svn commit: samba r10322 - in trunk/source/nsswitch: .
jra at samba.org
jra at samba.org
Mon Sep 19 18:49:22 GMT 2005
Author: jra
Date: 2005-09-19 18:49:21 +0000 (Mon, 19 Sep 2005)
New Revision: 10322
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10322
Log:
Fix winbindd recursion bug found by Ingo Steuwer <steuwer at univention.de>.
Jeremy.
Modified:
trunk/source/nsswitch/pam_winbind.c
trunk/source/nsswitch/wb_common.c
trunk/source/nsswitch/winbind_client.h
trunk/source/nsswitch/winbindd_nss.h
Changeset:
Modified: trunk/source/nsswitch/pam_winbind.c
===================================================================
--- trunk/source/nsswitch/pam_winbind.c 2005-09-19 18:49:18 UTC (rev 10321)
+++ trunk/source/nsswitch/pam_winbind.c 2005-09-19 18:49:21 UTC (rev 10322)
@@ -106,7 +106,7 @@
/* Fill in request and send down pipe */
init_request(request, req_type);
- if (write_sock(request, sizeof(*request)) == -1) {
+ if (write_sock(request, sizeof(*request), 0) == -1) {
_pam_log(LOG_ERR, "write to socket failed!");
close_sock();
return PAM_SERVICE_ERR;
Modified: trunk/source/nsswitch/wb_common.c
===================================================================
--- trunk/source/nsswitch/wb_common.c 2005-09-19 18:49:18 UTC (rev 10321)
+++ trunk/source/nsswitch/wb_common.c 2005-09-19 18:49:21 UTC (rev 10322)
@@ -284,7 +284,7 @@
/* Connect to winbindd socket */
-int winbind_open_pipe_sock(void)
+static int winbind_open_pipe_sock(int recursing)
{
#ifdef HAVE_UNIXSOCKET
static pid_t our_pid;
@@ -302,12 +302,17 @@
return winbindd_fd;
}
+ if (recursing) {
+ return -1;
+ }
+
if ((winbindd_fd = winbind_named_pipe_sock(WINBINDD_SOCKET_DIR)) == -1) {
return -1;
}
/* version-check the socket */
+ request.flags = WBFLAG_RECURSE;
if ((winbindd_request_response(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) {
close_sock();
return -1;
@@ -315,6 +320,7 @@
/* try and get priv pipe */
+ request.flags = WBFLAG_RECURSE;
if (winbindd_request_response(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) {
int fd;
if ((fd = winbind_named_pipe_sock(response.extra_data)) != -1) {
@@ -333,7 +339,7 @@
/* Write data to winbindd socket */
-int write_sock(void *buffer, int count)
+int write_sock(void *buffer, int count, int recursing)
{
int result, nwritten;
@@ -341,7 +347,7 @@
restart:
- if (winbind_open_pipe_sock() == -1) {
+ if (winbind_open_pipe_sock(recursing) == -1) {
return -1;
}
@@ -534,7 +540,7 @@
init_request(request, req_type);
- if (write_sock(request, sizeof(*request)) == -1) {
+ if (write_sock(request, sizeof(*request), request->flags & WBFLAG_RECURSE) == -1) {
return NSS_STATUS_UNAVAIL;
}
Modified: trunk/source/nsswitch/winbind_client.h
===================================================================
--- trunk/source/nsswitch/winbind_client.h 2005-09-19 18:49:18 UTC (rev 10321)
+++ trunk/source/nsswitch/winbind_client.h 2005-09-19 18:49:21 UTC (rev 10322)
@@ -8,8 +8,7 @@
NSS_STATUS winbindd_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response);
-int winbind_open_pipe_sock(void);
-int write_sock(void *buffer, int count);
+int write_sock(void *buffer, int count, int recursing);
int read_reply(struct winbindd_response *response);
void close_sock(void);
void free_response(struct winbindd_response *response);
Modified: trunk/source/nsswitch/winbindd_nss.h
===================================================================
--- trunk/source/nsswitch/winbindd_nss.h 2005-09-19 18:49:18 UTC (rev 10321)
+++ trunk/source/nsswitch/winbindd_nss.h 2005-09-19 18:49:21 UTC (rev 10322)
@@ -175,6 +175,8 @@
/* This is a flag that can only be sent from parent to child */
#define WBFLAG_IS_PRIVILEGED 0x0400
+/* Flag to say this is a winbindd internal send - don't recurse. */
+#define WBFLAG_RECURSE 0x0800
#define WINBINDD_MAX_EXTRA_DATA (128*1024)
More information about the samba-cvs
mailing list