The branch, master has been updated via fe29535 s3-vfs: Put vfs_aixacl_util.c helper functions into a header file via f11a1a4 s4:kdc/wdc-samba4.c - fix user logins on specific workstations via a57c5eb s4-classicupgrade: Tests if sam policies exist before trying to import them. via 34c4664 s3-selftest: Add smbclient tarmode test via 1428500 s3-selftest: Fix copy/paste error in test usage string from 4e4c306 Fix smbclient/tarmode panic on connecting to Windows 2000 clients.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit fe295358dfa495c8f4b564784d728b37882e877d Author: Andrew Bartlett <abart...@samba.org> Date: Mon Aug 13 20:14:43 2012 +1000 s3-vfs: Put vfs_aixacl_util.c helper functions into a header file Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Tue Aug 14 02:16:11 CEST 2012 on sn-devel-104 commit f11a1a4a0796c8e77eee721f1ed1406b01e2b007 Author: Matthias Dieter Wallnöfer <m...@samba.org> Date: Mon Aug 13 20:17:20 2012 +0200 s4:kdc/wdc-samba4.c - fix user logins on specific workstations The decrement operation has been missing. Problem found by Mohammad Ebrahim Abravi <lamp....@gmail.com> Signed-off-by: Andrew Bartlett <abart...@samba.org> commit a57c5eb848698a4231f851744949c6a44e92784a Author: Wesley Young <wes...@wesleyy.com> Date: Mon Aug 13 01:08:36 2012 +0000 s4-classicupgrade: Tests if sam policies exist before trying to import them. Signed-off-by: Andrew Bartlett <abart...@samba.org> commit 34c4664dc0a52862ea6a36cc44d09593557a6396 Author: Salvador I. Gonzalez <sgonza...@codejunkie.net> Date: Sat Aug 11 10:48:36 2012 -0400 s3-selftest: Add smbclient tarmode test (With small changes to have test complete by Andrew Bartlett) Signed-off-by: Andrew Bartlett <abart...@samba.org> commit 14285005ec5f208327ab8236e9c33bfefe38126a Author: Salvador I. Gonzalez <sgonza...@codejunkie.net> Date: Sat Aug 11 10:47:58 2012 -0400 s3-selftest: Fix copy/paste error in test usage string Signed-off-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/modules/vfs_aixacl.c | 4 +- source3/modules/vfs_aixacl_util.c | 1 + .../modules/vfs_aixacl_util.h | 14 +- source3/script/tests/test_smbclient_auth.sh | 2 +- source3/script/tests/test_smbclient_tarmode.sh | 181 ++++++++++++++++++++ source3/selftest/tests.py | 5 +- source4/kdc/wdc-samba4.c | 9 +- source4/scripting/python/samba/upgrade.py | 55 ++++--- 8 files changed, 229 insertions(+), 42 deletions(-) copy source4/auth/ntlm/auth_server_service.c => source3/modules/vfs_aixacl_util.h (71%) create mode 100755 source3/script/tests/test_smbclient_tarmode.sh Changeset truncated at 500 lines: diff --git a/source3/modules/vfs_aixacl.c b/source3/modules/vfs_aixacl.c index c4bb02e..9f66d2a 100644 --- a/source3/modules/vfs_aixacl.c +++ b/source3/modules/vfs_aixacl.c @@ -20,9 +20,7 @@ #include "includes.h" #include "system/filesys.h" #include "smbd/smbd.h" - -extern SMB_ACL_T aixacl_to_smbacl( struct acl *file_acl); -extern struct acl *aixacl_smb_to_aixacl(SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl); +#include "vfs_aixacl_util.h" SMB_ACL_T aixacl_sys_acl_get_file(vfs_handle_struct *handle, const char *path_p, diff --git a/source3/modules/vfs_aixacl_util.c b/source3/modules/vfs_aixacl_util.c index d867f9d..b359c40 100644 --- a/source3/modules/vfs_aixacl_util.c +++ b/source3/modules/vfs_aixacl_util.c @@ -20,6 +20,7 @@ #include "includes.h" #include "system/filesys.h" #include "smbd/smbd.h" +#include "vfs_aixacl_util.h" SMB_ACL_T aixacl_to_smbacl(struct acl *file_acl) { diff --git a/source4/auth/ntlm/auth_server_service.c b/source3/modules/vfs_aixacl_util.h similarity index 71% copy from source4/auth/ntlm/auth_server_service.c copy to source3/modules/vfs_aixacl_util.h index 65b9dc2..2447252 100644 --- a/source4/auth/ntlm/auth_server_service.c +++ b/source3/modules/vfs_aixacl_util.h @@ -1,7 +1,7 @@ /* - Unix SMB/CIFS implementation. - Password and authentication handling - Copyright (C) Andrew Bartlett 2010 + Unix SMB/Netbios implementation. + VFS module to get and set posix acls + Copyright (C) Jim McDonough <j...@us.ibm.com> 2006 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -17,10 +17,6 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "includes.h" -#include "auth/auth.h" +SMB_ACL_T aixacl_to_smbacl( struct acl *file_acl); +struct acl *aixacl_smb_to_aixacl(SMB_ACL_TYPE_T acltype, SMB_ACL_T theacl); -NTSTATUS server_service_auth_init(void) -{ - return auth4_init(); -} diff --git a/source3/script/tests/test_smbclient_auth.sh b/source3/script/tests/test_smbclient_auth.sh index b90334f..3988095 100755 --- a/source3/script/tests/test_smbclient_auth.sh +++ b/source3/script/tests/test_smbclient_auth.sh @@ -4,7 +4,7 @@ if [ $# -lt 4 ]; then cat <<EOF -Usage: test_smbclient_s3.sh SERVER SERVER_IP USERNAME PASSWORD SMBCLIENT <smbclient arguments> +Usage: test_smbclient_auth.sh SERVER SERVER_IP USERNAME PASSWORD SMBCLIENT <smbclient arguments> EOF exit 1; fi diff --git a/source3/script/tests/test_smbclient_tarmode.sh b/source3/script/tests/test_smbclient_tarmode.sh new file mode 100755 index 0000000..331ba20 --- /dev/null +++ b/source3/script/tests/test_smbclient_tarmode.sh @@ -0,0 +1,181 @@ +#!/bin/sh + +# this runs a simple tarmode test + +if [ $# -lt 7 ]; then +cat <<EOF +Usage: test_smbclient_tarmode.sh SERVER SERVER_IP USERNAME PASSWORD LOCAL_PATH PREFIX SMBCLIENT [create|extract] <smbclient arguments> +EOF +exit 1; +fi + +SERVER="$1" +SERVER_IP="$2" +USERNAME="$3" +PASSWORD="$4" +LOCAL_PATH="$5" +PREFIX="$6" +SMBCLIENT="$7" +SMBCLIENT="$VALGRIND ${SMBCLIENT}" +shift 7 +ADDARGS="$*" + +incdir=`dirname $0`/../../../testprogs/blackbox +. $incdir/subunit.sh + +FAILCOUNT=0 + +# Check command is available +have_command() { + type "$1" > /dev/null 2>&1 + return $? +} + +# Create a test corpus +create_test_data() { + + local DIR="$1" + local BS=1024 + local NUM_FILES=10 + local NORND_COUNT=25 + + # Bomb if dir exists + if [ -e "$DIR" ]; then + echo "Test data directory '$DIR' already exists!" + false + return + fi + + if ! mkdir -p "$DIR" > /dev/null 2>&1; then + echo "Couldn't create test data directory '$DIR'" + false + return + fi + + local I=1 + if have_command "od"; then # Use random file sizes + local RND_COUNT + for RND_COUNT in `od -An -N$NUM_FILES -tu1 < /dev/urandom`; do + if ! dd if=/dev/urandom of="$DIR/file.$I" bs=$BS count=$RND_COUNT > /dev/null 2>&1; then + echo "Couldn't create test file '$DIR/file.$I' (random size)" + false + return + fi + I=`expr $I + 1` + done + else # Fallback to same file sizes + while [ $I -le $NUM_FILES ]; do + if ! dd if=/dev/urandom of="$DIR/file.$I" bs=$BS count=$NORND_COUNT > /dev/null 2>&1; then + echo "Couldn't create test file '$DIR/file.$I' (static size)" + false + return + fi + I=`expr $I + 1` + done + fi + + true + return + +} + +# Check that two directories are equivalent (In Data content) +validate_data() { + local DIR1="$1" + local DIR2="$2" + + diff -r "$DIR1" "$DIR2" + return $? +} + +# Test tarmode -Tc +test_tarmode_creation() { + + # Clear temp data + rm -rf -- "$PREFIX"/tarmode > /dev/null 2>&1 + rm -f "$PREFIX"/tarmode.tar > /dev/null 2>&1 + rm -rf "$LOCAL_PATH"/tarmode > /dev/null 2>&1 + + # Build the test data + if ! create_test_data "$LOCAL_PATH/tarmode"; then + echo "Test data creation failed" + false + return + fi + + # Create tarfile with smbclient + if ! $SMBCLIENT //$SERVER/tmp $CONFIGURATION -U$USERNAME%$PASSWORD -I $SERVER_IP -p 139 \ + $ADDARGS -c "tarmode full" -Tc "$PREFIX/tarmode.tar" "/tarmode"; then + echo "Couldn't create tar file with tarmode -Tc" + false + return + fi + + # Extract data to verify + if ! tar -xf "$PREFIX/tarmode.tar" -C "$PREFIX"; then + echo "Couldn't extract data from created tarfile" + false + return + fi + + # Verify data + if ! validate_data "$PREFIX/tarmode" "$LOCAL_PATH/tarmode"; then + echo "Data not equivalent" + false + return + fi + + true + return + +} + +# Test tarmode -Tx +test_tarmode_extraction() { + + # Clear temp data + rm -rf -- "$PREFIX"/tarmode > /dev/null 2>&1 + rm -f "$PREFIX"/tarmode.tar > /dev/null 2>&1 + rm -rf "$LOCAL_PATH"/tarmode > /dev/null 2>&1 + + # Build the test data + if ! create_test_data "$PREFIX/tarmode"; then + echo "Test data creation failed" + false + return + fi + + # Create tarfile to extract on client + if ! tar -cf "$PREFIX/tarmode.tar" -C "$PREFIX" tarmode; then + echo "Couldn't create tar archive" + false + return + fi + + # Extract tarfile with smbclient + if ! $SMBCLIENT //$SERVER/tmp $CONFIGURATION -U$USERNAME%$PASSWORD -I $SERVER_IP -p 139 \ + $ADDARGS -c "tarmode full" -Tx "$PREFIX/tarmode.tar"; then + echo "Couldn't extact tar file with tarmode -Tx" + false + return + fi + + # Verify data + if ! validate_data "$PREFIX/tarmode" "$LOCAL_PATH/tarmode"; then + echo "Data not equivalent" + false + return + fi + + true + return + +} + +testit "test_tarmode_creation" \ + test_tarmode_creation || FAILCOUNT=`expr $FAILCOUNT + 1` + +testit "test_tarmode_extraction" \ + test_tarmode_extraction || FAILCOUNT=`expr $FAILCOUNT + 1` + +testok $0 $FAILCOUNT diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index a890372..945d26a 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -203,10 +203,13 @@ for env in ["s3dc"]: for env in ["member", "s3member"]: plantestsuite("samba3.blackbox.smbclient_s3.sign (%s) member creds" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_s3.sh"), '$SERVER', '$SERVER_IP', '$SERVER', '$SERVER\\\\$USERNAME', '$PASSWORD', '$USERID', '$LOCAL_PATH', '$PREFIX', smbclient, wbinfo, configuration, "--signing=required"]) -# encrypted for env in ["s3dc"]: + # encrypted plantestsuite("samba3.blackbox.smbclient_s3.crypt (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_s3.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN', '$USERNAME', '$PASSWORD', '$USERID', '$LOCAL_PATH', '$PREFIX', smbclient, wbinfo, configuration, "-e"]) + # Test smbclient/tarmode + plantestsuite("samba3.blackbox.smbclient_tarmode (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbclient_tarmode.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', '$LOCAL_PATH', '$PREFIX', smbclient, configuration]) + #TODO encrypted against member, with member creds, and with DC creds plantestsuite("samba3.blackbox.net.misc", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/test_net_misc.sh"), diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c index 70e849c..2f4945c 100644 --- a/source4/kdc/wdc-samba4.c +++ b/source4/kdc/wdc-samba4.c @@ -187,14 +187,15 @@ static char *get_netbios_name(TALLOC_CTX *mem_ctx, HostAddresses *addrs) } } - if (nb_name == NULL) { + if ((nb_name == NULL) || (nb_name[0] == '\0')) { return NULL; } /* Strip space padding */ - i = strlen(nb_name) - 1; - while (i > 0 && nb_name[i] == ' ') { - nb_name[i] = '\0'; + for (len = strlen(nb_name) - 1; + (len > 0) && (nb_name[len] == ' '); + --len) { + nb_name[len] = '\0'; } return nb_name; diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py index 3779794..8ce080b 100644 --- a/source4/scripting/python/samba/upgrade.py +++ b/source4/scripting/python/samba/upgrade.py @@ -56,30 +56,37 @@ def import_sam_policy(samdb, policy, logger): m = ldb.Message() m.dn = samdb.get_default_basedn() - m['a01'] = ldb.MessageElement(str(policy['min password length']), - ldb.FLAG_MOD_REPLACE, 'minPwdLength') - m['a02'] = ldb.MessageElement(str(policy['password history']), - ldb.FLAG_MOD_REPLACE, 'pwdHistoryLength') - - min_pw_age_unix = policy['minimum password age'] - min_pw_age_nt = int(-min_pw_age_unix * (1e7)) - m['a03'] = ldb.MessageElement(str(min_pw_age_nt), ldb.FLAG_MOD_REPLACE, - 'minPwdAge') - - max_pw_age_unix = policy['maximum password age'] - if max_pw_age_unix == -1 or max_pw_age_unix == 0: - max_pw_age_nt = -0x8000000000000000 - else: - max_pw_age_nt = int(-max_pw_age_unix * (1e7)) - m['a04'] = ldb.MessageElement(str(max_pw_age_nt), ldb.FLAG_MOD_REPLACE, - 'maxPwdAge') + if 'min password length' in policy: + m['a01'] = ldb.MessageElement(str(policy['min password length']), + ldb.FLAG_MOD_REPLACE, 'minPwdLength') + + if 'password history' in policy: + m['a02'] = ldb.MessageElement(str(policy['password history']), + ldb.FLAG_MOD_REPLACE, 'pwdHistoryLength') + + if 'minimum password age' in policy: + min_pw_age_unix = policy['minimum password age'] + min_pw_age_nt = int(-min_pw_age_unix * (1e7)) + m['a03'] = ldb.MessageElement(str(min_pw_age_nt), ldb.FLAG_MOD_REPLACE, + 'minPwdAge') + + if 'maximum password age' in policy: + max_pw_age_unix = policy['maximum password age'] + if max_pw_age_unix == -1 or max_pw_age_unix == 0: + max_pw_age_nt = -0x8000000000000000 + else: + max_pw_age_nt = int(-max_pw_age_unix * (1e7)) + + m['a04'] = ldb.MessageElement(str(max_pw_age_nt), ldb.FLAG_MOD_REPLACE, + 'maxPwdAge') - lockout_duration_mins = policy['lockout duration'] - lockout_duration_nt = unix2nttime(lockout_duration_mins * 60) + if 'lockout duration' in policy: + lockout_duration_mins = policy['lockout duration'] + lockout_duration_nt = unix2nttime(lockout_duration_mins * 60) - m['a05'] = ldb.MessageElement(str(lockout_duration_nt), - ldb.FLAG_MOD_REPLACE, 'lockoutDuration') + m['a05'] = ldb.MessageElement(str(lockout_duration_nt), + ldb.FLAG_MOD_REPLACE, 'lockoutDuration') try: samdb.modify(m) -- Samba Shared Repository