The branch, master has been updated via c29447f s3:lib/ctdb_conn make sure we are root before connecting to CTDB via d67e614 lib: Add before/after hooks to async_connect via 272a58a waf: build vfs_aixacl2 module by default on AIX via 162ec83 waf: only use -fstack-protector when both compiler and linker support it from 355f78f docs/rpcdaemon: some formating fixes
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit c29447f2b8705630a24d3d73f76661af296a4c4d Author: Christian Ambach <a...@samba.org> Date: Thu May 16 15:07:44 2013 +0200 s3:lib/ctdb_conn make sure we are root before connecting to CTDB CTDB socket is only reachable for root, make sure we are root when trying to connect to it Signed-off-by: Christian Ambach <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Autobuild-User(master): Christian Ambach <a...@samba.org> Autobuild-Date(master): Fri May 17 13:16:37 CEST 2013 on sn-devel-104 commit d67e614a07cbf143293436d380aba9a022c0e31b Author: Volker Lendecke <v...@samba.org> Date: Thu May 16 16:11:54 2013 +0200 lib: Add before/after hooks to async_connect This will facilitiate [un]become_root for smbd to connect safely to ctdbd. Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Christian Ambach <a...@samba.org> commit 272a58afff69f52704bcc9a62947853b638420d5 Author: Christian Ambach <a...@samba.org> Date: Tue May 7 09:08:07 2013 +0200 waf: build vfs_aixacl2 module by default on AIX Signed-off-by: Christian Ambach <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 162ec83f68efc89c46630f6842700bca8f16b201 Author: Christian Ambach <a...@samba.org> Date: Tue May 7 09:06:50 2013 +0200 waf: only use -fstack-protector when both compiler and linker support it otherwise build with xlc on AIX fails because the compiler silently ignores the parameter but the linker does not like it Signed-off-by: Christian Ambach <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: lib/async_req/async_sock.c | 35 +++++++++++++++++++++++++++++++---- lib/async_req/async_sock.h | 10 ++++++---- lib/replace/wscript | 2 +- source3/lib/ctdb_conn.c | 15 ++++++++++++++- source3/lib/util_sock.c | 4 ++-- source3/libsmb/unexpected.c | 2 +- source3/torture/wbc_async.c | 2 +- source3/wscript | 2 +- 8 files changed, 57 insertions(+), 15 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c index 9909bc6..59dde88 100644 --- a/lib/async_req/async_sock.c +++ b/lib/async_req/async_sock.c @@ -217,6 +217,10 @@ struct async_connect_state { long old_sockflags; socklen_t address_len; struct sockaddr_storage address; + + void (*before_connect)(void *private_data); + void (*after_connect)(void *private_data); + void *private_data; }; static void async_connect_connected(struct tevent_context *ev, @@ -236,10 +240,12 @@ static void async_connect_connected(struct tevent_context *ev, * connect in an async state. This will be reset when the request is finished. */ -struct tevent_req *async_connect_send(TALLOC_CTX *mem_ctx, - struct tevent_context *ev, - int fd, const struct sockaddr *address, - socklen_t address_len) +struct tevent_req *async_connect_send( + TALLOC_CTX *mem_ctx, struct tevent_context *ev, int fd, + const struct sockaddr *address, socklen_t address_len, + void (*before_connect)(void *private_data), + void (*after_connect)(void *private_data), + void *private_data) { struct tevent_req *result; struct async_connect_state *state; @@ -258,6 +264,9 @@ struct tevent_req *async_connect_send(TALLOC_CTX *mem_ctx, state->fd = fd; state->sys_errno = 0; + state->before_connect = before_connect; + state->after_connect = after_connect; + state->private_data = private_data; state->old_sockflags = fcntl(fd, F_GETFL, 0); if (state->old_sockflags == -1) { @@ -273,7 +282,16 @@ struct tevent_req *async_connect_send(TALLOC_CTX *mem_ctx, set_blocking(fd, false); + if (state->before_connect != NULL) { + state->before_connect(state->private_data); + } + state->result = connect(fd, address, address_len); + + if (state->after_connect != NULL) { + state->after_connect(state->private_data); + } + if (state->result == 0) { tevent_req_done(result); goto done; @@ -328,8 +346,17 @@ static void async_connect_connected(struct tevent_context *ev, tevent_req_data(req, struct async_connect_state); int ret; + if (state->before_connect != NULL) { + state->before_connect(state->private_data); + } + ret = connect(state->fd, (struct sockaddr *)(void *)&state->address, state->address_len); + + if (state->after_connect != NULL) { + state->after_connect(state->private_data); + } + if (ret == 0) { state->sys_errno = 0; TALLOC_FREE(fde); diff --git a/lib/async_req/async_sock.h b/lib/async_req/async_sock.h index af917bc..494b92e 100644 --- a/lib/async_req/async_sock.h +++ b/lib/async_req/async_sock.h @@ -40,10 +40,12 @@ struct tevent_req *recvfrom_send(TALLOC_CTX *mem_ctx, socklen_t *addr_len); ssize_t recvfrom_recv(struct tevent_req *req, int *perrno); -struct tevent_req *async_connect_send(TALLOC_CTX *mem_ctx, - struct tevent_context *ev, - int fd, const struct sockaddr *address, - socklen_t address_len); +struct tevent_req *async_connect_send( + TALLOC_CTX *mem_ctx, struct tevent_context *ev, int fd, + const struct sockaddr *address, socklen_t address_len, + void (*before_connect)(void *private_data), + void (*after_connect)(void *private_data), + void *private_data); int async_connect_recv(struct tevent_req *req, int *perrno); struct tevent_req *writev_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, diff --git a/lib/replace/wscript b/lib/replace/wscript index 9483e23..bc45ee9 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -53,7 +53,7 @@ struct foo bar = { .y = 'X', .x = 1 }; conf.ADD_CFLAGS(f) break - if conf.CHECK_CFLAGS(['-fstack-protector']): + if conf.CHECK_CFLAGS(['-fstack-protector']) and conf.CHECK_LDFLAGS(['-fstack-protector']): conf.ADD_CFLAGS('-fstack-protector') conf.ADD_LDFLAGS('-fstack-protector') diff --git a/source3/lib/ctdb_conn.c b/source3/lib/ctdb_conn.c index a96615f..90930eb 100644 --- a/source3/lib/ctdb_conn.c +++ b/source3/lib/ctdb_conn.c @@ -35,6 +35,18 @@ struct ctdb_conn_init_state { struct ctdb_conn *conn; }; +/* + * use the callbacks of async_connect_send to make sure + * we are connecting to CTDB as root + */ +static void before_connect_cb(void *private_data) { + become_root(); +} + +static void after_connect_cb(void *private_data) { + unbecome_root(); +} + static void ctdb_conn_init_done(struct tevent_req *subreq); static int ctdb_conn_destructor(struct ctdb_conn *conn); @@ -83,7 +95,8 @@ struct tevent_req *ctdb_conn_init_send(TALLOC_CTX *mem_ctx, subreq = async_connect_send(state, ev, state->conn->fd, (struct sockaddr *)&state->addr, - sizeof(state->addr)); + sizeof(state->addr), before_connect_cb, + after_connect_cb, NULL); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index 8f212e5..eb38055 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -586,7 +586,7 @@ struct tevent_req *open_socket_out_send(TALLOC_CTX *mem_ctx, subreq = async_connect_send(state, state->ev, state->fd, (struct sockaddr *)&state->ss, - state->salen); + state->salen, NULL, NULL, NULL); if ((subreq == NULL) || !tevent_req_set_endtime( subreq, state->ev, @@ -638,7 +638,7 @@ static void open_socket_out_connected(struct tevent_req *subreq) subreq = async_connect_send(state, state->ev, state->fd, (struct sockaddr *)&state->ss, - state->salen); + state->salen, NULL, NULL, NULL); if (tevent_req_nomem(subreq, req)) { return; } diff --git a/source3/libsmb/unexpected.c b/source3/libsmb/unexpected.c index f537b3d..2c01bb7 100644 --- a/source3/libsmb/unexpected.c +++ b/source3/libsmb/unexpected.c @@ -514,7 +514,7 @@ struct tevent_req *nb_packet_reader_send(TALLOC_CTX *mem_ctx, subreq = async_connect_send(state, ev, state->reader->sock, (struct sockaddr *)(void *)&state->addr, - sizeof(state->addr)); + sizeof(state->addr), NULL, NULL, NULL); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } diff --git a/source3/torture/wbc_async.c b/source3/torture/wbc_async.c index 9252b58..71e4de7 100644 --- a/source3/torture/wbc_async.c +++ b/source3/torture/wbc_async.c @@ -288,7 +288,7 @@ static struct tevent_req *wb_connect_send(TALLOC_CTX *mem_ctx, subreq = async_connect_send(mem_ctx, ev, wb_ctx->fd, (struct sockaddr *)(void *)&sunaddr, - sizeof(sunaddr)); + sizeof(sunaddr), NULL, NULL, NULL); if (subreq == NULL) { goto nomem; } diff --git a/source3/wscript b/source3/wscript index 5a3805f..280a51f 100644 --- a/source3/wscript +++ b/source3/wscript @@ -425,7 +425,7 @@ utimensat vsyslog _write __write __xstat elif (host_os.rfind('aix') > -1): Logs.info('Using AIX ACLs') conf.DEFINE('HAVE_AIX_ACLS',1) - default_static_modules.extend(TO_LIST('vfs_aixacl')) + default_static_modules.extend(TO_LIST('vfs_aixacl vfs_aixacl2')) elif (host_os.rfind('osf') > -1) and conf.CHECK_FUNCS_IN('pacl', 'acl_get_fd'): Logs.info('Using Tru64 ACLs') conf.DEFINE('HAVE_TRU64_ACLS',1) -- Samba Shared Repository