[SCM] Samba Shared Repository - branch master updated
Christian Ambach
ambi at samba.org
Thu Jul 21 08:50:02 MDT 2011
The branch, master has been updated
via fb766cd s3-waf: fix a libcrypto configure check
via bca69bf s3:winbindd remove an unused variable
via 410c4de s3:utils fix a compiler warning
via 62825b0 s3:modules/vfs_afsacl fix a compiler warning
via 4370dc1 s3:afs make path argument to afs_syscall const
via dcd10fa s3:modules/vfs_afsacl fix a compiler warning
via c5cbdc2 s3:modules/vfs_afsacl use stdbool types
via c8b4414 s3:modules/vfs_afsacl remove some unnecessary whitespace
via f2be12f s3:lib/afs fix the build with --with-vfs-afsacl
via ffef23d s3:lib/afs use stdbool types
via 9779af8 s3:utils/net_afs fix compiler warnings
via ffbecc0 s3:lib/afs_settoken fix some compiler warnings
via a78407b s3:lib/afs fix some compiler warnings
via 3b231e6 s3:lib/afs fix the build with --with-fake-kaserver
from e3fc1ab selftest: use "state directory" and "cache directory" options
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit fb766cd597dd0579f00ce3ca0acb5a422804d901
Author: Christian Ambach <ambi at samba.org>
Date: Thu Jul 21 14:13:20 2011 +0200
s3-waf: fix a libcrypto configure check
the parameters to conf.CHECK_FUNCS_IN were in the wrong order
Autobuild-User: Christian Ambach <ambi at samba.org>
Autobuild-Date: Thu Jul 21 16:49:52 CEST 2011 on sn-devel-104
commit bca69bfbc3b43d64b22ea92607267494033d17b6
Author: Christian Ambach <ambi at samba.org>
Date: Thu Jul 21 14:48:24 2011 +0200
s3:winbindd remove an unused variable
fixes a compiler warning
commit 410c4deefe24a7d92caf65e288a4ff9d54190e70
Author: Christian Ambach <ambi at samba.org>
Date: Thu Jul 21 14:47:38 2011 +0200
s3:utils fix a compiler warning
fix a compiler warning about missing prototypes
commit 62825b0ff953a7ba269ef6bc30d0470d07269e4b
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 16:16:11 2011 +0200
s3:modules/vfs_afsacl fix a compiler warning
commit 4370dc11bd3a0bb14d21be7f581f59fa7fc1d888
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 16:14:33 2011 +0200
s3:afs make path argument to afs_syscall const
commit dcd10fa4e5bf3f687b5ef7be30ef0b24f1ae639e
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 16:12:46 2011 +0200
s3:modules/vfs_afsacl fix a compiler warning
commit c5cbdc21d1b21034fb5f892a74d296cc94120696
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 15:58:40 2011 +0200
s3:modules/vfs_afsacl use stdbool types
commit c8b4414c0a8bc9f81a03948c875bbac22d0a8726
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 15:57:26 2011 +0200
s3:modules/vfs_afsacl remove some unnecessary whitespace
commit f2be12fa8f97a02885aa46fa8e725970d73e3885
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 15:54:25 2011 +0200
s3:lib/afs fix the build with --with-vfs-afsacl
This fixes the second piece of Bug #8263
commit ffef23d40f100ba678bc2af73eb24bc6fc93356e
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 15:35:18 2011 +0200
s3:lib/afs use stdbool types
commit 9779af85d6fe3091448ed77166877e3fcdfc3cfe
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 15:44:36 2011 +0200
s3:utils/net_afs fix compiler warnings
commit ffbecc0cf6878f935aec9427e632f7cfe8571149
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 15:34:29 2011 +0200
s3:lib/afs_settoken fix some compiler warnings
commit a78407b9ca24d0fd2dae06debccbe0859e76ca87
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 15:30:14 2011 +0200
s3:lib/afs fix some compiler warnings
commit 3b231e6a12676aba13a29589992c020bd5e2b33d
Author: Christian Ambach <ambi at samba.org>
Date: Fri Jul 15 15:27:07 2011 +0200
s3:lib/afs fix the build with --with-fake-kaserver
This fixes one piece of Bug #8263
-----------------------------------------------------------------------
Summary of changes:
source3/include/proto.h | 2 +-
source3/lib/afs.c | 30 +++++++++-----
source3/lib/afs_settoken.c | 45 +++++++++++----------
source3/modules/vfs_afsacl.c | 87 ++++++++++++++++++++-------------------
source3/utils/net_afs.c | 8 +++-
source3/winbindd/winbindd_cm.c | 2 -
source3/wscript | 2 +-
7 files changed, 96 insertions(+), 80 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 010992d..ec0571c 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -46,7 +46,7 @@ char *afs_createtoken_str(const char *username, const char *cell);
/* The following definitions come from lib/afs_settoken.c */
int afs_syscall( int subcall,
- char * path,
+ const char * path,
int cmd,
char * cmarg,
int follow);
diff --git a/source3/lib/afs.c b/source3/lib/afs.c
index 7a49c57..849e9ce 100644
--- a/source3/lib/afs.c
+++ b/source3/lib/afs.c
@@ -23,6 +23,11 @@
#define NO_ASN1_TYPEDEFS 1
+#include "secrets.h"
+#include "passdb.h"
+#include "auth.h"
+#include "../librpc/gen_ndr/ndr_netlogon.h"
+
#include <afs/param.h>
#include <afs/stds.h>
#include <afs/afs.h>
@@ -88,11 +93,11 @@ static bool afs_createtoken(const char *username, const char *cell,
des_key_schedule key_schedule;
if (!secrets_init())
- return False;
+ return false;
if (!secrets_fetch_afs_key(cell, &key)) {
DEBUG(1, ("Could not fetch AFS service key\n"));
- return False;
+ return false;
}
ct->AuthHandle = key.kvno;
@@ -121,7 +126,7 @@ static bool afs_createtoken(const char *username, const char *cell,
p += 4;
/* We need to create a session key */
- generate_random_buffer(p, 8);
+ generate_random_buffer((uint8_t *)p, 8);
/* Our client code needs the the key in the clear, it does not
know the server-key ... */
@@ -171,14 +176,15 @@ static bool afs_createtoken(const char *username, const char *cell,
len = PTR_DIFF(p, clear_ticket);
des_key_sched((const_des_cblock *)key.key, key_schedule);
- des_pcbc_encrypt(clear_ticket, clear_ticket,
+ des_pcbc_encrypt((const unsigned char*) clear_ticket,
+ (unsigned char*) clear_ticket,
len, key_schedule, (C_Block *)key.key, 1);
ZERO_STRUCT(key);
*ticket = data_blob(clear_ticket, len);
- return True;
+ return true;
}
char *afs_createtoken_str(const char *username, const char *cell)
@@ -231,16 +237,18 @@ bool afs_login(connection_struct *conn)
}
afs_username = talloc_sub_advanced(ctx,
- SNUM(conn), conn->session_info->unix_info->unix_name,
- conn->connectpath, conn->session_info->unix_token->gid,
+ lp_servicename(SNUM(conn)),
+ conn->session_info->unix_info->unix_name,
+ conn->connectpath,
+ conn->session_info->unix_token->gid,
conn->session_info->unix_info->sanitized_username,
- pdb_get_domain(conn->session_info->sam_account),
+ conn->session_info->info->domain_name,
afs_username);
if (!afs_username) {
return false;
}
- user_sid = &conn->session_info->security_token->user_sids[0];
+ user_sid = &conn->session_info->security_token->sids[0];
afs_username = talloc_string_sub(talloc_tos(),
afs_username,
"%s",
@@ -268,7 +276,7 @@ bool afs_login(connection_struct *conn)
afs_username, cell));
if (!afs_createtoken(afs_username, cell, &ticket, &ct))
- return False;
+ return false;
/* For which Unix-UID do we want to set the token? */
ct.ViceId = getuid();
@@ -288,7 +296,7 @@ bool afs_login(connection_struct *conn)
bool afs_login(connection_struct *conn)
{
- return True;
+ return true;
}
char *afs_createtoken_str(const char *username, const char *cell)
diff --git a/source3/lib/afs_settoken.c b/source3/lib/afs_settoken.c
index 80eed13..77d9ace 100644
--- a/source3/lib/afs_settoken.c
+++ b/source3/lib/afs_settoken.c
@@ -23,6 +23,8 @@
#define NO_ASN1_TYPEDEFS 1
+#include "system/filesys.h"
+
#include <afs/param.h>
#include <afs/stds.h>
#include <afs/afs.h>
@@ -33,7 +35,7 @@
#include <sys/syscall.h>
int afs_syscall( int subcall,
- char * path,
+ const char * path,
int cmd,
char * cmarg,
int follow)
@@ -42,13 +44,14 @@ int afs_syscall( int subcall,
return( syscall( SYS_afs_syscall, subcall, path, cmd, cmarg, follow));
*/
int errcode;
+ int proc_afs_file;
struct afsprocdata afs_syscall_data;
afs_syscall_data.syscall = subcall;
afs_syscall_data.param1 = (long)path;
afs_syscall_data.param2 = cmd;
afs_syscall_data.param3 = (long)cmarg;
afs_syscall_data.param4 = follow;
- int proc_afs_file = open(PROC_SYSCALL_FNAME, O_RDWR);
+ proc_afs_file = open(PROC_SYSCALL_FNAME, O_RDWR);
if (proc_afs_file < 0)
proc_afs_file = open(PROC_SYSCALL_ARLA_FNAME, O_RDWR);
if (proc_afs_file < 0)
@@ -79,33 +82,33 @@ static bool afs_decode_token(const char *string, char **cell,
if ((t = strtok_r(s, "\n", &saveptr)) == NULL) {
DEBUG(10, ("strtok_r failed\n"));
- return False;
+ return false;
}
*cell = SMB_STRDUP(t);
if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
DEBUG(10, ("strtok_r failed\n"));
- return False;
+ return false;
}
if (sscanf(t, "%u", &result_ct.AuthHandle) != 1) {
DEBUG(10, ("sscanf AuthHandle failed\n"));
- return False;
+ return false;
}
if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
DEBUG(10, ("strtok_r failed\n"));
- return False;
+ return false;
}
blob = base64_decode_data_blob(t);
if ( (blob.data == NULL) ||
(blob.length != sizeof(result_ct.HandShakeKey) )) {
- DEBUG(10, ("invalid key: %x/%d\n", (uint32)blob.data,
- blob.length));
- return False;
+ DEBUG(10, ("invalid key: %x/%lu\n", (uint8_t)*blob.data,
+ (unsigned long) blob.length));
+ return false;
}
memcpy(result_ct.HandShakeKey, blob.data, blob.length);
@@ -114,50 +117,50 @@ static bool afs_decode_token(const char *string, char **cell,
if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
DEBUG(10, ("strtok_r failed\n"));
- return False;
+ return false;
}
if (sscanf(t, "%u", &result_ct.ViceId) != 1) {
DEBUG(10, ("sscanf ViceId failed\n"));
- return False;
+ return false;
}
if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
DEBUG(10, ("strtok_r failed\n"));
- return False;
+ return false;
}
if (sscanf(t, "%u", &result_ct.BeginTimestamp) != 1) {
DEBUG(10, ("sscanf BeginTimestamp failed\n"));
- return False;
+ return false;
}
if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
DEBUG(10, ("strtok_r failed\n"));
- return False;
+ return false;
}
if (sscanf(t, "%u", &result_ct.EndTimestamp) != 1) {
DEBUG(10, ("sscanf EndTimestamp failed\n"));
- return False;
+ return false;
}
if ((t = strtok_r(NULL, "\n", &saveptr)) == NULL) {
DEBUG(10, ("strtok_r failed\n"));
- return False;
+ return false;
}
blob = base64_decode_data_blob(t);
if (blob.data == NULL) {
DEBUG(10, ("Could not get ticket\n"));
- return False;
+ return false;
}
*ticket = blob;
*ct = result_ct;
- return True;
+ return true;
}
/*
@@ -203,7 +206,7 @@ static bool afs_settoken(const char *cell,
tmp = strlen(cell);
if (tmp >= MAXKTCREALMLEN) {
DEBUG(1, ("Realm too long\n"));
- return False;
+ return false;
}
strncpy(p, cell, tmp);
@@ -234,7 +237,7 @@ bool afs_settoken_str(const char *token_string)
char *cell;
if (!afs_decode_token(token_string, &cell, &ticket, &ct))
- return False;
+ return false;
if (geteuid() != sec_initial_uid())
ct.ViceId = getuid();
@@ -251,7 +254,7 @@ bool afs_settoken_str(const char *token_string)
bool afs_settoken_str(const char *token_string)
{
- return False;
+ return false;
}
#endif
diff --git a/source3/modules/vfs_afsacl.c b/source3/modules/vfs_afsacl.c
index 2ef6adf..6301469 100644
--- a/source3/modules/vfs_afsacl.c
+++ b/source3/modules/vfs_afsacl.c
@@ -1,4 +1,4 @@
-/*
+/*
* Convert AFS acls to NT acls and vice versa.
*
* Copyright (C) Volker Lendecke, 2003
@@ -7,12 +7,12 @@
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
@@ -20,6 +20,10 @@
#include "includes.h"
#include "system/filesys.h"
#include "smbd/smbd.h"
+#include "../librpc/gen_ndr/lsa.h"
+#include "../libcli/security/security.h"
+#include "../libcli/security/dom_sid.h"
+#include "passdb.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_VFS
@@ -43,7 +47,7 @@ static char space_replacement = '%';
/* Do we expect SIDs as pts names? */
static bool sidpts;
-extern int afs_syscall(int, char *, int, char *, int);
+extern int afs_syscall(int, const char *, int, char *, int);
struct afs_ace {
bool positive;
@@ -73,9 +77,9 @@ static bool init_afs_acl(struct afs_acl *acl)
acl->ctx = talloc_init("afs_acl");
if (acl->ctx == NULL) {
DEBUG(10, ("Could not init afs_acl"));
- return False;
+ return false;
}
- return True;
+ return true;
}
static void free_afs_acl(struct afs_acl *acl)
@@ -240,21 +244,21 @@ static bool parse_afs_acl(struct afs_acl *acl, const char *acl_str)
strlcpy(str, acl_str, MAXSIZE);
if (sscanf(p, "%d", &nplus) != 1)
- return False;
+ return false;
DEBUG(10, ("Found %d positive entries\n", nplus));
if ((p = strchr(p, '\n')) == NULL)
- return False;
+ return false;
p += 1;
if (sscanf(p, "%d", &nminus) != 1)
- return False;
+ return false;
DEBUG(10, ("Found %d negative entries\n", nminus));
if ((p = strchr(p, '\n')) == NULL)
- return False;
+ return false;
p += 1;
for (aces = nplus+nminus; aces > 0; aces--)
@@ -268,15 +272,15 @@ static bool parse_afs_acl(struct afs_acl *acl, const char *acl_str)
namep = p;
if ((p = strchr(p, '\t')) == NULL)
- return False;
+ return false;
*p = '\0';
p += 1;
if (sscanf(p, "%d", &rights) != 1)
- return False;
+ return false;
if ((p = strchr(p, '\n')) == NULL)
- return False;
+ return false;
p += 1;
fstrcpy(name, namep);
@@ -289,7 +293,7 @@ static bool parse_afs_acl(struct afs_acl *acl, const char *acl_str)
nplus -= 1;
}
- return True;
+ return true;
}
static bool unparse_afs_acl(struct afs_acl *acl, char *acl_str)
@@ -299,11 +303,10 @@ static bool unparse_afs_acl(struct afs_acl *acl, char *acl_str)
int positives = 0;
int negatives = 0;
fstring line;
+ struct afs_ace *ace = acl->acelist;
*acl_str = 0;
- struct afs_ace *ace = acl->acelist;
-
while (ace != NULL) {
if (ace->positive)
positives++;
@@ -325,7 +328,7 @@ static bool unparse_afs_acl(struct afs_acl *acl, char *acl_str)
strlcat(acl_str, line, MAXSIZE);
ace = ace->next;
}
- return True;
+ return true;
}
static uint32 afs_to_nt_file_rights(uint32 rights)
@@ -432,7 +435,7 @@ static void merge_afs_acls(struct afs_acl *dir_acl,
for (ace = dir_acl->acelist; ace != NULL; ace = ace->next) {
struct afs_ace *file_ace;
- bool found = False;
+ bool found = false;
for (file_ace = file_acl->acelist;
file_ace != NULL;
@@ -442,7 +445,7 @@ static void merge_afs_acls(struct afs_acl *dir_acl,
add_afs_ace(target, ace->positive, ace->name,
ace->rights | file_ace->rights);
- found = True;
+ found = true;
break;
}
if (!found)
@@ -452,14 +455,14 @@ static void merge_afs_acls(struct afs_acl *dir_acl,
for (ace = file_acl->acelist; ace != NULL; ace = ace->next) {
struct afs_ace *dir_ace;
- bool already_seen = False;
+ bool already_seen = false;
for (dir_ace = dir_acl->acelist;
dir_ace != NULL;
dir_ace = dir_ace->next) {
if (!same_principal(ace, dir_ace))
continue;
- already_seen = True;
+ already_seen = true;
break;
}
if (!already_seen)
@@ -702,23 +705,23 @@ static bool mappable_sid(const struct dom_sid *sid)
struct dom_sid domain_sid;
if (dom_sid_compare(sid, &global_sid_Builtin_Administrators) == 0)
- return True;
+ return true;
if (dom_sid_compare(sid, &global_sid_World) == 0)
- return True;
+ return true;
if (dom_sid_compare(sid, &global_sid_Authenticated_Users) == 0)
- return True;
+ return true;
if (dom_sid_compare(sid, &global_sid_Builtin_Backup_Operators) == 0)
- return True;
+ return true;
string_to_sid(&domain_sid, "S-1-5-21");
if (sid_compare_domain(sid, &domain_sid) == 0)
- return True;
+ return true;
- return False;
+ return false;
}
static bool nt_to_afs_acl(const char *filename,
@@ -735,10 +738,10 @@ static bool nt_to_afs_acl(const char *filename,
if (((security_info_sent & SECINFO_DACL) == 0) ||
(psd->dacl == NULL))
- return True;
+ return true;
if (!init_afs_acl(afs_acl))
- return False;
+ return false;
dacl = psd->dacl;
@@ -750,7 +753,7 @@ static bool nt_to_afs_acl(const char *filename,
if (ace->type != SEC_ACE_TYPE_ACCESS_ALLOWED) {
/* First cut: Only positive ACEs */
- return False;
+ return false;
}
if (!mappable_sid(&ace->trustee)) {
@@ -798,7 +801,7 @@ static bool nt_to_afs_acl(const char *filename,
dom_name, lp_winbind_separator(),
name);
--
Samba Shared Repository
More information about the samba-cvs
mailing list