[SCM] Samba Shared Repository - branch master updated

Ralph Böhme slow at samba.org
Wed Nov 17 18:30:01 UTC 2021


The branch, master has been updated
       via  cdc0268c198 cmdline: Make -P work in clustered mode
       via  63c80f25da8 cmdline: Add a callback to set the machine account details
       via  d6270525699 lib: Add required includes to source3/include/secrets.h
       via  9faa3173193 selftest: Add reproducer for bug 14908
      from  2868b803649 lib/replace/timegm: use utf-8

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit cdc0268c1987f36ab400ea01df88d55c02dccfdb
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Nov 17 12:27:27 2021 +0100

    cmdline: Make -P work in clustered mode
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=14908
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>
    
    Autobuild-User(master): Ralph Böhme <slow at samba.org>
    Autobuild-Date(master): Wed Nov 17 18:29:09 UTC 2021 on sn-devel-184

commit 63c80f25da8829a7bd3244afea29c13f699efac1
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Nov 17 12:25:58 2021 +0100

    cmdline: Add a callback to set the machine account details
    
    source3 clients need to work in clustered mode, the default
    cli_credentials_set_machine_account() only looks at the local
    secrets.tdb file
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=14908
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit d6270525699fbc856b217cf18ece7f1d063b144d
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Nov 17 12:25:05 2021 +0100

    lib: Add required includes to source3/include/secrets.h
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=14908
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

commit 9faa3173193ddcb95905993d960cc10d4366524e
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Nov 17 16:34:07 2021 +0100

    selftest: Add reproducer for bug 14908
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=14908
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Ralph Boehme <slow at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/cmdline/cmdline.c                            | 16 ++++++++++++--
 lib/cmdline/cmdline.h                            |  4 ++++
 lib/cmdline/cmdline_s3.c                         | 28 ++++++++++++++++++++++++
 lib/cmdline/wscript                              |  2 +-
 source3/include/secrets.h                        |  3 +++
 source3/script/tests/test_net_machine_account.sh | 22 +++++++++++++++++++
 source3/selftest/tests.py                        |  9 ++++++++
 7 files changed, 81 insertions(+), 3 deletions(-)
 create mode 100755 source3/script/tests/test_net_machine_account.sh


Changeset truncated at 500 lines:

diff --git a/lib/cmdline/cmdline.c b/lib/cmdline/cmdline.c
index 753cec27c3f..33d0c94e3b1 100644
--- a/lib/cmdline/cmdline.c
+++ b/lib/cmdline/cmdline.c
@@ -30,6 +30,11 @@ static struct cli_credentials *cmdline_creds;
 static samba_cmdline_load_config cmdline_load_config_fn;
 static struct samba_cmdline_daemon_cfg cmdline_daemon_cfg;
 
+static NTSTATUS (*cli_credentials_set_machine_account_fn)(
+	struct cli_credentials *cred,
+	struct loadparm_context *lp_ctx) =
+	cli_credentials_set_machine_account;
+
 /* PRIVATE */
 bool samba_cmdline_set_talloc_ctx(TALLOC_CTX *mem_ctx)
 {
@@ -122,6 +127,13 @@ struct samba_cmdline_daemon_cfg *samba_cmdline_get_daemon_cfg(void)
 	return &cmdline_daemon_cfg;
 }
 
+void samba_cmdline_set_machine_account_fn(
+	NTSTATUS (*fn) (struct cli_credentials *cred,
+			struct loadparm_context *lp_ctx))
+{
+	cli_credentials_set_machine_account_fn = fn;
+}
+
 void samba_cmdline_burn(int argc, char *argv[])
 {
 	bool found = false;
@@ -792,8 +804,8 @@ static void popt_common_credentials_callback(poptContext popt_ctx,
 		if (machine_account_pending) {
 			NTSTATUS status;
 
-			status = cli_credentials_set_machine_account(creds,
-								     lp_ctx);
+			status = cli_credentials_set_machine_account_fn(
+				creds, lp_ctx);
 			if (!NT_STATUS_IS_OK(status)) {
 				fprintf(stderr,
 					"Failed to set machine account: %s\n",
diff --git a/lib/cmdline/cmdline.h b/lib/cmdline/cmdline.h
index 1f85da0099e..5cd58c3ddbb 100644
--- a/lib/cmdline/cmdline.h
+++ b/lib/cmdline/cmdline.h
@@ -131,6 +131,10 @@ struct poptOption *samba_cmdline_get_popt(enum smb_cmdline_popt_options opt);
  */
 struct samba_cmdline_daemon_cfg *samba_cmdline_get_daemon_cfg(void);
 
+void samba_cmdline_set_machine_account_fn(
+	NTSTATUS (*fn) (struct cli_credentials *cred,
+			struct loadparm_context *lp_ctx));
+
 /**
  * @brief Burn secrets on the command line.
  *
diff --git a/lib/cmdline/cmdline_s3.c b/lib/cmdline/cmdline_s3.c
index 639d403aed3..6e2c154c756 100644
--- a/lib/cmdline/cmdline_s3.c
+++ b/lib/cmdline/cmdline_s3.c
@@ -26,6 +26,7 @@
 #include "auth/credentials/credentials.h"
 #include "dynconfig/dynconfig.h"
 #include "cmdline_private.h"
+#include "source3/include/secrets.h"
 
 static bool _require_smbconf;
 static enum samba_cmdline_config_type _config_type;
@@ -84,6 +85,31 @@ static bool _samba_cmdline_load_config_s3(void)
 	return true;
 }
 
+static NTSTATUS _samba_cmd_set_machine_account_s3(
+	struct cli_credentials *cred,
+	struct loadparm_context *lp_ctx)
+{
+	struct db_context *db_ctx = secrets_db_ctx();
+	NTSTATUS status;
+
+	if (db_ctx == NULL) {
+		DBG_WARNING("failed to open secrets.tdb to obtain our "
+			    "trust credentials for %s\n",
+			    lpcfg_workgroup(lp_ctx));;
+		return NT_STATUS_INTERNAL_ERROR;
+	}
+
+	status = cli_credentials_set_machine_account_db_ctx(
+		cred, lp_ctx, db_ctx);
+	if (!NT_STATUS_IS_OK(status)) {
+		DBG_WARNING("cli_credentials_set_machine_account_db_ctx "
+			    "failed: %s\n",
+			    nt_errstr(status));
+	}
+
+	return status;
+}
+
 bool samba_cmdline_init(TALLOC_CTX *mem_ctx,
 			enum samba_cmdline_config_type config_type,
 			bool require_smbconf)
@@ -119,6 +145,8 @@ bool samba_cmdline_init(TALLOC_CTX *mem_ctx,
 	}
 
 	samba_cmdline_set_load_config_fn(_samba_cmdline_load_config_s3);
+	samba_cmdline_set_machine_account_fn(
+		_samba_cmd_set_machine_account_s3);
 
 	return true;
 }
diff --git a/lib/cmdline/wscript b/lib/cmdline/wscript
index 1e13561ddf6..01ead85e2c4 100644
--- a/lib/cmdline/wscript
+++ b/lib/cmdline/wscript
@@ -22,7 +22,7 @@ def build(bld):
 
     bld.SAMBA_SUBSYSTEM('CMDLINE_S3',
                         source='cmdline_s3.c',
-                        deps='cmdline')
+                        deps='cmdline secrets3')
 
     bld.SAMBA_SUBSYSTEM('CMDLINE_S4',
                         source='cmdline_s4.c',
diff --git a/source3/include/secrets.h b/source3/include/secrets.h
index 2478561cee7..1abfbb07e89 100644
--- a/source3/include/secrets.h
+++ b/source3/include/secrets.h
@@ -20,6 +20,9 @@
 #ifndef _SECRETS_H
 #define _SECRETS_H
 
+#include "replace.h"
+#include "librpc/gen_ndr/security.h"
+
 /* the first one is for the hashed password (NT4 style) the latter
    for plaintext (ADS)
 */
diff --git a/source3/script/tests/test_net_machine_account.sh b/source3/script/tests/test_net_machine_account.sh
new file mode 100755
index 00000000000..69844443bf6
--- /dev/null
+++ b/source3/script/tests/test_net_machine_account.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+# Reproducer for https://bugzilla.samba.org/show_bug.cgi?id=14908
+
+if [ $# -lt 2 ]; then
+    echo "Usage: $0 NET CONFFILE SERVER_IP"
+    exit 1
+fi
+
+NET="$1"; shift
+CONFFILE="$1"; shift
+SERVER_IP="$1"; shift
+
+export UID_WRAPPER_ROOT=1
+
+incdir=`dirname $0`/../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+failed=0
+
+testit "net_ads_user" $VALGRIND $NET rpc user --configfile="$CONFFILE" -S "$SERVER_IP" -P || failed=`expr $failed + 1`
+
+testok $0 $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index bb47851bbc6..f4319959353 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -1311,6 +1311,15 @@ plantestsuite(
      "",
      "-b $PREFIX/clusteredmember/unclists/tmp.txt -N 5 -o 10"])
 
+plantestsuite(
+    "samba3.net_machine_account",
+    "clusteredmember",
+    [os.path.join(samba3srcdir,
+                  "script/tests/test_net_machine_account.sh"),
+     "bin/net",
+     "$SERVERCONFFILE",
+     "$SERVER_IP"])
+
 plantestsuite(
     "samba3.net_lookup_ldap",
     "ad_dc:local",


-- 
Samba Shared Repository



More information about the samba-cvs mailing list