From: Andrew Bartlett Date: Mon, 16 Oct 2006 01:19:01 +0000 (+0000) Subject: r19308: Merge samsync fixes from SAMBA_4_0_RELEASE X-Git-Tag: samba-4.0.0alpha6~801^3~4489 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=379e6598e128e5e63a10bd6a81ede01d3965a8be;p=thirdparty%2Fsamba.git r19308: Merge samsync fixes from SAMBA_4_0_RELEASE Andrew Bartlett (This used to be commit 331003239972d80864211377e864f7e469bd3d77) --- diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index d8ef9176fdc..6f24c7fa4c9 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -102,7 +102,7 @@ static int add_password_hashes(struct ldb_module *module, struct ldb_message *ms sambaPassword = ldb_msg_find_attr_as_string(msg, "sambaPassword", NULL); if (sambaPassword == NULL) { /* impossible, what happened ?! */ - return LDB_ERR_OPERATIONS_ERROR; + return LDB_ERR_CONSTRAINT_VIOLATION; } if (is_mod) { @@ -634,6 +634,20 @@ static int password_hash_add(struct ldb_module *module, struct ldb_request *req) return LDB_ERR_CONSTRAINT_VIOLATION; } + if (sambaAttr && sambaAttr->num_values == 0) { + ldb_set_errstring(module->ldb, "sambaPassword must have a value!\n"); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + + if (ntAttr && (ntAttr->num_values == 0)) { + ldb_set_errstring(module->ldb, "lmPwdHash must have a value!\n"); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + if (lmAttr && (lmAttr->num_values == 0)) { + ldb_set_errstring(module->ldb, "lmPwdHash must have a value!\n"); + return LDB_ERR_CONSTRAINT_VIOLATION; + } + h = ph_init_handle(req, module, PH_ADD); if (!h) { return LDB_ERR_OPERATIONS_ERROR; diff --git a/source4/libnet/libnet_samsync_ldb.c b/source4/libnet/libnet_samsync_ldb.c index 89123932319..31591e62463 100644 --- a/source4/libnet/libnet_samsync_ldb.c +++ b/source4/libnet/libnet_samsync_ldb.c @@ -128,11 +128,14 @@ static NTSTATUS samsync_ldb_handle_domain(TALLOC_CTX *mem_ctx, } if (database == SAM_DATABASE_DOMAIN) { + const struct ldb_dn *partitions_basedn; const char *domain_attrs[] = {"nETBIOSName", "nCName", NULL}; struct ldb_message **msgs_domain; int ret_domain; - ret_domain = gendb_search(state->sam_ldb, mem_ctx, NULL, &msgs_domain, domain_attrs, + partitions_basedn = samdb_partitions_dn(state->sam_ldb, mem_ctx); + + ret_domain = gendb_search(state->sam_ldb, mem_ctx, partitions_basedn, &msgs_domain, domain_attrs, "(&(&(nETBIOSName=%s)(objectclass=crossRef))(ncName=*))", domain_name); if (ret_domain == -1) { @@ -354,21 +357,23 @@ static NTSTATUS samsync_ldb_handle_user(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - /* Passwords. Ensure there is no plaintext stored against - * this entry, as we only have hashes */ - samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg, - "sambaPassword"); + if (!add) { + /* Passwords. Ensure there is no plaintext stored against + * this entry, as we only have hashes */ + samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg, + "sambaPassword"); + } if (user->lm_password_present) { samdb_msg_add_hash(state->sam_ldb, mem_ctx, msg, "lmPwdHash", &user->lmpassword); - } else { + } else if (!add) { samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg, "lmPwdHash"); } if (user->nt_password_present) { samdb_msg_add_hash(state->sam_ldb, mem_ctx, msg, "ntPwdHash", &user->ntpassword); - } else { + } else if (!add) { samdb_msg_add_delete(state->sam_ldb, mem_ctx, msg, "ntPwdHash"); }