[SCM] Samba Shared Repository - branch master updated
Volker Lendecke
vlendec at samba.org
Thu Apr 29 06:33:32 MDT 2010
The branch, master has been updated
via ca860e4... s3: range-check idmap script output
via fcdba1b... s3: Fix an uninitialized variable in idmap_tdb2_sid_to_id()
via 81e75ba... s3: Fix some nonempty blank lines
from 99518bc... s4-smbtorture: add smbcli_rap_netprintjob{pause,continue,delete}.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ca860e4279a247a852f55d5226f916d1e956820a
Author: Volker Lendecke <vl at samba.org>
Date: Thu Apr 29 12:14:08 2010 +0200
s3: range-check idmap script output
Not doing so results in the id mapping succeeding once unchecked and later on
being refused, because when reading from the tdb we do the checks.
commit fcdba1b36ffc3cfdeac71863f26a1605d3b24fa5
Author: Volker Lendecke <vl at samba.org>
Date: Thu Apr 29 12:11:04 2010 +0200
s3: Fix an uninitialized variable in idmap_tdb2_sid_to_id()
When we find an invalid record in the database, there's no point in checking
the non-existing value against the range limits.
commit 81e75bacd346384a3e0ac3b2d73cb1981fe278d1
Author: Volker Lendecke <vl at samba.org>
Date: Thu Apr 29 12:09:48 2010 +0200
s3: Fix some nonempty blank lines
-----------------------------------------------------------------------
Summary of changes:
source3/winbindd/idmap_tdb2.c | 42 +++++++++++++++++++++++++++-------------
1 files changed, 28 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/idmap_tdb2.c b/source3/winbindd/idmap_tdb2.c
index 22aff0d..0925b84 100644
--- a/source3/winbindd/idmap_tdb2.c
+++ b/source3/winbindd/idmap_tdb2.c
@@ -14,17 +14,17 @@
Copyright (C) Jim McDonough <jmcd at us.ibm.com> 2003
Copyright (C) Jeremy Allison 2006
Copyright (C) Simo Sorce 2003-2006
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
@@ -97,7 +97,7 @@ static NTSTATUS idmap_tdb2_load_ranges(void)
static NTSTATUS idmap_tdb2_open_db(void)
{
char *db_path;
-
+
if (idmap_tdb2) {
/* its already open */
return NT_STATUS_OK;
@@ -605,7 +605,7 @@ static NTSTATUS idmap_tdb2_id_to_sid(struct idmap_tdb2_context *ctx, struct id_m
case ID_TYPE_UID:
keystr = talloc_asprintf(ctx, "UID %lu", (unsigned long)map->xid.id);
break;
-
+
case ID_TYPE_GID:
keystr = talloc_asprintf(ctx, "GID %lu", (unsigned long)map->xid.id);
break;
@@ -659,7 +659,7 @@ static NTSTATUS idmap_tdb2_id_to_sid(struct idmap_tdb2_context *ctx, struct id_m
&store_state);
goto done;
}
-
+
if (!string_to_sid(map->sid, (const char *)data.dptr)) {
DEBUG(10,("INVALID SID (%s) in record %s\n",
(const char *)data.dptr, keystr));
@@ -711,13 +711,26 @@ static NTSTATUS idmap_tdb2_sid_to_id(struct idmap_tdb2_context *ctx, struct id_m
ret = NT_STATUS_NONE_MAPPED;
goto done;
}
-
+
ret = idmap_tdb2_script(ctx, map, "SIDTOID %s", keystr);
/* store it on shared storage */
if (!NT_STATUS_IS_OK(ret)) {
goto done;
}
+ /* apply filters before returning result */
+ if ((ctx->filter_low_id
+ && (map->xid.id < ctx->filter_low_id)) ||
+ (ctx->filter_high_id
+ && (map->xid.id > ctx->filter_high_id))) {
+ DEBUG(5, ("Script returned id (%u) out of range "
+ "(%u - %u). Filtered!\n",
+ map->xid.id,
+ ctx->filter_low_id, ctx->filter_high_id));
+ ret = NT_STATUS_NONE_MAPPED;
+ goto done;
+ }
+
idstr = talloc_asprintf(tmp_ctx, "%cID %lu",
map->xid.type == ID_TYPE_UID?'U':'G',
(unsigned long)map->xid.id);
@@ -750,8 +763,9 @@ static NTSTATUS idmap_tdb2_sid_to_id(struct idmap_tdb2_context *ctx, struct id_m
} else { /* Unknown record type ! */
DEBUG(2, ("Found INVALID record %s -> %s\n", keystr, (const char *)data.dptr));
ret = NT_STATUS_INTERNAL_DB_ERROR;
+ goto done;
}
-
+
/* apply filters before returning result */
if ((ctx->filter_low_id && (map->xid.id < ctx->filter_low_id)) ||
(ctx->filter_high_id && (map->xid.id > ctx->filter_high_id))) {
@@ -778,7 +792,7 @@ static NTSTATUS idmap_tdb2_unixids_to_sids(struct idmap_domain *dom, struct id_m
for (i = 0; ids[i]; i++) {
ids[i]->status = ID_UNKNOWN;
}
-
+
ctx = talloc_get_type(dom->private_data, struct idmap_tdb2_context);
for (i = 0; ids[i]; i++) {
@@ -792,7 +806,7 @@ static NTSTATUS idmap_tdb2_unixids_to_sids(struct idmap_domain *dom, struct id_m
ids[i]->status = ID_UNMAPPED;
continue;
}
-
+
/* some fatal error occurred, return immediately */
goto done;
}
@@ -820,7 +834,7 @@ static NTSTATUS idmap_tdb2_sids_to_unixids(struct idmap_domain *dom, struct id_m
for (i = 0; ids[i]; i++) {
ids[i]->status = ID_UNKNOWN;
}
-
+
ctx = talloc_get_type(dom->private_data, struct idmap_tdb2_context);
for (i = 0; ids[i]; i++) {
@@ -834,7 +848,7 @@ static NTSTATUS idmap_tdb2_sids_to_unixids(struct idmap_domain *dom, struct id_m
ids[i]->status = ID_UNMAPPED;
continue;
}
-
+
/* some fatal error occurred, return immediately */
goto done;
}
@@ -868,7 +882,7 @@ static NTSTATUS idmap_tdb2_set_mapping(struct idmap_domain *dom, const struct id
ksidstr = kidstr = NULL;
/* TODO: should we filter a set_mapping using low/high filters ? */
-
+
ctx = talloc_get_type(dom->private_data, struct idmap_tdb2_context);
switch (map->xid.type) {
@@ -876,7 +890,7 @@ static NTSTATUS idmap_tdb2_set_mapping(struct idmap_domain *dom, const struct id
case ID_TYPE_UID:
kidstr = talloc_asprintf(ctx, "UID %lu", (unsigned long)map->xid.id);
break;
-
+
case ID_TYPE_GID:
kidstr = talloc_asprintf(ctx, "GID %lu", (unsigned long)map->xid.id);
break;
--
Samba Shared Repository
More information about the samba-cvs
mailing list