The Samba-Bugzilla – Attachment 10096 Details for
Bug 10130
samba crashes on opening Terminal Services Profile tab (userParameters field)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches for v4-1-test
tmp41.diff (text/plain), 28.54 KB, created by
Stefan Metzmacher
on 2014-07-09 15:03:23 UTC
(
hide
)
Description:
Patches for v4-1-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2014-07-09 15:03:23 UTC
Size:
28.54 KB
patch
obsolete
>From 05c5ab3b8dcd5e4f911013cea6ee65f7f015afcf Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Tue, 24 Sep 2013 10:12:24 -0700 >Subject: [PATCH 1/4] dsdb: Set syntax of userParameters to binary string, not > unicode string > >This means we continue to store the values as given on SAMR, assuming >that the SAMR buffer is little endian. The syntax for this specific >object is forced to be a binary blob, so that it is not converted on >DRSUAPI. > >This commit does not fix existing databases, nor pdb_samba_dsdb (used >by classicupgrade). > >Andrew Bartlett > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 >Change-Id: I10bb6aaecc381194e3c0ce6b9163f961acbdcee1 >Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Signed-off-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 1592eaa5c781af83aa64bc4e7211339e1d1eafce) >--- > source4/dsdb/schema/schema.h | 1 + > source4/dsdb/schema/schema_syntax.c | 11 +++++++++++ > 2 files changed, 12 insertions(+) > >diff --git a/source4/dsdb/schema/schema.h b/source4/dsdb/schema/schema.h >index cac6f98..457d986 100644 >--- a/source4/dsdb/schema/schema.h >+++ b/source4/dsdb/schema/schema.h >@@ -74,6 +74,7 @@ struct dsdb_syntax { > const struct dsdb_attribute *attr, > const struct ldb_message_element *in); > bool auto_normalise; >+ bool userParameters; /* Indicates the syntax userParameters should be forced to */ > }; > > struct dsdb_attribute { >diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c >index c2e0208..c9ff588 100644 >--- a/source4/dsdb/schema/schema_syntax.c >+++ b/source4/dsdb/schema/schema_syntax.c >@@ -2395,6 +2395,7 @@ static const struct dsdb_syntax dsdb_syntaxes[] = { > .validate_ldb = dsdb_syntax_DATA_BLOB_validate_ldb, > .equality = "octetStringMatch", > .comment = "Octet String", >+ .userParameters = true > },{ > .name = "String(Sid)", > .ldap_oid = LDB_SYNTAX_OCTET_STRING, >@@ -2665,6 +2666,16 @@ const struct dsdb_syntax *dsdb_syntax_for_attribute(const struct dsdb_attribute > unsigned int i; > > for (i=0; i < ARRAY_SIZE(dsdb_syntaxes); i++) { >+ /* >+ * We must pretend that userParamters was declared >+ * binary string, so we can store the 'UTF16' (not >+ * really string) structure as given over SAMR to samba >+ */ >+ if (dsdb_syntaxes[i].userParameters && >+ (strcasecmp(attr->lDAPDisplayName, "userParameters") == 0)) >+ { >+ return &dsdb_syntaxes[i]; >+ } > if (attr->oMSyntax != dsdb_syntaxes[i].oMSyntax) continue; > > if (attr->oMObjectClass.length != dsdb_syntaxes[i].oMObjectClass.length) continue; >-- >1.9.1 > > >From b0ca6e0403ec87a5d9235f680534cda84d8ed213 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Tue, 17 Jun 2014 16:03:22 +1200 >Subject: [PATCH 2/4] dsdb: Always store and return the userParameters as a > array of LE 16-bit values > >This is not allowed to be odd length, as otherwise we can not send it over the SAMR transport correctly. > >Allocating one byte less memory than required causes malloc() heap corruption >and then a crash or lockup of the SAMR server. > >Andrew Bartlett > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130 >Change-Id: I5c0c531c1d660141e07f884a4789ebe11c1716f6 >Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Signed-off-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit d7b4d10aba90f4a1acf01d1d5ab62161862f62f7) >--- > source3/passdb/pdb_samba_dsdb.c | 31 +++++++++++++++--- > source4/dsdb/common/util.c | 59 ++++++++++++++++++++++++++--------- > source4/rpc_server/samr/dcesrv_samr.c | 17 +++++++--- > 3 files changed, 84 insertions(+), 23 deletions(-) > >diff --git a/source3/passdb/pdb_samba_dsdb.c b/source3/passdb/pdb_samba_dsdb.c >index cbeb332..4cd7a4b 100644 >--- a/source3/passdb/pdb_samba_dsdb.c >+++ b/source3/passdb/pdb_samba_dsdb.c >@@ -259,9 +259,13 @@ static NTSTATUS pdb_samba_dsdb_init_sam_from_priv(struct pdb_methods *m, > pdb_set_workstations(sam, str, PDB_SET); > } > >- str = ldb_msg_find_attr_as_string(msg, "userParameters", >- NULL); >- if (str != NULL) { >+ blob = ldb_msg_find_ldb_val(msg, "userParameters"); >+ if (blob != NULL) { >+ str = base64_encode_data_blob(frame, *blob); >+ if (str == NULL) { >+ DEBUG(0, ("base64_encode_data_blob() failed\n")); >+ goto fail; >+ } > pdb_set_munged_dial(sam, str, PDB_SET); > } > >@@ -553,8 +557,25 @@ static int pdb_samba_dsdb_replace_by_sam(struct pdb_samba_dsdb_state *state, > > /* This will need work, it is actually a UTF8 'string' with internal NULLs, to handle TS parameters */ > if (need_update(sam, PDB_MUNGEDDIAL)) { >- ret |= ldb_msg_add_string(msg, "userParameters", >- pdb_get_munged_dial(sam)); >+ const char *base64_munged_dial = NULL; >+ >+ base64_munged_dial = pdb_get_munged_dial(sam); >+ if (base64_munged_dial != NULL && strlen(base64_munged_dial) > 0) { >+ struct ldb_val blob; >+ >+ blob = base64_decode_data_blob_talloc(msg, >+ base64_munged_dial); >+ if (blob.data == NULL) { >+ DEBUG(0, ("Failed to decode userParameters from " >+ "munged dialback string[%s] for %s\n", >+ base64_munged_dial, >+ ldb_dn_get_linearized(msg->dn))); >+ talloc_free(frame); >+ return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; >+ } >+ ret |= ldb_msg_add_steal_value(msg, "userParameters", >+ &blob); >+ } > } > > if (need_update(sam, PDB_COUNTRY_CODE)) { >diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c >index 904ca1d..0807e89 100644 >--- a/source4/dsdb/common/util.c >+++ b/source4/dsdb/common/util.c >@@ -650,27 +650,42 @@ uint32_t samdb_result_acct_flags(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ct > return acct_flags; > } > >-struct lsa_BinaryString samdb_result_parameters(TALLOC_CTX *mem_ctx, >- struct ldb_message *msg, >- const char *attr) >+NTSTATUS samdb_result_parameters(TALLOC_CTX *mem_ctx, >+ struct ldb_message *msg, >+ const char *attr, >+ struct lsa_BinaryString *s) > { >- struct lsa_BinaryString s; >+ int i; > const struct ldb_val *val = ldb_msg_find_ldb_val(msg, attr); > >- ZERO_STRUCT(s); >+ ZERO_STRUCTP(s); > > if (!val) { >- return s; >+ return NT_STATUS_OK; >+ } >+ >+ if ((val->length % 2) != 0) { >+ /* >+ * If the on-disk data is not even in length, we know >+ * it is corrupt, and can not be safely pushed. We >+ * would either truncate, send either a un-initilaised >+ * byte or send a forced zero byte >+ */ >+ return NT_STATUS_INTERNAL_DB_CORRUPTION; > } > >- s.array = talloc_array(mem_ctx, uint16_t, val->length/2); >- if (!s.array) { >- return s; >+ s->array = talloc_array(mem_ctx, uint16_t, val->length/2); >+ if (!s->array) { >+ return NT_STATUS_NO_MEMORY; > } >- s.length = s.size = val->length; >- memcpy(s.array, val->data, val->length); >+ s->length = s->size = val->length; > >- return s; >+ /* The on-disk format is the 'network' format, being UTF16LE (sort of) */ >+ for (i = 0; i < s->length / 2; i++) { >+ s->array[i] = SVAL(val->data, i * 2); >+ } >+ >+ return NT_STATUS_OK; > } > > /* Find an attribute, with a particular value */ >@@ -978,10 +993,26 @@ int samdb_msg_add_logon_hours(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, > int samdb_msg_add_parameters(struct ldb_context *sam_ldb, TALLOC_CTX *mem_ctx, struct ldb_message *msg, > const char *attr_name, struct lsa_BinaryString *parameters) > { >+ int i; > struct ldb_val val; >+ if ((parameters->length % 2) != 0) { >+ return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; >+ } >+ >+ val.data = talloc_array(mem_ctx, uint8_t, parameters->length); >+ if (val.data == NULL) { >+ return LDB_ERR_OPERATIONS_ERROR; >+ } > val.length = parameters->length; >- val.data = (uint8_t *)parameters->array; >- return ldb_msg_add_value(msg, attr_name, &val, NULL); >+ for (i = 0; i < parameters->length / 2; i++) { >+ /* >+ * The on-disk format needs to be in the 'network' >+ * format, parmeters->array is a uint16_t array of >+ * length parameters->length / 2 >+ */ >+ SSVAL(val.data, i * 2, parameters->array[i]); >+ } >+ return ldb_msg_add_steal_value(msg, attr_name, &val); > } > > /* >diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c >index 7279fe0..330e6fb 100644 >--- a/source4/rpc_server/samr/dcesrv_samr.c >+++ b/source4/rpc_server/samr/dcesrv_samr.c >@@ -61,8 +61,6 @@ > info->field = samdb_result_logon_hours(mem_ctx, msg, attr); > #define QUERY_AFLAGS(msg, field, attr) \ > info->field = samdb_result_acct_flags(sam_ctx, mem_ctx, msg, a_state->domain_state->domain_dn); >-#define QUERY_PARAMETERS(msg, field, attr) \ >- info->field = samdb_result_parameters(mem_ctx, msg, attr); > > > /* these are used to make the Set[User|Group]Info code easier to follow */ >@@ -2703,6 +2701,8 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA > const char * const *attrs = NULL; > union samr_UserInfo *info; > >+ NTSTATUS status; >+ > *r->out.info = NULL; > > DCESRV_PULL_HANDLE(h, r->in.user_handle, SAMR_HANDLE_USER); >@@ -3043,7 +3043,11 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA > break; > > case 20: >- QUERY_PARAMETERS(msg, info20.parameters, "userParameters"); >+ status = samdb_result_parameters(mem_ctx, msg, "userParameters", &info->info20.parameters); >+ if (!NT_STATUS_IS_OK(status)) { >+ talloc_free(info); >+ return status; >+ } > break; > > case 21: >@@ -3062,7 +3066,12 @@ static NTSTATUS dcesrv_samr_QueryUserInfo(struct dcesrv_call_state *dce_call, TA > QUERY_STRING(msg, info21.description, "description"); > QUERY_STRING(msg, info21.workstations, "userWorkstations"); > QUERY_STRING(msg, info21.comment, "comment"); >- QUERY_PARAMETERS(msg, info21.parameters, "userParameters"); >+ status = samdb_result_parameters(mem_ctx, msg, "userParameters", &info->info21.parameters); >+ if (!NT_STATUS_IS_OK(status)) { >+ talloc_free(info); >+ return status; >+ } >+ > QUERY_RID (msg, info21.rid, "objectSid"); > QUERY_UINT (msg, info21.primary_gid, "primaryGroupID"); > QUERY_AFLAGS(msg, info21.acct_flags, "userAccountControl"); >-- >1.9.1 > > >From 87ea761c2a99148479fd248a408e4837268abc61 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Tue, 17 Jun 2014 16:00:57 +1200 >Subject: [PATCH 3/4] dbcheck: Add check and test for various invalid > userParameters values > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 >Change-Id: I6f2f4169856ce78c62e3a7e74b48520cca9cb9ae >Signed-off-by: Andrew Bartlett <abartlet@samba.org> >Reviewed-by: Stefan Metzmacher <metze@samba.org> >(cherry picked from commit 9bfbff65436a088fab5d564b6c0bb122a76492bc) >--- > python/samba/dbchecker.py | 90 ++++++++++++++++++ > testprogs/blackbox/dbcheck-oldrelease.sh | 154 +++++++++++++++++++++++++++++++ > 2 files changed, 244 insertions(+) > >diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py >index c658610..74e9678 100644 >--- a/python/samba/dbchecker.py >+++ b/python/samba/dbchecker.py >@@ -20,6 +20,7 @@ > import ldb > import samba > import time >+from base64 import b64decode > from samba import dsdb > from samba import common > from samba.dcerpc import misc >@@ -64,6 +65,9 @@ class dbcheck(object): > self.fix_replmetadata_zero_invocationid = False > self.fix_deleted_deleted_objects = False > self.fix_dn = False >+ self.fix_base64_userparameters = False >+ self.fix_utf8_userparameters = False >+ self.fix_doubled_userparameters = False > self.reset_well_known_acls = reset_well_known_acls > self.reset_all_well_known_acls = False > self.in_transaction = in_transaction >@@ -522,6 +526,58 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base))) > "Failed to correct missing instanceType on %s by setting instanceType=%d" % (obj.dn, calculated_instancetype)): > self.report("Corrected instancetype on %s by setting instanceType=%d" % (obj.dn, calculated_instancetype)) > >+ def err_short_userParameters(self, obj, attrname, value): >+ # This is a truncated userParameters due to a pre 4.1 replication bug >+ self.report("ERROR: incorrect userParameters value on object %s. If you have another working DC that does not give this warning, please run 'samba-tool drs replicate --full-sync --local <destinationDC> <sourceDC> %s'" % (obj.dn, self.samdb.get_nc_root(obj.dn))) >+ >+ def err_base64_userParameters(self, obj, attrname, value): >+ '''handle a wrong userParameters''' >+ self.report("ERROR: wrongly formatted userParameters %s on %s, should not be base64-encoded" % (value, obj.dn)) >+ if not self.confirm_all('Convert userParameters from base64 encoding on %s?' % (obj.dn), 'fix_base64_userparameters'): >+ self.report('Not changing userParameters from base64 encoding on %s' % (obj.dn)) >+ return >+ >+ m = ldb.Message() >+ m.dn = obj.dn >+ m['value'] = ldb.MessageElement(b64decode(obj[attrname][0]), ldb.FLAG_MOD_REPLACE, 'userParameters') >+ if self.do_modify(m, [], >+ "Failed to correct base64-encoded userParameters on %s by converting from base64" % (obj.dn)): >+ self.report("Corrected base64-encoded userParameters on %s by converting from base64" % (obj.dn)) >+ >+ def err_utf8_userParameters(self, obj, attrname, value): >+ '''handle a wrong userParameters''' >+ self.report("ERROR: wrongly formatted userParameters on %s, should not be psudo-UTF8 encoded" % (obj.dn)) >+ if not self.confirm_all('Convert userParameters from UTF8 encoding on %s?' % (obj.dn), 'fix_utf8_userparameters'): >+ self.report('Not changing userParameters from UTF8 encoding on %s' % (obj.dn)) >+ return >+ >+ m = ldb.Message() >+ m.dn = obj.dn >+ m['value'] = ldb.MessageElement(obj[attrname][0].decode('utf8').encode('utf-16-le'), >+ ldb.FLAG_MOD_REPLACE, 'userParameters') >+ if self.do_modify(m, [], >+ "Failed to correct psudo-UTF8 encoded userParameters on %s by converting from UTF8" % (obj.dn)): >+ self.report("Corrected psudo-UTF8 encoded userParameters on %s by converting from UTF8" % (obj.dn)) >+ >+ def err_doubled_userParameters(self, obj, attrname, value): >+ '''handle a wrong userParameters''' >+ self.report("ERROR: wrongly formatted userParameters on %s, should not be double UTF16 encoded" % (obj.dn)) >+ if not self.confirm_all('Convert userParameters from doubled UTF-16 encoding on %s?' % (obj.dn), 'fix_doubled_userparameters'): >+ self.report('Not changing userParameters from doubled UTF-16 encoding on %s' % (obj.dn)) >+ return >+ >+ m = ldb.Message() >+ m.dn = obj.dn >+ m['value'] = ldb.MessageElement(obj[attrname][0].decode('utf-16-le').decode('utf-16-le').encode('utf-16-le'), >+ ldb.FLAG_MOD_REPLACE, 'userParameters') >+ if self.do_modify(m, [], >+ "Failed to correct doubled-UTF16 encoded userParameters on %s by converting" % (obj.dn)): >+ self.report("Corrected doubled-UTF16 encoded userParameters on %s by converting" % (obj.dn)) >+ >+ def err_odd_userParameters(self, obj, attrname): >+ # This is a truncated userParameters due to a pre 4.1 replication bug >+ self.report("ERROR: incorrect userParameters value on object %s (odd length). If you have another working DC that does not give this warning, please run 'samba-tool drs replicate --full-sync --local <destinationDC> <sourceDC> %s'" % (obj.dn, self.samdb.get_nc_root(obj.dn))) >+ > def find_revealed_link(self, dn, attrname, guid): > '''return a revealed link in an object''' > res = self.samdb.search(base=dn, scope=ldb.SCOPE_BASE, attrs=[attrname], >@@ -1164,6 +1220,40 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base))) > error_count += 1 > continue > >+ if str(attrname).lower() == 'userparameters': >+ if len(obj[attrname][0]) == 1 and obj[attrname][0][0] == '\x20': >+ error_count += 1 >+ self.err_short_userParameters(obj, attrname, obj[attrname]) >+ continue >+ >+ elif obj[attrname][0][:16] == '\x20\x00\x20\x00\x20\x00\x20\x00\x20\x00\x20\x00\x20\x00\x20\x00': >+ # This is the correct, normal prefix >+ continue >+ >+ elif obj[attrname][0][:20] == 'IAAgACAAIAAgACAAIAAg': >+ # this is the typical prefix from a windows migration >+ error_count += 1 >+ self.err_base64_userParameters(obj, attrname, obj[attrname]) >+ continue >+ >+ elif obj[attrname][0][1] != '\x00' and obj[attrname][0][3] != '\x00' and obj[attrname][0][5] != '\x00' and obj[attrname][0][7] != '\x00' and obj[attrname][0][9] != '\x00': >+ # This is a prefix that is not in UTF-16 format for the space or munged dialback prefix >+ error_count += 1 >+ self.err_utf8_userParameters(obj, attrname, obj[attrname]) >+ continue >+ >+ elif len(obj[attrname][0]) % 2 != 0: >+ # This is a value that isn't even in length >+ error_count += 1 >+ self.err_odd_userParameters(obj, attrname, obj[attrname]) >+ continue >+ >+ elif obj[attrname][0][1] == '\x00' and obj[attrname][0][2] == '\x00' and obj[attrname][0][3] == '\x00' and obj[attrname][0][4] != '\x00' and obj[attrname][0][5] == '\x00': >+ # This is a prefix that would happen if a SAMR-written value was replicated from a Samba 4.1 server to a working server >+ error_count += 1 >+ self.err_doubled_userParameters(obj, attrname, obj[attrname]) >+ continue >+ > # check for empty attributes > for val in obj[attrname]: > if val == '': >diff --git a/testprogs/blackbox/dbcheck-oldrelease.sh b/testprogs/blackbox/dbcheck-oldrelease.sh >index fbc9e9b..d59c8a8 100755 >--- a/testprogs/blackbox/dbcheck-oldrelease.sh >+++ b/testprogs/blackbox/dbcheck-oldrelease.sh >@@ -15,6 +15,11 @@ shift 2 > > release_dir=`dirname $0`/../../source4/selftest/provisions/$RELEASE > >+ldbmodify="ldbmodify" >+if [ -x "$BINDIR/ldbmodify" ]; then >+ ldbmodify="$BINDIR/ldbmodify" >+fi >+ > undump() { > if test -x $BINDIR/tdbrestore; > then >@@ -24,6 +29,109 @@ undump() { > fi > } > >+add_userparameters0() { >+ if [ x$RELEASE = x"release-4-1-0rc3" ]; then >+ $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb <<EOF >+dn: cn=localdc,cn=domain controllers,dc=release-4-1-0rc3,dc=samba,dc=corp >+changetype: modify >+replace: userParameters >+userParameters:: IAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAC >+ AAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAUAAQABoACAAB >+ AEMAdAB4AEMAZgBnAFAAcgBlAHMAZQBuAHQANTUxZTBiYjAYAAgAAQBDAHQAeABDAGYAZw >+ BGAGwAYQBnAHMAMQAwMGUwMDAxMBYACAABAEMAdAB4AEMAYQBsAGwAYgBhAGMAawAwMDAw >+ MDAwMBIACAABAEMAdAB4AFMAaABhAGQAbwB3ADAxMDAwMDAwKAAIAAEAQwB0AHgATQBhAH >+ gAQwBvAG4AbgBlAGMAdABpAG8AbgBUAGkAbQBlADAwMDAwMDAwLgAIAAEAQwB0AHgATQBh >+ AHgARABpAHMAYwBvAG4AbgBlAGMAdABpAG8AbgBUAGkAbQBlADAwMDAwMDAwHAAIAAEAQw >+ B0AHgATQBhAHgASQBkAGwAZQBUAGkAbQBlADAwMDAwMDAwIgAIAAEAQwB0AHgASwBlAHkA >+ YgBvAGEAcgBkAEwAYQB5AG8AdQB0ADAwMDAwMDAwKgACAAEAQwB0AHgATQBpAG4ARQBuAG >+ MAcgB5AHAAdABpAG8AbgBMAGUAdgBlAGwAMDAgAAIAAQBDAHQAeABXAG8AcgBrAEQAaQBy >+ AGUAYwB0AG8AcgB5ADAwIAACAAEAQwB0AHgATgBXAEwAbwBnAG8AbgBTAGUAcgB2AGUAcg >+ AwMBgAJAABAEMAdAB4AFcARgBIAG8AbQBlAEQAaQByADVjNWM3MzYxNzQ3NTcyNmU2NTVj >+ NzAyZTYyNjk2NDZmNmUwMCIABgABAEMAdAB4AFcARgBIAG8AbQBlAEQAaQByAEQAcgBpAH >+ YAZQA1MDNhMDAgADoAAQBDAHQAeABXAEYAUAByAG8AZgBpAGwAZQBQAGEAdABoADVjNWM3 >+ MzYxNzQ3NTcyNmU2NTVjNzA3MjZmNjY2OTZjNjU3NDczNjU1YzcwMmU2MjY5NjQ2ZjZlMD >+ AiAAIAAQBDAHQAeABJAG4AaQB0AGkAYQBsAFAAcgBvAGcAcgBhAG0AMDAiAAIAAQBDAHQA >+ eABDAGEAbABsAGIAYQBjAGsATgB1AG0AYgBlAHIAMDA= >+- >+EOF >+ fi >+} >+add_userparameters1() { >+ if [ x$RELEASE = x"release-4-1-0rc3" ]; then >+ $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb <<EOF >+dn: cn=administrator,cn=users,dc=release-4-1-0rc3,dc=samba,dc=corp >+changetype: modify >+replace: userParameters >+userParameters: IAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAC >+ AAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAUAAQABoACAAB >+ AEMAdAB4AEMAZgBnAFAAcgBlAHMAZQBuAHQANTUxZTBiYjAYAAgAAQBDAHQAeABDAGYAZw >+ BGAGwAYQBnAHMAMQAwMGUwMDAxMBYACAABAEMAdAB4AEMAYQBsAGwAYgBhAGMAawAwMDAw >+ MDAwMBIACAABAEMAdAB4AFMAaABhAGQAbwB3ADAxMDAwMDAwKAAIAAEAQwB0AHgATQBhAH >+ gAQwBvAG4AbgBlAGMAdABpAG8AbgBUAGkAbQBlADAwMDAwMDAwLgAIAAEAQwB0AHgATQBh >+ AHgARABpAHMAYwBvAG4AbgBlAGMAdABpAG8AbgBUAGkAbQBlADAwMDAwMDAwHAAIAAEAQw >+ B0AHgATQBhAHgASQBkAGwAZQBUAGkAbQBlADAwMDAwMDAwIgAIAAEAQwB0AHgASwBlAHkA >+ YgBvAGEAcgBkAEwAYQB5AG8AdQB0ADAwMDAwMDAwKgACAAEAQwB0AHgATQBpAG4ARQBuAG >+ MAcgB5AHAAdABpAG8AbgBMAGUAdgBlAGwAMDAgAAIAAQBDAHQAeABXAG8AcgBrAEQAaQBy >+ AGUAYwB0AG8AcgB5ADAwIAACAAEAQwB0AHgATgBXAEwAbwBnAG8AbgBTAGUAcgB2AGUAcg >+ AwMBgAJAABAEMAdAB4AFcARgBIAG8AbQBlAEQAaQByADVjNWM3MzYxNzQ3NTcyNmU2NTVj >+ NzAyZTYyNjk2NDZmNmUwMCIABgABAEMAdAB4AFcARgBIAG8AbQBlAEQAaQByAEQAcgBpAH >+ YAZQA1MDNhMDAgADoAAQBDAHQAeABXAEYAUAByAG8AZgBpAGwAZQBQAGEAdABoADVjNWM3 >+ MzYxNzQ3NTcyNmU2NTVjNzA3MjZmNjY2OTZjNjU3NDczNjU1YzcwMmU2MjY5NjQ2ZjZlMD >+ AiAAIAAQBDAHQAeABJAG4AaQB0AGkAYQBsAFAAcgBvAGcAcgBhAG0AMDAiAAIAAQBDAHQA >+ eABDAGEAbABsAGIAYQBjAGsATgB1AG0AYgBlAHIAMDA= >+- >+EOF >+ fi >+} >+add_userparameters2() { >+ if [ x$RELEASE = x"release-4-1-0rc3" ]; then >+ $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb <<EOF >+dn: cn=krbtgt,cn=users,dc=release-4-1-0rc3,dc=samba,dc=corp >+changetype: modify >+replace: userParameters >+userParameters:: Q3R4Q2ZnUHJlc2VudCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI >+ CAgUAsaCAFDdHhDZmdQcmVzZW5045S15pSx5oiw44GiIAIBQ3R4V0ZQcm9maWxlUGF0aOOAsBgCAU >+ N0eFdGSG9tZURpcuOAsCICAUN0eFdGSG9tZURpckRyaXZl44CwEggBQ3R4U2hhZG9344Sw44Cw44C >+ w44CwLggBQ3R4TWF4RGlzY29ubmVjdGlvblRpbWXjgaXjjLnjkLDjgLAoCAFDdHhNYXhDb25uZWN0 >+ aW9uVGltZeOAtOOct+aIseOAsBwIAUN0eE1heElkbGVUaW1l44Gj45yy46Sw44CwIAIBQ3R4V29ya >+ 0RpcmVjdG9yeeOAsBgIAUN0eENmZ0ZsYWdzMeOAsOOBpuOYsuOAuCICAUN0eEluaXRpYWxQcm9ncm >+ Ft44Cw >+- >+EOF >+ fi >+} >+ >+add_userparameters3() { >+ if [ x$RELEASE = x"release-4-1-0rc3" ]; then >+ $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb <<EOF >+dn: cn=guest,cn=users,dc=release-4-1-0rc3,dc=samba,dc=corp >+changetype: modify >+replace: userParameters >+userParameters:: QwAAAHQAAAB4AAAAQwAAAGYAAABnAAAAUAAAAHIAAABlAAAAcwAAAGUAAABuA >+ AAAdAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAA >+ AgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAIAAAACA >+ AAAAgAAAAIAAAACAAAAAgAAAAIAAAACAAAAAgAAAAUAAAAAsAAAAaAAAACAAAAAEAAABDAAAAdAAA >+ AHgAAABDAAAAZgAAAGcAAABQAAAAcgAAAGUAAABzAAAAZQAAAG4AAAB0AAAANQA1ADEAZQAwAGIAY >+ gAwACAAAAACAAAAAQAAAEMAAAB0AAAAeAAAAFcAAABGAAAAUAAAAHIAAABvAAAAZgAAAGkAAABsAA >+ AAZQAAAFAAAABhAAAAdAAAAGgAAAAwADAAGAAAAAIAAAABAAAAQwAAAHQAAAB4AAAAVwAAAEYAAAB >+ IAAAAbwAAAG0AAABlAAAARAAAAGkAAAByAAAAMAAwACIAAAACAAAAAQAAAEMAAAB0AAAAeAAAAFcA >+ AABGAAAASAAAAG8AAABtAAAAZQAAAEQAAABpAAAAcgAAAEQAAAByAAAAaQAAAHYAAABlAAAAMAAwA >+ BIAAAAIAAAAAQAAAEMAAAB0AAAAeAAAAFMAAABoAAAAYQAAAGQAAABvAAAAdwAAADAAMQAwADAAMA >+ AwADAAMAAuAAAACAAAAAEAAABDAAAAdAAAAHgAAABNAAAAYQAAAHgAAABEAAAAaQAAAHMAAABjAAA >+ AbwAAAG4AAABuAAAAZQAAAGMAAAB0AAAAaQAAAG8AAABuAAAAVAAAAGkAAABtAAAAZQAAAGUAMAA5 >+ ADMAMAA0ADAAMAAoAAAACAAAAAEAAABDAAAAdAAAAHgAAABNAAAAYQAAAHgAAABDAAAAbwAAAG4AA >+ ABuAAAAZQAAAGMAAAB0AAAAaQAAAG8AAABuAAAAVAAAAGkAAABtAAAAZQAAADQAMAA3ADcAMQBiAD >+ AAMAAcAAAACAAAAAEAAABDAAAAdAAAAHgAAABNAAAAYQAAAHgAAABJAAAAZAAAAGwAAABlAAAAVAA >+ AAGkAAABtAAAAZQAAAGMAMAAyADcAMAA5ADAAMAAgAAAAAgAAAAEAAABDAAAAdAAAAHgAAABXAAAA >+ bwAAAHIAAABrAAAARAAAAGkAAAByAAAAZQAAAGMAAAB0AAAAbwAAAHIAAAB5AAAAMAAwABgAAAAIA >+ AAAAQAAAEMAAAB0AAAAeAAAAEMAAABmAAAAZwAAAEYAAABsAAAAYQAAAGcAAABzAAAAMQAAADAAMA >+ BmADAAMgA2ADgAMAAiAAAAAgAAAAEAAABDAAAAdAAAAHgAAABJAAAAbgAAAGkAAAB0AAAAaQAAAGE >+ AAABsAAAAUAAAAHIAAABvAAAAZwAAAHIAAABhAAAAbQAAADAAMAA= >+- >+EOF >+ fi >+} >+ > reindex() { > $PYTHON $BINDIR/samba-tool dbcheck --reindex -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $@ > } >@@ -54,6 +162,21 @@ dbcheck_acl_reset_clean() { > fi > } > >+# This should 'fail', because it returns the number of modified records >+dbcheck2() { >+ if [ x$RELEASE = x"release-4-1-0rc3" ]; then >+ $PYTHON $BINDIR/samba-tool dbcheck --cross-ncs --fix --yes -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $@ >+ else >+ exit 1 >+ fi >+} >+# But having fixed it all up, this should pass >+dbcheck_clean2() { >+ if [ x$RELEASE = x"release-4-1-0rc3" ]; then >+ $PYTHON $BINDIR/samba-tool dbcheck --cross-ncs -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb $@ >+ fi >+} >+ > referenceprovision() { > if [ x$RELEASE == x"release-4-0-0" ]; then > $PYTHON $BINDIR/samba-tool domain provision --server-role="dc" --domain=SAMBA --host-name=ares --realm=${RELEASE}.samba.corp --targetdir=$PREFIX_ABS/${RELEASE}_reference --use-ntvfs --host-ip=127.0.0.1 --host-ip6=::1 >@@ -79,6 +202,12 @@ if [ -d $release_dir ]; then > testit "dbcheck_clean" dbcheck_clean > testit_expect_failure "dbcheck_acl_reset" dbcheck_acl_reset > testit "dbcheck_acl_reset_clean" dbcheck_acl_reset_clean >+ testit "add_userparameters0" add_userparameters1 >+ testit "add_userparameters1" add_userparameters1 >+ testit "add_userparameters2" add_userparameters2 >+ testit "add_userparameters3" add_userparameters3 >+ testit_expect_failure "dbcheck2" dbcheck2 >+ testit "dbcheck_clean2" dbcheck_clean2 > testit "referenceprovision" referenceprovision > testit "ldapcmp" ldapcmp > testit "ldapcmp_sd" ldapcmp_sd >@@ -108,6 +237,31 @@ EOF > subunit_skip_test "dbcheck_clean_acl_reset" <<EOF > no test provision > EOF >+ subunit_start_test add_userparameters0 >+ subunit_skip_test add_userparameters0<<EOF >+no test provision >+EOF >+ >+ subunit_start_test add_userparameters1 >+ subunit_skip_test add_userparameters1<<EOF >+no test provision >+EOF >+ >+ subunit_start_test add_userparameters2 >+ subunit_skip_test add_userparameters2<<EOF >+no test provision >+EOF >+ >+ subunit_start_test add_userparameters3 >+ subunit_skip_test add_userparameters3<<EOF >+no test provision >+EOF >+ >+ subunit_start_test "dbcheck2" >+ subunit_skip_test "dbcheck2" <<EOF >+no test provision >+EOF >+ > subunit_start_test "referenceprovision" > subunit_skip_test "referenceprovision" <<EOF > no test provision >-- >1.9.1 > > >From 3bfedd6e443b14b34450e5d93bf88bd4fcde0795 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Tue, 8 Jul 2014 16:19:09 +0200 >Subject: [PATCH 4/4] s4:dsdb/samldb: don't allow 'userParameters' to be > modified over LDAP for now > >For now it's safer to reject setting 'userParameters' via LDAP, >as we'll not provide the same behavior as a Windows Server. > >If someone requires that feature please report this in the following >bug reports! > >Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077 >Bug: https://bugzilla.samba.org/show_bug.cgi?id=10130 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> > >Autobuild-User(master): Stefan Metzmacher <metze@samba.org> >Autobuild-Date(master): Wed Jul 9 11:07:51 CEST 2014 on sn-devel-104 > >(cherry picked from commit 04e9d020c97c2dcd360b1845907f4c396d5671dc) >--- > source4/dsdb/samdb/ldb_modules/samldb.c | 18 ++++++++++++++++++ > 1 file changed, 18 insertions(+) > >diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c >index ca553e6..2f8c572 100644 >--- a/source4/dsdb/samdb/ldb_modules/samldb.c >+++ b/source4/dsdb/samdb/ldb_modules/samldb.c >@@ -2268,6 +2268,15 @@ static int samldb_add(struct ldb_module *module, struct ldb_request *req) > return ldb_next_request(module, req); > } > >+ el = ldb_msg_find_element(req->op.add.message, "userParameters"); >+ if (el != NULL && ldb_req_is_untrusted(req)) { >+ const char *reason = "samldb_add: " >+ "setting userParameters is not supported over LDAP, " >+ "see https://bugzilla.samba.org/show_bug.cgi?id=8077"; >+ ldb_debug(ldb, LDB_DEBUG_WARNING, "%s", reason); >+ return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, reason); >+ } >+ > ac = samldb_ctx_init(module, req); > if (ac == NULL) { > return ldb_operr(ldb); >@@ -2407,6 +2416,15 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) > } > } > >+ el = ldb_msg_find_element(req->op.mod.message, "userParameters"); >+ if (el != NULL && ldb_req_is_untrusted(req)) { >+ const char *reason = "samldb: " >+ "setting userParameters is not supported over LDAP, " >+ "see https://bugzilla.samba.org/show_bug.cgi?id=8077"; >+ ldb_debug(ldb, LDB_DEBUG_WARNING, "%s", reason); >+ return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, reason); >+ } >+ > ac = samldb_ctx_init(module, req); > if (ac == NULL) { > return ldb_operr(ldb); >-- >1.9.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
metze
:
review+
Actions:
View
Attachments on
bug 10130
:
9199
|
9983
|
10091
| 10096