[PATCHES] allow 'wbinfo --ping-dc --domain=SOMEDOMAIN'
Stefan (metze) Metzmacher
metze at samba.org
Thu Dec 18 23:57:54 MST 2014
Am 18.12.2014 um 23:15 schrieb Jeremy Allison:
> On Thu, Dec 18, 2014 at 08:39:23PM +0100, Stefan (metze) Metzmacher wrote:
>> Hi,
>>
>> here're some patches to allow 'wbinfo --ping-dc --domain=SOMEDOMAIN',
>> this is every useful to test trusted domains on a DC.
>>
>> Please review and push.
>
> LGTM (after adding the signed-off-by you missed :-). Pushed !
Updated patches to fix the wbcPingDC tests.
https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-forest-ok
also updated...
metze
-------------- next part --------------
From 37d7fbb3fb886aeac025d886250c33195958590c Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Wed, 10 Dec 2014 12:25:55 +0000
Subject: [PATCH 1/4] s3:winbindd: report our own name for PING_DC and internal
domains
This means "wbinfo --ping-dc" works fine on a DC.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
---
source3/winbindd/winbindd_ping_dc.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/source3/winbindd/winbindd_ping_dc.c b/source3/winbindd/winbindd_ping_dc.c
index 0a767d9..b5a6977 100644
--- a/source3/winbindd/winbindd_ping_dc.c
+++ b/source3/winbindd/winbindd_ping_dc.c
@@ -54,10 +54,32 @@ struct tevent_req *winbindd_ping_dc_send(TALLOC_CTX *mem_ctx,
return tevent_req_post(req, ev);
}
if (domain->internal) {
+ const char *d = lp_dnsdomain();
+ const char *n = lp_netbios_name();
+
/*
* Internal domains are passdb based, we can always
* contact them.
*/
+
+ if (d != NULL) {
+ char *h;
+ h = strlower_talloc(mem_ctx, n);
+ if (tevent_req_nomem(h, req)) {
+ return tevent_req_post(req, ev);
+ }
+
+ state->dcname = talloc_asprintf(state, "%s.%s", h, d);
+ if (tevent_req_nomem(state->dcname, req)) {
+ return tevent_req_post(req, ev);
+ }
+ } else {
+ state->dcname = talloc_strdup(state, n);
+ if (tevent_req_nomem(state->dcname, req)) {
+ return tevent_req_post(req, ev);
+ }
+ }
+
tevent_req_done(req);
return tevent_req_post(req, ev);
}
--
1.9.1
From 21844c8fd33422cfa93dd9f9d0ae1886cb8363e9 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Tue, 16 Dec 2014 11:27:21 +0000
Subject: [PATCH 2/4] s3:winbindd: use find_domain_from_name_noinit() in
winbindd_ping_dc_send()
We should not try to connect to the given domain from within the winbindd parent.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
---
source3/winbindd/winbindd_ping_dc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/source3/winbindd/winbindd_ping_dc.c b/source3/winbindd/winbindd_ping_dc.c
index b5a6977..05e8402 100644
--- a/source3/winbindd/winbindd_ping_dc.c
+++ b/source3/winbindd/winbindd_ping_dc.c
@@ -47,7 +47,7 @@ struct tevent_req *winbindd_ping_dc_send(TALLOC_CTX *mem_ctx,
/* preserve old behavior, when no domain name is given */
domain = find_our_domain();
} else {
- domain = find_domain_from_name(request->domain_name);
+ domain = find_domain_from_name_noinit(request->domain_name);
}
if (domain == NULL) {
tevent_req_nterror(req, NT_STATUS_NO_SUCH_DOMAIN);
--
1.9.1
From 56aaeb12ba0c6a3267d49b89fb6734553ff474c2 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Wed, 10 Dec 2014 14:02:18 +0000
Subject: [PATCH 3/4] nsswitch: allow passing the domain name to wbcPingDC[2]()
winbindd already supports this.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
---
nsswitch/libwbclient/tests/wbclient.c | 40 +++++++++++++++++++++++++++++++++--
nsswitch/libwbclient/wbc_pam.c | 14 +++++-------
2 files changed, 43 insertions(+), 11 deletions(-)
diff --git a/nsswitch/libwbclient/tests/wbclient.c b/nsswitch/libwbclient/tests/wbclient.c
index f40ce52..5bce0ae 100644
--- a/nsswitch/libwbclient/tests/wbclient.c
+++ b/nsswitch/libwbclient/tests/wbclient.c
@@ -57,24 +57,60 @@ static bool test_wbc_ping(struct torture_context *tctx)
static bool test_wbc_pingdc(struct torture_context *tctx)
{
- torture_assert_wbc_equal(tctx, wbcPingDc("random_string", NULL), WBC_ERR_NOT_IMPLEMENTED,
+ struct wbcInterfaceDetails *details;
+
+ torture_assert_wbc_equal(tctx, wbcPingDc("random_string", NULL), WBC_ERR_DOMAIN_NOT_FOUND,
"%s", "wbcPingDc failed");
torture_assert_wbc_ok(tctx, wbcPingDc(NULL, NULL),
"%s", "wbcPingDc failed");
+ torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
+ "%s", "wbcInterfaceDetails failed");
+ torture_assert(tctx, details,
+ "wbcInterfaceDetails returned NULL pointer");
+ torture_assert(tctx, details->netbios_domain,
+ "wbcInterfaceDetails returned NULL netbios_domain");
+
+ torture_assert_wbc_ok(tctx, wbcPingDc(details->netbios_domain, NULL),
+ "wbcPingDc(%s) failed", details->netbios_domain);
+
+ torture_assert_wbc_ok(tctx, wbcPingDc("BUILTIN", NULL),
+ "%s", "wbcPingDc(BUILTIN) failed");
+
+ wbcFreeMemory(details);
return true;
}
static bool test_wbc_pingdc2(struct torture_context *tctx)
{
+ struct wbcInterfaceDetails *details;
char *name = NULL;
torture_assert_wbc_equal(tctx, wbcPingDc2("random_string", NULL, &name),
- WBC_ERR_NOT_IMPLEMENTED, "%s",
+ WBC_ERR_DOMAIN_NOT_FOUND, "%s",
"wbcPingDc2 failed");
torture_assert_wbc_ok(tctx, wbcPingDc2(NULL, NULL, &name), "%s",
"wbcPingDc2 failed");
+ wbcFreeMemory(name);
+
+ torture_assert_wbc_ok(tctx, wbcInterfaceDetails(&details),
+ "%s", "wbcInterfaceDetails failed");
+ torture_assert(tctx, details,
+ "wbcInterfaceDetails returned NULL pointer");
+ torture_assert(tctx, details->netbios_domain,
+ "wbcInterfaceDetails returned NULL netbios_domain");
+
+ torture_assert_wbc_ok(tctx, wbcPingDc2(details->netbios_domain, NULL, &name),
+ "wbcPingDc2(%s) failed", details->netbios_domain);
+ wbcFreeMemory(name);
+
+ torture_assert_wbc_ok(tctx, wbcPingDc2("BUILTIN", NULL, &name),
+ "%s", "wbcPingDc2(BUILTIN) failed");
+ wbcFreeMemory(name);
+
+ wbcFreeMemory(details);
+
return true;
}
diff --git a/nsswitch/libwbclient/wbc_pam.c b/nsswitch/libwbclient/wbc_pam.c
index 11b59f6..e243538 100644
--- a/nsswitch/libwbclient/wbc_pam.c
+++ b/nsswitch/libwbclient/wbc_pam.c
@@ -639,18 +639,14 @@ wbcErr wbcPingDc2(const char *domain, struct wbcAuthErrorInfo **error,
struct winbindd_response response;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
- if (domain) {
- /*
- * the current protocol doesn't support
- * specifying a domain
- */
- wbc_status = WBC_ERR_NOT_IMPLEMENTED;
- BAIL_ON_WBC_ERROR(wbc_status);
- }
-
ZERO_STRUCT(request);
ZERO_STRUCT(response);
+ if (domain) {
+ strncpy(request.domain_name, domain,
+ sizeof(request.domain_name)-1);
+ }
+
/* Send request */
wbc_status = wbcRequestResponse(WINBINDD_PING_DC,
--
1.9.1
From f7cdb5f08975d7cb001ccc579f8ac74a1a3a5b56 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze at samba.org>
Date: Wed, 10 Dec 2014 14:03:55 +0000
Subject: [PATCH 4/4] nsswitch/wbinfo: allow 'wbinfo --ping-dc
--domain=SOMEDOMAIN'
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
---
nsswitch/wbinfo.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
index 9e06fb2..2c9f4de 100644
--- a/nsswitch/wbinfo.c
+++ b/nsswitch/wbinfo.c
@@ -826,15 +826,24 @@ static bool wbinfo_change_secret(const char *domain)
/* Check DC connection */
-static bool wbinfo_ping_dc(void)
+static bool wbinfo_ping_dc(const char *domain)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
struct wbcAuthErrorInfo *error = NULL;
char *dcname = NULL;
- wbc_status = wbcPingDc2(NULL, &error, &dcname);
+ const char *domain_name;
+
+ if (domain) {
+ domain_name = domain;
+ } else {
+ domain_name = get_winbind_domain();
+ }
+
+ wbc_status = wbcPingDc2(domain_name, &error, &dcname);
- d_printf("checking the NETLOGON dc connection to \"%s\" %s\n",
+ d_printf("checking the NETLOGON for domain[%s] dc connection to \"%s\" %s\n",
+ domain_name ? domain_name : "",
dcname ? dcname : "",
WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed");
@@ -2424,7 +2433,7 @@ int main(int argc, const char **argv, char **envp)
}
break;
case 'P':
- if (!wbinfo_ping_dc()) {
+ if (!wbinfo_ping_dc(opt_domain_name)) {
goto done;
}
break;
--
1.9.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20141219/91ab523c/attachment.pgp>
More information about the samba-technical
mailing list