[SCM] Samba Shared Repository - branch v3-3-stable updated - release-3-3-0pre2-320-g42847a5

Karolin Seeger kseeger at samba.org
Thu Nov 27 15:09:44 GMT 2008


The branch, v3-3-stable has been updated
       via  42847a557e9177bf053b7307d964abaa8a773d0d (commit)
       via  9693ffb4803163c65a26ff0a6344753b478a320e (commit)
       via  d5f3fd90151793e92239105d88aed6f573426ca9 (commit)
       via  b1166f41688b863aacd271609ea46ba9962d66cc (commit)
       via  fcba785fde04cd4506ec1a04f8302245d566d807 (commit)
       via  8d8fca0d798e437d6d4bf50edbfd0437fc38f6e7 (commit)
       via  1abdc37e3e18892ccc3326481bc8de237d26e231 (commit)
       via  8023cd41dc848faf128d21e12a5c0f4ffdd8f87e (commit)
       via  0ea9e50e670fcdcb7e653f2dc2becd195f7a17de (commit)
      from  069df886d9fef69d6b3693cb26daf595cef068ad (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-stable


- Log -----------------------------------------------------------------
commit 42847a557e9177bf053b7307d964abaa8a773d0d
Author: Karolin Seeger <kseeger at samba.org>
Date:   Thu Nov 27 16:09:23 2008 +0100

    WHATSNEW: Update changes.
    
    Karolin
    (cherry picked from commit b22d3462b9baa3eab2224b9776bc10a0a0bf8512)

commit 9693ffb4803163c65a26ff0a6344753b478a320e
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Nov 8 17:14:06 2008 +0100

    Fix the offset checks in the trans routines
    
    This fixes a potential crash bug, a client can make us read memory we
    should not read. Luckily I got the disp checks right...
    
    Volker
    (cherry picked from commit 64a1d80851da5b05e70ec6c96f6e9bd473748369)
    (cherry picked from commit f04c5650a3aeca23591ddc781c4b297caaf9bb3f)
    (cherry picked from commit 5718a4761af9b77ea17b64f12f1010c99f738c96)

commit d5f3fd90151793e92239105d88aed6f573426ca9
Author: Kai Blin <kai at samba.org>
Date:   Sun Nov 23 17:11:09 2008 +0100

    libwbclient: Implement wbcGetgrent and wbcGetgrlist
    (cherry picked from commit 4bfe0e069983b1af050c2df6157b161e8ea572e9)

commit b1166f41688b863aacd271609ea46ba9962d66cc
Author: Kai Blin <kai at samba.org>
Date:   Sun Nov 23 16:36:01 2008 +0100

    libwbclient: Implement wbcGetpwent
    (cherry picked from commit e30448bfbeaebfa5a3225dcc87244d9d0024f082)

commit fcba785fde04cd4506ec1a04f8302245d566d807
Author: Kai Blin <kai at samba.org>
Date:   Sun Nov 23 15:16:17 2008 +0100

    libwbclient: Add placeholder function for WINBINDD_CCACHE_NTLMAUTH
    (cherry picked from commit 28a92eedc8e05ebbf323ba15fadc7e9215f054fb)

commit 8d8fca0d798e437d6d4bf50edbfd0437fc38f6e7
Author: Kai Blin <kai at samba.org>
Date:   Sun Nov 23 11:18:40 2008 +0100

    libwbclient: Fix typo in wbcGetgrent docstring.
    (cherry picked from commit a5b6d05cc7bc2f15c7b0d06fe7d42ef07097ea0f)

commit 1abdc37e3e18892ccc3326481bc8de237d26e231
Author: Kai Blin <kai at samba.org>
Date:   Sun Nov 23 11:17:42 2008 +0100

    libwbclient: Add placeholder function for WINBINDD_GETGRLST
    (cherry picked from commit bf6c372693fafb1fb79c6c06a071a07ac35c1959)

commit 8023cd41dc848faf128d21e12a5c0f4ffdd8f87e
Author: Kai Blin <kai at samba.org>
Date:   Sun Nov 23 00:57:33 2008 +0100

    libwbclient: Add placeholder functions for wbcQuery[GSU]idTo[GSU]id
    (cherry picked from commit 69ec02231ec6d24a126c8e1cb6b7ac7ab08e93bc)

commit 0ea9e50e670fcdcb7e653f2dc2becd195f7a17de
Author: Andreas Schneider <anschneider at suse.de>
Date:   Wed Nov 26 13:20:22 2008 -0800

    Fix circular dependency error with autoconf 2.6.3.
    
    Signed-off-by: Andreas Schneider <anschneider at suse.de>
    (cherry picked from commit ce8bfac470869d21e0618db903b9cee4ab283091)

-----------------------------------------------------------------------

Summary of changes:
 WHATSNEW.txt                            |    3 +
 source/lib/replace/autoconf-2.60.m4     |    2 +
 source/nsswitch/libwbclient/wbc_idmap.c |   68 +++++++++-
 source/nsswitch/libwbclient/wbc_pam.c   |   15 ++
 source/nsswitch/libwbclient/wbc_pwd.c   |  216 ++++++++++++++++++++++++++++++-
 source/nsswitch/libwbclient/wbclient.h  |   42 ++++++
 source/smbd/ipc.c                       |    6 +-
 source/smbd/nttrans.c                   |    6 +-
 source/smbd/trans2.c                    |    6 +-
 9 files changed, 347 insertions(+), 17 deletions(-)


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index cf1814b..2530e74 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -213,6 +213,7 @@ o   Jeremy Allison <jra at samba.org>
 
 o   Kai Blin <kai at samba.org>
     * BUG 5892: Fix net rap printq info documentation.
+    * Add placeholder functions to libwbclient.
 
 
 o   Gerald (Jerry) Carter <jerry at samba.org>
@@ -271,6 +272,7 @@ o   Volker Lendecke <vl at samba.org>
     * BUG 5691: Fig smbd panic on Solaris.
     * BUG 5840: Fix segfault in "rpcclient lsaaddacctrights".
     * BUG 5860: safe_strcpy gives a nasty error message for overlong strings.
+    * Fix the offset checks in the trans routines (CVE-2008-4314).
     * Fix a potential NULL deref in found by the IBM Checker.
     * Fix an uninitialized variable found by the IBM Checker.
     * Fix an unlikely memleak found by the IBM Checker.
@@ -306,6 +308,7 @@ o   Tim Prouty <tim.prouty at isilon.com>
 o   Andreas Schneider <mail at cynapses.org>
     * Delete the krb5 ccname variable from the PAM environment if set.
     * Add a function out of pam_sm_close_session to delete the credentials.
+    * Fix circular dependency error with autoconf 2.6.3.
 
 
 o   Davide Sfriso <sfriso at virgilio.it>
diff --git a/source/lib/replace/autoconf-2.60.m4 b/source/lib/replace/autoconf-2.60.m4
index acdcd38..2d5dbc1 100644
--- a/source/lib/replace/autoconf-2.60.m4
+++ b/source/lib/replace/autoconf-2.60.m4
@@ -179,6 +179,7 @@ AC_DEFUN([AC_PROG_CC_C99],
 # ------------------------
 # Enable extensions on systems that normally disable them,
 # typically due to standards-conformance issues.
+m4_ifndef([AC_USE_SYSTEM_EXTENSIONS],[
 AC_DEFUN([AC_USE_SYSTEM_EXTENSIONS],
 [
   AC_BEFORE([$0], [AC_COMPILE_IFELSE])
@@ -208,3 +209,4 @@ AC_DEFUN([AC_USE_SYSTEM_EXTENSIONS],
     AC_DEFINE([__EXTENSIONS__])
   AC_DEFINE([_POSIX_PTHREAD_SEMANTICS])
 ])
+])
diff --git a/source/nsswitch/libwbclient/wbc_idmap.c b/source/nsswitch/libwbclient/wbc_idmap.c
index 6652f67..81b369c 100644
--- a/source/nsswitch/libwbclient/wbc_idmap.c
+++ b/source/nsswitch/libwbclient/wbc_idmap.c
@@ -24,7 +24,7 @@
 
 #include "libwbclient.h"
 
-/** @brief Convert a Windows SID to a Unix uid
+/** @brief Convert a Windows SID to a Unix uid, allocating an uid if needed
  *
  * @param *sid        Pointer to the domain SID to be resolved
  * @param *puid       Pointer to the resolved uid_t value
@@ -71,7 +71,22 @@ wbcErr wbcSidToUid(const struct wbcDomainSid *sid, uid_t *puid)
 	return wbc_status;
 }
 
-/** @brief Convert a Unix uid to a Windows SID
+/** @brief Convert a Windows SID to a Unix uid if there already is a mapping
+ *
+ * @param *sid        Pointer to the domain SID to be resolved
+ * @param *puid       Pointer to the resolved uid_t value
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcQuerySidToUid(const struct wbcDomainSid *sid,
+			uid_t *puid)
+{
+	return WBC_ERR_NOT_IMPLEMENTED;
+}
+
+/** @brief Convert a Unix uid to a Windows SID, allocating a SID if needed
  *
  * @param uid         Unix uid to be resolved
  * @param *sid        Pointer to the resolved domain SID
@@ -112,7 +127,22 @@ done:
 	return wbc_status;
 }
 
-/** @brief Convert a Windows SID to a Unix gid
+/** @brief Convert a Unix uid to a Windows SID if there already is a mapping
+ *
+ * @param uid         Unix uid to be resolved
+ * @param *sid        Pointer to the resolved domain SID
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcQueryUidToSid(uid_t uid,
+			struct wbcDomainSid *sid)
+{
+	return WBC_ERR_NOT_IMPLEMENTED;
+}
+
+/** @brief Convert a Windows SID to a Unix gid, allocating a gid if needed
  *
  * @param *sid        Pointer to the domain SID to be resolved
  * @param *pgid       Pointer to the resolved gid_t value
@@ -159,7 +189,22 @@ wbcErr wbcSidToGid(const struct wbcDomainSid *sid, gid_t *pgid)
 	return wbc_status;
 }
 
-/** @brief Convert a Unix uid to a Windows SID
+/** @brief Convert a Windows SID to a Unix gid if there already is a mapping
+ *
+ * @param *sid        Pointer to the domain SID to be resolved
+ * @param *pgid       Pointer to the resolved gid_t value
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcQuerySidToGid(const struct wbcDomainSid *sid,
+			gid_t *pgid)
+{
+	return WBC_ERR_NOT_IMPLEMENTED;
+}
+
+/** @brief Convert a Unix gid to a Windows SID, allocating a SID if needed
  *
  * @param gid         Unix gid to be resolved
  * @param *sid        Pointer to the resolved domain SID
@@ -200,6 +245,21 @@ done:
 	return wbc_status;
 }
 
+/** @brief Convert a Unix gid to a Windows SID if there already is a mapping
+ *
+ * @param gid         Unix gid to be resolved
+ * @param *sid        Pointer to the resolved domain SID
+ *
+ * @return #wbcErr
+ *
+ **/
+
+wbcErr wbcQueryGidToSid(gid_t gid,
+			struct wbcDomainSid *sid)
+{
+	return WBC_ERR_NOT_IMPLEMENTED;
+}
+
 /** @brief Obtain a new uid from Winbind
  *
  * @param *puid      *pointer to the allocated uid
diff --git a/source/nsswitch/libwbclient/wbc_pam.c b/source/nsswitch/libwbclient/wbc_pam.c
index 713ba2e..401d2ad 100644
--- a/source/nsswitch/libwbclient/wbc_pam.c
+++ b/source/nsswitch/libwbclient/wbc_pam.c
@@ -1095,3 +1095,18 @@ done:
 
 	return wbc_status;
 }
+
+/** @brief Authenticate a user with cached credentials
+ *
+ * @param *params    Pointer to a wbcCredentialCacheParams structure
+ * @param **info     Pointer to a pointer to a wbcCredentialCacheInfo structure
+ * @param **error    Pointer to a pointer to a wbcAuthErrorInfo structure
+ *
+ * @return #wbcErr
+ **/
+wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params,
+                          struct wbcCredentialCacheInfo **info,
+                          struct wbcAuthErrorInfo **error)
+{
+	return WBC_ERR_NOT_IMPLEMENTED;
+}
diff --git a/source/nsswitch/libwbclient/wbc_pwd.c b/source/nsswitch/libwbclient/wbc_pwd.c
index 0d17b31..d54a5af 100644
--- a/source/nsswitch/libwbclient/wbc_pwd.c
+++ b/source/nsswitch/libwbclient/wbc_pwd.c
@@ -24,6 +24,16 @@
 
 #include "libwbclient.h"
 
+/** @brief The maximum number of pwent structs to get from winbindd
+ *
+ */
+#define MAX_GETPWENT_USERS 500
+
+/** @brief The maximum number of grent structs to get from winbindd
+ *
+ */
+#define MAX_GETGRENT_GROUPS 500
+
 /**
  *
  **/
@@ -284,6 +294,21 @@ wbcErr wbcGetgrgid(gid_t gid, struct group **grp)
 	return wbc_status;
 }
 
+/** @brief Number of cached passwd structs
+ *
+ */
+static uint32_t pw_cache_size;
+
+/** @brief Position of the pwent context
+ *
+ */
+static uint32_t pw_cache_idx;
+
+/** @brief Winbindd response containing the passwd structs
+ *
+ */
+static struct winbindd_response pw_response;
+
 /** @brief Reset the passwd iterator
  *
  * @return #wbcErr
@@ -293,6 +318,15 @@ wbcErr wbcSetpwent(void)
 {
 	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
 
+	if (pw_cache_size > 0) {
+		pw_cache_idx = pw_cache_size = 0;
+		if (pw_response.extra_data.data) {
+			free(pw_response.extra_data.data);
+		}
+	}
+
+	ZERO_STRUCT(pw_response);
+
 	wbc_status = wbcRequestResponse(WINBINDD_SETPWENT,
 					NULL, NULL);
 	BAIL_ON_WBC_ERROR(wbc_status);
@@ -310,6 +344,13 @@ wbcErr wbcEndpwent(void)
 {
 	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
 
+	if (pw_cache_size > 0) {
+		pw_cache_idx = pw_cache_size = 0;
+		if (pw_response.extra_data.data) {
+			free(pw_response.extra_data.data);
+		}
+	}
+
 	wbc_status = wbcRequestResponse(WINBINDD_ENDPWENT,
 					NULL, NULL);
 	BAIL_ON_WBC_ERROR(wbc_status);
@@ -320,16 +361,70 @@ wbcErr wbcEndpwent(void)
 
 /** @brief Return the next struct passwd* entry from the pwent iterator
  *
- * @param **pwd       Pointer to resulting struct group* from the query.
+ * @param **pwd       Pointer to resulting struct passwd* from the query.
  *
  * @return #wbcErr
  **/
 
 wbcErr wbcGetpwent(struct passwd **pwd)
 {
-	return WBC_ERR_NOT_IMPLEMENTED;
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	struct winbindd_request request;
+	struct winbindd_pw *wb_pw;
+
+	/* If there's a cached result, return that. */
+	if (pw_cache_idx < pw_cache_size) {
+		goto return_result;
+	}
+
+	/* Otherwise, query winbindd for some entries. */
+
+	pw_cache_idx = 0;
+
+	if (pw_response.extra_data.data) {
+		free(pw_response.extra_data.data);
+		ZERO_STRUCT(pw_response);
+	}
+
+	ZERO_STRUCT(request);
+	request.data.num_entries = MAX_GETPWENT_USERS;
+
+	wbc_status = wbcRequestResponse(WINBINDD_GETPWENT, &request,
+					&pw_response);
+
+	BAIL_ON_WBC_ERROR(wbc_status);
+
+	pw_cache_size = pw_response.data.num_entries;
+
+return_result:
+
+	wb_pw = (struct winbindd_pw *) pw_response.extra_data.data;
+
+	*pwd = copy_passwd_entry(&wb_pw[pw_cache_idx]);
+
+	BAIL_ON_PTR_ERROR(*pwd, wbc_status);
+
+	pw_cache_idx++;
+
+done:
+	return wbc_status;
 }
 
+/** @brief Number of cached group structs
+ *
+ */
+static uint32_t gr_cache_size;
+
+/** @brief Position of the grent context
+ *
+ */
+static uint32_t gr_cache_idx;
+
+/** @brief Winbindd response containing the group structs
+ *
+ */
+static struct winbindd_response gr_response;
+
 /** @brief Reset the group iterator
  *
  * @return #wbcErr
@@ -339,6 +434,15 @@ wbcErr wbcSetgrent(void)
 {
 	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
 
+	if (gr_cache_size > 0) {
+		gr_cache_idx = gr_cache_size = 0;
+		if (gr_response.extra_data.data) {
+			free(gr_response.extra_data.data);
+		}
+	}
+
+	ZERO_STRUCT(gr_response);
+
 	wbc_status = wbcRequestResponse(WINBINDD_SETGRENT,
 					NULL, NULL);
 	BAIL_ON_WBC_ERROR(wbc_status);
@@ -356,6 +460,13 @@ wbcErr wbcEndgrent(void)
 {
 	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
 
+	if (gr_cache_size > 0) {
+		gr_cache_idx = gr_cache_size = 0;
+		if (gr_response.extra_data.data) {
+			free(gr_response.extra_data.data);
+		}
+	}
+
 	wbc_status = wbcRequestResponse(WINBINDD_ENDGRENT,
 					NULL, NULL);
 	BAIL_ON_WBC_ERROR(wbc_status);
@@ -364,7 +475,7 @@ wbcErr wbcEndgrent(void)
 	return wbc_status;
 }
 
-/** @brief Return the next struct passwd* entry from the pwent iterator
+/** @brief Return the next struct group* entry from the pwent iterator
  *
  * @param **grp       Pointer to resulting struct group* from the query.
  *
@@ -373,7 +484,104 @@ wbcErr wbcEndgrent(void)
 
 wbcErr wbcGetgrent(struct group **grp)
 {
-	return WBC_ERR_NOT_IMPLEMENTED;
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	struct winbindd_request request;
+	struct winbindd_gr *wb_gr;
+	uint32_t mem_ofs;
+
+	/* If there's a cached result, return that. */
+	if (gr_cache_idx < gr_cache_size) {
+		goto return_result;
+	}
+
+	/* Otherwise, query winbindd for some entries. */
+
+	gr_cache_idx = 0;
+
+	if (gr_response.extra_data.data) {
+		free(gr_response.extra_data.data);
+		ZERO_STRUCT(gr_response);
+	}
+
+	ZERO_STRUCT(request);
+	request.data.num_entries = MAX_GETGRENT_GROUPS;
+
+	wbc_status = wbcRequestResponse(WINBINDD_GETGRENT, &request,
+					&gr_response);
+
+	BAIL_ON_WBC_ERROR(wbc_status);
+
+	gr_cache_size = gr_response.data.num_entries;
+
+return_result:
+
+	wb_gr = (struct winbindd_gr *) gr_response.extra_data.data;
+
+	mem_ofs = wb_gr[gr_cache_idx].gr_mem_ofs +
+		  gr_cache_size * sizeof(struct winbindd_gr);
+
+	*grp = copy_group_entry(&wb_gr[gr_cache_idx],
+				((char *)gr_response.extra_data.data)+mem_ofs);
+
+	BAIL_ON_PTR_ERROR(*grp, wbc_status);
+
+	gr_cache_idx++;
+
+done:
+	return wbc_status;
+}
+
+/** @brief Return the next struct group* entry from the pwent iterator
+ *
+ * This is similar to #wbcGetgrent, just that the member list is empty
+ *
+ * @param **grp       Pointer to resulting struct group* from the query.
+ *
+ * @return #wbcErr
+ **/
+
+wbcErr wbcGetgrlist(struct group **grp)
+{
+	wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
+	struct winbindd_request request;
+	struct winbindd_gr *wb_gr;
+
+	/* If there's a cached result, return that. */
+	if (gr_cache_idx < gr_cache_size) {
+		goto return_result;
+	}
+
+	/* Otherwise, query winbindd for some entries. */
+
+	gr_cache_idx = 0;
+
+	if (gr_response.extra_data.data) {
+		free(gr_response.extra_data.data);
+		ZERO_STRUCT(gr_response);
+	}
+
+	ZERO_STRUCT(request);
+	request.data.num_entries = MAX_GETGRENT_GROUPS;
+
+	wbc_status = wbcRequestResponse(WINBINDD_GETGRLST, &request,
+					&gr_response);
+
+	BAIL_ON_WBC_ERROR(wbc_status);
+
+	gr_cache_size = gr_response.data.num_entries;
+
+return_result:
+
+	wb_gr = (struct winbindd_gr *) gr_response.extra_data.data;
+
+	*grp = copy_group_entry(&wb_gr[gr_cache_idx], NULL);
+
+	BAIL_ON_PTR_ERROR(*grp, wbc_status);
+
+	gr_cache_idx++;
+
+done:
+	return wbc_status;
 }
 
 /** @brief Return the unix group array belonging to the given user
diff --git a/source/nsswitch/libwbclient/wbclient.h b/source/nsswitch/libwbclient/wbclient.h
index 639f7f3..cb31360 100644
--- a/source/nsswitch/libwbclient/wbclient.h
+++ b/source/nsswitch/libwbclient/wbclient.h
@@ -440,6 +440,30 @@ struct wbcLogoffUserParams {
 	struct wbcNamedBlob *blobs;
 };
 
+/** @brief Credential cache log-on parameters
+ *
+ */
+
+struct wbcCredentialCacheParams {
+        const char *account_name;
+        const char *domain_name;
+        enum wbcCredentialCacheLevel {
+                WBC_CREDENTIAL_CACHE_LEVEL_NTLMSSP = 1
+        } level;
+        size_t num_blobs;
+        struct wbcNamedBlob *blobs;
+};
+
+
+/** @brief Info returned by credential cache auth
+ *
+ */
+
+struct wbcCredentialCacheInfo {
+        size_t num_blobs;
+        struct wbcNamedBlob *blobs;
+};
+
 /*
  * DomainControllerInfo struct


-- 
Samba Shared Repository


More information about the samba-cvs mailing list