The branch, v3-3-test has been updated
via 307c73ce8bc29803230c22e3f8abd579c5d90ba2 (commit)
from 06cab60eb0ba966174f493fcbe25bede0c5d2125 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit 307c73ce8bc29803230c22e3f8abd579c5d90ba2
Author: Michael Adam <[email protected]>
Date: Wed May 27 19:12:28 2009 +0200
s3:idmap_tdb: filter out of range mappings in default idmap config
This fixes bug #6415
Michael
(cherry picked from commit 3d3f39838261ddc401053dadcc5bd8e6317a3a8e)
-----------------------------------------------------------------------
Summary of changes:
source/winbindd/idmap_tdb.c | 73 +++++++++++++++++++++++++++++++++---------
1 files changed, 57 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/winbindd/idmap_tdb.c b/source/winbindd/idmap_tdb.c
index 1dfda1f..0a0ee04 100644
--- a/source/winbindd/idmap_tdb.c
+++ b/source/winbindd/idmap_tdb.c
@@ -569,8 +569,6 @@ static NTSTATUS idmap_tdb_db_init(struct idmap_domain *dom,
const char *params)
{
NTSTATUS ret;
struct idmap_tdb_context *ctx;
- char *config_option = NULL;
- const char *range;
ctx = talloc(dom, struct idmap_tdb_context);
if ( ! ctx) {
@@ -578,29 +576,72 @@ static NTSTATUS idmap_tdb_db_init(struct idmap_domain
*dom, const char *params)
return NT_STATUS_NO_MEMORY;
}
- config_option = talloc_asprintf(ctx, "idmap config %s", dom->name);
- if ( ! config_option) {
- DEBUG(0, ("Out of memory!\n"));
- ret = NT_STATUS_NO_MEMORY;
- goto failed;
- }
+ if (strequal(dom->name, "*")) {
+ uid_t low_uid = 0;
+ uid_t high_uid = 0;
+ gid_t low_gid = 0;
+ gid_t high_gid = 0;
- ret = idmap_tdb_open_db(ctx, &ctx->tdb);
- if ( ! NT_STATUS_IS_OK(ret)) {
- goto failed;
+ ctx->filter_low_id = 0;
+ ctx->filter_high_id = 0;
+
+ if (lp_idmap_uid(&low_uid, &high_uid)) {
+ ctx->filter_low_id = low_uid;
+ ctx->filter_high_id = high_uid;
+ } else {
+ DEBUG(3, ("Warning: 'idmap uid' not set!\n"));
+ }
+
+ if (lp_idmap_gid(&low_gid, &high_gid)) {
+ if ((low_gid != low_uid) || (high_gid != high_uid)) {
+ DEBUG(1, ("Warning: 'idmap uid' and 'idmap gid'"
+ " ranges do not agree -- building "
+ "intersection\n"));
+ ctx->filter_low_id = MAX(ctx->filter_low_id,
+ low_gid);
+ ctx->filter_high_id = MIN(ctx->filter_high_id,
+ high_gid);
+ }
+ } else {
+ DEBUG(3, ("Warning: 'idmap gid' not set!\n"));
+ }
+ } else {
+ char *config_option = NULL;
+ const char *range;
+
+ config_option = talloc_asprintf(ctx, "idmap config %s",
dom->name);
+ if ( ! config_option) {
+ DEBUG(0, ("Out of memory!\n"));
+ ret = NT_STATUS_NO_MEMORY;
+ goto failed;
+ }
+
+ range = lp_parm_const_string(-1, config_option, "range", NULL);
+ if (( ! range) ||
+ (sscanf(range, "%u - %u", &ctx->filter_low_id,
&ctx->filter_high_id) != 2))
+ {
+ ctx->filter_low_id = 0;
+ ctx->filter_high_id = 0;
+ }
+
+ talloc_free(config_option);
}
- range = lp_parm_const_string(-1, config_option, "range", NULL);
- if (( ! range) ||
- (sscanf(range, "%u - %u", &ctx->filter_low_id,
&ctx->filter_high_id) != 2) ||
- (ctx->filter_low_id > ctx->filter_high_id)) {
+ if (ctx->filter_low_id > ctx->filter_high_id) {
ctx->filter_low_id = 0;
ctx->filter_high_id = 0;
}
+ DEBUG(10, ("idmap_tdb_db_init: filter range %u-%u loaded for domain "
+ "'%s'\n", ctx->filter_low_id, ctx->filter_high_id, dom->name));
+
+ ret = idmap_tdb_open_db(ctx, &ctx->tdb);
+ if ( ! NT_STATUS_IS_OK(ret)) {
+ goto failed;
+ }
+
dom->private_data = ctx;
- talloc_free(config_option);
return NT_STATUS_OK;
failed:
--
Samba Shared Repository
