lib:ldb-samba: Migrate samba extensions to new cmdline option parser

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun 16 01:25:28 UTC 2021 on sn-devel-184

diff --git a/lib/ldb-samba/samba_extensions.c b/lib/ldb-samba/samba_extensions.c
index c113e8cbe2a199c56e03e2c8708105009cf2a6de..be92d982dde0533bfe6f58cf7ca89137793fda97 100644 (file)
--- a/lib/ldb-samba/samba_extensions.c
+++ b/lib/ldb-samba/samba_extensions.c
@@ -24,7 +24,7 @@
 
 #include "includes.h"
 #include "ldb_module.h"
-#include "lib/cmdline/popt_common.h"
+#include "lib/cmdline/cmdline.h"
 #include "auth/gensec/gensec.h"
 #include "auth/auth.h"
 #include "param/param.h"
@@ -63,14 +63,6 @@ static size_t calculate_popt_array_length(struct poptOption *opts)
        return i;
 }
 
-static struct poptOption cmdline_extensions[] = {
-       POPT_COMMON_SAMBA
-       POPT_COMMON_CREDENTIALS
-       POPT_COMMON_CONNECTION
-       POPT_COMMON_VERSION
-       {0}
-};
-
 /*
   called to register additional command line options
  */
@@ -80,7 +72,24 @@ static int extensions_hook(struct ldb_context *ldb, enum ldb_module_hook_type t)
        case LDB_MODULE_HOOK_CMDLINE_OPTIONS: {
                size_t len1, len2;
                struct poptOption **popt_options = ldb_module_popt_options(ldb);
-               struct poptOption *new_array;
+               struct poptOption *new_array = NULL;
+               bool ok;
+
+               struct poptOption cmdline_extensions[] = {
+                       POPT_COMMON_SAMBA_LDB
+                       POPT_COMMON_CONNECTION
+                       POPT_COMMON_CREDENTIALS
+                       POPT_LEGACY_S4
+                       POPT_COMMON_VERSION
+                       POPT_TABLEEND
+               };
+
+               ok = samba_cmdline_init(ldb,
+                                       SAMBA_CMDLINE_CONFIG_CLIENT,
+                                       false /* require_smbconf */);
+               if (!ok) {
+                       return ldb_oom(ldb);
+               }
 
                len1 = calculate_popt_array_length(*popt_options);
                len2 = calculate_popt_array_length(cmdline_extensions);
@@ -93,29 +102,45 @@ static int extensions_hook(struct ldb_context *ldb, enum ldb_module_hook_type t)
 
                memcpy(new_array, *popt_options, len1*sizeof(struct poptOption));
                memcpy(new_array+len1, cmdline_extensions, (1+len2)*sizeof(struct poptOption));
+
+#ifdef DEVELOPER
+               ok = samba_cmdline_sanity_check(new_array);
+               if (!ok) {
+                       talloc_free(new_array);
+                       return ldb_error(ldb,
+                                        LDB_ERR_OPERATIONS_ERROR,
+                                        "Duplicate cmdline options detected!");
+               }
+#endif
+
                (*popt_options) = new_array;
                return LDB_SUCCESS;
        }
 
        case LDB_MODULE_HOOK_CMDLINE_PRECONNECT: {
+               struct loadparm_context *lp_ctx = NULL;
+               struct cli_credentials *creds = NULL;
+
                int r = ldb_register_samba_handlers(ldb);
                if (r != LDB_SUCCESS) {
                        return ldb_operr(ldb);
                }
                gensec_init();
 
+               lp_ctx = samba_cmdline_get_lp_ctx();
+               creds = samba_cmdline_get_creds();
+
                if (ldb_set_opaque(
                        ldb,
                        DSDB_SESSION_INFO,
-                       system_session(cmdline_lp_ctx))) {
+                       system_session(lp_ctx))) {
 
                        return ldb_operr(ldb);
                }
-               if (ldb_set_opaque(ldb, "credentials",
-                               popt_get_cmdline_credentials())) {
+               if (ldb_set_opaque(ldb, "credentials", creds)) {
                        return ldb_operr(ldb);
                }
-               if (ldb_set_opaque(ldb, "loadparm", cmdline_lp_ctx)) {
+               if (ldb_set_opaque(ldb, "loadparm", lp_ctx)) {
                        return ldb_operr(ldb);
                }
 

diff --git a/lib/ldb-samba/wscript_build b/lib/ldb-samba/wscript_build
index 3264757e8b713b0e22f88b59fdb4bfdc0a279cd0..d02bc9564deffc31d8c35cf9dd3a8cff52c39c25 100644 (file)
--- a/lib/ldb-samba/wscript_build
+++ b/lib/ldb-samba/wscript_build
@@ -30,7 +30,7 @@ bld.SAMBA_MODULE('ldbsamba_extensions',
                  init_function='ldb_samba_extensions_init',
                  module_init_name='ldb_init_module',
                  subsystem='ldb',
-                 deps='ldb ldbsamba POPT_SAMBA POPT_CREDENTIALS cmdline-credentials gensec',
+                 deps='ldb ldbsamba CMDLINE_S4 gensec',
                  internal_module=False)
 
 

diff --git a/selftest/knownfail.d/usage b/selftest/knownfail.d/usage
index 47a5783f6de479d3946c64d5a4822d84268f03f2..b8e0bbc356d17edfc4df82453a7983e602f7e567 100644 (file)
--- a/selftest/knownfail.d/usage
+++ b/selftest/knownfail.d/usage
@@ -1,9 +1,3 @@
-samba.tests.usage.samba.tests.usage.ElfHelpTests.test_ldbadd.none.
-samba.tests.usage.samba.tests.usage.ElfHelpTests.test_ldbdel.none.
-samba.tests.usage.samba.tests.usage.ElfHelpTests.test_ldbedit.none.
-samba.tests.usage.samba.tests.usage.ElfHelpTests.test_ldbmodify.none.
-samba.tests.usage.samba.tests.usage.ElfHelpTests.test_ldbrename.none.
-samba.tests.usage.samba.tests.usage.ElfHelpTests.test_ldbsearch.none.
 samba.tests.usage.samba.tests.usage.PythonScriptHelpTests.test_autobuild_py.none.
 samba.tests.usage.samba.tests.usage.PythonScriptHelpTests.test_compare_cc_results_py.none.
 samba.tests.usage.samba.tests.usage.PythonScriptHelpTests.test_config_base.none.

diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 96ed2913ef7cc52164727aab7482c6506e8fe7f8..ef095001cdb6ae94b5973fac2c0021b0ae80a333 100755 (executable)
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -62,7 +62,7 @@ all_fl_envs = ["fl2000dc", "fl2003dc", "fl2008dc", "fl2008r2dc"]
 
 # Simple tests for LDAP and CLDAP
 for auth_type in ['', '-k no', '-k yes']:
-    for auth_level in ['--option=clientldapsaslwrapping=plain', '--sign', '--encrypt']:
+    for auth_level in ['--option=clientldapsaslwrapping=plain', '--client-protection=sign', '--client-protection=encrypt']:
         creds = '-U"$USERNAME%$PASSWORD"'
         options = creds + ' ' + auth_type + ' ' + auth_level
         plantestsuite("samba4.ldb.ldap with options %r(ad_dc_default)" % options, "ad_dc_default", "%s/test_ldb.sh ldap $SERVER %s" % (bbdir, options))
@@ -129,15 +129,15 @@ for env in ["ad_dc_ntvfs", "fl2008r2dc", "fl2003dc"]:
 
     auth_options = [
         '--option=clientldapsaslwrapping=plain',
-        '--sign',
-        '--encrypt',
-        '-k yes --option=clientldapsaslwrapping=plain',
-        '-k yes --sign',
-        '-k yes --encrypt',
-        '-k no --option=clientldapsaslwrapping=plain',
-        '-k no --sign --option=ntlmssp_client:ldap_style_send_seal=no',
-        '-k no --sign',
-        '-k no --encrypt',
+        '--client-protection=sign',
+        '--client-protection=encrypt',
+        '--use-kerberos=required --option=clientldapsaslwrapping=plain',
+        '--use-kerberos=required --client-protection=sign',
+        '--use-kerberos=required --client-protection=encrypt',
+        '--use-kerberos=disabled --option=clientldapsaslwrapping=plain',
+        '--use-kerberos=disabled --client-protection=sign --option=ntlmssp_client:ldap_style_send_seal=no',
+        '--use-kerberos=disabled --client-protection=sign',
+        '--use-kerberos=disabled --client-protection=encrypt',
     ]
 
     for auth_option in auth_options: