[PATCH][WIP] Do not expose secret values at level 5 / ldb 1.2.2 for 4.7?

Andrew Bartlett abartlet at samba.org
Wed Sep 6 05:38:59 UTC 2017


This patch series is a few small changes to LDB I would really like to
see in 4.7, including future DB support, but most importantly includes
changes to avoid putting secret values into a level 5 debug. 

Level 4: DN only
Level 5: redacted LDIF on failure
Level 8: redacted LDIF
Level 9: NDR dump with encrypted secrets

I also add a new debug class for replication (drs_repl) and use
rpc_parse in the PIDL printer. 

I'll do some manual testing of them tomorrow. 

Please review so I can push after some extra tests.

I would like some comment so I can try and get the redaction patches
(at least) in for 4.7.

Andrew Bartlett
-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba



-------------- next part --------------
From 7303ca632687e5c85562634da0e09648cc237ee8 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Sat, 2 Sep 2017 14:07:11 +1200
Subject: [PATCH 01/16] selftest: Avoid a build started just before midnight
 failing

By allowing 41 or 42 days, we still test the expiry but are less sensitive to the
current time.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 python/samba/tests/pam_winbind_warn_pwd_expire.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/python/samba/tests/pam_winbind_warn_pwd_expire.py b/python/samba/tests/pam_winbind_warn_pwd_expire.py
index c78cf58c171..2567f98c6d4 100644
--- a/python/samba/tests/pam_winbind_warn_pwd_expire.py
+++ b/python/samba/tests/pam_winbind_warn_pwd_expire.py
@@ -36,6 +36,9 @@ class PasswordExpirePamTests(samba.tests.TestCase):
         if warn_pwd_expire == 0:
             self.assertTrue(res.info == ())
         elif warn_pwd_expire == 50:
-            self.assertEqual(res.info[0], u"Your password will expire in 42 days.\n")
+            # This is needed as otherwise a build started just before
+            # midnight can fail
+            if (res.info[0] != u"Your password will expire in 41 days"):
+                self.assertEqual(res.info[0], u"Your password will expire in 42 days.\n")
         else:
             self.assertEqual(warn_pwd_expire, 0)
-- 
2.11.0


From 317bd690166b812ac6fdda28a9ba1ef4363424aa Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Tue, 15 Aug 2017 14:25:59 +1200
Subject: [PATCH 02/16] ldb_tdb: Use memcmp() to compare TDB keys in re_index()

The keys may not always be a null terminated string, they could well
be a binary GUID in a future revision, for efficiency..

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13016

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/ldb/ldb_tdb/ldb_index.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c
index 232bb4c16d9..fbc05bd6f1a 100644
--- a/lib/ldb/ldb_tdb/ldb_index.c
+++ b/lib/ldb/ldb_tdb/ldb_index.c
@@ -1620,7 +1620,8 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *
 		talloc_free(msg);
 		return 0;
 	}
-	if (strcmp((char *)key2.dptr, (char *)key.dptr) != 0) {
+	if (key.dsize != key2.dsize ||
+	    (memcmp(key.dptr, key2.dptr, key.dsize) != 0)) {
 		tdb_delete(tdb, key);
 		tdb_store(tdb, key2, data, 0);
 	}
-- 
2.11.0


From 172c63cff42c7dde9638668105406d55a33f0187 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Fri, 18 Aug 2017 17:01:07 +1200
Subject: [PATCH 03/16] ldb_tdb: Do not trigger the unique index check during a
 re-index, use another pass

We want to rename the objects, then scan looking for the index values.

This avoids a DB modify during the index scan traverse (the index values
are actually added to an in-memory TDB, written in prepare_commit()).

This allows us to remove the "this might already exist" case in the
index handling, we now know that the entry did not exist in the index
before we add it.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13015

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/ldb/ldb_tdb/ldb_index.c | 112 ++++++++++++++++++++++++++++++++------------
 1 file changed, 83 insertions(+), 29 deletions(-)

diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c
index fbc05bd6f1a..29f59f3003f 100644
--- a/lib/ldb/ldb_tdb/ldb_index.c
+++ b/lib/ldb/ldb_tdb/ldb_index.c
@@ -1147,8 +1147,7 @@ int ltdb_search_indexed(struct ltdb_context *ac, uint32_t *match_count)
  * @return                  An ldb error code
  */
 static int ltdb_index_add1(struct ldb_module *module, const char *dn,
-			   struct ldb_message_element *el, int v_idx,
-			   bool is_new)
+			   struct ldb_message_element *el, int v_idx)
 {
 	struct ldb_context *ldb;
 	struct ldb_dn *dn_key;
@@ -1198,16 +1197,6 @@ static int ltdb_index_add1(struct ldb_module *module, const char *dn,
 		return LDB_ERR_ENTRY_ALREADY_EXISTS;
 	}
 
-	/* If we are doing an ADD, then this can not already be in the index,
-	   as it was not already in the database, and this has already been
-	   checked because the store succeeded */
-	if (! is_new) {
-		if (ltdb_dn_list_find_str(list, dn) != -1) {
-			talloc_free(list);
-			return LDB_SUCCESS;
-		}
-	}
-
 	/* overallocate the list a bit, to reduce the number of
 	 * realloc trigered copies */
 	alloc_len = ((list->count+1)+7) & ~7;
@@ -1231,11 +1220,11 @@ static int ltdb_index_add1(struct ldb_module *module, const char *dn,
   add index entries for one elements in a message
  */
 static int ltdb_index_add_el(struct ldb_module *module, const char *dn,
-			     struct ldb_message_element *el, bool is_new)
+			     struct ldb_message_element *el)
 {
 	unsigned int i;
 	for (i = 0; i < el->num_values; i++) {
-		int ret = ltdb_index_add1(module, dn, el, i, is_new);
+		int ret = ltdb_index_add1(module, dn, el, i);
 		if (ret != LDB_SUCCESS) {
 			return ret;
 		}
@@ -1249,8 +1238,7 @@ static int ltdb_index_add_el(struct ldb_module *module, const char *dn,
  */
 static int ltdb_index_add_all(struct ldb_module *module, const char *dn,
 			      struct ldb_message_element *elements,
-			      unsigned int num_el,
-			      bool is_new)
+			      unsigned int num_el)
 {
 	struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
 	unsigned int i;
@@ -1269,7 +1257,7 @@ static int ltdb_index_add_all(struct ldb_module *module, const char *dn,
 		if (!ltdb_is_indexed(module, ltdb, elements[i].name)) {
 			continue;
 		}
-		ret = ltdb_index_add_el(module, dn, &elements[i], is_new);
+		ret = ltdb_index_add_el(module, dn, &elements[i]);
 		if (ret != LDB_SUCCESS) {
 			struct ldb_context *ldb = ldb_module_get_ctx(module);
 			ldb_asprintf_errstring(ldb,
@@ -1286,9 +1274,11 @@ static int ltdb_index_add_all(struct ldb_module *module, const char *dn,
 /*
   insert a one level index for a message
 */
-static int ltdb_index_onelevel(struct ldb_module *module, const struct ldb_message *msg, int add)
-{
-	struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private);
+static int ltdb_index_onelevel(struct ldb_module *module,
+			       const struct ldb_message *msg, int add)
+{	
+	struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module),
+						    struct ltdb_private);
 	struct ldb_message_element el;
 	struct ldb_val val;
 	struct ldb_dn *pdn;
@@ -1323,7 +1313,7 @@ static int ltdb_index_onelevel(struct ldb_module *module, const struct ldb_messa
 	el.num_values = 1;
 
 	if (add) {
-		ret = ltdb_index_add1(module, dn, &el, 0, add);
+		ret = ltdb_index_add1(module, dn, &el, 0);
 	} else { /* delete */
 		ret = ltdb_index_del_value(module, msg->dn, &el, 0);
 	}
@@ -1347,7 +1337,7 @@ int ltdb_index_add_element(struct ldb_module *module, struct ldb_dn *dn,
 	if (!ltdb_is_indexed(module, ltdb, el->name)) {
 		return LDB_SUCCESS;
 	}
-	return ltdb_index_add_el(module, ldb_dn_get_linearized(dn), el, true);
+	return ltdb_index_add_el(module, ldb_dn_get_linearized(dn), el);
 }
 
 /*
@@ -1367,8 +1357,7 @@ int ltdb_index_add_new(struct ldb_module *module, const struct ldb_message *msg)
 		return LDB_ERR_OPERATIONS_ERROR;
 	}
 
-	ret = ltdb_index_add_all(module, dn, msg->elements, msg->num_elements,
-				 true);
+	ret = ltdb_index_add_all(module, dn, msg->elements, msg->num_elements);
 	if (ret != LDB_SUCCESS) {
 		return ret;
 	}
@@ -1571,7 +1560,7 @@ struct ltdb_reindex_context {
 /*
   traversal function that adds @INDEX records during a re index
 */
-static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *state)
+static int re_key(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *state)
 {
 	struct ldb_context *ldb;
 	struct ltdb_reindex_context *ctx = (struct ltdb_reindex_context *)state;
@@ -1582,7 +1571,6 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *
 		.data = data.dptr,
 		.length = data.dsize,
 	};
-	const char *dn = NULL;
 	int ret;
 	TDB_DATA key2;
 
@@ -1627,6 +1615,52 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *
 	}
 	talloc_free(key2.dptr);
 
+	talloc_free(msg);
+
+	return 0;
+}
+
+/*
+  traversal function that adds @INDEX records during a re index
+*/
+static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *state)
+{
+	struct ldb_context *ldb;
+	struct ltdb_reindex_context *ctx = (struct ltdb_reindex_context *)state;
+	struct ldb_module *module = ctx->module;
+	struct ldb_message *msg;
+	const char *dn = NULL;
+	unsigned int nb_elements_in_db;
+	const struct ldb_val val = {
+		.data = data.dptr,
+		.length = data.dsize,
+	};
+	int ret;
+
+	ldb = ldb_module_get_ctx(module);
+
+	if (strncmp((char *)key.dptr, "DN=@", 4) == 0 ||
+	    strncmp((char *)key.dptr, "DN=", 3) != 0) {
+		return 0;
+	}
+
+	msg = ldb_msg_new(module);
+	if (msg == NULL) {
+		return -1;
+	}
+
+	ret = ldb_unpack_data_only_attr_list_flags(ldb, &val,
+						   msg,
+						   NULL, 0,
+						   LDB_UNPACK_DATA_FLAG_NO_DATA_ALLOC,
+						   &nb_elements_in_db);
+	if (ret != 0) {
+		ldb_debug(ldb, LDB_DEBUG_ERROR, "Invalid data for index %s\n",
+						ldb_dn_get_linearized(msg->dn));
+		talloc_free(msg);
+		return -1;
+	}
+
 	if (msg->dn == NULL) {
 		dn = (char *)key.dptr + 3;
 	} else {
@@ -1642,8 +1676,7 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *
 		return -1;
 	}
 
-	ret = ltdb_index_add_all(module, dn, msg->elements, msg->num_elements,
-				 false);
+	ret = ltdb_index_add_all(module, dn, msg->elements, msg->num_elements);
 
 	if (ret != LDB_SUCCESS) {
 		ctx->error = ret;
@@ -1686,6 +1719,9 @@ int ltdb_reindex(struct ldb_module *module)
 	 */
 	ret = tdb_traverse(ltdb->tdb, delete_index, module);
 	if (ret < 0) {
+		struct ldb_context *ldb = ldb_module_get_ctx(module);
+		ldb_asprintf_errstring(ldb, "index deletion traverse failed: %s",
+				       ldb_errstring(ldb));
 		return LDB_ERR_OPERATIONS_ERROR;
 	}
 
@@ -1698,10 +1734,28 @@ int ltdb_reindex(struct ldb_module *module)
 	ctx.error = 0;
 
 	/* now traverse adding any indexes for normal LDB records */
+	ret = tdb_traverse(ltdb->tdb, re_key, &ctx);
+	if (ret < 0) {
+		struct ldb_context *ldb = ldb_module_get_ctx(module);
+		ldb_asprintf_errstring(ldb, "key correction traverse failed: %s",
+				       ldb_errstring(ldb));
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
+
+	if (ctx.error != LDB_SUCCESS) {
+		struct ldb_context *ldb = ldb_module_get_ctx(module);
+		ldb_asprintf_errstring(ldb, "reindexing failed: %s", ldb_errstring(ldb));
+		return ctx.error;
+	}
+
+	ctx.error = 0;
+
+	/* now traverse adding any indexes for normal LDB records */
 	ret = tdb_traverse(ltdb->tdb, re_index, &ctx);
 	if (ret < 0) {
 		struct ldb_context *ldb = ldb_module_get_ctx(module);
-		ldb_asprintf_errstring(ldb, "reindexing traverse failed: %s", ldb_errstring(ldb));
+		ldb_asprintf_errstring(ldb, "reindexing traverse failed: %s",
+				       ldb_errstring(ldb));
 		return LDB_ERR_OPERATIONS_ERROR;
 	}
 
-- 
2.11.0


From 1f6c9835a59db64c3754380dd07d2faaa2129bca Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Fri, 1 Sep 2017 14:35:08 +1200
Subject: [PATCH 04/16] ldb_tdb: Create a common ltdb_key_is_record() allowing
 multiple key forms

If backported, this allows old ldb versions to full-search and re-index newer databases
and in current code allows the transition to and from a GUID or incrementing ID based index

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13016

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/ldb/ldb_tdb/ldb_index.c  | 22 ++++++++++++++++------
 lib/ldb/ldb_tdb/ldb_search.c |  3 +--
 lib/ldb/ldb_tdb/ldb_tdb.c    | 29 +++++++++++++++++++++++++++++
 lib/ldb/ldb_tdb/ldb_tdb.h    |  5 +++++
 4 files changed, 51 insertions(+), 8 deletions(-)

diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c
index 29f59f3003f..403babd1f23 100644
--- a/lib/ldb/ldb_tdb/ldb_index.c
+++ b/lib/ldb/ldb_tdb/ldb_index.c
@@ -1573,14 +1573,19 @@ static int re_key(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *st
 	};
 	int ret;
 	TDB_DATA key2;
-
+	bool is_record;
+	
 	ldb = ldb_module_get_ctx(module);
 
-	if (strncmp((char *)key.dptr, "DN=@", 4) == 0 ||
-	    strncmp((char *)key.dptr, "DN=", 3) != 0) {
+	if (strncmp((char *)key.dptr, "DN=@", 4) == 0) {
 		return 0;
 	}
 
+	is_record = ltdb_key_is_record(key);
+	if (is_record == false) {
+		return 0;
+	}
+	
 	msg = ldb_msg_new(module);
 	if (msg == NULL) {
 		return -1;
@@ -1636,14 +1641,19 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *
 		.length = data.dsize,
 	};
 	int ret;
-
+	bool is_record;
+	
 	ldb = ldb_module_get_ctx(module);
 
-	if (strncmp((char *)key.dptr, "DN=@", 4) == 0 ||
-	    strncmp((char *)key.dptr, "DN=", 3) != 0) {
+	if (strncmp((char *)key.dptr, "DN=@", 4) == 0) {
 		return 0;
 	}
 
+	is_record = ltdb_key_is_record(key);
+	if (is_record == false) {
+		return 0;
+	}
+	
 	msg = ldb_msg_new(module);
 	if (msg == NULL) {
 		return -1;
diff --git a/lib/ldb/ldb_tdb/ldb_search.c b/lib/ldb/ldb_tdb/ldb_search.c
index 53355e04f6b..a6c408a53ce 100644
--- a/lib/ldb/ldb_tdb/ldb_search.c
+++ b/lib/ldb/ldb_tdb/ldb_search.c
@@ -410,8 +410,7 @@ static int search_func(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, voi
 	ac = talloc_get_type(state, struct ltdb_context);
 	ldb = ldb_module_get_ctx(ac->module);
 
-	if (key.dsize < 4 || 
-	    strncmp((char *)key.dptr, "DN=", 3) != 0) {
+	if (ltdb_key_is_record(key) == false) {
 		return 0;
 	}
 
diff --git a/lib/ldb/ldb_tdb/ldb_tdb.c b/lib/ldb/ldb_tdb/ldb_tdb.c
index bc8780ad7ee..316a487bfe4 100644
--- a/lib/ldb/ldb_tdb/ldb_tdb.c
+++ b/lib/ldb/ldb_tdb/ldb_tdb.c
@@ -127,6 +127,35 @@ int ltdb_unlock_read(struct ldb_module *module)
 }
 
 
+/* 
+ * Determine if this key could hold a record.  We allow the new GUID
+ * index, the old DN index and a possible future ID=
+ */
+bool ltdb_key_is_record(TDB_DATA key)
+{
+	if (key.dsize < 4) {
+		return false;
+	}
+
+	if (strncmp((char *)key.dptr, "DN=", 3) == 0) {
+		return true;
+	}
+	
+	if (strncmp((char *)key.dptr, "ID=", 3) == 0) {
+		return true;
+	}
+
+	if (key.dsize < 6) {
+		return false;
+	}
+
+	if (strncmp((char *)key.dptr, "GUID=", 5) == 0) {
+		return true;
+	}
+	
+	return false;
+}
+
 /*
   form a TDB_DATA for a record key
   caller frees
diff --git a/lib/ldb/ldb_tdb/ldb_tdb.h b/lib/ldb/ldb_tdb/ldb_tdb.h
index 26ae68e89c8..a391606dd16 100644
--- a/lib/ldb/ldb_tdb/ldb_tdb.h
+++ b/lib/ldb/ldb_tdb/ldb_tdb.h
@@ -110,6 +110,11 @@ int ltdb_search(struct ltdb_context *ctx);
 /* The following definitions come from lib/ldb/ldb_tdb/ldb_tdb.c  */
 int ltdb_lock_read(struct ldb_module *module);
 int ltdb_unlock_read(struct ldb_module *module);
+/* 
+ * Determine if this key could hold a record.  We allow the new GUID
+ * index, the old DN index and a possible future ID=
+ */
+bool ltdb_key_is_record(TDB_DATA key);
 TDB_DATA ltdb_key(struct ldb_module *module, struct ldb_dn *dn);
 int ltdb_store(struct ldb_module *module, const struct ldb_message *msg, int flgs);
 int ltdb_modify_internal(struct ldb_module *module, const struct ldb_message *msg, struct ldb_request *req);
-- 
2.11.0


From f1f93c2e879f3344655290d86be9b27e0328d0de Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Wed, 23 Aug 2017 15:38:01 +1200
Subject: [PATCH 05/16] ldb_tdb: Check for errors during tdb operations in
 ltdb_reindex()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13015

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/ldb/ldb_tdb/ldb_index.c | 30 ++++++++++++++++++++++++++++--
 1 file changed, 28 insertions(+), 2 deletions(-)

diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c
index 403babd1f23..6829f6b7f9a 100644
--- a/lib/ldb/ldb_tdb/ldb_index.c
+++ b/lib/ldb/ldb_tdb/ldb_index.c
@@ -1599,6 +1599,7 @@ static int re_key(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *st
 	if (ret != 0) {
 		ldb_debug(ldb, LDB_DEBUG_ERROR, "Invalid data for index %s\n",
 						ldb_dn_get_linearized(msg->dn));
+		ctx->error = ret;
 		talloc_free(msg);
 		return -1;
 	}
@@ -1615,8 +1616,32 @@ static int re_key(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *st
 	}
 	if (key.dsize != key2.dsize ||
 	    (memcmp(key.dptr, key2.dptr, key.dsize) != 0)) {
-		tdb_delete(tdb, key);
-		tdb_store(tdb, key2, data, 0);
+		int tdb_ret;
+		tdb_ret = tdb_delete(tdb, key);
+		if (tdb_ret != 0) {
+			ldb_debug(ldb, LDB_DEBUG_ERROR,
+				  "Failed to delete %*.*s "
+				  "for rekey as %*.*s: %s",
+				  (int)key.dsize, (int)key.dsize,
+				  (const char *)key.dptr,
+				  (int)key2.dsize, (int)key2.dsize,
+				  (const char *)key.dptr,
+				  tdb_errorstr(tdb));
+			ctx->error = ltdb_err_map(tdb_error(tdb));
+			return -1;
+		}
+		tdb_ret = tdb_store(tdb, key2, data, 0);
+		if (tdb_ret != 0) {
+			ldb_debug(ldb, LDB_DEBUG_ERROR,
+				  "Failed to rekey %*.*s as %*.*s: %s",
+				  (int)key.dsize, (int)key.dsize,
+				  (const char *)key.dptr,
+				  (int)key2.dsize, (int)key2.dsize,
+				  (const char *)key.dptr,
+				  tdb_errorstr(tdb));
+			ctx->error = ltdb_err_map(tdb_error(tdb));
+			return -1;
+		}
 	}
 	talloc_free(key2.dptr);
 
@@ -1667,6 +1692,7 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *
 	if (ret != 0) {
 		ldb_debug(ldb, LDB_DEBUG_ERROR, "Invalid data for index %s\n",
 						ldb_dn_get_linearized(msg->dn));
+		ctx->error = ret;
 		talloc_free(msg);
 		return -1;
 	}
-- 
2.11.0


From 6ceb580384412ff4f8e087bc8a192f436b94e106 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 10 Aug 2017 14:44:27 +1200
Subject: [PATCH 06/16] ldb_tdb: Check for talloc_strdup() failure in
 ltdb_index_add1()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13015

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/ldb/ldb_tdb/ldb_index.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c
index 6829f6b7f9a..07851e5d699 100644
--- a/lib/ldb/ldb_tdb/ldb_index.c
+++ b/lib/ldb/ldb_tdb/ldb_index.c
@@ -1205,7 +1205,13 @@ static int ltdb_index_add1(struct ldb_module *module, const char *dn,
 		talloc_free(list);
 		return LDB_ERR_OPERATIONS_ERROR;
 	}
-	list->dn[list->count].data = (uint8_t *)talloc_strdup(list->dn, dn);
+
+	list->dn[list->count].data
+		= (uint8_t *)talloc_strdup(list->dn, dn);
+	if (list->dn[list->count].data == NULL) {
+		talloc_free(list);
+		return LDB_ERR_OPERATIONS_ERROR;
+	}
 	list->dn[list->count].length = strlen(dn);
 	list->count++;
 
-- 
2.11.0


From 903c84e5519fc2bded7df1cffb3aa232477ba3aa Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 10 Aug 2017 16:09:31 +1200
Subject: [PATCH 07/16] ldb_tdb: Use braces in ltdb_dn_list_find_val()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13015

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/ldb/ldb_tdb/ldb_index.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c
index 07851e5d699..f826d80fa85 100644
--- a/lib/ldb/ldb_tdb/ldb_index.c
+++ b/lib/ldb/ldb_tdb/ldb_index.c
@@ -83,7 +83,9 @@ static int ltdb_dn_list_find_val(const struct dn_list *list, const struct ldb_va
 {
 	unsigned int i;
 	for (i=0; i<list->count; i++) {
-		if (dn_list_cmp(&list->dn[i], v) == 0) return i;
+		if (dn_list_cmp(&list->dn[i], v) == 0) {
+			return i;
+		}
 	}
 	return -1;
 }
-- 
2.11.0


From 7538d7e6980ef1ae4d640217f7e606541a874850 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 10 Aug 2017 17:08:54 +1200
Subject: [PATCH 08/16] ldb_tdb: Refuse to re-index very old database with no
 DN in the record

These are not found on any AD DC, and would segfault previous LDB
versions.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13015

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/ldb/ldb_tdb/ldb_index.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/lib/ldb/ldb_tdb/ldb_index.c b/lib/ldb/ldb_tdb/ldb_index.c
index f826d80fa85..1da3e9cfef2 100644
--- a/lib/ldb/ldb_tdb/ldb_index.c
+++ b/lib/ldb/ldb_tdb/ldb_index.c
@@ -1612,6 +1612,16 @@ static int re_key(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *st
 		return -1;
 	}
 
+	if (msg->dn == NULL) {
+		ldb_debug(ldb, LDB_DEBUG_ERROR,
+			  "Refusing to re-index as GUID "
+			  "key %*.*s with no DN\n",
+			  (int)key.dsize, (int)key.dsize,
+			  (char *)key.dptr);
+		talloc_free(msg);
+		return -1;
+	}
+	
 	/* check if the DN key has changed, perhaps due to the
 	   case insensitivity of an element changing */
 	key2 = ltdb_key(module, msg->dn);
@@ -1706,7 +1716,13 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *
 	}
 
 	if (msg->dn == NULL) {
-		dn = (char *)key.dptr + 3;
+		ldb_debug(ldb, LDB_DEBUG_ERROR,
+			  "Refusing to re-index as GUID "
+			  "key %*.*s with no DN\n",
+			  (int)key.dsize, (int)key.dsize,
+			  (char *)key.dptr);
+		talloc_free(msg);
+		return -1;
 	} else {
 		dn = ldb_dn_get_linearized(msg->dn);
 	}
-- 
2.11.0


From bba100865c6b99d9721b0e69f62c2fde13914387 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Tue, 5 Sep 2017 14:05:43 +1200
Subject: [PATCH 09/16] ldb: Add new ldb_ldif_message_redacted_string() with
 tests

This is designed to be a drop in replacement for
ldb_ldif_message_string() while better protecting privacy.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13017

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/ldb/common/ldb_ldif.c       | 21 ++++++++++
 lib/ldb/include/ldb.h           | 40 +++++++++++++++---
 lib/ldb/tests/ldb_mod_op_test.c | 91 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 147 insertions(+), 5 deletions(-)

diff --git a/lib/ldb/common/ldb_ldif.c b/lib/ldb/common/ldb_ldif.c
index 0aeda94beac..b90d27eea59 100644
--- a/lib/ldb/common/ldb_ldif.c
+++ b/lib/ldb/common/ldb_ldif.c
@@ -1080,3 +1080,24 @@ char *ldb_ldif_message_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
 
 	return ldb_ldif_write_string(ldb, mem_ctx, &ldif);
 }
+
+/*
+ * convenient function to turn a ldb_message into a string. Useful for
+ * debugging but also safer if some of the LDIF could be sensitive.
+ *
+ * The secret attributes are specified in a 'const char * const *' within
+ * the LDB_SECRET_ATTRIBUTE_LIST opaque set on the ldb
+ *
+ */
+char *ldb_ldif_message_redacted_string(struct ldb_context *ldb,
+				       TALLOC_CTX *mem_ctx,
+				       enum ldb_changetype changetype,
+				       const struct ldb_message *msg)
+{
+	struct ldb_ldif ldif;
+
+	ldif.changetype = changetype;
+	ldif.msg = discard_const_p(struct ldb_message, msg);
+
+	return ldb_ldif_write_redacted_trace_string(ldb, mem_ctx, &ldif);
+}
diff --git a/lib/ldb/include/ldb.h b/lib/ldb/include/ldb.h
index 14cec0e0b93..9918b4e69d9 100644
--- a/lib/ldb/include/ldb.h
+++ b/lib/ldb/include/ldb.h
@@ -1724,16 +1724,46 @@ char * ldb_ldif_write_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
 			  const struct ldb_ldif *msg);
 
 
-/*
-   Produce a string form of an ldb message
+/**
+   Write an LDB message to a string
 
-   convenient function to turn a ldb_message into a string. Useful for
-   debugging
- */
+   \param ldb the ldb context (from ldb_init())
+   \param mem_ctx the talloc context on which to attach the string)
+   \param changetype LDB_CHANGETYPE_ADD or LDB_CHANGETYPE_MODIFY
+   \param msg the message to write out
+
+   \return the string containing the LDIF, or NULL on error
+
+   \sa ldb_ldif_message_redacted_string for a safer version of this 
+       function
+*/
 char *ldb_ldif_message_string(struct ldb_context *ldb, TALLOC_CTX *mem_ctx,
 			      enum ldb_changetype changetype,
 			      const struct ldb_message *msg);
 
+/**
+   Write an LDB message to a string
+
+   \param ldb the ldb context (from ldb_init())
+   \param mem_ctx the talloc context on which to attach the string)
+   \param changetype LDB_CHANGETYPE_ADD or LDB_CHANGETYPE_MODIFY
+   \param msg the message to write out
+
+   \return the string containing the LDIF, or NULL on error, but
+           with secret attributes redacted
+
+   \note The secret attributes are specified in a 
+         'const char * const *' within the LDB_SECRET_ATTRIBUTE_LIST
+         opaque set on the ldb
+
+   \sa ldb_ldif_message_string for an exact representiation of the
+       message as LDIF
+*/
+char *ldb_ldif_message_redacted_string(struct ldb_context *ldb,
+				       TALLOC_CTX *mem_ctx,
+				       enum ldb_changetype changetype,
+				       const struct ldb_message *msg);
+
 
 /**
    Base64 encode a buffer
diff --git a/lib/ldb/tests/ldb_mod_op_test.c b/lib/ldb/tests/ldb_mod_op_test.c
index 96d2dd27df2..5e439f8d151 100644
--- a/lib/ldb/tests/ldb_mod_op_test.c
+++ b/lib/ldb/tests/ldb_mod_op_test.c
@@ -114,6 +114,91 @@ static void test_connect(void **state)
 	assert_int_equal(ret, 0);
 }
 
+static struct ldb_message *get_test_ldb_message(TALLOC_CTX *mem_ctx,
+						struct ldb_context *ldb)
+{
+	struct ldb_message *msg = ldb_msg_new(mem_ctx);
+	int ret;
+	assert_non_null(msg);
+
+	msg->dn = ldb_dn_new(msg, ldb, "dc=samba,dc=org");
+	assert_non_null(msg->dn);
+	ret = ldb_msg_add_string(msg, "public", "key");
+	assert_int_equal(ret, LDB_SUCCESS);
+	ret = ldb_msg_add_string(msg, "supersecret", "password");
+	assert_int_equal(ret, LDB_SUCCESS);
+	ret = ldb_msg_add_string(msg, "binary", "\xff\xff\0");
+	assert_int_equal(ret, LDB_SUCCESS);
+	return msg;
+}
+
+static void test_ldif_message(void **state)
+{
+	struct ldbtest_ctx *test_ctx = talloc_get_type_abort(*state,
+							struct ldbtest_ctx);
+	char *got_ldif;
+	const char *expected_ldif =
+		"dn: dc=samba,dc=org\n"
+		"changetype: add\n"
+		"public: key\n"
+		"supersecret: password\n"
+		"binary:: //8=\n"
+		"\n";
+	
+	struct ldb_message *msg = get_test_ldb_message(test_ctx,
+						       test_ctx->ldb);
+
+	got_ldif = ldb_ldif_message_string(test_ctx->ldb,
+					   test_ctx,
+					   LDB_CHANGETYPE_ADD,
+					   msg);
+	assert_string_equal(got_ldif, expected_ldif);
+	TALLOC_FREE(got_ldif);
+}
+
+static void test_ldif_message_redacted(void **state)
+{
+	struct ldbtest_ctx *test_ctx = talloc_get_type_abort(*state,
+							struct ldbtest_ctx);
+	int ret;
+	char *got_ldif;
+	const char *expected_ldif =
+		"dn: dc=samba,dc=org\n"
+		"changetype: add\n"
+		"public: key\n"
+		"# supersecret::: REDACTED SECRET ATTRIBUTE\n"
+		"binary:: //8=\n"
+		"\n";
+
+	const char *secret_attrs[] = {
+		"supersecret",
+		NULL
+	};
+	
+	struct ldb_message *msg = ldb_msg_new(test_ctx);
+
+	ldb_set_opaque(test_ctx->ldb,
+		       LDB_SECRET_ATTRIBUTE_LIST_OPAQUE,
+		       secret_attrs);
+	
+	assert_non_null(msg);
+
+	msg->dn = ldb_dn_new(msg, test_ctx->ldb, "dc=samba,dc=org");
+	ret = ldb_msg_add_string(msg, "public", "key");
+	assert_int_equal(ret, LDB_SUCCESS);
+	ret = ldb_msg_add_string(msg, "supersecret", "password");
+	assert_int_equal(ret, LDB_SUCCESS);
+	ret = ldb_msg_add_string(msg, "binary", "\xff\xff\0");
+	assert_int_equal(ret, LDB_SUCCESS);
+	got_ldif = ldb_ldif_message_redacted_string(test_ctx->ldb,
+						    test_ctx,
+						    LDB_CHANGETYPE_ADD,
+						    msg);
+	assert_string_equal(got_ldif, expected_ldif);
+	TALLOC_FREE(got_ldif);
+	assert_int_equal(ret, 0);
+}
+
 static int ldbtest_setup(void **state)
 {
 	struct ldbtest_ctx *test_ctx;
@@ -2782,6 +2867,12 @@ int main(int argc, const char **argv)
 		cmocka_unit_test_setup_teardown(test_connect,
 						ldbtest_noconn_setup,
 						ldbtest_noconn_teardown),
+		cmocka_unit_test_setup_teardown(test_ldif_message,
+						ldbtest_noconn_setup,
+						ldbtest_noconn_teardown),
+		cmocka_unit_test_setup_teardown(test_ldif_message_redacted,
+						ldbtest_noconn_setup,
+						ldbtest_noconn_teardown),
 		cmocka_unit_test_setup_teardown(test_ldb_add,
 						ldbtest_setup,
 						ldbtest_teardown),
-- 
2.11.0


From 62314bb6d2efa535309312a4f3dffe66d0f42b75 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Wed, 6 Sep 2017 14:26:25 +1200
Subject: [PATCH 10/16] ldb: version 1.2.2

* Bug #13017: Add ldb_ldif_message_redacted_string() to allow debug
              of redacted log messages, avoiding showing secret values

* Bug #13015: Allow re-index of newer databases with binary GUID TDB keys
              (this officially removes support for re-index of the original
              pack format 0, rather than simply segfaulting).
* Avoid memory allocation and so make modify of records in ldb_tdb faster

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/ldb/ABI/ldb-1.2.2.sigs            | 277 ++++++++++++++++++++++++++++++++++
 lib/ldb/ABI/pyldb-util-1.2.2.sigs     |   2 +
 lib/ldb/ABI/pyldb-util.py3-1.2.2.sigs |   2 +
 lib/ldb/wscript                       |   2 +-
 4 files changed, 282 insertions(+), 1 deletion(-)
 create mode 100644 lib/ldb/ABI/ldb-1.2.2.sigs
 create mode 100644 lib/ldb/ABI/pyldb-util-1.2.2.sigs
 create mode 100644 lib/ldb/ABI/pyldb-util.py3-1.2.2.sigs

diff --git a/lib/ldb/ABI/ldb-1.2.2.sigs b/lib/ldb/ABI/ldb-1.2.2.sigs
new file mode 100644
index 00000000000..9dc61cda019
--- /dev/null
+++ b/lib/ldb/ABI/ldb-1.2.2.sigs
@@ -0,0 +1,277 @@
+ldb_add: int (struct ldb_context *, const struct ldb_message *)
+ldb_any_comparison: int (struct ldb_context *, void *, ldb_attr_handler_t, const struct ldb_val *, const struct ldb_val *)
+ldb_asprintf_errstring: void (struct ldb_context *, const char *, ...)
+ldb_attr_casefold: char *(TALLOC_CTX *, const char *)
+ldb_attr_dn: int (const char *)
+ldb_attr_in_list: int (const char * const *, const char *)
+ldb_attr_list_copy: const char **(TALLOC_CTX *, const char * const *)
+ldb_attr_list_copy_add: const char **(TALLOC_CTX *, const char * const *, const char *)
+ldb_base64_decode: int (char *)
+ldb_base64_encode: char *(TALLOC_CTX *, const char *, int)
+ldb_binary_decode: struct ldb_val (TALLOC_CTX *, const char *)
+ldb_binary_encode: char *(TALLOC_CTX *, struct ldb_val)
+ldb_binary_encode_string: char *(TALLOC_CTX *, const char *)
+ldb_build_add_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *)
+ldb_build_del_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *)
+ldb_build_extended_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, const char *, void *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *)
+ldb_build_mod_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *)
+ldb_build_rename_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, struct ldb_dn *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *)
+ldb_build_search_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, enum ldb_scope, const char *, const char * const *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *)
+ldb_build_search_req_ex: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, enum ldb_scope, struct ldb_parse_tree *, const char * const *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *)
+ldb_casefold: char *(struct ldb_context *, TALLOC_CTX *, const char *, size_t)
+ldb_casefold_default: char *(void *, TALLOC_CTX *, const char *, size_t)
+ldb_check_critical_controls: int (struct ldb_control **)
+ldb_comparison_binary: int (struct ldb_context *, void *, const struct ldb_val *, const struct ldb_val *)
+ldb_comparison_fold: int (struct ldb_context *, void *, const struct ldb_val *, const struct ldb_val *)
+ldb_connect: int (struct ldb_context *, const char *, unsigned int, const char **)
+ldb_control_to_string: char *(TALLOC_CTX *, const struct ldb_control *)
+ldb_controls_except_specified: struct ldb_control **(struct ldb_control **, TALLOC_CTX *, struct ldb_control *)
+ldb_debug: void (struct ldb_context *, enum ldb_debug_level, const char *, ...)
+ldb_debug_add: void (struct ldb_context *, const char *, ...)
+ldb_debug_end: void (struct ldb_context *, enum ldb_debug_level)
+ldb_debug_set: void (struct ldb_context *, enum ldb_debug_level, const char *, ...)
+ldb_delete: int (struct ldb_context *, struct ldb_dn *)
+ldb_dn_add_base: bool (struct ldb_dn *, struct ldb_dn *)
+ldb_dn_add_base_fmt: bool (struct ldb_dn *, const char *, ...)
+ldb_dn_add_child: bool (struct ldb_dn *, struct ldb_dn *)
+ldb_dn_add_child_fmt: bool (struct ldb_dn *, const char *, ...)
+ldb_dn_alloc_casefold: char *(TALLOC_CTX *, struct ldb_dn *)
+ldb_dn_alloc_linearized: char *(TALLOC_CTX *, struct ldb_dn *)
+ldb_dn_canonical_ex_string: char *(TALLOC_CTX *, struct ldb_dn *)
+ldb_dn_canonical_string: char *(TALLOC_CTX *, struct ldb_dn *)
+ldb_dn_check_local: bool (struct ldb_module *, struct ldb_dn *)
+ldb_dn_check_special: bool (struct ldb_dn *, const char *)
+ldb_dn_compare: int (struct ldb_dn *, struct ldb_dn *)
+ldb_dn_compare_base: int (struct ldb_dn *, struct ldb_dn *)
+ldb_dn_copy: struct ldb_dn *(TALLOC_CTX *, struct ldb_dn *)
+ldb_dn_escape_value: char *(TALLOC_CTX *, struct ldb_val)
+ldb_dn_extended_add_syntax: int (struct ldb_context *, unsigned int, const struct ldb_dn_extended_syntax *)
+ldb_dn_extended_filter: void (struct ldb_dn *, const char * const *)
+ldb_dn_extended_syntax_by_name: const struct ldb_dn_extended_syntax *(struct ldb_context *, const char *)
+ldb_dn_from_ldb_val: struct ldb_dn *(TALLOC_CTX *, struct ldb_context *, const struct ldb_val *)
+ldb_dn_get_casefold: const char *(struct ldb_dn *)
+ldb_dn_get_comp_num: int (struct ldb_dn *)
+ldb_dn_get_component_name: const char *(struct ldb_dn *, unsigned int)
+ldb_dn_get_component_val: const struct ldb_val *(struct ldb_dn *, unsigned int)
+ldb_dn_get_extended_comp_num: int (struct ldb_dn *)
+ldb_dn_get_extended_component: const struct ldb_val *(struct ldb_dn *, const char *)
+ldb_dn_get_extended_linearized: char *(TALLOC_CTX *, struct ldb_dn *, int)
+ldb_dn_get_ldb_context: struct ldb_context *(struct ldb_dn *)
+ldb_dn_get_linearized: const char *(struct ldb_dn *)
+ldb_dn_get_parent: struct ldb_dn *(TALLOC_CTX *, struct ldb_dn *)
+ldb_dn_get_rdn_name: const char *(struct ldb_dn *)
+ldb_dn_get_rdn_val: const struct ldb_val *(struct ldb_dn *)
+ldb_dn_has_extended: bool (struct ldb_dn *)
+ldb_dn_is_null: bool (struct ldb_dn *)
+ldb_dn_is_special: bool (struct ldb_dn *)
+ldb_dn_is_valid: bool (struct ldb_dn *)
+ldb_dn_map_local: struct ldb_dn *(struct ldb_module *, void *, struct ldb_dn *)
+ldb_dn_map_rebase_remote: struct ldb_dn *(struct ldb_module *, void *, struct ldb_dn *)
+ldb_dn_map_remote: struct ldb_dn *(struct ldb_module *, void *, struct ldb_dn *)
+ldb_dn_minimise: bool (struct ldb_dn *)
+ldb_dn_new: struct ldb_dn *(TALLOC_CTX *, struct ldb_context *, const char *)
+ldb_dn_new_fmt: struct ldb_dn *(TALLOC_CTX *, struct ldb_context *, const char *, ...)
+ldb_dn_remove_base_components: bool (struct ldb_dn *, unsigned int)
+ldb_dn_remove_child_components: bool (struct ldb_dn *, unsigned int)
+ldb_dn_remove_extended_components: void (struct ldb_dn *)
+ldb_dn_replace_components: bool (struct ldb_dn *, struct ldb_dn *)
+ldb_dn_set_component: int (struct ldb_dn *, int, const char *, const struct ldb_val)
+ldb_dn_set_extended_component: int (struct ldb_dn *, const char *, const struct ldb_val *)
+ldb_dn_update_components: int (struct ldb_dn *, const struct ldb_dn *)
+ldb_dn_validate: bool (struct ldb_dn *)
+ldb_dump_results: void (struct ldb_context *, struct ldb_result *, FILE *)
+ldb_error_at: int (struct ldb_context *, int, const char *, const char *, int)
+ldb_errstring: const char *(struct ldb_context *)
+ldb_extended: int (struct ldb_context *, const char *, void *, struct ldb_result **)
+ldb_extended_default_callback: int (struct ldb_request *, struct ldb_reply *)
+ldb_filter_from_tree: char *(TALLOC_CTX *, const struct ldb_parse_tree *)
+ldb_get_config_basedn: struct ldb_dn *(struct ldb_context *)
+ldb_get_create_perms: unsigned int (struct ldb_context *)
+ldb_get_default_basedn: struct ldb_dn *(struct ldb_context *)
+ldb_get_event_context: struct tevent_context *(struct ldb_context *)
+ldb_get_flags: unsigned int (struct ldb_context *)
+ldb_get_opaque: void *(struct ldb_context *, const char *)
+ldb_get_root_basedn: struct ldb_dn *(struct ldb_context *)
+ldb_get_schema_basedn: struct ldb_dn *(struct ldb_context *)
+ldb_global_init: int (void)
+ldb_handle_get_event_context: struct tevent_context *(struct ldb_handle *)
+ldb_handle_new: struct ldb_handle *(TALLOC_CTX *, struct ldb_context *)
+ldb_handle_use_global_event_context: void (struct ldb_handle *)
+ldb_handler_copy: int (struct ldb_context *, void *, const struct ldb_val *, struct ldb_val *)
+ldb_handler_fold: int (struct ldb_context *, void *, const struct ldb_val *, struct ldb_val *)
+ldb_init: struct ldb_context *(TALLOC_CTX *, struct tevent_context *)
+ldb_ldif_message_redacted_string: char *(struct ldb_context *, TALLOC_CTX *, enum ldb_changetype, const struct ldb_message *)
+ldb_ldif_message_string: char *(struct ldb_context *, TALLOC_CTX *, enum ldb_changetype, const struct ldb_message *)
+ldb_ldif_parse_modrdn: int (struct ldb_context *, const struct ldb_ldif *, TALLOC_CTX *, struct ldb_dn **, struct ldb_dn **, bool *, struct ldb_dn **, struct ldb_dn **)
+ldb_ldif_read: struct ldb_ldif *(struct ldb_context *, int (*)(void *), void *)
+ldb_ldif_read_file: struct ldb_ldif *(struct ldb_context *, FILE *)
+ldb_ldif_read_file_state: struct ldb_ldif *(struct ldb_context *, struct ldif_read_file_state *)
+ldb_ldif_read_free: void (struct ldb_context *, struct ldb_ldif *)
+ldb_ldif_read_string: struct ldb_ldif *(struct ldb_context *, const char **)
+ldb_ldif_write: int (struct ldb_context *, int (*)(void *, const char *, ...), void *, const struct ldb_ldif *)
+ldb_ldif_write_file: int (struct ldb_context *, FILE *, const struct ldb_ldif *)
+ldb_ldif_write_redacted_trace_string: char *(struct ldb_context *, TALLOC_CTX *, const struct ldb_ldif *)
+ldb_ldif_write_string: char *(struct ldb_context *, TALLOC_CTX *, const struct ldb_ldif *)
+ldb_load_modules: int (struct ldb_context *, const char **)
+ldb_map_add: int (struct ldb_module *, struct ldb_request *)
+ldb_map_delete: int (struct ldb_module *, struct ldb_request *)
+ldb_map_init: int (struct ldb_module *, const struct ldb_map_attribute *, const struct ldb_map_objectclass *, const char * const *, const char *, const char *)
+ldb_map_modify: int (struct ldb_module *, struct ldb_request *)
+ldb_map_rename: int (struct ldb_module *, struct ldb_request *)
+ldb_map_search: int (struct ldb_module *, struct ldb_request *)
+ldb_match_msg: int (struct ldb_context *, const struct ldb_message *, const struct ldb_parse_tree *, struct ldb_dn *, enum ldb_scope)
+ldb_match_msg_error: int (struct ldb_context *, const struct ldb_message *, const struct ldb_parse_tree *, struct ldb_dn *, enum ldb_scope, bool *)
+ldb_match_msg_objectclass: int (const struct ldb_message *, const char *)
+ldb_mod_register_control: int (struct ldb_module *, const char *)
+ldb_modify: int (struct ldb_context *, const struct ldb_message *)
+ldb_modify_default_callback: int (struct ldb_request *, struct ldb_reply *)
+ldb_module_call_chain: char *(struct ldb_request *, TALLOC_CTX *)
+ldb_module_connect_backend: int (struct ldb_context *, const char *, const char **, struct ldb_module **)
+ldb_module_done: int (struct ldb_request *, struct ldb_control **, struct ldb_extended *, int)
+ldb_module_flags: uint32_t (struct ldb_context *)
+ldb_module_get_ctx: struct ldb_context *(struct ldb_module *)
+ldb_module_get_name: const char *(struct ldb_module *)
+ldb_module_get_ops: const struct ldb_module_ops *(struct ldb_module *)
+ldb_module_get_private: void *(struct ldb_module *)
+ldb_module_init_chain: int (struct ldb_context *, struct ldb_module *)
+ldb_module_load_list: int (struct ldb_context *, const char **, struct ldb_module *, struct ldb_module **)
+ldb_module_new: struct ldb_module *(TALLOC_CTX *, struct ldb_context *, const char *, const struct ldb_module_ops *)
+ldb_module_next: struct ldb_module *(struct ldb_module *)
+ldb_module_popt_options: struct poptOption **(struct ldb_context *)
+ldb_module_send_entry: int (struct ldb_request *, struct ldb_message *, struct ldb_control **)
+ldb_module_send_referral: int (struct ldb_request *, char *)
+ldb_module_set_next: void (struct ldb_module *, struct ldb_module *)
+ldb_module_set_private: void (struct ldb_module *, void *)
+ldb_modules_hook: int (struct ldb_context *, enum ldb_module_hook_type)
+ldb_modules_list_from_string: const char **(struct ldb_context *, TALLOC_CTX *, const char *)
+ldb_modules_load: int (const char *, const char *)
+ldb_msg_add: int (struct ldb_message *, const struct ldb_message_element *, int)
+ldb_msg_add_empty: int (struct ldb_message *, const char *, int, struct ldb_message_element **)
+ldb_msg_add_fmt: int (struct ldb_message *, const char *, const char *, ...)
+ldb_msg_add_linearized_dn: int (struct ldb_message *, const char *, struct ldb_dn *)
+ldb_msg_add_steal_string: int (struct ldb_message *, const char *, char *)
+ldb_msg_add_steal_value: int (struct ldb_message *, const char *, struct ldb_val *)
+ldb_msg_add_string: int (struct ldb_message *, const char *, const char *)
+ldb_msg_add_value: int (struct ldb_message *, const char *, const struct ldb_val *, struct ldb_message_element **)
+ldb_msg_canonicalize: struct ldb_message *(struct ldb_context *, const struct ldb_message *)
+ldb_msg_check_string_attribute: int (const struct ldb_message *, const char *, const char *)
+ldb_msg_copy: struct ldb_message *(TALLOC_CTX *, const struct ldb_message *)
+ldb_msg_copy_attr: int (struct ldb_message *, const char *, const char *)
+ldb_msg_copy_shallow: struct ldb_message *(TALLOC_CTX *, const struct ldb_message *)
+ldb_msg_diff: struct ldb_message *(struct ldb_context *, struct ldb_message *, struct ldb_message *)
+ldb_msg_difference: int (struct ldb_context *, TALLOC_CTX *, struct ldb_message *, struct ldb_message *, struct ldb_message **)
+ldb_msg_element_compare: int (struct ldb_message_element *, struct ldb_message_element *)
+ldb_msg_element_compare_name: int (struct ldb_message_element *, struct ldb_message_element *)
+ldb_msg_element_equal_ordered: bool (const struct ldb_message_element *, const struct ldb_message_element *)
+ldb_msg_find_attr_as_bool: int (const struct ldb_message *, const char *, int)
+ldb_msg_find_attr_as_dn: struct ldb_dn *(struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, const char *)
+ldb_msg_find_attr_as_double: double (const struct ldb_message *, const char *, double)
+ldb_msg_find_attr_as_int: int (const struct ldb_message *, const char *, int)
+ldb_msg_find_attr_as_int64: int64_t (const struct ldb_message *, const char *, int64_t)
+ldb_msg_find_attr_as_string: const char *(const struct ldb_message *, const char *, const char *)
+ldb_msg_find_attr_as_uint: unsigned int (const struct ldb_message *, const char *, unsigned int)
+ldb_msg_find_attr_as_uint64: uint64_t (const struct ldb_message *, const char *, uint64_t)
+ldb_msg_find_common_values: int (struct ldb_context *, TALLOC_CTX *, struct ldb_message_element *, struct ldb_message_element *, uint32_t)
+ldb_msg_find_duplicate_val: int (struct ldb_context *, TALLOC_CTX *, const struct ldb_message_element *, struct ldb_val **, uint32_t)
+ldb_msg_find_element: struct ldb_message_element *(const struct ldb_message *, const char *)
+ldb_msg_find_ldb_val: const struct ldb_val *(const struct ldb_message *, const char *)
+ldb_msg_find_val: struct ldb_val *(const struct ldb_message_element *, struct ldb_val *)
+ldb_msg_new: struct ldb_message *(TALLOC_CTX *)
+ldb_msg_normalize: int (struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, struct ldb_message **)
+ldb_msg_remove_attr: void (struct ldb_message *, const char *)
+ldb_msg_remove_element: void (struct ldb_message *, struct ldb_message_element *)
+ldb_msg_rename_attr: int (struct ldb_message *, const char *, const char *)
+ldb_msg_sanity_check: int (struct ldb_context *, const struct ldb_message *)
+ldb_msg_sort_elements: void (struct ldb_message *)
+ldb_next_del_trans: int (struct ldb_module *)
+ldb_next_end_trans: int (struct ldb_module *)
+ldb_next_init: int (struct ldb_module *)
+ldb_next_prepare_commit: int (struct ldb_module *)
+ldb_next_read_lock: int (struct ldb_module *)
+ldb_next_read_unlock: int (struct ldb_module *)
+ldb_next_remote_request: int (struct ldb_module *, struct ldb_request *)
+ldb_next_request: int (struct ldb_module *, struct ldb_request *)
+ldb_next_start_trans: int (struct ldb_module *)
+ldb_op_default_callback: int (struct ldb_request *, struct ldb_reply *)
+ldb_options_find: const char *(struct ldb_context *, const char **, const char *)
+ldb_pack_data: int (struct ldb_context *, const struct ldb_message *, struct ldb_val *)
+ldb_parse_control_from_string: struct ldb_control *(struct ldb_context *, TALLOC_CTX *, const char *)
+ldb_parse_control_strings: struct ldb_control **(struct ldb_context *, TALLOC_CTX *, const char **)
+ldb_parse_tree: struct ldb_parse_tree *(TALLOC_CTX *, const char *)
+ldb_parse_tree_attr_replace: void (struct ldb_parse_tree *, const char *, const char *)
+ldb_parse_tree_copy_shallow: struct ldb_parse_tree *(TALLOC_CTX *, const struct ldb_parse_tree *)
+ldb_parse_tree_walk: int (struct ldb_parse_tree *, int (*)(struct ldb_parse_tree *, void *), void *)
+ldb_qsort: void (void * const, size_t, size_t, void *, ldb_qsort_cmp_fn_t)
+ldb_register_backend: int (const char *, ldb_connect_fn, bool)
+ldb_register_extended_match_rule: int (struct ldb_context *, const struct ldb_extended_match_rule *)
+ldb_register_hook: int (ldb_hook_fn)
+ldb_register_module: int (const struct ldb_module_ops *)
+ldb_rename: int (struct ldb_context *, struct ldb_dn *, struct ldb_dn *)
+ldb_reply_add_control: int (struct ldb_reply *, const char *, bool, void *)
+ldb_reply_get_control: struct ldb_control *(struct ldb_reply *, const char *)
+ldb_req_get_custom_flags: uint32_t (struct ldb_request *)
+ldb_req_is_untrusted: bool (struct ldb_request *)
+ldb_req_location: const char *(struct ldb_request *)
+ldb_req_mark_trusted: void (struct ldb_request *)
+ldb_req_mark_untrusted: void (struct ldb_request *)
+ldb_req_set_custom_flags: void (struct ldb_request *, uint32_t)
+ldb_req_set_location: void (struct ldb_request *, const char *)
+ldb_request: int (struct ldb_context *, struct ldb_request *)
+ldb_request_add_control: int (struct ldb_request *, const char *, bool, void *)
+ldb_request_done: int (struct ldb_request *, int)
+ldb_request_get_control: struct ldb_control *(struct ldb_request *, const char *)
+ldb_request_get_status: int (struct ldb_request *)
+ldb_request_replace_control: int (struct ldb_request *, const char *, bool, void *)
+ldb_request_set_state: void (struct ldb_request *, int)
+ldb_reset_err_string: void (struct ldb_context *)
+ldb_save_controls: int (struct ldb_control *, struct ldb_request *, struct ldb_control ***)
+ldb_schema_attribute_add: int (struct ldb_context *, const char *, unsigned int, const char *)
+ldb_schema_attribute_add_with_syntax: int (struct ldb_context *, const char *, unsigned int, const struct ldb_schema_syntax *)
+ldb_schema_attribute_by_name: const struct ldb_schema_attribute *(struct ldb_context *, const char *)
+ldb_schema_attribute_fill_with_syntax: int (struct ldb_context *, TALLOC_CTX *, const char *, unsigned int, const struct ldb_schema_syntax *, struct ldb_schema_attribute *)
+ldb_schema_attribute_remove: void (struct ldb_context *, const char *)
+ldb_schema_attribute_remove_flagged: void (struct ldb_context *, unsigned int)
+ldb_schema_attribute_set_override_handler: void (struct ldb_context *, ldb_attribute_handler_override_fn_t, void *)
+ldb_schema_set_override_indexlist: void (struct ldb_context *, bool)
+ldb_search: int (struct ldb_context *, TALLOC_CTX *, struct ldb_result **, struct ldb_dn *, enum ldb_scope, const char * const *, const char *, ...)
+ldb_search_default_callback: int (struct ldb_request *, struct ldb_reply *)
+ldb_sequence_number: int (struct ldb_context *, enum ldb_sequence_type, uint64_t *)
+ldb_set_create_perms: void (struct ldb_context *, unsigned int)
+ldb_set_debug: int (struct ldb_context *, void (*)(void *, enum ldb_debug_level, const char *, va_list), void *)
+ldb_set_debug_stderr: int (struct ldb_context *)
+ldb_set_default_dns: void (struct ldb_context *)
+ldb_set_errstring: void (struct ldb_context *, const char *)
+ldb_set_event_context: void (struct ldb_context *, struct tevent_context *)
+ldb_set_flags: void (struct ldb_context *, unsigned int)
+ldb_set_modules_dir: void (struct ldb_context *, const char *)
+ldb_set_opaque: int (struct ldb_context *, const char *, void *)
+ldb_set_require_private_event_context: void (struct ldb_context *)
+ldb_set_timeout: int (struct ldb_context *, struct ldb_request *, int)
+ldb_set_timeout_from_prev_req: int (struct ldb_context *, struct ldb_request *, struct ldb_request *)
+ldb_set_utf8_default: void (struct ldb_context *)
+ldb_set_utf8_fns: void (struct ldb_context *, void *, char *(*)(void *, void *, const char *, size_t))
+ldb_setup_wellknown_attributes: int (struct ldb_context *)
+ldb_should_b64_encode: int (struct ldb_context *, const struct ldb_val *)
+ldb_standard_syntax_by_name: const struct ldb_schema_syntax *(struct ldb_context *, const char *)
+ldb_strerror: const char *(int)
+ldb_string_to_time: time_t (const char *)
+ldb_string_utc_to_time: time_t (const char *)
+ldb_timestring: char *(TALLOC_CTX *, time_t)
+ldb_timestring_utc: char *(TALLOC_CTX *, time_t)
+ldb_transaction_cancel: int (struct ldb_context *)
+ldb_transaction_cancel_noerr: int (struct ldb_context *)
+ldb_transaction_commit: int (struct ldb_context *)
+ldb_transaction_prepare_commit: int (struct ldb_context *)
+ldb_transaction_start: int (struct ldb_context *)
+ldb_unpack_data: int (struct ldb_context *, const struct ldb_val *, struct ldb_message *)
+ldb_unpack_data_only_attr_list: int (struct ldb_context *, const struct ldb_val *, struct ldb_message *, const char * const *, unsigned int, unsigned int *)
+ldb_unpack_data_only_attr_list_flags: int (struct ldb_context *, const struct ldb_val *, struct ldb_message *, const char * const *, unsigned int, unsigned int, unsigned int *)
+ldb_val_dup: struct ldb_val (TALLOC_CTX *, const struct ldb_val *)
+ldb_val_equal_exact: int (const struct ldb_val *, const struct ldb_val *)
+ldb_val_map_local: struct ldb_val (struct ldb_module *, void *, const struct ldb_map_attribute *, const struct ldb_val *)
+ldb_val_map_remote: struct ldb_val (struct ldb_module *, void *, const struct ldb_map_attribute *, const struct ldb_val *)
+ldb_val_string_cmp: int (const struct ldb_val *, const char *)
+ldb_val_to_time: int (const struct ldb_val *, time_t *)
+ldb_valid_attr_name: int (const char *)
+ldb_vdebug: void (struct ldb_context *, enum ldb_debug_level, const char *, va_list)
+ldb_wait: int (struct ldb_handle *, enum ldb_wait_type)
diff --git a/lib/ldb/ABI/pyldb-util-1.2.2.sigs b/lib/ldb/ABI/pyldb-util-1.2.2.sigs
new file mode 100644
index 00000000000..74d6719d2bc
--- /dev/null
+++ b/lib/ldb/ABI/pyldb-util-1.2.2.sigs
@@ -0,0 +1,2 @@
+pyldb_Dn_FromDn: PyObject *(struct ldb_dn *)
+pyldb_Object_AsDn: bool (TALLOC_CTX *, PyObject *, struct ldb_context *, struct ldb_dn **)
diff --git a/lib/ldb/ABI/pyldb-util.py3-1.2.2.sigs b/lib/ldb/ABI/pyldb-util.py3-1.2.2.sigs
new file mode 100644
index 00000000000..74d6719d2bc
--- /dev/null
+++ b/lib/ldb/ABI/pyldb-util.py3-1.2.2.sigs
@@ -0,0 +1,2 @@
+pyldb_Dn_FromDn: PyObject *(struct ldb_dn *)
+pyldb_Object_AsDn: bool (TALLOC_CTX *, PyObject *, struct ldb_context *, struct ldb_dn **)
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 6f3b32665d3..bd17b7b9edc 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 
 APPNAME = 'ldb'
-VERSION = '1.2.1'
+VERSION = '1.2.2'
 
 blddir = 'bin'
 
-- 
2.11.0


From 385f1d97d72f73adce0c7cabff48eeb144cc8d89 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Wed, 6 Sep 2017 15:38:14 +1200
Subject: [PATCH 11/16] repl_meta_data: Use ldb_ldif_message_redacted_string()
 to avoid printing secrets in logs

This avoids printing un-encrypted secret values in logs

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 20 +++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index d5234d58d8c..1859d94691f 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -4984,7 +4984,9 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar)
 	if (DEBUGLVL(4)) {
 		struct GUID_txt_buf guid_txt;
 
-		char *s = ldb_ldif_message_string(ldb, ar, LDB_CHANGETYPE_ADD, msg);
+		char *s = ldb_ldif_message_redacted_string(ldb, ar,
+							   LDB_CHANGETYPE_ADD,
+							   msg);
 		DEBUG(4, ("DRS replication add message of %s:\n%s\n",
 			  GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid, &guid_txt),
 			  s));
@@ -5556,7 +5558,8 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
 	if (DEBUGLVL(5)) {
 		struct GUID_txt_buf guid_txt;
 
-		char *s = ldb_ldif_message_string(ldb, ar, LDB_CHANGETYPE_MODIFY, msg);
+		char *s = ldb_ldif_message_redacted_string(ldb, ar,
+							   LDB_CHANGETYPE_MODIFY, msg);
 		DEBUG(5, ("Initial DRS replication modify message of %s is:\n%s\n"
 			  "%s\n"
 			  "%s\n",
@@ -5832,7 +5835,9 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
 	if (DEBUGLVL(4)) {
 		struct GUID_txt_buf guid_txt;
 
-		char *s = ldb_ldif_message_string(ldb, ar, LDB_CHANGETYPE_MODIFY, msg);
+		char *s = ldb_ldif_message_redacted_string(ldb, ar,
+							   LDB_CHANGETYPE_MODIFY,
+							   msg);
 		DEBUG(4, ("Final DRS replication modify message of %s:\n%s\n",
 			  GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid, &guid_txt),
 			  s));
@@ -6499,7 +6504,9 @@ static int replmd_replicated_uptodate_modify(struct replmd_replicated_request *a
 	nrf_el->flags = LDB_FLAG_MOD_REPLACE;
 
 	if (CHECK_DEBUGLVL(4)) {
-		char *s = ldb_ldif_message_string(ldb, ar, LDB_CHANGETYPE_MODIFY, msg);
+		char *s = ldb_ldif_message_redacted_string(ldb, ar,
+							   LDB_CHANGETYPE_MODIFY,
+							   msg);
 		DEBUG(4, ("DRS replication uptodate modify message:\n%s\n", s));
 		talloc_free(s);
 	}
@@ -7312,7 +7319,10 @@ static int replmd_process_linked_attribute(struct ldb_module *module,
 	if (ret != LDB_SUCCESS) {
 		ldb_debug(ldb, LDB_DEBUG_WARNING, "Failed to apply linked attribute change '%s'\n%s\n",
 			  ldb_errstring(ldb),
-			  ldb_ldif_message_string(ldb, tmp_ctx, LDB_CHANGETYPE_MODIFY, msg));
+			  ldb_ldif_message_redacted_string(ldb,
+							   tmp_ctx,
+							   LDB_CHANGETYPE_MODIFY,
+							   msg));
 		talloc_free(tmp_ctx);
 		return ret;
 	}
-- 
2.11.0


From b20aecaafa23894e61833ee7e2e36fd3d93e2f41 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Wed, 6 Sep 2017 15:56:59 +1200
Subject: [PATCH 12/16] linked_attributes: Use
 ldb_ldif_message_redacted_string() for consistency

This avoids printing un-encrypted secret values in logs, and while links are not likely
secret, this avoids a future copy and paste using ldb_ldif_message_string() again.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 source4/dsdb/samdb/ldb_modules/linked_attributes.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/source4/dsdb/samdb/ldb_modules/linked_attributes.c b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
index 2016524a2d4..c6beb25e58b 100644
--- a/source4/dsdb/samdb/ldb_modules/linked_attributes.c
+++ b/source4/dsdb/samdb/ldb_modules/linked_attributes.c
@@ -1136,14 +1136,18 @@ static int la_do_op_request(struct ldb_module *module, struct la_context *ac, st
 
 	if (DEBUGLVL(4)) {
 		DEBUG(4,("Applying linked attribute change:\n%s\n",
-			 ldb_ldif_message_string(ldb, op, LDB_CHANGETYPE_MODIFY, new_msg)));
+			 ldb_ldif_message_redacted_string(ldb, op,
+							  LDB_CHANGETYPE_MODIFY,
+							  new_msg)));
 	}
 
 	ret = dsdb_module_modify(module, new_msg, DSDB_FLAG_NEXT_MODULE, ac->req);
 	if (ret != LDB_SUCCESS) {
 		ldb_debug(ldb, LDB_DEBUG_WARNING, __location__ ": failed to apply linked attribute change '%s'\n%s\n",
 			  ldb_errstring(ldb),
-			  ldb_ldif_message_string(ldb, op, LDB_CHANGETYPE_MODIFY, new_msg));
+			  ldb_ldif_message_redacted_string(ldb, op,
+							   LDB_CHANGETYPE_MODIFY,
+							   new_msg));
 	}
 
 	return ret;
-- 
2.11.0


From 8a26f8eef9bab215c1e52cd4fbacb987808b610c Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Wed, 6 Sep 2017 16:24:35 +1200
Subject: [PATCH 13/16] repl_meta_data: Re-work printing of replicated entries

This re-work of our LDIF printing avoids some of the privacy issue from
printing the full LDIF at level 4, while showing the entry that actually fails.

Instead, we print the DN only at level 4, then the full message at 8.

On failure, we print the redacted failing message at 5.

While all of the DRS replication data is potentially sensitive
the passwords are most sensitive, and are now not printed unencrypted.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 73 +++++++++++++++++++++----
 1 file changed, 61 insertions(+), 12 deletions(-)

diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 1859d94691f..c9fc4b14228 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -560,9 +560,39 @@ static int replmd_op_callback(struct ldb_request *req, struct ldb_reply *ares)
 	}
 
 	if (ares->error != LDB_SUCCESS) {
-		DEBUG(5,("%s failure. Error is: %s\n", __FUNCTION__, ldb_strerror(ares->error)));
-		return ldb_module_done(ac->req, controls,
-					ares->response, ares->error);
+		struct GUID_txt_buf guid_txt;
+		struct ldb_message *msg
+			= ac->objs->objects[ac->index_current].msg;
+		char *s = NULL;
+		
+		if (ac->apply_mode == false) {
+			DBG_WARNING("DRS replication apply failure. Error is: %s\n",
+				    ldb_strerror(ares->error));
+			return ldb_module_done(ac->req, controls,
+					       ares->response, ares->error);
+		}
+
+		/*
+		 * Set at DBG_NOTICE as once these start to happe, they
+		 * will happen a lot until resolved, due to repeated
+		 * replication.  The caller will probably print the
+		 * ldb error string anyway.
+		 */
+		DBG_NOTICE("DRS replication apply failure for %s. Error is: %s\n",
+			   ldb_dn_get_linearized(msg->dn),
+			   ldb_strerror(ares->error));
+		
+		s = ldb_ldif_message_redacted_string(ldb_module_get_ctx(ac->module),
+						     ac,
+						     LDB_CHANGETYPE_ADD,
+						     msg);
+		
+		DBG_INFO("Failing DRS %s replication message was %s:\n%s\n",
+			 ac->search_msg == NULL ? "ADD" : "MODIFY",
+			 GUID_buf_string(&ac->objs->objects[ac->index_current].object_guid,
+					 &guid_txt),
+			 s);
+		talloc_free(s);
 	}
 
 	if (ares->type != LDB_REPLY_DONE) {
@@ -4981,18 +5011,22 @@ static int replmd_replicated_apply_add(struct replmd_replicated_request *ar)
 		}
 	}
 
-	if (DEBUGLVL(4)) {
+	if (DEBUGLVL(8)) {
 		struct GUID_txt_buf guid_txt;
 
 		char *s = ldb_ldif_message_redacted_string(ldb, ar,
 							   LDB_CHANGETYPE_ADD,
 							   msg);
-		DEBUG(4, ("DRS replication add message of %s:\n%s\n",
+		DEBUG(8, ("DRS replication add message of %s:\n%s\n",
 			  GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid, &guid_txt),
 			  s));
 		talloc_free(s);
+	} else if (DEBUGLVL(4)) {
+		struct GUID_txt_buf guid_txt;
+		DEBUG(4, ("DRS replication add message of %s:\n%s\n",
+			  GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid, &guid_txt),
+			  ldb_dn_get_linearized(msg->dn)));
 	}
-
 	remote_isDeleted = ldb_msg_find_attr_as_bool(msg,
 						     "isDeleted", false);
 
@@ -5555,12 +5589,12 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
 		}
 	}
 
-	if (DEBUGLVL(5)) {
+	if (DEBUGLVL(8)) {
 		struct GUID_txt_buf guid_txt;
 
 		char *s = ldb_ldif_message_redacted_string(ldb, ar,
 							   LDB_CHANGETYPE_MODIFY, msg);
-		DEBUG(5, ("Initial DRS replication modify message of %s is:\n%s\n"
+		DEBUG(8, ("Initial DRS replication modify message of %s is:\n%s\n"
 			  "%s\n"
 			  "%s\n",
 			  GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid, &guid_txt),
@@ -5574,8 +5608,15 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
 						  "incoming replPropertyMetaData",
 						  rmd)));
 		talloc_free(s);
-	}
+	} else if (DEBUGLVL(4)) {
+		struct GUID_txt_buf guid_txt;
 
+		DEBUG(4, ("Initial DRS replication modify message of %s is:\n%s\n",
+			  GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid,
+					  &guid_txt),
+			  ldb_dn_get_linearized(msg->dn)));
+	}
+		
 	local_isDeleted = ldb_msg_find_attr_as_bool(ar->search_msg,
 						    "isDeleted", false);
 	remote_isDeleted = ldb_msg_find_attr_as_bool(msg,
@@ -5832,16 +5873,24 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar)
 		}
 	}
 
-	if (DEBUGLVL(4)) {
+	if (DEBUGLVL(8)) {
 		struct GUID_txt_buf guid_txt;
 
 		char *s = ldb_ldif_message_redacted_string(ldb, ar,
 							   LDB_CHANGETYPE_MODIFY,
 							   msg);
-		DEBUG(4, ("Final DRS replication modify message of %s:\n%s\n",
-			  GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid, &guid_txt),
+		DEBUG(8, ("Final DRS replication modify message of %s:\n%s\n",
+			  GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid,
+					  &guid_txt),
 			  s));
 		talloc_free(s);
+	} else if (DEBUGLVL(4)) {
+		struct GUID_txt_buf guid_txt;
+
+		DEBUG(4, ("Final DRS replication modify message of %s:\n%s\n",
+			  GUID_buf_string(&ar->objs->objects[ar->index_current].object_guid,
+					  &guid_txt),
+			  ldb_dn_get_linearized(msg->dn)));
 	}
 
 	ret = ldb_build_mod_req(&change_req,
-- 
2.11.0


From 0d0b80d7471a9e6080b7751b72179cb1d93856ba Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Wed, 6 Sep 2017 16:27:07 +1200
Subject: [PATCH 14/16] Use the rpc_parse debug class for PIDL genrated code

This means that the default print binding string qualifier will now go via this debug class
as will explicit calls to ndr_print_debug() and ndr_print_union_debug().

Calls to ndr_print_debugc() are not changed.

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 librpc/ndr/ndr.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/librpc/ndr/ndr.c b/librpc/ndr/ndr.c
index 0f55cf97887..d478eb69c01 100644
--- a/librpc/ndr/ndr.c
+++ b/librpc/ndr/ndr.c
@@ -31,6 +31,9 @@
 #include "librpc/ndr/libndr.h"
 #include "../lib/util/dlinklist.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_RPC_PARSE
+
 #define NDR_BASE_MARSHALL_SIZE 1024
 
 /* this guid indicates NDR encoding in a protocol tower */
-- 
2.11.0


From fc02a7610b02e9050ebe17233dd1fcd18103d535 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Wed, 6 Sep 2017 16:37:34 +1200
Subject: [PATCH 15/16] debug: Add new debug class "drs_repl" for DRS
 replication processing

This is used in the client and in the server

Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 lib/util/debug.c                            | 1 +
 lib/util/debug.h                            | 1 +
 source4/dsdb/repl/drepl_extended.c          | 3 +++
 source4/dsdb/repl/drepl_fsmo.c              | 3 +++
 source4/dsdb/repl/drepl_notify.c            | 3 +++
 source4/dsdb/repl/drepl_out_helpers.c       | 3 +++
 source4/dsdb/repl/drepl_out_pull.c          | 3 +++
 source4/dsdb/repl/drepl_partitions.c        | 3 +++
 source4/dsdb/repl/drepl_periodic.c          | 3 +++
 source4/dsdb/repl/drepl_replica.c           | 3 +++
 source4/dsdb/repl/drepl_ridalloc.c          | 3 +++
 source4/dsdb/repl/drepl_secret.c            | 3 +++
 source4/dsdb/repl/drepl_service.c           | 3 +++
 source4/dsdb/repl/replicated_objects.c      | 3 +++
 source4/libnet/libnet_vampire.c             | 3 +++
 source4/rpc_server/drsuapi/addentry.c       | 3 +++
 source4/rpc_server/drsuapi/dcesrv_drsuapi.c | 3 +++
 source4/rpc_server/drsuapi/drsutil.c        | 3 +++
 source4/rpc_server/drsuapi/getncchanges.c   | 3 +++
 source4/rpc_server/drsuapi/updaterefs.c     | 3 +++
 source4/rpc_server/drsuapi/writespn.c       | 3 +++
 21 files changed, 59 insertions(+)

diff --git a/lib/util/debug.c b/lib/util/debug.c
index d30b1a9fae5..8b28002501f 100644
--- a/lib/util/debug.c
+++ b/lib/util/debug.c
@@ -540,6 +540,7 @@ static const char *default_classname_table[] = {
 	[DBGC_AUTH_AUDIT] =	"auth_audit",
 	[DBGC_AUTH_AUDIT_JSON] = "auth_json_audit",
 	[DBGC_KERBEROS] =       "kerberos",
+	[DBGC_DRS_REPL] =       "drs_repl",
 };
 
 /*
diff --git a/lib/util/debug.h b/lib/util/debug.h
index 71d8ed69a42..e82553aaf71 100644
--- a/lib/util/debug.h
+++ b/lib/util/debug.h
@@ -92,6 +92,7 @@ bool dbghdr( int level, const char *location, const char *func);
 #define DBGC_AUTH_AUDIT		24
 #define DBGC_AUTH_AUDIT_JSON	25
 #define DBGC_KERBEROS           26
+#define DBGC_DRS_REPL           27
 
 /* So you can define DBGC_CLASS before including debug.h */
 #ifndef DBGC_CLASS
diff --git a/source4/dsdb/repl/drepl_extended.c b/source4/dsdb/repl/drepl_extended.c
index de53028b7a4..caed06b0922 100644
--- a/source4/dsdb/repl/drepl_extended.c
+++ b/source4/dsdb/repl/drepl_extended.c
@@ -31,6 +31,9 @@
 #include "dsdb/repl/drepl_service.h"
 #include "param/param.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 
 /*
   create the role owner source dsa structure
diff --git a/source4/dsdb/repl/drepl_fsmo.c b/source4/dsdb/repl/drepl_fsmo.c
index 7a107da6a3d..a83ac4f6c2f 100644
--- a/source4/dsdb/repl/drepl_fsmo.c
+++ b/source4/dsdb/repl/drepl_fsmo.c
@@ -31,6 +31,9 @@
 #include "dsdb/repl/drepl_service.h"
 #include "param/param.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 struct fsmo_role_state {
 	struct irpc_message *msg;
 	struct drepl_takeFSMORole *r;
diff --git a/source4/dsdb/repl/drepl_notify.c b/source4/dsdb/repl/drepl_notify.c
index 980806b89c1..f21ad7f94e0 100644
--- a/source4/dsdb/repl/drepl_notify.c
+++ b/source4/dsdb/repl/drepl_notify.c
@@ -35,6 +35,9 @@
 #include "libcli/composite/composite.h"
 #include "../lib/util/tevent_ntstatus.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 
 struct dreplsrv_op_notify_state {
 	struct tevent_context *ev;
diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c
index 66308040377..8da49ac1429 100644
--- a/source4/dsdb/repl/drepl_out_helpers.c
+++ b/source4/dsdb/repl/drepl_out_helpers.c
@@ -36,6 +36,9 @@
 #include "../lib/util/tevent_ntstatus.h"
 #include "libcli/security/security.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 struct dreplsrv_out_drsuapi_state {
 	struct tevent_context *ev;
 
diff --git a/source4/dsdb/repl/drepl_out_pull.c b/source4/dsdb/repl/drepl_out_pull.c
index 62a403c91c9..b1bf81c1c57 100644
--- a/source4/dsdb/repl/drepl_out_pull.c
+++ b/source4/dsdb/repl/drepl_out_pull.c
@@ -33,6 +33,9 @@
 #include "libcli/composite/composite.h"
 #include "libcli/security/security.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 /*
   update repsFrom/repsTo error information
  */
diff --git a/source4/dsdb/repl/drepl_partitions.c b/source4/dsdb/repl/drepl_partitions.c
index 65b4843a5f3..586da1983dc 100644
--- a/source4/dsdb/repl/drepl_partitions.c
+++ b/source4/dsdb/repl/drepl_partitions.c
@@ -34,6 +34,9 @@
 #include "param/param.h"
 #include "dsdb/common/util.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 /*
   load the partitions list based on replicated NC attributes in our
   NTDSDSA object
diff --git a/source4/dsdb/repl/drepl_periodic.c b/source4/dsdb/repl/drepl_periodic.c
index 64a53e08519..0fe4b0acc7b 100644
--- a/source4/dsdb/repl/drepl_periodic.c
+++ b/source4/dsdb/repl/drepl_periodic.c
@@ -31,6 +31,9 @@
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "librpc/gen_ndr/ndr_drsblobs.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 static void dreplsrv_periodic_run(struct dreplsrv_service *service);
 
 static void dreplsrv_periodic_handler_te(struct tevent_context *ev, struct tevent_timer *te,
diff --git a/source4/dsdb/repl/drepl_replica.c b/source4/dsdb/repl/drepl_replica.c
index 2f344a4b93a..adb0e971eba 100644
--- a/source4/dsdb/repl/drepl_replica.c
+++ b/source4/dsdb/repl/drepl_replica.c
@@ -28,6 +28,9 @@
 #include "param/param.h"
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 /*
   implement DsReplicaAdd (forwarded from DRS server)
  */
diff --git a/source4/dsdb/repl/drepl_ridalloc.c b/source4/dsdb/repl/drepl_ridalloc.c
index bd3a62b14b1..3615859ed9b 100644
--- a/source4/dsdb/repl/drepl_ridalloc.c
+++ b/source4/dsdb/repl/drepl_ridalloc.c
@@ -30,6 +30,9 @@
 #include "dsdb/repl/drepl_service.h"
 #include "param/param.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 /*
   called when a rid allocation request has completed
  */
diff --git a/source4/dsdb/repl/drepl_secret.c b/source4/dsdb/repl/drepl_secret.c
index b7f36805a59..64075194009 100644
--- a/source4/dsdb/repl/drepl_secret.c
+++ b/source4/dsdb/repl/drepl_secret.c
@@ -28,6 +28,9 @@
 #include "dsdb/repl/drepl_service.h"
 #include "param/param.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 struct repl_secret_state {
 	const char *user_dn;
 };
diff --git a/source4/dsdb/repl/drepl_service.c b/source4/dsdb/repl/drepl_service.c
index 5b283632494..0951a0f0cc0 100644
--- a/source4/dsdb/repl/drepl_service.c
+++ b/source4/dsdb/repl/drepl_service.c
@@ -35,6 +35,9 @@
 #include "param/param.h"
 #include "libds/common/roles.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 /**
  * Call-back data for _drepl_replica_sync_done_cb()
  */
diff --git a/source4/dsdb/repl/replicated_objects.c b/source4/dsdb/repl/replicated_objects.c
index dd84570ebc0..d9365ae5553 100644
--- a/source4/dsdb/repl/replicated_objects.c
+++ b/source4/dsdb/repl/replicated_objects.c
@@ -31,6 +31,9 @@
 #include "libcli/auth/libcli_auth.h"
 #include "param/param.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 static WERROR dsdb_repl_merge_working_schema(struct ldb_context *ldb,
 					     struct dsdb_schema *dest_schema,
 					     const struct dsdb_schema *ref_schema)
diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c
index aa0ec91e590..a449e1c86ef 100644
--- a/source4/libnet/libnet_vampire.c
+++ b/source4/libnet/libnet_vampire.c
@@ -42,6 +42,9 @@
 #include "libcli/security/security.h"
 #include "dsdb/common/util.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 /* 
 List of tasks vampire.py must perform:
 - Domain Join
diff --git a/source4/rpc_server/drsuapi/addentry.c b/source4/rpc_server/drsuapi/addentry.c
index 7cfb3fdf99f..ff23c525518 100644
--- a/source4/rpc_server/drsuapi/addentry.c
+++ b/source4/rpc_server/drsuapi/addentry.c
@@ -30,6 +30,9 @@
 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 /*
   add special SPNs needed for DRS replication to machine accounts when
   an AddEntry is done to create a nTDSDSA object
diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index 21de6477a74..026098dcb9f 100644
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -33,6 +33,9 @@
 #include "param/param.h"
 #include "lib/messaging/irpc.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 #define DRSUAPI_UNSUPPORTED(fname) do { \
 	DEBUG(1,(__location__ ": Unsupported DRS call %s\n", #fname)); \
 	if (DEBUGLVL(2)) NDR_PRINT_IN_DEBUG(fname, r); \
diff --git a/source4/rpc_server/drsuapi/drsutil.c b/source4/rpc_server/drsuapi/drsutil.c
index 2762a4e5cc2..53bcb16bd8e 100644
--- a/source4/rpc_server/drsuapi/drsutil.c
+++ b/source4/rpc_server/drsuapi/drsutil.c
@@ -28,6 +28,9 @@
 #include "auth/session.h"
 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 int drsuapi_search_with_extended_dn(struct ldb_context *ldb,
 				    TALLOC_CTX *mem_ctx,
 				    struct ldb_result **_res,
diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c
index afed782ed19..cc41abbc227 100644
--- a/source4/rpc_server/drsuapi/getncchanges.c
+++ b/source4/rpc_server/drsuapi/getncchanges.c
@@ -42,6 +42,9 @@
 #include "lib/dbwrap/dbwrap_rbt.h"
 #include "librpc/gen_ndr/ndr_misc.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 /* state of a partially completed getncchanges call */
 struct drsuapi_getncchanges_state {
 	struct db_context *anc_cache;
diff --git a/source4/rpc_server/drsuapi/updaterefs.c b/source4/rpc_server/drsuapi/updaterefs.c
index 9cf3556f497..c92add744ec 100644
--- a/source4/rpc_server/drsuapi/updaterefs.c
+++ b/source4/rpc_server/drsuapi/updaterefs.c
@@ -30,6 +30,9 @@
 #include "librpc/gen_ndr/ndr_irpc_c.h"
 #include "lib/messaging/irpc.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 struct repsTo {
 	uint32_t count;
 	struct repsFromToBlob *r;
diff --git a/source4/rpc_server/drsuapi/writespn.c b/source4/rpc_server/drsuapi/writespn.c
index b3903d315b4..991efccae38 100644
--- a/source4/rpc_server/drsuapi/writespn.c
+++ b/source4/rpc_server/drsuapi/writespn.c
@@ -32,6 +32,9 @@
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "auth/session.h"
 
+#undef DBGC_CLASS
+#define DBGC_CLASS            DBGC_DRS_REPL
+
 /*
   check that the SPN update should be allowed as an override
   via sam_ctx_system
-- 
2.11.0


From 3e0313d3b6f1a8f0322fcd11da31a1f47c6ce151 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Wed, 6 Sep 2017 16:40:05 +1200
Subject: [PATCH 16/16] drs repl: Only print raw DRS replication traffic at
 level 9

This can be sensitive even with the passwords still encrypted.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13017
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
 python/samba/drs_utils.py   | 2 +-
 python/samba/join.py        | 4 ++--
 python/samba/netcmd/rodc.py | 6 +++++-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/python/samba/drs_utils.py b/python/samba/drs_utils.py
index bed88178b74..ded072ca4f6 100644
--- a/python/samba/drs_utils.py
+++ b/python/samba/drs_utils.py
@@ -48,7 +48,7 @@ def drsuapi_connect(server, lp, creds):
     """
 
     binding_options = "seal"
-    if lp.log_level() >= 5:
+    if lp.log_level() >= 9:
         binding_options += ",print"
     binding_string = "ncacn_ip_tcp:%s[%s]" % (server, binding_options)
     try:
diff --git a/python/samba/join.py b/python/samba/join.py
index fa87f0bb32f..3aefb7baa97 100644
--- a/python/samba/join.py
+++ b/python/samba/join.py
@@ -437,7 +437,7 @@ class dc_join(object):
     def drsuapi_connect(ctx):
         '''make a DRSUAPI connection to the naming master'''
         binding_options = "seal"
-        if ctx.lp.log_level() >= 4:
+        if ctx.lp.log_level() >= 9:
             binding_options += ",print"
         binding_string = "ncacn_ip_tcp:%s[%s]" % (ctx.server, binding_options)
         ctx.drsuapi = drsuapi.drsuapi(binding_string, ctx.lp, ctx.creds)
@@ -910,7 +910,7 @@ class dc_join(object):
                 repl_creds = ctx.creds
 
             binding_options = "seal"
-            if ctx.lp.log_level() >= 5:
+            if ctx.lp.log_level() >= 9:
                 binding_options += ",print"
             repl = drs_utils.drs_Replicate(
                 "ncacn_ip_tcp:%s[%s]" % (ctx.server, binding_options),
diff --git a/python/samba/netcmd/rodc.py b/python/samba/netcmd/rodc.py
index e7fbcdc57b0..41a7a85b712 100644
--- a/python/samba/netcmd/rodc.py
+++ b/python/samba/netcmd/rodc.py
@@ -111,7 +111,11 @@ class cmd_rodc_preload(Command):
 
         destination_dsa_guid = misc.GUID(local_samdb.get_ntds_GUID())
 
-        repl = drs_Replicate("ncacn_ip_tcp:%s[seal,print]" % server, lp, creds,
+        binding_options = "seal"
+        if lp.log_level() >= 9:
+            binding_options += ",print"
+        repl = drs_Replicate("ncacn_ip_tcp:%s[%s]" % (server, binding_options),
+                             lp, creds,
                              local_samdb, destination_dsa_guid)
 
         errors = []
-- 
2.11.0



More information about the samba-technical mailing list