samba/SOURCES/samba-4.12-fix_winbind_lookuprids.patch
2021-09-10 04:12:32 +00:00

131 lines
4.8 KiB
Diff

From 3b8312df417b1a1fbd712b9494d5dad495e33f6d Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Wed, 8 Jul 2020 15:00:49 +0200
Subject: [PATCH 1/2] winbind: Add test for lookuprids cache problem
When reading entries from gencache, wb_cache_rids_to_names() can
return STATUS_SOME_UNMAPPED, which _wbint_LookupRids() does not handle
correctly.
This test enforces this situation by filling gencache with one wbinfo
-R and then erasing the winbindd_cache.tdb. This forces winbind to
enter the domain helper process, which will then read from gencache
filled with the previous wbinfo -R.
Without having the entries cached this does not happen because
wb_cache_rids_to_names() via the do_query: path calls deep inside
calls dcerpc_lsa_lookup_sids_noalloc(), which hides the
STATUS_SOME_UNMAPPED that came in as lsa_LookupSids result value.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 04eafce653afcff517317d2b190acc4f0cbf4c61)
---
selftest/knownfail.d/lookuprids_cache | 1 +
.../tests/test_wbinfo_lookuprids_cache.sh | 21 +++++++++++++++++++
source3/selftest/tests.py | 5 +++++
3 files changed, 27 insertions(+)
create mode 100644 selftest/knownfail.d/lookuprids_cache
create mode 100755 source3/script/tests/test_wbinfo_lookuprids_cache.sh
diff --git a/selftest/knownfail.d/lookuprids_cache b/selftest/knownfail.d/lookuprids_cache
new file mode 100644
index 00000000000..d3c40a62b45
--- /dev/null
+++ b/selftest/knownfail.d/lookuprids_cache
@@ -0,0 +1 @@
+^samba.wbinfo_lookuprids_cache.lookuprids2\(nt4_member:local\)
\ No newline at end of file
diff --git a/source3/script/tests/test_wbinfo_lookuprids_cache.sh b/source3/script/tests/test_wbinfo_lookuprids_cache.sh
new file mode 100755
index 00000000000..0b21ffcd7c9
--- /dev/null
+++ b/source3/script/tests/test_wbinfo_lookuprids_cache.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+WBINFO="$VALGRIND ${WBINFO:-$BINDIR/wbinfo}"
+TDBTOOL="${TDBTOOL:-$BINDIR/tdbtool}"
+TDBDUMP="${TDBDUMP:-$BINDIR/tdbdump}"
+NET="$VALGRIND ${NET:-$BINDIR/net}"
+
+cache="$LOCK_DIR"/winbindd_cache.tdb
+
+incdir=`dirname $0`/../../../testprogs/blackbox
+. $incdir/subunit.sh
+
+testit "flush" "$NET" "cache" "flush" || failed=`expr $failed + 1`
+testit "lookuprids1" "$WBINFO" "-R" "512,12345" || failed=`expr $failed + 1`
+
+key=$("$TDBDUMP" "$cache" | grep ^key.*NDR.*/16/ | cut -d\" -f2)
+
+testit "delete" "$TDBTOOL" "$cache" delete "$key"
+testit "lookuprids2" "$WBINFO" "-R" "512,12345" || failed=`expr $failed + 1`
+
+testok $0 $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index dc44160e50d..b01a3c1aad1 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -332,6 +332,11 @@ env = "nt4_member:local"
plantestsuite("samba3.wbinfo_sids_to_xids", env,
[os.path.join(srcdir(),
"nsswitch/tests/test_wbinfo_sids_to_xids.sh")])
+plantestsuite(
+ "samba.wbinfo_lookuprids_cache",
+ env,
+ [os.path.join(samba3srcdir,
+ "script/tests/test_wbinfo_lookuprids_cache.sh")])
env = "ad_member"
t = "WBCLIENT-MULTI-PING"
--
2.20.1
From 7389996f5e04acb79a760cb72b9d5c5a617262b8 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Wed, 8 Jul 2020 15:09:45 +0200
Subject: [PATCH 2/2] winbind: Fix lookuprids cache problem
Bug: https://bugzilla.samba.org/show_bug.cgi?id=14435
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Thu Jul 9 21:40:52 UTC 2020 on sn-devel-184
(cherry picked from commit cd4122d91e942ca465c03505d5e148117f505ba4)
---
selftest/knownfail.d/lookuprids_cache | 1 -
source3/winbindd/winbindd_dual_srv.c | 3 ++-
2 files changed, 2 insertions(+), 2 deletions(-)
delete mode 100644 selftest/knownfail.d/lookuprids_cache
diff --git a/selftest/knownfail.d/lookuprids_cache b/selftest/knownfail.d/lookuprids_cache
deleted file mode 100644
index d3c40a62b45..00000000000
--- a/selftest/knownfail.d/lookuprids_cache
+++ /dev/null
@@ -1 +0,0 @@
-^samba.wbinfo_lookuprids_cache.lookuprids2\(nt4_member:local\)
\ No newline at end of file
diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c
index 13345caa41b..63bb614a0ca 100644
--- a/source3/winbindd/winbindd_dual_srv.c
+++ b/source3/winbindd/winbindd_dual_srv.c
@@ -672,7 +672,8 @@ NTSTATUS _wbint_LookupRids(struct pipes_struct *p, struct wbint_LookupRids *r)
r->in.rids->rids, r->in.rids->num_rids,
&domain_name, &names, &types);
reset_cm_connection_on_error(domain, NULL, status);
- if (!NT_STATUS_IS_OK(status)) {
+ if (!NT_STATUS_IS_OK(status) &&
+ !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
return status;
}
--
2.20.1