Build status as of Wed Aug 11 06:00:01 2010
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2010-08-10 00:00:04.0 -0600 +++ /home/build/master/cache/broken_results.txt 2010-08-11 00:00:09.0 -0600 @@ -1,4 +1,4 @@ -Build status as of Tue Aug 10 06:00:01 2010 +Build status as of Wed Aug 11 06:00:01 2010 Build counts: Tree Total Broken Panic @@ -16,8 +16,7 @@ samba_3_current 32 32 4 samba_3_master 32 31 1 samba_3_next 32 32 6 -samba_4_0_test 32 32 0 -samba_4_0_waf 36 33 0 +samba_4_0_waf 36 35 0 talloc 32 7 0 tdb 30 8 0
[SCM] Samba Shared Repository - branch v3-5-test updated
The branch, v3-5-test has been updated
via 1793994... s3-winbind: Fix Bug #7568: Make sure cm_connect_lsa_tcp
does not reset the secure channel.
from de7cb26... s3: Fix bug 7578
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -
commit 179399401ccae7ae2579b94420d0386531ad2686
Author: Günther Deschner g...@samba.org
Date: Mon Aug 9 14:31:24 2010 +0200
s3-winbind: Fix Bug #7568: Make sure cm_connect_lsa_tcp does not reset the
secure channel.
This is an important fix as the following could and is happening:
* winbind authenticates a user via schannel secured netlogon samlogonex
call,
current secure channel cred state is stored in winbind state, winbind
sucessfully decrypts session key from the info3
* winbind sets up a new schannel ncacn_ip_tcp lsa pipe (and thereby resets
the
secure channel on the dc)
* subsequent samlogonex calls use the new secure channel creds on the dc to
encrypt info3 session key, while winbind tries to use old schannel creds for
decryption
Guenther
(cherry picked from commit be396411a4e1f3a174f8a44b6c062d834135e70a)
(cherry picked from commit afe0e73b7bb640428396c9f40dbbcba5c311fcd9)
---
Summary of changes:
source3/winbindd/winbindd_cm.c | 20 +---
1 files changed, 13 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index ee9a656..f8e49cc 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2231,6 +2231,7 @@ NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain
*domain,
struct rpc_pipe_client **cli)
{
struct winbindd_cm_conn *conn;
+ struct netlogon_creds_CredentialState *creds;
NTSTATUS status;
DEBUG(10,(cm_connect_lsa_tcp\n));
@@ -2251,14 +2252,19 @@ NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain
*domain,
TALLOC_FREE(conn-lsa_pipe_tcp);
- status = cli_rpc_pipe_open_schannel(conn-cli,
- ndr_table_lsarpc.syntax_id,
- NCACN_IP_TCP,
- DCERPC_AUTH_LEVEL_PRIVACY,
- domain-name,
- conn-lsa_pipe_tcp);
+ if (!cm_get_schannel_creds(domain, creds)) {
+ goto done;
+ }
+
+ status = cli_rpc_pipe_open_schannel_with_key(conn-cli,
+
ndr_table_lsarpc.syntax_id,
+NCACN_IP_TCP,
+DCERPC_AUTH_LEVEL_PRIVACY,
+domain-name,
+creds,
+conn-lsa_pipe_tcp);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10,(cli_rpc_pipe_open_schannel failed: %s\n,
+ DEBUG(10,(cli_rpc_pipe_open_schannel_with_key failed: %s\n,
nt_errstr(status)));
goto done;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-4-test updated
The branch, v3-4-test has been updated
via e647f5b... s3-winbind: Fix Bug #7568: Make sure cm_connect_lsa_tcp
does not reset the secure channel.
from 8564193... s3-libsmb: Fix bug #7577.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test
- Log -
commit e647f5b5409502ec329e24f09202b036cfb357ae
Author: Günther Deschner g...@samba.org
Date: Mon Aug 9 14:31:24 2010 +0200
s3-winbind: Fix Bug #7568: Make sure cm_connect_lsa_tcp does not reset the
secure channel.
This is an important fix as the following could and is happening:
* winbind authenticates a user via schannel secured netlogon samlogonex
call,
current secure channel cred state is stored in winbind state, winbind
sucessfully decrypts session key from the info3
* winbind sets up a new schannel ncacn_ip_tcp lsa pipe (and thereby resets
the
secure channel on the dc)
* subsequent samlogonex calls use the new secure channel creds on the dc to
encrypt info3 session key, while winbind tries to use old schannel creds for
decryption
Guenther
(cherry picked from commit be396411a4e1f3a174f8a44b6c062d834135e70a)
---
Summary of changes:
source3/winbindd/winbindd_cm.c | 20 +---
1 files changed, 13 insertions(+), 7 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 3b34a32..1b6c03a 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2217,6 +2217,7 @@ NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain
*domain,
struct rpc_pipe_client **cli)
{
struct winbindd_cm_conn *conn;
+ struct dcinfo *dcinfo;
NTSTATUS status;
DEBUG(10,(cm_connect_lsa_tcp\n));
@@ -2237,14 +2238,19 @@ NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain
*domain,
TALLOC_FREE(conn-lsa_pipe_tcp);
- status = cli_rpc_pipe_open_schannel(conn-cli,
- ndr_table_lsarpc.syntax_id,
- NCACN_IP_TCP,
- PIPE_AUTH_LEVEL_PRIVACY,
- domain-name,
- conn-lsa_pipe_tcp);
+ if (!cm_get_schannel_dcinfo(domain, dcinfo)) {
+ goto done;
+ }
+
+ status = cli_rpc_pipe_open_schannel_with_key(conn-cli,
+
ndr_table_lsarpc.syntax_id,
+NCACN_IP_TCP,
+PIPE_AUTH_LEVEL_PRIVACY,
+domain-name,
+dcinfo,
+conn-lsa_pipe_tcp);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10,(cli_rpc_pipe_open_schannel failed: %s\n,
+ DEBUG(10,(cli_rpc_pipe_open_schannel_with_key failed: %s\n,
nt_errstr(status)));
goto done;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via c43e832... s3-waf: fix the waf build with more recent MIT krb5 libs.
from 03bfd42... s4-test: Implement DRS-RPC-msDSIntId test case
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c43e832c5160fbffb31ddd64b43dbbc8124b1ca0
Author: Günther Deschner g...@samba.org
Date: Wed Aug 11 12:45:51 2010 +0200
s3-waf: fix the waf build with more recent MIT krb5 libs.
(such as MIT krb5 1.7.1 on fedora 13).
This whole area needs more work and love later, for now it builds at least.
Kai, please check.
Guenther
---
Summary of changes:
source3/wscript |3 +++
source3/wscript_build |2 +-
2 files changed, 4 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/wscript b/source3/wscript
index 66bddcf..b61d110 100644
--- a/source3/wscript
+++ b/source3/wscript
@@ -542,11 +542,14 @@ return 0;
headers='krb5.h stdlib.h', lib='krb5',
addmain=False, cflags='-Werror',
msg=Checking whether krb5_enctype_to_string takes
krb5_context argument)
+conf.DEFINE('HAVE_KRB5', '1')
else:
conf.SET_TARGET_TYPE('krb5', 'EMPTY')
conf.SET_TARGET_TYPE('gssapi', 'EMPTY')
conf.SET_TARGET_TYPE('gssapi_krb5', 'EMPTY')
+conf.SET_TARGET_TYPE('com_err', 'EMPTY')
+conf.SET_TARGET_TYPE('k5crypto', 'EMPTY')
if Options.options.with_utmp:
conf.CHECK_FUNCS('pututline pututxline updwtmp updwtmpx getutmpx
getutxent')
diff --git a/source3/wscript_build b/source3/wscript_build
index 7f5414d..3a9e17d 100644
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -911,7 +911,7 @@ bld.SAMBA_SUBSYSTEM('POPT_SAMBA',
bld.SAMBA_SUBSYSTEM('KRBCLIENT',
source=KRBCLIENT_SRC,
-deps='krb5 gssapi gssapi_krb5',
+deps='krb5 k5crypto com_err gssapi gssapi_krb5',
vars=locals())
bld.SAMBA_SUBSYSTEM('LIBS',
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 44de839... smbtorture: Don't crash RAW-QFILEINFO if there's no
alternate name.
via 88d48a7... smbtorture: Make BASE-OPENATTR report a failure if it
fails.
from c43e832... s3-waf: fix the waf build with more recent MIT krb5 libs.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 44de839dabb6062d524ddc0001ca23fb8505e643
Author: James Peach jpe...@samba.org
Date: Fri Aug 6 15:21:31 2010 -0700
smbtorture: Don't crash RAW-QFILEINFO if there's no alternate name.
commit 88d48a7d92ca7dedc5357a1e7caab544e586bafb
Author: James Peach jpe...@samba.org
Date: Fri Aug 6 15:25:12 2010 -0700
smbtorture: Make BASE-OPENATTR report a failure if it fails.
---
Summary of changes:
source4/torture/basic/attr.c|6 --
source4/torture/raw/qfileinfo.c |5 +
2 files changed, 9 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/torture/basic/attr.c b/source4/torture/basic/attr.c
index 49e8a59..66d17b4 100644
--- a/source4/torture/basic/attr.c
+++ b/source4/torture/basic/attr.c
@@ -121,7 +121,8 @@ bool torture_openattrtest(struct torture_context *tctx,
if (fnum1 == -1) {
for (l = 0; l ARRAY_SIZE(attr_results); l++) {
if (attr_results[l].num == k) {
- torture_comment(tctx, [%d]
trunc open 0x%x - 0x%x of %s failed - should have succeeded !(%s)\n,
+ torture_result(tctx,
TORTURE_FAIL,
+ [%d] trunc
open 0x%x - 0x%x of %s failed - should have succeeded !(%s),
k,
open_attrs_table[i],
open_attrs_table[j],
fname,
smbcli_errstr(cli1-tree));
@@ -160,7 +161,8 @@ bool torture_openattrtest(struct torture_context *tctx,
if (attr != attr_results[l].result_attr
||
open_attrs_table[i] !=
attr_results[l].init_attr ||
open_attrs_table[j] !=
attr_results[l].trunc_attr) {
- torture_comment(tctx, [%d]
getatr check failed. [0x%x] trunc [0x%x] got attr 0x%x, should be 0x%x\n,
+ torture_result(tctx,
TORTURE_FAIL,
+ [%d] getatr check
failed. [0x%x] trunc [0x%x] got attr 0x%x, should be 0x%x,
k, open_attrs_table[i],
open_attrs_table[j],
(unsigned int)attr,
diff --git a/source4/torture/raw/qfileinfo.c b/source4/torture/raw/qfileinfo.c
index 54f1d12..2a5a2e7 100644
--- a/source4/torture/raw/qfileinfo.c
+++ b/source4/torture/raw/qfileinfo.c
@@ -667,6 +667,11 @@ static bool torture_raw_qfileinfo_internals(struct
torture_context *torture,
s1 = fnum_find(ALT_NAME_INFO);
if (s1) {
correct_name = s1-alt_name_info.out.fname.s;
+ }
+
+ if (!correct_name) {
+ torture_comment(torture, no alternate name information\n);
+ } else {
torture_comment(torture, alt_name: %s\n, correct_name);
NAME_CHECK(ALT_NAME_INFO,alt_name_info, fname,
STR_UNICODE);
--
Samba Shared Repository
