Attachment 10096 Details for Bug 10130 – Patches for v4-1-test

[patch] Patches for v4-1-test

tmp41.diff (text/plain), 28.54 KB, created by Stefan Metzmacher on 2014-07-09 15:03:23 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Stefan Metzmacher

Created: 2014-07-09 15:03:23 UTC

Size: 28.54 KB

patch

obsolete

>From 05c5ab3b8dcd5e4f911013cea6ee65f7f015afcf Mon Sep 17 00:00:00 2001
>From: Andrew Bartlett <abartlet@samba.org>
>Date: Tue, 24 Sep 2013 10:12:24 -0700
>Subject: [PATCH 1/4] dsdb: Set syntax of userParameters to binary string, not
> unicode string
>
>This means we continue to store the values as given on SAMR, assuming
>that the SAMR buffer is little endian.  The syntax for this specific
>object is forced to be a binary blob, so that it is not converted on
>DRSUAPI.
>
>This commit does not fix existing databases, nor pdb_samba_dsdb (used
>by classicupgrade).
>
>Andrew Bartlett
>
>Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
>Change-Id: I10bb6aaecc381194e3c0ce6b9163f961acbdcee1
>Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
>Signed-off-by: Andrew Bartlett <abartlet@samba.org>
>Signed-off-by: Stefan Metzmacher <metze@samba.org>
>(cherry picked from commit 1592eaa5c781af83aa64bc4e7211339e1d1eafce)
>---
> source4/dsdb/schema/schema.h        |  1 +
> source4/dsdb/schema/schema_syntax.c | 11 +++++++++++
> 2 files changed, 12 insertions(+)
>
>diff --git a/source4/dsdb/schema/schema.h b/source4/dsdb/schema/schema.h
>index cac6f98..457d986 100644
>--- a/source4/dsdb/schema/schema.h
>+++ b/source4/dsdb/schema/schema.h
>@@ -74,6 +74,7 @@ struct dsdb_syntax {
> 			       const struct dsdb_attribute *attr,
> 			       const struct ldb_message_element *in);
> 	bool auto_normalise;
>+	bool userParameters; /* Indicates the syntax userParameters should be forced to */
> };
> 
> struct dsdb_attribute {
>diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c
>index c2e0208..c9ff588 100644
>--- a/source4/dsdb/schema/schema_syntax.c
>+++ b/source4/dsdb/schema/schema_syntax.c
>@@ -2395,6 +2395,7 @@ static const struct dsdb_syntax dsdb_syntaxes[] = {
> 		.validate_ldb		= dsdb_syntax_DATA_BLOB_validate_ldb,
> 		.equality               = "octetStringMatch",
> 		.comment                = "Octet String",
>+		.userParameters         = true
> 	},{
> 		.name			= "String(Sid)",
> 		.ldap_oid		= LDB_SYNTAX_OCTET_STRING,
>@@ -2665,6 +2666,16 @@ const struct dsdb_syntax *dsdb_syntax_for_attribute(const struct dsdb_attribute
> 	unsigned int i;
> 
> 	for (i=0; i < ARRAY_SIZE(dsdb_syntaxes); i++) {
>+		/*
>+		 * We must pretend that userParamters was declared
>+		 * binary string, so we can store the 'UTF16' (not
>+		 * really string) structure as given over SAMR to samba
>+		 */
>+		if (dsdb_syntaxes[i].userParameters &&
>+		    (strcasecmp(attr->lDAPDisplayName, "userParameters") == 0))
>+		{
>+			return &dsdb_syntaxes[i];
>+		}
> 		if (attr->oMSyntax != dsdb_syntaxes[i].oMSyntax) continue;
> 
> 		if (attr->oMObjectClass.length != dsdb_syntaxes[i].oMObjectClass.length) continue;
>-- 
>1.9.1
>
>
>From b0ca6e0403ec87a5d9235f680534cda84d8ed213 Mon Sep 17 00:00:00 2001
>From: Andrew Bartlett <abartlet@samba.org>
>Date: Tue, 17 Jun 2014 16:03:22 +1200
>Subject: [PATCH 2/4] dsdb: Always store and return the userParameters as a
> array of LE 16-bit values
>
>This is not allowed to be odd length, as otherwise we can not send it over the SAMR transport correctly.
>
>Allocating one byte less memory than required causes malloc() heap corruption
>and then a crash or lockup of the SAMR server.
>
>Andrew Bartlett
>
>Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130
>Change-Id: I5c0c531c1d660141e07f884a4789ebe11c1716f6
>Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
>Signed-off-by: Andrew Bartlett <abartlet@samba.org>
>Signed-off-by: Stefan Metzmacher <metze@samba.org>
>(cherry picked from commit d7b4d10aba90f4a1acf01d1d5ab62161862f62f7)
>---
> source3/passdb/pdb_samba_dsdb.c       | 31 +++++++++++++++---
> source4/dsdb/common/util.c            | 59 ++++++++++++++++++++++++++---------
> source4/rpc_server/samr/dcesrv_samr.c | 17 +++++++---
> 3 files changed, 84 insertions(+), 23 deletions(-)
>
>diff --git a/source3/passdb/pdb_samba_dsdb.c b/source3/passdb/pdb_samba_dsdb.c
>index cbeb332..4cd7a4b 100644
>--- a/source3/passdb/pdb_samba_dsdb.c
>+++ b/source3/passdb/pdb_samba_dsdb.c
>@@ -259,9 +259,13 @@ static NTSTATUS pdb_samba_dsdb_init_sam_from_priv(struct pdb_methods *m,
> 		pdb_set_workstations(sam, str, PDB_SET);
> 	}
> 
>-	str = ldb_msg_find_attr_as_string(msg, "userParameters",
>-					    NULL);
>-	if (str != NULL) {
>+	blob = ldb_msg_find_ldb_val(msg, "userParameters");
>+	if (blob != NULL) {
>+		str = base64_encode_data_blob(frame, *blob);
>+		if (str == NULL) {
>+			DEBUG(0, ("base64_encode_data_blob() failed\n"));
>+			goto fail;
>+		}
> 		pdb_set_munged_dial(sam, str, PDB_SET);
> 	}
> 
>@@ -553,8 +557,25 @@ static int pdb_samba_dsdb_replace_by_sam(struct pdb_samba_dsdb_state *state,
> 
> 	/* This will need work, it is actually a UTF8 'string' with internal NULLs, to handle TS parameters */
> 	if (need_update(sam, PDB_MUNGEDDIAL)) {
>-		ret |= ldb_msg_add_string(msg, "userParameters",
>-					  pdb_get_munged_dial(sam));
>+		const char *base64_munged_dial = NULL;
>+
>+		base64_munged_dial = pdb_get_munged_dial(sam);
>+		if (base64_munged_dial != NULL && strlen(base64_munged_dial) > 0) {
>+			struct ldb_val blob;
>+
>+			blob = base64_decode_data_blob_talloc(msg,
>+							base64_munged_dial);
>+			if (blob.data == NULL) {
>+				DEBUG(0, ("Failed to decode userParameters from "
>+					  "munged dialback string[%s] for %s\n",
>+					  base64_munged_dial,
>+					  ldb_dn_get_linearized(msg->dn)));
>+				talloc_free(frame);
>+				return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
>+			}
>+			ret |= ldb_msg_add_steal_value(msg, "userParameters",
>+						       &blob);
>+		}
> 	}
> 
> 	if (need_update(sam, PDB_COUNTRY_CODE)) {
>diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c
>index 904ca1d..0807e89 100644
>--- a/source4/dsdb/common/util.c
>+++ b/source4/dsdb/common/util.c
>@@ -650,27 +650,42 @@ uint32_t samdb_result_acct_flags(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ct
> 	return acct_flags;
> }
> 
>-struct lsa_BinaryString samdb_result_parameters(TALLOC_CTX *mem_ctx,
>-						struct ldb_message *msg,
>-						const char *attr)
>+NTSTATUS samdb_result_parameters(TALLOC_CTX *mem_ctx,
>+				 struct ldb_message *msg,
>+				 const char *attr,
>+				 struct lsa_BinaryString *s)
> {
>-	struct lsa_BinaryString s;
>+	int i;
> 	const struct ldb_val *val = ldb_msg_find_ldb_val(msg, attr);
> 
>-	ZERO_STRUCT(s);
>+	ZERO_STRUCTP(s);
> 
> 	if (!val) {
>-		return s;
>+		return NT_STATUS_OK;
>+	}
>+
>+	if ((val->length % 2) != 0) {
>+		/*
>+		 * If the on-disk data is not even in length, we know
>+		 * it is corrupt, and can not be safely pushed.  We
>+		 * would either truncate, send either a un-initilaised
>+		 * byte or send a forced zero byte
>+		 */
>+		return NT_STATUS_INTERNAL_DB_CORRUPTION;
> 	}
> 
>-	s.array = talloc_array(mem_ctx, uint16_t, val->length/2);
>-	if (!s.array) {
>-		return s;
>+	s->array = talloc_array(mem_ctx, uint16_t, val->length/2);
>+	if (!s->array) {
>+		return NT_STATUS_NO_MEMORY;
> 	}
>-	s.length = s.size = val->length;
>-	memcpy(s.array, val->data, val->length);
>+	s->length = s->size = val->length;
> 
>-	return s;
>+	/* The on-disk format is the 'network' format, being UTF16LE (sort of) */
>+	for (i = 0; i < s->length / 2; i++) {
>+		s->array[i] = SVAL(val->data, i * 2);
>+	}
>+
>+	return NT_STATUS_OK;
> }
> 
> /* Find an attribute, with a particular value */
>@@ -978,10 +993,26 @@ int samdb_msg_add_logon_hours(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx,
> int samdb_msg_add_parameters(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, struct ldb_message *msg,
> 			     const char *attr_name, struct lsa_BinaryString *parameters)
> {
>+	int i;
> 	struct ldb_val val;
>+	if ((parameters->length % 2) != 0) {
>+		return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX;
>+	}
>+
>+	val.data = talloc_array(mem_ctx, uint8_t, parameters->length);
>+	if (val.data == NULL) {
>+		return LDB_ERR_OPERATIONS_ERROR;
>+	}
> 	val.length = parameters->length;
>-	val.data = (uint8_t *)parameters->array;
>-	return ldb_msg_add_value(msg, attr_name, &val, NULL);
>+	for (i = 0; i < parameters->length / 2; i++) {
>+		/*
>+		 * The on-disk format needs to be in the 'network'
>+		 * format, parmeters->array is a uint16_t array of
>+		 * length parameters->length / 2
>+		 */
>+		SSVAL(val.data, i * 2, parameters->array[i]);
>+	}
>+	return ldb_msg_add_steal_value(msg, attr_name, &val);
> }
> 
> /*
>diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
>index 7279fe0..330e6fb 100644
>--- a/source4/rpc_server/samr/dcesrv_samr.c
>+++ b/source4/rpc_server/samr/dcesrv_samr.c
>@@ -61,8 +61,6 @@
> 	info->field = samdb_result_logon_hours(mem_ctx, msg, attr);
> #define QUERY_AFLAGS(msg, field, attr) \
> 	info->field = samdb_result_acct_flags(sam_ctx, mem_ctx, msg, a_state->domain_state->domain_dn);
>-#define QUERY_PARAMETERS(msg, field, attr) \
>-	info->field = samdb_result_parameters(mem_ctx, msg, attr);
> 
> 
> /* these are used to make the Set[User|Group]Info code easier to follow */
>@@ -2703,6 +2701,8 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA
> 	const char * const *attrs = NULL;
> 	union samr_UserInfo *info;
> 
>+	NTSTATUS status;
>+
> 	*r->out.info = NULL;
> 
> 	DCESRV_PULL_HANDLE(h, r->in.user_handle, SAMR_HANDLE_USER);
>@@ -3043,7 +3043,11 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA
> 		break;
> 
> 	case 20:
>-		QUERY_PARAMETERS(msg, info20.parameters,    "userParameters");
>+		status = samdb_result_parameters(mem_ctx, msg, "userParameters", &info->info20.parameters);
>+		if (!NT_STATUS_IS_OK(status)) {
>+			talloc_free(info);
>+			return status;
>+		}
> 		break;
> 
> 	case 21:
>@@ -3062,7 +3066,12 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA
> 		QUERY_STRING(msg, info21.description,          "description");
> 		QUERY_STRING(msg, info21.workstations,         "userWorkstations");
> 		QUERY_STRING(msg, info21.comment,              "comment");
>-		QUERY_PARAMETERS(msg, info21.parameters,       "userParameters");
>+		status = samdb_result_parameters(mem_ctx, msg, "userParameters", &info->info21.parameters);
>+		if (!NT_STATUS_IS_OK(status)) {
>+			talloc_free(info);
>+			return status;
>+		}
>+
> 		QUERY_RID   (msg, info21.rid,                  "objectSid");
> 		QUERY_UINT  (msg, info21.primary_gid,          "primaryGroupID");
> 		QUERY_AFLAGS(msg, info21.acct_flags,           "userAccountControl");
>-- 
>1.9.1
>
>
>From 87ea761c2a99148479fd248a408e4837268abc61 Mon Sep 17 00:00:00 2001
>From: Andrew Bartlett <abartlet@samba.org>
>Date: Tue, 17 Jun 2014 16:00:57 +1200
>Subject: [PATCH 3/4] dbcheck: Add check and test for various invalid
> userParameters values
>
>Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
>Change-Id: I6f2f4169856ce78c62e3a7e74b48520cca9cb9ae
>Signed-off-by: Andrew Bartlett <abartlet@samba.org>
>Reviewed-by: Stefan Metzmacher <metze@samba.org>
>(cherry picked from commit 9bfbff65436a088fab5d564b6c0bb122a76492bc)
>---
> python/samba/dbchecker.py                |  90 ++++++++++++++++++
> testprogs/blackbox/dbcheck-oldrelease.sh | 154 +++++++++++++++++++++++++++++++
> 2 files changed, 244 insertions(+)
>
>diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py
>index c658610..74e9678 100644
>--- a/python/samba/dbchecker.py
>+++ b/python/samba/dbchecker.py
>@@ -20,6 +20,7 @@
> import ldb
> import samba
> import time
>+from base64 import b64decode
> from samba import dsdb
> from samba import common
> from samba.dcerpc import misc
>@@ -64,6 +65,9 @@ class dbcheck(object):
>         self.fix_replmetadata_zero_invocationid = False
>         self.fix_deleted_deleted_objects = False
>         self.fix_dn = False
>+        self.fix_base64_userparameters = False
>+        self.fix_utf8_userparameters = False
>+        self.fix_doubled_userparameters = False
>         self.reset_well_known_acls = reset_well_known_acls
>         self.reset_all_well_known_acls = False
>         self.in_transaction = in_transaction
>@@ -522,6 +526,58 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
>                           "Failed to correct missing instanceType on %s by setting instanceType=%d" % (obj.dn, calculated_instancetype)):
>             self.report("Corrected instancetype on %s by setting instanceType=%d" % (obj.dn, calculated_instancetype))
> 
>+    def err_short_userParameters(self, obj, attrname, value):
>+        # This is a truncated userParameters due to a pre 4.1 replication bug
>+        self.report("ERROR: incorrect userParameters value on object %s.  If you have another working DC that does not give this warning, please run 'samba-tool drs replicate --full-sync --local <destinationDC> <sourceDC> %s'" % (obj.dn, self.samdb.get_nc_root(obj.dn)))
>+
>+    def err_base64_userParameters(self, obj, attrname, value):
>+        '''handle a wrong userParameters'''
>+        self.report("ERROR: wrongly formatted userParameters %s on %s, should not be base64-encoded" % (value, obj.dn))
>+        if not self.confirm_all('Convert userParameters from base64 encoding on %s?' % (obj.dn), 'fix_base64_userparameters'):
>+            self.report('Not changing userParameters from base64 encoding on %s' % (obj.dn))
>+            return
>+
>+        m = ldb.Message()
>+        m.dn = obj.dn
>+        m['value'] = ldb.MessageElement(b64decode(obj[attrname][0]), ldb.FLAG_MOD_REPLACE, 'userParameters')
>+        if self.do_modify(m, [],
>+                          "Failed to correct base64-encoded userParameters on %s by converting from base64" % (obj.dn)):
>+            self.report("Corrected base64-encoded userParameters on %s by converting from base64" % (obj.dn))
>+
>+    def err_utf8_userParameters(self, obj, attrname, value):
>+        '''handle a wrong userParameters'''
>+        self.report("ERROR: wrongly formatted userParameters on %s, should not be psudo-UTF8 encoded" % (obj.dn))
>+        if not self.confirm_all('Convert userParameters from UTF8 encoding on %s?' % (obj.dn), 'fix_utf8_userparameters'):
>+            self.report('Not changing userParameters from UTF8 encoding on %s' % (obj.dn))
>+            return
>+
>+        m = ldb.Message()
>+        m.dn = obj.dn
>+        m['value'] = ldb.MessageElement(obj[attrname][0].decode('utf8').encode('utf-16-le'),
>+                                        ldb.FLAG_MOD_REPLACE, 'userParameters')
>+        if self.do_modify(m, [],
>+                          "Failed to correct psudo-UTF8 encoded userParameters on %s by converting from UTF8" % (obj.dn)):
>+            self.report("Corrected psudo-UTF8 encoded userParameters on %s by converting from UTF8" % (obj.dn))
>+
>+    def err_doubled_userParameters(self, obj, attrname, value):
>+        '''handle a wrong userParameters'''
>+        self.report("ERROR: wrongly formatted userParameters on %s, should not be double UTF16 encoded" % (obj.dn))
>+        if not self.confirm_all('Convert userParameters from doubled UTF-16 encoding on %s?' % (obj.dn), 'fix_doubled_userparameters'):
>+            self.report('Not changing userParameters from doubled UTF-16 encoding on %s' % (obj.dn))
>+            return
>+
>+        m = ldb.Message()
>+        m.dn = obj.dn
>+        m['value'] = ldb.MessageElement(obj[attrname][0].decode('utf-16-le').decode('utf-16-le').encode('utf-16-le'),
>+                                        ldb.FLAG_MOD_REPLACE, 'userParameters')
>+        if self.do_modify(m, [],
>+                          "Failed to correct doubled-UTF16 encoded userParameters on %s by converting" % (obj.dn)):
>+            self.report("Corrected doubled-UTF16 encoded userParameters on %s by converting" % (obj.dn))
>+
>+    def err_odd_userParameters(self, obj, attrname):
>+        # This is a truncated userParameters due to a pre 4.1 replication bug
>+        self.report("ERROR: incorrect userParameters value on object %s (odd length).  If you have another working DC that does not give this warning, please run 'samba-tool drs replicate --full-sync --local <destinationDC> <sourceDC> %s'" % (obj.dn, self.samdb.get_nc_root(obj.dn)))
>+
>     def find_revealed_link(self, dn, attrname, guid):
>         '''return a revealed link in an object'''
>         res = self.samdb.search(base=dn, scope=ldb.SCOPE_BASE, attrs=[attrname],
>@@ -1164,6 +1220,40 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base)))
>                     error_count += 1
>                 continue
> 
>+            if str(attrname).lower() == 'userparameters':
>+                if len(obj[attrname][0]) == 1 and obj[attrname][0][0] == '\x20':
>+                    error_count += 1
>+                    self.err_short_userParameters(obj, attrname, obj[attrname])
>+                    continue
>+
>+                elif obj[attrname][0][:16] == '\x20\x00\x20\x00\x20\x00\x20\x00\x20\x00\x20\x00\x20\x00\x20\x00':
>+                    # This is the correct, normal prefix
>+                    continue
>+
>+                elif obj[attrname][0][:20] == 'IAAgACAAIAAgACAAIAAg':
>+                    # this is the typical prefix from a windows migration
>+                    error_count += 1
>+                    self.err_base64_userParameters(obj, attrname, obj[attrname])
>+                    continue
>+
>+                elif obj[attrname][0][1] != '\x00' and obj[attrname][0][3] != '\x00' and obj[attrname][0][5] != '\x00' and obj[attrname][0][7] != '\x00' and obj[attrname][0][9] != '\x00':
>+                    # This is a prefix that is not in UTF-16 format for the space or munged dialback prefix
>+                    error_count += 1
>+                    self.err_utf8_userParameters(obj, attrname, obj[attrname])
>+                    continue
>+
>+                elif len(obj[attrname][0]) % 2 != 0:
>+                    # This is a value that isn't even in length
>+                    error_count += 1
>+                    self.err_odd_userParameters(obj, attrname, obj[attrname])
>+                    continue
>+
>+                elif obj[attrname][0][1] == '\x00' and obj[attrname][0][2] == '\x00' and obj[attrname][0][3] == '\x00' and obj[attrname][0][4] != '\x00' and obj[attrname][0][5] == '\x00':
>+                    # This is a prefix that would happen if a SAMR-written value was replicated from a Samba 4.1 server to a working server
>+                    error_count += 1
>+                    self.err_doubled_userParameters(obj, attrname, obj[attrname])
>+                    continue
>+
>             # check for empty attributes
>             for val in obj[attrname]:
>                 if val == '':
>diff --git a/testprogs/blackbox/dbcheck-oldrelease.sh b/testprogs/blackbox/dbcheck-oldrelease.sh
>index fbc9e9b..d59c8a8 100755
>--- a/testprogs/blackbox/dbcheck-oldrelease.sh
>+++ b/testprogs/blackbox/dbcheck-oldrelease.sh
>@@ -15,6 +15,11 @@ shift 2
> 
> release_dir=`dirname $0`/../../source4/selftest/provisions/$RELEASE
> 
>+ldbmodify="ldbmodify"
>+if [ -x "$BINDIR/ldbmodify" ]; then
>+    ldbmodify="$BINDIR/ldbmodify"
>+fi
>+
> undump() {
>        if test -x $BINDIR/tdbrestore;
>        then
>@@ -24,6 +29,109 @@ undump() {
>        fi
> }
> 
>+add_userparameters0() {
>+       if [ x$RELEASE = x"release-4-1-0rc3" ]; then
>+	   $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb <<EOF
>+dn: cn=localdc,cn=domain controllers,dc=release-4-1-0rc3,dc=samba,dc=corp
>+changetype: modify
>+replace: userParameters
>+userParameters:: IAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAC
>+ AAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAUAAQABoACAAB
>+ AEMAdAB4AEMAZgBnAFAAcgBlAHMAZQBuAHQANTUxZTBiYjAYAAgAAQBDAHQAeABDAGYAZw
>+ BGAGwAYQBnAHMAMQAwMGUwMDAxMBYACAABAEMAdAB4AEMAYQBsAGwAYgBhAGMAawAwMDAw
>+ MDAwMBIACAABAEMAdAB4AFMAaABhAGQAbwB3ADAxMDAwMDAwKAAIAAEAQwB0AHgATQBhAH
>+ gAQwBvAG4AbgBlAGMAdABpAG8AbgBUAGkAbQBlADAwMDAwMDAwLgAIAAEAQwB0AHgATQBh
>+ AHgARABpAHMAYwBvAG4AbgBlAGMAdABpAG8AbgBUAGkAbQBlADAwMDAwMDAwHAAIAAEAQw
>+ B0AHgATQBhAHgASQBkAGwAZQBUAGkAbQBlADAwMDAwMDAwIgAIAAEAQwB0AHgASwBlAHkA
>+ YgBvAGEAcgBkAEwAYQB5AG8AdQB0ADAwMDAwMDAwKgACAAEAQwB0AHgATQBpAG4ARQBuAG
>+ MAcgB5AHAAdABpAG8AbgBMAGUAdgBlAGwAMDAgAAIAAQBDAHQAeABXAG8AcgBrAEQAaQBy
>+ AGUAYwB0AG8AcgB5ADAwIAACAAEAQwB0AHgATgBXAEwAbwBnAG8AbgBTAGUAcgB2AGUAcg
>+ AwMBgAJAABAEMAdAB4AFcARgBIAG8AbQBlAEQAaQByADVjNWM3MzYxNzQ3NTcyNmU2NTVj
>+ NzAyZTYyNjk2NDZmNmUwMCIABgABAEMAdAB4AFcARgBIAG8AbQBlAEQAaQByAEQAcgBpAH
>+ YAZQA1MDNhMDAgADoAAQBDAHQAeABXAEYAUAByAG8AZgBpAGwAZQBQAGEAdABoADVjNWM3
>+ MzYxNzQ3NTcyNmU2NTVjNzA3MjZmNjY2OTZjNjU3NDczNjU1YzcwMmU2MjY5NjQ2ZjZlMD
>+ AiAAIAAQBDAHQAeABJAG4AaQB0AGkAYQBsAFAAcgBvAGcAcgBhAG0AMDAiAAIAAQBDAHQA
>+ eABDAGEAbABsAGIAYQBjAGsATgB1AG0AYgBlAHIAMDA=
>+-
>+EOF
>+       fi
>+}
>+add_userparameters1() {
>+       if [ x$RELEASE = x"release-4-1-0rc3" ]; then
>+	   $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb <<EOF
>+dn: cn=administrator,cn=users,dc=release-4-1-0rc3,dc=samba,dc=corp
>+changetype: modify
>+replace: userParameters
>+userParameters: IAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAC
>+ AAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAUAAQABoACAAB
>+ AEMAdAB4AEMAZgBnAFAAcgBlAHMAZQBuAHQANTUxZTBiYjAYAAgAAQBDAHQAeABDAGYAZw
>+ BGAGwAYQBnAHMAMQAwMGUwMDAxMBYACAABAEMAdAB4AEMAYQBsAGwAYgBhAGMAawAwMDAw
>+ MDAwMBIACAABAEMAdAB4AFMAaABhAGQAbwB3ADAxMDAwMDAwKAAIAAEAQwB0AHgATQBhAH
>+ gAQwBvAG4AbgBlAGMAdABpAG8AbgBUAGkAbQBlADAwMDAwMDAwLgAIAAEAQwB0AHgATQBh
>+ AHgARABpAHMAYwBvAG4AbgBlAGMAdABpAG8AbgBUAGkAbQBlADAwMDAwMDAwHAAIAAEAQw
>+ B0AHgATQBhAHgASQBkAGwAZQBUAGkAbQBlADAwMDAwMDAwIgAIAAEAQwB0AHgASwBlAHkA
>+ YgBvAGEAcgBkAEwAYQB5AG8AdQB0ADAwMDAwMDAwKgACAAEAQwB0AHgATQBpAG4ARQBuAG
>+ MAcgB5AHAAdABpAG8AbgBMAGUAdgBlAGwAMDAgAAIAAQBDAHQAeABXAG8AcgBrAEQAaQBy
>+ AGUAYwB0AG8AcgB5ADAwIAACAAEAQwB0AHgATgBXAEwAbwBnAG8AbgBTAGUAcgB2AGUAcg
>+ AwMBgAJAABAEMAdAB4AFcARgBIAG8AbQBlAEQAaQByADVjNWM3MzYxNzQ3NTcyNmU2NTVj
>+ NzAyZTYyNjk2NDZmNmUwMCIABgABAEMAdAB4AFcARgBIAG8AbQBlAEQAaQByAEQAcgBpAH
>+ YAZQA1MDNhMDAgADoAAQBDAHQAeABXAEYAUAByAG8AZgBpAGwAZQBQAGEAdABoADVjNWM3
>+ MzYxNzQ3NTcyNmU2NTVjNzA3MjZmNjY2OTZjNjU3NDczNjU1YzcwMmU2MjY5NjQ2ZjZlMD
>+ AiAAIAAQBDAHQAeABJAG4AaQB0AGkAYQBsAFAAcgBvAGcAcgBhAG0AMDAiAAIAAQBDAHQA
>+ eABDAGEAbABsAGIAYQBjAGsATgB1AG0AYgBlAHIAMDA=
>+-
>+EOF
>+       fi
>+}
>+add_userparameters2() {
>+       if [ x$RELEASE = x"release-4-1-0rc3" ]; then
>+	   $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb <<EOF
>+dn: cn=krbtgt,cn=users,dc=release-4-1-0rc3,dc=samba,dc=corp
>+changetype: modify
>+replace: userParameters
>+userParameters:: Q3R4Q2ZnUHJlc2VudCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI
>+ CAgUAsaCAFDdHhDZmdQcmVzZW5045S15pSx5oiw44GiIAIBQ3R4V0ZQcm9maWxlUGF0aOOAsBgCAU
>+ N0eFdGSG9tZURpcuOAsCICAUN0eFdGSG9tZURpckRyaXZl44CwEggBQ3R4U2hhZG9344Sw44Cw44C
>+ w44CwLggBQ3R4TWF4RGlzY29ubmVjdGlvblRpbWXjgaXjjLnjkLDjgLAoCAFDdHhNYXhDb25uZWN0
>+ aW9uVGltZeOAtOOct+aIseOAsBwIAUN0eE1heElkbGVUaW1l44Gj45yy46Sw44CwIAIBQ3R4V29ya
>+ 0RpcmVjdG9yeeOAsBgIAUN0eENmZ0ZsYWdzMeOAsOOBpuOYsuOAuCICAUN0eEluaXRpYWxQcm9ncm
>+ Ft44Cw
>+-
>+EOF
>+       fi
>+}
>+
>+add_userparameters3() {
>+       if [ x$RELEASE = x"release-4-1-0rc3" ]; then
>+	   $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb <<EOF
>+dn: cn=guest,cn=users,dc=release-4-1-0rc3,dc=samba,dc=corp
>+changetype: modify
>+replace: userParameters
>+userParameters:: QwAAAHQAAAB4AAAAQwAAAGYAAABnAAAAUAAAAHIAAABlAAAAcwAAAGUAAABuA
>+ AAAdAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAA
>+ AgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACA
>+ AAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAUAAAAAsAAAAaAAAACAAAAAEAAABDAAAAdAAA
>+ AHgAAABDAAAAZgAAAGcAAABQAAAAcgAAAGUAAABzAAAAZQAAAG4AAAB0AAAANQA1ADEAZQAwAGIAY
>+ gAwACAAAAACAAAAAQAAAEMAAAB0AAAAeAAAAFcAAABGAAAAUAAAAHIAAABvAAAAZgAAAGkAAABsAA
>+ AAZQAAAFAAAABhAAAAdAAAAGgAAAAwADAAGAAAAAIAAAABAAAAQwAAAHQAAAB4AAAAVwAAAEYAAAB
>+ IAAAAbwAAAG0AAABlAAAARAAAAGkAAAByAAAAMAAwACIAAAACAAAAAQAAAEMAAAB0AAAAeAAAAFcA
>+ AABGAAAASAAAAG8AAABtAAAAZQAAAEQAAABpAAAAcgAAAEQAAAByAAAAaQAAAHYAAABlAAAAMAAwA
>+ BIAAAAIAAAAAQAAAEMAAAB0AAAAeAAAAFMAAABoAAAAYQAAAGQAAABvAAAAdwAAADAAMQAwADAAMA
>+ AwADAAMAAuAAAACAAAAAEAAABDAAAAdAAAAHgAAABNAAAAYQAAAHgAAABEAAAAaQAAAHMAAABjAAA
>+ AbwAAAG4AAABuAAAAZQAAAGMAAAB0AAAAaQAAAG8AAABuAAAAVAAAAGkAAABtAAAAZQAAAGUAMAA5
>+ ADMAMAA0ADAAMAAoAAAACAAAAAEAAABDAAAAdAAAAHgAAABNAAAAYQAAAHgAAABDAAAAbwAAAG4AA
>+ ABuAAAAZQAAAGMAAAB0AAAAaQAAAG8AAABuAAAAVAAAAGkAAABtAAAAZQAAADQAMAA3ADcAMQBiAD
>+ AAMAAcAAAACAAAAAEAAABDAAAAdAAAAHgAAABNAAAAYQAAAHgAAABJAAAAZAAAAGwAAABlAAAAVAA
>+ AAGkAAABtAAAAZQAAAGMAMAAyADcAMAA5ADAAMAAgAAAAAgAAAAEAAABDAAAAdAAAAHgAAABXAAAA
>+ bwAAAHIAAABrAAAARAAAAGkAAAByAAAAZQAAAGMAAAB0AAAAbwAAAHIAAAB5AAAAMAAwABgAAAAIA
>+ AAAAQAAAEMAAAB0AAAAeAAAAEMAAABmAAAAZwAAAEYAAABsAAAAYQAAAGcAAABzAAAAMQAAADAAMA
>+ BmADAAMgA2ADgAMAAiAAAAAgAAAAEAAABDAAAAdAAAAHgAAABJAAAAbgAAAGkAAAB0AAAAaQAAAGE
>+ AAABsAAAAUAAAAHIAAABvAAAAZwAAAHIAAABhAAAAbQAAADAAMAA=
>+-
>+EOF
>+       fi
>+}
>+
> reindex() {
>        $PYTHON $BINDIR/samba-tool dbcheck --reindex -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $@
> }
>@@ -54,6 +162,21 @@ dbcheck_acl_reset_clean() {
>     fi
> }
> 
>+# This should 'fail', because it returns the number of modified records
>+dbcheck2() {
>+    if [ x$RELEASE = x"release-4-1-0rc3" ]; then
>+       $PYTHON $BINDIR/samba-tool dbcheck --cross-ncs --fix --yes -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $@
>+    else
>+	exit 1
>+    fi
>+}
>+# But having fixed it all up, this should pass
>+dbcheck_clean2() {
>+    if [ x$RELEASE = x"release-4-1-0rc3" ]; then
>+       $PYTHON $BINDIR/samba-tool dbcheck --cross-ncs -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $@
>+    fi
>+}
>+
> referenceprovision() {
>     if [ x$RELEASE == x"release-4-0-0" ]; then
>         $PYTHON $BINDIR/samba-tool domain provision --server-role="dc" --domain=SAMBA --host-name=ares --realm=${RELEASE}.samba.corp --targetdir=$PREFIX_ABS/${RELEASE}_reference --use-ntvfs --host-ip=127.0.0.1 --host-ip6=::1
>@@ -79,6 +202,12 @@ if [ -d $release_dir ]; then
>     testit "dbcheck_clean" dbcheck_clean
>     testit_expect_failure "dbcheck_acl_reset" dbcheck_acl_reset
>     testit "dbcheck_acl_reset_clean" dbcheck_acl_reset_clean
>+    testit "add_userparameters0" add_userparameters1
>+    testit "add_userparameters1" add_userparameters1
>+    testit "add_userparameters2" add_userparameters2
>+    testit "add_userparameters3" add_userparameters3
>+    testit_expect_failure "dbcheck2" dbcheck2
>+    testit "dbcheck_clean2" dbcheck_clean2
>     testit "referenceprovision" referenceprovision
>     testit "ldapcmp" ldapcmp
>     testit "ldapcmp_sd" ldapcmp_sd
>@@ -108,6 +237,31 @@ EOF
>     subunit_skip_test "dbcheck_clean_acl_reset" <<EOF
> no test provision
> EOF
>+    subunit_start_test add_userparameters0
>+    subunit_skip_test add_userparameters0<<EOF
>+no test provision
>+EOF
>+
>+    subunit_start_test add_userparameters1
>+    subunit_skip_test add_userparameters1<<EOF
>+no test provision
>+EOF
>+
>+    subunit_start_test add_userparameters2
>+    subunit_skip_test add_userparameters2<<EOF
>+no test provision
>+EOF
>+
>+    subunit_start_test add_userparameters3
>+    subunit_skip_test add_userparameters3<<EOF
>+no test provision
>+EOF
>+
>+    subunit_start_test "dbcheck2"
>+    subunit_skip_test "dbcheck2" <<EOF
>+no test provision
>+EOF
>+
>     subunit_start_test "referenceprovision"
>     subunit_skip_test "referenceprovision" <<EOF
> no test provision
>-- 
>1.9.1
>
>
>From 3bfedd6e443b14b34450e5d93bf88bd4fcde0795 Mon Sep 17 00:00:00 2001
>From: Stefan Metzmacher <metze@samba.org>
>Date: Tue, 8 Jul 2014 16:19:09 +0200
>Subject: [PATCH 4/4] s4:dsdb/samldb: don't allow 'userParameters' to be
> modified over LDAP for now
>
>For now it's safer to reject setting 'userParameters' via LDAP,
>as we'll not provide the same behavior as a Windows Server.
>
>If someone requires that feature please report this in the following
>bug reports!
>
>Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
>Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130
>
>Signed-off-by: Stefan Metzmacher <metze@samba.org>
>Reviewed-by: Andrew Bartlett <abartlet@samba.org>
>
>Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
>Autobuild-Date(master): Wed Jul  9 11:07:51 CEST 2014 on sn-devel-104
>
>(cherry picked from commit 04e9d020c97c2dcd360b1845907f4c396d5671dc)
>---
> source4/dsdb/samdb/ldb_modules/samldb.c | 18 ++++++++++++++++++
> 1 file changed, 18 insertions(+)
>
>diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c
>index ca553e6..2f8c572 100644
>--- a/source4/dsdb/samdb/ldb_modules/samldb.c
>+++ b/source4/dsdb/samdb/ldb_modules/samldb.c
>@@ -2268,6 +2268,15 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req)
> 		return ldb_next_request(module, req);
> 	}
> 
>+	el = ldb_msg_find_element(req->op.add.message, "userParameters");
>+	if (el != NULL && ldb_req_is_untrusted(req)) {
>+		const char *reason = "samldb_add: "
>+			"setting userParameters is not supported over LDAP, "
>+			"see https://bugzilla.samba.org/show_bug.cgi?id=8077";
>+		ldb_debug(ldb, LDB_DEBUG_WARNING, "%s", reason);
>+		return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, reason);
>+	}
>+
> 	ac = samldb_ctx_init(module, req);
> 	if (ac == NULL) {
> 		return ldb_operr(ldb);
>@@ -2407,6 +2416,15 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req)
> 		}
> 	}
> 
>+	el = ldb_msg_find_element(req->op.mod.message, "userParameters");
>+	if (el != NULL && ldb_req_is_untrusted(req)) {
>+		const char *reason = "samldb: "
>+			"setting userParameters is not supported over LDAP, "
>+			"see https://bugzilla.samba.org/show_bug.cgi?id=8077";
>+		ldb_debug(ldb, LDB_DEBUG_WARNING, "%s", reason);
>+		return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, reason);
>+	}
>+
> 	ac = samldb_ctx_init(module, req);
> 	if (ac == NULL) {
> 		return ldb_operr(ldb);
>-- 
>1.9.1
>

Flags:

metze: review+

Actions: View

Attachments on bug 10130: 9199 | 9983 | 10091 | 10096