samba/sme10/libldb-require-version-1.5.4.patch

From a691be8ed36fb5740ae877a46f0aff72ce0c9cb2 Mon Sep 17 00:00:00 2001
From: Isaac Boukris <iboukris@gmail.com>
Date: Mon, 4 May 2020 12:17:37 +0200
Subject: [PATCH] ldb: revert ad-dc fix and keep ldb version at 1.5.4

Revert "ldap server: generate correct referral schemes"

This reverts commit 1958cd8a7fb81ec51b81944ecf4dd0fb5c4208fa.
---
 lib/ldb/include/ldb_module.h               |  5 -----
 lib/ldb/wscript                            |  2 +-
 selftest/knownfail.d/ldap_referrals        |  1 +
 source4/dsdb/samdb/ldb_modules/partition.c | 16 +++++-----------
 source4/ldap_server/ldap_backend.c         | 18 ------------------
 source4/ldap_server/ldap_server.c          |  1 -
 source4/ldap_server/ldap_server.h          |  6 ------
 7 files changed, 7 insertions(+), 42 deletions(-)
 create mode 100644 selftest/knownfail.d/ldap_referrals

diff --git a/lib/ldb/include/ldb_module.h b/lib/ldb/include/ldb_module.h
index 8c47082690b..9a5c61d0e73 100644
--- a/lib/ldb/include/ldb_module.h
+++ b/lib/ldb/include/ldb_module.h
@@ -103,11 +103,6 @@ struct ldb_module;
  * attributes, not to be printed in trace messages */
 #define LDB_SECRET_ATTRIBUTE_LIST_OPAQUE "LDB_SECRET_ATTRIBUTE_LIST"
 
-/*
- * The scheme to be used for referral entries, i.e. ldap or ldaps
- */
-#define LDAP_REFERRAL_SCHEME_OPAQUE "LDAP_REFERRAL_SCHEME"
-
 /*
    these function pointers define the operations that a ldb module can intercept
 */
diff --git a/lib/ldb/wscript b/lib/ldb/wscript
index 0f760a9bc80..d3402a7b5b2 100644
--- a/lib/ldb/wscript
+++ b/lib/ldb/wscript
@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 
 APPNAME = 'ldb'
-VERSION = '1.5.7'
+VERSION = '1.5.4'
 
 import sys, os
 
diff --git a/selftest/knownfail.d/ldap_referrals b/selftest/knownfail.d/ldap_referrals
new file mode 100644
index 00000000000..403f0d3bd6d
--- /dev/null
+++ b/selftest/knownfail.d/ldap_referrals
@@ -0,0 +1 @@
+^samba.ldap.referrals.samba.tests.ldap_referrals.LdapReferralTest.test_ldaps_search
diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c
index f66ccab1dd5..49bdeb04fa5 100644
--- a/source4/dsdb/samdb/ldb_modules/partition.c
+++ b/source4/dsdb/samdb/ldb_modules/partition.c
@@ -902,17 +902,11 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req)
                                                 data->partitions[i]->ctrl->dn) == 0) &&
                            (ldb_dn_compare(req->op.search.base,
                                            data->partitions[i]->ctrl->dn) != 0)) {
-                               const char *scheme = ldb_get_opaque(
-                                   ldb, LDAP_REFERRAL_SCHEME_OPAQUE);
-                               char *ref = talloc_asprintf(
-                                       ac,
-                                       "%s://%s/%s%s",
-                                       scheme == NULL ? "ldap" : scheme,
-                                       lpcfg_dnsdomain(lp_ctx),
-                                       ldb_dn_get_linearized(
-                                           data->partitions[i]->ctrl->dn),
-                                       req->op.search.scope ==
-                                           LDB_SCOPE_ONELEVEL ? "??base" : "");
+                               char *ref = talloc_asprintf(ac,
+                                                           "ldap://%s/%s%s",
+                                                           lpcfg_dnsdomain(lp_ctx),
+                                                           ldb_dn_get_linearized(data->partitions[i]->ctrl->dn),
+                                                           req->op.search.scope == LDB_SCOPE_ONELEVEL ? "??base" : "");
 
                                if (ref == NULL) {
                                        return ldb_oom(ldb);
diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
index 573472c0f7f..39f1aa2a2a6 100644
--- a/source4/ldap_server/ldap_backend.c
+++ b/source4/ldap_server/ldap_backend.c
@@ -647,24 +647,6 @@ static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call)
                call->notification.busy = true;
        }
 
-       {
-               const char *scheme = NULL;
-               switch (call->conn->referral_scheme) {
-               case LDAP_REFERRAL_SCHEME_LDAPS:
-                       scheme = "ldaps";
-                       break;
-               default:
-                       scheme = "ldap";
-               }
-               ldb_ret = ldb_set_opaque(
-                       samdb,
-                       LDAP_REFERRAL_SCHEME_OPAQUE,
-                       discard_const_p(char *, scheme));
-               if (ldb_ret != LDB_SUCCESS) {
-                       goto reply;
-               }
-       }
-
        ldb_set_timeout(samdb, lreq, req->timelimit);
 
        if (!call->conn->is_privileged) {
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index 25c3b624abc..7c7eeb0a6c1 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -436,7 +436,6 @@ static void ldapsrv_accept_tls_done(struct tevent_req *subreq)
        }
 
        conn->sockets.active = conn->sockets.tls;
-       conn->referral_scheme = LDAP_REFERRAL_SCHEME_LDAPS;
        ldapsrv_call_read_next(conn);
 }
 
diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 5b944f5ab9b..d3e31fb1eec 100644
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -24,11 +24,6 @@
 #include "system/network.h"
 #include "lib/param/loadparm.h"
 
-enum ldap_server_referral_scheme {
-       LDAP_REFERRAL_SCHEME_LDAP,
-       LDAP_REFERRAL_SCHEME_LDAPS
-};
-
 struct ldapsrv_connection {
        struct ldapsrv_connection *next, *prev;
        struct loadparm_context *lp_ctx;
@@ -52,7 +47,6 @@ struct ldapsrv_connection {
        bool is_privileged;
        enum ldap_server_require_strong_auth require_strong_auth;
        bool authz_logged;
-       enum ldap_server_referral_scheme referral_scheme;
 
        struct {
                int initial_timeout;
-- 
2.24.1

1	From a691be8ed36fb5740ae877a46f0aff72ce0c9cb2 Mon Sep 17 00:00:00 2001
2	From: Isaac Boukris <iboukris@gmail.com>
3	Date: Mon, 4 May 2020 12:17:37 +0200
4	Subject: [PATCH] ldb: revert ad-dc fix and keep ldb version at 1.5.4
5
6	Revert "ldap server: generate correct referral schemes"
7
8	This reverts commit 1958cd8a7fb81ec51b81944ecf4dd0fb5c4208fa.
9	---
10	lib/ldb/include/ldb_module.h \| 5 -----
11	lib/ldb/wscript \| 2 +-
12	selftest/knownfail.d/ldap_referrals \| 1 +
13	source4/dsdb/samdb/ldb_modules/partition.c \| 16 +++++-----------
14	source4/ldap_server/ldap_backend.c \| 18 ------------------
15	source4/ldap_server/ldap_server.c \| 1 -
16	source4/ldap_server/ldap_server.h \| 6 ------
17	7 files changed, 7 insertions(+), 42 deletions(-)
18	create mode 100644 selftest/knownfail.d/ldap_referrals
19
20	diff --git a/lib/ldb/include/ldb_module.h b/lib/ldb/include/ldb_module.h
21	index 8c47082690b..9a5c61d0e73 100644
22	--- a/lib/ldb/include/ldb_module.h
23	+++ b/lib/ldb/include/ldb_module.h
24	@@ -103,11 +103,6 @@ struct ldb_module;
25	* attributes, not to be printed in trace messages */
26	#define LDB_SECRET_ATTRIBUTE_LIST_OPAQUE "LDB_SECRET_ATTRIBUTE_LIST"
27
28	-/*
29	- * The scheme to be used for referral entries, i.e. ldap or ldaps
30	- */
31	-#define LDAP_REFERRAL_SCHEME_OPAQUE "LDAP_REFERRAL_SCHEME"
32	-
33	/*
34	these function pointers define the operations that a ldb module can intercept
35	*/
36	diff --git a/lib/ldb/wscript b/lib/ldb/wscript
37	index 0f760a9bc80..d3402a7b5b2 100644
38	--- a/lib/ldb/wscript
39	+++ b/lib/ldb/wscript
40	@@ -1,7 +1,7 @@
41	#!/usr/bin/env python
42
43	APPNAME = 'ldb'
44	-VERSION = '1.5.7'
45	+VERSION = '1.5.4'
46
47	import sys, os
48
49	diff --git a/selftest/knownfail.d/ldap_referrals b/selftest/knownfail.d/ldap_referrals
50	new file mode 100644
51	index 00000000000..403f0d3bd6d
52	--- /dev/null
53	+++ b/selftest/knownfail.d/ldap_referrals
54	@@ -0,0 +1 @@
55	+^samba.ldap.referrals.samba.tests.ldap_referrals.LdapReferralTest.test_ldaps_search
56	diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c
57	index f66ccab1dd5..49bdeb04fa5 100644
58	--- a/source4/dsdb/samdb/ldb_modules/partition.c
59	+++ b/source4/dsdb/samdb/ldb_modules/partition.c
60	@@ -902,17 +902,11 @@ static int partition_search(struct ldb_module module, struct ldb_request req)
61	data->partitions[i]->ctrl->dn) == 0) &&
62	(ldb_dn_compare(req->op.search.base,
63	data->partitions[i]->ctrl->dn) != 0)) {
64	- const char *scheme = ldb_get_opaque(
65	- ldb, LDAP_REFERRAL_SCHEME_OPAQUE);
66	- char *ref = talloc_asprintf(
67	- ac,
68	- "%s://%s/%s%s",
69	- scheme == NULL ? "ldap" : scheme,
70	- lpcfg_dnsdomain(lp_ctx),
71	- ldb_dn_get_linearized(
72	- data->partitions[i]->ctrl->dn),
73	- req->op.search.scope ==
74	- LDB_SCOPE_ONELEVEL ? "??base" : "");
75	+ char *ref = talloc_asprintf(ac,
76	+ "ldap://%s/%s%s",
77	+ lpcfg_dnsdomain(lp_ctx),
78	+ ldb_dn_get_linearized(data->partitions[i]->ctrl->dn),
79	+ req->op.search.scope == LDB_SCOPE_ONELEVEL ? "??base" : "");
80
81	if (ref == NULL) {
82	return ldb_oom(ldb);
83	diff --git a/source4/ldap_server/ldap_backend.c b/source4/ldap_server/ldap_backend.c
84	index 573472c0f7f..39f1aa2a2a6 100644
85	--- a/source4/ldap_server/ldap_backend.c
86	+++ b/source4/ldap_server/ldap_backend.c
87	@@ -647,24 +647,6 @@ static NTSTATUS ldapsrv_SearchRequest(struct ldapsrv_call *call)
88	call->notification.busy = true;
89	}
90
91	- {
92	- const char *scheme = NULL;
93	- switch (call->conn->referral_scheme) {
94	- case LDAP_REFERRAL_SCHEME_LDAPS:
95	- scheme = "ldaps";
96	- break;
97	- default:
98	- scheme = "ldap";
99	- }
100	- ldb_ret = ldb_set_opaque(
101	- samdb,
102	- LDAP_REFERRAL_SCHEME_OPAQUE,
103	- discard_const_p(char *, scheme));
104	- if (ldb_ret != LDB_SUCCESS) {
105	- goto reply;
106	- }
107	- }
108	-
109	ldb_set_timeout(samdb, lreq, req->timelimit);
110
111	if (!call->conn->is_privileged) {
112	diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
113	index 25c3b624abc..7c7eeb0a6c1 100644
114	--- a/source4/ldap_server/ldap_server.c
115	+++ b/source4/ldap_server/ldap_server.c
116	@@ -436,7 +436,6 @@ static void ldapsrv_accept_tls_done(struct tevent_req *subreq)
117	}
118
119	conn->sockets.active = conn->sockets.tls;
120	- conn->referral_scheme = LDAP_REFERRAL_SCHEME_LDAPS;
121	ldapsrv_call_read_next(conn);
122	}
123
124	diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
125	index 5b944f5ab9b..d3e31fb1eec 100644
126	--- a/source4/ldap_server/ldap_server.h
127	+++ b/source4/ldap_server/ldap_server.h
128	@@ -24,11 +24,6 @@
129	#include "system/network.h"
130	#include "lib/param/loadparm.h"
131
132	-enum ldap_server_referral_scheme {
133	- LDAP_REFERRAL_SCHEME_LDAP,
134	- LDAP_REFERRAL_SCHEME_LDAPS
135	-};
136	-
137	struct ldapsrv_connection {
138	struct ldapsrv_connection next, prev;
139	struct loadparm_context *lp_ctx;
140	@@ -52,7 +47,6 @@ struct ldapsrv_connection {
141	bool is_privileged;
142	enum ldap_server_require_strong_auth require_strong_auth;
143	bool authz_logged;
144	- enum ldap_server_referral_scheme referral_scheme;
145
146	struct {
147	int initial_timeout;
148	--
149	2.24.1
150