[SCM] Samba Shared Repository - branch v4-2-test updated
Stefan Metzmacher
metze at samba.org
Tue Aug 4 14:08:07 UTC 2015
The branch, v4-2-test has been updated
via 98ac8fc s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup.
via f90c55b lib: replace: Add strsep function (missing on Solaris).
from 20fba40 s3-auth: Fix a possible null pointer dereference
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -----------------------------------------------------------------
commit 98ac8fc3d968e392a2b330846aed74baad08fb43
Author: Justin Maggard <jmaggard at netgear.com>
Date: Tue Jul 21 15:17:30 2015 -0700
s3-passdb: Respect LOOKUP_NAME_GROUP flag in sid lookup.
Somewhere along the line, a config line like "valid users = @foo"
broke when "foo" also exists as a user.
user_ok_token() already does the right thing by adding the LOOKUP_NAME_GROUP
flag; but lookup_name() was not respecting that flag, and went ahead and looked
for users anyway.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11320
Signed-off-by: Justin Maggard <jmaggard at netgear.com>
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Marc Muehlfeld <mmuehlfeld at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jul 28 21:35:58 CEST 2015 on sn-devel-104
(cherry picked from commit dc99d451bf23668d73878847219682fced547622)
Autobuild-User(v4-2-test): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(v4-2-test): Tue Aug 4 16:07:21 CEST 2015 on sn-devel-104
commit f90c55b3ce4a1e2055be8731be677975d595dbe5
Author: Jeremy Allison <jra at samba.org>
Date: Wed Jul 15 10:43:56 2015 -0700
lib: replace: Add strsep function (missing on Solaris).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11359
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Ira Cooper <ira at wakeful.net>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Wed Jul 29 02:24:55 CEST 2015 on sn-devel-104
(cherry picked from commit f07b746ad3f3ee2fcbb65a0d452ed80f07c9e8f9)
-----------------------------------------------------------------------
Summary of changes:
lib/replace/replace.c | 20 ++++++++++++++++++++
lib/replace/replace.h | 5 +++++
lib/replace/wscript | 4 ++--
source3/passdb/lookup_sid.c | 4 ++--
source3/passdb/lookup_sid.h | 2 +-
5 files changed, 30 insertions(+), 5 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 2a9ca3e..604ecfb 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -467,6 +467,26 @@ char *rep_strcasestr(const char *haystack, const char *needle)
}
#endif
+#ifndef HAVE_STRSEP
+char *rep_strsep(char **pps, const char *delim)
+{
+ char *ret = *pps;
+ char *p = *pps;
+
+ if (p == NULL) {
+ return NULL;
+ }
+ p += strcspn(p, delim);
+ if (*p == '\0') {
+ *pps = NULL;
+ } else {
+ *p = '\0';
+ *pps = p + 1;
+ }
+ return ret;
+}
+#endif
+
#ifndef HAVE_STRTOK_R
/* based on GLIBC version, copyright Free Software Foundation */
char *rep_strtok_r(char *s, const char *delim, char **save_ptr)
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index 3ff4e36..c764d06 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -349,6 +349,11 @@ void rep_setlinebuf(FILE *);
char *rep_strcasestr(const char *haystack, const char *needle);
#endif
+#ifndef HAVE_STRSEP
+#define strsep rep_strsep
+char *rep_strsep(char **pps, const char *delim);
+#endif
+
#ifndef HAVE_STRTOK_R
#define strtok_r rep_strtok_r
char *rep_strtok_r(char *s, const char *delim, char **save_ptr);
diff --git a/lib/replace/wscript b/lib/replace/wscript
index a8182e3..7014642 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -239,7 +239,7 @@ def configure(conf):
conf.CHECK_FUNCS('lstat getpgrp utime utimes setuid seteuid setreuid setresuid setgid setegid')
conf.CHECK_FUNCS('setregid setresgid chroot strerror vsyslog setlinebuf mktime')
conf.CHECK_FUNCS('ftruncate chsize rename waitpid wait4')
- conf.CHECK_FUNCS('initgroups pread pwrite strndup strcasestr')
+ conf.CHECK_FUNCS('initgroups pread pwrite strndup strcasestr strsep')
conf.CHECK_FUNCS('strtok_r mkdtemp dup2 dprintf vdprintf isatty chown lchown')
conf.CHECK_FUNCS('link readlink symlink realpath snprintf vsnprintf')
conf.CHECK_FUNCS('asprintf vasprintf setenv unsetenv strnlen strtoull __strtoull')
@@ -629,7 +629,7 @@ REPLACEMENT_FUNCTIONS = {
'memmove', 'strdup', 'setlinebuf', 'vsyslog', 'strnlen',
'strndup', 'waitpid', 'seteuid', 'setegid', 'chroot',
'mkstemp', 'mkdtemp', 'pread', 'pwrite', 'strcasestr',
- 'strtok_r', 'strtoll', 'strtoull', 'setenv', 'unsetenv',
+ 'strsep', 'strtok_r', 'strtoll', 'strtoull', 'setenv', 'unsetenv',
'utime', 'utimes', 'dup2', 'chown', 'link', 'readlink',
'symlink', 'lchown', 'realpath', 'memmem', 'vdprintf',
'dprintf', 'get_current_dir_name',
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index fe07bea..714061e 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -120,7 +120,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
goto ok;
}
- if (((flags & LOOKUP_NAME_NO_NSS) == 0)
+ if (((flags & (LOOKUP_NAME_NO_NSS|LOOKUP_NAME_GROUP)) == 0)
&& strequal(domain, unix_users_domain_name())) {
if (lookup_unix_user_name(name, &sid)) {
type = SID_NAME_USER;
@@ -293,7 +293,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
/* 11. Ok, windows would end here. Samba has two more options:
Unmapped users and unmapped groups */
- if (((flags & LOOKUP_NAME_NO_NSS) == 0)
+ if (((flags & (LOOKUP_NAME_NO_NSS|LOOKUP_NAME_GROUP)) == 0)
&& lookup_unix_user_name(name, &sid)) {
domain = talloc_strdup(tmp_ctx, unix_users_domain_name());
type = SID_NAME_USER;
diff --git a/source3/passdb/lookup_sid.h b/source3/passdb/lookup_sid.h
index 872f4ef..8b5edf6 100644
--- a/source3/passdb/lookup_sid.h
+++ b/source3/passdb/lookup_sid.h
@@ -31,7 +31,7 @@ struct unixid;
#define LOOKUP_NAME_NONE 0x00000000
#define LOOKUP_NAME_ISOLATED 0x00000001 /* Look up unqualified names */
#define LOOKUP_NAME_REMOTE 0x00000002 /* Ask others */
-#define LOOKUP_NAME_GROUP 0x00000004 /* (unused) This is a NASTY hack for
+#define LOOKUP_NAME_GROUP 0x00000004 /* This is a NASTY hack for
valid users = @foo where foo also
exists in as user. */
#define LOOKUP_NAME_NO_NSS 0x00000008 /* no NSS calls to avoid
--
Samba Shared Repository
More information about the samba-cvs
mailing list