[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-test-1435-g05c22a5

Simo Sorce idra at samba.org
Wed Jan 16 17:09:03 GMT 2008 

The branch, v3-2-test has been updated
       via  05c22a55a4c052c682a2f2afdb0696504195d18c (commit)
       via  dfc80b4f1c00c131ba8077432bfe79f22f63ccd1 (commit)
      from  2ea55c03b25eb5e98be3449e12004a7246319acd (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit 05c22a55a4c052c682a2f2afdb0696504195d18c
Merge: dfc80b4f1c00c131ba8077432bfe79f22f63ccd1 2ea55c03b25eb5e98be3449e12004a7246319acd
Author: Simo Sorce <idra at samba.org>
Date:   Wed Jan 16 12:06:34 2008 -0500

    Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-simo

commit dfc80b4f1c00c131ba8077432bfe79f22f63ccd1
Author: Igor Mammedov <niallain at gmail.com>
Date:   Wed Dec 19 17:48:43 2007 +0300

    Adds support for cifs.resolver upcall.
    
    Here is a patch for userspace cifs.spnego handler that adds support for cifs.resolver
    upcall used in DFS code.
    Any comments are appreciated.
    
    #############################
    
    Cifs upcall with key type cifs.resolver is used for resolving
    server names in handling DFS refferals.
    
    Signed-off-by: Igor Mammedov <niallain at gmail.com>

-----------------------------------------------------------------------

Summary of changes:
 source/client/cifs.spnego.c |   63 +++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 61 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/client/cifs.spnego.c b/source/client/cifs.spnego.c
index caa2227..d10d19d 100644
--- a/source/client/cifs.spnego.c
+++ b/source/client/cifs.spnego.c
@@ -3,11 +3,13 @@
 * Copyright (C) Igor Mammedov (niallain at gmail.com) 2007
 *
 * Used by /sbin/request-key for handling
-* cifs upcall for kerberos authorization of access to share.
+* cifs upcall for kerberos authorization of access to share and
+* cifs upcall for DFS srver name resolving (IPv4/IPv6 aware).
 * You should have keyutils installed and add following line to
 * /etc/request-key.conf file
 
 create cifs.spnego * * /usr/local/sbin/cifs.spnego [-v][-c] %k
+create cifs.resolver * * /usr/local/sbin/cifs.spnego [-v] %k
 
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@@ -27,7 +29,7 @@ create cifs.spnego * * /usr/local/sbin/cifs.spnego [-v][-c] %k
 
 #include "cifs_spnego.h"
 
-const char* CIFSSPNEGO_VERSION="1.0";
+const char *CIFSSPNEGO_VERSION = "1.1";
 static const char *prog = "cifs.spnego";
 typedef enum _secType {
 	KRB5,
@@ -146,6 +148,58 @@ int decode_key_description(const char *desc, int *ver, secType_t * sec,
 	return retval;
 }
 
+int cifs_resolver(const key_serial_t key, const char *key_descr)
+{
+	int c;
+	struct addrinfo *addr;
+	char ip[INET6_ADDRSTRLEN];
+	void *p;
+	const char *keyend = key_descr;
+	/* skip next 4 ';' delimiters to get to description */
+	for (c = 1; c <= 4; c++) {
+		keyend = index(keyend+1, ';');
+		if (!keyend) {
+			syslog(LOG_WARNING, "invalid key description: %s",
+					key_descr);
+			return 1;
+		}
+	}
+	keyend++;
+
+	/* resolve name to ip */
+	c = getaddrinfo(keyend, NULL, NULL, &addr);
+	if (c) {
+		syslog(LOG_WARNING, "unable to resolve hostname: %s [%s]",
+				keyend, gai_strerror(c));
+		return 1;
+	}
+
+	/* conver ip to string form */
+	if (addr->ai_family == AF_INET) {
+		p = &(((struct sockaddr_in *)addr->ai_addr)->sin_addr);
+	} else {
+		p = &(((struct sockaddr_in6 *)addr->ai_addr)->sin6_addr);
+	}
+	if (!inet_ntop(addr->ai_family, p, ip, sizeof(ip))) {
+		syslog(LOG_WARNING, "%s: inet_ntop: %s",
+				__FUNCTION__, strerror(errno));
+		freeaddrinfo(addr);
+		return 1;
+	}
+
+	/* setup key */
+	c = keyctl_instantiate(key, ip, strlen(ip)+1, 0);
+	if (c == -1) {
+		syslog(LOG_WARNING, "%s: keyctl_instantiate: %s",
+				__FUNCTION__, strerror(errno));
+		freeaddrinfo(addr);
+		return 1;
+	}
+
+	freeaddrinfo(addr);
+	return 0;
+}
+
 int main(const int argc, char *const argv[])
 {
 	struct cifs_spnego_msg *keydata = NULL;
@@ -199,6 +253,11 @@ int main(const int argc, char *const argv[])
 		goto out;
 	}
 
+	if (strncmp(buf, "cifs.resolver", sizeof("cifs.resolver")-1) == 0) {
+		rc = cifs_resolver(key, buf);
+		goto out;
+	}
+
 	rc = decode_key_description(buf, &kernel_upcall_version, &sectype,
 				    &hostname, &uid);
 	if ((rc & DKD_MUSTHAVE_SET) != DKD_MUSTHAVE_SET) {


-- 
Samba Shared Repository

More information about the samba-cvs mailing list