[SCM] Samba Shared Repository - branch master updated
Uri Simchoni
uri at samba.org
Wed Dec 28 23:06:04 UTC 2016
The branch, master has been updated
via 2e1dc95 idmap4: Use sid_check_is_in_unix_groups()
via e06a342 idmap4: Use sid_check_is_in_unix_users()
via 166e23d lib: Avoid an includes.h
via c66f57d lib: Add required prerequisites for librpc/gen_ndr/security.h
via 24f0878 passdb: Move lookup_unix_[user|group]_name to lookup_sid.c
via c5b9c58 lib: Add lib/util_unixsids.h
via 6830a6a idmap4: Slightly simplify idmap_xid_to_sid
via 2146df2 idmap4: Fix error path memleaks in idmap_init
via f39ed43 idmap4: Fix idmap_ctx talloc hierarchy
from 3660c76 ctdb-takeover: Clean up when exiting on error
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 2e1dc952f0505154f649c04da4b2194f433a6cbe
Author: Volker Lendecke <vl at samba.org>
Date: Tue Dec 27 13:08:58 2016 +0000
idmap4: Use sid_check_is_in_unix_groups()
This avoids the need for the special unix groups sid
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
Autobuild-User(master): Uri Simchoni <uri at samba.org>
Autobuild-Date(master): Thu Dec 29 00:05:25 CET 2016 on sn-devel-144
commit e06a342f80bf75863d0c0f057c19aeab2bcb3c29
Author: Volker Lendecke <vl at samba.org>
Date: Tue Dec 27 13:08:58 2016 +0000
idmap4: Use sid_check_is_in_unix_users()
This avoids the need for the special unix users sid
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
commit 166e23d98b90a814450164eb363bbbcbad0a2163
Author: Volker Lendecke <vl at samba.org>
Date: Tue Dec 27 13:05:49 2016 +0000
lib: Avoid an includes.h
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
commit c66f57d1de9bb95b61e7208c7c13900ec98ce643
Author: Volker Lendecke <vl at samba.org>
Date: Tue Dec 27 13:04:57 2016 +0000
lib: Add required prerequisites for librpc/gen_ndr/security.h
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
commit 24f08784a3a577699895f95d087dd5be085d032a
Author: Volker Lendecke <vl at samba.org>
Date: Tue Dec 27 12:57:23 2016 +0000
passdb: Move lookup_unix_[user|group]_name to lookup_sid.c
This is the only user and reduces the dependencies of util_unixsids.c
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
commit c5b9c58032e4daba49e1119001bab9c93a0c2c77
Author: Volker Lendecke <vl at samba.org>
Date: Tue Dec 27 12:52:00 2016 +0000
lib: Add lib/util_unixsids.h
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
commit 6830a6a35026664a70f012dce973a9805c85b82d
Author: Volker Lendecke <vl at samba.org>
Date: Tue Dec 27 12:32:13 2016 +0000
idmap4: Slightly simplify idmap_xid_to_sid
No need to parse "S-1-22-1", we have global_sid_Unix_Users
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
commit 2146df24d86eff3cbe6ca713db3bee546f2c7de7
Author: Volker Lendecke <vl at samba.org>
Date: Tue Dec 27 12:21:09 2016 +0000
idmap4: Fix error path memleaks in idmap_init
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
commit f39ed433dc6393e82e82ad734a79473abe01ee75
Author: Volker Lendecke <vl at samba.org>
Date: Tue Dec 27 12:19:54 2016 +0000
idmap4: Fix idmap_ctx talloc hierarchy
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Uri Simchoni <uri at samba.org>
-----------------------------------------------------------------------
Summary of changes:
libcli/security/security.h | 3 ++
source3/auth/auth_util.c | 1 +
source3/auth/server_info.c | 1 +
source3/auth/token_util.c | 1 +
source3/include/proto.h | 13 -------
source3/lib/util_sid_passdb.c | 1 +
source3/lib/util_unixsids.c | 40 ++--------------------
.../winbindd_async.c => lib/util_unixsids.h} | 32 +++++++++--------
...passdb-0.25.0.sigs => samba-passdb-0.26.0.sigs} | 2 --
source3/passdb/lookup_sid.c | 36 +++++++++++++++++++
source3/winbindd/wb_lookupsids.c | 1 +
source3/winbindd/winbindd_samr.c | 1 +
source3/winbindd/winbindd_util.c | 1 +
source3/wscript_build | 2 +-
source4/winbind/idmap.c | 35 +++++++------------
source4/winbind/idmap.h | 2 --
16 files changed, 79 insertions(+), 93 deletions(-)
copy source3/{winbindd/winbindd_async.c => lib/util_unixsids.h} (54%)
copy source3/passdb/ABI/{samba-passdb-0.25.0.sigs => samba-passdb-0.26.0.sigs} (99%)
Changeset truncated at 500 lines:
diff --git a/libcli/security/security.h b/libcli/security/security.h
index 6e4b172..4df18eb 100644
--- a/libcli/security/security.h
+++ b/libcli/security/security.h
@@ -20,6 +20,9 @@
#ifndef _LIBCLI_SECURITY_SECURITY_H_
#define _LIBCLI_SECURITY_SECURITY_H_
+#include "lib/util/data_blob.h"
+#include "lib/util/time.h"
+
#include "librpc/gen_ndr/security.h"
#define PRIMARY_USER_SID_INDEX 0
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 2da2896..25f27e8 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -23,6 +23,7 @@
#include "includes.h"
#include "auth.h"
+#include "lib/util_unixsids.h"
#include "../libcli/auth/libcli_auth.h"
#include "../lib/crypto/arcfour.h"
#include "rpc_client/init_lsa.h"
diff --git a/source3/auth/server_info.c b/source3/auth/server_info.c
index d2b7823..8461d20 100644
--- a/source3/auth/server_info.c
+++ b/source3/auth/server_info.c
@@ -19,6 +19,7 @@
#include "includes.h"
#include "auth.h"
+#include "lib/util_unixsids.h"
#include "../lib/crypto/arcfour.h"
#include "../librpc/gen_ndr/netlogon.h"
#include "../libcli/security/security.h"
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 375905a..77b63e4 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -25,6 +25,7 @@
/* functions moved from auth/auth_util.c to minimize linker deps */
#include "includes.h"
+#include "lib/util_unixsids.h"
#include "system/passwd.h"
#include "auth.h"
#include "secrets.h"
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 53a2d6a..4535a14 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1104,19 +1104,6 @@ bool lookup_wellknown_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
bool lookup_wellknown_name(TALLOC_CTX *mem_ctx, const char *name,
struct dom_sid *sid, const char **domain);
-/* The following definitions come from lib/util_unixsids.c */
-
-bool sid_check_is_unix_users(const struct dom_sid *sid);
-bool sid_check_is_in_unix_users(const struct dom_sid *sid);
-void uid_to_unix_users_sid(uid_t uid, struct dom_sid *sid);
-void gid_to_unix_groups_sid(gid_t gid, struct dom_sid *sid);
-const char *unix_users_domain_name(void);
-bool lookup_unix_user_name(const char *name, struct dom_sid *sid);
-bool sid_check_is_unix_groups(const struct dom_sid *sid);
-bool sid_check_is_in_unix_groups(const struct dom_sid *sid);
-const char *unix_groups_domain_name(void);
-bool lookup_unix_group_name(const char *name, struct dom_sid *sid);
-
/* The following definitions come from lib/util_specialsids.c */
bool sid_check_is_asserted_identity(const struct dom_sid *sid);
bool sid_check_is_in_asserted_identity(const struct dom_sid *sid);
diff --git a/source3/lib/util_sid_passdb.c b/source3/lib/util_sid_passdb.c
index 0ff64cc..e67a27d 100644
--- a/source3/lib/util_sid_passdb.c
+++ b/source3/lib/util_sid_passdb.c
@@ -20,6 +20,7 @@
#include "includes.h"
#include "lib/util_sid_passdb.h"
+#include "lib/util_unixsids.h"
#include "passdb/machine_sid.h"
#include "passdb.h"
diff --git a/source3/lib/util_unixsids.c b/source3/lib/util_unixsids.c
index 4a38c57..387232c 100644
--- a/source3/lib/util_unixsids.c
+++ b/source3/lib/util_unixsids.c
@@ -17,10 +17,9 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#include "includes.h"
-#include "system/passwd.h"
+#include "replace.h"
+#include "util_unixsids.h"
#include "../libcli/security/security.h"
-#include "../lib/util/util_pw.h"
bool sid_check_is_unix_users(const struct dom_sid *sid)
{
@@ -60,25 +59,6 @@ const char *unix_users_domain_name(void)
return "Unix User";
}
-bool lookup_unix_user_name(const char *name, struct dom_sid *sid)
-{
- struct passwd *pwd;
- bool ret;
-
- pwd = Get_Pwnam_alloc(talloc_tos(), name);
- if (pwd == NULL) {
- return False;
- }
-
- /*
- * For 64-bit uid's we have enough space in the whole SID,
- * should they become necessary
- */
- ret = sid_compose(sid, &global_sid_Unix_Users, pwd->pw_uid);
- TALLOC_FREE(pwd);
- return ret;
-}
-
bool sid_check_is_unix_groups(const struct dom_sid *sid)
{
return dom_sid_equal(sid, &global_sid_Unix_Groups);
@@ -98,19 +78,3 @@ const char *unix_groups_domain_name(void)
{
return "Unix Group";
}
-
-bool lookup_unix_group_name(const char *name, struct dom_sid *sid)
-{
- struct group *grp;
-
- grp = getgrnam(name);
- if (grp == NULL) {
- return False;
- }
-
- /*
- * For 64-bit gid's we have enough space in the whole SID,
- * should they become necessary
- */
- return sid_compose(sid, &global_sid_Unix_Groups, grp->gr_gid);
-}
diff --git a/source3/winbindd/winbindd_async.c b/source3/lib/util_unixsids.h
similarity index 54%
copy from source3/winbindd/winbindd_async.c
copy to source3/lib/util_unixsids.h
index 75dfa0e..b90a746 100644
--- a/source3/winbindd/winbindd_async.c
+++ b/source3/lib/util_unixsids.h
@@ -1,10 +1,7 @@
-/*
+/*
Unix SMB/CIFS implementation.
-
- Async helpers for blocking functions
-
+ Translate unix-defined names to SIDs and vice versa
Copyright (C) Volker Lendecke 2005
- Copyright (C) Gerald Carter 2006
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -20,15 +17,20 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#include "includes.h"
-#include "winbindd.h"
-#include "../libcli/security/security.h"
+#ifndef __UTIL_UNIXSIDS_H__
+#define __UTIL_UNIXSIDS_H__
+
+#include "replace.h"
+
+struct dom_sid;
-#undef DBGC_CLASS
-#define DBGC_CLASS DBGC_WINBIND
+bool sid_check_is_unix_users(const struct dom_sid *sid);
+bool sid_check_is_in_unix_users(const struct dom_sid *sid);
+void uid_to_unix_users_sid(uid_t uid, struct dom_sid *sid);
+void gid_to_unix_groups_sid(gid_t gid, struct dom_sid *sid);
+const char *unix_users_domain_name(void);
+bool sid_check_is_unix_groups(const struct dom_sid *sid);
+bool sid_check_is_in_unix_groups(const struct dom_sid *sid);
+const char *unix_groups_domain_name(void);
-enum winbindd_result winbindd_dual_ping(struct winbindd_domain *domain,
- struct winbindd_cli_state *state)
-{
- return WINBINDD_OK;
-}
+#endif
diff --git a/source3/passdb/ABI/samba-passdb-0.25.0.sigs b/source3/passdb/ABI/samba-passdb-0.26.0.sigs
similarity index 99%
copy from source3/passdb/ABI/samba-passdb-0.25.0.sigs
copy to source3/passdb/ABI/samba-passdb-0.26.0.sigs
index 546374c..f3762e5 100644
--- a/source3/passdb/ABI/samba-passdb-0.25.0.sigs
+++ b/source3/passdb/ABI/samba-passdb-0.26.0.sigs
@@ -56,8 +56,6 @@ lookup_name: bool (TALLOC_CTX *, const char *, int, const char **, const char **
lookup_name_smbconf: bool (TALLOC_CTX *, const char *, int, const char **, const char **, struct dom_sid *, enum lsa_SidType *)
lookup_sid: bool (TALLOC_CTX *, const struct dom_sid *, const char **, const char **, enum lsa_SidType *)
lookup_sids: NTSTATUS (TALLOC_CTX *, int, const struct dom_sid **, int, struct lsa_dom_info **, struct lsa_name_info **)
-lookup_unix_group_name: bool (const char *, struct dom_sid *)
-lookup_unix_user_name: bool (const char *, struct dom_sid *)
lookup_wellknown_name: bool (TALLOC_CTX *, const char *, struct dom_sid *, const char **)
lookup_wellknown_sid: bool (TALLOC_CTX *, const struct dom_sid *, const char **, const char **)
make_pdb_method: NTSTATUS (struct pdb_methods **)
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index 110bdd3..b06dd1b 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -21,6 +21,7 @@
#include "includes.h"
#include "passdb.h"
+#include "lib/util_unixsids.h"
#include "../librpc/gen_ndr/ndr_security.h"
#include "secrets.h"
#include "../lib/util/memcache.h"
@@ -29,6 +30,41 @@
#include "lib/winbind_util.h"
#include "../librpc/gen_ndr/idmap.h"
+static bool lookup_unix_user_name(const char *name, struct dom_sid *sid)
+{
+ struct passwd *pwd;
+ bool ret;
+
+ pwd = Get_Pwnam_alloc(talloc_tos(), name);
+ if (pwd == NULL) {
+ return False;
+ }
+
+ /*
+ * For 64-bit uid's we have enough space in the whole SID,
+ * should they become necessary
+ */
+ ret = sid_compose(sid, &global_sid_Unix_Users, pwd->pw_uid);
+ TALLOC_FREE(pwd);
+ return ret;
+}
+
+static bool lookup_unix_group_name(const char *name, struct dom_sid *sid)
+{
+ struct group *grp;
+
+ grp = getgrnam(name);
+ if (grp == NULL) {
+ return False;
+ }
+
+ /*
+ * For 64-bit gid's we have enough space in the whole SID,
+ * should they become necessary
+ */
+ return sid_compose(sid, &global_sid_Unix_Groups, grp->gr_gid);
+}
+
/*****************************************************************
Dissect a user-provided name into domain, name, sid and type.
diff --git a/source3/winbindd/wb_lookupsids.c b/source3/winbindd/wb_lookupsids.c
index 2480547..a4bcbad 100644
--- a/source3/winbindd/wb_lookupsids.c
+++ b/source3/winbindd/wb_lookupsids.c
@@ -19,6 +19,7 @@
#include "includes.h"
#include "winbindd.h"
+#include "lib/util_unixsids.h"
#include "librpc/gen_ndr/ndr_winbind_c.h"
#include "../libcli/security/security.h"
#include "passdb/machine_sid.h"
diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c
index 3d0914a..dce26d2 100644
--- a/source3/winbindd/winbindd_samr.c
+++ b/source3/winbindd/winbindd_samr.c
@@ -26,6 +26,7 @@
#include "includes.h"
#include "winbindd.h"
#include "winbindd_rpc.h"
+#include "lib/util_unixsids.h"
#include "rpc_client/rpc_client.h"
#include "../librpc/gen_ndr/ndr_samr_c.h"
#include "rpc_client/cli_samr.h"
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 38e4b8b..c98b3ef 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "winbindd.h"
+#include "lib/util_unixsids.h"
#include "secrets.h"
#include "../libcli/security/security.h"
#include "../libcli/auth/pam_errors.h"
diff --git a/source3/wscript_build b/source3/wscript_build
index d45a440..815a540 100755
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -168,7 +168,7 @@ bld.SAMBA3_LIBRARY('samba-passdb',
''',
abi_match=private_pdb_match,
abi_directory='passdb/ABI',
- vnum='0.25.0')
+ vnum='0.26.0')
bld.SAMBA3_SUBSYSTEM('pdb',
source='''
diff --git a/source4/winbind/idmap.c b/source4/winbind/idmap.c
index 26a4664..edeb724 100644
--- a/source4/winbind/idmap.c
+++ b/source4/winbind/idmap.c
@@ -23,6 +23,7 @@
#include "includes.h"
#include "auth/auth.h"
#include "librpc/gen_ndr/ndr_security.h"
+#include "lib/util_unixsids.h"
#include <ldb.h>
#include "ldb_wrap.h"
#include "param/param.h"
@@ -166,31 +167,24 @@ struct idmap_context *idmap_init(TALLOC_CTX *mem_ctx,
idmap_ctx->lp_ctx = lp_ctx;
- idmap_ctx->ldb_ctx = ldb_wrap_connect(mem_ctx, ev_ctx, lp_ctx,
+ idmap_ctx->ldb_ctx = ldb_wrap_connect(idmap_ctx, ev_ctx, lp_ctx,
"idmap.ldb",
system_session(lp_ctx),
NULL, 0);
if (idmap_ctx->ldb_ctx == NULL) {
- return NULL;
- }
-
- idmap_ctx->unix_groups_sid = dom_sid_parse_talloc(mem_ctx, "S-1-22-2");
- if (idmap_ctx->unix_groups_sid == NULL) {
- return NULL;
+ goto fail;
}
- idmap_ctx->unix_users_sid = dom_sid_parse_talloc(mem_ctx, "S-1-22-1");
- if (idmap_ctx->unix_users_sid == NULL) {
- return NULL;
- }
-
idmap_ctx->samdb = samdb_connect(idmap_ctx, ev_ctx, lp_ctx, system_session(lp_ctx), 0);
if (idmap_ctx->samdb == NULL) {
DEBUG(0, ("Failed to load sam.ldb in idmap_init\n"));
- return NULL;
+ goto fail;
}
return idmap_ctx;
+fail:
+ TALLOC_FREE(idmap_ctx);
+ return NULL;
}
/**
@@ -216,7 +210,8 @@ static NTSTATUS idmap_xid_to_sid(struct idmap_context *idmap_ctx,
struct ldb_context *ldb = idmap_ctx->ldb_ctx;
struct ldb_result *res = NULL;
struct ldb_message *msg;
- struct dom_sid *unix_sid, *new_sid;
+ const struct dom_sid *unix_sid;
+ struct dom_sid *new_sid;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
const char *id_type;
@@ -354,13 +349,9 @@ static NTSTATUS idmap_xid_to_sid(struct idmap_context *idmap_ctx,
/* For local users/groups , we just create a rid = uid/gid */
if (unixid->type == ID_TYPE_UID) {
- unix_sid = dom_sid_parse_talloc(tmp_ctx, "S-1-22-1");
+ unix_sid = &global_sid_Unix_Users;
} else {
- unix_sid = dom_sid_parse_talloc(tmp_ctx, "S-1-22-2");
- }
- if (unix_sid == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto failed;
+ unix_sid = &global_sid_Unix_Groups;
}
new_sid = dom_sid_add_rid(mem_ctx, unix_sid, unixid->id);
@@ -410,7 +401,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
const char *sam_attrs[] = {"uidNumber", "gidNumber", "samAccountType", NULL};
- if (dom_sid_in_domain(idmap_ctx->unix_users_sid, sid)) {
+ if (sid_check_is_in_unix_users(sid)) {
uint32_t rid;
DEBUG(6, ("This is a local unix uid, just calculate that.\n"));
status = dom_sid_split_rid(tmp_ctx, sid, NULL, &rid);
@@ -426,7 +417,7 @@ static NTSTATUS idmap_sid_to_xid(struct idmap_context *idmap_ctx,
return NT_STATUS_OK;
}
- if (dom_sid_in_domain(idmap_ctx->unix_groups_sid, sid)) {
+ if (sid_check_is_in_unix_groups(sid)) {
uint32_t rid;
DEBUG(6, ("This is a local unix gid, just calculate that.\n"));
status = dom_sid_split_rid(tmp_ctx, sid, NULL, &rid);
diff --git a/source4/winbind/idmap.h b/source4/winbind/idmap.h
index 676955c..04770c3 100644
--- a/source4/winbind/idmap.h
+++ b/source4/winbind/idmap.h
@@ -27,8 +27,6 @@
struct idmap_context {
struct loadparm_context *lp_ctx;
struct ldb_context *ldb_ctx;
- struct dom_sid *unix_groups_sid;
- struct dom_sid *unix_users_sid;
struct ldb_context *samdb;
};
--
Samba Shared Repository
More information about the samba-cvs
mailing list