[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-289-gc624a70
The branch, master has been updated via c624a704be96488f0aee27930cbd4c8d99df464b (commit) from 2481ce89427ef38b47fb29d16c15b77e9d2c20b9 (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit c624a704be96488f0aee27930cbd4c8d99df464b Author: Volker Lendecke v...@samba.org Date: Thu Jul 9 22:03:52 2009 +0200 Make escape_ldap_string take a talloc context --- Summary of changes: source3/include/proto.h |2 +- source3/lib/ldap_escape.c | 25 - source3/lib/smbldap_util.c | 12 +- source3/libads/ldap_user.c |6 ++-- source3/passdb/pdb_ldap.c | 45 +++ source3/utils/net_ads.c | 10 source3/winbindd/winbindd_ads.c |6 ++-- 7 files changed, 54 insertions(+), 52 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index f887b4e..c0f4dc1 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -554,7 +554,7 @@ void init_ldap_debugging(void); /* The following definitions come from lib/ldap_escape.c */ -char *escape_ldap_string_alloc(const char *s); +char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s); char *escape_rdn_val_string_alloc(const char *s); /* The following definitions come from lib/module.c */ diff --git a/source3/lib/ldap_escape.c b/source3/lib/ldap_escape.c index d101bc5..a731cb9 100644 --- a/source3/lib/ldap_escape.c +++ b/source3/lib/ldap_escape.c @@ -32,10 +32,10 @@ * and to be free()ed by the caller. **/ -char *escape_ldap_string_alloc(const char *s) +char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s) { size_t len = strlen(s)+1; - char *output = (char *)SMB_MALLOC(len); + char *output = talloc_array(mem_ctx, char, len); const char *sub; int i = 0; char *p = output; @@ -43,7 +43,7 @@ char *escape_ldap_string_alloc(const char *s) if (output == NULL) { return NULL; } - + while (*s) { switch (*s) @@ -64,14 +64,17 @@ char *escape_ldap_string_alloc(const char *s) sub = NULL; break; } - + if (sub) { + char *tmp; len = len + 3; - output = (char *)SMB_REALLOC(output, len); - if (!output) { + tmp = talloc_realloc(mem_ctx, output, char, len); + if (tmp == NULL) { + TALLOC_FREE(output); return NULL; } - + output = tmp; + p = output[i]; strncpy (p, sub, 3); p += 3; @@ -84,7 +87,7 @@ char *escape_ldap_string_alloc(const char *s) } s++; } - + *p = '\0'; return output; } @@ -101,7 +104,7 @@ char *escape_rdn_val_string_alloc(const char *s) } p = output; - + while (*s) { switch (*s) @@ -122,10 +125,10 @@ char *escape_rdn_val_string_alloc(const char *s) *p = *s; p++; } - + s++; } - + *p = '\0'; /* resize the string to the actual final size */ diff --git a/source3/lib/smbldap_util.c b/source3/lib/smbldap_util.c index 66aef6b..478a3d2 100644 --- a/source3/lib/smbldap_util.c +++ b/source3/lib/smbldap_util.c @@ -126,7 +126,7 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, char *escape_domain_name; /* escape for filter */ - escape_domain_name = escape_ldap_string_alloc(domain_name); + escape_domain_name = escape_ldap_string(talloc_tos(), domain_name); if (!escape_domain_name) { DEBUG(0, (Out of memory!\n)); return NT_STATUS_NO_MEMORY; @@ -135,11 +135,11 @@ static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state, if (asprintf(filter, ((%s=%s)(objectclass=%s)), get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN), escape_domain_name, LDAP_OBJ_DOMINFO) 0) { - SAFE_FREE(escape_domain_name); + TALLOC_FREE(escape_domain_name); return NT_STATUS_NO_MEMORY; } - SAFE_FREE(escape_domain_name); + TALLOC_FREE(escape_domain_name); attr_list = get_attr_list(NULL, dominfo_attr_list ); rc = smbldap_search_suffix(ldap_state, filter, attr_list, result); @@ -258,7 +258,7 @@ NTSTATUS
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-290-gf1fad2e
The branch, master has been updated via f1fad2efe4daf95ad77db6251ad5d77fb9ef755c (commit) from c624a704be96488f0aee27930cbd4c8d99df464b (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f1fad2efe4daf95ad77db6251ad5d77fb9ef755c Author: Tim Prouty tpro...@samba.org Date: Thu Jul 9 15:56:36 2009 -0700 s3: Fix two arguments that broke when plumbing smb_filneame through dos_mode() --- Summary of changes: source3/smbd/dosmode.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index ca926aa..d3df80a 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -448,8 +448,8 @@ static bool get_stat_dos_flags(connection_struct *conn, if (S_ISDIR(smb_fname-st.st_ex_mode)) *dosmode |= aDIR; - *dosmode |= set_sparse_flag(smb_fname-st); - *dosmode |= set_link_read_only_flag(smb_fname-st); + *dosmode |= set_sparse_flag(smb_fname-st); + *dosmode |= set_link_read_only_flag(smb_fname-st); return true; } -- Samba Shared Repository
Build status as of Fri Jul 10 00:00:02 2009
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2009-07-09 00:00:31.0 + +++ /home/build/master/cache/broken_results.txt 2009-07-10 00:00:29.0 + @@ -1,22 +1,22 @@ -Build status as of Thu Jul 9 00:00:02 2009 +Build status as of Fri Jul 10 00:00:02 2009 Build counts: Tree Total Broken Panic build_farm 0 0 0 -ccache 25 3 0 +ccache 33 7 0 distcc 0 0 0 -ldb 25 25 0 -libreplace 23 11 0 +ldb 33 33 0 +libreplace 32 13 0 lorikeet 0 0 0 -pidl 20 2 0 -ppp 10 0 0 -rsync25 8 0 +pidl 23 2 0 +ppp 14 0 0 +rsync33 11 0 samba-docs 0 0 0 samba-web0 0 0 -samba_3_current 23 13 0 -samba_3_master 24 19 2 -samba_3_next 24 22 1 -samba_4_0_test 23 22 11 -talloc 25 25 0 -tdb 23 23 0 +samba_3_current 31 17 0 +samba_3_master 32 27 3 +samba_3_next 32 29 1 +samba_4_0_test 32 29 13 +talloc 33 33 0 +tdb 31 31 0
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-291-g8d1b061
The branch, master has been updated via 8d1b061b517176e172151e6814083aa7a7051d56 (commit) from f1fad2efe4daf95ad77db6251ad5d77fb9ef755c (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8d1b061b517176e172151e6814083aa7a7051d56 Author: Jeff Layton jlay...@redhat.com Date: Thu Jul 9 21:04:08 2009 -0400 cifs.upcall: use pid value from kernel to determine KRB5CCNAME to use If the kernel sends the upcall a pid of the requesting process, we can open that process' /proc/pid/environ file and scrape the KRB5CCNAME value out of it. Signed-off-by: Jeff Layton jlay...@redhat.com --- Summary of changes: client/cifs.upcall.c | 87 +++--- 1 files changed, 75 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/client/cifs.upcall.c b/client/cifs.upcall.c index 4110de3..e592a4f 100644 --- a/client/cifs.upcall.c +++ b/client/cifs.upcall.c @@ -1,6 +1,7 @@ /* * CIFS user-space helper. * Copyright (C) Igor Mammedov (niall...@gmail.com) 2007 +* Copyright (C) Jeff Layton (jlay...@redhat.com) 2009 * * Used by /sbin/request-key for handling * cifs upcall for kerberos authorization of access to share and @@ -38,6 +39,54 @@ typedef enum _secType { } secType_t; /* + * given a process ID, get the value of the KRB5CCNAME environment variable + * in the context of that process. On error, just return NULL. + */ +static char * +get_krb5_ccname(pid_t pid) +{ + int fd; + ssize_t len, left; + + /* +* FIXME: sysconf for ARG_MAX instead? Kernel seems to be limited to a +* page however, so it may not matter. +*/ + char buf[4096]; + char *p, *value = NULL; + + buf[4095] = '\0'; + snprintf(buf, 4095, /proc/%d/environ, pid); + fd = open(buf, O_RDONLY); + if (fd 0) + return NULL; + + /* FIXME: don't assume that we get it all in the first read? */ + len = read(fd, buf, 4096); + close(fd); + if (len 0) + return NULL; + + left = len; + p = buf; + + /* can't have valid KRB5CCNAME if there are 13 bytes left */ + while (left 12) { + if (strncmp(KRB5CCNAME=, p, 11)) { + p += strnlen(p, left); + ++p; + left = buf + len - p; + continue; + } + p += 11; + left -= 11; + value = strndup(p, left); + break; + } + return value; +} + +/* * Prepares AP-REQ data for mechToken and gets session key * Uses credentials from cache. It will not ask for password * you should receive credentials for yuor name manually using @@ -58,15 +107,15 @@ typedef enum _secType { * ret: 0 - success, others - failure */ static int -handle_krb5_mech(const char *oid, const char *principal, -DATA_BLOB * secblob, DATA_BLOB * sess_key) +handle_krb5_mech(const char *oid, const char *principal, DATA_BLOB *secblob, +DATA_BLOB *sess_key, const char *ccname) { int retval; DATA_BLOB tkt, tkt_wrapped; /* get a kerberos ticket for the service and extract the session key */ - retval = cli_krb5_get_ticket(principal, 0, -tkt, sess_key, 0, NULL, NULL); + retval = cli_krb5_get_ticket(principal, 0, tkt, sess_key, 0, ccname, +NULL); if (retval) return retval; @@ -88,11 +137,12 @@ handle_krb5_mech(const char *oid, const char *principal, #define DKD_HAVE_IPV4 8 #define DKD_HAVE_IPV6 16 #define DKD_HAVE_UID 32 +#define DKD_HAVE_PID 64 #define DKD_MUSTHAVE_SET (DKD_HAVE_HOSTNAME|DKD_HAVE_VERSION|DKD_HAVE_SEC) static int -decode_key_description(const char *desc, int *ver, secType_t * sec, - char **hostname, uid_t * uid) +decode_key_description(const char *desc, int *ver, secType_t *sec, + char **hostname, uid_t *uid, pid_t *pid) { int retval = 0; char *pos; @@ -117,6 +167,16 @@ decode_key_description(const char *desc, int *ver, secType_t * sec, /* BB: do we need it if we have hostname already? */ } else if (strncmp(tkn, ipv6=, 5) == 0) { /* BB: do we need it if we have hostname already? */ + } else if (strncmp(tkn, pid=, 4) == 0) { + errno = 0; + *pid = strtol(tkn + 4, NULL, 0); + if (errno != 0) { + syslog(LOG_WARNING, Invalid pid format: %s, + strerror(errno)); +