[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Fri May 5 03:53:01 UTC 2023
The branch, master has been updated
via 6258173a62e s4:kdc: Don’t call memcpy() with a NULL pointer
via 2eb458118c3 lib:addns: Don’t call memcpy() with a NULL pointer
via f60249eed58 tests/krb5: Improve _test_samr_change_password() method
via e959485550e tests/krb5: Don’t delete silo until all tests have finished
via 0e27b297a29 tests/krb5: Add remove_attribute() helper function
via 98e23d7eed6 tests/krb5: Have set_forced_key() also set the NT hash
via 1a53d3514f8 auth/credentials: Add set_nt_hash()
via 506c2d1b8a3 s3:lib: Fix typos
via 6f1852c9538 s4:kdc: Remove unused parameter
via 87f7bd60071 tests/krb5: Make _tgs_req() more configurable
via 9d206948c9c tests/krb5: Make use of check_tgs_reply()
via ab8a3e87bbe tests/krb5: Allow specifying an encoded security descriptor
via 9d84f3384e6 tests/krb5: Rename ‘objectclass’ to use correct case
via 0a7cbe1e953 tests/krb5: Rename ‘auth_silo’ to ‘authn_silo’
via 2f993306408 s4/scripting/bin: Remove unused imports
via 2727e33dbdb s4/scripting/bin: Fix resource leak
via 37450ec3c2c s4:kdc: Fix typo
via 3ae3499b70b tests/krb5: Create account cache key only if needed
via 4dc9abc777b tests/krb5: Delete non-resuable accounts as soon as possible
via 9c4a71de472 s4:kdc: Use correct target principal name in log message
via 86f07cad945 docs-xml: Fix typos
via db889249abb auth/credentials: Fix NULL dereference
via bd9eb63450f tests/krb5: Refactor _test_samlogon()
via 443d70ee58f lib:util: Fix undefined bitshift
via dd88d7a89f2 param: Fix resource leak
via d497829bf1a python/samba: Fix invalid escape sequence
via 2e41c73e98e lib/http: Remove unused structure
via c6f29f0039c tests/krb5: Allow setting a servicePrincipalName on a user account
via 4ae9fe48aa8 tests/krb5: Fix parameter default
via 57d73b24b2e tests/krb5: Remove unused parameter
via 1a90a94ff1d tests/krb5: Test that the salt for a managed service account is computed correctly
via 762e184216f tests/krb5: Allow creating managed service accounts
via c7295b1dc54 pydsdb: Add Managed Service Accounts GUID constant
via 2f5cebfef92 libds: Add Managed Service Accounts well-known GUID
via 8a3dacd39ec tests/krb5: Always heed the add_dollar parameter
via 1ba0953d65b tests/krb5: Remove unused import
via 07f3dbbf38e s4:dsdb: Fix leak
via 722bbf0544a tests/krb5: Remove unneeded assertions
via eb4b46d326e tests/krb5: Allow creating an account with an assigned policy or silo
via e7b2cd7d831 tests/krb5: Add method to create an authentication policy
via c4972272227 tests/krb5: Generify protected users test methods
via 6f3b7f95f3c tests/krb5: Handle NT hashes being disabled
via e4ec3d6f3d3 tests/krb5: Pass client credentials down into kdc_exchange_dict
via c07ac154627 tests/krb5: Remove test for OemChangePasswordUser2()
via 58bf53c973d tests/krb5: Split out functions for testing logons and password changes
via 34f378f4809 auth/credentials: Allow resetting bind DN on Credentials object
via 963688b3a5a librpc: Always call ndr_push_compression_state_init() for compression
via ff2de50aa4b librpc: Fix talloc hierarchy for ndr_compression_state
via 7dab9edca86 python:descriptor: add missing schema 2019 aces in builtin and dns partition
from 6752bcaf4de s3:utils: Move error-handling code into more suitable spot (CID 1524680)
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 6258173a62e3fbb9cd103b72175874e8346571ea
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon May 1 13:04:58 2023 +1200
s4:kdc: Don’t call memcpy() with a NULL pointer
Doing so is undefined behaviour.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Fri May 5 03:52:30 UTC 2023 on atb-devel-224
commit 2eb458118c3de09cea42749098df1f93dc0e9eca
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon May 1 11:22:02 2023 +1200
lib:addns: Don’t call memcpy() with a NULL pointer
Doing so is undefined behaviour.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit f60249eed58d9c282b21fd83dcb0654f310ac8db
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon May 1 09:48:15 2023 +1200
tests/krb5: Improve _test_samr_change_password() method
Instead of using anonymous credentials, we now connect using the
passed-in credentials.
We now correctly construct nt_password and nt_verifier so as to
successfully change the password, instead of having to distinguish
between a WRONG_PASSWORD error and an error caused by the password
change being disallowed.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit e959485550e0418f7e9ad02b45b5e89c0f01e422
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon May 1 09:45:37 2023 +1200
tests/krb5: Don’t delete silo until all tests have finished
It’s possible that we reuse the same silo across multiple tests. In that
case, we should not delete it until we are sure we have finished with
it.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 0e27b297a29ba933be7a1a810a3f831dce3f64de
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Apr 28 16:25:09 2023 +1200
tests/krb5: Add remove_attribute() helper function
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 98e23d7eed6e7e89e8565f56ff35630f6799e80b
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Apr 28 16:24:31 2023 +1200
tests/krb5: Have set_forced_key() also set the NT hash
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 1a53d3514f8b72062fdf30d1b9ba80f170f66821
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Apr 28 16:22:32 2023 +1200
auth/credentials: Add set_nt_hash()
This method allows setting the NT hash directly. This is useful in cases
where we don’t know the password, such as with a computer or server
account.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 506c2d1b8a3cc11b437052321818ea67c83cc583
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Apr 28 09:41:59 2023 +1200
s3:lib: Fix typos
These typos were also spotted by a mailing list user:
https://lists.samba.org/archive/samba-technical/2023-April/138190.html
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 6f1852c95387a4cd83bd91f405ab6989c779948f
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 16:25:23 2023 +1200
s4:kdc: Remove unused parameter
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 87f7bd60071219dad586ce91a0febd2c72da3bce
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 16:23:36 2023 +1200
tests/krb5: Make _tgs_req() more configurable
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 9d206948c9cf72a83be25e496f9bd0c15ed575f9
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 16:22:38 2023 +1200
tests/krb5: Make use of check_tgs_reply()
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit ab8a3e87bbe4d1f46aca3895dc3d91277eb28486
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 16:20:25 2023 +1200
tests/krb5: Allow specifying an encoded security descriptor
If we get a string, we’ll still assume it’s a DN and create a security
descriptor using it.
This is useful in cases where we don’t have a DN (e.g., the account is
not created yet).
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 9d84f3384e6605e2c48a3ece0b0b50a751f73295
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 16:18:32 2023 +1200
tests/krb5: Rename ‘objectclass’ to use correct case
This means that tests can now specify values for ‘objectClass’ in
additional_details which override the default value.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 0a7cbe1e953084ef004dffcadcf8436026604820
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 16:16:44 2023 +1200
tests/krb5: Rename ‘auth_silo’ to ‘authn_silo’
Make it clear that this relates to authentication, not authorization.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2f993306408b69b8469a5387e5e609bd1bc0b983
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 15:17:18 2023 +1200
s4/scripting/bin: Remove unused imports
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2727e33dbdb6b4f8464d93ca6358fcbb0180ab31
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 15:15:03 2023 +1200
s4/scripting/bin: Fix resource leak
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 37450ec3c2c263f0810801448b445e57dbfbb56a
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 13:48:53 2023 +1200
s4:kdc: Fix typo
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 3ae3499b70bc602c052815a8ec9cb09d9270ae5e
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 10:44:12 2023 +1200
tests/krb5: Create account cache key only if needed
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4dc9abc777ba923074a840266f944db3789aa3c0
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 10:43:01 2023 +1200
tests/krb5: Delete non-resuable accounts as soon as possible
This helps to mitigate Samba’s slow account deletion.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 9c4a71de4722064cb0b1c46ac32204d5761fdaec
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Wed Apr 26 12:52:06 2023 +1200
s4:kdc: Use correct target principal name in log message
‘tmp’ has already been freed by this point.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 86f07cad945a64c14a492f6ebf5cc3700a0f7ea7
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon Apr 24 12:53:12 2023 +1200
docs-xml: Fix typos
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit db889249abbab81964e1cb3033b6a08b7a6361f4
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon Apr 24 11:13:38 2023 +1200
auth/credentials: Fix NULL dereference
We should not pass a NULL pointer to netlogon_creds_session_encrypt().
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit bd9eb63450ff45a9c3d49ca5c9f7b2c8aaa2060b
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Apr 21 13:25:58 2023 +1200
tests/krb5: Refactor _test_samlogon()
Move logic specific to the Network logon into that branch, so it’s
easier to see what’s going on.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 443d70ee58f3dec05ddede22c33fec0860f52864
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 20 10:44:41 2023 +1200
lib:util: Fix undefined bitshift
runtime error: left shift of 65535 by 16 places cannot be represented in type 'int'
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit dd88d7a89f2896a4535fe61cce44076888cbaef6
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 20 09:20:38 2023 +1200
param: Fix resource leak
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit d497829bf1abd37eb87896d7826e00d41767ae20
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 20 09:03:46 2023 +1200
python/samba: Fix invalid escape sequence
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2e41c73e98eb654f1982c834d8913dc055fcf28e
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Wed Apr 19 15:44:11 2023 +1200
lib/http: Remove unused structure
This is just a typo of ‘struct loadparm_context’.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit c6f29f0039ca9fb29f5882bb89f1c395c60ab9ee
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Wed Apr 19 13:01:55 2023 +1200
tests/krb5: Allow setting a servicePrincipalName on a user account
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4ae9fe48aa8d552246474a204613f75f07f19a15
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Wed Apr 19 13:00:53 2023 +1200
tests/krb5: Fix parameter default
Now that add_dollar is honoured for all account types, we don’t want to
pass add_dollar=True for user accounts.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 57d73b24b2ec26b38f5783a9dc39446580afa205
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Wed Apr 19 10:50:23 2023 +1200
tests/krb5: Remove unused parameter
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 1a90a94ff1dec39cc50c991a16cc3f589dfa0b33
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Apr 14 11:53:13 2023 +1200
tests/krb5: Test that the salt for a managed service account is computed correctly
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 762e184216fd9b809a05bf040ace23e229cbb410
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Apr 14 11:51:31 2023 +1200
tests/krb5: Allow creating managed service accounts
These will be useful for testing authentication policies.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit c7295b1dc5431a7d5b1a532141e008e8af36b1cc
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 16:13:55 2023 +1200
pydsdb: Add Managed Service Accounts GUID constant
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2f5cebfef92701c37515262b587f411c2b8df418
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 27 16:12:30 2023 +1200
libds: Add Managed Service Accounts well-known GUID
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 8a3dacd39ec60b3132c7151da82c22e5c26fa17e
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Apr 14 11:49:41 2023 +1200
tests/krb5: Always heed the add_dollar parameter
Not just if the account to be created is a computer. This allows us to
create other types of accounts with a trailing dollar.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 1ba0953d65b238cd1c0545052008aa53fea50433
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 13 14:13:43 2023 +1200
tests/krb5: Remove unused import
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 07f3dbbf38ef1b42e58baeb9304fb23aecdd46da
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue Apr 11 09:46:37 2023 +1200
s4:dsdb: Fix leak
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 722bbf0544a5c22c7e892227fc26858c14723e19
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 6 11:47:17 2023 +1200
tests/krb5: Remove unneeded assertions
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit eb4b46d326ee53d4c275d7f72b07650af589e9fa
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Wed Apr 5 11:21:39 2023 +1200
tests/krb5: Allow creating an account with an assigned policy or silo
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit e7b2cd7d8315a5f182acba99b5c986f8b5a6186d
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Mon Apr 3 11:23:10 2023 +1200
tests/krb5: Add method to create an authentication policy
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit c4972272227696dfd5848db3897f1128f2817995
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue May 24 19:55:03 2022 +1200
tests/krb5: Generify protected users test methods
We can reuse them to test accounts restricted authentication in some
form or another.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 6f3b7f95f3cc093175507e9eb079cc8241dadedf
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue May 24 19:11:22 2022 +1200
tests/krb5: Handle NT hashes being disabled
If NT hashes are disabled, we should not expect the RC4 enctype to be
available for non-computer accounts.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit e4ec3d6f3d3f3b5a9c6f37d78ab3f41daff5d49a
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Thu Apr 6 11:09:31 2023 +1200
tests/krb5: Pass client credentials down into kdc_exchange_dict
These are useful inside the test infrastructure.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit c07ac154627b10c177befc4e3fd8b3fec2702707
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Tue May 24 19:36:30 2022 +1200
tests/krb5: Remove test for OemChangePasswordUser2()
We don’t implement this anymore (since commit
0f53bfe7230c5e76f7ceb8baf98a9ef38a35356f).
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 58bf53c973dce8a1e492c70d072a3c1cc239ae7c
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri May 6 15:24:21 2022 +1200
tests/krb5: Split out functions for testing logons and password changes
This allows their use for testing other forms of restricted accounts.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 34f378f48095419d11137b0719fdaeaaba5591c7
Author: Joseph Sutton <josephsutton at catalyst.net.nz>
Date: Fri Apr 29 11:51:18 2022 +1200
auth/credentials: Allow resetting bind DN on Credentials object
Passing None into set_bind_dn() now resets it.
Signed-off-by: Joseph Sutton <josephsutton at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 963688b3a5acbf0714377b4b17e5cbbbd31e50d9
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon May 1 14:30:31 2023 +1200
librpc: Always call ndr_push_compression_state_init() for compression
This allows the push routine to cache the chosen compression algorithm in
the struct ndr_compression_state in ndr->cstate and so, in claims, avoid
calling ndr_size_CLAIMS_SET_NDR() three times per compression (more in the
overall push).
As claims is now the primary use of the libndr compression code, this is
a reasonable tradeoff compared to the other callers who have more static
algorithm selections.
By removing the struct ndr_compression_state **state argument from
ndr_push_compression_state_init() we make clear that the ndr->cstate
belongs to this NDR context, and this context alone.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
commit ff2de50aa4bf086880ab8cd1c2aee7e998c2c22a
Author: Andrew Bartlett <abartlet at samba.org>
Date: Mon May 1 14:13:15 2023 +1200
librpc: Fix talloc hierarchy for ndr_compression_state
The complexity of generic_mszip_free() is not needed, nor is a talloc
destructor required if the memory is correctly created in a tree.
Credit to OSS-Fuzz for showing the use-after-free
REF: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57608
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15349
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Joseph Sutton <josephsutton at catalyst.net.nz>
commit 7dab9edca86c3ee76173eecba2c3b46869f25e64
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Apr 17 09:22:21 2023 +0000
python:descriptor: add missing schema 2019 aces in builtin and dns partition
Note 'samba-tool domain functionalprep' won't fix them in the database,
while a fresh provision will add these.
This is needed in order that 'samba-tool dbcheck --reset-well-known-acls'
won't reset them after a modern provision and will fix them on an old
domain.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/credentials/pycredentials.c | 40 +-
docs-xml/manpages/idmap_script.8.xml | 2 +-
docs-xml/manpages/idmap_tdb.8.xml | 2 +-
docs-xml/manpages/idmap_tdb2.8.xml | 4 +-
lib/addns/dnsmarshall.c | 4 +-
lib/util/byteorder.h | 2 +-
libcli/http/http.h | 1 -
libds/common/flags.h | 1 +
librpc/ndr/ndr_cab.c | 16 +-
librpc/ndr/ndr_compression.c | 84 +---
librpc/ndr/ndr_compression.h | 9 +-
librpc/ndr/ndr_drsuapi.c | 40 +-
pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 6 +-
python/samba/descriptor.py | 8 +
python/samba/ms_forest_updates_markdown.py | 2 +-
python/samba/tests/krb5/as_req_tests.py | 6 +-
python/samba/tests/krb5/claims_tests.py | 7 +-
python/samba/tests/krb5/device_tests.py | 1 +
python/samba/tests/krb5/etype_tests.py | 18 +-
python/samba/tests/krb5/fast_tests.py | 2 +
python/samba/tests/krb5/group_tests.py | 7 +-
python/samba/tests/krb5/kdc_base_test.py | 495 +++++++++++++++++----
python/samba/tests/krb5/kdc_tgs_tests.py | 324 +++++++-------
python/samba/tests/krb5/lockout_tests.py | 3 +-
.../krb5/ms_kile_client_principal_lookup_tests.py | 20 +-
python/samba/tests/krb5/protected_users_tests.py | 171 ++-----
python/samba/tests/krb5/raw_testcase.py | 43 +-
python/samba/tests/krb5/salt_tests.py | 142 ++++++
python/samba/tests/krb5/spn_tests.py | 2 +-
script/generate_param.py | 4 +-
source3/lib/adouble.c | 4 +-
source4/dsdb/pydsdb.c | 1 +
source4/dsdb/samdb/ldb_modules/password_hash.c | 1 +
source4/kdc/db-glue.c | 2 +-
source4/kdc/kpasswd-service.c | 8 +-
source4/kdc/mit_samba.c | 2 -
source4/kdc/pac-glue.c | 3 -
source4/kdc/pac-glue.h | 1 -
source4/kdc/wdc-samba4.c | 3 +-
source4/scripting/bin/gen_hresult.py | 2 +-
source4/scripting/bin/gen_ntstatus.py | 9 +-
41 files changed, 987 insertions(+), 515 deletions(-)
Changeset truncated at 500 lines:
diff --git a/auth/credentials/pycredentials.c b/auth/credentials/pycredentials.c
index 013d2958ea2..b87cdc06a93 100644
--- a/auth/credentials/pycredentials.c
+++ b/auth/credentials/pycredentials.c
@@ -389,7 +389,7 @@ static PyObject *py_creds_set_bind_dn(PyObject *self, PyObject *args)
PyErr_Format(PyExc_TypeError, "Credentials expected");
return NULL;
}
- if (!PyArg_ParseTuple(args, "s", &newval))
+ if (!PyArg_ParseTuple(args, "z", &newval))
return NULL;
return PyBool_FromLong(cli_credentials_set_bind_dn(creds, newval));
@@ -546,6 +546,32 @@ static PyObject *py_creds_get_nt_hash(PyObject *self, PyObject *unused)
return ret;
}
+static PyObject *py_creds_set_nt_hash(PyObject *self, PyObject *args)
+{
+ PyObject *py_cp = Py_None;
+ const struct samr_Password *pwd = NULL;
+ enum credentials_obtained obt = CRED_SPECIFIED;
+ int _obt = obt;
+ struct cli_credentials *creds = PyCredentials_AsCliCredentials(self);
+ if (creds == NULL) {
+ PyErr_Format(PyExc_TypeError, "Credentials expected");
+ return NULL;
+ }
+
+ if (!PyArg_ParseTuple(args, "O|i", &py_cp, &_obt)) {
+ return NULL;
+ }
+ obt = _obt;
+
+ pwd = pytalloc_get_type(py_cp, struct samr_Password);
+ if (pwd == NULL) {
+ /* pytalloc_get_type sets TypeError */
+ return NULL;
+ }
+
+ return PyBool_FromLong(cli_credentials_set_nt_hash(creds, pwd, obt));
+}
+
static PyObject *py_creds_get_kerberos_state(PyObject *self, PyObject *unused)
{
int state;
@@ -1033,6 +1059,11 @@ static PyObject *py_creds_encrypt_samr_password(PyObject *self,
return NULL;
}
+ if (creds->netlogon_creds == NULL) {
+ PyErr_Format(PyExc_ValueError, "NetLogon credentials not set");
+ return NULL;
+ }
+
if (!PyArg_ParseTuple(args, "O", &py_cp)) {
return NULL;
}
@@ -1384,6 +1415,13 @@ static PyMethodDef py_creds_methods[] = {
.ml_meth = py_creds_get_nt_hash,
.ml_flags = METH_NOARGS,
},
+ {
+ .ml_name = "set_nt_hash",
+ .ml_meth = py_creds_set_nt_hash,
+ .ml_flags = METH_VARARGS,
+ .ml_doc = "S.set_net_sh(samr_Password[, credentials.SPECIFIED]) -> bool\n"
+ "Change NT hash.",
+ },
{
.ml_name = "get_kerberos_state",
.ml_meth = py_creds_get_kerberos_state,
diff --git a/docs-xml/manpages/idmap_script.8.xml b/docs-xml/manpages/idmap_script.8.xml
index 2e7f2be59fd..5ed1390346d 100644
--- a/docs-xml/manpages/idmap_script.8.xml
+++ b/docs-xml/manpages/idmap_script.8.xml
@@ -109,7 +109,7 @@
<title>EXAMPLES</title>
<para>
- This example shows how script is used as a the default idmap backend
+ This example shows how script is used as the default idmap backend
using an external program via the script parameter:
</para>
diff --git a/docs-xml/manpages/idmap_tdb.8.xml b/docs-xml/manpages/idmap_tdb.8.xml
index fccb8385722..a99830d6d9e 100644
--- a/docs-xml/manpages/idmap_tdb.8.xml
+++ b/docs-xml/manpages/idmap_tdb.8.xml
@@ -49,7 +49,7 @@
<title>EXAMPLES</title>
<para>
- This example shows how tdb is used as a the default idmap backend.
+ This example shows how tdb is used as the default idmap backend.
This configured range is used for uid and gid allocation.
</para>
diff --git a/docs-xml/manpages/idmap_tdb2.8.xml b/docs-xml/manpages/idmap_tdb2.8.xml
index 253b016f246..ee253ce8925 100644
--- a/docs-xml/manpages/idmap_tdb2.8.xml
+++ b/docs-xml/manpages/idmap_tdb2.8.xml
@@ -101,7 +101,7 @@
<title>EXAMPLES</title>
<para>
- This example shows how tdb2 is used as a the default idmap backend.
+ This example shows how tdb2 is used as the default idmap backend.
</para>
<programlisting>
@@ -111,7 +111,7 @@
</programlisting>
<para>
- This example shows how tdb2 is used as a the default idmap backend
+ This example shows how tdb2 is used as the default idmap backend
using an external program via the script parameter:
</para>
diff --git a/lib/addns/dnsmarshall.c b/lib/addns/dnsmarshall.c
index 6c93b98144f..c95420304f0 100644
--- a/lib/addns/dnsmarshall.c
+++ b/lib/addns/dnsmarshall.c
@@ -88,7 +88,9 @@ void dns_marshall_buffer(struct dns_buffer *buf, const uint8_t *data,
buf->data = new_data;
}
- memcpy(buf->data + buf->offset, data, len);
+ if (data != NULL) {
+ memcpy(buf->data + buf->offset, data, len);
+ }
buf->offset += len;
return;
}
diff --git a/lib/util/byteorder.h b/lib/util/byteorder.h
index 26268ac93cd..e8664e95538 100644
--- a/lib/util/byteorder.h
+++ b/lib/util/byteorder.h
@@ -138,7 +138,7 @@ it also defines lots of intermediate macros, just ignore those :-)
/* now the reverse routines - these are used in nmb packets (mostly) */
#define SREV(x) ((((x)&0xFF)<<8) | (((x)>>8)&0xFF))
-#define IREV(x) ((SREV(x)<<16) | (SREV((x)>>16)))
+#define IREV(x) ((SREV((uint32_t)x)<<16) | (SREV(((uint32_t)x)>>16)))
#define BREV(x) ((IREV((uint64_t)x)<<32) | (IREV(((uint64_t)x)>>32)))
/****************************************************************************
diff --git a/libcli/http/http.h b/libcli/http/http.h
index f2196031f03..89415470134 100644
--- a/libcli/http/http.h
+++ b/libcli/http/http.h
@@ -46,7 +46,6 @@
#define HTTP_MAX_HEADER_SIZE 0x1FFFF
struct cli_credentials;
-struct loadparm_ctx;
enum http_cmd_type {
HTTP_REQ_GET = 1 << 0,
diff --git a/libds/common/flags.h b/libds/common/flags.h
index c013d2f0f25..e8e5d625b5e 100644
--- a/libds/common/flags.h
+++ b/libds/common/flags.h
@@ -233,6 +233,7 @@
#define DS_GUID_PROGRAM_DATA_CONTAINER "09460C08AE1E4A4EA0F64AEE7DAA1E5A"
#define DS_GUID_SYSTEMS_CONTAINER "AB1D30F3768811D1ADED00C04FD8D5CD"
#define DS_GUID_USERS_CONTAINER "A9D1CA15768811D1ADED00C04FD8D5CD"
+#define DS_GUID_MANAGED_SERVICE_ACCOUNTS_CONTAINER "1EB93889E40C45DF9F0C64D23BBB6237"
/* wellknown GUIDs for optional directory features */
#define DS_GUID_FEATURE_RECYCLE_BIN "766ddcd8-acd0-445e-f3b9-a7f9b6744f2a"
diff --git a/librpc/ndr/ndr_cab.c b/librpc/ndr/ndr_cab.c
index ac8565fd1e0..3efb14fc874 100644
--- a/librpc/ndr/ndr_cab.c
+++ b/librpc/ndr/ndr_cab.c
@@ -132,7 +132,7 @@ static enum ndr_err_code ndr_push_folder_cfdata(struct ndr_push *ndr,
if (cab_ctype == CF_COMPRESS_MSZIP) {
ndr_ctype = NDR_COMPRESSION_MSZIP_CAB;
- NDR_CHECK(ndr_push_compression_state_init(ndr, ndr_ctype, &ndr->cstate));
+ NDR_CHECK(ndr_push_compression_state_init(ndr, ndr_ctype));
}
for (i = 0; i < num_cfdata; i++, r++) {
@@ -189,11 +189,18 @@ static enum ndr_err_code ndr_push_folder_cfdata(struct ndr_push *ndr,
/* compress via subcontext */
NDR_CHECK(ndr_push_subcontext_start(ndr, &push_sub, 0, -1));
+
+ /*
+ * This assignment replaces a call to
+ * ndr_push_compression_state_init(push_sub, ndr_ctype))
+ * here. This is instead done outside the loop.
+ */
push_sub->cstate = ndr->cstate;
- NDR_CHECK(ndr_push_compression_start(push_sub, &push_compress, ndr_ctype));
+
+ NDR_CHECK(ndr_push_compression_start(push_sub, &push_compress));
ndr_set_flags(&push_compress->flags, LIBNDR_FLAG_REMAINING);
NDR_CHECK(ndr_push_DATA_BLOB(push_compress, NDR_SCALARS, r->ab));
- NDR_CHECK(ndr_push_compression_end(push_sub, push_compress, ndr_ctype));
+ NDR_CHECK(ndr_push_compression_end(push_sub, push_compress));
NDR_CHECK(ndr_push_subcontext_end(ndr, push_sub, 0, -1));
compressed_length = push_sub->offset;
@@ -369,8 +376,7 @@ static enum ndr_err_code ndr_pull_folder_cfdata(struct ndr_pull *ndr,
}
}
- ndr_pull_compression_state_free(ndr->cstate);
- ndr->cstate = NULL;
+ TALLOC_FREE(ndr->cstate);
return NDR_ERR_SUCCESS;
}
diff --git a/librpc/ndr/ndr_compression.c b/librpc/ndr/ndr_compression.c
index 1133d5216db..4c961f84f4e 100644
--- a/librpc/ndr/ndr_compression.c
+++ b/librpc/ndr/ndr_compression.c
@@ -898,10 +898,10 @@ enum ndr_err_code ndr_pull_compression_end(struct ndr_pull *subndr,
push a compressed subcontext
*/
enum ndr_err_code ndr_push_compression_start(struct ndr_push *subndr,
- struct ndr_push **_uncomndr,
- enum ndr_compression_alg compression_alg)
+ struct ndr_push **_uncomndr)
{
struct ndr_push *uncomndr;
+ enum ndr_compression_alg compression_alg = subndr->cstate->type;
switch (compression_alg) {
case NDR_COMPRESSION_NONE:
@@ -928,13 +928,14 @@ enum ndr_err_code ndr_push_compression_start(struct ndr_push *subndr,
push a compressed subcontext
*/
enum ndr_err_code ndr_push_compression_end(struct ndr_push *subndr,
- struct ndr_push *uncomndr,
- enum ndr_compression_alg compression_alg)
+ struct ndr_push *uncomndr)
{
struct ndr_pull *ndrpull;
bool last = false;
z_stream z;
+ enum ndr_compression_alg compression_alg = subndr->cstate->type;
+
ndrpull = talloc_zero(uncomndr, struct ndr_pull);
NDR_ERR_HAVE_NO_MEMORY(ndrpull);
ndrpull->flags = uncomndr->flags;
@@ -977,36 +978,24 @@ enum ndr_err_code ndr_push_compression_end(struct ndr_push *subndr,
return NDR_ERR_SUCCESS;
}
-static enum ndr_err_code generic_mszip_init(TALLOC_CTX *mem_ctx,
- struct ndr_compression_state *state)
+static enum ndr_err_code generic_mszip_init(struct ndr_compression_state *state)
{
- z_stream *z = talloc_zero(mem_ctx, z_stream);
+ z_stream *z = talloc_zero(state, z_stream);
NDR_ERR_HAVE_NO_MEMORY(z);
z->zalloc = ndr_zlib_alloc;
z->zfree = ndr_zlib_free;
- z->opaque = mem_ctx;
+ z->opaque = state;
state->alg.mszip.z = z;
state->alg.mszip.dict_size = 0;
/* pre-alloc dictionary */
- state->alg.mszip.dict = talloc_array(mem_ctx, uint8_t, 0x8000);
+ state->alg.mszip.dict = talloc_array(state, uint8_t, 0x8000);
NDR_ERR_HAVE_NO_MEMORY(state->alg.mszip.dict);
return NDR_ERR_SUCCESS;
}
-static void generic_mszip_free(struct ndr_compression_state *state)
-{
- if (state == NULL) {
- return;
- }
-
- TALLOC_FREE(state->alg.mszip.z);
- TALLOC_FREE(state->alg.mszip.dict);
-}
-
-
enum ndr_err_code ndr_pull_compression_state_init(struct ndr_pull *ndr,
enum ndr_compression_alg compression_alg,
struct ndr_compression_state **state)
@@ -1025,7 +1014,7 @@ enum ndr_err_code ndr_pull_compression_state_init(struct ndr_pull *ndr,
case NDR_COMPRESSION_XPRESS_HUFF_RAW:
break;
case NDR_COMPRESSION_MSZIP_CAB:
- NDR_CHECK(generic_mszip_init(ndr, s));
+ NDR_CHECK(generic_mszip_init(s));
z_ret = inflateInit2(s->alg.mszip.z, -MAX_WBITS);
if (z_ret != Z_OK) {
return ndr_pull_error(ndr, NDR_ERR_COMPRESSION,
@@ -1045,51 +1034,18 @@ enum ndr_err_code ndr_pull_compression_state_init(struct ndr_pull *ndr,
return NDR_ERR_SUCCESS;
}
-void ndr_pull_compression_state_free(struct ndr_compression_state *state)
-{
- if (state == NULL) {
- return;
- }
-
- switch (state->type) {
- case NDR_COMPRESSION_NONE:
- case NDR_COMPRESSION_MSZIP:
- case NDR_COMPRESSION_XPRESS:
- case NDR_COMPRESSION_XPRESS_HUFF_RAW:
- break;
- case NDR_COMPRESSION_MSZIP_CAB:
- generic_mszip_free(state);
- break;
- default:
- break;
- }
- TALLOC_FREE(state);
-}
-
-static int ndr_push_compression_state_free(struct ndr_compression_state *state)
-{
- switch (state->type) {
- case NDR_COMPRESSION_NONE:
- case NDR_COMPRESSION_MSZIP:
- case NDR_COMPRESSION_XPRESS:
- case NDR_COMPRESSION_XPRESS_HUFF_RAW:
- break;
- case NDR_COMPRESSION_MSZIP_CAB:
- generic_mszip_free(state);
- break;
- default:
- break;
- }
- return 0;
-}
-
enum ndr_err_code ndr_push_compression_state_init(struct ndr_push *ndr,
- enum ndr_compression_alg compression_alg,
- struct ndr_compression_state **state)
+ enum ndr_compression_alg compression_alg)
{
struct ndr_compression_state *s;
int z_ret;
+ /*
+ * Avoid confusion, NULL out ndr->cstate at the start of the
+ * compression block
+ */
+ ndr->cstate = NULL;
+
s = talloc_zero(ndr, struct ndr_compression_state);
NDR_ERR_HAVE_NO_MEMORY(s);
s->type = compression_alg;
@@ -1109,7 +1065,7 @@ enum ndr_err_code ndr_push_compression_state_init(struct ndr_push *ndr,
case NDR_COMPRESSION_MSZIP:
break;
case NDR_COMPRESSION_MSZIP_CAB:
- NDR_CHECK(generic_mszip_init(ndr, s));
+ NDR_CHECK(generic_mszip_init(s));
z_ret = deflateInit2(s->alg.mszip.z,
Z_DEFAULT_COMPRESSION,
Z_DEFLATED,
@@ -1129,9 +1085,7 @@ enum ndr_err_code ndr_push_compression_state_init(struct ndr_push *ndr,
break;
}
- talloc_set_destructor(s, ndr_push_compression_state_free);
-
- *state = s;
+ ndr->cstate = s;
return NDR_ERR_SUCCESS;
}
diff --git a/librpc/ndr/ndr_compression.h b/librpc/ndr/ndr_compression.h
index 7f938523ada..3d335b2befd 100644
--- a/librpc/ndr/ndr_compression.h
+++ b/librpc/ndr/ndr_compression.h
@@ -42,19 +42,16 @@ enum ndr_err_code ndr_pull_compression_end(struct ndr_pull *subndr,
enum ndr_compression_alg compression_alg,
ssize_t decompressed_len);
enum ndr_err_code ndr_push_compression_start(struct ndr_push *subndr,
- struct ndr_push **_uncomndr,
- enum ndr_compression_alg compression_alg);
+ struct ndr_push **_uncomndr);
enum ndr_err_code ndr_push_compression_end(struct ndr_push *subndr,
- struct ndr_push *uncomndr,
- enum ndr_compression_alg compression_alg);
+ struct ndr_push *uncomndr);
enum ndr_err_code ndr_pull_compression_state_init(struct ndr_pull *ndr,
enum ndr_compression_alg compression_alg,
struct ndr_compression_state **state);
void ndr_pull_compression_state_free(struct ndr_compression_state *state);
enum ndr_err_code ndr_push_compression_state_init(struct ndr_push *ndr,
- enum ndr_compression_alg compression_alg,
- struct ndr_compression_state **state);
+ enum ndr_compression_alg compression_alg);
#undef _PRINTF_ATTRIBUTE
#define _PRINTF_ATTRIBUTE(a1, a2)
diff --git a/librpc/ndr/ndr_drsuapi.c b/librpc/ndr/ndr_drsuapi.c
index 0732ee3c6f4..c07ba48ff4b 100644
--- a/librpc/ndr/ndr_drsuapi.c
+++ b/librpc/ndr/ndr_drsuapi.c
@@ -216,10 +216,11 @@ enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesMSZIPCtr1(struct ndr_push *ndr,
NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1));
{
struct ndr_push *_ndr_ts_compressed;
- NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_state_init(_ndr_ts, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed));
NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr1TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts));
decompressed_length = _ndr_ts_compressed->offset;
- NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed));
}
compressed_length = _ndr_ts->offset;
talloc_free(_ndr_ts);
@@ -237,9 +238,10 @@ enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesMSZIPCtr1(struct ndr_push *ndr,
NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1));
{
struct ndr_push *_ndr_ts_compressed;
- NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_state_init(_ndr_ts, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed));
NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr1TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts));
- NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed));
}
NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_ts, 4, -1));
}
@@ -259,10 +261,11 @@ enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesMSZIPCtr6(struct ndr_push *ndr,
NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1));
{
struct ndr_push *_ndr_ts_compressed;
- NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_state_init(_ndr_ts, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed));
NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr6TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts));
decompressed_length = _ndr_ts_compressed->offset;
- NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed));
}
compressed_length = _ndr_ts->offset;
talloc_free(_ndr_ts);
@@ -280,9 +283,10 @@ enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesMSZIPCtr6(struct ndr_push *ndr,
NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1));
{
struct ndr_push *_ndr_ts_compressed;
- NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_state_init(_ndr_ts, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed));
NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr6TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts));
- NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_MSZIP));
+ NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed));
}
NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_ts, 4, -1));
}
@@ -302,10 +306,11 @@ enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesWIN2K3_LZ77_DIRECT2Ctr1(struct
NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1));
{
struct ndr_push *_ndr_ts_compressed;
- NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_WIN2K3_LZ77_DIRECT2));
+ NDR_CHECK(ndr_push_compression_state_init(_ndr_ts, NDR_COMPRESSION_WIN2K3_LZ77_DIRECT2));
+ NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed));
NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr1TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts));
decompressed_length = _ndr_ts_compressed->offset;
- NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_WIN2K3_LZ77_DIRECT2));
+ NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed));
}
compressed_length = _ndr_ts->offset;
talloc_free(_ndr_ts);
@@ -323,9 +328,10 @@ enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesWIN2K3_LZ77_DIRECT2Ctr1(struct
NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1));
{
struct ndr_push *_ndr_ts_compressed;
- NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_WIN2K3_LZ77_DIRECT2));
+ NDR_CHECK(ndr_push_compression_state_init(_ndr_ts, NDR_COMPRESSION_WIN2K3_LZ77_DIRECT2));
+ NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed));
NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr1TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts));
- NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed, NDR_COMPRESSION_WIN2K3_LZ77_DIRECT2));
+ NDR_CHECK(ndr_push_compression_end(_ndr_ts, _ndr_ts_compressed));
}
NDR_CHECK(ndr_push_subcontext_end(ndr, _ndr_ts, 4, -1));
}
@@ -345,10 +351,11 @@ enum ndr_err_code ndr_push_drsuapi_DsGetNCChangesWIN2K3_LZ77_DIRECT2Ctr6(struct
NDR_CHECK(ndr_push_subcontext_start(ndr, &_ndr_ts, 4, -1));
{
struct ndr_push *_ndr_ts_compressed;
- NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed, NDR_COMPRESSION_WIN2K3_LZ77_DIRECT2));
+ NDR_CHECK(ndr_push_compression_state_init(_ndr_ts, NDR_COMPRESSION_WIN2K3_LZ77_DIRECT2));
+ NDR_CHECK(ndr_push_compression_start(_ndr_ts, &_ndr_ts_compressed));
NDR_CHECK(ndr_push_drsuapi_DsGetNCChangesCtr6TS(_ndr_ts_compressed, NDR_SCALARS|NDR_BUFFERS, r->ts));
decompressed_length = _ndr_ts_compressed->offset;
--
Samba Shared Repository
More information about the samba-cvs
mailing list