[SCM] Samba Shared Repository - branch master updated

Uri Simchoni uri at samba.org
Wed Dec 28 23:06:04 UTC 2016


The branch, master has been updated
       via  2e1dc95 idmap4: Use sid_check_is_in_unix_groups()
       via  e06a342 idmap4: Use sid_check_is_in_unix_users()
       via  166e23d lib: Avoid an includes.h
       via  c66f57d lib: Add required prerequisites for librpc/gen_ndr/security.h
       via  24f0878 passdb: Move lookup_unix_[user|group]_name to lookup_sid.c
       via  c5b9c58 lib: Add lib/util_unixsids.h
       via  6830a6a idmap4: Slightly simplify idmap_xid_to_sid
       via  2146df2 idmap4: Fix error path memleaks in idmap_init
       via  f39ed43 idmap4: Fix idmap_ctx talloc hierarchy
      from  3660c76 ctdb-takeover: Clean up when exiting on error

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 2e1dc952f0505154f649c04da4b2194f433a6cbe
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Dec 27 13:08:58 2016 +0000

    idmap4: Use sid_check_is_in_unix_groups()
    
    This avoids the need for the special unix groups sid
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>
    
    Autobuild-User(master): Uri Simchoni <uri at samba.org>
    Autobuild-Date(master): Thu Dec 29 00:05:25 CET 2016 on sn-devel-144

commit e06a342f80bf75863d0c0f057c19aeab2bcb3c29
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Dec 27 13:08:58 2016 +0000

    idmap4: Use sid_check_is_in_unix_users()
    
    This avoids the need for the special unix users sid
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>

commit 166e23d98b90a814450164eb363bbbcbad0a2163
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Dec 27 13:05:49 2016 +0000

    lib: Avoid an includes.h
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>

commit c66f57d1de9bb95b61e7208c7c13900ec98ce643
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Dec 27 13:04:57 2016 +0000

    lib: Add required prerequisites for librpc/gen_ndr/security.h
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>

commit 24f08784a3a577699895f95d087dd5be085d032a
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Dec 27 12:57:23 2016 +0000

    passdb: Move lookup_unix_[user|group]_name to lookup_sid.c
    
    This is the only user and reduces the dependencies of util_unixsids.c
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>

commit c5b9c58032e4daba49e1119001bab9c93a0c2c77
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Dec 27 12:52:00 2016 +0000

    lib: Add lib/util_unixsids.h
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>

commit 6830a6a35026664a70f012dce973a9805c85b82d
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Dec 27 12:32:13 2016 +0000

    idmap4: Slightly simplify idmap_xid_to_sid
    
    No need to parse "S-1-22-1", we have global_sid_Unix_Users
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>

commit 2146df24d86eff3cbe6ca713db3bee546f2c7de7
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Dec 27 12:21:09 2016 +0000

    idmap4: Fix error path memleaks in idmap_init
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>

commit f39ed433dc6393e82e82ad734a79473abe01ee75
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Dec 27 12:19:54 2016 +0000

    idmap4: Fix idmap_ctx talloc hierarchy
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Uri Simchoni <uri at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 libcli/security/security.h                         |  3 ++
 source3/auth/auth_util.c                           |  1 +
 source3/auth/server_info.c                         |  1 +
 source3/auth/token_util.c                          |  1 +
 source3/include/proto.h                            | 13 -------
 source3/lib/util_sid_passdb.c                      |  1 +
 source3/lib/util_unixsids.c                        | 40 ++--------------------
 .../winbindd_async.c => lib/util_unixsids.h}       | 32 +++++++++--------
 ...passdb-0.25.0.sigs => samba-passdb-0.26.0.sigs} |  2 --
 source3/passdb/lookup_sid.c                        | 36 +++++++++++++++++++
 source3/winbindd/wb_lookupsids.c                   |  1 +
 source3/winbindd/winbindd_samr.c                   |  1 +
 source3/winbindd/winbindd_util.c                   |  1 +
 source3/wscript_build                              |  2 +-
 source4/winbind/idmap.c                            | 35 +++++++------------
 source4/winbind/idmap.h                            |  2 --
 16 files changed, 79 insertions(+), 93 deletions(-)
 copy source3/{winbindd/winbindd_async.c => lib/util_unixsids.h} (54%)
 copy source3/passdb/ABI/{samba-passdb-0.25.0.sigs => samba-passdb-0.26.0.sigs} (99%)


Changeset truncated at 500 lines:

diff --git a/libcli/security/security.h b/libcli/security/security.h
index 6e4b172..4df18eb 100644
--- a/libcli/security/security.h
+++ b/libcli/security/security.h
@@ -20,6 +20,9 @@
 #ifndef _LIBCLI_SECURITY_SECURITY_H_
 #define _LIBCLI_SECURITY_SECURITY_H_
 
+#include "lib/util/data_blob.h"
+#include "lib/util/time.h"
+
 #include "librpc/gen_ndr/security.h"
 
 #define PRIMARY_USER_SID_INDEX 0
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 2da2896..25f27e8 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -23,6 +23,7 @@
 
 #include "includes.h"
 #include "auth.h"
+#include "lib/util_unixsids.h"
 #include "../libcli/auth/libcli_auth.h"
 #include "../lib/crypto/arcfour.h"
 #include "rpc_client/init_lsa.h"
diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index d2b7823..8461d20 100644
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -19,6 +19,7 @@
 
 #include "includes.h"
 #include "auth.h"
+#include "lib/util_unixsids.h"
 #include "../lib/crypto/arcfour.h"
 #include "../librpc/gen_ndr/netlogon.h"
 #include "../libcli/security/security.h"
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 375905a..77b63e4 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -25,6 +25,7 @@
 /* functions moved from auth/auth_util.c to minimize linker deps */
 
 #include "includes.h"
+#include "lib/util_unixsids.h"
 #include "system/passwd.h"
 #include "auth.h"
 #include "secrets.h"
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 53a2d6a..4535a14 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1104,19 +1104,6 @@ bool lookup_wellknown_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
 bool lookup_wellknown_name(TALLOC_CTX *mem_ctx, const char *name,
 			   struct dom_sid *sid, const char **domain);
 
-/* The following definitions come from lib/util_unixsids.c  */
-
-bool sid_check_is_unix_users(const struct dom_sid *sid);
-bool sid_check_is_in_unix_users(const struct dom_sid *sid);
-void uid_to_unix_users_sid(uid_t uid, struct dom_sid *sid);
-void gid_to_unix_groups_sid(gid_t gid, struct dom_sid *sid);
-const char *unix_users_domain_name(void);
-bool lookup_unix_user_name(const char *name, struct dom_sid *sid);
-bool sid_check_is_unix_groups(const struct dom_sid *sid);
-bool sid_check_is_in_unix_groups(const struct dom_sid *sid);
-const char *unix_groups_domain_name(void);
-bool lookup_unix_group_name(const char *name, struct dom_sid *sid);
-
 /* The following definitions come from lib/util_specialsids.c  */
 bool sid_check_is_asserted_identity(const struct dom_sid *sid);
 bool sid_check_is_in_asserted_identity(const struct dom_sid *sid);
diff --git a/source3/lib/util_sid_passdb.c b/source3/lib/util_sid_passdb.c
index 0ff64cc..e67a27d 100644
--- a/source3/lib/util_sid_passdb.c
+++ b/source3/lib/util_sid_passdb.c
@@ -20,6 +20,7 @@
 
 #include "includes.h"
 #include "lib/util_sid_passdb.h"
+#include "lib/util_unixsids.h"
 #include "passdb/machine_sid.h"
 #include "passdb.h"
 
diff --git a/source3/lib/util_unixsids.c b/source3/lib/util_unixsids.c
index 4a38c57..387232c 100644
--- a/source3/lib/util_unixsids.c
+++ b/source3/lib/util_unixsids.c
@@ -17,10 +17,9 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#include "includes.h"
-#include "system/passwd.h"
+#include "replace.h"
+#include "util_unixsids.h"
 #include "../libcli/security/security.h"
-#include "../lib/util/util_pw.h"
 
 bool sid_check_is_unix_users(const struct dom_sid *sid)
 {
@@ -60,25 +59,6 @@ const char *unix_users_domain_name(void)
 	return "Unix User";
 }
 
-bool lookup_unix_user_name(const char *name, struct dom_sid *sid)
-{
-	struct passwd *pwd;
-	bool ret;
-
-	pwd = Get_Pwnam_alloc(talloc_tos(), name);
-	if (pwd == NULL) {
-		return False;
-	}
-
-	/*
-	 * For 64-bit uid's we have enough space in the whole SID,
-	 * should they become necessary
-	 */
-	ret = sid_compose(sid, &global_sid_Unix_Users, pwd->pw_uid);
-	TALLOC_FREE(pwd);
-	return ret;
-}
-
 bool sid_check_is_unix_groups(const struct dom_sid *sid)
 {
 	return dom_sid_equal(sid, &global_sid_Unix_Groups);
@@ -98,19 +78,3 @@ const char *unix_groups_domain_name(void)
 {
 	return "Unix Group";
 }
-
-bool lookup_unix_group_name(const char *name, struct dom_sid *sid)
-{
-	struct group *grp;
-
-	grp = getgrnam(name);
-	if (grp == NULL) {
-		return False;
-	}
-
-	/*
-	 * For 64-bit gid's we have enough space in the whole SID,
-	 * should they become necessary
-	 */
-	return sid_compose(sid, &global_sid_Unix_Groups, grp->gr_gid);
-}
diff --git a/source3/winbindd/winbindd_async.c b/source3/lib/util_unixsids.h
similarity index 54%
copy from source3/winbindd/winbindd_async.c
copy to source3/lib/util_unixsids.h
index 75dfa0e..b90a746 100644
--- a/source3/winbindd/winbindd_async.c
+++ b/source3/lib/util_unixsids.h
@@ -1,10 +1,7 @@
-/* 
+/*
    Unix SMB/CIFS implementation.
-
-   Async helpers for blocking functions
-
+   Translate unix-defined names to SIDs and vice versa
    Copyright (C) Volker Lendecke 2005
-   Copyright (C) Gerald Carter 2006
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -20,15 +17,20 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#include "includes.h"
-#include "winbindd.h"
-#include "../libcli/security/security.h"
+#ifndef __UTIL_UNIXSIDS_H__
+#define __UTIL_UNIXSIDS_H__
+
+#include "replace.h"
+
+struct dom_sid;
 
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_WINBIND
+bool sid_check_is_unix_users(const struct dom_sid *sid);
+bool sid_check_is_in_unix_users(const struct dom_sid *sid);
+void uid_to_unix_users_sid(uid_t uid, struct dom_sid *sid);
+void gid_to_unix_groups_sid(gid_t gid, struct dom_sid *sid);
+const char *unix_users_domain_name(void);
+bool sid_check_is_unix_groups(const struct dom_sid *sid);
+bool sid_check_is_in_unix_groups(const struct dom_sid *sid);
+const char *unix_groups_domain_name(void);
 
-enum winbindd_result winbindd_dual_ping(struct winbindd_domain *domain,
-					struct winbindd_cli_state *state)
-{
-	return WINBINDD_OK;
-}
+#endif
diff --git a/source3/passdb/ABI/samba-passdb-0.25.0.sigs b/source3/passdb/ABI/samba-passdb-0.26.0.sigs
similarity index 99%
copy from source3/passdb/ABI/samba-passdb-0.25.0.sigs
copy to source3/passdb/ABI/samba-passdb-0.26.0.sigs
index 546374c..f3762e5 100644
--- a/source3/passdb/ABI/samba-passdb-0.25.0.sigs
+++ b/source3/passdb/ABI/samba-passdb-0.26.0.sigs
@@ -56,8 +56,6 @@ lookup_name: bool (TALLOC_CTX *, const char *, int, const char **, const char **
 lookup_name_smbconf: bool (TALLOC_CTX *, const char *, int, const char **, const char **, struct dom_sid *, enum lsa_SidType *)
 lookup_sid: bool (TALLOC_CTX *, const struct dom_sid *, const char **, const char **, enum lsa_SidType *)
 lookup_sids: NTSTATUS (TALLOC_CTX *, int, const struct dom_sid **, int, struct lsa_dom_info **, struct lsa_name_info **)
-lookup_unix_group_name: bool (const char *, struct dom_sid *)
-lookup_unix_user_name: bool (const char *, struct dom_sid *)
 lookup_wellknown_name: bool (TALLOC_CTX *, const char *, struct dom_sid *, const char **)
 lookup_wellknown_sid: bool (TALLOC_CTX *, const struct dom_sid *, const char **, const char **)
 make_pdb_method: NTSTATUS (struct pdb_methods **)
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index 110bdd3..b06dd1b 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -21,6 +21,7 @@
 
 #include "includes.h"
 #include "passdb.h"
+#include "lib/util_unixsids.h"
 #include "../librpc/gen_ndr/ndr_security.h"
 #include "secrets.h"
 #include "../lib/util/memcache.h"
@@ -29,6 +30,41 @@
 #include "lib/winbind_util.h"
 #include "../librpc/gen_ndr/idmap.h"
 
+static bool lookup_unix_user_name(const char *name, struct dom_sid *sid)
+{
+	struct passwd *pwd;
+	bool ret;
+
+	pwd = Get_Pwnam_alloc(talloc_tos(), name);
+	if (pwd == NULL) {
+		return False;
+	}
+
+	/*
+	 * For 64-bit uid's we have enough space in the whole SID,
+	 * should they become necessary
+	 */
+	ret = sid_compose(sid, &global_sid_Unix_Users, pwd->pw_uid);
+	TALLOC_FREE(pwd);
+	return ret;
+}
+
+static bool lookup_unix_group_name(const char *name, struct dom_sid *sid)
+{
+	struct group *grp;
+
+	grp = getgrnam(name);
+	if (grp == NULL) {
+		return False;
+	}
+
+	/*
+	 * For 64-bit gid's we have enough space in the whole SID,
+	 * should they become necessary
+	 */
+	return sid_compose(sid, &global_sid_Unix_Groups, grp->gr_gid);
+}
+
 /*****************************************************************
  Dissect a user-provided name into domain, name, sid and type.
 
diff --git a/source3/winbindd/wb_lookupsids.c b/source3/winbindd/wb_lookupsids.c
index 2480547..a4bcbad 100644
--- a/source3/winbindd/wb_lookupsids.c
+++ b/source3/winbindd/wb_lookupsids.c
@@ -19,6 +19,7 @@
 
 #include "includes.h"
 #include "winbindd.h"
+#include "lib/util_unixsids.h"
 #include "librpc/gen_ndr/ndr_winbind_c.h"
 #include "../libcli/security/security.h"
 #include "passdb/machine_sid.h"
diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c
index 3d0914a..dce26d2 100644
--- a/source3/winbindd/winbindd_samr.c
+++ b/source3/winbindd/winbindd_samr.c
@@ -26,6 +26,7 @@
 #include "includes.h"
 #include "winbindd.h"
 #include "winbindd_rpc.h"
+#include "lib/util_unixsids.h"
 #include "rpc_client/rpc_client.h"
 #include "../librpc/gen_ndr/ndr_samr_c.h"
 #include "rpc_client/cli_samr.h"
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 38e4b8b..c98b3ef 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -22,6 +22,7 @@
 
 #include "includes.h"
 #include "winbindd.h"
+#include "lib/util_unixsids.h"
 #include "secrets.h"
 #include "../libcli/security/security.h"
 #include "../libcli/auth/pam_errors.h"
diff --git a/source3/wscript_build b/source3/wscript_build
index d45a440..815a540 100755
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -168,7 +168,7 @@ bld.SAMBA3_LIBRARY('samba-passdb',
                                   ''',
                    abi_match=private_pdb_match,
                    abi_directory='passdb/ABI',
-                   vnum='0.25.0')
+                   vnum='0.26.0')
 
 bld.SAMBA3_SUBSYSTEM('pdb',
                    source='''
diff --git a/source4/winbind/idmap.c b/source4/winbind/idmap.c
index 26a4664..edeb724 100644
--- a/source4/winbind/idmap.c
+++ b/source4/winbind/idmap.c
@@ -23,6 +23,7 @@
 #include "includes.h"
 #include "auth/auth.h"
 #include "librpc/gen_ndr/ndr_security.h"
+#include "lib/util_unixsids.h"
 #include <ldb.h>
 #include "ldb_wrap.h"
 #include "param/param.h"
@@ -166,31 +167,24 @@ struct idmap_context *idmap_init(TALLOC_CTX *mem_ctx,
 
 	idmap_ctx->lp_ctx = lp_ctx;
 
-	idmap_ctx->ldb_ctx = ldb_wrap_connect(mem_ctx, ev_ctx, lp_ctx,
+	idmap_ctx->ldb_ctx = ldb_wrap_connect(idmap_ctx, ev_ctx, lp_ctx,
 					      "idmap.ldb",
 					      system_session(lp_ctx),
 					      NULL, 0);
 	if (idmap_ctx->ldb_ctx == NULL) {
-		return NULL;
-	}
-
-	idmap_ctx->unix_groups_sid = dom_sid_parse_talloc(mem_ctx, "S-1-22-2");
-	if (idmap_ctx->unix_groups_sid == NULL) {
-		return NULL;
+		goto fail;
 	}
 
-	idmap_ctx->unix_users_sid = dom_sid_parse_talloc(mem_ctx, "S-1-22-1");
-	if (idmap_ctx->unix_users_sid == NULL) {
-		return NULL;
-	}
-	
 	idmap_ctx->samdb = samdb_connect(idmap_ctx, ev_ctx, lp_ctx, system_session(lp_ctx), 0);
 	if (idmap_ctx->samdb == NULL) {
 		DEBUG(0, ("Failed to load sam.ldb in idmap_init\n"));
-		return NULL;
+		goto fail;
 	}
 
 	return idmap_ctx;
+fail:
+	TALLOC_FREE(idmap_ctx);
+	return NULL;
 }
 
 /**
@@ -216,7 +210,8 @@ static NTSTATUS idmap_xid_to_sid(struct idmap_context *idmap_ctx,
 	struct ldb_context *ldb = idmap_ctx->ldb_ctx;
 	struct ldb_result *res = NULL;
 	struct ldb_message *msg;
-	struct dom_sid *unix_sid, *new_sid;
+	const struct dom_sid *unix_sid;
+	struct dom_sid *new_sid;
 	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
 	const char *id_type;
 
@@ -354,13 +349,9 @@ static NTSTATUS idmap_xid_to_sid(struct idmap_context *idmap_ctx,
 
 	/* For local users/groups , we just create a rid = uid/gid */
 	if (unixid->type == ID_TYPE_UID) {
-		unix_sid = dom_sid_parse_talloc(tmp_ctx, "S-1-22-1");
+		unix_sid = &global_sid_Unix_Users;
 	} else {
-		unix_sid = dom_sid_parse_talloc(tmp_ctx, "S-1-22-2");
-	}
-	if (unix_sid == NULL) {
-		status = NT_STATUS_NO_MEMORY;
-		goto failed;
+		unix_sid = &global_sid_Unix_Groups;
 	}
 
 	new_sid = dom_sid_add_rid(mem_ctx, unix_sid, unixid->id);
@@ -410,7 +401,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
 	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
 	const char *sam_attrs[] = {"uidNumber", "gidNumber", "samAccountType", NULL};
 
-	if (dom_sid_in_domain(idmap_ctx->unix_users_sid, sid)) {
+	if (sid_check_is_in_unix_users(sid)) {
 		uint32_t rid;
 		DEBUG(6, ("This is a local unix uid, just calculate that.\n"));
 		status = dom_sid_split_rid(tmp_ctx, sid, NULL, &rid);
@@ -426,7 +417,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
 		return NT_STATUS_OK;
 	}
 
-	if (dom_sid_in_domain(idmap_ctx->unix_groups_sid, sid)) {
+	if (sid_check_is_in_unix_groups(sid)) {
 		uint32_t rid;
 		DEBUG(6, ("This is a local unix gid, just calculate that.\n"));
 		status = dom_sid_split_rid(tmp_ctx, sid, NULL, &rid);
diff --git a/source4/winbind/idmap.h b/source4/winbind/idmap.h
index 676955c..04770c3 100644
--- a/source4/winbind/idmap.h
+++ b/source4/winbind/idmap.h
@@ -27,8 +27,6 @@
 struct idmap_context {
 	struct loadparm_context *lp_ctx;
 	struct ldb_context *ldb_ctx;
-	struct dom_sid *unix_groups_sid;
-	struct dom_sid *unix_users_sid;
 	struct ldb_context *samdb;
 };
 


-- 
Samba Shared Repository



More information about the samba-cvs mailing list