[Samba] :Domain Join Fail with this error "NT_STATUS_CANT_ACCESS_DOMAIN_INFO" - (samba-4.15.4)
Caglar Ulkuderner
caglar at ulkuderner.net
Sun Mar 27 18:14:29 UTC 2022
Hi,
We found the commit which is caused this issue. Here is revert patch. Can
you please check with this revert-patch set again.
Caglar Ulkuderner
diff --git a/lib/ldb/common/attrib_handlers.c b/lib/ldb/common/attrib_handlers.c
index febf2f414ca09e1ba0e815d9f34a94d86250b79a..9e5fa4d3d56cf5318ca7303f602f88ae13462e6b
100644
--- a/lib/ldb/common/attrib_handlers.c
+++ b/lib/ldb/common/attrib_handlers.c
@@ -54,8 +54,8 @@ int ldb_handler_copy(struct ldb_context *ldb, void *mem_ctx,
int ldb_handler_fold(struct ldb_context *ldb, void *mem_ctx,
const struct ldb_val *in, struct ldb_val *out)
{
- char *s, *t, *start;
- bool in_space;
+ char *s, *t;
+ size_t l;
if (!in || !out || !(in->data)) {
return -1;
@@ -67,33 +67,36 @@ int ldb_handler_fold(struct ldb_context *ldb, void *mem_ctx,
return -1;
}
- start = (char *)(out->data);
- in_space = true;
- t = start;
- for (s = start; *s != '\0'; s++) {
- if (*s == ' ') {
- if (in_space) {
- /*
- * We already have one (or this is the start)
- * and we don't want to add more
- */
- continue;
- }
- in_space = true;
- } else {
- in_space = false;
- }
- *t = *s;
- t++;
+ s = (char *)(out->data);
+
+ /* remove trailing spaces if any */
+ l = strlen(s);
+ while (l > 0 && s[l - 1] == ' ') l--;
+ s[l] = '\0';
+
+ /* remove leading spaces if any */
+ if (*s == ' ') {
+ for (t = s; *s == ' '; s++, l--) ;
+
+ /* remove leading spaces by moving down the string */
+ memmove(t, s, l);
+
+ s = t;
}
- if (in_space && t != start) {
- /* the loop will have left a single trailing space */
- t--;
+ /* check middle spaces */
+ while ((t = strchr(s, ' ')) != NULL) {
+ for (s = t; *s == ' '; s++) ;
+
+ if ((s - t) > 1) {
+ l = strlen(s);
+
+ /* remove all spaces but one by moving down the string */
+ memmove(t + 1, s, l);
+ }
}
- *t = '\0';
- out->length = t - start;
+ out->length = strlen((char *)out->data);
return 0;
}
diff --git a/lib/ldb/tests/ldb_match_test.c b/lib/ldb/tests/ldb_match_test.c
index 1bb56d072d916eb84e2f9dfd4307f3b3da903819..ba6ea56be158bc39296e7f66fdc929add5120a4a
100644
--- a/lib/ldb/tests/ldb_match_test.c
+++ b/lib/ldb/tests/ldb_match_test.c
@@ -183,8 +183,6 @@ static void test_wildcard_match(void **state)
struct wildcard_test tests[] = {
TEST_ENTRY(" 1 0", "1*0*", true, true),
TEST_ENTRY(" 1 0", "1 *0", true, true),
- TEST_ENTRY(" 1 0", "*1 0", true, true),
- TEST_ENTRY("1 0", "*1 0", true, true),
TEST_ENTRY("The value.......end", "*end", true, true),
TEST_ENTRY("The value.......end", "*fend", false, true),
TEST_ENTRY("The value.......end", "*eel", false, true),
On 24 Mar 2022 Thu at 21:38 Caglar Ulkuderner <caglar at ulkuderner.net> wrote:
> Hi Rowland,
>
> I faced with similar situation. It appeared after 4.14.10. Most probably
> one of the fix of CVE caused this issue. Other than schema records of
> course..
>
> Caglar
>
> On 17 Mar 2022 Thu at 15:30 Rowland Penny via samba <samba at lists.samba.org>
> wrote:
>
>> On Thu, 2022-03-17 at 17:45 +0530, EXZA Support wrote:
>> > Hi,
>> > Thank you for your reply,
>> >
>> > I used samba internal DNS. How do I update the DNS? and How do I fix
>> > this issue?
>>
>> It isn't the dns that needs updating, it the AD dns schema that needs
>> updating. Before W2k3R2, AD used a different dns schema and when an
>> early Windows Domain was upgraded the dns should also have been
>> upgraded, but a lot were not and Windows was happy with this. However,
>> Samba AD insists on the later dns schema. Follow the info that Louis
>> posted.
>>
>> Rowland
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
More information about the samba
mailing list