Nabble - Samba

[0001-s4-drs-framework-for-DsGetReplInfo-includes-the.patch]
From 446e9295e82edebf39b6dfd5ae3c46bb004089f9 Mon Sep 17 00:00:00 2001

From: Erick Nogueira do Nascimento <erick.nogueira.nascimento@...>

Date: Wed, 23 Dec 2009 17:51:46 -0200

Subject: [PATCH] s4-drs: framework for DsGetReplInfo(), includes the DS_REPL_INFO_NEIGHBORS infoType.


This patch includes the framework for the implementation of all infoTypes of

the DsGetReplInfo() call, and includes the implementation for the first one,

the DS_REPL_INFO_NEIGHBORS.

---

 source4/dsdb/config.mk                      |    4 +-

 source4/dsdb/kcc/kcc_drs_replica_info.c     |  496 +++++++++++++++++++++++++++

 source4/dsdb/kcc/kcc_service.c              |   10 +-

 source4/rpc_server/drsuapi/dcesrv_drsuapi.c |   12 +-

 4 files changed, 518 insertions(+), 4 deletions(-)

 create mode 100644 source4/dsdb/kcc/kcc_drs_replica_info.c

diff --git a/source4/dsdb/config.mk b/source4/dsdb/config.mk

index dfc5def..19dba16 100644

--- a/source4/dsdb/config.mk

+++ b/source4/dsdb/config.mk

@@ -83,6 +83,8 @@ PRIVATE_DEPENDENCIES = \

 KCC_SRV_OBJ_FILES = $(addprefix $(dsdbsrcdir)/kcc/, \

 		kcc_service.o \

 		kcc_connection.o \

-		kcc_periodic.o)

+		kcc_periodic.o \

+		kcc_drs_replica_info.o)

 

 $(eval $(call proto_header_template,$(dsdbsrcdir)/kcc/kcc_service_proto.h,$(KCC_SRV_OBJ_FILES:.o=.c)))

+

diff --git a/source4/dsdb/kcc/kcc_drs_replica_info.c b/source4/dsdb/kcc/kcc_drs_replica_info.c

new file mode 100644

index 0000000..1f8b3d6

--- /dev/null

+++ b/source4/dsdb/kcc/kcc_drs_replica_info.c

@@ -0,0 +1,496 @@

+/*

+ Unix SMB/CIFS implementation.

+

+ DRS Replica Information

+

+ Copyright (C) Erick Nogueira do Nascimento 2009

+

+ This program is free software; you can redistribute it and/or modify

+ it under the terms of the GNU General Public License as published by

+ the Free Software Foundation; either version 3 of the License, or

+ (at your option) any later version.

+

+ This program is distributed in the hope that it will be useful,

+ but WITHOUT ANY WARRANTY; without even the implied warranty of

+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ GNU General Public License for more details.

+

+ You should have received a copy of the GNU General Public License

+ along with this program.  If not, see <http://www.gnu.org/licenses/>.

+

+ */

+

+#include "includes.h"

+#include "dsdb/samdb/samdb.h"

+#include "auth/auth.h"

+#include "smbd/service.h"

+#include "lib/events/events.h"

+#include "lib/messaging/irpc.h"

+#include "dsdb/kcc/kcc_service.h"

+#include "lib/ldb/include/ldb_errors.h"

+#include "../lib/util/dlinklist.h"

+#include "librpc/gen_ndr/ndr_misc.h"

+#include "librpc/gen_ndr/ndr_drsuapi.h"

+#include "librpc/gen_ndr/ndr_drsblobs.h"

+#include "param/param.h"

+

+struct ncList {

+	struct ldb_dn *dn;

+	struct ncList *prev, *next;

+};

+

+struct neighList {

+	struct drsuapi_DsReplicaNeighbour *neigh;

+	struct neighList *prev, *next;

+};

+

+static WERROR copy_repsfrom_1_to_2(TALLOC_CTX *mem_ctx,

+				 struct repsFromTo2 **reps2,

+				 struct repsFromTo1 *reps1)

+{

+	struct repsFromTo2* reps;

+

+	reps = talloc_zero(mem_ctx, struct repsFromTo2);

+	W_ERROR_HAVE_NO_MEMORY(reps);

+

+	reps->blobsize = reps1->blobsize;

+	reps->consecutive_sync_failures = reps1->consecutive_sync_failures;

+	reps->last_attempt = reps1->last_attempt;

+	reps->last_success = reps1->last_success;

+	reps->other_info = talloc_zero(mem_ctx, struct repsFromTo2OtherInfo);

+	W_ERROR_HAVE_NO_MEMORY(reps->other_info);

+	reps->other_info->dns_name1 = reps1->other_info->dns_name;

+	reps->replica_flags = reps1->replica_flags;

+	memcpy(reps->schedule, reps1->schedule, sizeof(reps1->schedule));

+	reps->reserved = reps1->reserved;

+	reps->highwatermark = reps1->highwatermark;

+	reps->source_dsa_obj_guid = reps1->source_dsa_obj_guid;

+	reps->source_dsa_invocation_id = reps1->source_dsa_invocation_id;

+	reps->transport_guid = reps1->transport_guid;

+

+	*reps2 = reps;

+	return WERR_OK;

+}

+

+static WERROR fill_neighbor_from_repsFrom(TALLOC_CTX *mem_ctx,

+					  struct ldb_context *samdb,

+					  struct ldb_dn *nc_dn,

+					  struct drsuapi_DsReplicaNeighbour *neigh,

+					  struct repsFromTo2 *reps_from)

+{

+	WERROR status;

+	struct ldb_dn *source_dsa_dn;

+	int ret;

+	char *dsa_guid_str;

+	struct ldb_dn *transport_obj_dn = NULL;

+

+	neigh->source_dsa_address = reps_from->other_info->dns_name1;

+	neigh->replica_flags = reps_from->replica_flags;

+	neigh->last_attempt = reps_from->last_attempt;

+	neigh->source_dsa_obj_guid = reps_from->source_dsa_obj_guid;

+

+	dsa_guid_str = GUID_string(mem_ctx, &reps_from->source_dsa_obj_guid);

+	W_ERROR_HAVE_NO_MEMORY(dsa_guid_str);

+	ret = dsdb_find_dn_by_guid(samdb, mem_ctx, dsa_guid_str, &source_dsa_dn);

+

+	if (ret != LDB_SUCCESS) {

+		DEBUG(0,(__location__ ": Failed to find DN for neighbor GUID %s\n",

+		      dsa_guid_str));

+		status = WERR_DS_DRA_INTERNAL_ERROR;

+		goto DONE;

+	}

+

+	neigh->source_dsa_obj_dn = ldb_dn_get_linearized(source_dsa_dn);

+	neigh->naming_context_dn = ldb_dn_get_linearized(nc_dn);

+

+	if (dsdb_find_guid_by_dn(samdb, nc_dn, &neigh->naming_context_obj_guid)

+			!= LDB_SUCCESS) {

+		status = WERR_DS_DRA_INTERNAL_ERROR;

+		goto DONE;

+	}

+

+	if (!GUID_all_zero(&reps_from->transport_guid)) {

+		char *transp_guid_str = GUID_string(mem_ctx, &reps_from->transport_guid);

+		W_ERROR_HAVE_NO_MEMORY(transp_guid_str);

+		if (dsdb_find_dn_by_guid(samdb, mem_ctx, transp_guid_str,

+					 &transport_obj_dn) != LDB_SUCCESS)

+		{

+			status = WERR_DS_DRA_INTERNAL_ERROR;

+			goto DONE;

+		}

+	}

+

+	neigh->transport_obj_dn = ldb_dn_get_linearized(transport_obj_dn);

+	neigh->source_dsa_invocation_id = reps_from->source_dsa_invocation_id;

+	neigh->transport_obj_guid = reps_from->transport_guid;

+	neigh->highest_usn = reps_from->highwatermark.highest_usn;

+	neigh->tmp_highest_usn = reps_from->highwatermark.tmp_highest_usn;

+	neigh->last_success = reps_from->last_success;

+	neigh->result_last_attempt = reps_from->result_last_attempt;

+	neigh->consecutive_sync_failures = reps_from->consecutive_sync_failures;

+	neigh->reserved = 0; /* Unused. MUST be 0. */

+

+	/* If everything went fine so far, set the status to OK */

+	status = WERR_OK;

+DONE:

+	return status;

+}

+

+/*

+ * See details on MS-DRSR 4.1.13.3, for infoType DS_REPL_INFO_NEIGHBORS

+ * */

+static WERROR kccdrs_replica_get_info_neighbours(TALLOC_CTX *mem_ctx,

+						 struct ldb_context *samdb,

+						 struct drsuapi_DsReplicaGetInfo *r,

+						 union drsuapi_DsReplicaInfo *reply,

+						 int base_index,

+						 struct GUID req_src_dsa_guid,

+						 struct ncList *nc_list)

+{

+	WERROR status;

+

+	int i, j, k;

+	struct ldb_dn *nc_dn = NULL;

+	struct ncList *p_nc_list = NULL;

+

+	struct repsFromToBlob *reps_from_blob = NULL;

+	struct repsFromTo2 *reps_from = NULL;

+	uint32_t c_reps_from;

+

+	int i_rep;

+

+	struct neighList *neigh_list = NULL;

+	struct neighList *neigh_elem = NULL;

+

+	struct drsuapi_DsReplicaNeighbour *neigh = NULL;

+

+	i = j = 0;

+	neigh_list = NULL;

+

+	/* foreach nc in ncs */

+	for (p_nc_list = nc_list; p_nc_list != NULL; p_nc_list = p_nc_list->next) {

+

+		nc_dn = p_nc_list->dn;

+

+		/* load the nc's repsFromTo blob */

+		status = dsdb_loadreps(samdb, mem_ctx, nc_dn, "repsFrom",

+				&reps_from_blob, &c_reps_from);

+		if (!W_ERROR_IS_OK(status)) {

+			status = WERR_DS_DRA_INTERNAL_ERROR;

+			goto DONE;

+		}

+

+		/* foreach r in nc!repsFrom */

+		for (i_rep = 0; i_rep < c_reps_from; i_rep++) {

+

+			/* put all info on reps_from */

+			if (reps_from_blob[i_rep].version == 1) {

+				status = copy_repsfrom_1_to_2(mem_ctx, &reps_from,

+							      &reps_from_blob[i_rep].ctr.ctr1);

+				if (!W_ERROR_IS_OK(status)) {

+					goto DONE;

+				}

+			} else { /* reps_from->version == 2 */

+				reps_from = &reps_from_blob[i_rep].ctr.ctr2;

+			}

+

+			if (GUID_all_zero(&req_src_dsa_guid) ||

+			    GUID_compare(&req_src_dsa_guid, &reps_from->source_dsa_obj_guid) == 0)

+			{

+

+				if (i >= base_index) {

+					neigh = talloc_zero(mem_ctx, struct drsuapi_DsReplicaNeighbour);

+					W_ERROR_HAVE_NO_MEMORY(neigh);

+

+					status = fill_neighbor_from_repsFrom(mem_ctx, samdb,

+									     nc_dn, neigh,

+									     reps_from);

+					if (!W_ERROR_IS_OK(status)) {

+						goto DONE;

+					}

+

+					/* append the neighbor to neigh_list */

+					neigh_elem = talloc_zero(mem_ctx, struct neighList);

+					W_ERROR_HAVE_NO_MEMORY(neigh_elem);

+					neigh_elem->neigh = neigh;

+					DLIST_ADD_END(neigh_list, neigh_elem, struct neighList*);

+

+					j++;

+				}

+

+				i++;

+			}

+		}

+	}

+

+	/* put all neighbours on neigh_list on reply->neighbours->array */

+	reply->neighbours = talloc_zero(mem_ctx, struct drsuapi_DsReplicaNeighbourCtr);

+	W_ERROR_HAVE_NO_MEMORY(reply->neighbours);

+

+	reply->neighbours->count = j;

+	reply->neighbours->reserved = 0;

+	reply->neighbours->array = talloc_array(mem_ctx, struct drsuapi_DsReplicaNeighbour, j);

+	W_ERROR_HAVE_NO_MEMORY(reply->neighbours->array);

+

+	for (k = 0; neigh_list != NULL; neigh_list = neigh_list->next, k++) {

+		reply->neighbours->array[k] = *neigh_list->neigh;

+	}

+

+	/* If everything went fine so far, set the status to OK */

+	status = WERR_OK;

+DONE:

+	return status;

+}

+

+static WERROR get_master_ncs(TALLOC_CTX *mem_ctx, struct ldb_context *samdb,

+			     const char *ntds_guid_str, struct ncList **master_nc_list)

+{

+	WERROR status;

+	const char *attrs[] = { "hasMasterNCs", NULL };

+	struct ldb_result *res;

+	struct ncList *nc_list = NULL;

+	struct ncList *nc_list_elem;

+	int ret;

+	int i;

+	char *nc_str;

+

+	ret = ldb_search(samdb, mem_ctx, &res, ldb_get_config_basedn(samdb),

+			LDB_SCOPE_DEFAULT, attrs, "(objectguid=%s)", ntds_guid_str);

+

+	if (ret != LDB_SUCCESS) {

+		DEBUG(0,(__location__ ": Failed objectguid search - %s\n", ldb_errstring(samdb)));

+		status = WERR_INTERNAL_ERROR;

+		goto DONE;

+	}

+

+	if (res->count == 0) {

+		DEBUG(0,(__location__ ": Failed: objectguid=%s not found\n", ntds_guid_str));

+		status = WERR_INTERNAL_ERROR;

+		goto DONE;

+	}

+

+	for (i = 0; i < res->count; i++) {

+

+		struct ldb_message_element *msg_elem = ldb_msg_find_element(

+				res->msgs[i], "hasMasterNCs");

+		int k;

+

+		if (!msg_elem || msg_elem->num_values == 0) {

+			DEBUG(0,(__location__ ": Failed: Attribute hasMasterNCs not found - %s\n",

+			      ldb_errstring(samdb)));

+			status = WERR_INTERNAL_ERROR;

+			goto DONE;

+		}

+

+		for (k = 0; k < msg_elem->num_values; k++) {

+			int len = msg_elem->values[k].length;

+

+			/* copy the string on msg_elem->values[k]->data to nc_str */

+			nc_str = talloc_array(mem_ctx, char, len);

+			W_ERROR_HAVE_NO_MEMORY(nc_str);

+			memcpy(nc_str, msg_elem->values[k].data, len);

+			nc_str[len] = '\0';

+

+			nc_list_elem = talloc_zero(mem_ctx, struct ncList);

+			W_ERROR_HAVE_NO_MEMORY(nc_list_elem);

+			nc_list_elem->dn = ldb_dn_new(mem_ctx, samdb, nc_str);

+			W_ERROR_HAVE_NO_MEMORY(nc_list_elem);

+			DLIST_ADD(nc_list, nc_list_elem);

+		}

+

+	}

+

+	*master_nc_list = nc_list;

+	/* If everything went fine so far, set the status to OK */

+	status = WERR_OK;

+DONE:

+	return status;

+}

+

+NTSTATUS kccdrs_replica_get_info(struct irpc_message *msg,

+				 struct drsuapi_DsReplicaGetInfo *req)

+{

+	WERROR status;

+

+	struct drsuapi_DsReplicaGetInfoRequest1 *req1;

+	struct drsuapi_DsReplicaGetInfoRequest2 *req2;

+	enum drsuapi_DsReplicaInfoType info_type, *tmp_p_info_type;

+

+	int base_index;

+	union drsuapi_DsReplicaInfo *reply;

+

+	struct GUID req_src_dsa_guid;

+	const char *object_dn = NULL;

+	struct ldb_dn *nc_dn = NULL;

+	struct ncList *nc_list = NULL, *nc_list_elem = NULL;

+

+	struct kccsrv_service *service;

+	struct ldb_context *samdb;

+	TALLOC_CTX *mem_ctx;

+

+	service = talloc_get_type(msg->private_data, struct kccsrv_service);

+	samdb = service->samdb;

+	mem_ctx = talloc_new(msg);

+	NT_STATUS_HAVE_NO_MEMORY(mem_ctx);

+

+	NDR_PRINT_IN_DEBUG(drsuapi_DsReplicaGetInfo, req);

+

+	/* check request version */

+	if (req->in.level != DRSUAPI_DS_REPLICA_GET_INFO &&

+	    req->in.level != DRSUAPI_DS_REPLICA_GET_INFO2)

+	{

+		status = WERR_REVISION_MISMATCH;

+		goto DONE;

+	}

+

+	if (req->in.level == DRSUAPI_DS_REPLICA_GET_INFO) {

+		req1 = &req->in.req->req1;

+		base_index = 0;

+		info_type = req1->info_type;

+		object_dn = req1->object_dn;

+		req_src_dsa_guid = req1->guid1;

+

+	} else { /* r->in.level == DRSUAPI_DS_REPLICA_GET_INFO2 */

+		req2 = &req->in.req->req2;

+		if (req2->unknown2 == 0xffffffff) {

+			/* no more data is available */

+			status = WERR_NO_MORE_ITEMS; /* on MS-DRSR it is ERROR_NO_MORE_ITEMS */

+			goto DONE;

+		}

+

+		base_index = req2->unknown2; /* Note: This is dwEnumerationContext on MS-DRSR 4.1.13.1.3 */

+		info_type = req2->info_type;

+		object_dn = req2->object_dn;

+		req_src_dsa_guid = req2->guid1;

+	}

+

+	/* TODO: Perform the necessary access permission checking here according to the infoType requested */

+

+	switch (info_type) {

+	case DRSUAPI_DS_REPLICA_INFO_NEIGHBORS:

+	case DRSUAPI_DS_REPLICA_INFO_CURSORS:

+	case DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA:

+	case DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES:

+	case DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES:

+	case DRSUAPI_DS_REPLICA_INFO_PENDING_OPS:

+	case DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA:

+	case DRSUAPI_DS_REPLICA_INFO_CURSORS2:

+	case DRSUAPI_DS_REPLICA_INFO_CURSORS3:

+	case DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2:

+	case DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2:

+	case DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02:

+	case DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04:

+	case DRSUAPI_DS_REPLICA_INFO_CURSORS05:

+	case DRSUAPI_DS_REPLICA_INFO_06:

+		break;

+	default:

+		DEBUG(0,(__location__ ": infoType requested is invalid."));

+		status = WERR_INVALID_PARAMETER; /* infoType is invalid */

+		goto DONE;

+	}

+

+	/* allocate the reply and fill in some fields */

+	reply = talloc_zero(mem_ctx, union drsuapi_DsReplicaInfo);

+	NT_STATUS_HAVE_NO_MEMORY(reply);

+	req->out.info = reply;

+	tmp_p_info_type = talloc(mem_ctx, enum drsuapi_DsReplicaInfoType);

+	NT_STATUS_HAVE_NO_MEMORY(tmp_p_info_type);

+	*tmp_p_info_type = info_type;

+	req->out.info_type = tmp_p_info_type;

+

+	/* Based on the infoType requested, retrieve the corresponding information and construct the response message */

+	switch (info_type) {

+

+	case DRSUAPI_DS_REPLICA_INFO_NEIGHBORS:

+	case DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02: /* DS_REPL_INFO_REPSTO */

+		if (object_dn != NULL) { /* ncs := { object_dn } */

+			nc_list = NULL;

+			nc_dn = ldb_dn_new(mem_ctx, samdb, object_dn);

+			nc_list_elem = talloc_zero(mem_ctx, struct ncList);

+			NT_STATUS_HAVE_NO_MEMORY(nc_list_elem);

+			nc_list_elem->dn = nc_dn;

+			DLIST_ADD_END(nc_list, nc_list_elem, struct ncList*);

+

+		} else {

+			/* ncs := getNCs() from ldb database.

+			 * getNCs() must return an array containing the DSNames of all NCs hosted by this server.

+			 */

+			char *ntds_guid_str = GUID_string(mem_ctx, &service->ntds_guid);

+			NT_STATUS_HAVE_NO_MEMORY(ntds_guid_str);

+			status = get_master_ncs(mem_ctx, samdb, ntds_guid_str, &nc_list);

+			if (!W_ERROR_IS_OK(status)) {

+				goto DONE;

+			}

+		}

+

+		if (info_type == DRSUAPI_DS_REPLICA_INFO_NEIGHBORS) {

+			status = kccdrs_replica_get_info_neighbours(mem_ctx, samdb, req,

+								    reply, base_index,

+								    req_src_dsa_guid, nc_list);

+

+		} else { /* info_type == DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02 */

+			status = WERR_FOOBAR;

+			goto DONE;

+		}

+

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA: /* On MS-DRSR it is DS_REPL_INFO_METADATA_FOR_OBJ */

+	case DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2: /* On MS-DRSR it is DS_REPL_INFO_METADATA_FOR_OBJ */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_CURSORS: /* On MS-DRSR it is DS_REPL_INFO_CURSORS_FOR_NC */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_CURSORS2: /* On MS-DRSR it is DS_REPL_INFO_CURSORS_2_FOR_NC */

+	case DRSUAPI_DS_REPLICA_INFO_CURSORS3: /* On MS-DRSR it is DS_REPL_INFO_CURSORS_3_FOR_NC */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_CURSORS05: /* On MS-DRSR it is DS_REPL_INFO_UPTODATE_VECTOR_V1 */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA: /* On MS-DRSR it is DS_REPL_INFO_METADATA_FOR_ATTR_VALUE */

+	case DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2: /* On MS-DRSR it is DS_REPL_INFO_METADATA_2_FOR_ATTR_VALUE */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES: /* On MS-DRSR it is DS_REPL_INFO_KCC_DSA_CONNECT_FAILURES */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES: /* On MS-DRSR it is DS_REPL_INFO_KCC_LINK_FAILURES */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_PENDING_OPS: /* On MS-DRSR it is DS_REPL_INFO_PENDING_OPS */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04: /* On MS-DRSR it is DS_REPL_INFO_CLIENT_CONTEXTS */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+

+	case DRSUAPI_DS_REPLICA_INFO_06: /* On MS-DRSR it is DS_REPL_INFO_SERVER_OUTGOING_CALLS */

+		status = WERR_FOOBAR;

+		goto DONE;

+		break;

+	}

+DONE:

+	/* put the status on the result field of the reply */

+	req->out.result = status;

+	NDR_PRINT_OUT_DEBUG(drsuapi_DsReplicaGetInfo, req);

+	return NT_STATUS_OK;

+}

diff --git a/source4/dsdb/kcc/kcc_service.c b/source4/dsdb/kcc/kcc_service.c

index 4196eb8..a076d20 100644

--- a/source4/dsdb/kcc/kcc_service.c

+++ b/source4/dsdb/kcc/kcc_service.c

@@ -136,8 +136,7 @@ static WERROR kccsrv_load_partitions(struct kccsrv_service *s)

 	return WERR_OK;

 }

 

-static NTSTATUS kccsrv_execute_kcc(struct irpc_message *msg,

-					struct drsuapi_DsExecuteKCC *r)

+static NTSTATUS kccsrv_execute_kcc(struct irpc_message *msg, struct drsuapi_DsExecuteKCC *r)

 {

 	TALLOC_CTX *mem_ctx;

 	NTSTATUS status;

@@ -156,6 +155,11 @@ static NTSTATUS kccsrv_execute_kcc(struct irpc_message *msg,

 	return NT_STATUS_OK;

 }

 

+static NTSTATUS kccsrv_replica_get_info(struct irpc_message *msg, struct drsuapi_DsReplicaGetInfo *r)

+{

+	return kccdrs_replica_get_info(msg, r);

+}

+

 /*

   startup the kcc service task

 */

@@ -227,7 +231,9 @@ static void kccsrv_task_init(struct task_server *task)

 	}

 

 	irpc_add_name(task->msg_ctx, "kccsrv");

+

 	IRPC_REGISTER(task->msg_ctx, drsuapi, DRSUAPI_DSEXECUTEKCC, kccsrv_execute_kcc, service);

+	IRPC_REGISTER(task->msg_ctx, drsuapi, DRSUAPI_DSREPLICAGETINFO, kccsrv_replica_get_info, service);

 }

 

 /*

diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c

index 3d92880..b1303ca 100644

--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c

+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c

@@ -815,7 +815,17 @@ static WERROR dcesrv_drsuapi_DsExecuteKCC(struct dcesrv_call_state *dce_call, TA

 static WERROR dcesrv_drsuapi_DsReplicaGetInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,

 		       struct drsuapi_DsReplicaGetInfo *r)

 {

-	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);

+	WERROR status;

+	status = drs_security_level_check(dce_call, "DsReplicaGetInfo");

+

+	if (!W_ERROR_IS_OK(status)) {

+		return status;

+	}

+

+	dcesrv_irpc_forward_rpc_call(dce_call, mem_ctx, r, NDR_DRSUAPI_DSREPLICAGETINFO,

+								&ndr_table_drsuapi, "kccsrv", "DsReplicaGetInfo");

+

+	return WERR_OK;

 }

 

 

-- 

1.6.0.4



[0001-s4-drs-torture-test-for-DsGetReplInfo-RPC-DSGETI.patch]
From af204d5f82079ec9079807c1cc2d6545b24e954d Mon Sep 17 00:00:00 2001

From: Erick Nogueira do Nascimento <erick.nogueira.nascimento@...>

Date: Wed, 23 Dec 2009 17:54:30 -0200

Subject: [PATCH] s4-drs: torture test for DsGetReplInfo() (RPC-DSGETINFO test).


---

 source4/torture/config.mk       |    2 +-

 source4/torture/rpc/dsgetinfo.c |  350 +++++++++++++++++++++++++++++++++++++++

 source4/torture/rpc/rpc.c       |    1 +

 3 files changed, 352 insertions(+), 1 deletions(-)

 create mode 100644 source4/torture/rpc/dsgetinfo.c


diff --git a/source4/torture/config.mk b/source4/torture/config.mk

index 7976df2..a8ef9b1 100644

--- a/source4/torture/config.mk

+++ b/source4/torture/config.mk

@@ -116,7 +116,7 @@ PRIVATE_DEPENDENCIES = \

 

 torture_rpc_OBJ_FILES = $(addprefix $(torturesrcdir)/rpc/, \

 		join.o lsa.o lsa_lookup.o session_key.o echo.o dfs.o drsuapi.o \

-		drsuapi_cracknames.o dssync.o spoolss.o spoolss_notify.o spoolss_win.o \

+		drsuapi_cracknames.o dssync.o dsgetinfo.o spoolss.o spoolss_notify.o spoolss_win.o \

 		unixinfo.o samr.o samr_accessmask.o wkssvc.o srvsvc.o svcctl.o atsvc.o \

 		eventlog.o epmapper.o winreg.o initshutdown.o oxidresolve.o remact.o mgmt.o \

 		scanner.o autoidl.o countcalls.o testjoin.o schannel.o netlogon.o remote_pac.o samlogon.o \

diff --git a/source4/torture/rpc/dsgetinfo.c b/source4/torture/rpc/dsgetinfo.c

new file mode 100644

index 0000000..4e4b459

--- /dev/null

+++ b/source4/torture/rpc/dsgetinfo.c

@@ -0,0 +1,350 @@

+/* 

+   Unix SMB/CIFS implementation.

+

+   DsGetReplInfo test. Based on code from dssync.c

+

+   Copyright (C) Erick Nogueira do Nascimento 2009

+   

+   This program is free software; you can redistribute it and/or modify

+   it under the terms of the GNU General Public License as published by

+   the Free Software Foundation; either version 3 of the License, or

+   (at your option) any later version.

+   

+   This program is distributed in the hope that it will be useful,

+   but WITHOUT ANY WARRANTY; without even the implied warranty of

+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+   GNU General Public License for more details.

+   

+   You should have received a copy of the GNU General Public License

+   along with this program.  If not, see <http://www.gnu.org/licenses/>.

+*/

+

+#include "includes.h"

+#include "lib/cmdline/popt_common.h"

+#include "librpc/gen_ndr/ndr_drsuapi_c.h"

+#include "librpc/gen_ndr/ndr_drsblobs.h"

+#include "libcli/cldap/cldap.h"

+#include "torture/torture.h"

+#include "../libcli/drsuapi/drsuapi.h"

+#include "auth/gensec/gensec.h"

+#include "param/param.h"

+#include "dsdb/samdb/samdb.h"

+#include "lib/ldb_wrap.h"

+#include "torture/rpc/rpc.h"

+#include "torture/drs/proto.h"

+

+

+struct DsGetinfoBindInfo {

+	struct dcerpc_pipe *drs_pipe;

+	struct drsuapi_DsBind req;

+	struct GUID bind_guid;

+	struct drsuapi_DsBindInfoCtr our_bind_info_ctr;

+	struct drsuapi_DsBindInfo28 our_bind_info28;

+	struct drsuapi_DsBindInfo28 peer_bind_info28;

+	struct policy_handle bind_handle;

+};

+

+struct DsGetinfoTest {

+	struct dcerpc_binding *drsuapi_binding;

+	

+	const char *ldap_url;

+	const char *site_name;

+	

+	const char *domain_dn;

+

+	/* what we need to do as 'Administrator' */

+	struct {

+		struct cli_credentials *credentials;

+		struct DsGetinfoBindInfo drsuapi;

+	} admin;

+};

+

+static struct DsGetinfoTest *test_create_context(struct torture_context *tctx)

+{

+	NTSTATUS status;

+	struct DsGetinfoTest *ctx;

+	struct drsuapi_DsBindInfo28 *our_bind_info28;

+	struct drsuapi_DsBindInfoCtr *our_bind_info_ctr;

+	const char *binding = torture_setting_string(tctx, "binding", NULL);

+	ctx = talloc_zero(tctx, struct DsGetinfoTest);

+	if (!ctx) return NULL;

+

+	status = dcerpc_parse_binding(ctx, binding, &ctx->drsuapi_binding);

+	if (!NT_STATUS_IS_OK(status)) {

+		printf("Bad binding string %s\n", binding);

+		return NULL;

+	}

+	ctx->drsuapi_binding->flags |= DCERPC_SIGN | DCERPC_SEAL;

+

+	/* ctx->admin ...*/

+	ctx->admin.credentials				= cmdline_credentials;

+

+	our_bind_info28				= &ctx->admin.drsuapi.our_bind_info28;

+	our_bind_info28->supported_extensions	= 0xFFFFFFFF;

+	our_bind_info28->supported_extensions	|= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;

+	our_bind_info28->site_guid		= GUID_zero();

+	our_bind_info28->pid			= 0;

+	our_bind_info28->repl_epoch		= 1;

+

+	our_bind_info_ctr			= &ctx->admin.drsuapi.our_bind_info_ctr;

+	our_bind_info_ctr->length		= 28;

+	our_bind_info_ctr->info.info28		= *our_bind_info28;

+

+	GUID_from_string(DRSUAPI_DS_BIND_GUID, &ctx->admin.drsuapi.bind_guid);

+

+	ctx->admin.drsuapi.req.in.bind_guid		= &ctx->admin.drsuapi.bind_guid;

+	ctx->admin.drsuapi.req.in.bind_info		= our_bind_info_ctr;

+	ctx->admin.drsuapi.req.out.bind_handle		= &ctx->admin.drsuapi.bind_handle;

+

+	return ctx;

+}

+

+static bool _test_DsBind(struct torture_context *tctx,

+			 struct DsGetinfoTest *ctx, struct cli_credentials *credentials, struct DsGetinfoBindInfo *b)

+{

+	NTSTATUS status;

+	bool ret = true;

+

+	status = dcerpc_pipe_connect_b(ctx,

+				       &b->drs_pipe, ctx->drsuapi_binding,

+				       &ndr_table_drsuapi,

+				       credentials, tctx->ev, tctx->lp_ctx);

+	

+	if (!NT_STATUS_IS_OK(status)) {

+		printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));

+		return false;

+	}

+

+	status = dcerpc_drsuapi_DsBind(b->drs_pipe, ctx, &b->req);

+	if (!NT_STATUS_IS_OK(status)) {

+		const char *errstr = nt_errstr(status);

+		if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {

+			errstr = dcerpc_errstr(ctx, b->drs_pipe->last_fault_code);

+		}

+		printf("dcerpc_drsuapi_DsBind failed - %s\n", errstr);

+		ret = false;

+	} else if (!W_ERROR_IS_OK(b->req.out.result)) {

+		printf("DsBind failed - %s\n", win_errstr(b->req.out.result));

+		ret = false;

+	}

+

+	ZERO_STRUCT(b->peer_bind_info28);

+	if (b->req.out.bind_info) {

+		switch (b->req.out.bind_info->length) {

+		case 24: {

+			struct drsuapi_DsBindInfo24 *info24;

+			info24 = &b->req.out.bind_info->info.info24;

+			b->peer_bind_info28.supported_extensions= info24->supported_extensions;

+			b->peer_bind_info28.site_guid		= info24->site_guid;

+			b->peer_bind_info28.pid			= info24->pid;

+			b->peer_bind_info28.repl_epoch		= 0;

+			break;

+		}

+		case 48: {

+			struct drsuapi_DsBindInfo48 *info48;

+			info48 = &b->req.out.bind_info->info.info48;

+			b->peer_bind_info28.supported_extensions= info48->supported_extensions;

+			b->peer_bind_info28.site_guid		= info48->site_guid;

+			b->peer_bind_info28.pid			= info48->pid;

+			b->peer_bind_info28.repl_epoch		= info48->repl_epoch;

+			break;

+		}

+		case 28:

+			b->peer_bind_info28 = b->req.out.bind_info->info.info28;

+			break;

+		default:

+			printf("DsBind - warning: unknown BindInfo length: %u\n",

+			       b->req.out.bind_info->length);

+		}

+	}

+

+	return ret;

+}

+

+

+static bool test_getinfo(struct torture_context *tctx, 

+			 struct DsGetinfoTest *ctx)

+{

+	NTSTATUS status;

+	struct dcerpc_pipe *p = ctx->admin.drsuapi.drs_pipe;

+	struct drsuapi_DsReplicaGetInfo r;

+	union drsuapi_DsReplicaGetInfoRequest req;

+	union drsuapi_DsReplicaInfo info;

+	enum drsuapi_DsReplicaInfoType info_type;

+	int i;

+	struct {

+		int32_t level;

+		int32_t infotype;

+		const char *obj_dn;

+	} array[] = {

+		{	

+			DRSUAPI_DS_REPLICA_GET_INFO,

+			DRSUAPI_DS_REPLICA_INFO_NEIGHBORS,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO,

+			DRSUAPI_DS_REPLICA_INFO_CURSORS,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO,

+			DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO,

+			DRSUAPI_DS_REPLICA_INFO_KCC_DSA_CONNECT_FAILURES,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO,

+			DRSUAPI_DS_REPLICA_INFO_KCC_DSA_LINK_FAILURES,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO,

+			DRSUAPI_DS_REPLICA_INFO_PENDING_OPS,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO2,

+			DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO2,

+			DRSUAPI_DS_REPLICA_INFO_CURSORS2,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO2,

+			DRSUAPI_DS_REPLICA_INFO_CURSORS3,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO2,

+			DRSUAPI_DS_REPLICA_INFO_OBJ_METADATA2,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO2,

+			DRSUAPI_DS_REPLICA_INFO_ATTRIBUTE_VALUE_METADATA2,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO2,

+			DRSUAPI_DS_REPLICA_INFO_NEIGHBORS02,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO2,

+			DRSUAPI_DS_REPLICA_INFO_CONNECTIONS04,

+			"__IGNORED__"

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO2,

+			DRSUAPI_DS_REPLICA_INFO_CURSORS05,

+			NULL

+		},{

+			DRSUAPI_DS_REPLICA_GET_INFO2,

+			DRSUAPI_DS_REPLICA_INFO_06,

+			NULL

+		}

+	};

+

+	if (torture_setting_bool(tctx, "samba4", false)) {

+		torture_comment(tctx, "skipping DsReplicaGetInfo test against Samba4\n");

+		return true;

+	}

+

+	r.in.bind_handle	= &ctx->admin.drsuapi.bind_handle;

+	r.in.req		= &req;

+

+	for (i=0; i < ARRAY_SIZE(array); i++) {

+		const char *object_dn;

+

+		torture_comment(tctx, "testing DsReplicaGetInfo level %d infotype %d\n",

+				array[i].level, array[i].infotype);

+

+		object_dn = (array[i].obj_dn ? array[i].obj_dn : ctx->domain_dn);

+

+		r.in.level = array[i].level;

+		switch(r.in.level) {

+		case DRSUAPI_DS_REPLICA_GET_INFO:

+			r.in.req->req1.info_type	= array[i].infotype;

+			r.in.req->req1.object_dn	= object_dn;

+			ZERO_STRUCT(r.in.req->req1.guid1);

+			break;

+		case DRSUAPI_DS_REPLICA_GET_INFO2:

+			r.in.req->req2.info_type	= array[i].infotype;

+			r.in.req->req2.object_dn	= object_dn;

+			ZERO_STRUCT(r.in.req->req2.guid1);

+			r.in.req->req2.unknown1	= 0;

+			r.in.req->req2.string1	= NULL;

+			r.in.req->req2.string2	= NULL;

+			r.in.req->req2.unknown2	= 0;

+			break;

+		}

+

+		r.out.info		= &info;

+		r.out.info_type		= &info_type;

+

+		status = dcerpc_drsuapi_DsReplicaGetInfo(p, tctx, &r);

+		torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsReplicaGetInfo");

+		if (!NT_STATUS_IS_OK(status) && p->last_fault_code == DCERPC_FAULT_INVALID_TAG) {

+			torture_comment(tctx,

+					"DsReplicaGetInfo level %d and/or infotype %d not supported by server\n",

+					array[i].level, array[i].infotype);

+		} else {

+			torture_drsuapi_assert_call(tctx, p, status, &r, "dcerpc_drsuapi_DsReplicaGetInfo");

+		}

+	}

+

+	return true;

+}

+

+/**

+ * DSGETINFO test case setup

+ */

+static bool torture_dsgetinfo_tcase_setup(struct torture_context *tctx, void **data)

+{

+	bool bret;

+	struct DsGetinfoTest *ctx;

+

+	*data = ctx = test_create_context(tctx);

+	torture_assert(tctx, ctx, "test_create_context() failed");

+

+	bret = _test_DsBind(tctx, ctx, ctx->admin.credentials, &ctx->admin.drsuapi);

+	torture_assert(tctx, bret, "_test_DsBind() failed");

+

+	return true;

+}

+

+/**

+ * DSGETINFO test case cleanup

+ */

+static bool torture_dsgetinfo_tcase_teardown(struct torture_context *tctx, void *data)

+{

+	struct DsGetinfoTest *ctx;

+	struct drsuapi_DsUnbind r;

+	struct policy_handle bind_handle;

+

+	ctx = talloc_get_type(data, struct DsGetinfoTest);

+

+	ZERO_STRUCT(r);

+	r.out.bind_handle = &bind_handle;

+

+	/* Unbing admin handle */

+	r.in.bind_handle = &ctx->admin.drsuapi.bind_handle;

+	dcerpc_drsuapi_DsUnbind(ctx->admin.drsuapi.drs_pipe, ctx, &r);

+

+	talloc_free(ctx);

+

+	return true;

+}

+

+/**

+ * DSGETINFO test case implementation

+ */

+void torture_drs_rpc_dsgetinfo_tcase(struct torture_suite *suite)

+{

+	typedef bool (*run_func) (struct torture_context *test, void *tcase_data);

+

+	struct torture_test *test;

+	struct torture_tcase *tcase = torture_suite_add_tcase(suite, "DSGETINFO");

+

+	torture_tcase_set_fixture(tcase,

+				  torture_dsgetinfo_tcase_setup,

+				  torture_dsgetinfo_tcase_teardown);

+

+	test = torture_tcase_add_simple_test(tcase, "DsGetReplicaInfo", (run_func)test_getinfo);

+}

+

diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c

index 3362bad..c4fc6b3 100644

--- a/source4/torture/rpc/rpc.c

+++ b/source4/torture/rpc/rpc.c

@@ -498,6 +498,7 @@ NTSTATUS torture_rpc_init(void)

 	torture_suite_add_simple_test(suite, "ALTERCONTEXT", torture_rpc_alter_context);

 	torture_suite_add_simple_test(suite, "JOIN", torture_rpc_join);

 	torture_drs_rpc_dssync_tcase(suite);

+	torture_drs_rpc_dsgetinfo_tcase(suite);

 	torture_suite_add_simple_test(suite, "BENCH-RPC", torture_bench_rpc);

 	torture_suite_add_simple_test(suite, "ASYNCBIND", torture_async_bind);

 	torture_suite_add_suite(suite, torture_rpc_ntsvcs(suite));

-- 

1.6.0.4




Nabble - Samba

Re: share CUPS printer/scanner in Debian system with Windows computers in home network

Re: of SupportedEncTypes and msDS-SupportedEncryptionTypes

Re: [PATCH] DsReplGetInfo() - infoType == DS_REPL_INFO_NEIGHBORS

Re: Rsync 3.0.7pre1 released

PPTP ntlm_auth-helper problem?

Re: share CUPS printer/scanner in Debian system with Windows computers in home network

Re: share CUPS printer/scanner in Debian system with Windows computers in home network

Re: share CUPS printer/scanner in Debian system with Windows computers in home network

Re: share CUPS printer/scanner in Debian system with Windows computers in home network

samba vfs: recycle bin doesn't work with osx machines

Re: share CUPS printer/scanner in Debian system with Windows computers in home network

Re: share CUPS printer/scanner in Debian system with Windows computers in home network

Re: strange issue with xerox printer: unable to configure driver

Re: [linux-cifs-client] [PATCH] doc: update mount.cifs man page with nounix option

Re: [PATCH] doc: update mount.cifs man page with nounix option

Re: Looking for Windows port

Re: Looking for Windows port

rsync stuck in infinite loop? (was How do I make rsync ignore unreadable files (damaged sectors)?)

Re: [PATCH] make --control effectivly work in ldbadd/ldbmodify/ldbdelete

possible incompatibility in 3.1 with 3.0.6

strange error code with 3.1

Re: [PATCH] make --control effectivly work in ldbadd/ldbmodify/ldbdelete

Re :Re: dns lookups for SRV kerberos

encrypted destination

Samba in win neighborhood Update

assistance with setting up a samba share.

Un message de Frédéric Bigey t'attend...

Re: [PATCH] make --control effectivly work in ldbadd/ldbmodify/ldbdelete

Re: Issue Joining Win7 to Samba Domain (tried wiki instructions)

Re: Absolute path of file transferred using samba

Re: Absolute path of file transferred using samba

Re: Fw: W2KSP4 Problem

Re: getent passwd problem

Re: getent passwd problem

Re: preventing multiple rsync processes backing up same file with cron backup