The branch, master has been updated via 0d962e0 selftest: Confirm a demote of a real network works via be2e0e6 selftest: Add sample provision of master-c596ac6 with multiple DCs via 97577fd Add samba4.smb2.create.mkdir-dup(ad_dc_ntvfs) as flapping via 55a13e1 samba-tool domain demote: Add support for removing by NTDS GUID via e57dcdd samba-tool domain demote: Add --verbose and --quiet options via 642de91 samba-tool domain demote: Remove dns-SERVER object as well via 145bb6f samba-tool domain demote: Remove all references to the demoted host, even in DNS via 3226077 pydns: Add replace_by_dn() via a3b92a5 samba-tool domain demote: Use dn.add_base/dn.add_child via 00ffb67 samba-tool domain demote: Remove correct DNs and from the correct locations via fff09da dns_server: Give WERR_DNS_ERROR_NAME_DOES_NOT_EXIST on empty records via 27039a7 selftest: Add tests confirming the demote actually removes objects via e432c1b samba-tool domain demote: Refuse to remove ourself via 097435c selftest: Run samba-tool domain demote while we have a clone of the DB handy via 1f88353 samba-tool domain demote: Rework to allow cleanup of partial demotion, catch more errors via 8086900 selftest: Make it clear that the first argument to KCC.run() is unused via 6965c98 selftest: Run demote test against the RODC environment also via cf075f2 selftest: Reorder tests.py to ensure that demote, then dbcheck run last. via f121173cb samba-tool domain demote: Allow to operate on an RODC and a subdomain via 1874f59 samba-tool domain demote: Add --remove-other-dead-server via 2191fca dns_server: Add python method to extract a DNS entry from a ldb.MessageElement via b48776d pydsdb: Also accept ldb.MessageElement values to dsdb routines via 87cd68c dns_server: Add a python module directly accessing DNS records in sam.ldb via 0504065 dns_server: Put more code in common via 2715805 selftest: Add tests for samdb_to_ldif_file via dadfffb python/kcc: Write correct module list into the file during ldif_to_samdb via 1c02f28 ldb: Fix python bindings to accept a string as a DN via ffe8090 samba-tool drs clone-dc-database: Require --targetdir via 04512d1 repl: Use DSDB_REPL_FLAG_PRIORITISE_INCOMING in samba-tool drs replicate --local via d1d5ec3 samba-tool drs clone-dc: Add --include-secrets option via 4b25650 repl: Give an error if we get a secret when not expecting one via 6d301ad samba-tool: Add new command 'samba-tool drs clone-dc-database' via 80171dd samba-tool: Remove vampire subcommand and now unused libnet_Vampire() via 6cd8e79 repl_meta_data: Print more detail into the LDB error string, not just DEBUG() from 0a924d1 smbd: Send SMB2 oplock breaks unencrypted
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 0d962e010ea834c0479f403a4c8b38b05b7a0409 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Oct 23 15:38:23 2015 +1300 selftest: Confirm a demote of a real network works Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Mon Oct 26 08:17:47 CET 2015 on sn-devel-104 commit be2e0e6ff7e7388711c1d1570057ec0dfd36c39d Author: Andrew Bartlett <abart...@samba.org> Date: Fri Oct 23 15:05:25 2015 +1300 selftest: Add sample provision of master-c596ac6 with multiple DCs This will let us test demoting a DC from a multi-DC network Reviewed-by: Garming Sam <garm...@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abart...@samba.org> commit 97577fd0888feefc72365c534c8adbff69467404 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Oct 22 12:01:48 2015 +1300 Add samba4.smb2.create.mkdir-dup(ad_dc_ntvfs) as flapping This test sometimes succeeds, depending on the build environment. (Corrects earlier patch to also remove from knownfail) BUG: https://bugzilla.samba.org/show_bug.cgi?id=11486 Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 55a13e17b36adc69eb4ec7d706cb9a55906f8275 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Oct 20 13:48:07 2015 +1300 samba-tool domain demote: Add support for removing by NTDS GUID This would help remove a DC that is a conflict record, for example Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit e57dcddfe8ca4c2b5591cf3e1687d1ef89112c1a Author: Andrew Bartlett <abart...@samba.org> Date: Fri Oct 16 13:47:29 2015 +1300 samba-tool domain demote: Add --verbose and --quiet options Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 642de9193fa0f9ad54a1881c8657354fec87b6ac Author: Andrew Bartlett <abart...@samba.org> Date: Fri Oct 16 13:00:20 2015 +1300 samba-tool domain demote: Remove dns-SERVER object as well This object is not in standard AD, but Marc Muehlfeld correctly notes that Samba creates it for BIND9_DLZ Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 145bb6fd7b0e7c9364005ea140c8ea7bc9b65395 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Oct 14 16:57:31 2015 +1300 samba-tool domain demote: Remove all references to the demoted host, even in DNS We search the in-directory DNS records for entries that point to the name or IP that the dead DC was using, and remove them Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 3226077627c9301bd27b9bdff6ea5db4c1579659 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Oct 14 16:56:41 2015 +1300 pydns: Add replace_by_dn() This allows us to find a DNS record by searching LDB and unpacking the dnsRecord but replace the record using the common code that will create a tombstone Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit a3b92a50d13a0a0d444b156c6dcffa0eebb9c03b Author: Andrew Bartlett <abart...@samba.org> Date: Fri Oct 23 13:12:03 2015 +1300 samba-tool domain demote: Use dn.add_base/dn.add_child This is done primarilly to set the pattern that we should manipulate ldb.Dn values with the helper routines, not just by concatonation via format strings. We also restrict our exception hadling to only the expected errors, not all errors. Andrew Bartlett Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 00ffb67be2c73582502ef1d2931853ec9899a9ef Author: Andrew Bartlett <abart...@samba.org> Date: Fri Oct 23 13:05:24 2015 +1300 samba-tool domain demote: Remove correct DNs and from the correct locations The previous code missed the CN=DFSR-GlobalSettings children and did not cope with subdomains. The root DN may not be the domain DN if we are a subdomain. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit fff09dae6d299a2b45bda44264c98cfde2348880 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Oct 14 11:59:26 2015 +1300 dns_server: Give WERR_DNS_ERROR_NAME_DOES_NOT_EXIST on empty records When not looking for tombstones, a record without a dnsRecord value may as well not be present, so just return WERR_DNS_ERROR_NAME_DOES_NOT_EXIST Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 27039a7b1cfe16f40e07c6179887d2ab4f4967a5 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Oct 13 16:41:44 2015 +1300 selftest: Add tests confirming the demote actually removes objects Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit e432c1b6826ecafeb355bd1d06e33f2eb67e58b8 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Oct 13 15:26:20 2015 +1300 samba-tool domain demote: Refuse to remove ourself This ensures that a different server is the one being demoted from the local database Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 097435cfd9ba1bc3778e1637b55e78e5ba182061 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Oct 13 15:23:55 2015 +1300 selftest: Run samba-tool domain demote while we have a clone of the DB handy This avoids needing to run the demote on the main replicated DB of the selftest system Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 1f8835371328689b9ffff57f0ad77cca057e3f91 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Sep 24 14:07:51 2015 +1200 samba-tool domain demote: Rework to allow cleanup of partial demotion, catch more errors Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 8086900077a23c1c8d94afe691d99d180a297d81 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Sep 22 15:51:33 2015 +1200 selftest: Make it clear that the first argument to KCC.run() is unused This is unused because we have already provided a database via import_ldif Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 6965c981597896486caf9bddd1fe7b5674771004 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Sep 22 15:40:00 2015 +1200 selftest: Run demote test against the RODC environment also commit cf075f23816007694823c4ec6a4695e86f3471c6 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Sep 22 15:39:19 2015 +1200 selftest: Reorder tests.py to ensure that demote, then dbcheck run last. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit f121173cbf46fe64746d73adf40015c43d5c55fc Author: Andrew Bartlett <abart...@samba.org> Date: Fri Oct 23 11:23:05 2015 +1300 samba-tool domain demote: Allow to operate on an RODC and a subdomain On an RODC the local database cannot be modified, and the flags to remove are different, we need instead to remove UF_PARTIAL_SECRETS_ACCOUNT. If we are in a subdomain, then db.get_root_basedn() points to the forest root, not the root of our domain If the removeDsServer() fails with WERR_DS_DRA_NO_REPLICA this may be reasonably considered to be success in this case. Finally, the remove_dc.remove_sysvol_references() is reused for objects not under the computer account. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> domain demote Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 1874f592006d8808aa8f3bc97c94d9464a7053cf Author: Andrew Bartlett <abart...@samba.org> Date: Mon Sep 14 15:56:52 2015 +1200 samba-tool domain demote: Add --remove-other-dead-server The new version of this tool now can remove another DC that is itself offline. The --remove-other-dead-server removes as many references to the DC as possible. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 2191fcaedc5efb703730839f09606fd0fd27da94 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Sep 22 15:32:57 2015 +1200 dns_server: Add python method to extract a DNS entry from a ldb.MessageElement Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit b48776d78b446ad4abd4a6bc2ba6b488a29b11d2 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Sep 22 15:25:30 2015 +1200 pydsdb: Also accept ldb.MessageElement values to dsdb routines This shows the correct way to accept a value that may be a list of strings or a proper ldb.MessageElement. Andrew Bartlett Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 87cd68c1dc0427521061f8febbcc18d73e21ab18 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Sep 22 12:11:04 2015 +1200 dns_server: Add a python module directly accessing DNS records in sam.ldb Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 0504065948eec9bd65296d5956b5863d9af06e41 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Sep 22 12:10:00 2015 +1200 dns_server: Put more code in common This will allow a python module to be written to modify DNS entries in sam.ldb directly Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 2715805f4c617b9a5d9ae7d2252c6adb30ab6490 Author: Andrew Bartlett <abart...@samba.org> Date: Mon Sep 14 13:47:31 2015 +1200 selftest: Add tests for samdb_to_ldif_file Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit dadfffb51916ab26de51924733b31969173627a7 Author: Andrew Bartlett <abart...@samba.org> Date: Mon Sep 14 13:48:04 2015 +1200 python/kcc: Write correct module list into the file during ldif_to_samdb Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 1c02f2801ecd05df23730eea2b6e162f4d5186f1 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Oct 14 13:49:01 2015 +1300 ldb: Fix python bindings to accept a string as a DN This fixes add_base(), add_child() and is_child_of(). This removes a toally incorrect cast of struct ldb_dn to struct ldb_context. A helper routine is used instead Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit ffe8090c898ac649b132fbfc7d79965dd98ff6c1 Author: Andrew Bartlett <abart...@samba.org> Date: Mon Oct 12 17:50:27 2015 +1300 samba-tool drs clone-dc-database: Require --targetdir Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 04512d1a9d9325ed6cd924b47ca22a7049cca8ac Author: Andrew Bartlett <abart...@samba.org> Date: Wed Aug 19 13:30:55 2015 +1200 repl: Use DSDB_REPL_FLAG_PRIORITISE_INCOMING in samba-tool drs replicate --local Previously this would only be set when we did server-to-server replication Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit d1d5ec311a6dd2fabe92b7dd89c156a4288490e4 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Aug 19 13:29:35 2015 +1200 samba-tool drs clone-dc: Add --include-secrets option This allows the creation of domain clones that have no secrets, and so make it safer to examine databases that demonstrate issues Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 4b25650577cd5c20729f3405c64c20ddf71b0ae3 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Aug 19 13:26:41 2015 +1200 repl: Give an error if we get a secret when not expecting one We should never get a secret from a server when we specify DRSUAPI_DRS_SPECIAL_SECRET_PROCESSING This asserts that this is the case. Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 6d301ad1c9ff0f1ccd4f97bd5f234b10707a15bf Author: Andrew Bartlett <abart...@samba.org> Date: Mon Aug 17 15:33:31 2015 +1200 samba-tool: Add new command 'samba-tool drs clone-dc-database' This command makes a clone of an existing AD Domain, but does not join the domain. This allows us to test if the join would work without adding objects to the target DC. The server password will need to be reset for the clone to be any use, see the source4/scripting/devel/chgtdcpass (Based on patches written with Garming Sam) Andrew Bartlett Signed-off-by: Andrew Bartlett <abart...@samba.org> Signed-off-by: Garming Sam <garm...@catalyst.net.nz> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 80171ddcff792081415f4a4cb5614043338d9b81 Author: Andrew Bartlett <abart...@samba.org> Date: Tue Aug 25 15:51:19 2015 +1200 samba-tool: Remove vampire subcommand and now unused libnet_Vampire() This has been deprecated for a long time now Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> commit 6cd8e79257a653e5df79c6bebb8689c0203a4f48 Author: Andrew Bartlett <abart...@samba.org> Date: Thu Sep 24 14:08:37 2015 +1200 repl_meta_data: Print more detail into the LDB error string, not just DEBUG() Signed-off-by: Andrew Bartlett <abart...@samba.org> Reviewed-by: Garming Sam <garm...@catalyst.net.nz> ----------------------------------------------------------------------- Summary of changes: lib/ldb/ABI/ldb-1.1.22.sigs | 264 + ...ldb-util-1.1.10.sigs => pyldb-util-1.1.22.sigs} | 0 lib/ldb/common/ldb_dn.c | 5 + lib/ldb/include/ldb_private.h | 8 + lib/ldb/pyldb.c | 8 +- lib/ldb/tests/python/api.py | 29 + lib/ldb/wscript | 2 +- libcli/drsuapi/drsuapi.h | 1 + libcli/drsuapi/repl_decrypt.c | 6 + python/samba/dbchecker.py | 4 +- python/samba/join.py | 144 +- python/samba/kcc/ldif_import_export.py | 10 +- python/samba/netcmd/domain.py | 136 +- python/samba/netcmd/drs.py | 46 + python/samba/netcmd/main.py | 2 - python/samba/netcmd/vampire.py | 55 - python/samba/remove_dc.py | 435 + python/samba/samdb.py | 25 +- python/samba/tests/__init__.py | 2 +- python/samba/tests/blackbox/samba_tool_drs.py | 169 +- python/samba/tests/kcc/ldif_import_export.py | 31 +- python/samba/tests/provision.py | 3 - selftest/flapping | 2 +- selftest/knownfail | 1 - selftest/tests.py | 4 + source3/libnet/libnet_dssync.c | 1 + source4/dns_server/dns_server.c | 66 +- source4/dns_server/dns_server.h | 9 +- source4/dns_server/dns_utils.c | 88 +- source4/dns_server/dnsserver_common.c | 192 +- source4/dns_server/dnsserver_common.h | 18 +- source4/dns_server/pydns.c | 319 + source4/dns_server/wscript_build | 6 + source4/dsdb/pydsdb.c | 113 +- source4/dsdb/repl/drepl_out_helpers.c | 3 + source4/dsdb/repl/replicated_objects.c | 23 +- source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 66 +- source4/dsdb/samdb/samdb.h | 1 + source4/libnet/libnet_vampire.c | 293 +- source4/libnet/py_net.c | 59 - .../multi-dc-samba-master-c596ac6/etc/smb.conf | 17 + .../private/dns_update_cache | 26 + .../private}/dns_update_list | 0 .../private/hklm.ldb.dump | 80 + .../private/idmap.ldb.dump | 220 + .../private/krb5.conf | 4 + .../private/named.conf.update | 9 + .../private/netlogon_creds_cli.tdb.dump | 0 .../private/privilege.ldb.dump | 156 + .../private/randseed.tdb.dump | 0 ...FIGURATION,DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump | 29424 +++++++++++++ ...FIGURATION,DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump | 43468 +++++++++++++++++++ ...INDNSZONES,DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump | 928 + ...STDNSZONES,DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump | 488 + .../sam.ldb.d/DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump | 7236 +++ .../private/sam.ldb.d/metadata.tdb.dump | 4 + .../private/sam.ldb.dump | 36 + .../private/schannel_store.tdb.dump | 0 .../private/secrets.keytab | Bin 0 -> 1212 bytes .../private/secrets.ldb.dump | 44 + .../private/secrets.tdb.dump | 32 + .../private/share.ldb.dump | 32 + .../private/spn_update_list | 0 .../private/tls/ca.pem | 17 + .../private/tls/cert.pem | 17 + .../private/tls/key.pem | 15 + source4/selftest/tests.py | 17 +- testprogs/blackbox/demote-saveddb.sh | 67 + 68 files changed, 84221 insertions(+), 765 deletions(-) create mode 100644 lib/ldb/ABI/ldb-1.1.22.sigs copy lib/ldb/ABI/{pyldb-util-1.1.10.sigs => pyldb-util-1.1.22.sigs} (100%) delete mode 100644 python/samba/netcmd/vampire.py create mode 100644 python/samba/remove_dc.py create mode 100644 source4/dns_server/pydns.c create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/etc/smb.conf create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/dns_update_cache copy source4/{setup => selftest/provisions/multi-dc-samba-master-c596ac6/private}/dns_update_list (100%) create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/hklm.ldb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/idmap.ldb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/krb5.conf create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/named.conf.update copy buildtools/wafsamba/__init__.py => source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/netlogon_creds_cli.tdb.dump (100%) create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/privilege.ldb.dump copy source4/selftest/provisions/{release-4-1-0rc3 => multi-dc-samba-master-c596ac6}/private/randseed.tdb.dump (100%) create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/sam.ldb.d/CN=CONFIGURATION,DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/sam.ldb.d/CN=SCHEMA,CN=CONFIGURATION,DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/sam.ldb.d/DC=DOMAINDNSZONES,DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/sam.ldb.d/DC=FORESTDNSZONES,DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/sam.ldb.d/DC=SAMDOM,DC=EXAMPLE,DC=COM.ldb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/sam.ldb.d/metadata.tdb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/sam.ldb.dump copy source4/selftest/provisions/{release-4-1-0rc3 => multi-dc-samba-master-c596ac6}/private/schannel_store.tdb.dump (100%) create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/secrets.keytab create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/secrets.ldb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/secrets.tdb.dump create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/share.ldb.dump copy source4/selftest/provisions/{release-4-0-0 => multi-dc-samba-master-c596ac6}/private/spn_update_list (100%) create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/tls/ca.pem create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/tls/cert.pem create mode 100644 source4/selftest/provisions/multi-dc-samba-master-c596ac6/private/tls/key.pem create mode 100755 testprogs/blackbox/demote-saveddb.sh Changeset truncated at 500 lines: diff --git a/lib/ldb/ABI/ldb-1.1.22.sigs b/lib/ldb/ABI/ldb-1.1.22.sigs new file mode 100644 index 0000000..6d9767b --- /dev/null +++ b/lib/ldb/ABI/ldb-1.1.22.sigs @@ -0,0 +1,264 @@ +ldb_add: int (struct ldb_context *, const struct ldb_message *) +ldb_any_comparison: int (struct ldb_context *, void *, ldb_attr_handler_t, const struct ldb_val *, const struct ldb_val *) +ldb_asprintf_errstring: void (struct ldb_context *, const char *, ...) +ldb_attr_casefold: char *(TALLOC_CTX *, const char *) +ldb_attr_dn: int (const char *) +ldb_attr_in_list: int (const char * const *, const char *) +ldb_attr_list_copy: const char **(TALLOC_CTX *, const char * const *) +ldb_attr_list_copy_add: const char **(TALLOC_CTX *, const char * const *, const char *) +ldb_base64_decode: int (char *) +ldb_base64_encode: char *(TALLOC_CTX *, const char *, int) +ldb_binary_decode: struct ldb_val (TALLOC_CTX *, const char *) +ldb_binary_encode: char *(TALLOC_CTX *, struct ldb_val) +ldb_binary_encode_string: char *(TALLOC_CTX *, const char *) +ldb_build_add_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) +ldb_build_del_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) +ldb_build_extended_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, const char *, void *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) +ldb_build_mod_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) +ldb_build_rename_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, struct ldb_dn *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) +ldb_build_search_req: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, enum ldb_scope, const char *, const char * const *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) +ldb_build_search_req_ex: int (struct ldb_request **, struct ldb_context *, TALLOC_CTX *, struct ldb_dn *, enum ldb_scope, struct ldb_parse_tree *, const char * const *, struct ldb_control **, void *, ldb_request_callback_t, struct ldb_request *) +ldb_casefold: char *(struct ldb_context *, TALLOC_CTX *, const char *, size_t) +ldb_casefold_default: char *(void *, TALLOC_CTX *, const char *, size_t) +ldb_check_critical_controls: int (struct ldb_control **) +ldb_comparison_binary: int (struct ldb_context *, void *, const struct ldb_val *, const struct ldb_val *) +ldb_comparison_fold: int (struct ldb_context *, void *, const struct ldb_val *, const struct ldb_val *) +ldb_connect: int (struct ldb_context *, const char *, unsigned int, const char **) +ldb_control_to_string: char *(TALLOC_CTX *, const struct ldb_control *) +ldb_controls_except_specified: struct ldb_control **(struct ldb_control **, TALLOC_CTX *, struct ldb_control *) +ldb_debug: void (struct ldb_context *, enum ldb_debug_level, const char *, ...) +ldb_debug_add: void (struct ldb_context *, const char *, ...) +ldb_debug_end: void (struct ldb_context *, enum ldb_debug_level) +ldb_debug_set: void (struct ldb_context *, enum ldb_debug_level, const char *, ...) +ldb_delete: int (struct ldb_context *, struct ldb_dn *) +ldb_dn_add_base: bool (struct ldb_dn *, struct ldb_dn *) +ldb_dn_add_base_fmt: bool (struct ldb_dn *, const char *, ...) +ldb_dn_add_child: bool (struct ldb_dn *, struct ldb_dn *) +ldb_dn_add_child_fmt: bool (struct ldb_dn *, const char *, ...) +ldb_dn_alloc_casefold: char *(TALLOC_CTX *, struct ldb_dn *) +ldb_dn_alloc_linearized: char *(TALLOC_CTX *, struct ldb_dn *) +ldb_dn_canonical_ex_string: char *(TALLOC_CTX *, struct ldb_dn *) +ldb_dn_canonical_string: char *(TALLOC_CTX *, struct ldb_dn *) +ldb_dn_check_local: bool (struct ldb_module *, struct ldb_dn *) +ldb_dn_check_special: bool (struct ldb_dn *, const char *) +ldb_dn_compare: int (struct ldb_dn *, struct ldb_dn *) +ldb_dn_compare_base: int (struct ldb_dn *, struct ldb_dn *) +ldb_dn_copy: struct ldb_dn *(TALLOC_CTX *, struct ldb_dn *) +ldb_dn_escape_value: char *(TALLOC_CTX *, struct ldb_val) +ldb_dn_extended_add_syntax: int (struct ldb_context *, unsigned int, const struct ldb_dn_extended_syntax *) +ldb_dn_extended_filter: void (struct ldb_dn *, const char * const *) +ldb_dn_extended_syntax_by_name: const struct ldb_dn_extended_syntax *(struct ldb_context *, const char *) +ldb_dn_from_ldb_val: struct ldb_dn *(TALLOC_CTX *, struct ldb_context *, const struct ldb_val *) +ldb_dn_get_casefold: const char *(struct ldb_dn *) +ldb_dn_get_comp_num: int (struct ldb_dn *) +ldb_dn_get_component_name: const char *(struct ldb_dn *, unsigned int) +ldb_dn_get_component_val: const struct ldb_val *(struct ldb_dn *, unsigned int) +ldb_dn_get_extended_comp_num: int (struct ldb_dn *) +ldb_dn_get_extended_component: const struct ldb_val *(struct ldb_dn *, const char *) +ldb_dn_get_extended_linearized: char *(TALLOC_CTX *, struct ldb_dn *, int) +ldb_dn_get_ldb_context: struct ldb_context *(struct ldb_dn *) +ldb_dn_get_linearized: const char *(struct ldb_dn *) +ldb_dn_get_parent: struct ldb_dn *(TALLOC_CTX *, struct ldb_dn *) +ldb_dn_get_rdn_name: const char *(struct ldb_dn *) +ldb_dn_get_rdn_val: const struct ldb_val *(struct ldb_dn *) +ldb_dn_has_extended: bool (struct ldb_dn *) +ldb_dn_is_null: bool (struct ldb_dn *) +ldb_dn_is_special: bool (struct ldb_dn *) +ldb_dn_is_valid: bool (struct ldb_dn *) +ldb_dn_map_local: struct ldb_dn *(struct ldb_module *, void *, struct ldb_dn *) +ldb_dn_map_rebase_remote: struct ldb_dn *(struct ldb_module *, void *, struct ldb_dn *) +ldb_dn_map_remote: struct ldb_dn *(struct ldb_module *, void *, struct ldb_dn *) +ldb_dn_minimise: bool (struct ldb_dn *) +ldb_dn_new: struct ldb_dn *(TALLOC_CTX *, struct ldb_context *, const char *) +ldb_dn_new_fmt: struct ldb_dn *(TALLOC_CTX *, struct ldb_context *, const char *, ...) +ldb_dn_remove_base_components: bool (struct ldb_dn *, unsigned int) +ldb_dn_remove_child_components: bool (struct ldb_dn *, unsigned int) +ldb_dn_remove_extended_components: void (struct ldb_dn *) +ldb_dn_replace_components: bool (struct ldb_dn *, struct ldb_dn *) +ldb_dn_set_component: int (struct ldb_dn *, int, const char *, const struct ldb_val) +ldb_dn_set_extended_component: int (struct ldb_dn *, const char *, const struct ldb_val *) +ldb_dn_update_components: int (struct ldb_dn *, const struct ldb_dn *) +ldb_dn_validate: bool (struct ldb_dn *) +ldb_dump_results: void (struct ldb_context *, struct ldb_result *, FILE *) +ldb_error_at: int (struct ldb_context *, int, const char *, const char *, int) +ldb_errstring: const char *(struct ldb_context *) +ldb_extended: int (struct ldb_context *, const char *, void *, struct ldb_result **) +ldb_extended_default_callback: int (struct ldb_request *, struct ldb_reply *) +ldb_filter_from_tree: char *(TALLOC_CTX *, const struct ldb_parse_tree *) +ldb_get_config_basedn: struct ldb_dn *(struct ldb_context *) +ldb_get_create_perms: unsigned int (struct ldb_context *) +ldb_get_default_basedn: struct ldb_dn *(struct ldb_context *) +ldb_get_event_context: struct tevent_context *(struct ldb_context *) +ldb_get_flags: unsigned int (struct ldb_context *) +ldb_get_opaque: void *(struct ldb_context *, const char *) +ldb_get_root_basedn: struct ldb_dn *(struct ldb_context *) +ldb_get_schema_basedn: struct ldb_dn *(struct ldb_context *) +ldb_global_init: int (void) +ldb_handle_new: struct ldb_handle *(TALLOC_CTX *, struct ldb_context *) +ldb_handler_copy: int (struct ldb_context *, void *, const struct ldb_val *, struct ldb_val *) +ldb_handler_fold: int (struct ldb_context *, void *, const struct ldb_val *, struct ldb_val *) +ldb_init: struct ldb_context *(TALLOC_CTX *, struct tevent_context *) +ldb_ldif_message_string: char *(struct ldb_context *, TALLOC_CTX *, enum ldb_changetype, const struct ldb_message *) +ldb_ldif_parse_modrdn: int (struct ldb_context *, const struct ldb_ldif *, TALLOC_CTX *, struct ldb_dn **, struct ldb_dn **, bool *, struct ldb_dn **, struct ldb_dn **) +ldb_ldif_read: struct ldb_ldif *(struct ldb_context *, int (*)(void *), void *) +ldb_ldif_read_file: struct ldb_ldif *(struct ldb_context *, FILE *) +ldb_ldif_read_file_state: struct ldb_ldif *(struct ldb_context *, struct ldif_read_file_state *) +ldb_ldif_read_free: void (struct ldb_context *, struct ldb_ldif *) +ldb_ldif_read_string: struct ldb_ldif *(struct ldb_context *, const char **) +ldb_ldif_write: int (struct ldb_context *, int (*)(void *, const char *, ...), void *, const struct ldb_ldif *) +ldb_ldif_write_file: int (struct ldb_context *, FILE *, const struct ldb_ldif *) +ldb_ldif_write_redacted_trace_string: char *(struct ldb_context *, TALLOC_CTX *, const struct ldb_ldif *) +ldb_ldif_write_string: char *(struct ldb_context *, TALLOC_CTX *, const struct ldb_ldif *) +ldb_load_modules: int (struct ldb_context *, const char **) +ldb_map_add: int (struct ldb_module *, struct ldb_request *) +ldb_map_delete: int (struct ldb_module *, struct ldb_request *) +ldb_map_init: int (struct ldb_module *, const struct ldb_map_attribute *, const struct ldb_map_objectclass *, const char * const *, const char *, const char *) +ldb_map_modify: int (struct ldb_module *, struct ldb_request *) +ldb_map_rename: int (struct ldb_module *, struct ldb_request *) +ldb_map_search: int (struct ldb_module *, struct ldb_request *) +ldb_match_msg: int (struct ldb_context *, const struct ldb_message *, const struct ldb_parse_tree *, struct ldb_dn *, enum ldb_scope) +ldb_match_msg_error: int (struct ldb_context *, const struct ldb_message *, const struct ldb_parse_tree *, struct ldb_dn *, enum ldb_scope, bool *) +ldb_match_msg_objectclass: int (const struct ldb_message *, const char *) +ldb_mod_register_control: int (struct ldb_module *, const char *) +ldb_modify: int (struct ldb_context *, const struct ldb_message *) +ldb_modify_default_callback: int (struct ldb_request *, struct ldb_reply *) +ldb_module_call_chain: char *(struct ldb_request *, TALLOC_CTX *) +ldb_module_connect_backend: int (struct ldb_context *, const char *, const char **, struct ldb_module **) +ldb_module_done: int (struct ldb_request *, struct ldb_control **, struct ldb_extended *, int) +ldb_module_flags: uint32_t (struct ldb_context *) +ldb_module_get_ctx: struct ldb_context *(struct ldb_module *) +ldb_module_get_name: const char *(struct ldb_module *) +ldb_module_get_ops: const struct ldb_module_ops *(struct ldb_module *) +ldb_module_get_private: void *(struct ldb_module *) +ldb_module_init_chain: int (struct ldb_context *, struct ldb_module *) +ldb_module_load_list: int (struct ldb_context *, const char **, struct ldb_module *, struct ldb_module **) +ldb_module_new: struct ldb_module *(TALLOC_CTX *, struct ldb_context *, const char *, const struct ldb_module_ops *) +ldb_module_next: struct ldb_module *(struct ldb_module *) +ldb_module_popt_options: struct poptOption **(struct ldb_context *) +ldb_module_send_entry: int (struct ldb_request *, struct ldb_message *, struct ldb_control **) +ldb_module_send_referral: int (struct ldb_request *, char *) +ldb_module_set_next: void (struct ldb_module *, struct ldb_module *) +ldb_module_set_private: void (struct ldb_module *, void *) +ldb_modules_hook: int (struct ldb_context *, enum ldb_module_hook_type) +ldb_modules_list_from_string: const char **(struct ldb_context *, TALLOC_CTX *, const char *) +ldb_modules_load: int (const char *, const char *) +ldb_msg_add: int (struct ldb_message *, const struct ldb_message_element *, int) +ldb_msg_add_empty: int (struct ldb_message *, const char *, int, struct ldb_message_element **) +ldb_msg_add_fmt: int (struct ldb_message *, const char *, const char *, ...) +ldb_msg_add_linearized_dn: int (struct ldb_message *, const char *, struct ldb_dn *) +ldb_msg_add_steal_string: int (struct ldb_message *, const char *, char *) +ldb_msg_add_steal_value: int (struct ldb_message *, const char *, struct ldb_val *) +ldb_msg_add_string: int (struct ldb_message *, const char *, const char *) +ldb_msg_add_value: int (struct ldb_message *, const char *, const struct ldb_val *, struct ldb_message_element **) +ldb_msg_canonicalize: struct ldb_message *(struct ldb_context *, const struct ldb_message *) +ldb_msg_check_string_attribute: int (const struct ldb_message *, const char *, const char *) +ldb_msg_copy: struct ldb_message *(TALLOC_CTX *, const struct ldb_message *) +ldb_msg_copy_attr: int (struct ldb_message *, const char *, const char *) +ldb_msg_copy_shallow: struct ldb_message *(TALLOC_CTX *, const struct ldb_message *) +ldb_msg_diff: struct ldb_message *(struct ldb_context *, struct ldb_message *, struct ldb_message *) +ldb_msg_difference: int (struct ldb_context *, TALLOC_CTX *, struct ldb_message *, struct ldb_message *, struct ldb_message **) +ldb_msg_element_compare: int (struct ldb_message_element *, struct ldb_message_element *) +ldb_msg_element_compare_name: int (struct ldb_message_element *, struct ldb_message_element *) +ldb_msg_element_equal_ordered: bool (const struct ldb_message_element *, const struct ldb_message_element *) +ldb_msg_find_attr_as_bool: int (const struct ldb_message *, const char *, int) +ldb_msg_find_attr_as_dn: struct ldb_dn *(struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, const char *) +ldb_msg_find_attr_as_double: double (const struct ldb_message *, const char *, double) +ldb_msg_find_attr_as_int: int (const struct ldb_message *, const char *, int) +ldb_msg_find_attr_as_int64: int64_t (const struct ldb_message *, const char *, int64_t) +ldb_msg_find_attr_as_string: const char *(const struct ldb_message *, const char *, const char *) +ldb_msg_find_attr_as_uint: unsigned int (const struct ldb_message *, const char *, unsigned int) +ldb_msg_find_attr_as_uint64: uint64_t (const struct ldb_message *, const char *, uint64_t) +ldb_msg_find_element: struct ldb_message_element *(const struct ldb_message *, const char *) +ldb_msg_find_ldb_val: const struct ldb_val *(const struct ldb_message *, const char *) +ldb_msg_find_val: struct ldb_val *(const struct ldb_message_element *, struct ldb_val *) +ldb_msg_new: struct ldb_message *(TALLOC_CTX *) +ldb_msg_normalize: int (struct ldb_context *, TALLOC_CTX *, const struct ldb_message *, struct ldb_message **) +ldb_msg_remove_attr: void (struct ldb_message *, const char *) +ldb_msg_remove_element: void (struct ldb_message *, struct ldb_message_element *) +ldb_msg_rename_attr: int (struct ldb_message *, const char *, const char *) +ldb_msg_sanity_check: int (struct ldb_context *, const struct ldb_message *) +ldb_msg_sort_elements: void (struct ldb_message *) +ldb_next_del_trans: int (struct ldb_module *) +ldb_next_end_trans: int (struct ldb_module *) +ldb_next_init: int (struct ldb_module *) +ldb_next_prepare_commit: int (struct ldb_module *) +ldb_next_remote_request: int (struct ldb_module *, struct ldb_request *) +ldb_next_request: int (struct ldb_module *, struct ldb_request *) +ldb_next_start_trans: int (struct ldb_module *) +ldb_op_default_callback: int (struct ldb_request *, struct ldb_reply *) +ldb_options_find: const char *(struct ldb_context *, const char **, const char *) +ldb_pack_data: int (struct ldb_context *, const struct ldb_message *, struct ldb_val *) +ldb_parse_control_from_string: struct ldb_control *(struct ldb_context *, TALLOC_CTX *, const char *) +ldb_parse_control_strings: struct ldb_control **(struct ldb_context *, TALLOC_CTX *, const char **) +ldb_parse_tree: struct ldb_parse_tree *(TALLOC_CTX *, const char *) +ldb_parse_tree_attr_replace: void (struct ldb_parse_tree *, const char *, const char *) +ldb_parse_tree_copy_shallow: struct ldb_parse_tree *(TALLOC_CTX *, const struct ldb_parse_tree *) +ldb_parse_tree_walk: int (struct ldb_parse_tree *, int (*)(struct ldb_parse_tree *, void *), void *) +ldb_qsort: void (void * const, size_t, size_t, void *, ldb_qsort_cmp_fn_t) +ldb_register_backend: int (const char *, ldb_connect_fn, bool) +ldb_register_extended_match_rule: int (struct ldb_context *, const struct ldb_extended_match_rule *) +ldb_register_hook: int (ldb_hook_fn) +ldb_register_module: int (const struct ldb_module_ops *) +ldb_rename: int (struct ldb_context *, struct ldb_dn *, struct ldb_dn *) +ldb_reply_add_control: int (struct ldb_reply *, const char *, bool, void *) +ldb_reply_get_control: struct ldb_control *(struct ldb_reply *, const char *) +ldb_req_get_custom_flags: uint32_t (struct ldb_request *) +ldb_req_is_untrusted: bool (struct ldb_request *) +ldb_req_location: const char *(struct ldb_request *) +ldb_req_mark_trusted: void (struct ldb_request *) +ldb_req_mark_untrusted: void (struct ldb_request *) +ldb_req_set_custom_flags: void (struct ldb_request *, uint32_t) +ldb_req_set_location: void (struct ldb_request *, const char *) +ldb_request: int (struct ldb_context *, struct ldb_request *) +ldb_request_add_control: int (struct ldb_request *, const char *, bool, void *) +ldb_request_done: int (struct ldb_request *, int) +ldb_request_get_control: struct ldb_control *(struct ldb_request *, const char *) +ldb_request_get_status: int (struct ldb_request *) +ldb_request_replace_control: int (struct ldb_request *, const char *, bool, void *) +ldb_request_set_state: void (struct ldb_request *, int) +ldb_reset_err_string: void (struct ldb_context *) +ldb_save_controls: int (struct ldb_control *, struct ldb_request *, struct ldb_control ***) +ldb_schema_attribute_add: int (struct ldb_context *, const char *, unsigned int, const char *) +ldb_schema_attribute_add_with_syntax: int (struct ldb_context *, const char *, unsigned int, const struct ldb_schema_syntax *) +ldb_schema_attribute_by_name: const struct ldb_schema_attribute *(struct ldb_context *, const char *) +ldb_schema_attribute_remove: void (struct ldb_context *, const char *) +ldb_schema_attribute_set_override_handler: void (struct ldb_context *, ldb_attribute_handler_override_fn_t, void *) +ldb_search: int (struct ldb_context *, TALLOC_CTX *, struct ldb_result **, struct ldb_dn *, enum ldb_scope, const char * const *, const char *, ...) +ldb_search_default_callback: int (struct ldb_request *, struct ldb_reply *) +ldb_sequence_number: int (struct ldb_context *, enum ldb_sequence_type, uint64_t *) +ldb_set_create_perms: void (struct ldb_context *, unsigned int) +ldb_set_debug: int (struct ldb_context *, void (*)(void *, enum ldb_debug_level, const char *, va_list), void *) +ldb_set_debug_stderr: int (struct ldb_context *) +ldb_set_default_dns: void (struct ldb_context *) +ldb_set_errstring: void (struct ldb_context *, const char *) +ldb_set_event_context: void (struct ldb_context *, struct tevent_context *) +ldb_set_flags: void (struct ldb_context *, unsigned int) +ldb_set_modules_dir: void (struct ldb_context *, const char *) +ldb_set_opaque: int (struct ldb_context *, const char *, void *) +ldb_set_timeout: int (struct ldb_context *, struct ldb_request *, int) +ldb_set_timeout_from_prev_req: int (struct ldb_context *, struct ldb_request *, struct ldb_request *) +ldb_set_utf8_default: void (struct ldb_context *) +ldb_set_utf8_fns: void (struct ldb_context *, void *, char *(*)(void *, void *, const char *, size_t)) +ldb_setup_wellknown_attributes: int (struct ldb_context *) +ldb_should_b64_encode: int (struct ldb_context *, const struct ldb_val *) +ldb_standard_syntax_by_name: const struct ldb_schema_syntax *(struct ldb_context *, const char *) +ldb_strerror: const char *(int) +ldb_string_to_time: time_t (const char *) +ldb_string_utc_to_time: time_t (const char *) +ldb_timestring: char *(TALLOC_CTX *, time_t) +ldb_timestring_utc: char *(TALLOC_CTX *, time_t) +ldb_transaction_cancel: int (struct ldb_context *) +ldb_transaction_cancel_noerr: int (struct ldb_context *) +ldb_transaction_commit: int (struct ldb_context *) +ldb_transaction_prepare_commit: int (struct ldb_context *) +ldb_transaction_start: int (struct ldb_context *) +ldb_unpack_data: int (struct ldb_context *, const struct ldb_val *, struct ldb_message *) +ldb_val_dup: struct ldb_val (TALLOC_CTX *, const struct ldb_val *) +ldb_val_equal_exact: int (const struct ldb_val *, const struct ldb_val *) +ldb_val_map_local: struct ldb_val (struct ldb_module *, void *, const struct ldb_map_attribute *, const struct ldb_val *) +ldb_val_map_remote: struct ldb_val (struct ldb_module *, void *, const struct ldb_map_attribute *, const struct ldb_val *) +ldb_val_string_cmp: int (const struct ldb_val *, const char *) +ldb_val_to_time: int (const struct ldb_val *, time_t *) +ldb_valid_attr_name: int (const char *) +ldb_vdebug: void (struct ldb_context *, enum ldb_debug_level, const char *, va_list) +ldb_wait: int (struct ldb_handle *, enum ldb_wait_type) diff --git a/lib/ldb/ABI/pyldb-util-1.1.10.sigs b/lib/ldb/ABI/pyldb-util-1.1.22.sigs similarity index 100% copy from lib/ldb/ABI/pyldb-util-1.1.10.sigs copy to lib/ldb/ABI/pyldb-util-1.1.22.sigs diff --git a/lib/ldb/common/ldb_dn.c b/lib/ldb/common/ldb_dn.c index 6b6f90c..85f89c1b 100644 --- a/lib/ldb/common/ldb_dn.c +++ b/lib/ldb/common/ldb_dn.c @@ -2155,3 +2155,8 @@ bool ldb_dn_minimise(struct ldb_dn *dn) return true; } + +struct ldb_context *ldb_dn_get_ldb_context(struct ldb_dn *dn) +{ + return dn->ldb; +} diff --git a/lib/ldb/include/ldb_private.h b/lib/ldb/include/ldb_private.h index 7977448..eef5e1b 100644 --- a/lib/ldb/include/ldb_private.h +++ b/lib/ldb/include/ldb_private.h @@ -211,4 +211,12 @@ int ldb_unpack_data(struct ldb_context *ldb, const struct ldb_val *data, struct ldb_message *message); +/* + * Get the LDB context in use on an LDB DN. + * + * This is helpful to the python LDB code, which may use as part of + * adding base and child components to an existing DN. + */ +struct ldb_context *ldb_dn_get_ldb_context(struct ldb_dn *dn); + #endif diff --git a/lib/ldb/pyldb.c b/lib/ldb/pyldb.c index f18e06e..307f426 100644 --- a/lib/ldb/pyldb.c +++ b/lib/ldb/pyldb.c @@ -497,8 +497,6 @@ static PyObject *py_ldb_dn_get_parent(PyLdbDnObject *self) return (PyObject *)py_ret; } -#define dn_ldb_ctx(dn) ((struct ldb_context *)dn) - static PyObject *py_ldb_dn_add_child(PyLdbDnObject *self, PyObject *args) { PyObject *py_other; @@ -508,7 +506,7 @@ static PyObject *py_ldb_dn_add_child(PyLdbDnObject *self, PyObject *args) dn = pyldb_Dn_AsDn((PyObject *)self); - if (!pyldb_Object_AsDn(NULL, py_other, dn_ldb_ctx(dn), &other)) + if (!pyldb_Object_AsDn(NULL, py_other, ldb_dn_get_ldb_context(dn), &other)) return NULL; return PyBool_FromLong(ldb_dn_add_child(dn, other)); @@ -523,7 +521,7 @@ static PyObject *py_ldb_dn_add_base(PyLdbDnObject *self, PyObject *args) dn = pyldb_Dn_AsDn((PyObject *)self); - if (!pyldb_Object_AsDn(NULL, py_other, dn_ldb_ctx(dn), &other)) + if (!pyldb_Object_AsDn(NULL, py_other, ldb_dn_get_ldb_context(dn), &other)) return NULL; return PyBool_FromLong(ldb_dn_add_base(dn, other)); @@ -550,7 +548,7 @@ static PyObject *py_ldb_dn_is_child_of(PyLdbDnObject *self, PyObject *args) dn = pyldb_Dn_AsDn((PyObject *)self); - if (!pyldb_Object_AsDn(NULL, py_base, dn_ldb_ctx(dn), &base)) + if (!pyldb_Object_AsDn(NULL, py_base, ldb_dn_get_ldb_context(dn), &base)) return NULL; return PyBool_FromLong(ldb_dn_compare_base(base, dn) == 0); diff --git a/lib/ldb/tests/python/api.py b/lib/ldb/tests/python/api.py index d101de8..87fa797 100755 --- a/lib/ldb/tests/python/api.py +++ b/lib/ldb/tests/python/api.py @@ -411,6 +411,17 @@ class DnTests(TestCase): self.assertTrue(x.add_base(base)) self.assertEquals("dc=foo23,bar=bloe,bla=bloe", x.__str__()) + def test_add_child_str(self): + x = ldb.Dn(self.ldb, "dc=foo22,bar=bloe") + self.assertTrue(x.add_child("bla=bloe")) + self.assertEquals("bla=bloe,dc=foo22,bar=bloe", x.__str__()) + + def test_add_base_str(self): + x = ldb.Dn(self.ldb, "dc=foo23,bar=bloe") + base = "bla=bloe" + self.assertTrue(x.add_base(base)) + self.assertEquals("dc=foo23,bar=bloe,bla=bloe", x.__str__()) + def test_add(self): x = ldb.Dn(self.ldb, "dc=foo24") y = ldb.Dn(self.ldb, "bar=bla") @@ -457,6 +468,24 @@ class DnTests(TestCase): self.assertFalse(dn3.is_child_of(dn2)) self.assertFalse(dn1.is_child_of(dn4)) + def test_ldb_is_child_of_str(self): + """Testing ldb_dn_compare_dn""" + dn1_str = "dc=base" + dn2_str = "cn=foo,dc=base" + dn3_str = "cn=bar,dc=base" + dn4_str = "cn=baz,cn=bar,dc=base" + + dn1 = ldb.Dn(self.ldb, dn1_str) + dn2 = ldb.Dn(self.ldb, dn2_str) + dn3 = ldb.Dn(self.ldb, dn3_str) + dn4 = ldb.Dn(self.ldb, dn4_str) + + self.assertTrue(dn2.is_child_of(dn1_str)) + self.assertTrue(dn4.is_child_of(dn1_str)) + self.assertTrue(dn4.is_child_of(dn3_str)) + self.assertFalse(dn3.is_child_of(dn2_str)) + self.assertFalse(dn1.is_child_of(dn4_str)) + class LdbMsgTests(TestCase): def setUp(self): diff --git a/lib/ldb/wscript b/lib/ldb/wscript index 0996f51..70b84cb 100755 --- a/lib/ldb/wscript +++ b/lib/ldb/wscript @@ -1,7 +1,7 @@ #!/usr/bin/env python APPNAME = 'ldb' -VERSION = '1.1.21' +VERSION = '1.1.22' blddir = 'bin' diff --git a/libcli/drsuapi/drsuapi.h b/libcli/drsuapi/drsuapi.h index a4fb15f..7c6cf2f 100644 --- a/libcli/drsuapi/drsuapi.h +++ b/libcli/drsuapi/drsuapi.h @@ -29,6 +29,7 @@ WERROR drsuapi_decrypt_attribute_value(TALLOC_CTX *mem_ctx, WERROR drsuapi_decrypt_attribute(TALLOC_CTX *mem_ctx, const DATA_BLOB *gensec_skey, uint32_t rid, + uint32_t dsdb_repl_flags, struct drsuapi_DsReplicaAttribute *attr); diff --git a/libcli/drsuapi/repl_decrypt.c b/libcli/drsuapi/repl_decrypt.c index 00b8db8..4a2a28f 100644 --- a/libcli/drsuapi/repl_decrypt.c +++ b/libcli/drsuapi/repl_decrypt.c @@ -28,6 +28,7 @@ #include "../lib/crypto/crypto.h" #include "../libcli/drsuapi/drsuapi.h" #include "libcli/auth/libcli_auth.h" +#include "dsdb/samdb/samdb.h" WERROR drsuapi_decrypt_attribute_value(TALLOC_CTX *mem_ctx, const DATA_BLOB *gensec_skey, @@ -134,6 +135,7 @@ WERROR drsuapi_decrypt_attribute_value(TALLOC_CTX *mem_ctx, WERROR drsuapi_decrypt_attribute(TALLOC_CTX *mem_ctx, const DATA_BLOB *gensec_skey, uint32_t rid, + uint32_t dsdb_repl_flags, struct drsuapi_DsReplicaAttribute *attr) { WERROR status; @@ -164,6 +166,10 @@ WERROR drsuapi_decrypt_attribute(TALLOC_CTX *mem_ctx, return WERR_OK; } + if (dsdb_repl_flags & DSDB_REPL_FLAG_EXPECT_NO_SECRETS) { + return WERR_TOO_MANY_SECRETS; + } + if (attr->value_ctr.num_values > 1) { return WERR_DS_DRA_INVALID_PARAMETER; } diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py index 4fb9d12..69b4c61 100644 --- a/python/samba/dbchecker.py +++ b/python/samba/dbchecker.py @@ -1286,8 +1286,8 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base))) continue if str(attrname).lower() == 'objectclass': - normalised = self.samdb.dsdb_normalise_attributes(self.samdb_schema, attrname, list(obj[attrname])) - if list(normalised) != list(obj[attrname]): + normalised = self.samdb.dsdb_normalise_attributes(self.samdb_schema, attrname, obj[attrname]) + if normalised != obj[attrname]: self.err_normalise_mismatch_replace(dn, attrname, list(obj[attrname])) error_count += 1 continue diff --git a/python/samba/join.py b/python/samba/join.py index c356145..cdfe452 100644 --- a/python/samba/join.py +++ b/python/samba/join.py @@ -54,12 +54,13 @@ class dc_join(object): def __init__(ctx, logger=None, server=None, creds=None, lp=None, site=None, netbios_name=None, targetdir=None, domain=None, machinepass=None, use_ntvfs=False, dns_backend=None, - promote_existing=False): + promote_existing=False, clone_only=False): + ctx.clone_only=clone_only + ctx.logger = logger ctx.creds = creds ctx.lp = lp ctx.site = site - ctx.netbios_name = netbios_name ctx.targetdir = targetdir ctx.use_ntvfs = use_ntvfs @@ -89,8 +90,6 @@ class dc_join(object): raise DCJoinException(estr) - ctx.myname = netbios_name - ctx.samname = "%s$" % ctx.myname ctx.base_dn = str(ctx.samdb.get_default_basedn()) ctx.root_dn = str(ctx.samdb.get_root_basedn()) ctx.schema_dn = str(ctx.samdb.get_schema_basedn()) @@ -110,17 +109,34 @@ class dc_join(object): else: ctx.acct_pass = samba.generate_random_password(32, 40) - # work out the DNs of all the objects we will be adding - ctx.server_dn = "CN=%s,CN=Servers,CN=%s,CN=Sites,%s" % (ctx.myname, ctx.site, ctx.config_dn) - ctx.ntds_dn = "CN=NTDS Settings,%s" % ctx.server_dn - topology_base = "CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,%s" % ctx.base_dn - if ctx.dn_exists(topology_base): -- Samba Shared Repository