Merge commit 'master/master'
authorAndrew Tridgell <tridge@samba.org>
Fri, 3 Oct 2008 19:23:00 +0000 (12:23 -0700)
committerAndrew Tridgell <tridge@samba.org>
Fri, 3 Oct 2008 19:23:00 +0000 (12:23 -0700)
1  2 
source4/cldap_server/netlogon.c
source4/dsdb/samdb/ldb_modules/partition.c

index b31e89b7a5cfcb9f8fd672b32f5e23ca9a529539,aac74f5d777be421bdd16d160886805e0b8cb3dd..1cb0d50d02befef0bc44d8d16d4ec5d941890c72
@@@ -301,7 -301,7 +301,7 @@@ NTSTATUS fill_netlogon_samlogon_respons
                server_type |= NBT_SERVER_KDC;
        }
  
 -      if (!ldb_dn_compare_base(ldb_get_root_basedn(sam_ctx), ldb_get_default_basedn(sam_ctx))) {
 +      if (ldb_dn_compare(ldb_get_root_basedn(sam_ctx), ldb_get_default_basedn(sam_ctx)) == 0) {
                server_type |= NBT_SERVER_DS_DNS_FOREST;
        }
  
  
                /* could check if the user exists */
                if (user_known) {
-                       netlogon->nt5_ex.command      = LOGON_SAM_LOGON_RESPONSE_EX;
+                       netlogon->data.nt5_ex.command      = LOGON_SAM_LOGON_RESPONSE_EX;
                } else {
-                       netlogon->nt5_ex.command      = LOGON_SAM_LOGON_USER_UNKNOWN_EX;
+                       netlogon->data.nt5_ex.command      = LOGON_SAM_LOGON_USER_UNKNOWN_EX;
                }
-               netlogon->nt5_ex.server_type  = server_type;
-               netlogon->nt5_ex.domain_uuid  = domain_uuid;
-               netlogon->nt5_ex.forest       = realm;
-               netlogon->nt5_ex.dns_domain   = dns_domain;
-               netlogon->nt5_ex.pdc_dns_name = pdc_dns_name;
-               netlogon->nt5_ex.domain       = flatname;
-               netlogon->nt5_ex.pdc_name     = lp_netbios_name(lp_ctx);
-               netlogon->nt5_ex.user_name    = user;
-               netlogon->nt5_ex.server_site  = server_site;
-               netlogon->nt5_ex.client_site  = client_site;
+               netlogon->data.nt5_ex.server_type  = server_type;
+               netlogon->data.nt5_ex.domain_uuid  = domain_uuid;
+               netlogon->data.nt5_ex.forest       = realm;
+               netlogon->data.nt5_ex.dns_domain   = dns_domain;
+               netlogon->data.nt5_ex.pdc_dns_name = pdc_dns_name;
+               netlogon->data.nt5_ex.domain       = flatname;
+               netlogon->data.nt5_ex.pdc_name     = lp_netbios_name(lp_ctx);
+               netlogon->data.nt5_ex.user_name    = user;
+               netlogon->data.nt5_ex.server_site  = server_site;
+               netlogon->data.nt5_ex.client_site  = client_site;
  
                if (version & NETLOGON_NT_VERSION_5EX_WITH_IP) {
                        /* Clearly this needs to be fixed up for IPv6 */
                        extra_flags = NETLOGON_NT_VERSION_5EX_WITH_IP;
-                       netlogon->nt5_ex.sockaddr.sa_family    = 2;
-                       netlogon->nt5_ex.sockaddr.pdc_ip       = pdc_ip;
-                       netlogon->nt5_ex.sockaddr.remaining = data_blob_talloc_zero(mem_ctx, 8);
+                       netlogon->data.nt5_ex.sockaddr.sa_family    = 2;
+                       netlogon->data.nt5_ex.sockaddr.pdc_ip       = pdc_ip;
+                       netlogon->data.nt5_ex.sockaddr.remaining = data_blob_talloc_zero(mem_ctx, 8);
                }
-               netlogon->nt5_ex.nt_version   = NETLOGON_NT_VERSION_1|NETLOGON_NT_VERSION_5EX|extra_flags;
-               netlogon->nt5_ex.lmnt_token   = 0xFFFF;
-               netlogon->nt5_ex.lm20_token   = 0xFFFF;
+               netlogon->data.nt5_ex.nt_version   = NETLOGON_NT_VERSION_1|NETLOGON_NT_VERSION_5EX|extra_flags;
+               netlogon->data.nt5_ex.lmnt_token   = 0xFFFF;
+               netlogon->data.nt5_ex.lm20_token   = 0xFFFF;
  
        } else if (version & NETLOGON_NT_VERSION_5) {
                netlogon->ntver = NETLOGON_NT_VERSION_5;
  
                /* could check if the user exists */
                if (user_known) {
-                       netlogon->nt5.command      = LOGON_SAM_LOGON_RESPONSE;
+                       netlogon->data.nt5.command      = LOGON_SAM_LOGON_RESPONSE;
                } else {
-                       netlogon->nt5.command      = LOGON_SAM_LOGON_USER_UNKNOWN;
+                       netlogon->data.nt5.command      = LOGON_SAM_LOGON_USER_UNKNOWN;
                }
-               netlogon->nt5.pdc_name     = pdc_name;
-               netlogon->nt5.user_name    = user;
-               netlogon->nt5.domain_name  = flatname;
-               netlogon->nt5.domain_uuid  = domain_uuid;
-               netlogon->nt5.forest       = realm;
-               netlogon->nt5.dns_domain   = dns_domain;
-               netlogon->nt5.pdc_dns_name = pdc_dns_name;
-               netlogon->nt5.pdc_ip       = pdc_ip;
-               netlogon->nt5.server_type  = server_type;
-               netlogon->nt5.nt_version   = NETLOGON_NT_VERSION_1|NETLOGON_NT_VERSION_5;
-               netlogon->nt5.lmnt_token   = 0xFFFF;
-               netlogon->nt5.lm20_token   = 0xFFFF;
+               netlogon->data.nt5.pdc_name     = pdc_name;
+               netlogon->data.nt5.user_name    = user;
+               netlogon->data.nt5.domain_name  = flatname;
+               netlogon->data.nt5.domain_uuid  = domain_uuid;
+               netlogon->data.nt5.forest       = realm;
+               netlogon->data.nt5.dns_domain   = dns_domain;
+               netlogon->data.nt5.pdc_dns_name = pdc_dns_name;
+               netlogon->data.nt5.pdc_ip       = pdc_ip;
+               netlogon->data.nt5.server_type  = server_type;
+               netlogon->data.nt5.nt_version   = NETLOGON_NT_VERSION_1|NETLOGON_NT_VERSION_5;
+               netlogon->data.nt5.lmnt_token   = 0xFFFF;
+               netlogon->data.nt5.lm20_token   = 0xFFFF;
  
        } else /* (version & NETLOGON_NT_VERSION_1) and all other cases */ {
                netlogon->ntver = NETLOGON_NT_VERSION_1;
                /* could check if the user exists */
                if (user_known) {
-                       netlogon->nt4.command      = LOGON_SAM_LOGON_RESPONSE;
+                       netlogon->data.nt4.command      = LOGON_SAM_LOGON_RESPONSE;
                } else {
-                       netlogon->nt4.command      = LOGON_SAM_LOGON_USER_UNKNOWN;
+                       netlogon->data.nt4.command      = LOGON_SAM_LOGON_USER_UNKNOWN;
                }
-               netlogon->nt4.server      = pdc_name;
-               netlogon->nt4.user_name   = user;
-               netlogon->nt4.domain      = flatname;
-               netlogon->nt4.nt_version  = NETLOGON_NT_VERSION_1;
-               netlogon->nt4.lmnt_token  = 0xFFFF;
-               netlogon->nt4.lm20_token  = 0xFFFF;
+               netlogon->data.nt4.server      = pdc_name;
+               netlogon->data.nt4.user_name   = user;
+               netlogon->data.nt4.domain      = flatname;
+               netlogon->data.nt4.nt_version  = NETLOGON_NT_VERSION_1;
+               netlogon->data.nt4.lmnt_token  = 0xFFFF;
+               netlogon->data.nt4.lm20_token  = 0xFFFF;
        }
  
        return NT_STATUS_OK;
index 1274061e775549666f13c9dbd6f2f6060f60d5a9,f600c727484362ca159ea32da36bc57f4576ce5a..8e4483a78e375c81a9db5bffba4118bd48320f04
@@@ -50,7 -50,6 +50,7 @@@ struct part_request 
  struct partition_context {
        struct ldb_module *module;
        struct ldb_request *req;
 +      bool got_success;
  
        struct part_request *part_req;
        int num_requests;
@@@ -171,8 -170,7 +171,8 @@@ static int partition_req_callback(struc
                return ldb_module_done(ac->req, NULL, NULL,
                                        LDB_ERR_OPERATIONS_ERROR);
        }
 -      if (ares->error != LDB_SUCCESS) {
 +
 +      if (ares->error != LDB_SUCCESS && !ac->got_success) {
                return ldb_module_done(ac->req, ares->controls,
                                        ares->response, ares->error);
        }
                return ldb_module_send_entry(ac->req, ares->message);
  
        case LDB_REPLY_DONE:
 +              if (ares->error == LDB_SUCCESS) {
 +                      ac->got_success = true;
 +              }
                if (ac->req->operation == LDB_EXTENDED) {
                        /* FIXME: check for ares->response, replmd does not fill it ! */
                        if (ares->response) {
                if (ac->finished_requests == ac->num_requests) {
                        /* this was the last one, call callback */
                        return ldb_module_done(ac->req, ares->controls,
 -                                              ares->response, ares->error);
 +                                             ares->response, 
 +                                             ac->got_success?LDB_SUCCESS:ares->error);
                }
  
                /* not the last, now call the next one */
@@@ -472,6 -466,14 +472,14 @@@ static int partition_search(struct ldb_
                return LDB_ERR_OPERATIONS_ERROR;
        }
  
+       /*
+        * for now pass down the LDB_CONTROL_SEARCH_OPTIONS_OID control
+        * down as uncritical to make windows 2008 dcpromo happy.
+        */
+       if (search_control) {
+               search_control->critical = 0;
+       }
        /* TODO:
           Generate referrals (look for a partition under this DN) if we don't have the above control specified
        */
                        return partition_send_all(module, ac, req);
                }
                for (i=0; data && data->partitions && data->partitions[i]; i++) {
 -                      /* Find all partitions under the search base */
 -                      if (ldb_dn_compare_base(req->op.search.base, data->partitions[i]->dn) == 0) {
 +                      bool match = false, stop = false;
 +                      /* Find all partitions under the search base 
 +                         
 +                         we match if:
 +
 +                            1) the DN we are looking for exactly matches the partition
 +                           or
 +                            2) the DN we are looking for is a parent of the partition and it isn't
 +                                 a scope base search
 +                             or
 +                            3) the DN we are looking for is a child of the partition
 +                       */
 +                      if (ldb_dn_compare(data->partitions[i]->dn, req->op.search.base) == 0) {
 +                              match = true;
 +                              if (req->op.search.scope == LDB_SCOPE_BASE) {
 +                                      stop = true;
 +                              }
 +                      }
 +                      if (!match && 
 +                          (ldb_dn_compare_base(req->op.search.base, data->partitions[i]->dn) == 0 &&
 +                           req->op.search.scope != LDB_SCOPE_BASE)) {
 +                              match = true;
 +                      }
 +                      if (!match &&
 +                          ldb_dn_compare_base(data->partitions[i]->dn, req->op.search.base) == 0) {
 +                              match = true;
 +                              stop = true; /* note that this relies on partition ordering */
 +                      }
 +                      if (match) {
                                ret = partition_prep_request(ac, data->partitions[i]);
                                if (ret != LDB_SUCCESS) {
                                        return ret;
                                }
                        }
 +                      if (stop) break;
                }
  
                /* Perhaps we didn't match any partitions.  Try the main partition, only */
@@@ -612,7 -586,7 +620,7 @@@ static int partition_rename(struct ldb_
        }
  
        for (i=0; data && data->partitions && data->partitions[i]; i++) {
 -              if (ldb_dn_compare_base(req->op.rename.olddn, data->partitions[i]->dn) == 0) {
 +              if (ldb_dn_compare_base(data->partitions[i]->dn, req->op.rename.olddn) == 0) {
                        matched = i;
                }
        }
@@@ -1186,6 -1160,20 +1194,20 @@@ static int partition_init(struct ldb_mo
                }
        }
  
+       ret = ldb_mod_register_control(module, LDB_CONTROL_DOMAIN_SCOPE_OID);
+       if (ret != LDB_SUCCESS) {
+               ldb_debug(module->ldb, LDB_DEBUG_ERROR,
+                       "partition: Unable to register control with rootdse!\n");
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
+       ret = ldb_mod_register_control(module, LDB_CONTROL_SEARCH_OPTIONS_OID);
+       if (ret != LDB_SUCCESS) {
+               ldb_debug(module->ldb, LDB_DEBUG_ERROR,
+                       "partition: Unable to register control with rootdse!\n");
+               return LDB_ERR_OPERATIONS_ERROR;
+       }
        talloc_free(mem_ctx);
        return ldb_next_init(module);
  }