[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-unstable-646-gcccb80b
Michael Adam
ma at sernet.de
Sat Dec 15 00:20:49 GMT 2007
Hi Metze,
thanks for reverting that. I will test more on that in the next days...
Cheers, Michael
Stefan Metzmacher wrote:
> The branch, v3-2-test has been updated
> via cccb80b7b7980fbe1298ce266375e51bacb4a425 (commit)
> from a412e6c7c676a054acd9db371221a50078cfe1d9 (commit)
>
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
>
>
> - Log -----------------------------------------------------------------
> commit cccb80b7b7980fbe1298ce266375e51bacb4a425
> Author: Stefan Metzmacher <metze at samba.org>
> Date: Fri Dec 14 07:47:07 2007 +0100
>
> Revert "Fix for bug #4801: Correctly implement lsa lookup levels for lookupnames."
>
> As it breaks all tests which try to join a new machine account.
> So more testing is needed...
>
> metze
>
> This reverts commit dd320c0924ce393a89b1cab020fd5cffc5b80380.
>
> -----------------------------------------------------------------------
>
> Summary of changes:
> source/passdb/lookup_sid.c | 45 +++++++++++----------------------------
> source/rpc_server/srv_lsa_nt.c | 37 ++++++++------------------------
> 2 files changed, 22 insertions(+), 60 deletions(-)
>
>
> Changeset truncated at 500 lines:
>
> diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c
> index 54db14f..bb54959 100644
> --- a/source/passdb/lookup_sid.c
> +++ b/source/passdb/lookup_sid.c
> @@ -59,19 +59,16 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
> name = talloc_strdup(tmp_ctx, full_name);
> }
>
> + DEBUG(10,("lookup_name: %s => %s (domain), %s (name)\n",
> + full_name, domain, name));
> +
> if ((domain == NULL) || (name == NULL)) {
> DEBUG(0, ("talloc failed\n"));
> TALLOC_FREE(tmp_ctx);
> return false;
> }
>
> - DEBUG(10,("lookup_name: %s => %s (domain), %s (name)\n",
> - full_name, domain, name));
> - DEBUG(10, ("lookup_name: flags = 0x0%x\n", flags));
> -
> - if ((flags & LOOKUP_NAME_DOMAIN) &&
> - strequal(domain, get_global_sam_name()))
> - {
> + if (strequal(domain, get_global_sam_name())) {
>
> /* It's our own domain, lookup the name in passdb */
> if (lookup_global_sam_name(name, flags, &rid, &type)) {
> @@ -83,9 +80,8 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
> return false;
> }
>
> - if ((flags & LOOKUP_NAME_BUILTIN) &&
> - strequal(domain, builtin_domain_name()))
> - {
> + if (strequal(domain, builtin_domain_name())) {
> +
> /* Explicit request for a name in BUILTIN */
> if (lookup_builtin_name(name, &rid)) {
> sid_copy(&sid, &global_sid_Builtin);
> @@ -101,7 +97,6 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
> * domain yet at this point yet. This comes later. */
>
> if ((domain[0] != '\0') &&
> - (flags & ~(LOOKUP_NAME_DOMAIN|LOOKUP_NAME_ISOLATED)) &&
> (winbind_lookup_name(domain, name, &sid, &type))) {
> goto ok;
> }
> @@ -136,18 +131,14 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
>
> /* 1. well-known names */
>
> - if ((flags & LOOKUP_NAME_WKN) &&
> - lookup_wellknown_name(tmp_ctx, name, &sid, &domain))
> - {
> + if (lookup_wellknown_name(tmp_ctx, name, &sid, &domain)) {
> type = SID_NAME_WKN_GRP;
> goto ok;
> }
>
> /* 2. Builtin domain as such */
>
> - if ((flags & (LOOKUP_NAME_BUILTIN|LOOKUP_NAME_REMOTE)) &&
> - strequal(name, builtin_domain_name()))
> - {
> + if (strequal(name, builtin_domain_name())) {
> /* Swap domain and name */
> tmp = name; name = domain; domain = tmp;
> sid_copy(&sid, &global_sid_Builtin);
> @@ -157,9 +148,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
>
> /* 3. Account domain */
>
> - if ((flags & LOOKUP_NAME_DOMAIN) &&
> - strequal(name, get_global_sam_name()))
> - {
> + if (strequal(name, get_global_sam_name())) {
> if (!secrets_fetch_domain_sid(name, &sid)) {
> DEBUG(3, ("Could not fetch my SID\n"));
> TALLOC_FREE(tmp_ctx);
> @@ -173,9 +162,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
>
> /* 4. Primary domain */
>
> - if ((flags & LOOKUP_NAME_DOMAIN) && !IS_DC &&
> - strequal(name, lp_workgroup()))
> - {
> + if (!IS_DC && strequal(name, lp_workgroup())) {
> if (!secrets_fetch_domain_sid(name, &sid)) {
> DEBUG(3, ("Could not fetch the domain SID\n"));
> TALLOC_FREE(tmp_ctx);
> @@ -190,9 +177,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
> /* 5. Trusted domains as such, to me it looks as if members don't do
> this, tested an XP workstation in a NT domain -- vl */
>
> - if ((flags & LOOKUP_NAME_REMOTE) && IS_DC &&
> - (secrets_fetch_trusted_domain_password(name, NULL, &sid, NULL)))
> - {
> + if (IS_DC && (pdb_get_trusteddom_pw(name, NULL, &sid, NULL))) {
> /* Swap domain and name */
> tmp = name; name = domain; domain = tmp;
> type = SID_NAME_DOMAIN;
> @@ -201,9 +186,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
>
> /* 6. Builtin aliases */
>
> - if ((flags & LOOKUP_NAME_BUILTIN) &&
> - lookup_builtin_name(name, &rid))
> - {
> + if (lookup_builtin_name(name, &rid)) {
> domain = talloc_strdup(tmp_ctx, builtin_domain_name());
> sid_copy(&sid, &global_sid_Builtin);
> sid_append_rid(&sid, rid);
> @@ -216,9 +199,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
>
> /* Both cases are done by looking at our passdb */
>
> - if ((flags & LOOKUP_NAME_DOMAIN) &&
> - lookup_global_sam_name(name, flags, &rid, &type))
> - {
> + if (lookup_global_sam_name(name, flags, &rid, &type)) {
> domain = talloc_strdup(tmp_ctx, get_global_sam_name());
> sid_copy(&sid, get_global_sam_sid());
> sid_append_rid(&sid, rid);
> diff --git a/source/rpc_server/srv_lsa_nt.c b/source/rpc_server/srv_lsa_nt.c
> index c5f0c7b..2065508 100644
> --- a/source/rpc_server/srv_lsa_nt.c
> +++ b/source/rpc_server/srv_lsa_nt.c
> @@ -1035,31 +1035,6 @@ NTSTATUS _lsa_lookup_sids3(pipes_struct *p,
> return r_u->status;
> }
>
> -static int lsa_lookup_level_to_flags(uint16 level)
> -{
> - int flags;
> -
> - switch (level) {
> - case 1:
> - flags = LOOKUP_NAME_ALL;
> - break;
> - case 2:
> - flags = LOOKUP_NAME_DOMAIN|LOOKUP_NAME_REMOTE|LOOKUP_NAME_ISOLATED;
> - break;
> - case 3:
> - flags = LOOKUP_NAME_DOMAIN|LOOKUP_NAME_ISOLATED;
> - break;
> - case 4:
> - case 5:
> - case 6:
> - default:
> - flags = LOOKUP_NAME_NONE;
> - break;
> - }
> -
> - return flags;
> -}
> -
> /***************************************************************************
> lsa_reply_lookup_names
> ***************************************************************************/
> @@ -1079,7 +1054,10 @@ NTSTATUS _lsa_lookup_names(pipes_struct *p,LSA_Q_LOOKUP_NAMES *q_u, LSA_R_LOOKUP
> DEBUG(5,("_lsa_lookup_names: truncating name lookup list to %d\n", num_entries));
> }
>
> - flags = lsa_lookup_level_to_flags(q_u->lookup_level);
> + /* Probably the lookup_level is some sort of bitmask. */
> + if (q_u->lookup_level == 1) {
> + flags = LOOKUP_NAME_ALL;
> + }
>
> ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF);
> if (!ref) {
> @@ -1145,8 +1123,11 @@ NTSTATUS _lsa_lookup_names2(pipes_struct *p, LSA_Q_LOOKUP_NAMES2 *q_u, LSA_R_LOO
> num_entries = MAX_LOOKUP_SIDS;
> DEBUG(5,("_lsa_lookup_names2: truncating name lookup list to %d\n", num_entries));
> }
> -
> - flags = lsa_lookup_level_to_flags(q_u->lookup_level);
> +
> + /* Probably the lookup_level is some sort of bitmask. */
> + if (q_u->lookup_level == 1) {
> + flags = LOOKUP_NAME_ALL;
> + }
>
> ref = TALLOC_ZERO_P(p->mem_ctx, DOM_R_REF);
> if (ref == NULL) {
>
>
> --
> Samba Shared Repository
--
Michael Adam <ma at sernet.de>
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.SerNet.DE, mailto: Info @ SerNet.DE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20071215/8282ef38/attachment.bin
More information about the samba-technical
mailing list