The branch, master has been updated
via 0dd512e s4:torture/netlogon: Test netlogon with additional attrs
via 767bd6a s4:torture/ldap: Add test for netlogon over tcp
via e306250 libcli/cldap: Add utility to create netlogon filter
via 68ebb09 s4:dsdb: Move cldap netlogon functions into
samdb/ldb_modules
via 7106dcf s4:cldap_server: Do not handle netlogon ourself anymore
via 0620c79 s4:dsdb/rootdse: Support netlogon request
via 7a5a625 s4:dsdb/rootdse: Pass rootdse context to rootdse_add_dynamic
via 3721274 s4:cldap_server: Move netlogon parsing into utility function
via ca8acb6 provision: Fix string replacement ordering
via 32ee231 s4:torture/cldap: Fix a typo
from 490418d gpo: Fix CID 1034880 Resource leak
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 0dd512eead6dc999511e9e21f5304a224653db85
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Thu Oct 31 21:23:57 2013 +0100
s4:torture/netlogon: Test netlogon with additional attrs
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
se enter the commit message for your changes. Lines starting
Autobuild-User(master): Andrew Bartlett <abart...@samba.org>
Autobuild-Date(master): Tue Nov 12 00:57:19 CET 2013 on sn-devel-104
commit 767bd6a4d49efce1c554bb0bc8130d74331b0bd8
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Mon Oct 28 14:21:20 2013 +0100
s4:torture/ldap: Add test for netlogon over tcp
This patch moves the udp netlogon tests from cldap.c
to netlogon.c and passes a generic netlogon-send
function as parameter.
Therefore a tcp replacement for cldap_netlogon is also added.
The two variants tcp and udp are added as 2 new torture tests:
ldap.netlogon-udp & ldap.netlogon-tcp
Both tests succeed.
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
commit e306250a250d20a43cbe4c72ece34ebd475fa39c
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Mon Oct 28 14:19:57 2013 +0100
libcli/cldap: Add utility to create netlogon filter
This utility is splitted of from cldap_netlogon_send.
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
commit 68ebb09193e73cff4389ccb9e3b190b12ee0a84a
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Tue Nov 5 20:39:56 2013 +0100
s4:dsdb: Move cldap netlogon functions into samdb/ldb_modules
As netlogon is handled by the samdb now,
the corresponding functions should live there as well.
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
commit 7106dcf2b8525ec653f24e417d846f9d00172b6d
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Fri Nov 1 10:52:02 2013 +0100
s4:cldap_server: Do not handle netlogon ourself anymore
Netlogon is now handled by the ldb rootdse module.
The netlogon files will be moved to dsdb in the next commit.
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
commit 0620c79d76b69811fd6c00d912db05477d894724
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Sun Oct 27 06:55:48 2013 +0100
s4:dsdb/rootdse: Support netlogon request
This patch adds support for a netlogon ldap style request
over the tcp socket. This is available since win2k3+ [1].
The automatic client join & configuration daemon "realmd" makes
use of this ability.
Realmd can now be used to join a computer to a samba 4 domain.
(See also:
https://lists.samba.org/archive/samba-technical/2013-October/095606.html)
Tested with:
ldapsearch -h samba-srv -x -b '' -s base
"(&(NtVer=\06\00\00\00)(AAC=\00\00\00\00))" NetLogon
And compared the result in wireshark with cldap request issued by
examples/misc/cldap.pl.
[1]: http://wiki.wireshark.org/MS-CLDAP?action=recall&rev=8
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
commit 7a5a62547bc10053fb1e4850e0acacb6a837f36f
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Fri Nov 1 06:55:41 2013 +0100
s4:dsdb/rootdse: Pass rootdse context to rootdse_add_dynamic
This replaced the *module parameter, and uses ac->module in the function
instead, same for *req and *attrs.
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
commit 372127416825a8a947cd976f8a4165611c006c43
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Sun Oct 27 16:07:04 2013 +0100
s4:cldap_server: Move netlogon parsing into utility function
To be used later by netlogon-request over ldap.
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
commit ca8acb681a1ccaddf85376ff30c9b13b1a4c943d
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Fri Sep 6 16:20:43 2013 +0200
provision: Fix string replacement ordering
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
commit 32ee231da590d7b8aee74728a423b282ae845bce
Author: Benjamin Franzke <benjaminfran...@googlemail.com>
Date: Fri Nov 1 10:24:43 2013 +0100
s4:torture/cldap: Fix a typo
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Reviewed-by: Nadezhda Ivanova <nivan...@symas.com>
-----------------------------------------------------------------------
Summary of changes:
libcli/cldap/cldap.c | 90 +++--
libcli/cldap/cldap.h | 2 +
python/samba/provision/__init__.py | 2 +-
source4/cldap_server/cldap_server.c | 12 -
source4/cldap_server/cldap_server.h | 15 -
source4/cldap_server/rootdse.c | 5 +
source4/cldap_server/wscript_build | 2 +-
.../samdb/ldb_modules}/netlogon.c | 94 ++---
source4/dsdb/samdb/ldb_modules/rootdse.c | 122 +++++--
source4/dsdb/samdb/ldb_modules/util.h | 2 +
source4/dsdb/samdb/ldb_modules/wscript_build | 2 +-
source4/ldap_server/ldap_backend.c | 3 +
source4/nbt_server/dgram/netlogon.c | 2 +-
source4/nbt_server/wscript_build | 2 +-
source4/rpc_server/netlogon/dcerpc_netlogon.c | 2 +-
source4/rpc_server/wscript_build | 2 +-
source4/torture/ldap/cldap.c | 331 +----------------
source4/torture/ldap/common.c | 2 +
source4/torture/ldap/{cldap.c => netlogon.c} | 394 ++++++++++++--------
source4/torture/wscript_build | 2 +-
20 files changed, 449 insertions(+), 639 deletions(-)
rename source4/{cldap_server => dsdb/samdb/ldb_modules}/netlogon.c (87%)
copy source4/torture/ldap/{cldap.c => netlogon.c} (61%)
Changeset truncated at 500 lines:
diff --git a/libcli/cldap/cldap.c b/libcli/cldap/cldap.c
index 24ce39f..e543091 100644
--- a/libcli/cldap/cldap.c
+++ b/libcli/cldap/cldap.c
@@ -882,81 +882,91 @@ struct cldap_netlogon_state {
struct cldap_search search;
};
-static void cldap_netlogon_state_done(struct tevent_req *subreq);
-/*
- queue a cldap netlogon for send
-*/
-struct tevent_req *cldap_netlogon_send(TALLOC_CTX *mem_ctx,
- struct tevent_context *ev,
- struct cldap_socket *cldap,
- const struct cldap_netlogon *io)
+char *cldap_netlogon_create_filter(TALLOC_CTX *mem_ctx,
+ const struct cldap_netlogon *io)
{
- struct tevent_req *req, *subreq;
- struct cldap_netlogon_state *state;
char *filter;
- static const char * const attr[] = { "NetLogon", NULL };
- req = tevent_req_create(mem_ctx, &state,
- struct cldap_netlogon_state);
- if (!req) {
+ filter = talloc_asprintf(mem_ctx, "(&(NtVer=%s)",
+ ldap_encode_ndr_uint32(mem_ctx,
io->in.version));
+ if (filter == NULL)
return NULL;
- }
- filter = talloc_asprintf(state, "(&(NtVer=%s)",
- ldap_encode_ndr_uint32(state, io->in.version));
- if (tevent_req_nomem(filter, req)) {
- goto post;
- }
if (io->in.user) {
filter = talloc_asprintf_append_buffer(filter, "(User=%s)",
io->in.user);
- if (tevent_req_nomem(filter, req)) {
- goto post;
+ if (filter == NULL) {
+ return NULL;
}
}
if (io->in.host) {
filter = talloc_asprintf_append_buffer(filter, "(Host=%s)",
io->in.host);
- if (tevent_req_nomem(filter, req)) {
- goto post;
+ if (filter == NULL) {
+ return NULL;
}
}
if (io->in.realm) {
filter = talloc_asprintf_append_buffer(filter,
"(DnsDomain=%s)", io->in.realm);
- if (tevent_req_nomem(filter, req)) {
- goto post;
+ if (filter == NULL) {
+ return NULL;
}
}
if (io->in.acct_control != -1) {
filter = talloc_asprintf_append_buffer(filter, "(AAC=%s)",
- ldap_encode_ndr_uint32(state,
io->in.acct_control));
- if (tevent_req_nomem(filter, req)) {
- goto post;
+ ldap_encode_ndr_uint32(mem_ctx,
io->in.acct_control));
+ if (filter == NULL) {
+ return NULL;
}
}
if (io->in.domain_sid) {
- struct dom_sid *sid = dom_sid_parse_talloc(state,
io->in.domain_sid);
- if (tevent_req_nomem(sid, req)) {
- goto post;
+ struct dom_sid *sid = dom_sid_parse_talloc(mem_ctx,
io->in.domain_sid);
+ if (filter == NULL) {
+ return NULL;
}
filter = talloc_asprintf_append_buffer(filter, "(domainSid=%s)",
- ldap_encode_ndr_dom_sid(state,
sid));
- if (tevent_req_nomem(filter, req)) {
- goto post;
+
ldap_encode_ndr_dom_sid(mem_ctx, sid));
+ if (filter == NULL) {
+ return NULL;
}
}
if (io->in.domain_guid) {
struct GUID guid;
NTSTATUS status;
status = GUID_from_string(io->in.domain_guid, &guid);
- if (tevent_req_nterror(req, status)) {
- goto post;
+ if (filter == NULL) {
+ return NULL;
}
filter = talloc_asprintf_append_buffer(filter,
"(DomainGuid=%s)",
- ldap_encode_ndr_GUID(state,
&guid));
- if (tevent_req_nomem(filter, req)) {
- goto post;
+ ldap_encode_ndr_GUID(mem_ctx,
&guid));
+ if (filter == NULL) {
+ return NULL;
}
}
filter = talloc_asprintf_append_buffer(filter, ")");
+
+ return filter;
+}
+
+static void cldap_netlogon_state_done(struct tevent_req *subreq);
+/*
+ queue a cldap netlogon for send
+*/
+struct tevent_req *cldap_netlogon_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct cldap_socket *cldap,
+ const struct cldap_netlogon *io)
+{
+ struct tevent_req *req, *subreq;
+ struct cldap_netlogon_state *state;
+ char *filter;
+ static const char * const attr[] = { "NetLogon", NULL };
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct cldap_netlogon_state);
+ if (!req) {
+ return NULL;
+ }
+
+ filter = cldap_netlogon_create_filter(state, io);
if (tevent_req_nomem(filter, req)) {
goto post;
}
diff --git a/libcli/cldap/cldap.h b/libcli/cldap/cldap.h
index 0bc9454..cd76fee 100644
--- a/libcli/cldap/cldap.h
+++ b/libcli/cldap/cldap.h
@@ -123,6 +123,8 @@ NTSTATUS cldap_netlogon_recv(struct tevent_req *req,
NTSTATUS cldap_netlogon(struct cldap_socket *cldap,
TALLOC_CTX *mem_ctx,
struct cldap_netlogon *io);
+char *cldap_netlogon_create_filter(TALLOC_CTX *mem_ctx,
+ const struct cldap_netlogon *io);
NTSTATUS cldap_netlogon_reply(struct cldap_socket *cldap,
uint32_t message_id,
diff --git a/python/samba/provision/__init__.py
b/python/samba/provision/__init__.py
index 4920735..151444d 100644
--- a/python/samba/provision/__init__.py
+++ b/python/samba/provision/__init__.py
@@ -599,7 +599,7 @@ def guess_names(lp=None, hostname=None, domain=None,
dnsdomain=None,
raise ProvisioningError("guess_names: 'realm =' was not specified in
supplied %s. Please remove the smb.conf file and let provision generate it" %
lp.configfile)
if lp.get("realm").upper() != realm:
- raise ProvisioningError("guess_names: 'realm=%s' in %s must match
chosen realm '%s'! Please remove the smb.conf file and let provision generate
it" % (lp.get("realm").upper(), realm, lp.configfile))
+ raise ProvisioningError("guess_names: 'realm=%s' in %s must match
chosen realm '%s'! Please remove the smb.conf file and let provision generate
it" % (lp.get("realm").upper(), lp.configfile, realm))
if lp.get("server role").lower() != serverrole:
raise ProvisioningError("guess_names: 'server role=%s' in %s must
match chosen server role '%s'! Please remove the smb.conf file and let
provision generate it" % (lp.get("server role"), lp.configfile, serverrole))
diff --git a/source4/cldap_server/cldap_server.c
b/source4/cldap_server/cldap_server.c
index a6248d4..774142e 100644
--- a/source4/cldap_server/cldap_server.c
+++ b/source4/cldap_server/cldap_server.c
@@ -80,18 +80,6 @@ static void cldapd_request_handler(struct cldap_socket
*cldap,
return;
}
- if (search->num_attributes == 1 &&
- strcasecmp(search->attributes[0], "netlogon") == 0) {
- cldapd_netlogon_request(cldap,
- cldapd,
- in,
- in->ldap_msg->messageid,
- search->tree,
- in->src);
- talloc_free(in);
- return;
- }
-
cldapd_rootdse_request(cldap, cldapd, in,
in->ldap_msg->messageid,
search, in->src);
diff --git a/source4/cldap_server/cldap_server.h
b/source4/cldap_server/cldap_server.h
index fe7788f..0725284 100644
--- a/source4/cldap_server/cldap_server.h
+++ b/source4/cldap_server/cldap_server.h
@@ -32,19 +32,4 @@ struct cldapd_server {
struct ldap_SearchRequest;
-/* used by netlogon DCE/RPC server */
-NTSTATUS fill_netlogon_samlogon_response(struct ldb_context *sam_ctx,
- TALLOC_CTX *mem_ctx,
- const char *domain,
- const char *netbios_domain,
- struct dom_sid *domain_sid,
- const char *domain_guid,
- const char *user,
- uint32_t acct_control,
- const char *src_address,
- uint32_t version,
- struct loadparm_context *lp_ctx,
- struct netlogon_samlogon_response
*netlogon,
- bool fill_on_blank_request);
-
#include "cldap_server/proto.h"
diff --git a/source4/cldap_server/rootdse.c b/source4/cldap_server/rootdse.c
index b895616..3f389ce 100644
--- a/source4/cldap_server/rootdse.c
+++ b/source4/cldap_server/rootdse.c
@@ -158,6 +158,11 @@ void cldapd_rootdse_request(struct cldap_socket *cldap,
reply.response = NULL;
reply.result = &result;
+ /* Note: The remoteAddress should rather be set on a ldb request.
+ * We can set this savely on the context here,
+ * since cldapd_rootdse_fill operates synchronously. */
+ ldb_set_opaque(cldapd->samctx, "remoteAddress", src);
+
cldapd_rootdse_fill(cldapd, tmp_ctx, search, &reply.response,
reply.result);
diff --git a/source4/cldap_server/wscript_build
b/source4/cldap_server/wscript_build
index 6ffdb4a..928b91b 100644
--- a/source4/cldap_server/wscript_build
+++ b/source4/cldap_server/wscript_build
@@ -10,7 +10,7 @@ bld.SAMBA_MODULE('service_cldap',
bld.SAMBA_SUBSYSTEM('CLDAPD',
- source='netlogon.c rootdse.c',
+ source='rootdse.c',
autoproto='proto.h',
deps='cli_cldap ldbsamba'
)
diff --git a/source4/cldap_server/netlogon.c
b/source4/dsdb/samdb/ldb_modules/netlogon.c
similarity index 87%
rename from source4/cldap_server/netlogon.c
rename to source4/dsdb/samdb/ldb_modules/netlogon.c
index 6d5efb5..a381da8 100644
--- a/source4/cldap_server/netlogon.c
+++ b/source4/dsdb/samdb/ldb_modules/netlogon.c
@@ -25,11 +25,11 @@
#include <ldb_errors.h>
#include "lib/events/events.h"
#include "smbd/service_task.h"
-#include "cldap_server/cldap_server.h"
#include "librpc/gen_ndr/ndr_misc.h"
#include "libcli/ldap/ldap_ndr.h"
#include "libcli/security/security.h"
#include "dsdb/samdb/samdb.h"
+#include "dsdb/samdb/ldb_modules/util.h"
#include "auth/auth.h"
#include "ldb_wrap.h"
#include "system/network.h"
@@ -369,27 +369,26 @@ NTSTATUS fill_netlogon_samlogon_response(struct
ldb_context *sam_ctx,
return NT_STATUS_OK;
}
-
-/*
- handle incoming cldap requests
-*/
-void cldapd_netlogon_request(struct cldap_socket *cldap,
- struct cldapd_server *cldapd,
- TALLOC_CTX *tmp_ctx,
- uint32_t message_id,
- struct ldb_parse_tree *tree,
- struct tsocket_address *src)
+NTSTATUS parse_netlogon_request(struct ldb_parse_tree *tree,
+ struct loadparm_context *lp_ctx,
+ TALLOC_CTX *tmp_ctx,
+ const char **domain,
+ const char **host,
+ const char **user,
+ const char **domain_guid,
+ struct dom_sid **domain_sid,
+ int *acct_control,
+ int *version)
{
unsigned int i;
- const char *domain = NULL;
- const char *host = NULL;
- const char *user = NULL;
- const char *domain_guid = NULL;
- struct dom_sid *domain_sid = NULL;
- int acct_control = -1;
- int version = -1;
- struct netlogon_samlogon_response netlogon;
- NTSTATUS status = NT_STATUS_INVALID_PARAMETER;
+
+ *domain = NULL;
+ *host = NULL;
+ *user = NULL;
+ *domain_guid = NULL;
+ *domain_sid = NULL;
+ *acct_control = -1;
+ *version = -1;
if (tree->operation != LDB_OP_AND) goto failed;
@@ -398,12 +397,12 @@ void cldapd_netlogon_request(struct cldap_socket *cldap,
struct ldb_parse_tree *t = tree->u.list.elements[i];
if (t->operation != LDB_OP_EQUALITY) goto failed;
if (strcasecmp(t->u.equality.attr, "DnsDomain") == 0) {
- domain = talloc_strndup(tmp_ctx,
+ *domain = talloc_strndup(tmp_ctx,
(const char
*)t->u.equality.value.data,
t->u.equality.value.length);
}
if (strcasecmp(t->u.equality.attr, "Host") == 0) {
- host = talloc_strndup(tmp_ctx,
+ *host = talloc_strndup(tmp_ctx,
(const char
*)t->u.equality.value.data,
t->u.equality.value.length);
}
@@ -413,70 +412,49 @@ void cldapd_netlogon_request(struct cldap_socket *cldap,
enc_status = ldap_decode_ndr_GUID(tmp_ctx,
t->u.equality.value,
&guid);
if (NT_STATUS_IS_OK(enc_status)) {
- domain_guid = GUID_string(tmp_ctx, &guid);
+ *domain_guid = GUID_string(tmp_ctx, &guid);
}
}
if (strcasecmp(t->u.equality.attr, "DomainSid") == 0) {
enum ndr_err_code ndr_err;
- domain_sid = talloc(tmp_ctx, struct dom_sid);
- if (domain_sid == NULL) {
+ *domain_sid = talloc(tmp_ctx, struct dom_sid);
+ if (*domain_sid == NULL) {
goto failed;
}
ndr_err = ndr_pull_struct_blob(&t->u.equality.value,
- domain_sid, domain_sid,
+ *domain_sid, *domain_sid,
(ndr_pull_flags_fn_t)ndr_pull_dom_sid);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
- talloc_free(domain_sid);
+ talloc_free(*domain_sid);
goto failed;
}
}
if (strcasecmp(t->u.equality.attr, "User") == 0) {
- user = talloc_strndup(tmp_ctx,
- (const char
*)t->u.equality.value.data,
- t->u.equality.value.length);
+ *user = talloc_strndup(tmp_ctx,
+ (const char
*)t->u.equality.value.data,
+ t->u.equality.value.length);
}
if (strcasecmp(t->u.equality.attr, "NtVer") == 0 &&
t->u.equality.value.length == 4) {
- version = IVAL(t->u.equality.value.data, 0);
+ *version = IVAL(t->u.equality.value.data, 0);
}
if (strcasecmp(t->u.equality.attr, "AAC") == 0 &&
t->u.equality.value.length == 4) {
- acct_control = IVAL(t->u.equality.value.data, 0);
+ *acct_control = IVAL(t->u.equality.value.data, 0);
}
}
- if ((domain == NULL) && (domain_guid == NULL) && (domain_sid == NULL)) {
- domain = lpcfg_dnsdomain(cldapd->task->lp_ctx);
+ if ((*domain == NULL) && (*domain_guid == NULL) && (*domain_sid ==
NULL)) {
+ *domain = lpcfg_dnsdomain(lp_ctx);
}
- if (version == -1) {
+ if (*version == -1) {
goto failed;
}
- DEBUG(5,("cldap netlogon query domain=%s host=%s user=%s version=%d
guid=%s\n",
- domain, host, user, version, domain_guid));
-
- status = fill_netlogon_samlogon_response(cldapd->samctx, tmp_ctx,
- domain, NULL, domain_sid,
- domain_guid,
- user, acct_control,
-
tsocket_address_inet_addr_string(src, tmp_ctx),
- version, cldapd->task->lp_ctx,
- &netlogon, false);
- if (!NT_STATUS_IS_OK(status)) {
- goto failed;
- }
-
- status = cldap_netlogon_reply(cldap, message_id, src, version,
&netlogon);
- if (!NT_STATUS_IS_OK(status)) {
- goto failed;
- }
+ return NT_STATUS_OK;
- return;
-
failed:
- DEBUG(2,("cldap netlogon query failed domain=%s host=%s version=%d -
%s\n",
- domain, host, version, nt_errstr(status)));
- cldap_empty_reply(cldap, message_id, src);
+ return NT_STATUS_UNSUCCESSFUL;
}
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c
b/source4/dsdb/samdb/ldb_modules/rootdse.c
index 167201e..f905aa2 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -34,6 +34,8 @@
#include "param/param.h"
#include "lib/messaging/irpc.h"
#include "librpc/gen_ndr/ndr_irpc_c.h"
+#include "lib/tsocket/tsocket.h"
+#include "cldap_server/cldap_server.h"
struct private_data {
unsigned int num_controls;
@@ -43,6 +45,12 @@ struct private_data {
bool block_anonymous;
};
+struct rootdse_context {
+ struct ldb_module *module;
+ struct ldb_request *req;
+ struct ldb_val netlogon;
+};
+
/*
return 1 if a specific attribute has been requested
*/
@@ -216,11 +224,11 @@ static int dsdb_module_we_are_master(struct ldb_module
*module, struct ldb_dn *d
/*
add dynamically generated attributes to rootDSE result
*/
-static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_message
*msg,
- const char * const *attrs, struct ldb_request
*req)
+static int rootdse_add_dynamic(struct rootdse_context *ac, struct ldb_message
*msg)
{
struct ldb_context *ldb;
- struct private_data *priv =
talloc_get_type(ldb_module_get_private(module), struct private_data);
+ struct private_data *priv =
talloc_get_type(ldb_module_get_private(ac->module), struct private_data);
+ const char * const *attrs = ac->req->op.search.attrs;
char **server_sasl;
const struct dsdb_schema *schema;
int *val;
@@ -241,7 +249,7 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
};
unsigned int i;
- ldb = ldb_module_get_ctx(module);
+ ldb = ldb_module_get_ctx(ac->module);
schema = dsdb_get_schema(ldb, NULL);
msg->dn = ldb_dn_new(msg, ldb, NULL);
@@ -262,11 +270,11 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
struct ldb_result *res;
int ret;
const char *dns_attrs[] = { "dNSHostName", NULL };
- ret = dsdb_module_search_dn(module, msg, &res,
samdb_server_dn(ldb, msg),
+ ret = dsdb_module_search_dn(ac->module, msg, &res,
samdb_server_dn(ldb, msg),
dns_attrs,
DSDB_FLAG_NEXT_MODULE |
DSDB_FLAG_AS_SYSTEM,
- req);
+ ac->req);
if (ret == LDB_SUCCESS) {
const char *hostname =
ldb_msg_find_attr_as_string(res->msgs[0], "dNSHostName", NULL);
if (hostname != NULL) {
@@ -402,7 +410,7 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
for (i=0; i<3; i++) {
bool master;
- int ret = dsdb_module_we_are_master(module, dns[i],
&master, req);
+ int ret = dsdb_module_we_are_master(ac->module, dns[i],
&master, ac->req);
if (ret != LDB_SUCCESS) {
goto failed;
}
@@ -472,9 +480,15 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
}
}
+ if (ac->netlogon.length > 0) {
+ if (ldb_msg_add_steal_value(msg, "netlogon", &ac->netlogon) !=
LDB_SUCCESS) {
+ goto failed;
+ }
+ }
+
/* TODO: lots more dynamic attributes should be added here */
- edn_control = ldb_request_get_control(req, LDB_CONTROL_EXTENDED_DN_OID);
+ edn_control = ldb_request_get_control(ac->req,
LDB_CONTROL_EXTENDED_DN_OID);
/* convert any GUID attributes to be in the right form */
for (i=0; guid_attrs[i]; i++) {
@@ -486,17 +500,17 @@ static int rootdse_add_dynamic(struct ldb_module *module,
struct ldb_message *ms
if (!do_attribute(attrs, guid_attrs[i])) continue;
- attr_dn = ldb_msg_find_attr_as_dn(ldb, req, msg, guid_attrs[i]);
--
Samba Shared Repository
