[SCM] Samba Shared Repository - branch master updated

Michael Adam obnox at samba.org
Sun Jan 2 05:42:01 MST 2011


The branch, master has been updated
       via  45cb9bb s3:net: make idmap_store_secret static.
       via  7f256a7 s3:net: fix the usage for net idmap secret (removing alloc)
       via  11016f2 s3:net: remove alloc parameter from idmap_store_secret() (net idmap store).
       via  2d3a8b1 s3:idmap_ldap: remove special handling of alloc secret (not used any more).
       via  52b37de s3:idmap_ldap: remove unused idmap_ldap_alloc_context.
       via  91e7430 s3:idmap_ldap: remove alloc context member from ldap_idmap_context
       via  5908bd6 s3:idmap_ldap: remove use of alloc context from idmap_ldap_allocate_id().
       via  510bf2d s3:idmap_ldap: remove unused idmap_ldap_alloc_close_destructor().
       via  f83fa1e s3:idmap_ldap: remove unused idmap_ldap_alloc_init().
       via  632e232 s3:idmap_ldap: don't call idmap_ldap_alloc_init in idmap_ldap_init.
       via  58508c9 s3:idmap_ldap: remove use of the ldap_idmap_alloc_context from verify_idpool().
      from  41179c2 Fix a valgrind error

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 45cb9bba37407ab4e76b0955e6a379efc6d562a4
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:43:34 2010 +0100

    s3:net: make idmap_store_secret static.
    
    Autobuild-User: Michael Adam <obnox at samba.org>
    Autobuild-Date: Sun Jan  2 13:41:07 CET 2011 on sn-devel-104

commit 7f256a740cc43dbaed545cf0d2533cc31a25806b
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:41:28 2010 +0100

    s3:net: fix the usage for net idmap secret (removing alloc)

commit 11016f2a6befc477c631c4f2ed8d9e7e4e250102
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:39:28 2010 +0100

    s3:net: remove alloc parameter from idmap_store_secret() (net idmap store).

commit 2d3a8b196fe1ef47a5fb7bc5c13671125f59da91
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:32:53 2010 +0100

    s3:idmap_ldap: remove special handling of alloc secret (not used any more).

commit 52b37de5d88301ce1a6d05128d9c19043f5a2b51
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:26:29 2010 +0100

    s3:idmap_ldap: remove unused idmap_ldap_alloc_context.

commit 91e743081723dc78fd5e5a6e2efe9c2603bf17bf
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:26:05 2010 +0100

    s3:idmap_ldap: remove alloc context member from ldap_idmap_context

commit 5908bd62b557723f36d8055506d4602cfc567684
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:24:01 2010 +0100

    s3:idmap_ldap: remove use of alloc context from idmap_ldap_allocate_id().

commit 510bf2d59175cb4aabf26c0dc1afcb6873955cb4
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:07:29 2010 +0100

    s3:idmap_ldap: remove unused idmap_ldap_alloc_close_destructor().

commit f83fa1ec20fd398dbbe5fab0e25f27d9697df91b
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:06:50 2010 +0100

    s3:idmap_ldap: remove unused idmap_ldap_alloc_init().

commit 632e232fc482cd76553b88b84cd4479bfee0845a
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:04:20 2010 +0100

    s3:idmap_ldap: don't call idmap_ldap_alloc_init in idmap_ldap_init.
    
    Call verify_idpool() instead.

commit 58508c97260269ec47746adf81da34d9d0d8a1bb
Author: Michael Adam <obnox at samba.org>
Date:   Wed Dec 8 00:19:23 2010 +0100

    s3:idmap_ldap: remove use of the ldap_idmap_alloc_context from verify_idpool().
    
    Allocation is now subsumed in the idmap ldap config.
    This is the beginning of the removal of the idmap ldap alloc parameters.

-----------------------------------------------------------------------

Summary of changes:
 source3/utils/net_idmap.c     |   24 +++----
 source3/utils/net_proto.h     |    3 -
 source3/winbindd/idmap_ldap.c |  172 +++++++----------------------------------
 3 files changed, 38 insertions(+), 161 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/utils/net_idmap.c b/source3/utils/net_idmap.c
index 488132b..e3640bd 100644
--- a/source3/utils/net_idmap.c
+++ b/source3/utils/net_idmap.c
@@ -289,19 +289,16 @@ static int net_idmap_set(struct net_context *c, int argc, const char **argv)
 	d_printf("%s\n", _("Not implemented yet"));
 	return -1;
 }
-bool idmap_store_secret(const char *backend, bool alloc,
-			const char *domain, const char *identity,
-			const char *secret)
+static bool idmap_store_secret(const char *backend,
+			       const char *domain,
+			       const char *identity,
+			       const char *secret)
 {
 	char *tmp;
 	int r;
 	bool ret;
 
-	if (alloc) {
-		r = asprintf(&tmp, "IDMAP_ALLOC_%s", backend);
-	} else {
-		r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
-	}
+	r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
 
 	if (r < 0) return false;
 
@@ -363,7 +360,7 @@ static int net_idmap_secret(struct net_context *c, int argc, const char **argv)
 		return -1;
 	}
 
-	ret = idmap_store_secret("ldap", false, domain, dn, secret);
+	ret = idmap_store_secret("ldap", domain, dn, secret);
 
 	if ( ! ret) {
 		d_fprintf(stderr, _("Failed to store secret\n"));
@@ -385,9 +382,8 @@ int net_help_idmap(struct net_context *c, int argc, const char **argv)
 
 	/* Deliberately *not* document net idmap delete */
 
-	d_printf(_("net idmap secret <DOMAIN>|alloc <secret>\n"
-		   "    Set the secret for the specified DOMAIN (or the alloc "
-		   "module)\n"));
+	d_printf(_("net idmap secret <DOMAIN> <secret>\n"
+		   "    Set the secret for the specified DOMAIN module)\n"));
 
 	return -1;
 }
@@ -499,8 +495,8 @@ int net_idmap(struct net_context *c, int argc, const char **argv)
 			net_idmap_secret,
 			NET_TRANSPORT_LOCAL,
 			N_("Set secret for specified domain"),
-			N_("net idmap secret {<DOMAIN>|alloc} <secret>\n"
-			   "  Set secret for specified domain or alloc module")
+			N_("net idmap secret <DOMAIN> <secret>\n"
+			   "  Set secret for specified domain")
 		},
 		{
 			"aclmapset",
diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h
index 9e9e82f..2475c9f 100644
--- a/source3/utils/net_proto.h
+++ b/source3/utils/net_proto.h
@@ -86,9 +86,6 @@ int net_help(struct net_context *c, int argc, const char **argv);
 
 /* The following definitions come from utils/net_idmap.c  */
 
-bool idmap_store_secret(const char *backend, bool alloc,
-			const char *domain, const char *identity,
-			const char *secret);
 int net_help_idmap(struct net_context *c, int argc, const char **argv);
 int net_idmap(struct net_context *c, int argc, const char **argv);
 
diff --git a/source3/winbindd/idmap_ldap.c b/source3/winbindd/idmap_ldap.c
index 7b1f247..aea5d6a 100644
--- a/source3/winbindd/idmap_ldap.c
+++ b/source3/winbindd/idmap_ldap.c
@@ -38,17 +38,13 @@
 
 #include "smbldap.h"
 
-static char *idmap_fetch_secret(const char *backend, bool alloc,
+static char *idmap_fetch_secret(const char *backend,
 				const char *domain, const char *identity)
 {
 	char *tmp, *ret;
 	int r;
 
-	if (alloc) {
-		r = asprintf(&tmp, "IDMAP_ALLOC_%s", backend);
-	} else {
-		r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
-	}
+	r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
 
 	if (r < 0)
 		return NULL;
@@ -61,20 +57,12 @@ static char *idmap_fetch_secret(const char *backend, bool alloc,
 	return ret;
 }
 
-struct idmap_ldap_alloc_context {
-	struct smbldap_state *smbldap_state;
-	char *url;
-	char *suffix;
-	char *user_dn;
-};
-
 struct idmap_ldap_context {
 	struct smbldap_state *smbldap_state;
 	char *url;
 	char *suffix;
 	char *user_dn;
 	bool anon;
-	struct idmap_ldap_alloc_context *alloc;
 	struct idmap_rw_ops *rw_ops;
 };
 
@@ -110,12 +98,13 @@ static NTSTATUS get_credentials( TALLOC_CTX *mem_ctx,
 
 	if ( tmp ) {
 		if (!dom) {
-			/* only the alloc backend can pass in a NULL dom */
-			secret = idmap_fetch_secret("ldap", True,
-						    NULL, tmp);
+			DEBUG(0, ("get_credentials: Invalid domain 'NULL' "
+				  "encountered for user DN %s\n",
+				  tmp));
+			ret = NT_STATUS_UNSUCCESSFUL;
+			goto done;
 		} else {
-			secret = idmap_fetch_secret("ldap", False,
-						    dom->name, tmp);
+			secret = idmap_fetch_secret("ldap", dom->name, tmp);
 		}
 
 		if (!secret) {
@@ -168,11 +157,7 @@ static NTSTATUS verify_idpool(struct idmap_domain *dom)
 
 	ctx = talloc_get_type(dom->private_data, struct idmap_ldap_context);
 
-	if (!ctx->alloc) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
-	mem_ctx = talloc_new(ctx->alloc);
+	mem_ctx = talloc_new(ctx);
 	if (mem_ctx == NULL) {
 		DEBUG(0, ("Out of memory!\n"));
 		return NT_STATUS_NO_MEMORY;
@@ -184,8 +169,8 @@ static NTSTATUS verify_idpool(struct idmap_domain *dom)
 	attr_list = get_attr_list(mem_ctx, idpool_attr_list);
 	CHECK_ALLOC_DONE(attr_list);
 
-	rc = smbldap_search(ctx->alloc->smbldap_state,
-				ctx->alloc->suffix,
+	rc = smbldap_search(ctx->smbldap_state,
+				ctx->suffix,
 				LDAP_SCOPE_SUBTREE,
 				filter,
 				attr_list,
@@ -198,14 +183,13 @@ static NTSTATUS verify_idpool(struct idmap_domain *dom)
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	count = ldap_count_entries(ctx->alloc->smbldap_state->ldap_struct,
-				   result);
+	count = ldap_count_entries(ctx->smbldap_state->ldap_struct, result);
 
 	ldap_msgfree(result);
 
 	if ( count > 1 ) {
 		DEBUG(0,("Multiple entries returned from %s (base == %s)\n",
-			filter, ctx->alloc->suffix));
+			filter, ctx->suffix));
 		ret = NT_STATUS_UNSUCCESSFUL;
 		goto done;
 	}
@@ -228,8 +212,8 @@ static NTSTATUS verify_idpool(struct idmap_domain *dom)
 						    LDAP_ATTR_GIDNUMBER),
 				gid_str);
 		if (mods) {
-			rc = smbldap_modify(ctx->alloc->smbldap_state,
-						ctx->alloc->suffix,
+			rc = smbldap_modify(ctx->smbldap_state,
+						ctx->suffix,
 						mods);
 			ldap_mods_free(mods, True);
 		} else {
@@ -244,100 +228,6 @@ done:
 	return ret;
 }
 
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-
-static int idmap_ldap_alloc_close_destructor(struct idmap_ldap_alloc_context *ctx)
-{
-	smbldap_free_struct(&ctx->smbldap_state);
-	DEBUG(5,("The connection to the LDAP server was closed\n"));
-	/* maybe free the results here --metze */
-	return 0;
-}
-
-static NTSTATUS idmap_ldap_alloc_init(struct idmap_domain *dom,
-				      const char *params)
-{
-	NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
-	const char *tmp;
-	struct idmap_ldap_context *ctx;
-
-	/* Only do init if we are online */
-	if (idmap_is_offline())	{
-		return NT_STATUS_FILE_IS_OFFLINE;
-	}
-
-	ctx = talloc_get_type(dom->private_data, struct idmap_ldap_context);
-
-	ctx->alloc = talloc_zero(ctx, struct idmap_ldap_alloc_context);
-        CHECK_ALLOC_DONE(ctx->alloc);
-
-	if (params && *params) {
-		/* assume location is the only parameter */
-		ctx->alloc->url = talloc_strdup(ctx->alloc, params);
-	} else {
-		tmp = lp_parm_const_string(-1, "idmap alloc config",
-					   "ldap_url", NULL);
-
-		if ( ! tmp) {
-			DEBUG(1, ("ERROR: missing idmap ldap url\n"));
-			ret = NT_STATUS_UNSUCCESSFUL;
-			goto done;
-		}
-
-		ctx->alloc->url = talloc_strdup(ctx->alloc, tmp);
-	}
-	CHECK_ALLOC_DONE(ctx->alloc->url);
-
-	trim_char(ctx->alloc->url, '\"', '\"');
-
-	tmp = lp_parm_const_string(-1, "idmap alloc config",
-				   "ldap_base_dn", NULL);
-	if ( ! tmp || ! *tmp) {
-		tmp = lp_ldap_idmap_suffix();
-		if ( ! tmp) {
-			DEBUG(1, ("ERROR: missing idmap ldap suffix\n"));
-			ret = NT_STATUS_UNSUCCESSFUL;
-			goto done;
-		}
-	}
-
-	ctx->alloc->suffix = talloc_strdup(ctx->alloc, tmp);
-	CHECK_ALLOC_DONE(ctx->alloc->suffix);
-
-	ret = smbldap_init(ctx->alloc, winbind_event_context(),
-			   ctx->alloc->url,
-			   &ctx->alloc->smbldap_state);
-	if (!NT_STATUS_IS_OK(ret)) {
-		DEBUG(1, ("ERROR: smbldap_init (%s) failed!\n",
-			  ctx->alloc->url));
-		goto done;
-	}
-
-	talloc_set_destructor(ctx->alloc, idmap_ldap_alloc_close_destructor);
-
-	ret = get_credentials(ctx->alloc,
-			      ctx->alloc->smbldap_state,
-			      "idmap alloc config", NULL,
-			      &ctx->alloc->user_dn);
-	if ( !NT_STATUS_IS_OK(ret) ) {
-		DEBUG(1,("idmap_ldap_alloc_init: Failed to get connection "
-			 "credentials (%s)\n", nt_errstr(ret)));
-		goto done;
-	}
-
-	/* see if the idmap suffix and sub entries exists */
-
-	ret = verify_idpool(dom);
-
- done:
-	if ( !NT_STATUS_IS_OK( ret ) )
-		TALLOC_FREE(ctx->alloc);
-
-	return ret;
-}
-
 /********************************
  Allocate a new uid or gid
 ********************************/
@@ -367,11 +257,7 @@ static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom,
 
 	ctx = talloc_get_type(dom->private_data, struct idmap_ldap_context);
 
-	if (!ctx->alloc) {
-		return NT_STATUS_UNSUCCESSFUL;
-	}
-
-	mem_ctx = talloc_new(ctx->alloc);
+	mem_ctx = talloc_new(ctx);
 	if (!mem_ctx) {
 		DEBUG(0, ("Out of memory!\n"));
 		return NT_STATUS_NO_MEMORY;
@@ -403,10 +289,10 @@ static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom,
 
 	DEBUG(10, ("Search of the id pool (filter: %s)\n", filter));
 
-	rc = smbldap_search(ctx->alloc->smbldap_state,
-				ctx->alloc->suffix,
-			       LDAP_SCOPE_SUBTREE, filter,
-			       attr_list, 0, &result);
+	rc = smbldap_search(ctx->smbldap_state,
+			   ctx->suffix,
+			   LDAP_SCOPE_SUBTREE, filter,
+			   attr_list, 0, &result);
 
 	if (rc != LDAP_SUCCESS) {
 		DEBUG(0,("%s object not found\n", LDAP_OBJ_IDPOOL));
@@ -415,25 +301,23 @@ static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom,
 
 	talloc_autofree_ldapmsg(mem_ctx, result);
 
-	count = ldap_count_entries(ctx->alloc->smbldap_state->ldap_struct,
-				   result);
+	count = ldap_count_entries(ctx->smbldap_state->ldap_struct, result);
 	if (count != 1) {
 		DEBUG(0,("Single %s object not found\n", LDAP_OBJ_IDPOOL));
 		goto done;
 	}
 
-	entry = ldap_first_entry(ctx->alloc->smbldap_state->ldap_struct,
-				 result);
+	entry = ldap_first_entry(ctx->smbldap_state->ldap_struct, result);
 
 	dn = smbldap_talloc_dn(mem_ctx,
-			       ctx->alloc->smbldap_state->ldap_struct,
+			       ctx->smbldap_state->ldap_struct,
 			       entry);
 	if ( ! dn) {
 		goto done;
 	}
 
 	id_str = smbldap_talloc_single_attribute(
-				ctx->alloc->smbldap_state->ldap_struct,
+				ctx->smbldap_state->ldap_struct,
 				entry, type, mem_ctx);
 	if (id_str == NULL) {
 		DEBUG(0,("%s attribute not found\n", type));
@@ -485,7 +369,7 @@ static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain *dom,
 	DEBUG(10, ("Try to atomically increment the id (%s -> %s)\n",
 		   id_str, new_id_str));
 
-	rc = smbldap_modify(ctx->alloc->smbldap_state, dn, mods);
+	rc = smbldap_modify(ctx->smbldap_state, dn, mods);
 
 	ldap_mods_free(mods, True);
 
@@ -636,10 +520,10 @@ static NTSTATUS idmap_ldap_db_init(struct idmap_domain *dom,
 
 	dom->private_data = ctx;
 
-	ret = idmap_ldap_alloc_init(dom, params);
+	ret = verify_idpool(dom);
 	if (!NT_STATUS_IS_OK(ret)) {
-		DEBUG(1, ("idmap_ldap_db_init: Failed to initialize alloc "
-			  "subsystem: %s\n", nt_errstr(ret)));
+		DEBUG(1, ("idmap_ldap_db_init: failed to verify ID pool (%s)\n",
+			 nt_errstr(ret)));
 		goto done;
 	}
 


-- 
Samba Shared Repository


More information about the samba-cvs mailing list