[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Apr 18 14:26:03 MDT 2014
The branch, master has been updated
via c0651a3 vfs_gpfs: Avoid warnings in developer build
via aa79989 s4-auth: Make the auth_winbind_wbclient use more correct code now in auth/wbc_auth_util.c
via b7b5a1f auth: Move wbcAuthUserInfo_to_netr_SamInfo3 to the top level
from 60db710 s3-libads: allow ads_try_connect() to re-use a resolved ip address.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c0651a32fcfd078d8835dccd97738295181edd36
Author: Christof Schmitt <cs at samba.org>
Date: Thu Apr 17 13:43:53 2014 -0700
vfs_gpfs: Avoid warnings in developer build
Remove an unused variable and use discard_const_p.
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Apr 18 22:25:25 CEST 2014 on sn-devel-104
commit aa799895086fa9482bff4684ed1d98f9fceb200c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Mar 28 10:56:02 2014 +1300
s4-auth: Make the auth_winbind_wbclient use more correct code now in auth/wbc_auth_util.c
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit b7b5a1f5bd993cbc3a2c45a7714f67ff412e9489
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Mar 28 10:41:46 2014 +1300
auth: Move wbcAuthUserInfo_to_netr_SamInfo3 to the top level
This allows auth_winbind in source4 to use this more correct conversion routine.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/wbc_auth_util.c | 225 ++++++++++++++++++++++++++++++++++++++
auth/wscript_build | 2 +-
source3/auth/proto.h | 2 -
source3/auth/server_info.c | 190 --------------------------------
source3/modules/vfs_gpfs.c | 9 +-
source4/auth/ntlm/auth_winbind.c | 94 ++---------------
6 files changed, 238 insertions(+), 284 deletions(-)
create mode 100644 auth/wbc_auth_util.c
Changeset truncated at 500 lines:
diff --git a/auth/wbc_auth_util.c b/auth/wbc_auth_util.c
new file mode 100644
index 0000000..ebd24a9
--- /dev/null
+++ b/auth/wbc_auth_util.c
@@ -0,0 +1,225 @@
+/*
+ Unix SMB/CIFS implementation.
+ Authentication utility functions
+ Copyright (C) Volker Lendecke 2010
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "libcli/security/security.h"
+#include "librpc/gen_ndr/netlogon.h"
+#include "nsswitch/libwbclient/wbclient.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_AUTH
+
+static NTSTATUS wbcsids_to_samr_RidWithAttributeArray(
+ TALLOC_CTX *mem_ctx,
+ struct samr_RidWithAttributeArray *groups,
+ const struct dom_sid *domain_sid,
+ const struct wbcSidWithAttr *sids,
+ size_t num_sids)
+{
+ unsigned int i, j = 0;
+ bool ok;
+
+ groups->rids = talloc_array(mem_ctx,
+ struct samr_RidWithAttribute, num_sids);
+ if (!groups->rids) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ /* a wbcDomainSid is the same as a dom_sid */
+ for (i = 0; i < num_sids; i++) {
+ ok = sid_peek_check_rid(domain_sid,
+ (const struct dom_sid *)&sids[i].sid,
+ &groups->rids[j].rid);
+ if (!ok) continue;
+
+ groups->rids[j].attributes = SE_GROUP_MANDATORY |
+ SE_GROUP_ENABLED_BY_DEFAULT |
+ SE_GROUP_ENABLED;
+ j++;
+ }
+
+ groups->count = j;
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS wbcsids_to_netr_SidAttrArray(
+ const struct dom_sid *domain_sid,
+ const struct wbcSidWithAttr *sids,
+ size_t num_sids,
+ TALLOC_CTX *mem_ctx,
+ struct netr_SidAttr **_info3_sids,
+ uint32_t *info3_num_sids)
+{
+ unsigned int i, j = 0;
+ struct netr_SidAttr *info3_sids;
+
+ info3_sids = talloc_array(mem_ctx, struct netr_SidAttr, num_sids);
+ if (info3_sids == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ /* a wbcDomainSid is the same as a dom_sid */
+ for (i = 0; i < num_sids; i++) {
+ const struct dom_sid *sid;
+
+ sid = (const struct dom_sid *)&sids[i].sid;
+
+ if (dom_sid_in_domain(domain_sid, sid)) {
+ continue;
+ }
+
+ info3_sids[j].sid = dom_sid_dup(info3_sids, sid);
+ if (info3_sids[j].sid == NULL) {
+ talloc_free(info3_sids);
+ return NT_STATUS_NO_MEMORY;
+ }
+ info3_sids[j].attributes = SE_GROUP_MANDATORY |
+ SE_GROUP_ENABLED_BY_DEFAULT |
+ SE_GROUP_ENABLED;
+ j++;
+ }
+
+ *info3_num_sids = j;
+ *_info3_sids = info3_sids;
+ return NT_STATUS_OK;
+}
+
+#undef RET_NOMEM
+
+#define RET_NOMEM(ptr) do { \
+ if (!ptr) { \
+ TALLOC_FREE(info3); \
+ return NULL; \
+ } } while(0)
+
+struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx,
+ const struct wbcAuthUserInfo *info)
+{
+ struct netr_SamInfo3 *info3;
+ struct dom_sid user_sid;
+ struct dom_sid group_sid;
+ struct dom_sid domain_sid;
+ NTSTATUS status;
+ bool ok;
+
+ memcpy(&user_sid, &info->sids[0].sid, sizeof(user_sid));
+ memcpy(&group_sid, &info->sids[1].sid, sizeof(group_sid));
+
+ info3 = talloc_zero(mem_ctx, struct netr_SamInfo3);
+ if (!info3) return NULL;
+
+ unix_to_nt_time(&info3->base.logon_time, info->logon_time);
+ unix_to_nt_time(&info3->base.logoff_time, info->logoff_time);
+ unix_to_nt_time(&info3->base.kickoff_time, info->kickoff_time);
+ unix_to_nt_time(&info3->base.last_password_change, info->pass_last_set_time);
+ unix_to_nt_time(&info3->base.allow_password_change,
+ info->pass_can_change_time);
+ unix_to_nt_time(&info3->base.force_password_change,
+ info->pass_must_change_time);
+
+ if (info->account_name) {
+ info3->base.account_name.string =
+ talloc_strdup(info3, info->account_name);
+ RET_NOMEM(info3->base.account_name.string);
+ }
+ if (info->full_name) {
+ info3->base.full_name.string =
+ talloc_strdup(info3, info->full_name);
+ RET_NOMEM(info3->base.full_name.string);
+ }
+ if (info->logon_script) {
+ info3->base.logon_script.string =
+ talloc_strdup(info3, info->logon_script);
+ RET_NOMEM(info3->base.logon_script.string);
+ }
+ if (info->profile_path) {
+ info3->base.profile_path.string =
+ talloc_strdup(info3, info->profile_path);
+ RET_NOMEM(info3->base.profile_path.string);
+ }
+ if (info->home_directory) {
+ info3->base.home_directory.string =
+ talloc_strdup(info3, info->home_directory);
+ RET_NOMEM(info3->base.home_directory.string);
+ }
+ if (info->home_drive) {
+ info3->base.home_drive.string =
+ talloc_strdup(info3, info->home_drive);
+ RET_NOMEM(info3->base.home_drive.string);
+ }
+
+ info3->base.logon_count = info->logon_count;
+ info3->base.bad_password_count = info->bad_password_count;
+
+ sid_copy(&domain_sid, &user_sid);
+ sid_split_rid(&domain_sid, &info3->base.rid);
+
+ ok = sid_peek_check_rid(&domain_sid, &group_sid,
+ &info3->base.primary_gid);
+ if (!ok) {
+ DEBUG(1, ("The primary group sid domain does not"
+ "match user sid domain for user: %s\n",
+ info->account_name));
+ TALLOC_FREE(info3);
+ return NULL;
+ }
+
+ status = wbcsids_to_samr_RidWithAttributeArray(info3,
+ &info3->base.groups,
+ &domain_sid,
+ &info->sids[1],
+ info->num_sids - 1);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(info3);
+ return NULL;
+ }
+
+ status = wbcsids_to_netr_SidAttrArray(&domain_sid,
+ &info->sids[1],
+ info->num_sids - 1,
+ info3,
+ &info3->sids,
+ &info3->sidcount);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(info3);
+ return NULL;
+ }
+
+ info3->base.user_flags = info->user_flags;
+ memcpy(info3->base.key.key, info->user_session_key, 16);
+
+ if (info->logon_server) {
+ info3->base.logon_server.string =
+ talloc_strdup(info3, info->logon_server);
+ RET_NOMEM(info3->base.logon_server.string);
+ }
+ if (info->domain_name) {
+ info3->base.logon_domain.string =
+ talloc_strdup(info3, info->domain_name);
+ RET_NOMEM(info3->base.logon_domain.string);
+ }
+
+ info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
+ RET_NOMEM(info3->base.domain_sid);
+
+ memcpy(info3->base.LMSessKey.key, info->lm_session_key, 8);
+ info3->base.acct_flags = info->acct_flags;
+
+ return info3;
+}
diff --git a/auth/wscript_build b/auth/wscript_build
index 57f1270..a61bc37 100644
--- a/auth/wscript_build
+++ b/auth/wscript_build
@@ -1,7 +1,7 @@
#!/usr/bin/env python
bld.SAMBA_LIBRARY('auth_sam_reply',
- source='auth_sam_reply.c',
+ source='auth_sam_reply.c wbc_auth_util.c',
deps='talloc samba-security samba-util',
autoproto='auth_sam_reply.h',
private_library=True
diff --git a/source3/auth/proto.h b/source3/auth/proto.h
index 6ce3aa7..9e11a0c 100644
--- a/source3/auth/proto.h
+++ b/source3/auth/proto.h
@@ -305,8 +305,6 @@ NTSTATUS passwd_to_SamInfo3(TALLOC_CTX *mem_ctx,
struct netr_SamInfo3 **pinfo3);
struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
struct netr_SamInfo3 *orig);
-struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx,
- const struct wbcAuthUserInfo *info);
/* The following definitions come from auth/auth_wbc.c */
diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index c363f44..df0be54 100644
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -612,193 +612,3 @@ struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx,
return info3;
}
-static NTSTATUS wbcsids_to_samr_RidWithAttributeArray(
- TALLOC_CTX *mem_ctx,
- struct samr_RidWithAttributeArray *groups,
- const struct dom_sid *domain_sid,
- const struct wbcSidWithAttr *sids,
- size_t num_sids)
-{
- unsigned int i, j = 0;
- bool ok;
-
- groups->rids = talloc_array(mem_ctx,
- struct samr_RidWithAttribute, num_sids);
- if (!groups->rids) {
- return NT_STATUS_NO_MEMORY;
- }
-
- /* a wbcDomainSid is the same as a dom_sid */
- for (i = 0; i < num_sids; i++) {
- ok = sid_peek_check_rid(domain_sid,
- (const struct dom_sid *)&sids[i].sid,
- &groups->rids[j].rid);
- if (!ok) continue;
-
- groups->rids[j].attributes = SE_GROUP_MANDATORY |
- SE_GROUP_ENABLED_BY_DEFAULT |
- SE_GROUP_ENABLED;
- j++;
- }
-
- groups->count = j;
- return NT_STATUS_OK;
-}
-
-static NTSTATUS wbcsids_to_netr_SidAttrArray(
- const struct dom_sid *domain_sid,
- const struct wbcSidWithAttr *sids,
- size_t num_sids,
- TALLOC_CTX *mem_ctx,
- struct netr_SidAttr **_info3_sids,
- uint32_t *info3_num_sids)
-{
- unsigned int i, j = 0;
- struct netr_SidAttr *info3_sids;
-
- info3_sids = talloc_array(mem_ctx, struct netr_SidAttr, num_sids);
- if (info3_sids == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-
- /* a wbcDomainSid is the same as a dom_sid */
- for (i = 0; i < num_sids; i++) {
- const struct dom_sid *sid;
-
- sid = (const struct dom_sid *)&sids[i].sid;
-
- if (dom_sid_in_domain(domain_sid, sid)) {
- continue;
- }
-
- info3_sids[j].sid = dom_sid_dup(info3_sids, sid);
- if (info3_sids[j].sid == NULL) {
- talloc_free(info3_sids);
- return NT_STATUS_NO_MEMORY;
- }
- info3_sids[j].attributes = SE_GROUP_MANDATORY |
- SE_GROUP_ENABLED_BY_DEFAULT |
- SE_GROUP_ENABLED;
- j++;
- }
-
- *info3_num_sids = j;
- *_info3_sids = info3_sids;
- return NT_STATUS_OK;
-}
-
-struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx,
- const struct wbcAuthUserInfo *info)
-{
- struct netr_SamInfo3 *info3;
- struct dom_sid user_sid;
- struct dom_sid group_sid;
- struct dom_sid domain_sid;
- NTSTATUS status;
- bool ok;
-
- memcpy(&user_sid, &info->sids[0].sid, sizeof(user_sid));
- memcpy(&group_sid, &info->sids[1].sid, sizeof(group_sid));
-
- info3 = talloc_zero(mem_ctx, struct netr_SamInfo3);
- if (!info3) return NULL;
-
- unix_to_nt_time(&info3->base.logon_time, info->logon_time);
- unix_to_nt_time(&info3->base.logoff_time, info->logoff_time);
- unix_to_nt_time(&info3->base.kickoff_time, info->kickoff_time);
- unix_to_nt_time(&info3->base.last_password_change, info->pass_last_set_time);
- unix_to_nt_time(&info3->base.allow_password_change,
- info->pass_can_change_time);
- unix_to_nt_time(&info3->base.force_password_change,
- info->pass_must_change_time);
-
- if (info->account_name) {
- info3->base.account_name.string =
- talloc_strdup(info3, info->account_name);
- RET_NOMEM(info3->base.account_name.string);
- }
- if (info->full_name) {
- info3->base.full_name.string =
- talloc_strdup(info3, info->full_name);
- RET_NOMEM(info3->base.full_name.string);
- }
- if (info->logon_script) {
- info3->base.logon_script.string =
- talloc_strdup(info3, info->logon_script);
- RET_NOMEM(info3->base.logon_script.string);
- }
- if (info->profile_path) {
- info3->base.profile_path.string =
- talloc_strdup(info3, info->profile_path);
- RET_NOMEM(info3->base.profile_path.string);
- }
- if (info->home_directory) {
- info3->base.home_directory.string =
- talloc_strdup(info3, info->home_directory);
- RET_NOMEM(info3->base.home_directory.string);
- }
- if (info->home_drive) {
- info3->base.home_drive.string =
- talloc_strdup(info3, info->home_drive);
- RET_NOMEM(info3->base.home_drive.string);
- }
-
- info3->base.logon_count = info->logon_count;
- info3->base.bad_password_count = info->bad_password_count;
-
- sid_copy(&domain_sid, &user_sid);
- sid_split_rid(&domain_sid, &info3->base.rid);
-
- ok = sid_peek_check_rid(&domain_sid, &group_sid,
- &info3->base.primary_gid);
- if (!ok) {
- DEBUG(1, ("The primary group sid domain does not"
- "match user sid domain for user: %s\n",
- info->account_name));
- TALLOC_FREE(info3);
- return NULL;
- }
-
- status = wbcsids_to_samr_RidWithAttributeArray(info3,
- &info3->base.groups,
- &domain_sid,
- &info->sids[1],
- info->num_sids - 1);
- if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(info3);
- return NULL;
- }
-
- status = wbcsids_to_netr_SidAttrArray(&domain_sid,
- &info->sids[1],
- info->num_sids - 1,
- info3,
- &info3->sids,
- &info3->sidcount);
- if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(info3);
- return NULL;
- }
-
- info3->base.user_flags = info->user_flags;
- memcpy(info3->base.key.key, info->user_session_key, 16);
-
- if (info->logon_server) {
- info3->base.logon_server.string =
- talloc_strdup(info3, info->logon_server);
- RET_NOMEM(info3->base.logon_server.string);
- }
- if (info->domain_name) {
- info3->base.logon_domain.string =
- talloc_strdup(info3, info->domain_name);
- RET_NOMEM(info3->base.logon_domain.string);
- }
-
- info3->base.domain_sid = dom_sid_dup(info3, &domain_sid);
- RET_NOMEM(info3->base.domain_sid);
-
- memcpy(info3->base.LMSessKey.key, info->lm_session_key, 8);
- info3->base.acct_flags = info->acct_flags;
-
- return info3;
-}
diff --git a/source3/modules/vfs_gpfs.c b/source3/modules/vfs_gpfs.c
index edbc885..a56af8f 100644
--- a/source3/modules/vfs_gpfs.c
+++ b/source3/modules/vfs_gpfs.c
@@ -327,7 +327,7 @@ again:
*len = size;
errno = 0;
- ret = smbd_gpfs_getacl((char *)fname, flags, aclbuf);
+ ret = smbd_gpfs_getacl(discard_const_p(char, fname), flags, aclbuf);
if ((ret != 0) && (errno == ENOSPC)) {
/*
* get the size needed to accommodate the complete buffer
@@ -1127,7 +1127,8 @@ static int gpfsacl_sys_acl_set_file(vfs_handle_struct *handle,
return -1;
}
- result = smbd_gpfs_putacl((char *)name, GPFS_PUTACL_STRUCT | GPFS_ACL_SAMBA, gpfs_acl);
+ result = smbd_gpfs_putacl(discard_const_p(char, name),
+ GPFS_PUTACL_STRUCT|GPFS_ACL_SAMBA, gpfs_acl);
SAFE_FREE(gpfs_acl);
return result;
@@ -1217,7 +1218,6 @@ static int gpfsacl_emu_chmod(vfs_handle_struct *handle,
files_struct fake_fsp; /* TODO: rationalize parametrization */
SMB4ACE_T *smbace;
TALLOC_CTX *frame = talloc_stackframe();
- NTSTATUS status;
DEBUG(10, ("gpfsacl_emu_chmod invoked for %s mode %o\n", path, mode));
@@ -1358,7 +1358,6 @@ static int gpfs_set_xattr(struct vfs_handle_struct *handle, const char *path,
struct xattr_DOSATTRIB dosattrib;
enum ndr_err_code ndr_err;
DATA_BLOB blob;
- const char *attrstr = value;
unsigned int dosmode=0;
struct gpfs_winattr attrs;
int ret = 0;
@@ -1381,7 +1380,7 @@ static int gpfs_set_xattr(struct vfs_handle_struct *handle, const char *path,
return SMB_VFS_NEXT_SETXATTR(handle,path,name,value,size,flags);
}
- blob.data = (uint8_t *)attrstr;
+ blob.data = discard_const_p(uint8_t, value);
--
Samba Shared Repository
More information about the samba-cvs
mailing list