The Samba-Bugzilla – Attachment 13208 Details for
Bug 12757
idmap_rfc2307: Lookup of more than two SIDs fails
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patches for 4.5
v4-5-patches (text/plain), 20.50 KB, created by
Christof Schmitt
on 2017-05-10 23:00:04 UTC
(
hide
)
Description:
Patches for 4.5
Filename:
MIME Type:
Creator:
Christof Schmitt
Created:
2017-05-10 23:00:04 UTC
Size:
20.50 KB
patch
obsolete
>From 869cd0ad69b5ad27b58290d5e9ffd21e6338e77c Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Fri, 31 Mar 2017 15:20:07 +0000 >Subject: [PATCH 01/11] idmap_rfc2307: Don't stop after 30 entries > >We start over again and again, so we need to search in the whole list. >This is a quick hack generating a bad O(n^2). The real fix is to >call idmap_rfc2307_find_map with "maps" starting at the right offset, >but that's an optimization for later when it's restructured > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit 54a0e7e3d7332f420f36a3a20dd62156e6adea46) >--- > source3/winbindd/idmap_rfc2307.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > >diff --git a/source3/winbindd/idmap_rfc2307.c b/source3/winbindd/idmap_rfc2307.c >index 34cc5cd..fcb950d 100644 >--- a/source3/winbindd/idmap_rfc2307.c >+++ b/source3/winbindd/idmap_rfc2307.c >@@ -521,10 +521,7 @@ static struct id_map* idmap_rfc2307_find_map(struct idmap_rfc2307_map *maps, > > DEBUG(10, ("Looking for name %s, type %d\n", name, type)); > >- for (i = 0; i < IDMAP_LDAP_MAX_IDS; i++) { >- if (maps[i].map == NULL) { /* end of the run */ >- return NULL; >- } >+ for (i = 0; maps[i].map != NULL; i++) { > DEBUG(10, ("Entry %d: name %s, type %d\n", > i, maps[i].name, maps[i].type)); > if (type == maps[i].type && strcmp(name, maps[i].name) == 0) { >-- >1.8.3.1 > > >From 1490e751f417760195311f24e75f94ef7ded959a Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Fri, 31 Mar 2017 15:23:39 +0000 >Subject: [PATCH 02/11] idmap_rfc2307: "ldap_next_entry" needs the previous > entry, not the start > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit 17563f295ffa7379daa5bf7cc89540df4ae4f7b3) >--- > source3/winbindd/idmap_rfc2307.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/source3/winbindd/idmap_rfc2307.c b/source3/winbindd/idmap_rfc2307.c >index fcb950d..1102790 100644 >--- a/source3/winbindd/idmap_rfc2307.c >+++ b/source3/winbindd/idmap_rfc2307.c >@@ -553,7 +553,7 @@ static void idmap_rfc2307_map_xid_results(struct idmap_rfc2307_context *ctx, > if (i == 0) { > entry = ldap_first_entry(ctx->ldap, result); > } else { >- entry = ldap_next_entry(ctx->ldap, result); >+ entry = ldap_next_entry(ctx->ldap, entry); > } > if (!entry) { > DEBUG(2, ("Unable to fetch entry.\n")); >-- >1.8.3.1 > > >From 266ed6617dd1b7b0744f908a9dbee30ad6e9eaab Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Tue, 4 Apr 2017 14:15:26 +0200 >Subject: [PATCH 03/11] test_idmap_rfc2307: Remove the correct file > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit 9e816ea2f8d21d392b4e9050e443ef936629202e) >--- > nsswitch/tests/test_idmap_rfc2307.sh | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh >index 90e32a7..a125f77 100755 >--- a/nsswitch/tests/test_idmap_rfc2307.sh >+++ b/nsswitch/tests/test_idmap_rfc2307.sh >@@ -102,7 +102,7 @@ EOF > > testit "add second ldap group mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb > >-rm -f $PREFIX/tmpldbmodify >+rm -f $PREFIX/tmpldb > > testit "wbinfo --name-to-sid" $wbinfo --name-to-sid "$DOMAIN/$USERNAME" || failed=$(expr $failed + 1) > user_sid=$($wbinfo -n "$DOMAIN/$USERNAME" | cut -d " " -f1) >-- >1.8.3.1 > > >From 7070c1b2896d7f3c493b10d14c20f017719aaf04 Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Tue, 4 Apr 2017 14:15:26 +0200 >Subject: [PATCH 04/11] test_idmap_rfc2307: Avoid a tmpfile > >We can << directly into ldbadd > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit 1893bb9bc48d9251820a185c95c65562f2878074) >--- > nsswitch/tests/test_idmap_rfc2307.sh | 27 ++++++++++----------------- > 1 file changed, 10 insertions(+), 17 deletions(-) > >diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh >index a125f77..b5f8ce5 100755 >--- a/nsswitch/tests/test_idmap_rfc2307.sh >+++ b/nsswitch/tests/test_idmap_rfc2307.sh >@@ -45,14 +45,14 @@ $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "$LDA > > # Add id mapping information to LDAP > >-cat > $PREFIX/tmpldb <<EOF >+testit "add ldap prefix" $VALGRIND $ldbadd -H ldap://$DC_SERVER \ >+ -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF > dn: $LDAPPREFIX > objectclass: organizationalUnit > EOF > >-testit "add ldap prefix" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb >- >-cat > $PREFIX/tmpldb <<EOF >+testit "add ldap user mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER \ >+ -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF > dn: cn=$USERNAME,$LDAPPREFIX > objectClass: organizationalPerson > objectClass: posixAccount >@@ -64,9 +64,8 @@ gidNumber: 1 > homeDirectory: /home/admin > EOF > >-testit "add ldap user mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb >- >-cat > $PREFIX/tmpldb <<EOF >+testit "add second ldap user mapping record" $VALGRIND $ldbadd \ >+ -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF > dn: cn=$USERNAME2,$LDAPPREFIX > objectClass: organizationalPerson > objectClass: posixAccount >@@ -78,9 +77,8 @@ gidNumber: 2 > homeDirectory: /home/admin > EOF > >-testit "add second ldap user mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb >- >-cat > $PREFIX/tmpldb <<EOF >+testit "add ldap group mapping record" $VALGRIND $ldbadd \ >+ -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF > dn: cn=$GROUPNAME,$LDAPPREFIX > objectClass: posixGroup > objectClass: groupOfNames >@@ -89,9 +87,8 @@ gidNumber: $GROUPGID > member: cn=$USERNAME,$LDAPPREFIX > EOF > >-testit "add ldap group mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb >- >-cat > $PREFIX/tmpldb <<EOF >+testit "add second ldap group mapping record" $VALGRIND $ldbadd \ >+ -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF > dn: cn=$GROUPNAME2,$LDAPPREFIX > objectClass: posixGroup > objectClass: groupOfNames >@@ -100,10 +97,6 @@ gidNumber: $GROUPGID2 > member: cn=$USERNAME,$LDAPPREFIX > EOF > >-testit "add second ldap group mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb >- >-rm -f $PREFIX/tmpldb >- > testit "wbinfo --name-to-sid" $wbinfo --name-to-sid "$DOMAIN/$USERNAME" || failed=$(expr $failed + 1) > user_sid=$($wbinfo -n "$DOMAIN/$USERNAME" | cut -d " " -f1) > echo "$DOMAIN/$USERNAME resolved to $user_sid" >-- >1.8.3.1 > > >From 3b66d5189805551043b7c86d9c6d0fa206e09afd Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Tue, 4 Apr 2017 14:59:45 +0200 >Subject: [PATCH 05/11] test_idmap_rfc2307: Correct usage > >We already have 13 args at this point, and growing > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit f34ff621edbfd8b7c99cdadec166a80ae9c5646c) >--- > nsswitch/tests/test_idmap_rfc2307.sh | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh >index b5f8ce5..6e4e041 100755 >--- a/nsswitch/tests/test_idmap_rfc2307.sh >+++ b/nsswitch/tests/test_idmap_rfc2307.sh >@@ -1,6 +1,6 @@ > #!/bin/sh > # Test id mapping through idmap_rfc2307 module >-if [ $# -lt 9 ]; then >+if [ $# -lt 13 ]; then > echo Usage: $0 DOMAIN USERNAME UID USERNAME2 UID2 GROUPNAME GID GROUPNAME2 GID2 LDAPPREFIX DC_SERVER DC_USERNAME DC_PASSWORD > exit 1 > fi >-- >1.8.3.1 > > >From f7799e18129ac81c05c4348288de182d698d7f5c Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Tue, 4 Apr 2017 15:12:02 +0200 >Subject: [PATCH 06/11] test_idmap_rfc2307: Do a recursive delete in ou=idmap > >We'll create more posix objects soon > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit 1f5097e3fbf9931c830880637622bb0b05863466) >--- > nsswitch/tests/test_idmap_rfc2307.sh | 23 +++++++++++++++-------- > 1 file changed, 15 insertions(+), 8 deletions(-) > >diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh >index 6e4e041..e0f550d 100755 >--- a/nsswitch/tests/test_idmap_rfc2307.sh >+++ b/nsswitch/tests/test_idmap_rfc2307.sh >@@ -22,6 +22,11 @@ DC_PASSWORD="$4" > > wbinfo="$VALGRIND $BINDIR/wbinfo" > >+ldbsearch="ldbsearch" >+if [ -x "$BINDIR/ldbsearch" ]; then >+ ldbsearch="$BINDIR/ldbsearch" >+fi >+ > ldbadd="ldbadd" > if [ -x "$BINDIR/ldbadd" ]; then > ldbadd="$BINDIR/ldbadd" >@@ -37,10 +42,11 @@ failed=0 > . `dirname $0`/../../testprogs/blackbox/subunit.sh > > # Delete LDAP records >-$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME,$LDAPPREFIX" >-$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME2,$LDAPPREFIX" >-$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME,$LDAPPREFIX" >-$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME2,$LDAPPREFIX" >+$VALGRIND $ldbsearch -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD \ >+ -s one -b "$LDAPPREFIX" | grep '^dn:' | cut -d ' ' -f 2- | >+ xargs -d '\n' -n 1 -IDEL_DN \ >+ $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD \ >+ "DEL_DN" > $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "$LDAPPREFIX" > > # Add id mapping information to LDAP >@@ -141,10 +147,11 @@ echo "SID $group_sid2 resolved to $group_name2" > testit "test $group_name2 = $DOMAIN/$GROUPNAME2" test "$(echo $group_name2 | tr A-Z a-z)" = "$(echo $DOMAIN/$GROUPNAME2 | tr A-Z a-z)" || failed=$(expr $failed + 1) > > # Delete LDAP records >-$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME,$LDAPPREFIX" >-$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME2,$LDAPPREFIX" >-$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME,$LDAPPREFIX" >-$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME2,$LDAPPREFIX" >+$VALGRIND $ldbsearch -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD \ >+ -s one -b "$LDAPPREFIX" | grep '^dn:' | cut -d ' ' -f 2- | >+ xargs -d '\n' -n 1 -IDEL_DN \ >+ $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD \ >+ "DEL_DN" > $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "$LDAPPREFIX" > > exit $failed >-- >1.8.3.1 > > >From 950b1728acc9de76f622693e99eec2645bb5468e Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Tue, 4 Apr 2017 15:28:36 +0200 >Subject: [PATCH 07/11] test_idmap_rfc2307: Test wbinfo -r for 35 supplementary > group memberships > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit e663357b4d7d5cb0c4d8a0ebc97cfcb58429b894) >--- > nsswitch/tests/test_idmap_rfc2307.sh | 66 ++++++++++++++++++++++++++++++++---- > source3/selftest/tests.py | 12 ++++++- > 2 files changed, 71 insertions(+), 7 deletions(-) > >diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh >index e0f550d..5fabdc6 100755 >--- a/nsswitch/tests/test_idmap_rfc2307.sh >+++ b/nsswitch/tests/test_idmap_rfc2307.sh >@@ -1,7 +1,9 @@ > #!/bin/sh > # Test id mapping through idmap_rfc2307 module >-if [ $# -lt 13 ]; then >- echo Usage: $0 DOMAIN USERNAME UID USERNAME2 UID2 GROUPNAME GID GROUPNAME2 GID2 LDAPPREFIX DC_SERVER DC_USERNAME DC_PASSWORD >+if [ $# -lt 15 ]; then >+ echo Usage: $0 DOMAIN USERNAME UID USERNAME2 UID2 \ >+ GROUPNAME GID GROUPNAME2 GID2 GID_START NUMGROUPS \ >+ LDAPPREFIX DC_SERVER DC_USERNAME DC_PASSWORD > exit 1 > fi > >@@ -15,12 +17,15 @@ GROUPGID="$7" > GROUPNAME2="$8" > GROUPGID2="$9" > shift 9 >-LDAPPREFIX="$1" >-DC_SERVER="$2" >-DC_USERNAME="$3" >-DC_PASSWORD="$4" >+GID_START="$1" >+NUMGROUPS="$2" >+LDAPPREFIX="$3" >+DC_SERVER="$4" >+DC_USERNAME="$5" >+DC_PASSWORD="$6" > > wbinfo="$VALGRIND $BINDIR/wbinfo" >+net="$VALGRIND $BINDIR/net" > > ldbsearch="ldbsearch" > if [ -x "$BINDIR/ldbsearch" ]; then >@@ -146,6 +151,55 @@ echo "SID $group_sid2 resolved to $group_name2" > > testit "test $group_name2 = $DOMAIN/$GROUPNAME2" test "$(echo $group_name2 | tr A-Z a-z)" = "$(echo $DOMAIN/$GROUPNAME2 | tr A-Z a-z)" || failed=$(expr $failed + 1) > >+i=0 >+while [ ${i} -lt ${NUMGROUPS} ] ; do >+ GRP=$(printf "test_rfc2307_group_%3.3d" "$i") >+ GRP_GID=$(expr "$GID_START" + "$i") >+ testit "Add group $GRP" $net rpc group add "$GRP" -S "$DC_SERVER" \ >+ -U"${DOMAIN}\\${DC_USERNAME}"%"${DC_PASSWORD}" || >+ failed=$(expr $failed + 1) >+ testit "Add groupmem $GRP $USERNAME" \ >+ $net rpc group addmem "$GRP" "$USERNAME" \ >+ -S "$DC_SERVER" \ >+ -U"${DOMAIN}\\${DC_USERNAME}"%"${DC_PASSWORD}" || >+ failed=$(expr $failed + 1) >+ testit "Add group object for $GRP $GRP_GID" \ >+ $VALGRIND $ldbadd \ >+ -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD <<EOF >+dn: cn=$GRP,$LDAPPREFIX >+objectClass: posixGroup >+objectClass: groupOfNames >+cn: $GRP >+gidNumber: $GRP_GID >+member: cn=$USERNAME,$LDAPPREFIX >+EOF >+ i=$(expr "$i" + 1) >+done >+ >+# Test whether wbinfo -r shows all groups >+ >+EXPECTED_USERGROUPS="1000000/1000001/2000002/" >+i=0 >+while [ ${i} -lt ${NUMGROUPS} ] ; do >+ EXPECTED_USERGROUPS="$EXPECTED_USERGROUPS$(expr ${i} + ${GID_START})/" >+ i=$(expr "$i" + 1) >+done >+ >+USERGROUPS=$($wbinfo -r $DOMAIN/$USERNAME | sort -n | tr '\n' '/') >+ >+testit "Testing for expected group memberships" \ >+ test "$USERGROUPS" = "$EXPECTED_USERGROUPS" || >+ failed=$(expr $failed + 1) >+ >+i=0 >+while [ ${i} -lt ${NUMGROUPS} ] ; do >+ GRP=$(printf "test_rfc2307_group_%3.3d" ${i}) >+ testit "Del group $GRP" $net rpc group delete "$GRP" -S "$DC_SERVER" \ >+ -U"${DOMAIN}\\${DC_USERNAME}"%"${DC_PASSWORD}" || >+ failed=$(expr $failed + 1) >+ i=$(expr "$i" + 1) >+done >+ > # Delete LDAP records > $VALGRIND $ldbsearch -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD \ > -s one -b "$LDAPPREFIX" | grep '^dn:' | cut -d ' ' -f 2- | >diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py >index 4cd51a7..b5395ff 100755 >--- a/source3/selftest/tests.py >+++ b/source3/selftest/tests.py >@@ -389,7 +389,17 @@ for t in tests: > plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/write-list-tmp -U$USERNAME%$PASSWORD') > plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') > elif t == "idmap.rfc2307": >- plantestsuite(t, "ad_member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rfc2307.sh"), '$DOMAIN', 'Administrator', '2000000', 'Guest', '2000001', '"Domain Users"', '2000002', 'DnsAdmins', '2000003', 'ou=idmap,dc=samba,dc=example,dc=com', '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD']) >+ plantestsuite(t, "ad_member_rfc2307", >+ [os.path.join(samba3srcdir, >+ "../nsswitch/tests/test_idmap_rfc2307.sh"), >+ '$DOMAIN', >+ 'Administrator', '2000000', >+ 'Guest', '2000001', >+ '"Domain Users"', '2000002', >+ 'DnsAdmins', '2000003', >+ '2000005', '35', >+ 'ou=idmap,dc=samba,dc=example,dc=com', >+ '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD']) > elif t == "idmap.alloc": > plantestsuite(t, "ad_member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_nss.sh"), '$DOMAIN']) > elif t == "idmap.rid": >-- >1.8.3.1 > > >From 445211a4d93301188923d8298de74f7f7691817a Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Fri, 31 Mar 2017 15:20:07 +0000 >Subject: [PATCH 08/11] idmap_rfc2307: Don't stop after 30 entries > >We start over again and again, so we need to search in the whole list. >This is a quick hack generating a bad O(n^2). The real fix is to >call idmap_rfc2307_find_map with "maps" starting at the right offset, >but that's an optimization for later when it's restructured > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit c0f12170e8b9fb3ab75f53bba637c72f6465192e) >--- > source3/winbindd/idmap_util.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > >diff --git a/source3/winbindd/idmap_util.c b/source3/winbindd/idmap_util.c >index 196b4ad..fd2ae4a 100644 >--- a/source3/winbindd/idmap_util.c >+++ b/source3/winbindd/idmap_util.c >@@ -52,10 +52,7 @@ struct id_map *idmap_find_map_by_id(struct id_map **maps, enum id_type type, > { > int i; > >- for (i = 0; i < IDMAP_LDAP_MAX_IDS; i++) { >- if (maps[i] == NULL) { /* end of the run */ >- return NULL; >- } >+ for (i = 0; maps[i] != NULL; i++) { > if ((maps[i]->xid.type == type) && (maps[i]->xid.id == id)) { > return maps[i]; > } >-- >1.8.3.1 > > >From bd596c1f6aa9edc4ed3ee01d8e2f372514ca9b67 Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Fri, 31 Mar 2017 15:23:39 +0000 >Subject: [PATCH 09/11] idmap_rfc2307: "ldap_next_entry" needs the previous > entry, not the start > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit 803ea2d2b7820939d03f7eb381c3cf719a00ff4a) >--- > source3/winbindd/idmap_rfc2307.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/source3/winbindd/idmap_rfc2307.c b/source3/winbindd/idmap_rfc2307.c >index 1102790..0e0311a 100644 >--- a/source3/winbindd/idmap_rfc2307.c >+++ b/source3/winbindd/idmap_rfc2307.c >@@ -236,7 +236,7 @@ static void idmap_rfc2307_map_sid_results(struct idmap_rfc2307_context *ctx, > if (i == 0) { > entry = ldap_first_entry(ctx->ldap, result); > } else { >- entry = ldap_next_entry(ctx->ldap, result); >+ entry = ldap_next_entry(ctx->ldap, entry); > } > if (!entry) { > DEBUG(2, ("Unable to fetch entry.\n")); >-- >1.8.3.1 > > >From 53761f14433d7db356babd1c49e8c13ce3a7a12e Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Tue, 4 Apr 2017 17:15:10 +0200 >Subject: [PATCH 10/11] selftest: Avoid idmap caching when testing > idmap_rfc2307 > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit da7481f835ddc1fab16d11ccbaf7f33c213af23a) >--- > selftest/target/Samba3.pm | 2 ++ > 1 file changed, 2 insertions(+) > >diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm >index c574dda..1421b91 100755 >--- a/selftest/target/Samba3.pm >+++ b/selftest/target/Samba3.pm >@@ -465,6 +465,8 @@ sub setup_admember_rfc2307($$$$) > security = ads > workgroup = $dcvars->{DOMAIN} > realm = $dcvars->{REALM} >+ idmap cache time = 0 >+ idmap negative cache time = 0 > idmap config * : backend = autorid > idmap config * : range = 1000000-1999999 > idmap config * : rangesize = 100000 >-- >1.8.3.1 > > >From f92c379655bea6eddd2a44e697485f292bb20455 Mon Sep 17 00:00:00 2001 >From: Volker Lendecke <vl@samba.org> >Date: Thu, 6 Apr 2017 12:50:08 +0200 >Subject: [PATCH 11/11] idmap_rfc2307: Test unix-ids-to-sids with 35 groups > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=12757 > >Signed-off-by: Volker Lendecke <vl@samba.org> >Reviewed-by: Christof Schmitt <cs@samba.org> >(cherry picked from commit ee3b17ba4674a17a411c9ec4271e087c8cd7dad1) >--- > nsswitch/tests/test_idmap_rfc2307.sh | 14 ++++++++++++++ > 1 file changed, 14 insertions(+) > >diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh >index 5fabdc6..c62da5d 100755 >--- a/nsswitch/tests/test_idmap_rfc2307.sh >+++ b/nsswitch/tests/test_idmap_rfc2307.sh >@@ -176,6 +176,20 @@ EOF > i=$(expr "$i" + 1) > done > >+# Test whether wbinfo --xids-to-sids finds everything >+ >+GIDS="" >+i=0 >+while [ ${i} -lt ${NUMGROUPS} ] ; do >+ GIDS="$GIDS g$(expr ${i} + ${GID_START})" >+ i=$(expr "$i" + 1) >+done >+NUM_VALID_SIDS=$($wbinfo --unix-ids-to-sids="$GIDS" | grep -v ^S-0-0 | wc -l) >+ >+testit "Count number of valid sids found" \ >+ test ${NUM_VALID_SIDS} = ${NUMGROUPS} || >+ failed=$(expr $failed + 1) >+ > # Test whether wbinfo -r shows all groups > > EXPECTED_USERGROUPS="1000000/1000001/2000002/" >-- >1.8.3.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
cs
:
review+
vl
:
review+
Actions:
View
Attachments on
bug 12757
: 13208 |
13209