mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
Merge branch 'master' of ssh://git.samba.org/data/git/samba
This commit is contained in:
Jelmer Vernooij
commit
1101d7aa57
@ -320,7 +320,10 @@ xslt/man.xsl:
|
||||
xslt/pearson.xsl:
|
||||
|
||||
distclean clobber:: clean
|
||||
rm Makefile.settings config.status config.log configure
|
||||
rm -f Makefile.settings config.status config.log
|
||||
|
||||
realdistclean:: distclean
|
||||
rm -f configure
|
||||
rm -rf autom4te.cache
|
||||
|
||||
|
||||
|
||||
@ -25,4 +25,7 @@ cd ../docs || exit 1
|
||||
mv manpages-3 manpages
|
||||
mv htmldocs/manpages-3 htmldocs/manpages
|
||||
|
||||
cd ../docs-xml || exit 1
|
||||
make distclean
|
||||
|
||||
exit
|
||||
|
||||
@ -183,6 +183,10 @@ function main
|
||||
if [ -n "$vendor_version" ]; then
|
||||
version="$version-$vendor_version"
|
||||
fi
|
||||
vendor_patch=`grep "define SAMBA_VERSION_VENDOR_PATCH" $VER_H | awk '{print $3}'`
|
||||
if [ -n "$vendor_patch" ]; then
|
||||
version="$version-$vendor_patch"
|
||||
fi
|
||||
version=`echo $version | sed 's/\"//g'`
|
||||
|
||||
echo "Creating release tarball for Samba $version"
|
||||
|
||||
@ -13,7 +13,7 @@ selftest - Samba test runner
|
||||
|
||||
selftest --help
|
||||
|
||||
selftest [--srcdir=DIR] [--builddir=DIR] [--target=samba4|samba3|win|kvm] [--socket-wrapper] [--quick] [--exclude=FILE] [--include=FILE] [--one] [--prefix=prefix] [--immediate] [--testlist=FILE] [TESTS]
|
||||
selftest [--srcdir=DIR] [--builddir=DIR] [--exeext=EXT][--target=samba4|samba3|win|kvm] [--socket-wrapper] [--quick] [--exclude=FILE] [--include=FILE] [--one] [--prefix=prefix] [--immediate] [--testlist=FILE] [TESTS]
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
@ -35,6 +35,10 @@ Source directory.
|
||||
|
||||
Build directory.
|
||||
|
||||
=item I<--exeext=EXT>
|
||||
|
||||
Executable extention
|
||||
|
||||
=item I<--prefix=DIR>
|
||||
|
||||
Change directory to run tests in. Default is 'st'.
|
||||
@ -156,6 +160,7 @@ my @testlists = ();
|
||||
|
||||
my $srcdir = ".";
|
||||
my $builddir = ".";
|
||||
my $exeext = "";
|
||||
my $prefix = "./st";
|
||||
|
||||
my @expected_failures = ();
|
||||
@ -294,6 +299,7 @@ Paths:
|
||||
--prefix=DIR prefix to run tests in [st]
|
||||
--srcdir=DIR source directory [.]
|
||||
--builddir=DIR output directory [.]
|
||||
--exeext=EXT executable extention []
|
||||
|
||||
Target Specific:
|
||||
--socket-wrapper-pcap save traffic to pcap directories
|
||||
@ -334,6 +340,7 @@ my $result = GetOptions (
|
||||
'include=s' => \@opt_include,
|
||||
'srcdir=s' => \$srcdir,
|
||||
'builddir=s' => \$builddir,
|
||||
'exeext=s' => \$exeext,
|
||||
'verbose' => \$opt_verbose,
|
||||
'testenv' => \$opt_testenv,
|
||||
'ldap:s' => \$ldap,
|
||||
@ -443,9 +450,10 @@ my $testenv_default = "none";
|
||||
if ($opt_target eq "samba4") {
|
||||
$testenv_default = "member";
|
||||
require target::Samba4;
|
||||
$target = new Samba4($opt_bindir or "$srcdir/bin", $ldap, "$srcdir/setup");
|
||||
$target = new Samba4($opt_bindir or "$builddir/bin",
|
||||
$ldap, "$srcdir/setup", $exeext);
|
||||
} elsif ($opt_target eq "samba3") {
|
||||
my $bindir = ($opt_bindir or "$srcdir/bin");
|
||||
my $bindir = ($opt_bindir or "$builddir/bin");
|
||||
if ($opt_socket_wrapper and `$bindir/smbd -b | grep SOCKET_WRAPPER` eq "") {
|
||||
die("You must include --enable-socket-wrapper when compiling Samba in order to execute 'make test'. Exiting....");
|
||||
}
|
||||
|
||||
@ -10,18 +10,26 @@ use Cwd qw(abs_path);
|
||||
use FindBin qw($RealBin);
|
||||
use POSIX;
|
||||
|
||||
sub new($$$$) {
|
||||
my ($classname, $bindir, $ldap, $setupdir) = @_;
|
||||
sub new($$$$$) {
|
||||
my ($classname, $bindir, $ldap, $setupdir, $exeext) = @_;
|
||||
$exeext = "" unless defined($exeext);
|
||||
my $self = {
|
||||
vars => {},
|
||||
ldap => $ldap,
|
||||
bindir => $bindir,
|
||||
setupdir => $setupdir
|
||||
setupdir => $setupdir,
|
||||
exeext => $exeext
|
||||
};
|
||||
bless $self;
|
||||
return $self;
|
||||
}
|
||||
|
||||
sub bindir_path($$) {
|
||||
my ($self, $path) = @_;
|
||||
|
||||
return "$self->{bindir}/$path$self->{exeext}";
|
||||
}
|
||||
|
||||
sub openldap_start($$$) {
|
||||
my ($slapd_conf, $uri, $logs) = @_;
|
||||
my $oldpath = $ENV{PATH};
|
||||
@ -50,7 +58,8 @@ sub slapd_start($$)
|
||||
} elsif ($self->{ldap} eq "openldap") {
|
||||
openldap_start($env_vars->{SLAPD_CONF}, $uri, "$env_vars->{LDAPDIR}/logs");
|
||||
}
|
||||
while (system("$self->{bindir}/ldbsearch -H $uri -s base -b \"\" supportedLDAPVersion > /dev/null") != 0) {
|
||||
my $ldbsearch = $self->bindir_path("ldbsearch");
|
||||
while (system("$ldbsearch -H $uri -s base -b \"\" supportedLDAPVersion > /dev/null") != 0) {
|
||||
$count++;
|
||||
if ($count > 40) {
|
||||
$self->slapd_stop($env_vars);
|
||||
@ -116,20 +125,21 @@ sub check_or_start($$$)
|
||||
if (defined($ENV{SMBD_OPTIONS})) {
|
||||
$optarg.= " $ENV{SMBD_OPTIONS}";
|
||||
}
|
||||
my $ret = system("$valgrind $self->{bindir}/samba $optarg $env_vars->{CONFIGURATION} -M single -i --leak-report-full");
|
||||
my $samba = $self->bindir_path("samba");
|
||||
my $ret = system("$valgrind $samba $optarg $env_vars->{CONFIGURATION} -M single -i --leak-report-full");
|
||||
if ($? == -1) {
|
||||
print "Unable to start samba: $ret: $!\n";
|
||||
print "Unable to start $samba: $ret: $!\n";
|
||||
exit 1;
|
||||
}
|
||||
unlink($env_vars->{SMBD_TEST_FIFO});
|
||||
my $exit = $? >> 8;
|
||||
if ( $ret == 0 ) {
|
||||
print "samba exits with status $exit\n";
|
||||
print "$samba exits with status $exit\n";
|
||||
} elsif ( $ret & 127 ) {
|
||||
print "samba got signal ".($ret & 127)." and exits with $exit!\n";
|
||||
print "$samba got signal ".($ret & 127)." and exits with $exit!\n";
|
||||
} else {
|
||||
$ret = $? >> 8;
|
||||
print "samba failed with status $exit!\n";
|
||||
print "$samba failed with status $exit!\n";
|
||||
}
|
||||
exit $exit;
|
||||
}
|
||||
@ -169,7 +179,8 @@ sub write_ldb_file($$$)
|
||||
{
|
||||
my ($self, $file, $ldif) = @_;
|
||||
|
||||
open(LDIF, "|$self->{bindir}/ldbadd -H $file >/dev/null");
|
||||
my $ldbadd = $self->bindir_path("ldbadd");
|
||||
open(LDIF, "|$ldbadd -H $file >/dev/null");
|
||||
print LDIF $ldif;
|
||||
return close(LDIF);
|
||||
}
|
||||
@ -690,12 +701,13 @@ nogroup:x:65534:nobody
|
||||
close(GRP);
|
||||
|
||||
#Ensure the config file is valid before we start
|
||||
if (system("$self->{bindir}/testparm $configuration -v --suppress-prompt >/dev/null 2>&1") != 0) {
|
||||
system("$self->{bindir}/testparm -v --suppress-prompt $configuration >&2");
|
||||
die("Failed to create a valid smb.conf configuration!");
|
||||
my $testparm = $self->bindir_path("testparm");
|
||||
if (system("$testparm $configuration -v --suppress-prompt >/dev/null 2>&1") != 0) {
|
||||
system("$testparm -v --suppress-prompt $configuration >&2");
|
||||
die("Failed to create a valid smb.conf configuration $testparm!");
|
||||
}
|
||||
|
||||
(system("($self->{bindir}/testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global 2> /dev/null | grep -i \"^$netbiosname\" ) >/dev/null 2>&1") == 0) or die("Failed to create a valid smb.conf configuration! $self->{bindir}/testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global");
|
||||
(system("($testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global 2> /dev/null | grep -i \"^$netbiosname\" ) >/dev/null 2>&1") == 0) or die("Failed to create a valid smb.conf configuration! $self->{bindir}/testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global");
|
||||
|
||||
my @provision_options = ();
|
||||
push (@provision_options, "NSS_WRAPPER_PASSWD=\"$nsswrap_passwd\"");
|
||||
@ -792,10 +804,11 @@ sub provision_member($$$)
|
||||
|
||||
$ret or die("Unable to provision");
|
||||
|
||||
my $net = $self->bindir_path("net");
|
||||
my $cmd = "";
|
||||
$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
|
||||
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
|
||||
$cmd .= "$self->{bindir}/net join $ret->{CONFIGURATION} $dcvars->{DOMAIN} member";
|
||||
$cmd .= "$net join $ret->{CONFIGURATION} $dcvars->{DOMAIN} member";
|
||||
$cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}";
|
||||
|
||||
system($cmd) == 0 or die("Join failed\n$cmd");
|
||||
|
||||
@ -573,7 +573,7 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info,
|
||||
}
|
||||
|
||||
result->sam_account = sampass;
|
||||
/* Ensure thaat the sampass will be freed with the result */
|
||||
/* Ensure that the sampass will be freed with the result */
|
||||
talloc_steal(result, sampass);
|
||||
result->unix_name = pwd->pw_name;
|
||||
/* Ensure that we keep pwd->pw_name, because we will free pwd below */
|
||||
|
||||
@ -170,8 +170,11 @@ everything:: $(patsubst %,%4,$(BINARIES))
|
||||
setup:
|
||||
@ln -sf ../source4/setup setup
|
||||
|
||||
SELFTEST4 = $(LD_LIBPATH_OVERRIDE) $(PERL) $(selftestdir)/selftest.pl --prefix=st4 \
|
||||
LD_LIBPATH_OVERRIDE = $(LIB_PATH_VAR)="$(builddir)/bin/shared"
|
||||
|
||||
SELFTEST4 = $(LD_LIBPATH_OVERRIDE) EXEEXT="4" $(PERL) $(selftestdir)/selftest.pl --prefix=st4 \
|
||||
--builddir=$(builddir) --srcdir=$(samba4srcdir) \
|
||||
--exeext=4 \
|
||||
--expected-failures=$(samba4srcdir)/selftest/knownfail \
|
||||
--format=$(SELFTEST_FORMAT) \
|
||||
--exclude=$(samba4srcdir)/selftest/skip --testlist="$(samba4srcdir)/selftest/tests.sh|" \
|
||||
|
||||
@ -147,3 +147,142 @@ NTSTATUS auth_convert_server_info_saminfo3(TALLOC_CTX *mem_ctx,
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
/**
|
||||
* Make a server_info struct from the info3 returned by a domain logon
|
||||
*/
|
||||
NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx,
|
||||
const char *account_name,
|
||||
uint16_t validation_level,
|
||||
union netr_Validation *validation,
|
||||
struct auth_serversupplied_info **_server_info)
|
||||
{
|
||||
struct auth_serversupplied_info *server_info;
|
||||
struct netr_SamBaseInfo *base = NULL;
|
||||
int i;
|
||||
|
||||
switch (validation_level) {
|
||||
case 2:
|
||||
if (!validation || !validation->sam2) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
base = &validation->sam2->base;
|
||||
break;
|
||||
case 3:
|
||||
if (!validation || !validation->sam3) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
base = &validation->sam3->base;
|
||||
break;
|
||||
case 6:
|
||||
if (!validation || !validation->sam6) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
base = &validation->sam6->base;
|
||||
break;
|
||||
default:
|
||||
return NT_STATUS_INVALID_LEVEL;
|
||||
}
|
||||
|
||||
server_info = talloc(mem_ctx, struct auth_serversupplied_info);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info);
|
||||
|
||||
/*
|
||||
Here is where we should check the list of
|
||||
trusted domains, and verify that the SID
|
||||
matches.
|
||||
*/
|
||||
server_info->account_sid = dom_sid_add_rid(server_info, base->domain_sid, base->rid);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
|
||||
|
||||
|
||||
server_info->primary_group_sid = dom_sid_add_rid(server_info, base->domain_sid, base->primary_gid);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
|
||||
|
||||
server_info->n_domain_groups = base->groups.count;
|
||||
if (base->groups.count) {
|
||||
server_info->domain_groups = talloc_array(server_info, struct dom_sid*, base->groups.count);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->domain_groups);
|
||||
} else {
|
||||
server_info->domain_groups = NULL;
|
||||
}
|
||||
|
||||
for (i = 0; i < base->groups.count; i++) {
|
||||
server_info->domain_groups[i] = dom_sid_add_rid(server_info, base->domain_sid, base->groups.rids[i].rid);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->domain_groups[i]);
|
||||
}
|
||||
|
||||
/* Copy 'other' sids. We need to do sid filtering here to
|
||||
prevent possible elevation of privileges. See:
|
||||
|
||||
http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
|
||||
*/
|
||||
|
||||
if (validation_level == 3) {
|
||||
struct dom_sid **dgrps = server_info->domain_groups;
|
||||
size_t sidcount = server_info->n_domain_groups + validation->sam3->sidcount;
|
||||
size_t n_dgrps = server_info->n_domain_groups;
|
||||
|
||||
if (validation->sam3->sidcount > 0) {
|
||||
dgrps = talloc_realloc(server_info, dgrps, struct dom_sid*, sidcount);
|
||||
NT_STATUS_HAVE_NO_MEMORY(dgrps);
|
||||
|
||||
for (i = 0; i < validation->sam3->sidcount; i++) {
|
||||
dgrps[n_dgrps + i] = talloc_reference(dgrps, validation->sam3->sids[i].sid);
|
||||
}
|
||||
}
|
||||
|
||||
server_info->n_domain_groups = sidcount;
|
||||
server_info->domain_groups = dgrps;
|
||||
|
||||
/* Where are the 'global' sids?... */
|
||||
}
|
||||
|
||||
if (base->account_name.string) {
|
||||
server_info->account_name = talloc_reference(server_info, base->account_name.string);
|
||||
} else {
|
||||
server_info->account_name = talloc_strdup(server_info, account_name);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
|
||||
}
|
||||
|
||||
server_info->domain_name = talloc_reference(server_info, base->domain.string);
|
||||
server_info->full_name = talloc_reference(server_info, base->full_name.string);
|
||||
server_info->logon_script = talloc_reference(server_info, base->logon_script.string);
|
||||
server_info->profile_path = talloc_reference(server_info, base->profile_path.string);
|
||||
server_info->home_directory = talloc_reference(server_info, base->home_directory.string);
|
||||
server_info->home_drive = talloc_reference(server_info, base->home_drive.string);
|
||||
server_info->logon_server = talloc_reference(server_info, base->logon_server.string);
|
||||
server_info->last_logon = base->last_logon;
|
||||
server_info->last_logoff = base->last_logoff;
|
||||
server_info->acct_expiry = base->acct_expiry;
|
||||
server_info->last_password_change = base->last_password_change;
|
||||
server_info->allow_password_change = base->allow_password_change;
|
||||
server_info->force_password_change = base->force_password_change;
|
||||
server_info->logon_count = base->logon_count;
|
||||
server_info->bad_password_count = base->bad_password_count;
|
||||
server_info->acct_flags = base->acct_flags;
|
||||
|
||||
server_info->authenticated = true;
|
||||
|
||||
/* ensure we are never given NULL session keys */
|
||||
|
||||
if (all_zero(base->key.key, sizeof(base->key.key))) {
|
||||
server_info->user_session_key = data_blob(NULL, 0);
|
||||
} else {
|
||||
server_info->user_session_key = data_blob_talloc(server_info, base->key.key, sizeof(base->key.key));
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
|
||||
}
|
||||
|
||||
if (all_zero(base->LMSessKey.key, sizeof(base->LMSessKey.key))) {
|
||||
server_info->lm_session_key = data_blob(NULL, 0);
|
||||
} else {
|
||||
server_info->lm_session_key = data_blob_talloc(server_info, base->LMSessKey.key, sizeof(base->LMSessKey.key));
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
|
||||
}
|
||||
|
||||
ZERO_STRUCT(server_info->pac_srv_sig);
|
||||
ZERO_STRUCT(server_info->pac_kdc_sig);
|
||||
|
||||
*_server_info = server_info;
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
|
||||
@ -30,7 +30,6 @@
|
||||
#include "auth/auth.h"
|
||||
#include "lib/ldb/include/ldb.h"
|
||||
#include "auth/auth_sam.h"
|
||||
#include "system/network.h"
|
||||
#include "lib/socket/socket.h"
|
||||
#include "librpc/rpc/dcerpc.h"
|
||||
#include "auth/credentials/credentials.h"
|
||||
@ -39,6 +38,7 @@
|
||||
#include "auth/gensec/gensec_proto.h"
|
||||
#include "param/param.h"
|
||||
#include "auth/session_proto.h"
|
||||
#include "auth/auth_sam_reply.h"
|
||||
|
||||
enum GENSEC_KRB5_STATE {
|
||||
GENSEC_KRB5_SERVER_START,
|
||||
|
||||
@ -24,7 +24,7 @@
|
||||
#include "includes.h"
|
||||
#include "auth/auth.h"
|
||||
#include "auth/ntlm/auth_proto.h"
|
||||
#include "auth/session_proto.h"
|
||||
#include "auth/auth_sam_reply.h"
|
||||
#include "nsswitch/winbind_client.h"
|
||||
#include "librpc/gen_ndr/ndr_netlogon.h"
|
||||
#include "librpc/gen_ndr/ndr_winbind.h"
|
||||
|
||||
@ -201,143 +201,3 @@ void auth_session_info_debug(int dbg_lev,
|
||||
security_token_debug(dbg_lev, session_info->security_token);
|
||||
}
|
||||
|
||||
/**
|
||||
* Make a server_info struct from the info3 returned by a domain logon
|
||||
*/
|
||||
_PUBLIC_ NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx,
|
||||
const char *account_name,
|
||||
uint16_t validation_level,
|
||||
union netr_Validation *validation,
|
||||
struct auth_serversupplied_info **_server_info)
|
||||
{
|
||||
struct auth_serversupplied_info *server_info;
|
||||
struct netr_SamBaseInfo *base = NULL;
|
||||
int i;
|
||||
|
||||
switch (validation_level) {
|
||||
case 2:
|
||||
if (!validation || !validation->sam2) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
base = &validation->sam2->base;
|
||||
break;
|
||||
case 3:
|
||||
if (!validation || !validation->sam3) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
base = &validation->sam3->base;
|
||||
break;
|
||||
case 6:
|
||||
if (!validation || !validation->sam6) {
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
base = &validation->sam6->base;
|
||||
break;
|
||||
default:
|
||||
return NT_STATUS_INVALID_LEVEL;
|
||||
}
|
||||
|
||||
server_info = talloc(mem_ctx, struct auth_serversupplied_info);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info);
|
||||
|
||||
/*
|
||||
Here is where we should check the list of
|
||||
trusted domains, and verify that the SID
|
||||
matches.
|
||||
*/
|
||||
server_info->account_sid = dom_sid_add_rid(server_info, base->domain_sid, base->rid);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
|
||||
|
||||
|
||||
server_info->primary_group_sid = dom_sid_add_rid(server_info, base->domain_sid, base->primary_gid);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
|
||||
|
||||
server_info->n_domain_groups = base->groups.count;
|
||||
if (base->groups.count) {
|
||||
server_info->domain_groups = talloc_array(server_info, struct dom_sid*, base->groups.count);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->domain_groups);
|
||||
} else {
|
||||
server_info->domain_groups = NULL;
|
||||
}
|
||||
|
||||
for (i = 0; i < base->groups.count; i++) {
|
||||
server_info->domain_groups[i] = dom_sid_add_rid(server_info, base->domain_sid, base->groups.rids[i].rid);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->domain_groups[i]);
|
||||
}
|
||||
|
||||
/* Copy 'other' sids. We need to do sid filtering here to
|
||||
prevent possible elevation of privileges. See:
|
||||
|
||||
http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
|
||||
*/
|
||||
|
||||
if (validation_level == 3) {
|
||||
struct dom_sid **dgrps = server_info->domain_groups;
|
||||
size_t sidcount = server_info->n_domain_groups + validation->sam3->sidcount;
|
||||
size_t n_dgrps = server_info->n_domain_groups;
|
||||
|
||||
if (validation->sam3->sidcount > 0) {
|
||||
dgrps = talloc_realloc(server_info, dgrps, struct dom_sid*, sidcount);
|
||||
NT_STATUS_HAVE_NO_MEMORY(dgrps);
|
||||
|
||||
for (i = 0; i < validation->sam3->sidcount; i++) {
|
||||
dgrps[n_dgrps + i] = talloc_reference(dgrps, validation->sam3->sids[i].sid);
|
||||
}
|
||||
}
|
||||
|
||||
server_info->n_domain_groups = sidcount;
|
||||
server_info->domain_groups = dgrps;
|
||||
|
||||
/* Where are the 'global' sids?... */
|
||||
}
|
||||
|
||||
if (base->account_name.string) {
|
||||
server_info->account_name = talloc_reference(server_info, base->account_name.string);
|
||||
} else {
|
||||
server_info->account_name = talloc_strdup(server_info, account_name);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
|
||||
}
|
||||
|
||||
server_info->domain_name = talloc_reference(server_info, base->domain.string);
|
||||
server_info->full_name = talloc_reference(server_info, base->full_name.string);
|
||||
server_info->logon_script = talloc_reference(server_info, base->logon_script.string);
|
||||
server_info->profile_path = talloc_reference(server_info, base->profile_path.string);
|
||||
server_info->home_directory = talloc_reference(server_info, base->home_directory.string);
|
||||
server_info->home_drive = talloc_reference(server_info, base->home_drive.string);
|
||||
server_info->logon_server = talloc_reference(server_info, base->logon_server.string);
|
||||
server_info->last_logon = base->last_logon;
|
||||
server_info->last_logoff = base->last_logoff;
|
||||
server_info->acct_expiry = base->acct_expiry;
|
||||
server_info->last_password_change = base->last_password_change;
|
||||
server_info->allow_password_change = base->allow_password_change;
|
||||
server_info->force_password_change = base->force_password_change;
|
||||
server_info->logon_count = base->logon_count;
|
||||
server_info->bad_password_count = base->bad_password_count;
|
||||
server_info->acct_flags = base->acct_flags;
|
||||
|
||||
server_info->authenticated = true;
|
||||
|
||||
/* ensure we are never given NULL session keys */
|
||||
|
||||
if (all_zero(base->key.key, sizeof(base->key.key))) {
|
||||
server_info->user_session_key = data_blob(NULL, 0);
|
||||
} else {
|
||||
server_info->user_session_key = data_blob_talloc(server_info, base->key.key, sizeof(base->key.key));
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
|
||||
}
|
||||
|
||||
if (all_zero(base->LMSessKey.key, sizeof(base->LMSessKey.key))) {
|
||||
server_info->lm_session_key = data_blob(NULL, 0);
|
||||
} else {
|
||||
server_info->lm_session_key = data_blob_talloc(server_info, base->LMSessKey.key, sizeof(base->LMSessKey.key));
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
|
||||
}
|
||||
|
||||
ZERO_STRUCT(server_info->pac_srv_sig);
|
||||
ZERO_STRUCT(server_info->pac_kdc_sig);
|
||||
|
||||
*_server_info = server_info;
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -53,11 +53,6 @@ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
|
||||
struct auth_serversupplied_info *server_info,
|
||||
struct auth_session_info **_session_info) ;
|
||||
|
||||
NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx,
|
||||
const char *account_name,
|
||||
uint16_t validation_level,
|
||||
union netr_Validation *validation,
|
||||
struct auth_serversupplied_info **_server_info);
|
||||
NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
|
||||
struct tevent_context *ev_ctx,
|
||||
struct loadparm_context *lp_ctx,
|
||||
|
||||
@ -17,7 +17,7 @@ python_uuid_OBJ_FILES = $(pyscriptsrcdir)/uuidmodule.o
|
||||
|
||||
[PYTHON::python_glue]
|
||||
LIBRARY_REALNAME = samba/glue.$(SHLIBEXT)
|
||||
PRIVATE_DEPENDENCIES = LIBNDR LIBLDB SAMDB CREDENTIALS swig_ldb python_dcerpc_misc python_dcerpc_security swig_auth
|
||||
PRIVATE_DEPENDENCIES = LIBNDR LIBLDB SAMDB CREDENTIALS pyldb python_dcerpc_misc python_dcerpc_security swig_auth
|
||||
|
||||
python_glue_OBJ_FILES = $(pyscriptsrcdir)/pyglue.o
|
||||
|
||||
|
||||
@ -54,10 +54,10 @@ plansmbtorturetest() {
|
||||
plantest "$modname" "$env" $cmdline
|
||||
}
|
||||
|
||||
bin/smbtorture -V
|
||||
|
||||
samba4srcdir=.
|
||||
samba4bindir=$samba4srcdir/bin
|
||||
smb4torture="$samba4bindir/smbtorture${EXEEXT}"
|
||||
$smb4torture -V
|
||||
|
||||
prefix_abs="$SELFTEST_PREFIX/s4client"
|
||||
|
||||
@ -76,7 +76,7 @@ TORTURE_OPTIONS="$TORTURE_OPTIONS --format=subunit"
|
||||
if [ -n "$SELFTEST_QUICK" ]; then
|
||||
TORTURE_OPTIONS="$TORTURE_OPTIONS --option=torture:quick=yes"
|
||||
fi
|
||||
smb4torture="$samba4bindir/smbtorture $TORTURE_OPTIONS"
|
||||
smb4torture="$smb4torture $TORTURE_OPTIONS"
|
||||
|
||||
echo "OPTIONS $TORTURE_OPTIONS"
|
||||
|
||||
@ -264,9 +264,10 @@ for t in `$smb4torture --list | grep "^LOCAL-" | xargs`; do
|
||||
plansmbtorturetest "$t" none ncalrpc: "$*"
|
||||
done
|
||||
|
||||
if test -f $samba4bindir/tdbtorture
|
||||
tdbtorture4="$samba4bindir/tdbtorture${EXEEXT}"
|
||||
if test -f $tdbtorture4
|
||||
then
|
||||
plantest "tdb.stress" none $VALGRIND $samba4bindir/tdbtorture
|
||||
plantest "tdb.stress" none $VALGRIND $tdbtorture4
|
||||
fi
|
||||
|
||||
# Pidl tests
|
||||
@ -379,9 +380,10 @@ for env in dc member; do
|
||||
done
|
||||
done
|
||||
|
||||
if test -f $samba4bindir/nsstest
|
||||
nsstest4="$samba4bindir/nsstest${EXEEXT}"
|
||||
if test -f $nsstest4
|
||||
then
|
||||
plantest "nss.test using winbind" member $VALGRIND $samba4bindir/nsstest $samba4bindir/shared/libnss_winbind.so
|
||||
plantest "nss.test using winbind" member $VALGRIND $nsstest4 $samba4bindir/shared/libnss_winbind.so
|
||||
fi
|
||||
|
||||
PYTHON=/usr/bin/python
|
||||
|
||||
@ -25,6 +25,7 @@
|
||||
#include "smbd/service.h"
|
||||
#include "param/param.h"
|
||||
#include "auth/session.h"
|
||||
#include "auth/auth_sam_reply.h"
|
||||
#include "lib/stream/packet.h"
|
||||
#include "librpc/gen_ndr/ndr_named_pipe_auth.h"
|
||||
#include "system/passwd.h"
|
||||
|
||||
@ -28,7 +28,7 @@
|
||||
#include "samba3/samba3.h"
|
||||
#include "libcli/security/security.h"
|
||||
#include "torture/torture.h"
|
||||
#include "auth/session_proto.h"
|
||||
#include "auth/auth_sam_reply.h"
|
||||
|
||||
static bool torture_pac_self_check(struct torture_context *tctx)
|
||||
{
|
||||
|
||||
Loading…
Reference in New Issue
Block a user