From 107bfa0d6b16a095dfb0e2f960155a03fa9709a2 Mon Sep 17 00:00:00 2001 From: Isaac Boukris Date: Thu, 11 Jun 2020 21:05:07 +0300 Subject: [PATCH 1/3] Fix a typo in recent net man page changes BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406 Signed-off-by: Isaac Boukris Reviewed-by: Andreas Schneider --- docs-xml/manpages/net.8.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml index cbab9c63a5e..951ddcd7c3a 100644 --- a/docs-xml/manpages/net.8.xml +++ b/docs-xml/manpages/net.8.xml @@ -497,7 +497,7 @@ joining the domain. -[FQDN] (ADS only) set the dnsHosName attribute during the join. +[FQDN] (ADS only) set the dnsHostName attribute during the join. The default format is netbiosname.dnsdomain. -- 2.25.4 From a1fce870eb024a2109c54bcc90bf9d5c6a1a45a8 Mon Sep 17 00:00:00 2001 From: Isaac Boukris Date: Tue, 16 Jun 2020 22:01:49 +0300 Subject: [PATCH 2/3] selftest: add tests for binary msDS-AdditionalDnsHostName Like the short names added implicitly by Windows DC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406 Signed-off-by: Isaac Boukris Reviewed-by: Andreas Schneider --- selftest/knownfail.d/binary_addl_hostname | 3 +++ testprogs/blackbox/test_net_ads.sh | 22 ++++++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 selftest/knownfail.d/binary_addl_hostname diff --git a/selftest/knownfail.d/binary_addl_hostname b/selftest/knownfail.d/binary_addl_hostname new file mode 100644 index 00000000000..559db1df507 --- /dev/null +++ b/selftest/knownfail.d/binary_addl_hostname @@ -0,0 +1,3 @@ +^samba4.blackbox.net_ads.dns alias1 check keytab +^samba4.blackbox.net_ads.dns alias2 check keytab +^samba4.blackbox.net_ads.addl short check keytab diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh index 85257f445d8..eef4a31a6a7 100755 --- a/testprogs/blackbox/test_net_ads.sh +++ b/testprogs/blackbox/test_net_ads.sh @@ -41,6 +41,11 @@ if [ -x "$BINDIR/ldbdel" ]; then ldbdel="$BINDIR/ldbdel" fi +ldbmodify="ldbmodify" +if [ -x "$BINDIR/ldbmodify" ]; then + ldbmodify="$BINDIR/ldbmodify" +fi + # Load test functions . `dirname $0`/subunit.sh @@ -217,12 +222,29 @@ testit_grep "dns alias SPN" $dns_alias2 $VALGRIND $net_tool ads search -P samacc testit_grep "dns alias addl" $dns_alias1 $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ msDS-AdditionalDnsHostName || failed=`expr $failed + 1` testit_grep "dns alias addl" $dns_alias2 $VALGRIND $net_tool ads search -P samaccountname=$netbios\$ msDS-AdditionalDnsHostName || failed=`expr $failed + 1` +# Test binary msDS-AdditionalDnsHostName like ones added by Windows DC +short_alias_file="$PREFIX_ABS/short_alias_file" +printf 'short_alias\0$' > $short_alias_file +cat > $PREFIX_ABS/tmpldbmodify < Date: Thu, 11 Jun 2020 16:51:27 +0300 Subject: [PATCH 3/3] Properly handle msDS-AdditionalDnsHostName returned from Windows DC Windows DC adds short names for each specified msDS-AdditionalDnsHostName attribute, but these have a suffix of "\0$" and thus fail with ldap_get_values(), use ldap_get_values_len() instead. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14406 Signed-off-by: Isaac Boukris Reviewed-by: Andreas Schneider --- selftest/knownfail.d/binary_addl_hostname | 3 -- source3/libads/ldap.c | 38 +++++++++++++++++++++-- 2 files changed, 35 insertions(+), 6 deletions(-) delete mode 100644 selftest/knownfail.d/binary_addl_hostname diff --git a/selftest/knownfail.d/binary_addl_hostname b/selftest/knownfail.d/binary_addl_hostname deleted file mode 100644 index 559db1df507..00000000000 --- a/selftest/knownfail.d/binary_addl_hostname +++ /dev/null @@ -1,3 +0,0 @@ -^samba4.blackbox.net_ads.dns alias1 check keytab -^samba4.blackbox.net_ads.dns alias2 check keytab -^samba4.blackbox.net_ads.addl short check keytab diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c index d443e3ee20c..51ceb447254 100755 --- a/source3/libads/ldap.c +++ b/source3/libads/ldap.c @@ -3685,6 +3685,40 @@ out: /******************************************************************** ********************************************************************/ +static char **get_addl_hosts(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, + LDAPMessage *msg, size_t *num_values) +{ + const char *field = "msDS-AdditionalDnsHostName"; + struct berval **values = NULL; + char **ret = NULL; + size_t i, converted_size; + + values = ldap_get_values_len(ads->ldap.ld, msg, field); + if (values == NULL) { + return NULL; + } + + *num_values = ldap_count_values_len(values); + + ret = talloc_array(mem_ctx, char *, *num_values + 1); + if (ret == NULL) { + ldap_value_free_len(values); + return NULL; + } + + for (i = 0; i < *num_values; i++) { + if (!pull_utf8_talloc(mem_ctx, &ret[i], values[i]->bv_val, + &converted_size)) { + ldap_value_free_len(values); + return NULL; + } + } + ret[i] = NULL; + + ldap_value_free_len(values); + return ret; +} + ADS_STATUS ads_get_additional_dns_hostnames(TALLOC_CTX *mem_ctx, ADS_STRUCT *ads, const char *machine_name, @@ -3710,9 +3744,7 @@ ADS_STATUS ads_get_additional_dns_hostnames(TALLOC_CTX *mem_ctx, goto done; } - *hostnames_array = ads_pull_strings(ads, mem_ctx, res, - "msDS-AdditionalDnsHostName", - num_hostnames); + *hostnames_array = get_addl_hosts(ads, mem_ctx, res, num_hostnames); if (*hostnames_array == NULL) { DEBUG(1, ("Host account for %s does not have msDS-AdditionalDnsHostName.\n", machine_name)); -- 2.25.4