The branch, v3-3-test has been updated
via a74cb0ca04d61df6f01f3d737e52a8b7349d5a73 (commit)
from 34ca12c9396f7c8475cd1525bdbc40021b0e533f (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit a74cb0ca04d61df6f01f3d737e52a8b7349d5a73
Author: Michael Adam <[email protected]>
Date: Wed May 27 19:24:03 2009 +0200
s3:idmap_tdb2: filter out of range mappings in default idmap config
This fixes bug #6416
Michael
(cherry picked from commit e12670a1053edf57af137026bd3fdb9fc7dfb0b2)
-----------------------------------------------------------------------
Summary of changes:
source/winbindd/idmap_tdb2.c | 61 +++++++++++++++++++++++++++++++++--------
1 files changed, 49 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/winbindd/idmap_tdb2.c b/source/winbindd/idmap_tdb2.c
index 0607713..679a1b5 100644
--- a/source/winbindd/idmap_tdb2.c
+++ b/source/winbindd/idmap_tdb2.c
@@ -342,8 +342,6 @@ static NTSTATUS idmap_tdb2_db_init(struct idmap_domain *dom,
{
NTSTATUS ret;
struct idmap_tdb2_context *ctx;
- char *config_option = NULL;
- const char *range;
NTSTATUS status;
status = idmap_tdb2_open_db();
@@ -355,24 +353,63 @@ static NTSTATUS idmap_tdb2_db_init(struct idmap_domain
*dom,
return NT_STATUS_NO_MEMORY;
}
- config_option = talloc_asprintf(ctx, "idmap config %s", dom->name);
- if ( ! config_option) {
- DEBUG(0, ("Out of memory!\n"));
- ret = NT_STATUS_NO_MEMORY;
- goto failed;
+ if (strequal(dom->name, "*")) {
+ uid_t low_uid = 0;
+ uid_t high_uid = 0;
+ gid_t low_gid = 0;
+ gid_t high_gid = 0;
+
+ ctx->filter_low_id = 0;
+ ctx->filter_high_id = 0;
+
+ if (lp_idmap_uid(&low_uid, &high_uid)) {
+ ctx->filter_low_id = low_uid;
+ ctx->filter_high_id = high_uid;
+ } else {
+ DEBUG(3, ("Warning: 'idmap uid' not set!\n"));
+ }
+
+ if (lp_idmap_gid(&low_gid, &high_gid)) {
+ if ((low_gid != low_uid) || (high_gid != high_uid)) {
+ DEBUG(1, ("Warning: 'idmap uid' and 'idmap gid'"
+ " ranges do not agree -- building "
+ "intersection\n"));
+ ctx->filter_low_id = MAX(ctx->filter_low_id,
+ low_gid);
+ ctx->filter_high_id = MIN(ctx->filter_high_id,
+ high_gid);
+ }
+ } else {
+ DEBUG(3, ("Warning: 'idmap gid' not set!\n"));
+ }
+ } else {
+ char *config_option = NULL;
+ const char *range;
+ config_option = talloc_asprintf(ctx, "idmap config %s",
dom->name);
+ if ( ! config_option) {
+ DEBUG(0, ("Out of memory!\n"));
+ ret = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+
+ range = lp_parm_const_string(-1, config_option, "range", NULL);
+ if (( ! range) ||
+ (sscanf(range, "%u - %u", &ctx->filter_low_id,
&ctx->filter_high_id) != 2))
+ {
+ ctx->filter_low_id = 0;
+ ctx->filter_high_id = 0;
+ }
+
+ talloc_free(config_option);
}
- range = lp_parm_const_string(-1, config_option, "range", NULL);
- if (( ! range) ||
- (sscanf(range, "%u - %u", &ctx->filter_low_id,
&ctx->filter_high_id) != 2) ||
- (ctx->filter_low_id > ctx->filter_high_id)) {
+ if (ctx->filter_low_id > ctx->filter_high_id) {
ctx->filter_low_id = 0;
ctx->filter_high_id = 0;
}
dom->private_data = ctx;
- talloc_free(config_option);
return NT_STATUS_OK;
failed:
--
Samba Shared Repository
