@@ -437,3 +437,24 @@ dump OK
             self.fail(e)
 
         self.assertEqual(actual, expected)
+
+    def test_ndrdump_short_dnsProperty(self):
+        expected = b'''pull returned Success
+    dnsp_DnsProperty_short: struct dnsp_DnsProperty_short
+        wDataLength              : 0x00000000 (0)
+        namelength               : 0x00000000 (0)
+        flag                     : 0x00000000 (0)
+        version                  : 0x00000001 (1)
+        id                       : DSPROPERTY_ZONE_NS_SERVERS_DA (146)
+        data                     : union dnsPropertyData(case 0)
+        name                     : 0x00000000 (0)
+dump OK
+'''
+        command = (
+            "ndrdump dnsp dnsp_DnsProperty_short struct --base64-input "
+            "--input AAAAAAAAAAAAAAAAAQAAAJIAAAAAAAAA")
+        try:
+            actual = self.check_output(command)
+        except BlackboxProcessError as e:
+            self.fail(e)
+        self.assertEqual(actual, expected)
diff --git a/python/samba/tests/dns.py b/python/samba/tests/dns.py
index bc05076c615..d06cf0b0b19 100644
--- a/python/samba/tests/dns.py
+++ b/python/samba/tests/dns.py
@@ -1702,6 +1702,57 @@ class TestZones(DNSTest):
         self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
         self.assertEquals(response.ancount, 0)
 
+    def set_dnsProperty_zero_length(self, dnsproperty_id):
+        records = self.samdb.search(base=self.zone_dn, scope=ldb.SCOPE_BASE,
+                                    expression="(&(objectClass=dnsZone)" +
+                                    "(name={0}))".format(self.zone),
+                                    attrs=["dNSProperty"])
+        self.assertEqual(len(records), 1)
+        props = [ndr_unpack(dnsp.DnsProperty, r)
+                 for r in records[0].get('dNSProperty')]
+        new_props = [ndr.ndr_pack(p) for p in props if p.id == dnsproperty_id]
+
+        zero_length_p = dnsp.DnsProperty_short()
+        zero_length_p.id = dnsproperty_id
+        zero_length_p.namelength = 1
+        zero_length_p.name = 1
+        new_props += [ndr.ndr_pack(zero_length_p)]
+
+        dn = records[0].dn
+        update_dict = {'dn': dn, 'dnsProperty': new_props}
+        self.samdb.modify(ldb.Message.from_dict(self.samdb,
+                                                update_dict,
+                                                ldb.FLAG_MOD_REPLACE))
+
+    def test_update_while_dnsProperty_zero_length(self):
+        self.create_zone(self.zone)
+        self.set_dnsProperty_zero_length(dnsp.DSPROPERTY_ZONE_ALLOW_UPDATE)
+        rec = self.dns_update_record('dnspropertytest', ['test txt'])
+        self.assertNotEqual(rec.dwTimeStamp, 0)
+
+    def test_enum_zones_while_dnsProperty_zero_length(self):
+        self.create_zone(self.zone)
+        self.set_dnsProperty_zero_length(dnsp.DSPROPERTY_ZONE_ALLOW_UPDATE)
+        client_version = dnsserver.DNS_CLIENT_VERSION_LONGHORN
+        request_filter = dnsserver.DNS_ZONE_REQUEST_PRIMARY
+        tid = dnsserver.DNSSRV_TYPEID_DWORD
+        typeid, res = self.rpc_conn.DnssrvComplexOperation2(client_version,
+                                                            0,
+                                                            self.server_ip,
+                                                            None,
+                                                            'EnumZones',
+                                                            tid,
+                                                            request_filter)
+
+    def test_rpc_zone_update_while_dnsProperty_zero_length(self):
+        self.create_zone(self.zone)
+        self.set_dnsProperty_zero_length(dnsp.DSPROPERTY_ZONE_ALLOW_UPDATE)
+        self.set_params(zone=self.zone, AllowUpdate=dnsp.DNS_ZONE_UPDATE_SECURE)
+
+    def test_rpc_zone_update_while_other_dnsProperty_zero_length(self):
+        self.create_zone(self.zone)
+        self.set_dnsProperty_zero_length(dnsp.DSPROPERTY_ZONE_MASTER_SERVERS_DA)
+        self.set_params(zone=self.zone, AllowUpdate=dnsp.DNS_ZONE_UPDATE_SECURE)
 
 class TestRPCRoundtrip(DNSTest):
     def setUp(self):
diff --git a/selftest/knownfail.d/dns b/selftest/knownfail.d/dns
index 70a719a818a..fd1a78e9b5e 100644
--- a/selftest/knownfail.d/dns
+++ b/selftest/knownfail.d/dns
@@ -88,3 +88,10 @@ samba.tests.dns.__main__.TestSimpleQueries.test_one_SOA_query\(rodc:local\)
 ^samba.tests.dns.__main__.TestComplexQueries.test_cname_limit\(rodc:local\)
 ^samba.tests.dns.__main__.TestComplexQueries.test_cname_any_query\(vampire_dc:local\)
 ^samba.tests.dns.__main__.TestComplexQueries.test_cname_any_query\(rodc:local\)
+
+# Tests for the dnsProperty parse issue do not pass here, but do against fl2003dc
+^samba.tests.dns.__main__.TestZones.test_enum_zones_while_dnsProperty_zero_length\(rodc:local\)
+^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_dnsProperty_zero_length\(rodc:local\)
+^samba.tests.dns.__main__.TestZones.test_rpc_zone_update_while_other_dnsProperty_zero_length\(rodc:local\)
+^samba.tests.dns.__main__.TestZones.test_update_while_dnsProperty_zero_length\(rodc:local\)
+^samba.tests.dns.__main__.TestZones.test_update_while_dnsProperty_zero_length\(vampire_dc:local\)
\ No newline at end of file
diff --git a/selftest/tests.py b/selftest/tests.py
index 96d3f8d6317..b72a6fb65eb 100644
--- a/selftest/tests.py
+++ b/selftest/tests.py
@@ -389,6 +389,8 @@ plantestsuite("samba.unittests.ms_fnmatch", "none",
               [os.path.join(bindir(), "default/lib/util/test_ms_fnmatch")])
 plantestsuite("samba.unittests.byteorder", "none",
               [os.path.join(bindir(), "default/lib/util/test_byteorder")])
+plantestsuite("samba.unittests.util_paths", "none",
+              [os.path.join(bindir(), "default/lib/util/test_util_paths")])
 plantestsuite("samba.unittests.ntlm_check", "none",
               [os.path.join(bindir(), "default/libcli/auth/test_ntlm_check")])
 plantestsuite("samba.unittests.gnutls", "none",
diff --git a/source3/lib/gencache.c b/source3/lib/gencache.c
index 9ad85bbf55f..896bf50cbd7 100644
--- a/source3/lib/gencache.c
+++ b/source3/lib/gencache.c
@@ -29,10 +29,13 @@
 #include "tdb_wrap/tdb_wrap.h"
 #include "zlib.h"
 #include "lib/util/strv.h"
+#include "lib/util/util_paths.h"
 
 #undef  DBGC_CLASS
 #define DBGC_CLASS DBGC_TDB
 
+#define GENCACHE_USER_PATH "~/.cache/samba/gencache.tdb"
+
 static struct tdb_wrap *cache;
 
 /**
@@ -68,6 +71,7 @@ static bool gencache_init(void)
 {
 	char* cache_fname = NULL;
 	int open_flags = O_RDWR|O_CREAT;
+	int tdb_flags = TDB_INCOMPATIBLE_HASH|TDB_NOSYNC|TDB_MUTEX_LOCKING;
 	int hash_size;
 
 	/* skip file open if it's already opened */
@@ -85,10 +89,63 @@ static bool gencache_init(void)
 	DEBUG(5, ("Opening cache file at %s\n", cache_fname));
 
 	cache = tdb_wrap_open(NULL, cache_fname, hash_size,
-			      TDB_INCOMPATIBLE_HASH|
-			      TDB_NOSYNC|
-			      TDB_MUTEX_LOCKING,
+			      tdb_flags,
 			      open_flags, 0644);
+	/*
+	 * Allow client tools to create a gencache in the home directory
+	 * as a normal user.
+	 */
+	if (cache == NULL && errno == EACCES && geteuid() != 0) {
+		char *cache_dname = NULL, *tmp = NULL;
+		bool ok;
+
+		TALLOC_FREE(cache_fname);
+
+		cache_fname = path_expand_tilde(talloc_tos(),
+						GENCACHE_USER_PATH);
+		if (cache_fname == NULL) {
+			DBG_ERR("Failed to expand path: %s\n",
+				GENCACHE_USER_PATH);
+			return false;
+		}
+
+		tmp = talloc_strdup(talloc_tos(), cache_fname);
+		if (tmp == NULL) {
+			DBG_ERR("No memory!\n");
+			TALLOC_FREE(cache_fname);
+			return false;
+		}
+
+		cache_dname = dirname(tmp);
+		if (cache_dname == NULL) {
+			DBG_ERR("Invalid path: %s\n", cache_fname);
+			TALLOC_FREE(tmp);
+			TALLOC_FREE(cache_fname);
+			return false;
+		}
+
+		ok = directory_create_or_exist(cache_dname, 0700);
+		if (!ok) {
+			DBG_ERR("Failed to create directory: %s - %s\n",
+				cache_dname, strerror(errno));
+			TALLOC_FREE(tmp);
+			TALLOC_FREE(cache_fname);
+			return false;
+		}
+		TALLOC_FREE(tmp);
+
+		cache = tdb_wrap_open(NULL,
+				      cache_fname,
+				      hash_size,
+				      tdb_flags,
+				      open_flags,
+				      0644);
+		if (cache != NULL) {
+			DBG_INFO("Opening user cache file %s.\n",
+				 cache_fname);
+		}
+	}
+
 	if (cache == NULL) {
 		DEBUG(5, ("Opening %s failed: %s\n", cache_fname,


-- 
Samba Shared Repository



More information about the samba-cvs mailing list