[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Mon Jul 9 22:13:05 UTC 2018


The branch, master has been updated
       via  3796bb0 Revert "s3/service: convert lp_force_group() to const"
       via  3e5e775 Revert "s3/service: convert lp_force_user() to const"
      from  fe25bc7 libsmbclient: Initialize written in cli_splice_fallback()

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 3796bb0048a276259e30e44f7e0e071c1516727a
Author: David Disseldorp <ddiss at samba.org>
Date:   Mon Jul 9 01:40:58 2018 +0200

    Revert "s3/service: convert lp_force_group() to const"
    
    This reverts commit c53646bccd87ef3b3133d3f7526ef85591909528.
    As mentioned by Andrew, we shouldn't break environments where
    "force group" has been configured to use substituted variables.
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Tue Jul 10 00:12:19 CEST 2018 on sn-devel-144

commit 3e5e775321e6c432d92d459219ecebbb9713890d
Author: David Disseldorp <ddiss at samba.org>
Date:   Mon Jul 9 01:36:11 2018 +0200

    Revert "s3/service: convert lp_force_user() to const"
    
    This reverts commit c58194e3d296f4e14e7689bdf192c561635ae161.
    As mentioned by Andrew, we shouldn't break environments where
    "force user" has been configured to use substituted variables.
    
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 docs-xml/smbdotconf/security/forcegroup.xml |  1 -
 docs-xml/smbdotconf/security/forceuser.xml  |  1 -
 source3/smbd/service.c                      | 23 ++++++++++++++---------
 source3/smbd/uid.c                          |  3 +--
 4 files changed, 15 insertions(+), 13 deletions(-)


Changeset truncated at 500 lines:

diff --git a/docs-xml/smbdotconf/security/forcegroup.xml b/docs-xml/smbdotconf/security/forcegroup.xml
index b6e729b..d101f1c 100644
--- a/docs-xml/smbdotconf/security/forcegroup.xml
+++ b/docs-xml/smbdotconf/security/forcegroup.xml
@@ -1,7 +1,6 @@
 <samba:parameter name="force group"
                  context="S"
                  type="string"
-                 constant="1"
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <synonym>group</synonym>
 <description>
diff --git a/docs-xml/smbdotconf/security/forceuser.xml b/docs-xml/smbdotconf/security/forceuser.xml
index 3316afe..ff5c7a2 100644
--- a/docs-xml/smbdotconf/security/forceuser.xml
+++ b/docs-xml/smbdotconf/security/forceuser.xml
@@ -1,6 +1,5 @@
 <samba:parameter name="force user"
                  type="string"
-                 constant="1"
                  context="S"
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <description>
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 2fa7c60..2e4a113 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -243,18 +243,23 @@ static NTSTATUS find_forced_group(bool force_user,
 	TALLOC_CTX *frame = talloc_stackframe();
 	struct dom_sid group_sid;
 	enum lsa_SidType type;
-	const char *force_group;
 	char *groupname;
 	bool user_must_be_member = False;
 	gid_t gid;
 
-	force_group = lp_force_group(snum);
-	if (force_group[0] == '+') {
-		user_must_be_member = true;
-		force_group += 1;
+	groupname = lp_force_group(talloc_tos(), snum);
+	if (groupname == NULL) {
+		DEBUG(1, ("talloc_strdup failed\n"));
+		result = NT_STATUS_NO_MEMORY;
+		goto done;
+	}
+
+	if (groupname[0] == '+') {
+		user_must_be_member = True;
+		groupname += 1;
 	}
 
-	groupname = talloc_string_sub(talloc_tos(), force_group,
+	groupname = talloc_string_sub(talloc_tos(), groupname,
 				      "%S", lp_const_servicename(snum));
 	if (groupname == NULL) {
 		DEBUG(1, ("talloc_string_sub failed\n"));
@@ -372,7 +377,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
 {
 	NTSTATUS status;
 
-	if (*lp_force_user(snum)) {
+	if (*lp_force_user(talloc_tos(), snum)) {
 
 		/*
 		 * Replace conn->session_info with a completely faked up one
@@ -384,7 +389,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
 		struct auth_session_info *forced_serverinfo;
 		bool guest;
 
-		fuser = talloc_string_sub(conn, lp_force_user(snum), "%S",
+		fuser = talloc_string_sub(conn, lp_force_user(talloc_tos(), snum), "%S",
 					  lp_const_servicename(snum));
 		if (fuser == NULL) {
 			return NT_STATUS_NO_MEMORY;
@@ -422,7 +427,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
 	 * any groupid stored for the connecting user.
 	 */
 
-	if (*lp_force_group(snum)) {
+	if (*lp_force_group(talloc_tos(), snum)) {
 
 		status = find_forced_group(
 			conn->force_user, snum, conn->session_info->unix_info->unix_name,
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index b6a754b..9d5321c 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -335,8 +335,7 @@ static bool change_to_user_internal(connection_struct *conn,
 	 * See if we should force group for this service. If so this overrides
 	 * any group set in the force user code.
 	 */
-	group_c = *lp_force_group(snum);
-	if (group_c != '\0') {
+	if((group_c = *lp_force_group(talloc_tos(), snum))) {
 
 		SMB_ASSERT(conn->force_group_gid != (gid_t)-1);
 


-- 
Samba Shared Repository



More information about the samba-cvs mailing list