Attachment 16060 Details for Bug 14406 – patch for v4-12-test branch

[patch] patch for v4-12-test branch

addl_fixup.patch (text/plain), 7.32 KB, created by Isaac Boukris on 2020-06-19 08:09:42 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Isaac Boukris

Created: 2020-06-19 08:09:42 UTC

Size: 7.32 KB

patch

obsolete

>From 107bfa0d6b16a095dfb0e2f960155a03fa9709a2 Mon Sep 17 00:00:00 2001
>From: Isaac Boukris <iboukris@gmail.com>
>Date: Thu, 11 Jun 2020 21:05:07 +0300
>Subject: [PATCH 1/3] Fix a typo in recent net man page changes
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406
>
>Signed-off-by: Isaac Boukris <iboukris@samba.org>
>Reviewed-by: Andreas Schneider <asn@samba.org>
>---
> docs-xml/manpages/net.8.xml | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml
>index cbab9c63a5e..951ddcd7c3a 100644
>--- a/docs-xml/manpages/net.8.xml
>+++ b/docs-xml/manpages/net.8.xml
>@@ -497,7 +497,7 @@ joining the domain.
> </para>
> 
> <para>
>-[FQDN] (ADS only) set the dnsHosName attribute during the join.
>+[FQDN] (ADS only) set the dnsHostName attribute during the join.
> The default format is netbiosname.dnsdomain.
> </para>
> 
>-- 
>2.25.4
>
>
>From a1fce870eb024a2109c54bcc90bf9d5c6a1a45a8 Mon Sep 17 00:00:00 2001
>From: Isaac Boukris <iboukris@gmail.com>
>Date: Tue, 16 Jun 2020 22:01:49 +0300
>Subject: [PATCH 2/3] selftest: add tests for binary msDS-AdditionalDnsHostName
>
>Like the short names added implicitly by Windows DC.
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406
>
>Signed-off-by: Isaac Boukris <iboukris@samba.org>
>Reviewed-by: Andreas Schneider <asn@samba.org>
>---
> selftest/knownfail.d/binary_addl_hostname |  3 +++
> testprogs/blackbox/test_net_ads.sh        | 22 ++++++++++++++++++++++
> 2 files changed, 25 insertions(+)
> create mode 100644 selftest/knownfail.d/binary_addl_hostname
>
>diff --git a/selftest/knownfail.d/binary_addl_hostname b/selftest/knownfail.d/binary_addl_hostname
>new file mode 100644
>index 00000000000..559db1df507
>--- /dev/null
>+++ b/selftest/knownfail.d/binary_addl_hostname
>@@ -0,0 +1,3 @@
>+^samba4.blackbox.net_ads.dns alias1 check keytab
>+^samba4.blackbox.net_ads.dns alias2 check keytab
>+^samba4.blackbox.net_ads.addl short check keytab
>diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh
>index 85257f445d8..eef4a31a6a7 100755
>--- a/testprogs/blackbox/test_net_ads.sh
>+++ b/testprogs/blackbox/test_net_ads.sh
>@@ -41,6 +41,11 @@ if [ -x "$BINDIR/ldbdel" ]; then
> 	ldbdel="$BINDIR/ldbdel"
> fi
> 
>+ldbmodify="ldbmodify"
>+if [ -x "$BINDIR/ldbmodify" ]; then
>+	ldbmodify="$BINDIR/ldbmodify"
>+fi
>+
> # Load test functions
> . `dirname $0`/subunit.sh
> 
>@@ -217,12 +222,29 @@ testit_grep "dns alias SPN" $dns_alias2 $VALGRIND $net_tool ads search -P samacc
> testit_grep "dns alias addl" $dns_alias1 $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ msDS-AdditionalDnsHostName || failed=`expr $failed + 1`
> testit_grep "dns alias addl" $dns_alias2 $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ msDS-AdditionalDnsHostName || failed=`expr $failed + 1`
> 
>+# Test binary msDS-AdditionalDnsHostName like ones added by Windows DC
>+short_alias_file="$PREFIX_ABS/short_alias_file"
>+printf 'short_alias\0$' > $short_alias_file
>+cat > $PREFIX_ABS/tmpldbmodify <<EOF
>+dn: CN=$HOSTNAME,$computers_dn
>+changetype: modify
>+add: msDS-AdditionalDnsHostName
>+msDS-AdditionalDnsHostName:< file://$short_alias_file
>+EOF
>+
>+testit "add binary msDS-AdditionalDnsHostName" $VALGRIND $ldbmodify -k yes -U$DC_USERNAME%$DC_PASSWORD -H ldap://$SERVER.$REALM $PREFIX_ABS/tmpldbmodify || failed=`expr $failed + 1`
>+
>+testit_grep "addl short alias" short_alias $ldbsearch --show-binary -U$DC_USERNAME%$DC_PASSWORD -H ldap://$SERVER.$REALM -s base -b "CN=$HOSTNAME,CN=Computers,$base_dn" msDS-AdditionalDnsHostName || failed=`expr $failed + 1`
>+
>+rm -f $PREFIX_ABS/tmpldbmodify $short_alias_file
>+
> dedicated_keytab_file="$PREFIX_ABS/test_dns_aliases_dedicated_krb5.keytab"
> 
> testit "dns alias create_keytab" $VALGRIND $net_tool ads keytab create --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
> 
> testit_grep "dns alias1 check keytab" "host/${dns_alias1}@$REALM" $net_tool ads keytab list --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
> testit_grep "dns alias2 check keytab" "host/${dns_alias2}@$REALM" $net_tool ads keytab list --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
>+testit_grep "addl short check keytab" "host/short_alias@$REALM" $net_tool ads keytab list --option="kerberosmethod=dedicatedkeytab" --option="dedicatedkeytabfile=$dedicated_keytab_file" || failed=`expr $failed + 1`
> 
> rm -f $dedicated_keytab_file
> 
>-- 
>2.25.4
>
>
>From b601abf246755cdb116920f6bf5b16037111e980 Mon Sep 17 00:00:00 2001
>From: Isaac Boukris <iboukris@gmail.com>
>Date: Thu, 11 Jun 2020 16:51:27 +0300
>Subject: [PATCH 3/3] Properly handle msDS-AdditionalDnsHostName returned from
> Windows DC
>
>Windows DC adds short names for each specified msDS-AdditionalDnsHostName
>attribute, but these have a suffix of "\0$" and thus fail with
>ldap_get_values(), use ldap_get_values_len() instead.
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406
>
>Signed-off-by: Isaac Boukris <iboukris@samba.org>
>Reviewed-by: Andreas Schneider <asn@samba.org>
>---
> selftest/knownfail.d/binary_addl_hostname |  3 --
> source3/libads/ldap.c                     | 38 +++++++++++++++++++++--
> 2 files changed, 35 insertions(+), 6 deletions(-)
> delete mode 100644 selftest/knownfail.d/binary_addl_hostname
>
>diff --git a/selftest/knownfail.d/binary_addl_hostname b/selftest/knownfail.d/binary_addl_hostname
>deleted file mode 100644
>index 559db1df507..00000000000
>--- a/selftest/knownfail.d/binary_addl_hostname
>+++ /dev/null
>@@ -1,3 +0,0 @@
>-^samba4.blackbox.net_ads.dns alias1 check keytab
>-^samba4.blackbox.net_ads.dns alias2 check keytab
>-^samba4.blackbox.net_ads.addl short check keytab
>diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
>index d443e3ee20c..51ceb447254 100755
>--- a/source3/libads/ldap.c
>+++ b/source3/libads/ldap.c
>@@ -3685,6 +3685,40 @@ out:
> /********************************************************************
> ********************************************************************/
> 
>+static char **get_addl_hosts(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx,
>+			      LDAPMessage *msg, size_t *num_values)
>+{
>+	const char *field = "msDS-AdditionalDnsHostName";
>+	struct berval **values = NULL;
>+	char **ret = NULL;
>+	size_t i, converted_size;
>+
>+	values = ldap_get_values_len(ads->ldap.ld, msg, field);
>+	if (values == NULL) {
>+		return NULL;
>+	}
>+
>+	*num_values = ldap_count_values_len(values);
>+
>+	ret = talloc_array(mem_ctx, char *, *num_values + 1);
>+	if (ret == NULL) {
>+		ldap_value_free_len(values);
>+		return NULL;
>+	}
>+
>+	for (i = 0; i < *num_values; i++) {
>+		if (!pull_utf8_talloc(mem_ctx, &ret[i], values[i]->bv_val,
>+				      &converted_size)) {
>+			ldap_value_free_len(values);
>+			return NULL;
>+		}
>+	}
>+	ret[i] = NULL;
>+
>+	ldap_value_free_len(values);
>+	return ret;
>+}
>+
> ADS_STATUS ads_get_additional_dns_hostnames(TALLOC_CTX *mem_ctx,
> 					    ADS_STRUCT *ads,
> 					    const char *machine_name,
>@@ -3710,9 +3744,7 @@ ADS_STATUS ads_get_additional_dns_hostnames(TALLOC_CTX *mem_ctx,
> 		goto done;
> 	}
> 
>-	*hostnames_array = ads_pull_strings(ads, mem_ctx, res,
>-					    "msDS-AdditionalDnsHostName",
>-					    num_hostnames);
>+	*hostnames_array = get_addl_hosts(ads, mem_ctx, res, num_hostnames);
> 	if (*hostnames_array == NULL) {
> 		DEBUG(1, ("Host account for %s does not have msDS-AdditionalDnsHostName.\n",
> 			  machine_name));
>-- 
>2.25.4
>

Flags:

iboukris: review+
iboukris: ci-passed+

Actions: View

Attachments on bug 14406: 16060 | 16062