[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Thu Apr 17 09:13:03 MDT 2014
The branch, master has been updated
via a0d314d lib: Remove socket wrapper python module.
via d1ee35d dns.py: Use the python socket module.
via 0ed826d selftest: Preload socket_wrapper.
via 0028819 lib: Change socket_wrapper to preloadable version.
via d407446 Remove special socket_wrapper code.
via a9c1d5b replace: Add socket_wrapper_enabled().
via 5de011b s4-torture: Remove socket_wrapper testsuite.
via 5d7609c selftest: Disable loading ldb modules with RTLD_DEEPBIND.
via 11e87cd ldb: Add a env variable to disable RTLD_DEEPBIND.
via 4dca841 s3-libads: Use ldap_initialize() if available.
via 2522bb8 selftest: Rename WINBINDD_SOCKET_DIR environment variable.
via c29fb2e wbclient: Check with nss_wrapper_enabled().
via 354744f selftest: Write the nss_wrapper hosts file.
via 3381784 selftest: Set NSS_WRAPPER_MODULE variables for NSS module.
via a573441 selftest: Add the user running the test to passwd.
via d24a154 selftest: Preload nss_wrapper
via 5bb410f lib: Change nss_wrapper to preloadable version.
via b2163f2 Remove special nss_wrapper code
via f95e868 s4-torture: Remove nss_wrapper testsuite.
via 115a80d replace: Add nss_wrapper_hosts_enabled().
via 30860e0 replace: Add nss_wrapper_enabled().
via 1a46269 lib: Add missing include for unistd.h in unix_privs.
via 68c450a lib: Add missing include for unistd.h in setid.
via 6118c2e s3: Use root_mode() to get uid_wrapper working correctly.
via 15feb84 s3-lib: Add root_mode() which can deal with uid_wrapper.
via 486fa4a libwbclient: Handle uid_wrapper for pipe access.
via 28b87dd s4-ntfs: Improve uid check in wrapper mode.
via d2a7ce9 s3-utils: Do not disable the root check in smbpasswd.
via 363f76c testprogs: Fix tests calling smbpasswd.
via 77b7dfd selftest: Call smbpasswd as root.
via d1c53eb selftest: Enable uid_wrapper globally.
via 9feeeb3 selftest: Pass uid_wrapper library to selftest and preload it.
via 751b2b2 Remove uid_wrapper related code.
via 6d23354 lib: Change uid_wrapper to preloadable version.
via f318a44 replace: Add uid_wrapper_enabled().
via ad3a431 wafsamba: Add set_target to CHECK_BUNDLED_SYSTEM.
via c6a8edb selftest: Add a bash env file you can source.
from 5adacb4 s3: use smb_xmemdup instead of smb_memdup and smb_panic
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a0d314dfcee650ac62adf9aae22b04c52663d81e
Author: Andreas Schneider <asn at samba.org>
Date: Thu Feb 13 15:55:30 2014 +0100
lib: Remove socket wrapper python module.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Thu Apr 17 17:12:50 CEST 2014 on sn-devel-104
commit d1ee35dc3623ef6e2a7a7c38e1653b85f50e6ba3
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jul 5 12:07:49 2013 +0200
dns.py: Use the python socket module.
We preload socket_wrapper, no need to use the special module.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 0ed826d5087f05993f74cfa280bf1abed14ab161
Author: Andreas Schneider <asn at samba.org>
Date: Thu Feb 13 15:49:27 2014 +0100
selftest: Preload socket_wrapper.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 00288191bf343a9382ac49ccf4c86b3bde86e2f8
Author: Andreas Schneider <asn at samba.org>
Date: Mon Apr 7 16:12:21 2014 +0200
lib: Change socket_wrapper to preloadable version.
This imports socket_wrapper 1.0.1.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit d407446ddc3dfa02c56e517d87238444f1c9b51b
Author: Andreas Schneider <asn at samba.org>
Date: Mon Apr 7 16:09:00 2014 +0200
Remove special socket_wrapper code.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit a9c1d5bd636c5d87a0e165361038671cead58550
Author: Andreas Schneider <asn at samba.org>
Date: Wed Feb 12 16:24:26 2014 +0100
replace: Add socket_wrapper_enabled().
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 5de011be3f0ebb527678d681573f4def8335f6d4
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 3 14:17:00 2013 +0200
s4-torture: Remove socket_wrapper testsuite.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 5d7609cd789ceac98f1543d22c40201dde71f7a1
Author: Andreas Schneider <asn at samba.org>
Date: Tue Mar 4 13:52:52 2014 +0100
selftest: Disable loading ldb modules with RTLD_DEEPBIND.
This is needed in order to allow the ldb_*ldap module
to work with a preloaded socket wrapper.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 11e87cdbb694cf542f3b7633326005abd49e43f1
Author: Andreas Schneider <asn at samba.org>
Date: Tue Mar 4 13:50:41 2014 +0100
ldb: Add a env variable to disable RTLD_DEEPBIND.
We need a way to disable this in order to allow the
ldb_*ldap modules to work with a preloaded socket wrapper.
The only known user is the bind_dlz module,
but symbol versioniong might be enough...
So in future we may remove this completely
or at least invert the default behavior.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 4dca841d51dc1f11d62d86a31d8545dbfdcf7798
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 3 14:26:49 2013 +0200
s3-libads: Use ldap_initialize() if available.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 2522bb80902d2e7677a25a85fa597022f20f1147
Author: Andreas Schneider <asn at samba.org>
Date: Thu Feb 20 10:34:49 2014 +0100
selftest: Rename WINBINDD_SOCKET_DIR environment variable.
It is very confusing if the env var uses the same name as the define in
the source code. So prefix it with SELFTEST.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit c29fb2e6157c90e7f0c6b37e9923152d999e76dc
Author: Andreas Schneider <asn at samba.org>
Date: Thu Feb 13 15:53:29 2014 +0100
wbclient: Check with nss_wrapper_enabled().
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 354744f6e8e03b3552d19d8223c821d37b25e7fa
Author: Andreas Schneider <asn at samba.org>
Date: Thu Jun 27 16:12:47 2013 +0200
selftest: Write the nss_wrapper hosts file.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 338178469010139e4d97fab0fd96d123cfdc2510
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jun 12 15:42:01 2013 +0200
selftest: Set NSS_WRAPPER_MODULE variables for NSS module.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit a573441e735ec3663457f83215baa38986db7051
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 3 14:08:04 2013 +0200
selftest: Add the user running the test to passwd.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit d24a154429864054bd319891f1acd456ff4cbcb1
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 31 16:34:25 2014 +0100
selftest: Preload nss_wrapper
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 5bb410f85312196bb24e62a6a0b8350576433dc6
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 31 15:57:43 2014 +0100
lib: Change nss_wrapper to preloadable version.
This imports nss_wrapper version 1.0.2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit b2163f23c09128ad0d2765a1a4c9a993500b588f
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 3 14:04:57 2013 +0200
Remove special nss_wrapper code
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit f95e86828a33690f7bb22d320d6781f2b749f8e1
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 3 14:07:30 2013 +0200
s4-torture: Remove nss_wrapper testsuite.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 115a80d3812c1bca35e6e126c067885e53302dcd
Author: Andreas Schneider <asn at samba.org>
Date: Tue Apr 8 10:07:14 2014 +0200
replace: Add nss_wrapper_hosts_enabled().
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 30860e0d0e2ed996238a6413b71b5fd899342754
Author: Andreas Schneider <asn at samba.org>
Date: Mon Apr 7 16:32:20 2014 +0200
replace: Add nss_wrapper_enabled().
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 1a46269599c3eb80be68b30b70fbef1fa4e0c5cc
Author: Andreas Schneider <asn at samba.org>
Date: Mon Apr 7 16:29:21 2014 +0200
lib: Add missing include for unistd.h in unix_privs.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 68c450a42321c6c6ac69b6e9605a847d756b9427
Author: Andreas Schneider <asn at samba.org>
Date: Mon Apr 7 16:27:22 2014 +0200
lib: Add missing include for unistd.h in setid.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 6118c2ec2c3770e10fd3683c3a0b07ad43a8a10b
Author: Andreas Schneider <asn at samba.org>
Date: Wed Nov 6 17:43:19 2013 +0100
s3: Use root_mode() to get uid_wrapper working correctly.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 15feb84273c65dbe2d3f502861c7f520c46dc9d3
Author: Andreas Schneider <asn at samba.org>
Date: Wed Nov 6 18:00:31 2013 +0100
s3-lib: Add root_mode() which can deal with uid_wrapper.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 486fa4a134a79e0a25091efc749ccc131dc18f69
Author: Andreas Schneider <asn at samba.org>
Date: Mon Sep 9 16:28:18 2013 +0200
libwbclient: Handle uid_wrapper for pipe access.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 28b87dd75e7292c4c451c753c44a640cbcf5d8cb
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 17 16:06:42 2014 +0100
s4-ntfs: Improve uid check in wrapper mode.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit d2a7ce9d67fbd68b6a2ffb4a3501cc82870a7b1d
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 2 15:42:29 2014 +0200
s3-utils: Do not disable the root check in smbpasswd.
We will run uid_wrapper as root so that this succeeds.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 363f76c30504ca18cbce56f5b2ed5bcb2ce41412
Author: Andreas Schneider <asn at samba.org>
Date: Mon Jul 29 13:50:06 2013 +0200
testprogs: Fix tests calling smbpasswd.
smbpasswd has a check that it is root so make sure we start with
uid_wrapper being root!
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 77b7dfd37b4833cd7a5a953744decf406ac94db0
Author: Andreas Schneider <asn at samba.org>
Date: Wed Apr 2 15:41:34 2014 +0200
selftest: Call smbpasswd as root.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit d1c53ebf4c34cd982dce9d0eaa141920a062adba
Author: Andreas Schneider <asn at samba.org>
Date: Thu Apr 3 10:42:30 2014 +0200
selftest: Enable uid_wrapper globally.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 9feeeb369b913debc41a0c57ac1cd1f6fbdf9b72
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 3 12:55:29 2013 +0200
selftest: Pass uid_wrapper library to selftest and preload it.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 751b2b2d2a8b66cd447b5aed4531a8fc6cfab256
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 3 12:52:52 2013 +0200
Remove uid_wrapper related code.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 6d23354f72a487741177dd83c561a1bb72fa6412
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 17 14:43:01 2014 +0100
lib: Change uid_wrapper to preloadable version.
This imports version 1.0.1 of uid_wrapper.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit f318a44ec79da33a8972da9822c9ac3e4b39acff
Author: Andreas Schneider <asn at samba.org>
Date: Fri Jan 17 15:23:54 2014 +0100
replace: Add uid_wrapper_enabled().
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit ad3a4316705245891d9a66c50817a26a41ac016f
Author: Andreas Schneider <asn at samba.org>
Date: Mon Jan 20 12:37:44 2014 +0100
wafsamba: Add set_target to CHECK_BUNDLED_SYSTEM.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit c6a8edb4a71d2abbe2c7bc151237e37572876653
Author: Andreas Schneider <asn at samba.org>
Date: Sat Feb 15 16:53:46 2014 +0100
selftest: Add a bash env file you can source.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
buildtools/wafsamba/samba_bundled.py | 8 +-
configure.developer | 2 -
lib/ldb/common/ldb_modules.c | 25 +-
lib/nss_wrapper/nss_wrapper.c | 2744 +++++++++++++++++++++++++-----
lib/nss_wrapper/nss_wrapper.h | 171 --
lib/nss_wrapper/testsuite.c | 958 -----------
lib/nss_wrapper/wscript | 111 ++-
lib/nss_wrapper/wscript_build | 10 -
lib/replace/{socket.c => cwrap.c} | 27 +-
lib/replace/getifaddrs.c | 2 -
lib/replace/replace.h | 5 +
lib/replace/system/filesys.h | 11 -
lib/replace/system/network.h | 20 -
lib/replace/system/passwd.h | 23 -
lib/replace/wscript | 4 +-
lib/socket_wrapper/py_socket_wrapper.c | 879 ----------
lib/socket_wrapper/socket.py | 50 -
lib/socket_wrapper/socket_wrapper.c | 2028 +++++++++++++++++++----
lib/socket_wrapper/socket_wrapper.h | 177 --
lib/socket_wrapper/testsuite.c | 106 --
lib/socket_wrapper/wscript | 86 +-
lib/socket_wrapper/wscript_build | 22 -
lib/uid_wrapper/uid_wrapper.c | 1215 ++++++++++++--
lib/uid_wrapper/uid_wrapper.h | 101 --
lib/uid_wrapper/wscript | 64 +-
lib/uid_wrapper/wscript_build | 10 -
lib/util/setid.c | 47 +-
lib/util/unix_privs.c | 5 +
lib/util/util.c | 4 +-
lib/util/wscript_build | 2 +-
nsswitch/libwbclient/wbc_pam.c | 1 -
nsswitch/pam_winbind.c | 2 -
nsswitch/wb_common.c | 49 +-
nsswitch/winbind_nss_config.h | 9 -
nsswitch/winbind_struct_protocol.h | 7 -
nsswitch/wscript_build | 2 +-
python/samba/tests/dns.py | 2 +-
selftest/devel_env.sh | 11 +
selftest/selftest.pl | 60 +-
selftest/target/Samba3.pm | 51 +-
selftest/target/Samba4.pm | 24 +-
selftest/wscript | 4 +
source3/include/proto.h | 1 +
source3/lib/util_sec.c | 20 +
source3/libads/ldap.c | 57 +-
source3/libsmb/smb_share_modes.c | 1 -
source3/registry/reg_dispatcher.c | 2 +-
source3/rpc_server/rpc_handles.c | 2 +-
source3/rpc_server/samr/srv_samr_nt.c | 4 +-
source3/rpc_server/srv_access_check.c | 2 +-
source3/selftest/tests.py | 2 +-
source3/torture/wbc_async.c | 12 +-
source3/utils/smbpasswd.c | 2 -
source4/heimdal_build/wscript_build | 6 +-
source4/libcli/wbclient/wbclient.c | 2 +-
source4/ntvfs/posix/pvfs_acl.c | 22 +-
source4/scripting/devel/selftest-vars.sh | 2 +-
source4/torture/local/local.c | 6 -
source4/torture/local/wscript_build | 8 -
testprogs/blackbox/test_passwords.sh | 3 +
testprogs/blackbox/test_pdbtest.sh | 3 +
wscript | 3 -
62 files changed, 5665 insertions(+), 3634 deletions(-)
delete mode 100644 lib/nss_wrapper/nss_wrapper.h
delete mode 100644 lib/nss_wrapper/testsuite.c
delete mode 100644 lib/nss_wrapper/wscript_build
copy lib/replace/{socket.c => cwrap.c} (69%)
delete mode 100644 lib/socket_wrapper/py_socket_wrapper.c
delete mode 100644 lib/socket_wrapper/socket.py
delete mode 100644 lib/socket_wrapper/socket_wrapper.h
delete mode 100644 lib/socket_wrapper/testsuite.c
delete mode 100644 lib/socket_wrapper/wscript_build
delete mode 100644 lib/uid_wrapper/uid_wrapper.h
delete mode 100644 lib/uid_wrapper/wscript_build
create mode 100644 selftest/devel_env.sh
Changeset truncated at 500 lines:
diff --git a/buildtools/wafsamba/samba_bundled.py b/buildtools/wafsamba/samba_bundled.py
index 23a0f09..45946d5 100644
--- a/buildtools/wafsamba/samba_bundled.py
+++ b/buildtools/wafsamba/samba_bundled.py
@@ -122,7 +122,7 @@ def CHECK_BUNDLED_SYSTEM_PKG(conf, libname, minversion='0.0.0',
def CHECK_BUNDLED_SYSTEM(conf, libname, minversion='0.0.0',
checkfunctions=None, headers=None, checkcode=None,
onlyif=None, implied_deps=None,
- require_headers=True, pkg=None):
+ require_headers=True, pkg=None, set_target=True):
'''check if a library is available as a system library.
this first tries via pkg-config, then if that fails
tries by testing for a specified function in the specified lib
@@ -180,7 +180,8 @@ def CHECK_BUNDLED_SYSTEM(conf, libname, minversion='0.0.0',
args='"%s >= %s" --cflags --libs' % (pkg, minversion),
msg=msg, uselib_store=uselib_store) and
check_functions_headers_code()):
- conf.SET_TARGET_TYPE(libname, 'SYSLIB')
+ if set_target:
+ conf.SET_TARGET_TYPE(libname, 'SYSLIB')
conf.env[found] = True
if implied_deps:
conf.SET_SYSLIB_DEPS(libname, implied_deps)
@@ -190,7 +191,8 @@ def CHECK_BUNDLED_SYSTEM(conf, libname, minversion='0.0.0',
conf.env[found] = True
if implied_deps:
conf.SET_SYSLIB_DEPS(libname, implied_deps)
- conf.SET_TARGET_TYPE(libname, 'SYSLIB')
+ if set_target:
+ conf.SET_TARGET_TYPE(libname, 'SYSLIB')
return True
conf.env[found] = False
if not conf.LIB_MAY_BE_BUNDLED(libname):
diff --git a/configure.developer b/configure.developer
index 5033670..68616e5 100755
--- a/configure.developer
+++ b/configure.developer
@@ -1,6 +1,4 @@
#!/bin/sh
`dirname $0`/configure -C \
--enable-developer \
- --enable-socket-wrapper \
- --enable-nss-wrapper \
"$@"
diff --git a/lib/ldb/common/ldb_modules.c b/lib/ldb/common/ldb_modules.c
index a39b12d..05a8d8a 100644
--- a/lib/ldb/common/ldb_modules.c
+++ b/lib/ldb/common/ldb_modules.c
@@ -901,6 +901,7 @@ static int ldb_modules_load_path(const char *path, const char *version)
} *loaded;
struct loaded *le;
int dlopen_flags;
+ bool deepbind_enabled = (getenv("LDB_MODULES_DISABLE_DEEPBIND") == NULL);
ret = stat(path, &st);
if (ret != 0) {
@@ -934,13 +935,25 @@ static int ldb_modules_load_path(const char *path, const char *version)
dlopen_flags = RTLD_NOW;
#ifdef RTLD_DEEPBIND
- /* use deepbind if possible, to avoid issues with different
- system library varients, for example ldb modules may be linked
- against Heimdal while the application may use MIT kerberos
-
- See the dlopen manpage for details
+ /*
+ * use deepbind if possible, to avoid issues with different
+ * system library varients, for example ldb modules may be linked
+ * against Heimdal while the application may use MIT kerberos.
+ *
+ * See the dlopen manpage for details.
+ *
+ * One typical user is the bind_dlz module of Samba,
+ * but symbol versioniong might be enough...
+ *
+ * We need a way to disable this in order to allow the
+ * ldb_*ldap modules to work with a preloaded socket wrapper.
+ *
+ * So in future we may remove this completely
+ * or at least invert the default behavior.
*/
- dlopen_flags |= RTLD_DEEPBIND;
+ if (deepbind_enabled) {
+ dlopen_flags |= RTLD_DEEPBIND;
+ }
#endif
handle = dlopen(path, dlopen_flags);
diff --git a/lib/nss_wrapper/nss_wrapper.c b/lib/nss_wrapper/nss_wrapper.c
index 8767fbf..7c5a413 100644
--- a/lib/nss_wrapper/nss_wrapper.c
+++ b/lib/nss_wrapper/nss_wrapper.c
@@ -1,6 +1,7 @@
/*
* Copyright (C) Stefan Metzmacher 2007 <metze at samba.org>
* Copyright (C) Guenther Deschner 2009 <gd at samba.org>
+ * Copyright (C) Andreas Schneider 2013 <asn at samba.org>
*
* All rights reserved.
*
@@ -32,120 +33,229 @@
* SUCH DAMAGE.
*/
-#ifdef _SAMBA_BUILD_
+#include "config.h"
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <stdarg.h>
+#include <stdbool.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <ctype.h>
-/* defining this gives us the posix getpwnam_r() calls on solaris
- Thanks to heimdal for this */
+/*
+ * Defining _POSIX_PTHREAD_SEMANTICS before including pwd.h and grp.h gives us
+ * the posix getpwnam_r(), getpwuid_r(), getgrnam_r and getgrgid_r calls on
+ * Solaris
+ */
#ifndef _POSIX_PTHREAD_SEMANTICS
#define _POSIX_PTHREAD_SEMANTICS
#endif
-#define NSS_WRAPPER_NOT_REPLACE
-#include "../replace/replace.h"
-#include "system/passwd.h"
-#include "system/filesys.h"
-#include "../nsswitch/nsstest.h"
+#include <pwd.h>
+#include <grp.h>
+
+#include <netdb.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+
+#include <dlfcn.h>
-#else /* _SAMBA_BUILD_ */
+#if defined(HAVE_NSS_H)
+/* Linux and BSD */
+#include <nss.h>
-#error nss_wrapper_only_supported_in_samba_yet
+typedef enum nss_status NSS_STATUS;
+#elif defined(HAVE_NSS_COMMON_H)
+/* Solaris */
+#include <nss_common.h>
+#include <nss_dbdefs.h>
+#include <nsswitch.h>
+
+typedef nss_status_t NSS_STATUS;
+
+# define NSS_STATUS_SUCCESS NSS_SUCCESS
+# define NSS_STATUS_NOTFOUND NSS_NOTFOUND
+# define NSS_STATUS_UNAVAIL NSS_UNAVAIL
+# define NSS_STATUS_TRYAGAIN NSS_TRYAGAIN
+#else
+# error "No nsswitch support detected"
+#endif
+#ifndef PTR_DIFF
+#define PTR_DIFF(p1, p2) ((ptrdiff_t)(((const char *)(p1)) - (const char *)(p2)))
#endif
#ifndef _PUBLIC_
#define _PUBLIC_
#endif
-/* not all systems have _r functions... */
-#ifndef HAVE_GETPWNAM_R
-#define getpwnam_r(name, pwdst, buf, buflen, pwdstp) ENOSYS
-#endif
-#ifndef HAVE_GETPWUID_R
-#define getpwuid_r(uid, pwdst, buf, buflen, pwdstp) ENOSYS
+#ifndef EAI_NODATA
+#define EAI_NODATA EAI_NONAME
#endif
-#ifndef HAVE_GETPWENT_R
-#define getpwent_r(pwdst, buf, buflen, pwdstp) ENOSYS
+
+#ifndef EAI_ADDRFAMILY
+#define EAI_ADDRFAMILY EAI_FAMILY
#endif
-#ifndef HAVE_GETGRNAM_R
-#define getgrnam_r(name, grdst, buf, buflen, grdstp) ENOSYS
+
+#ifndef __STRING
+#define __STRING(x) #x
#endif
-#ifndef HAVE_GETGRGID_R
-#define getgrgid_r(gid, grdst, buf, buflen, grdstp) ENOSYS
+
+#ifndef __STRINGSTRING
+#define __STRINGSTRING(x) __STRING(x)
#endif
-#ifndef HAVE_GETGRENT_R
-#define getgrent_r(grdst, buf, buflen, grdstp) ENOSYS
+
+#ifndef __LINESTR__
+#define __LINESTR__ __STRINGSTRING(__LINE__)
#endif
-/* not all systems have getgrouplist */
-#ifndef HAVE_GETGROUPLIST
-#define getgrouplist(user, group, groups, ngroups) 0
+#ifndef __location__
+#define __location__ __FILE__ ":" __LINESTR__
#endif
-/* LD_PRELOAD doesn't work yet, so REWRITE_CALLS is all we support
- * for now */
-#define REWRITE_CALLS
+/* GCC have printf type attribute check. */
+#ifdef HAVE_ATTRIBUTE_PRINTF_FORMAT
+#define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
+#else
+#define PRINTF_ATTRIBUTE(a,b)
+#endif /* HAVE_ATTRIBUTE_PRINTF_FORMAT */
-#ifdef REWRITE_CALLS
+#ifdef HAVE_DESTRUCTOR_ATTRIBUTE
+#define DESTRUCTOR_ATTRIBUTE __attribute__ ((destructor))
+#else
+#define DESTRUCTOR_ATTRIBUTE
+#endif /* HAVE_DESTRUCTOR_ATTRIBUTE */
-#define real_getpwnam getpwnam
-#define real_getpwnam_r getpwnam_r
-#define real_getpwuid getpwuid
-#define real_getpwuid_r getpwuid_r
+#define ZERO_STRUCTP(x) do { if ((x) != NULL) memset((char *)(x), 0, sizeof(*(x))); } while(0)
-#define real_setpwent setpwent
-#define real_getpwent getpwent
-#define real_getpwent_r getpwent_r
-#define real_endpwent endpwent
+enum nwrap_dbglvl_e {
+ NWRAP_LOG_ERROR = 0,
+ NWRAP_LOG_WARN,
+ NWRAP_LOG_DEBUG,
+ NWRAP_LOG_TRACE
+};
-/*
-#define real_getgrlst getgrlst
-#define real_getgrlst_r getgrlst_r
-#define real_initgroups_dyn initgroups_dyn
-*/
-#define real_initgroups initgroups
-#define real_getgrouplist getgrouplist
-
-#define real_getgrnam getgrnam
-#define real_getgrnam_r getgrnam_r
-#define real_getgrgid getgrgid
-#define real_getgrgid_r getgrgid_r
-
-#define real_setgrent setgrent
-#define real_getgrent getgrent
-#define real_getgrent_r getgrent_r
-#define real_endgrent endgrent
+#ifdef NDEBUG
+# define NWRAP_LOG(...)
+#else
-#endif
+static void nwrap_log(enum nwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
+# define NWRAP_LOG(dbglvl, ...) nwrap_log((dbglvl), __func__, __VA_ARGS__)
-#if 0
-# ifdef DEBUG
-# define NWRAP_ERROR(args) DEBUG(0, args)
-# else
-# define NWRAP_ERROR(args) printf args
-# endif
+static void nwrap_log(enum nwrap_dbglvl_e dbglvl,
+ const char *func,
+ const char *format, ...)
+{
+ char buffer[1024];
+ va_list va;
+ const char *d;
+ unsigned int lvl = 0;
+ int pid = getpid();
+
+ d = getenv("NSS_WRAPPER_DEBUGLEVEL");
+ if (d != NULL) {
+ lvl = atoi(d);
+ }
+
+ va_start(va, format);
+ vsnprintf(buffer, sizeof(buffer), format, va);
+ va_end(va);
+
+ if (lvl >= dbglvl) {
+ switch (dbglvl) {
+ case NWRAP_LOG_ERROR:
+ fprintf(stderr,
+ "NWRAP_ERROR(%d) - %s: %s\n",
+ pid, func, buffer);
+ break;
+ case NWRAP_LOG_WARN:
+ fprintf(stderr,
+ "NWRAP_WARN(%d) - %s: %s\n",
+ pid, func, buffer);
+ break;
+ case NWRAP_LOG_DEBUG:
+ fprintf(stderr,
+ "NWRAP_DEBUG(%d) - %s: %s\n",
+ pid, func, buffer);
+ break;
+ case NWRAP_LOG_TRACE:
+ fprintf(stderr,
+ "NWRAP_TRACE(%d) - %s: %s\n",
+ pid, func, buffer);
+ break;
+ }
+ }
+}
+#endif /* NDEBUG NWRAP_LOG */
+
+struct nwrap_libc_fns {
+ struct passwd *(*_libc_getpwnam)(const char *name);
+ int (*_libc_getpwnam_r)(const char *name, struct passwd *pwd,
+ char *buf, size_t buflen, struct passwd **result);
+ struct passwd *(*_libc_getpwuid)(uid_t uid);
+ int (*_libc_getpwuid_r)(uid_t uid, struct passwd *pwd, char *buf, size_t buflen, struct passwd **result);
+ void (*_libc_setpwent)(void);
+ struct passwd *(*_libc_getpwent)(void);
+#ifdef HAVE_SOLARIS_GETPWENT_R
+ struct passwd *(*_libc_getpwent_r)(struct passwd *pwbuf, char *buf, size_t buflen);
#else
-#define NWRAP_ERROR(args)
+ int (*_libc_getpwent_r)(struct passwd *pwbuf, char *buf, size_t buflen, struct passwd **pwbufp);
#endif
-
-#if 0
-# ifdef DEBUG
-# define NWRAP_DEBUG(args) DEBUG(0, args)
-# else
-# define NWRAP_DEBUG(args) printf args
-# endif
+ void (*_libc_endpwent)(void);
+ int (*_libc_initgroups)(const char *user, gid_t gid);
+ struct group *(*_libc_getgrnam)(const char *name);
+ int (*_libc_getgrnam_r)(const char *name, struct group *grp, char *buf, size_t buflen, struct group **result);
+ struct group *(*_libc_getgrgid)(gid_t gid);
+ int (*_libc_getgrgid_r)(gid_t gid, struct group *grp, char *buf, size_t buflen, struct group **result);
+ void (*_libc_setgrent)(void);
+ struct group *(*_libc_getgrent)(void);
+#ifdef HAVE_SOLARIS_GETGRENT_R
+ struct group *(*_libc_getgrent_r)(struct group *group, char *buf, size_t buflen);
#else
-#define NWRAP_DEBUG(args)
+ int (*_libc_getgrent_r)(struct group *group, char *buf, size_t buflen, struct group **result);
#endif
+ void (*_libc_endgrent)(void);
+ int (*_libc_getgrouplist)(const char *user, gid_t group, gid_t *groups, int *ngroups);
-#if 0
-# ifdef DEBUG
-# define NWRAP_VERBOSE(args) DEBUG(0, args)
-# else
-# define NWRAP_VERBOSE(args) printf args
-# endif
-#else
-#define NWRAP_VERBOSE(args)
+ void (*_libc_sethostent)(int stayopen);
+ struct hostent *(*_libc_gethostent)(void);
+ void (*_libc_endhostent)(void);
+
+ struct hostent *(*_libc_gethostbyname)(const char *name);
+#ifdef HAVE_GETHOSTBYNAME2 /* GNU extension */
+ struct hostent *(*_libc_gethostbyname2)(const char *name, int af);
+#endif
+ struct hostent *(*_libc_gethostbyaddr)(const void *addr, socklen_t len, int type);
+
+ int (*_libc_getaddrinfo)(const char *node, const char *service,
+ const struct addrinfo *hints,
+ struct addrinfo **res);
+ int (*_libc_getnameinfo)(const struct sockaddr *sa, socklen_t salen,
+ char *host, size_t hostlen,
+ char *serv, size_t servlen,
+ int flags);
+ int (*_libc_gethostname)(char *name, size_t len);
+#ifdef HAVE_GETHOSTBYNAME_R
+ int (*_libc_gethostbyname_r)(const char *name,
+ struct hostent *ret,
+ char *buf, size_t buflen,
+ struct hostent **result, int *h_errnop);
+#endif
+#ifdef HAVE_GETHOSTBYADDR_R
+ int (*_libc_gethostbyaddr_r)(const void *addr, socklen_t len, int type,
+ struct hostent *ret,
+ char *buf, size_t buflen,
+ struct hostent **result, int *h_errnop);
#endif
+};
struct nwrap_module_nss_fns {
NSS_STATUS (*_nss_getpwnam_r)(const char *name, struct passwd *result, char *buffer,
@@ -213,6 +323,11 @@ struct nwrap_ops {
void (*nw_endgrent)(struct nwrap_backend *b);
};
+/* Public prototypes */
+
+bool nss_wrapper_enabled(void);
+bool nss_wrapper_hosts_enabled(void);
+
/* prototypes for files backend */
@@ -328,10 +443,18 @@ struct nwrap_ops nwrap_module_ops = {
.nw_endgrent = nwrap_module_endgrent,
};
+struct nwrap_libc {
+ void *handle;
+ void *nsl_handle;
+ void *sock_handle;
+ struct nwrap_libc_fns *fns;
+};
+
struct nwrap_main {
const char *nwrap_switch;
int num_backends;
struct nwrap_backend *backends;
+ struct nwrap_libc *libc;
};
struct nwrap_main *nwrap_main_global;
@@ -372,8 +495,550 @@ struct nwrap_gr {
struct nwrap_cache __nwrap_cache_gr;
struct nwrap_gr nwrap_gr_global;
+static bool nwrap_he_parse_line(struct nwrap_cache *nwrap, char *line);
+static void nwrap_he_unload(struct nwrap_cache *nwrap);
+
+struct nwrap_addrdata {
+ unsigned char host_addr[16]; /* IPv4 or IPv6 address */
+ char *h_addr_ptrs[2]; /* host_addr pointer + NULL */
+};
+
+struct nwrap_entdata {
+ struct nwrap_addrdata *addr;
+ struct hostent ht;
+};
+
+struct nwrap_he {
+ struct nwrap_cache *cache;
+
+ struct nwrap_entdata *list;
+ int num;
+ int idx;
+};
+
+struct nwrap_cache __nwrap_cache_he;
+struct nwrap_he nwrap_he_global;
+
+
+/*********************************************************
+ * NWRAP PROTOTYPES
+ *********************************************************/
+
+static void nwrap_init(void);
static bool nwrap_gr_parse_line(struct nwrap_cache *nwrap, char *line);
static void nwrap_gr_unload(struct nwrap_cache *nwrap);
+void nwrap_destructor(void) DESTRUCTOR_ATTRIBUTE;
+
+/*********************************************************
+ * NWRAP LIBC LOADER FUNCTIONS
+ *********************************************************/
+
+enum nwrap_lib {
+ NWRAP_LIBC,
+ NWRAP_LIBNSL,
+ NWRAP_LIBSOCKET,
+};
+
+#ifndef NDEBUG
+static const char *nwrap_str_lib(enum nwrap_lib lib)
+{
+ switch (lib) {
+ case NWRAP_LIBC:
+ return "libc";
+ case NWRAP_LIBNSL:
+ return "libnsl";
+ case NWRAP_LIBSOCKET:
+ return "libsocket";
+ }
--
Samba Shared Repository
More information about the samba-cvs
mailing list