[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-5277-g06cab60

Karolin Seeger kseeger at samba.org
Thu May 28 14:07:57 GMT 2009


The branch, v3-3-test has been updated
       via  06cab60eb0ba966174f493fcbe25bede0c5d2125 (commit)
      from  a74cb0ca04d61df6f01f3d737e52a8b7349d5a73 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test


- Log -----------------------------------------------------------------
commit 06cab60eb0ba966174f493fcbe25bede0c5d2125
Author: Michael Adam <obnox at samba.org>
Date:   Wed May 27 19:25:44 2009 +0200

    s3:idmap_ldap: filter out of range mappings in default idmap config
    
    This fixes bug #6417
    
    Michael
    (cherry picked from commit e381c13b023f2b512b3f6aec133db9f323bc8132)

-----------------------------------------------------------------------

Summary of changes:
 source/winbindd/idmap_ldap.c |   71 ++++++++++++++++++++++++++++++++---------
 1 files changed, 55 insertions(+), 16 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/winbindd/idmap_ldap.c b/source/winbindd/idmap_ldap.c
index 7224589..7a0e32b 100644
--- a/source/winbindd/idmap_ldap.c
+++ b/source/winbindd/idmap_ldap.c
@@ -765,7 +765,6 @@ static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom,
 	NTSTATUS ret;
 	struct idmap_ldap_context *ctx = NULL;
 	char *config_option = NULL;
-	const char *range = NULL;
 	const char *tmp = NULL;
 
 	/* Only do init if we are online */
@@ -779,23 +778,63 @@ static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	config_option = talloc_asprintf(ctx, "idmap config %s", dom->name);
-	if ( ! config_option) {
-		DEBUG(0, ("Out of memory!\n"));
-		ret = NT_STATUS_NO_MEMORY;
-		goto done;
-	}
+	if (strequal(dom->name, "*")) {
+		uid_t low_uid = 0;
+		uid_t high_uid = 0;
+		gid_t low_gid = 0;
+		gid_t high_gid = 0;
 
-	/* load ranges */
-	range = lp_parm_const_string(-1, config_option, "range", NULL);
-	if (range && range[0]) {
-		if ((sscanf(range, "%u - %u", &ctx->filter_low_id,
-						&ctx->filter_high_id) != 2) ||
-		    (ctx->filter_low_id > ctx->filter_high_id)) {
-			DEBUG(1, ("ERROR: invalid filter range [%s]", range));
-			ctx->filter_low_id = 0;
-			ctx->filter_high_id = 0;
+		ctx->filter_low_id = 0;
+		ctx->filter_high_id = 0;
+
+		if (lp_idmap_uid(&low_uid, &high_uid)) {
+			ctx->filter_low_id = low_uid;
+			ctx->filter_high_id = high_uid;
+		} else {
+			DEBUG(3, ("Warning: 'idmap uid' not set!\n"));
+		}
+
+		if (lp_idmap_gid(&low_gid, &high_gid)) {
+			if ((low_gid != low_uid) || (high_gid != high_uid)) {
+				DEBUG(1, ("Warning: 'idmap uid' and 'idmap gid'"
+				      " ranges do not agree -- building "
+				      "intersection\n"));
+				ctx->filter_low_id = MAX(ctx->filter_low_id,
+							 low_gid);
+				ctx->filter_high_id = MIN(ctx->filter_high_id,
+							  high_gid);
+			}
+		} else {
+			DEBUG(3, ("Warning: 'idmap gid' not set!\n"));
+		}
+	} else {
+		const char *range = NULL;
+
+		config_option = talloc_asprintf(ctx, "idmap config %s", dom->name);
+		if ( ! config_option) {
+			DEBUG(0, ("Out of memory!\n"));
+			ret = NT_STATUS_NO_MEMORY;
+			goto done;
 		}
+
+		/* load ranges */
+		range = lp_parm_const_string(-1, config_option, "range", NULL);
+		if (range && range[0]) {
+			if ((sscanf(range, "%u - %u", &ctx->filter_low_id,
+							&ctx->filter_high_id) != 2))
+			{
+				DEBUG(1, ("ERROR: invalid filter range [%s]", range));
+				ctx->filter_low_id = 0;
+				ctx->filter_high_id = 0;
+			}
+		}
+	}
+
+	if (ctx->filter_low_id > ctx->filter_high_id) {
+		DEBUG(1, ("ERROR: invalid filter range [%u-%u]",
+		      ctx->filter_low_id, ctx->filter_high_id));
+		ctx->filter_low_id = 0;
+		ctx->filter_high_id = 0;
 	}
 
 	if (params != NULL) {


-- 
Samba Shared Repository


More information about the samba-cvs mailing list