[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-289-gc624a70
The branch, master has been updated
via c624a704be96488f0aee27930cbd4c8d99df464b (commit)
from 2481ce89427ef38b47fb29d16c15b77e9d2c20b9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit c624a704be96488f0aee27930cbd4c8d99df464b
Author: Volker Lendecke v...@samba.org
Date: Thu Jul 9 22:03:52 2009 +0200
Make escape_ldap_string take a talloc context
---
Summary of changes:
source3/include/proto.h |2 +-
source3/lib/ldap_escape.c | 25 -
source3/lib/smbldap_util.c | 12 +-
source3/libads/ldap_user.c |6 ++--
source3/passdb/pdb_ldap.c | 45 +++
source3/utils/net_ads.c | 10
source3/winbindd/winbindd_ads.c |6 ++--
7 files changed, 54 insertions(+), 52 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index f887b4e..c0f4dc1 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -554,7 +554,7 @@ void init_ldap_debugging(void);
/* The following definitions come from lib/ldap_escape.c */
-char *escape_ldap_string_alloc(const char *s);
+char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s);
char *escape_rdn_val_string_alloc(const char *s);
/* The following definitions come from lib/module.c */
diff --git a/source3/lib/ldap_escape.c b/source3/lib/ldap_escape.c
index d101bc5..a731cb9 100644
--- a/source3/lib/ldap_escape.c
+++ b/source3/lib/ldap_escape.c
@@ -32,10 +32,10 @@
* and to be free()ed by the caller.
**/
-char *escape_ldap_string_alloc(const char *s)
+char *escape_ldap_string(TALLOC_CTX *mem_ctx, const char *s)
{
size_t len = strlen(s)+1;
- char *output = (char *)SMB_MALLOC(len);
+ char *output = talloc_array(mem_ctx, char, len);
const char *sub;
int i = 0;
char *p = output;
@@ -43,7 +43,7 @@ char *escape_ldap_string_alloc(const char *s)
if (output == NULL) {
return NULL;
}
-
+
while (*s)
{
switch (*s)
@@ -64,14 +64,17 @@ char *escape_ldap_string_alloc(const char *s)
sub = NULL;
break;
}
-
+
if (sub) {
+ char *tmp;
len = len + 3;
- output = (char *)SMB_REALLOC(output, len);
- if (!output) {
+ tmp = talloc_realloc(mem_ctx, output, char, len);
+ if (tmp == NULL) {
+ TALLOC_FREE(output);
return NULL;
}
-
+ output = tmp;
+
p = output[i];
strncpy (p, sub, 3);
p += 3;
@@ -84,7 +87,7 @@ char *escape_ldap_string_alloc(const char *s)
}
s++;
}
-
+
*p = '\0';
return output;
}
@@ -101,7 +104,7 @@ char *escape_rdn_val_string_alloc(const char *s)
}
p = output;
-
+
while (*s)
{
switch (*s)
@@ -122,10 +125,10 @@ char *escape_rdn_val_string_alloc(const char *s)
*p = *s;
p++;
}
-
+
s++;
}
-
+
*p = '\0';
/* resize the string to the actual final size */
diff --git a/source3/lib/smbldap_util.c b/source3/lib/smbldap_util.c
index 66aef6b..478a3d2 100644
--- a/source3/lib/smbldap_util.c
+++ b/source3/lib/smbldap_util.c
@@ -126,7 +126,7 @@ static NTSTATUS add_new_domain_info(struct smbldap_state
*ldap_state,
char *escape_domain_name;
/* escape for filter */
- escape_domain_name = escape_ldap_string_alloc(domain_name);
+ escape_domain_name = escape_ldap_string(talloc_tos(), domain_name);
if (!escape_domain_name) {
DEBUG(0, (Out of memory!\n));
return NT_STATUS_NO_MEMORY;
@@ -135,11 +135,11 @@ static NTSTATUS add_new_domain_info(struct smbldap_state
*ldap_state,
if (asprintf(filter, ((%s=%s)(objectclass=%s)),
get_attr_key2string(dominfo_attr_list, LDAP_ATTR_DOMAIN),
escape_domain_name, LDAP_OBJ_DOMINFO) 0) {
- SAFE_FREE(escape_domain_name);
+ TALLOC_FREE(escape_domain_name);
return NT_STATUS_NO_MEMORY;
}
- SAFE_FREE(escape_domain_name);
+ TALLOC_FREE(escape_domain_name);
attr_list = get_attr_list(NULL, dominfo_attr_list );
rc = smbldap_search_suffix(ldap_state, filter, attr_list, result);
@@ -258,7 +258,7 @@ NTSTATUS
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-290-gf1fad2e
The branch, master has been updated via f1fad2efe4daf95ad77db6251ad5d77fb9ef755c (commit) from c624a704be96488f0aee27930cbd4c8d99df464b (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit f1fad2efe4daf95ad77db6251ad5d77fb9ef755c Author: Tim Prouty tpro...@samba.org Date: Thu Jul 9 15:56:36 2009 -0700 s3: Fix two arguments that broke when plumbing smb_filneame through dos_mode() --- Summary of changes: source3/smbd/dosmode.c |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index ca926aa..d3df80a 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -448,8 +448,8 @@ static bool get_stat_dos_flags(connection_struct *conn, if (S_ISDIR(smb_fname-st.st_ex_mode)) *dosmode |= aDIR; - *dosmode |= set_sparse_flag(smb_fname-st); - *dosmode |= set_link_read_only_flag(smb_fname-st); + *dosmode |= set_sparse_flag(smb_fname-st); + *dosmode |= set_link_read_only_flag(smb_fname-st); return true; } -- Samba Shared Repository
Build status as of Fri Jul 10 00:00:02 2009
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2009-07-09 00:00:31.0 + +++ /home/build/master/cache/broken_results.txt 2009-07-10 00:00:29.0 + @@ -1,22 +1,22 @@ -Build status as of Thu Jul 9 00:00:02 2009 +Build status as of Fri Jul 10 00:00:02 2009 Build counts: Tree Total Broken Panic build_farm 0 0 0 -ccache 25 3 0 +ccache 33 7 0 distcc 0 0 0 -ldb 25 25 0 -libreplace 23 11 0 +ldb 33 33 0 +libreplace 32 13 0 lorikeet 0 0 0 -pidl 20 2 0 -ppp 10 0 0 -rsync25 8 0 +pidl 23 2 0 +ppp 14 0 0 +rsync33 11 0 samba-docs 0 0 0 samba-web0 0 0 -samba_3_current 23 13 0 -samba_3_master 24 19 2 -samba_3_next 24 22 1 -samba_4_0_test 23 22 11 -talloc 25 25 0 -tdb 23 23 0 +samba_3_current 31 17 0 +samba_3_master 32 27 3 +samba_3_next 32 29 1 +samba_4_0_test 32 29 13 +talloc 33 33 0 +tdb 31 31 0
[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-291-g8d1b061
The branch, master has been updated
via 8d1b061b517176e172151e6814083aa7a7051d56 (commit)
from f1fad2efe4daf95ad77db6251ad5d77fb9ef755c (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 8d1b061b517176e172151e6814083aa7a7051d56
Author: Jeff Layton jlay...@redhat.com
Date: Thu Jul 9 21:04:08 2009 -0400
cifs.upcall: use pid value from kernel to determine KRB5CCNAME to use
If the kernel sends the upcall a pid of the requesting process, we can
open that process' /proc/pid/environ file and scrape the KRB5CCNAME
value out of it.
Signed-off-by: Jeff Layton jlay...@redhat.com
---
Summary of changes:
client/cifs.upcall.c | 87 +++---
1 files changed, 75 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/client/cifs.upcall.c b/client/cifs.upcall.c
index 4110de3..e592a4f 100644
--- a/client/cifs.upcall.c
+++ b/client/cifs.upcall.c
@@ -1,6 +1,7 @@
/*
* CIFS user-space helper.
* Copyright (C) Igor Mammedov (niall...@gmail.com) 2007
+* Copyright (C) Jeff Layton (jlay...@redhat.com) 2009
*
* Used by /sbin/request-key for handling
* cifs upcall for kerberos authorization of access to share and
@@ -38,6 +39,54 @@ typedef enum _secType {
} secType_t;
/*
+ * given a process ID, get the value of the KRB5CCNAME environment variable
+ * in the context of that process. On error, just return NULL.
+ */
+static char *
+get_krb5_ccname(pid_t pid)
+{
+ int fd;
+ ssize_t len, left;
+
+ /*
+* FIXME: sysconf for ARG_MAX instead? Kernel seems to be limited to a
+* page however, so it may not matter.
+*/
+ char buf[4096];
+ char *p, *value = NULL;
+
+ buf[4095] = '\0';
+ snprintf(buf, 4095, /proc/%d/environ, pid);
+ fd = open(buf, O_RDONLY);
+ if (fd 0)
+ return NULL;
+
+ /* FIXME: don't assume that we get it all in the first read? */
+ len = read(fd, buf, 4096);
+ close(fd);
+ if (len 0)
+ return NULL;
+
+ left = len;
+ p = buf;
+
+ /* can't have valid KRB5CCNAME if there are 13 bytes left */
+ while (left 12) {
+ if (strncmp(KRB5CCNAME=, p, 11)) {
+ p += strnlen(p, left);
+ ++p;
+ left = buf + len - p;
+ continue;
+ }
+ p += 11;
+ left -= 11;
+ value = strndup(p, left);
+ break;
+ }
+ return value;
+}
+
+/*
* Prepares AP-REQ data for mechToken and gets session key
* Uses credentials from cache. It will not ask for password
* you should receive credentials for yuor name manually using
@@ -58,15 +107,15 @@ typedef enum _secType {
* ret: 0 - success, others - failure
*/
static int
-handle_krb5_mech(const char *oid, const char *principal,
-DATA_BLOB * secblob, DATA_BLOB * sess_key)
+handle_krb5_mech(const char *oid, const char *principal, DATA_BLOB *secblob,
+DATA_BLOB *sess_key, const char *ccname)
{
int retval;
DATA_BLOB tkt, tkt_wrapped;
/* get a kerberos ticket for the service and extract the session key */
- retval = cli_krb5_get_ticket(principal, 0,
-tkt, sess_key, 0, NULL, NULL);
+ retval = cli_krb5_get_ticket(principal, 0, tkt, sess_key, 0, ccname,
+NULL);
if (retval)
return retval;
@@ -88,11 +137,12 @@ handle_krb5_mech(const char *oid, const char *principal,
#define DKD_HAVE_IPV4 8
#define DKD_HAVE_IPV6 16
#define DKD_HAVE_UID 32
+#define DKD_HAVE_PID 64
#define DKD_MUSTHAVE_SET (DKD_HAVE_HOSTNAME|DKD_HAVE_VERSION|DKD_HAVE_SEC)
static int
-decode_key_description(const char *desc, int *ver, secType_t * sec,
- char **hostname, uid_t * uid)
+decode_key_description(const char *desc, int *ver, secType_t *sec,
+ char **hostname, uid_t *uid, pid_t *pid)
{
int retval = 0;
char *pos;
@@ -117,6 +167,16 @@ decode_key_description(const char *desc, int *ver,
secType_t * sec,
/* BB: do we need it if we have hostname already? */
} else if (strncmp(tkn, ipv6=, 5) == 0) {
/* BB: do we need it if we have hostname already? */
+ } else if (strncmp(tkn, pid=, 4) == 0) {
+ errno = 0;
+ *pid = strtol(tkn + 4, NULL, 0);
+ if (errno != 0) {
+ syslog(LOG_WARNING, Invalid pid format: %s,
+ strerror(errno));
+
