The branch, master has been updated
via 8e8313b2b57 third_party: Update nss_wrapper to version 1.1.7
via 43201969770 lib: Fix an error path memleak in
schannel_get_creds_state()
via b1143a0c7e9 vfs: Use dbwrap_delete() in acl_tdb_delete()
via 0c2a706a11c vfs: Use dbwrap_store() in store_acl_blob_fsp()
via 5852bb96584 vfs: Use direct struct assignment in
store_acl_blob_fsp()
from f38077ea5ee pidl: Handle obtaining objects from a fixed-size array
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8e8313b2b57f3e760876feb5b732d1d2774baa18
Author: Andreas Schneider <[email protected]>
Date: Wed Nov 13 15:41:47 2019 +0100
third_party: Update nss_wrapper to version 1.1.7
This adds missing support for Address Sanitzer.
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Autobuild-User(master): Jeremy Allison <[email protected]>
Autobuild-Date(master): Thu Nov 14 23:50:06 UTC 2019 on sn-devel-184
commit 4320196977012e02765f4804070438149d858e22
Author: Volker Lendecke <[email protected]>
Date: Wed Nov 13 16:29:17 2019 +0100
lib: Fix an error path memleak in schannel_get_creds_state()
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit b1143a0c7e9080996bb47b52df9124d296e4345b
Author: Volker Lendecke <[email protected]>
Date: Wed Nov 13 16:02:11 2019 +0100
vfs: Use dbwrap_delete() in acl_tdb_delete()
Use the wrapper function that's already available for exactly this
purpose.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 0c2a706a11c0ac89476c07f7d7d2554ffd7c342b
Author: Volker Lendecke <[email protected]>
Date: Wed Nov 13 16:02:11 2019 +0100
vfs: Use dbwrap_store() in store_acl_blob_fsp()
Use the wrapper function that's already available for exactly this
purpose.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
commit 5852bb96584afab61cf2635aa25033fd5b9f3a15
Author: Volker Lendecke <[email protected]>
Date: Wed Nov 13 15:59:54 2019 +0100
vfs: Use direct struct assignment in store_acl_blob_fsp()
2 lines less code
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
buildtools/wafsamba/samba_third_party.py | 2 +-
libcli/auth/schannel_state_tdb.c | 1 +
source3/modules/vfs_acl_tdb.c | 51 ++++--------------
third_party/nss_wrapper/nss_wrapper.c | 91 ++++++++++++++++++++------------
third_party/nss_wrapper/wscript | 2 +-
5 files changed, 69 insertions(+), 78 deletions(-)
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/samba_third_party.py
b/buildtools/wafsamba/samba_third_party.py
index d2c798b94f0..38df19369d7 100644
--- a/buildtools/wafsamba/samba_third_party.py
+++ b/buildtools/wafsamba/samba_third_party.py
@@ -29,7 +29,7 @@ Build.BuildContext.CHECK_SOCKET_WRAPPER = CHECK_SOCKET_WRAPPER
@conf
def CHECK_NSS_WRAPPER(conf):
- return conf.CHECK_BUNDLED_SYSTEM_PKG('nss_wrapper', minversion='1.1.6')
+ return conf.CHECK_BUNDLED_SYSTEM_PKG('nss_wrapper', minversion='1.1.7')
Build.BuildContext.CHECK_NSS_WRAPPER = CHECK_NSS_WRAPPER
@conf
diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c
index ce20012ac22..e0ac8a378a0 100644
--- a/libcli/auth/schannel_state_tdb.c
+++ b/libcli/auth/schannel_state_tdb.c
@@ -236,6 +236,7 @@ NTSTATUS schannel_get_creds_state(TALLOC_CTX *mem_ctx,
db_sc = open_schannel_session_store(tmpctx, lp_ctx);
if (!db_sc) {
+ TALLOC_FREE(tmpctx);
return NT_STATUS_ACCESS_DENIED;
}
diff --git a/source3/modules/vfs_acl_tdb.c b/source3/modules/vfs_acl_tdb.c
index 41a65891084..ed88b2bc4a6 100644
--- a/source3/modules/vfs_acl_tdb.c
+++ b/source3/modules/vfs_acl_tdb.c
@@ -89,24 +89,6 @@ static void disconnect_acl_tdb(struct vfs_handle_struct
*handle)
}
}
-/*******************************************************************
- Fetch_lock the tdb acl record for a file
-*******************************************************************/
-
-static struct db_record *acl_tdb_lock(TALLOC_CTX *mem_ctx,
- struct db_context *db,
- const struct file_id *id)
-{
- uint8_t id_buf[16];
-
- /* For backwards compatibility only store the dev/inode. */
- push_file_id_16((char *)id_buf, id);
- return dbwrap_fetch_locked(db,
- mem_ctx,
- make_tdb_data(id_buf,
- sizeof(id_buf)));
-}
-
/*******************************************************************
Delete the tdb acl record for a file
*******************************************************************/
@@ -117,20 +99,12 @@ static NTSTATUS acl_tdb_delete(vfs_handle_struct *handle,
{
NTSTATUS status;
struct file_id id = vfs_file_id_from_sbuf(handle->conn, psbuf);
- struct db_record *rec = acl_tdb_lock(talloc_tos(), db, &id);
-
- /*
- * If rec == NULL there's not much we can do about it
- */
+ uint8_t id_buf[16];
- if (rec == NULL) {
- DEBUG(10,("acl_tdb_delete: rec == NULL\n"));
- TALLOC_FREE(rec);
- return NT_STATUS_OK;
- }
+ /* For backwards compatibility only store the dev/inode. */
+ push_file_id_16((char *)id_buf, &id);
- status = dbwrap_record_delete(rec);
- TALLOC_FREE(rec);
+ status = dbwrap_delete(db, make_tdb_data(id_buf, sizeof(id_buf)));
return status;
}
@@ -204,9 +178,8 @@ static NTSTATUS store_acl_blob_fsp(vfs_handle_struct
*handle,
{
uint8_t id_buf[16];
struct file_id id;
- TDB_DATA data;
+ TDB_DATA data = { .dptr = pblob->data, .dsize = pblob->length };
struct db_context *db = acl_db;
- struct db_record *rec;
NTSTATUS status;
DEBUG(10,("store_acl_blob_fsp: storing blob length %u on file %s\n",
@@ -221,16 +194,10 @@ static NTSTATUS store_acl_blob_fsp(vfs_handle_struct
*handle,
/* For backwards compatibility only store the dev/inode. */
push_file_id_16((char *)id_buf, &id);
- rec = dbwrap_fetch_locked(db, talloc_tos(),
- make_tdb_data(id_buf,
- sizeof(id_buf)));
- if (rec == NULL) {
- DEBUG(0, ("store_acl_blob_fsp_tdb: fetch_lock failed\n"));
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
- data.dptr = pblob->data;
- data.dsize = pblob->length;
- return dbwrap_record_store(rec, data, 0);
+
+ status = dbwrap_store(
+ db, make_tdb_data(id_buf, sizeof(id_buf)), data, 0);
+ return status;
}
/*********************************************************************
diff --git a/third_party/nss_wrapper/nss_wrapper.c
b/third_party/nss_wrapper/nss_wrapper.c
index 62c7af16774..1bcd3b1b72d 100644
--- a/third_party/nss_wrapper/nss_wrapper.c
+++ b/third_party/nss_wrapper/nss_wrapper.c
@@ -243,9 +243,18 @@ enum nwrap_dbglvl_e {
NWRAP_LOG_TRACE
};
-#ifdef NDEBUG
-# define NWRAP_LOG(...)
+#ifndef HAVE_GETPROGNAME
+static const char *getprogname(void)
+{
+#if defined(HAVE_PROGRAM_INVOCATION_SHORT_NAME)
+ return program_invocation_short_name;
+#elif defined(HAVE_GETEXECNAME)
+ return getexecname();
#else
+ return NULL;
+#endif /* HAVE_PROGRAM_INVOCATION_SHORT_NAME */
+}
+#endif /* HAVE_GETPROGNAME */
static void nwrap_log(enum nwrap_dbglvl_e dbglvl, const char *func, const char
*format, ...) PRINTF_ATTRIBUTE(3, 4);
# define NWRAP_LOG(dbglvl, ...) nwrap_log((dbglvl), __func__, __VA_ARGS__)
@@ -258,43 +267,49 @@ static void nwrap_log(enum nwrap_dbglvl_e dbglvl,
va_list va;
const char *d;
unsigned int lvl = 0;
- int pid = getpid();
+ const char *prefix = "NWRAP";
+ const char *progname = getprogname();
d = getenv("NSS_WRAPPER_DEBUGLEVEL");
if (d != NULL) {
lvl = atoi(d);
}
+ if (lvl < dbglvl) {
+ return;
+ }
+
va_start(va, format);
vsnprintf(buffer, sizeof(buffer), format, va);
va_end(va);
- if (lvl >= dbglvl) {
- switch (dbglvl) {
- case NWRAP_LOG_ERROR:
- fprintf(stderr,
- "NWRAP_ERROR(%d) - %s: %s\n",
- pid, func, buffer);
- break;
- case NWRAP_LOG_WARN:
- fprintf(stderr,
- "NWRAP_WARN(%d) - %s: %s\n",
- pid, func, buffer);
- break;
- case NWRAP_LOG_DEBUG:
- fprintf(stderr,
- "NWRAP_DEBUG(%d) - %s: %s\n",
- pid, func, buffer);
- break;
- case NWRAP_LOG_TRACE:
- fprintf(stderr,
- "NWRAP_TRACE(%d) - %s: %s\n",
- pid, func, buffer);
- break;
- }
+ switch (dbglvl) {
+ case NWRAP_LOG_ERROR:
+ prefix = "NWRAP_ERROR";
+ break;
+ case NWRAP_LOG_WARN:
+ prefix = "NWRAP_WARN";
+ break;
+ case NWRAP_LOG_DEBUG:
+ prefix = "NWRAP_DEBUG";
+ break;
+ case NWRAP_LOG_TRACE:
+ prefix = "NWRAP_TRACE";
+ break;
}
+
+ if (progname == NULL) {
+ progname = "<unknown>";
+ }
+
+ fprintf(stderr,
+ "%s[%s (%u)] - %s: %s\n",
+ prefix,
+ progname,
+ (unsigned int)getpid(),
+ func,
+ buffer);
}
-#endif /* NDEBUG NWRAP_LOG */
struct nwrap_libc_fns {
struct passwd *(*_libc_getpwnam)(const char *name);
@@ -824,7 +839,6 @@ enum nwrap_lib {
NWRAP_LIBSOCKET,
};
-#ifndef NDEBUG
static const char *nwrap_str_lib(enum nwrap_lib lib)
{
switch (lib) {
@@ -839,7 +853,6 @@ static const char *nwrap_str_lib(enum nwrap_lib lib)
/* Compiler would warn us about unhandled enum value if we get here */
return "unknown";
}
-#endif
static void *nwrap_load_lib_handle(enum nwrap_lib lib)
{
@@ -848,15 +861,25 @@ static void *nwrap_load_lib_handle(enum nwrap_lib lib)
int i;
#ifdef RTLD_DEEPBIND
- const char *env = getenv("LD_PRELOAD");
+ const char *env_preload = getenv("LD_PRELOAD");
+ const char *env_deepbind = getenv("NSS_WRAPPER_DISABLE_DEEPBIND");
+ bool enable_deepbind = true;
/* Don't do a deepbind if we run with libasan */
- if (env != NULL && strlen(env) < 1024) {
- const char *p = strstr(env, "libasan.so");
- if (p == NULL) {
- flags |= RTLD_DEEPBIND;
+ if (env_preload != NULL && strlen(env_preload) < 1024) {
+ const char *p = strstr(env_preload, "libasan.so");
+ if (p != NULL) {
+ enable_deepbind = false;
}
}
+
+ if (env_deepbind != NULL && strlen(env_deepbind) >= 1) {
+ enable_deepbind = false;
+ }
+
+ if (enable_deepbind) {
+ flags |= RTLD_DEEPBIND;
+ }
#endif
switch (lib) {
diff --git a/third_party/nss_wrapper/wscript b/third_party/nss_wrapper/wscript
index 7a2f53ad299..dd83083b2e7 100644
--- a/third_party/nss_wrapper/wscript
+++ b/third_party/nss_wrapper/wscript
@@ -2,7 +2,7 @@
import os
-VERSION="1.1.6"
+VERSION="1.1.7"
def configure(conf):
if conf.CHECK_NSS_WRAPPER():
--
Samba Shared Repository
