The branch, master has been updated via f0475ac... s3-libnet: remove source3/libnet/libnet_join.c.orig, added by a previous commit. via bb8936c... s3-dcerpc: fix build warning seen with -O3. from 71d80e6... s3-krb5 Only build ADS support if arcfour-hmac-md5 is available
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit f0475ac36cf4a7e186f0cbaab08202a3306bd496 Author: Günther Deschner <g...@samba.org> Date: Fri Aug 13 15:22:06 2010 +0200 s3-libnet: remove source3/libnet/libnet_join.c.orig, added by a previous commit. Guenther commit bb8936c08709ea5e59eeba2f67359c7511fb89f0 Author: Günther Deschner <g...@samba.org> Date: Fri Aug 13 15:12:29 2010 +0200 s3-dcerpc: fix build warning seen with -O3. "warning: assuming signed overflow does not occur when assuming that (X + c) < X is always false" Guenther ----------------------------------------------------------------------- Summary of changes: source3/libnet/libnet_join.c.orig | 2187 ----------------------------------- source3/librpc/rpc/dcerpc_helpers.c | 6 +- 2 files changed, 3 insertions(+), 2190 deletions(-) delete mode 100644 source3/libnet/libnet_join.c.orig Changeset truncated at 500 lines: diff --git a/source3/libnet/libnet_join.c.orig b/source3/libnet/libnet_join.c.orig deleted file mode 100644 index c710f9e..0000000 --- a/source3/libnet/libnet_join.c.orig +++ /dev/null @@ -1,2187 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * libnet Join Support - * Copyright (C) Gerald (Jerry) Carter 2006 - * Copyright (C) Guenther Deschner 2007-2008 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -#include "includes.h" -#include "ads.h" -#include "librpc/gen_ndr/ndr_libnet_join.h" -#include "libnet/libnet_join.h" -#include "libcli/auth/libcli_auth.h" -#include "../librpc/gen_ndr/cli_samr.h" -#include "rpc_client/init_samr.h" -#include "../librpc/gen_ndr/cli_lsa.h" -#include "rpc_client/cli_lsarpc.h" -#include "../librpc/gen_ndr/cli_netlogon.h" -#include "rpc_client/cli_netlogon.h" -#include "lib/smbconf/smbconf.h" -#include "lib/smbconf/smbconf_reg.h" -#include "../libds/common/flags.h" -#include "secrets.h" - -/**************************************************************** -****************************************************************/ - -#define LIBNET_JOIN_DUMP_CTX(ctx, r, f) \ - do { \ - char *str = NULL; \ - str = NDR_PRINT_FUNCTION_STRING(ctx, libnet_JoinCtx, f, r); \ - DEBUG(1,("libnet_Join:\n%s", str)); \ - TALLOC_FREE(str); \ - } while (0) - -#define LIBNET_JOIN_IN_DUMP_CTX(ctx, r) \ - LIBNET_JOIN_DUMP_CTX(ctx, r, NDR_IN | NDR_SET_VALUES) -#define LIBNET_JOIN_OUT_DUMP_CTX(ctx, r) \ - LIBNET_JOIN_DUMP_CTX(ctx, r, NDR_OUT) - -#define LIBNET_UNJOIN_DUMP_CTX(ctx, r, f) \ - do { \ - char *str = NULL; \ - str = NDR_PRINT_FUNCTION_STRING(ctx, libnet_UnjoinCtx, f, r); \ - DEBUG(1,("libnet_Unjoin:\n%s", str)); \ - TALLOC_FREE(str); \ - } while (0) - -#define LIBNET_UNJOIN_IN_DUMP_CTX(ctx, r) \ - LIBNET_UNJOIN_DUMP_CTX(ctx, r, NDR_IN | NDR_SET_VALUES) -#define LIBNET_UNJOIN_OUT_DUMP_CTX(ctx, r) \ - LIBNET_UNJOIN_DUMP_CTX(ctx, r, NDR_OUT) - -/**************************************************************** -****************************************************************/ - -static void libnet_join_set_error_string(TALLOC_CTX *mem_ctx, - struct libnet_JoinCtx *r, - const char *format, ...) -{ - va_list args; - - if (r->out.error_string) { - return; - } - - va_start(args, format); - r->out.error_string = talloc_vasprintf(mem_ctx, format, args); - va_end(args); -} - -/**************************************************************** -****************************************************************/ - -static void libnet_unjoin_set_error_string(TALLOC_CTX *mem_ctx, - struct libnet_UnjoinCtx *r, - const char *format, ...) -{ - va_list args; - - if (r->out.error_string) { - return; - } - - va_start(args, format); - r->out.error_string = talloc_vasprintf(mem_ctx, format, args); - va_end(args); -} - -#ifdef WITH_ADS - -/**************************************************************** -****************************************************************/ - -static ADS_STATUS libnet_connect_ads(const char *dns_domain_name, - const char *netbios_domain_name, - const char *dc_name, - const char *user_name, - const char *password, - ADS_STRUCT **ads) -{ - ADS_STATUS status; - ADS_STRUCT *my_ads = NULL; - char *cp; - - my_ads = ads_init(dns_domain_name, - netbios_domain_name, - dc_name); - if (!my_ads) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } - - if (user_name) { - SAFE_FREE(my_ads->auth.user_name); - my_ads->auth.user_name = SMB_STRDUP(user_name); - if ((cp = strchr_m(my_ads->auth.user_name, '@'))!=0) { - *cp++ = '\0'; - SAFE_FREE(my_ads->auth.realm); - my_ads->auth.realm = smb_xstrdup(cp); - strupper_m(my_ads->auth.realm); - } - } - - if (password) { - SAFE_FREE(my_ads->auth.password); - my_ads->auth.password = SMB_STRDUP(password); - } - - status = ads_connect_user_creds(my_ads); - if (!ADS_ERR_OK(status)) { - ads_destroy(&my_ads); - return status; - } - - *ads = my_ads; - return ADS_SUCCESS; -} - -/**************************************************************** -****************************************************************/ - -static ADS_STATUS libnet_join_connect_ads(TALLOC_CTX *mem_ctx, - struct libnet_JoinCtx *r) -{ - ADS_STATUS status; - - status = libnet_connect_ads(r->out.dns_domain_name, - r->out.netbios_domain_name, - r->in.dc_name, - r->in.admin_account, - r->in.admin_password, - &r->in.ads); - if (!ADS_ERR_OK(status)) { - libnet_join_set_error_string(mem_ctx, r, - "failed to connect to AD: %s", - ads_errstr(status)); - return status; - } - - if (!r->out.netbios_domain_name) { - r->out.netbios_domain_name = talloc_strdup(mem_ctx, - r->in.ads->server.workgroup); - ADS_ERROR_HAVE_NO_MEMORY(r->out.netbios_domain_name); - } - - if (!r->out.dns_domain_name) { - r->out.dns_domain_name = talloc_strdup(mem_ctx, - r->in.ads->config.realm); - ADS_ERROR_HAVE_NO_MEMORY(r->out.dns_domain_name); - } - - r->out.domain_is_ad = true; - - return ADS_SUCCESS; -} - -/**************************************************************** -****************************************************************/ - -static ADS_STATUS libnet_unjoin_connect_ads(TALLOC_CTX *mem_ctx, - struct libnet_UnjoinCtx *r) -{ - ADS_STATUS status; - - status = libnet_connect_ads(r->in.domain_name, - r->in.domain_name, - r->in.dc_name, - r->in.admin_account, - r->in.admin_password, - &r->in.ads); - if (!ADS_ERR_OK(status)) { - libnet_unjoin_set_error_string(mem_ctx, r, - "failed to connect to AD: %s", - ads_errstr(status)); - } - - return status; -} - -/**************************************************************** - join a domain using ADS (LDAP mods) -****************************************************************/ - -static ADS_STATUS libnet_join_precreate_machine_acct(TALLOC_CTX *mem_ctx, - struct libnet_JoinCtx *r) -{ - ADS_STATUS status; - LDAPMessage *res = NULL; - const char *attrs[] = { "dn", NULL }; - bool moved = false; - - status = ads_check_ou_dn(mem_ctx, r->in.ads, &r->in.account_ou); - if (!ADS_ERR_OK(status)) { - return status; - } - - status = ads_search_dn(r->in.ads, &res, r->in.account_ou, attrs); - if (!ADS_ERR_OK(status)) { - return status; - } - - if (ads_count_replies(r->in.ads, res) != 1) { - ads_msgfree(r->in.ads, res); - return ADS_ERROR_LDAP(LDAP_NO_SUCH_OBJECT); - } - - ads_msgfree(r->in.ads, res); - - /* Attempt to create the machine account and bail if this fails. - Assume that the admin wants exactly what they requested */ - - status = ads_create_machine_acct(r->in.ads, - r->in.machine_name, - r->in.account_ou); - - if (ADS_ERR_OK(status)) { - DEBUG(1,("machine account creation created\n")); - return status; - } else if ((status.error_type == ENUM_ADS_ERROR_LDAP) && - (status.err.rc == LDAP_ALREADY_EXISTS)) { - status = ADS_SUCCESS; - } - - if (!ADS_ERR_OK(status)) { - DEBUG(1,("machine account creation failed\n")); - return status; - } - - status = ads_move_machine_acct(r->in.ads, - r->in.machine_name, - r->in.account_ou, - &moved); - if (!ADS_ERR_OK(status)) { - DEBUG(1,("failure to locate/move pre-existing " - "machine account\n")); - return status; - } - - DEBUG(1,("The machine account %s the specified OU.\n", - moved ? "was moved into" : "already exists in")); - - return status; -} - -/**************************************************************** -****************************************************************/ - -static ADS_STATUS libnet_unjoin_remove_machine_acct(TALLOC_CTX *mem_ctx, - struct libnet_UnjoinCtx *r) -{ - ADS_STATUS status; - - if (!r->in.ads) { - status = libnet_unjoin_connect_ads(mem_ctx, r); - if (!ADS_ERR_OK(status)) { - libnet_unjoin_set_error_string(mem_ctx, r, - "failed to connect to AD: %s", - ads_errstr(status)); - return status; - } - } - - status = ads_leave_realm(r->in.ads, r->in.machine_name); - if (!ADS_ERR_OK(status)) { - libnet_unjoin_set_error_string(mem_ctx, r, - "failed to leave realm: %s", - ads_errstr(status)); - return status; - } - - return ADS_SUCCESS; -} - -/**************************************************************** -****************************************************************/ - -static ADS_STATUS libnet_join_find_machine_acct(TALLOC_CTX *mem_ctx, - struct libnet_JoinCtx *r) -{ - ADS_STATUS status; - LDAPMessage *res = NULL; - char *dn = NULL; - - if (!r->in.machine_name) { - return ADS_ERROR(LDAP_NO_MEMORY); - } - - status = ads_find_machine_acct(r->in.ads, - &res, - r->in.machine_name); - if (!ADS_ERR_OK(status)) { - return status; - } - - if (ads_count_replies(r->in.ads, res) != 1) { - status = ADS_ERROR_LDAP(LDAP_NO_MEMORY); - goto done; - } - - dn = ads_get_dn(r->in.ads, mem_ctx, res); - if (!dn) { - status = ADS_ERROR_LDAP(LDAP_NO_MEMORY); - goto done; - } - - r->out.dn = talloc_strdup(mem_ctx, dn); - if (!r->out.dn) { - status = ADS_ERROR_LDAP(LDAP_NO_MEMORY); - goto done; - } - - done: - ads_msgfree(r->in.ads, res); - TALLOC_FREE(dn); - - return status; -} - -/**************************************************************** - Set a machines dNSHostName and servicePrincipalName attributes -****************************************************************/ - -static ADS_STATUS libnet_join_set_machine_spn(TALLOC_CTX *mem_ctx, - struct libnet_JoinCtx *r) -{ - ADS_STATUS status; - ADS_MODLIST mods; - fstring my_fqdn; - const char *spn_array[3] = {NULL, NULL, NULL}; - char *spn = NULL; - - /* Find our DN */ - - status = libnet_join_find_machine_acct(mem_ctx, r); - if (!ADS_ERR_OK(status)) { - return status; - } - - /* Windows only creates HOST/shortname & HOST/fqdn. */ - - spn = talloc_asprintf(mem_ctx, "HOST/%s", r->in.machine_name); - if (!spn) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } - strupper_m(spn); - spn_array[0] = spn; - - if (!name_to_fqdn(my_fqdn, r->in.machine_name) - || (strchr(my_fqdn, '.') == NULL)) { - fstr_sprintf(my_fqdn, "%s.%s", r->in.machine_name, - r->out.dns_domain_name); - } - - strlower_m(my_fqdn); - - if (!strequal(my_fqdn, r->in.machine_name)) { - spn = talloc_asprintf(mem_ctx, "HOST/%s", my_fqdn); - if (!spn) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } - spn_array[1] = spn; - } - - mods = ads_init_mods(mem_ctx); - if (!mods) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } - - /* fields of primary importance */ - - status = ads_mod_str(mem_ctx, &mods, "dNSHostName", my_fqdn); - if (!ADS_ERR_OK(status)) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } - - status = ads_mod_strlist(mem_ctx, &mods, "servicePrincipalName", - spn_array); - if (!ADS_ERR_OK(status)) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } - - return ads_gen_mod(r->in.ads, r->out.dn, mods); -} - -/**************************************************************** -****************************************************************/ - -static ADS_STATUS libnet_join_set_machine_upn(TALLOC_CTX *mem_ctx, - struct libnet_JoinCtx *r) -{ - ADS_STATUS status; - ADS_MODLIST mods; - - if (!r->in.create_upn) { - return ADS_SUCCESS; - } - - /* Find our DN */ - - status = libnet_join_find_machine_acct(mem_ctx, r); - if (!ADS_ERR_OK(status)) { - return status; - } - - if (!r->in.upn) { - r->in.upn = talloc_asprintf(mem_ctx, - "host/%...@%s", - r->in.machine_name, - r->out.dns_domain_name); - if (!r->in.upn) { - return ADS_ERROR(LDAP_NO_MEMORY); - } - } - - /* now do the mods */ - - mods = ads_init_mods(mem_ctx); - if (!mods) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } - - /* fields of primary importance */ - - status = ads_mod_str(mem_ctx, &mods, "userPrincipalName", r->in.upn); - if (!ADS_ERR_OK(status)) { - return ADS_ERROR_LDAP(LDAP_NO_MEMORY); - } - - return ads_gen_mod(r->in.ads, r->out.dn, mods); -} - - -/**************************************************************** -****************************************************************/ - -static ADS_STATUS libnet_join_set_os_attributes(TALLOC_CTX *mem_ctx, - struct libnet_JoinCtx *r) -{ - ADS_STATUS status; - ADS_MODLIST mods; - char *os_sp = NULL; - - if (!r->in.os_name || !r->in.os_version ) { - return ADS_SUCCESS; - } - - /* Find our DN */ - - status = libnet_join_find_machine_acct(mem_ctx, r); - if (!ADS_ERR_OK(status)) { - return status; - } - - /* now do the mods */ - - mods = ads_init_mods(mem_ctx); - if (!mods) { - return ADS_ERROR(LDAP_NO_MEMORY); - } - - os_sp = talloc_asprintf(mem_ctx, "Samba %s", samba_version_string()); - if (!os_sp) { -- Samba Shared Repository