[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Sat Nov 10 01:20:13 UTC 2018
The branch, master has been updated
via a979bb28b30 lib: Use dom_sid_str_buf
via 5cad0fc6c0b libgpo: Use dom_sid_str_buf
via 87ae595b388 idmap: Use dom_sid_str_buf
via 1e484da7921 idmap: Use dom_sid_str_buf
via f564776ebd1 idmap: Use dom_sid_str_buf
via beba440c0ed passdb: Use dom_sid_str_buf
via 9060b26caca passdb: Use dom_sid_str_buf
via 94cfb4ded18 passdb: Use dom_sid_str_buf
via efcd3ae682b passdb: Use dom_sid_str_buf
via 1ff8598d46a libcli: Use dom_sid_str_buf
via 58e77b54225 winbind: Use dom_sid_str_buf
via 21bfc774397 winbind: Use dom_sid_str_buf
via e8743444f79 winbind: Use dom_sid_str_buf
via a7c877847f8 vfs_fruit: validation of writes on AFP_AfpInfo stream
via 4901d71c3de vfs_fruit: move a comment to the right place
via 221133b0e9e s4:torture/vfs/fruit: torture writing AFP_AfpInfo stream
via 5d53870da1c nsswitch: Fix CID 1441070 Error handling issues (CHECKED_RETURN)
via 9b30350489c nsswitch: Fix CID 1441072 Error handling issues (CHECKED_RETURN)
from b161b3a8915 mdb_util: Better error message if lmdb-utils not installed
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a979bb28b301d3ecf72b958f8a114d24c5203544
Author: Volker Lendecke <vl at samba.org>
Date: Fri Nov 2 20:48:07 2018 +0100
lib: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Sat Nov 10 02:19:29 CET 2018 on sn-devel-144
commit 5cad0fc6c0bbca861cbed04acc940af7121317f3
Author: Volker Lendecke <vl at samba.org>
Date: Fri Nov 2 21:28:59 2018 +0100
libgpo: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 87ae595b3880862589743e07dd2d08bfc0d35883
Author: Volker Lendecke <vl at samba.org>
Date: Sat Oct 27 21:50:34 2018 +0200
idmap: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 1e484da7921e84dc0bb8939401de0188c9cbde5f
Author: Volker Lendecke <vl at samba.org>
Date: Fri Nov 2 20:54:37 2018 +0100
idmap: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit f564776ebd14de12f5f1f5cddb6d5286ab2b776d
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 26 15:43:30 2018 +0200
idmap: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit beba440c0ed6eae9cad86da2863b730a00a23a6f
Author: Volker Lendecke <vl at samba.org>
Date: Fri Nov 2 20:58:59 2018 +0100
passdb: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 9060b26caca327c7dc1f3b69b28a7acfcf2f7d3d
Author: Volker Lendecke <vl at samba.org>
Date: Fri Nov 2 20:58:59 2018 +0100
passdb: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 94cfb4ded18ead3035963d0a23a70a4537ebf7ba
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 26 15:43:30 2018 +0200
passdb: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit efcd3ae682b3fff155fcdf8202bb2c47a8d2707e
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 26 15:43:30 2018 +0200
passdb: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 1ff8598d46ad6efabb07feba0dba017adea204d6
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 26 14:15:43 2018 +0200
libcli: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 58e77b542257342139069210092ae92e8f153680
Author: Volker Lendecke <vl at samba.org>
Date: Sat Oct 27 22:01:03 2018 +0200
winbind: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 21bfc7743970f985ffef1b558120203c76739ec3
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 26 08:25:14 2018 +0200
winbind: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit e8743444f797b3b1db3b53d1054473b1e4fba162
Author: Volker Lendecke <vl at samba.org>
Date: Fri Oct 26 08:25:14 2018 +0200
winbind: Use dom_sid_str_buf
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit a7c877847f855be5ee6673e541a181b818013abf
Author: Ralph Boehme <slow at samba.org>
Date: Tue Nov 6 13:24:14 2018 +0100
vfs_fruit: validation of writes on AFP_AfpInfo stream
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13677
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 4901d71c3de754a106662d01481b960ed7c2c4dd
Author: Ralph Boehme <slow at samba.org>
Date: Tue Nov 6 12:34:17 2018 +0100
vfs_fruit: move a comment to the right place
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13677
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 221133b0e9ed28274f7513d9416f13a81b7b458b
Author: Ralph Boehme <slow at samba.org>
Date: Tue Nov 6 12:24:54 2018 +0100
s4:torture/vfs/fruit: torture writing AFP_AfpInfo stream
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13677
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 5d53870da1cb35f16f7eb9460e181593b5c0cf67
Author: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Date: Fri Nov 9 09:01:29 2018 +0100
nsswitch: Fix CID 1441070 Error handling issues (CHECKED_RETURN)
Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 9b30350489cdcd496fa08e5e1116ad3e19ca3ba3
Author: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Date: Fri Nov 9 08:58:31 2018 +0100
nsswitch: Fix CID 1441072 Error handling issues (CHECKED_RETURN)
Signed-off-by: Ralph Wuerthner <ralph.wuerthner at de.ibm.com>
Reviewed-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
libcli/security/display_sec.c | 18 +-
libgpo/gpo_sec.c | 15 +-
nsswitch/stress-nss-libwbclient.c | 17 +-
source3/groupdb/mapping_tdb.c | 32 ++--
source3/lib/idmap_cache.c | 9 +-
source3/lib/privileges.c | 15 +-
source3/modules/vfs_fruit.c | 86 ++++++++--
source3/passdb/pdb_interface.c | 10 +-
source3/passdb/pdb_ldap_util.c | 6 +-
source3/winbindd/idmap_ad.c | 11 +-
source3/winbindd/winbindd_cache.c | 58 +++----
source3/winbindd/winbindd_pam.c | 10 +-
source4/torture/vfs/fruit.c | 336 ++++++++++++++++++++++++++++++++++++++
13 files changed, 514 insertions(+), 109 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/security/display_sec.c b/libcli/security/display_sec.c
index a8d173c6364..506ecf6d89d 100644
--- a/libcli/security/display_sec.c
+++ b/libcli/security/display_sec.c
@@ -180,7 +180,7 @@ static void disp_sec_ace_object(struct security_ace_object *object)
****************************************************************************/
void display_sec_ace(struct security_ace *ace)
{
- char *sid_str;
+ struct dom_sid_buf sid_str;
printf("\tACE\n\t\ttype: ");
switch (ace->type) {
@@ -219,9 +219,7 @@ void display_sec_ace(struct security_ace *ace)
printf(" (%d) flags: 0x%02x ", ace->type, ace->flags);
display_sec_ace_flags(ace->flags);
display_sec_access(&ace->access_mask);
- sid_str = dom_sid_string(NULL, &ace->trustee);
- printf("\t\tSID: %s\n\n", sid_str);
- talloc_free(sid_str);
+ printf("\t\tSID: %s\n\n", dom_sid_str_buf(&ace->trustee, &sid_str));
if (sec_ace_object(ace->type)) {
disp_sec_ace_object(&ace->object.object);
@@ -292,7 +290,7 @@ void display_acl_type(uint16_t type)
****************************************************************************/
void display_sec_desc(struct security_descriptor *sec)
{
- char *sid_str;
+ struct dom_sid_buf sid_str;
if (!sec) {
printf("NULL\n");
@@ -313,14 +311,12 @@ void display_sec_desc(struct security_descriptor *sec)
}
if (sec->owner_sid) {
- sid_str = dom_sid_string(NULL, sec->owner_sid);
- printf("\tOwner SID:\t%s\n", sid_str);
- talloc_free(sid_str);
+ printf("\tOwner SID:\t%s\n",
+ dom_sid_str_buf(sec->owner_sid, &sid_str));
}
if (sec->group_sid) {
- sid_str = dom_sid_string(NULL, sec->group_sid);
- printf("\tGroup SID:\t%s\n", sid_str);
- talloc_free(sid_str);
+ printf("\tGroup SID:\t%s\n",
+ dom_sid_str_buf(sec->group_sid, &sid_str));
}
}
diff --git a/libgpo/gpo_sec.c b/libgpo/gpo_sec.c
index 98ee8eb3cc9..82887bc7e19 100644
--- a/libgpo/gpo_sec.c
+++ b/libgpo/gpo_sec.c
@@ -103,16 +103,13 @@ static bool gpo_sd_check_read_access_bits(uint32_t access_mask)
static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
const struct security_token *token)
{
- char *sid_str;
-
if (gpo_sd_check_agp_object(ace) &&
gpo_sd_check_agp_access_bits(ace->access_mask) &&
security_token_has_sid(token, &ace->trustee)) {
- sid_str = dom_sid_string(NULL, &ace->trustee);
+ struct dom_sid_buf sid_str;
DEBUG(10,("gpo_sd_check_ace_denied_object: "
"Access denied as of ace for %s\n",
- sid_str));
- talloc_free(sid_str);
+ dom_sid_str_buf(&ace->trustee, &sid_str)));
return NT_STATUS_ACCESS_DENIED;
}
@@ -125,17 +122,13 @@ static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
static NTSTATUS gpo_sd_check_ace_allowed_object(const struct security_ace *ace,
const struct security_token *token)
{
- char *sid_str;
-
if (gpo_sd_check_agp_object(ace) &&
gpo_sd_check_agp_access_bits(ace->access_mask) &&
security_token_has_sid(token, &ace->trustee)) {
- sid_str = dom_sid_string(NULL, &ace->trustee);
+ struct dom_sid_buf sid_str;
DEBUG(10,("gpo_sd_check_ace_allowed_object: "
"Access granted as of ace for %s\n",
- sid_str));
- talloc_free(sid_str);
-
+ dom_sid_str_buf(&ace->trustee, &sid_str)));
return NT_STATUS_OK;
}
diff --git a/nsswitch/stress-nss-libwbclient.c b/nsswitch/stress-nss-libwbclient.c
index cf85ff3f817..df1d85c9c40 100644
--- a/nsswitch/stress-nss-libwbclient.c
+++ b/nsswitch/stress-nss-libwbclient.c
@@ -118,7 +118,13 @@ int main(int argc, char *argv[])
state.username = argv[1];
state.timeout = time(NULL) + RUNTIME;
- pthread_mutex_init(&state.lock, NULL);
+ rc = pthread_mutex_init(&state.lock, NULL);
+ if (rc != 0) {
+ fprintf(stderr,
+ "pthread_mutex_init failed: %s\n",
+ strerror(rc));
+ exit(1);
+ }
state.fail = false;
state.nss_loop_count = 0;
state.wbc_loop_count = 0;
@@ -143,7 +149,14 @@ int main(int argc, char *argv[])
/* wait for query threads to terminate */
for (n = 0; n < 2; n++) {
- pthread_join(threads[n], NULL);
+ rc = pthread_join(threads[n], NULL);
+ if (rc != 0) {
+ fprintf(stderr,
+ "joining query thread %i failed: %s\n",
+ n,
+ strerror(rc));
+ exit(1);
+ }
}
fprintf(state.fail ? stderr: stdout,
diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c
index b5b11767f27..41b56be5ca3 100644
--- a/source3/groupdb/mapping_tdb.c
+++ b/source3/groupdb/mapping_tdb.c
@@ -451,7 +451,7 @@ static bool enum_group_mapping(const struct dom_sid *domsid,
static NTSTATUS one_alias_membership(const struct dom_sid *member,
struct dom_sid **sids, size_t *num)
{
- fstring tmp;
+ struct dom_sid_buf tmp;
fstring key;
char *string_sid;
TDB_DATA dbuf;
@@ -460,7 +460,7 @@ static NTSTATUS one_alias_membership(const struct dom_sid *member,
TALLOC_CTX *frame = talloc_stackframe();
slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX,
- sid_to_fstring(tmp, member));
+ dom_sid_str_buf(member, &tmp));
status = dbwrap_fetch_bystring(db, frame, key, &dbuf);
if (!NT_STATUS_IS_OK(status)) {
@@ -532,7 +532,7 @@ static NTSTATUS add_aliasmem(const struct dom_sid *alias, const struct dom_sid *
{
GROUP_MAP *map;
char *key;
- fstring string_sid;
+ struct dom_sid_buf string_sid;
char *new_memberstring;
struct db_record *rec;
NTSTATUS status;
@@ -559,10 +559,8 @@ static NTSTATUS add_aliasmem(const struct dom_sid *alias, const struct dom_sid *
if (is_aliasmem(alias, member))
return NT_STATUS_MEMBER_IN_ALIAS;
- sid_to_fstring(string_sid, member);
-
key = talloc_asprintf(talloc_tos(), "%s%s", MEMBEROF_PREFIX,
- string_sid);
+ dom_sid_str_buf(member, &string_sid));
if (key == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -583,13 +581,13 @@ static NTSTATUS add_aliasmem(const struct dom_sid *alias, const struct dom_sid *
value = dbwrap_record_get_value(rec);
- sid_to_fstring(string_sid, alias);
+ dom_sid_str_buf(alias, &string_sid);
if (value.dptr != NULL) {
new_memberstring = talloc_asprintf(
- key, "%s %s", (char *)(value.dptr), string_sid);
+ key, "%s %s", (char *)(value.dptr), string_sid.buf);
} else {
- new_memberstring = talloc_strdup(key, string_sid);
+ new_memberstring = talloc_strdup(key, string_sid.buf);
}
if (new_memberstring == NULL) {
@@ -732,7 +730,7 @@ static NTSTATUS del_aliasmem(const struct dom_sid *alias, const struct dom_sid *
bool found = False;
char *member_string;
char *key;
- fstring sid_string;
+ struct dom_sid_buf sid_string;
if (dbwrap_transaction_start(db) != 0) {
DEBUG(0, ("transaction_start failed\n"));
@@ -763,9 +761,11 @@ static NTSTATUS del_aliasmem(const struct dom_sid *alias, const struct dom_sid *
num -= 1;
- sid_to_fstring(sid_string, member);
-
- key = talloc_asprintf(sids, "%s%s", MEMBEROF_PREFIX, sid_string);
+ key = talloc_asprintf(
+ sids,
+ "%s%s",
+ MEMBEROF_PREFIX,
+ dom_sid_str_buf(member, &sid_string));
if (key == NULL) {
TALLOC_FREE(sids);
status = NT_STATUS_NO_MEMORY;
@@ -786,10 +786,10 @@ static NTSTATUS del_aliasmem(const struct dom_sid *alias, const struct dom_sid *
for (i=0; i<num; i++) {
- sid_to_fstring(sid_string, &sids[i]);
-
member_string = talloc_asprintf_append_buffer(
- member_string, " %s", sid_string);
+ member_string,
+ " %s",
+ dom_sid_str_buf(&sids[i], &sid_string));
if (member_string == NULL) {
TALLOC_FREE(sids);
diff --git a/source3/lib/idmap_cache.c b/source3/lib/idmap_cache.c
index 4c65841fd9c..1d87bbdec45 100644
--- a/source3/lib/idmap_cache.c
+++ b/source3/lib/idmap_cache.c
@@ -36,7 +36,7 @@
bool idmap_cache_find_sid2unixid(const struct dom_sid *sid, struct unixid *id,
bool *expired)
{
- fstring sidstr;
+ struct dom_sid_buf sidstr;
char *key;
char *value = NULL;
char *endptr;
@@ -45,7 +45,7 @@ bool idmap_cache_find_sid2unixid(const struct dom_sid *sid, struct unixid *id,
struct unixid tmp_id;
key = talloc_asprintf(talloc_tos(), "IDMAP/SID2XID/%s",
- sid_to_fstring(sidstr, sid));
+ dom_sid_str_buf(sid, &sidstr));
if (key == NULL) {
return false;
}
@@ -289,11 +289,12 @@ void idmap_cache_set_sid2unixid(const struct dom_sid *sid, struct unixid *unix_i
{
time_t now = time(NULL);
time_t timeout;
- fstring sidstr, key, value;
+ fstring key, value;
if (!is_null_sid(sid)) {
+ struct dom_sid_buf sidstr;
fstr_sprintf(key, "IDMAP/SID2XID/%s",
- sid_to_fstring(sidstr, sid));
+ dom_sid_str_buf(sid, &sidstr));
switch (unix_id->type) {
case ID_TYPE_UID:
fstr_sprintf(value, "%d:U", (int)unix_id->id);
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index d3509c2267b..ec4e1893bda 100644
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -74,7 +74,8 @@ static uint64_t map_old_SE_PRIV(unsigned char *dptr)
static bool get_privileges( const struct dom_sid *sid, uint64_t *mask )
{
struct db_context *db = get_account_pol_db();
- fstring tmp, keystr;
+ struct dom_sid_buf tmp;
+ fstring keystr;
TDB_DATA data;
NTSTATUS status;
@@ -89,7 +90,7 @@ static bool get_privileges( const struct dom_sid *sid, uint64_t *mask )
/* PRIV_<SID> (NULL terminated) as the key */
- fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
+ fstr_sprintf(keystr, "%s%s", PRIVPREFIX, dom_sid_str_buf(sid, &tmp));
status = dbwrap_fetch_bystring(db, talloc_tos(), keystr, &data);
@@ -125,7 +126,8 @@ static bool set_privileges( const struct dom_sid *sid, uint64_t mask )
{
struct db_context *db = get_account_pol_db();
uint8_t privbuf[8];
- fstring tmp, keystr;
+ struct dom_sid_buf tmp;
+ fstring keystr;
TDB_DATA data;
if ( !lp_enable_privileges() )
@@ -141,7 +143,7 @@ static bool set_privileges( const struct dom_sid *sid, uint64_t mask )
/* PRIV_<SID> (NULL terminated) as the key */
- fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
+ fstr_sprintf(keystr, "%s%s", PRIVPREFIX, dom_sid_str_buf(sid, &tmp));
/* This writes the 64 bit bitmask out in little endian format */
SBVAL(privbuf,0,mask);
@@ -469,7 +471,8 @@ NTSTATUS privilege_create_account(const struct dom_sid *sid )
NTSTATUS privilege_delete_account(const struct dom_sid *sid)
{
struct db_context *db = get_account_pol_db();
- fstring tmp, keystr;
+ struct dom_sid_buf tmp;
+ fstring keystr;
if (!lp_enable_privileges()) {
return NT_STATUS_OK;
@@ -485,7 +488,7 @@ NTSTATUS privilege_delete_account(const struct dom_sid *sid)
/* PRIV_<SID> (NULL terminated) as the key */
- fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
+ fstr_sprintf(keystr, "%s%s", PRIVPREFIX, dom_sid_str_buf(sid, &tmp));
return dbwrap_delete_bystring(db, keystr);
}
diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
index efe88efcaeb..50b6fac8b95 100644
--- a/source3/modules/vfs_fruit.c
+++ b/source3/modules/vfs_fruit.c
@@ -4534,6 +4534,12 @@ static ssize_t fruit_pwrite_meta_stream(vfs_handle_struct *handle,
}
if (ai_empty_finderinfo(ai)) {
+ /*
+ * Writing an all 0 blob to the metadata stream results in the
+ * stream being removed on a macOS server. This ensures we
+ * behave the same and it verified by the "delete AFP_AfpInfo by
+ * writing all 0" test.
+ */
ret = SMB_VFS_NEXT_FTRUNCATE(handle, fsp, 0);
if (ret != 0) {
DBG_ERR("SMB_VFS_NEXT_FTRUNCATE on [%s] failed\n",
@@ -4606,6 +4612,12 @@ static ssize_t fruit_pwrite_meta_netatalk(vfs_handle_struct *handle,
return n;
}
+ /*
+ * Writing an all 0 blob to the metadata stream results in the stream
+ * being removed on a macOS server. This ensures we behave the same and
+ * it verified by the "delete AFP_AfpInfo by writing all 0" test.
+ */
+
ok = set_delete_on_close(
fsp,
true,
@@ -4626,34 +4638,67 @@ static ssize_t fruit_pwrite_meta(vfs_handle_struct *handle,
{
struct fio *fio = (struct fio *)VFS_FETCH_FSP_EXTENSION(handle, fsp);
ssize_t nwritten;
+ uint8_t buf[AFP_INFO_SIZE];
+ size_t to_write;
+ size_t to_copy;
+ int cmp;
- /*
- * Writing an all 0 blob to the metadata stream
- * results in the stream being removed on a macOS
- * server. This ensures we behave the same and it
- * verified by the "delete AFP_AfpInfo by writing all
- * 0" test.
- */
- if (n != AFP_INFO_SIZE || offset != 0) {
- DBG_ERR("unexpected offset=%jd or size=%jd\n",
- (intmax_t)offset, (intmax_t)n);
+ if (fio == NULL) {
+ DBG_ERR("Failed to fetch fsp extension");
return -1;
}
- if (fio == NULL) {
- DBG_ERR("Failed to fetch fsp extension");
+ if (n < 3) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ if (offset != 0 && n < 60) {
+ errno = EINVAL;
return -1;
}
+ cmp = memcmp(data, "AFP", 3);
+ if (cmp != 0) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ if (n <= AFP_OFF_FinderInfo) {
+ /*
+ * Nothing to do here really, just return
+ */
+ return n;
+ }
+
+ offset = 0;
+
+ to_copy = n;
+ if (to_copy > AFP_INFO_SIZE) {
+ to_copy = AFP_INFO_SIZE;
+ }
+ memcpy(buf, data, to_copy);
+
+ to_write = n;
+ if (to_write != AFP_INFO_SIZE) {
+ to_write = AFP_INFO_SIZE;
+ }
+
switch (fio->config->meta) {
case FRUIT_META_STREAM:
- nwritten = fruit_pwrite_meta_stream(handle, fsp, data,
- n, offset);
+ nwritten = fruit_pwrite_meta_stream(handle,
+ fsp,
+ buf,
+ to_write,
+ offset);
break;
case FRUIT_META_NETATALK:
- nwritten = fruit_pwrite_meta_netatalk(handle, fsp, data,
- n, offset);
+ nwritten = fruit_pwrite_meta_netatalk(handle,
+ fsp,
+ buf,
+ to_write,
+ offset);
break;
default:
@@ -4661,7 +4706,14 @@ static ssize_t fruit_pwrite_meta(vfs_handle_struct *handle,
return -1;
}
- return nwritten;
+ if (nwritten != to_write) {
+ return -1;
+ }
+
+ /*
+ * Return the requested amount, verified against macOS SMB server
+ */
+ return n;
}
static ssize_t fruit_pwrite_rsrc_stream(vfs_handle_struct *handle,
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 315da52f01b..78ff2daafaf 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -741,7 +741,7 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
{
struct dom_sid group_sid;
struct group *grp;
- fstring tmp;
+ struct dom_sid_buf tmp;
grp = getgrnam(name);
@@ -769,8 +769,12 @@ static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
sid_compose(&group_sid, get_global_sam_sid(), *rid);
- return add_initial_entry(grp->gr_gid, sid_to_fstring(tmp, &group_sid),
- SID_NAME_DOM_GRP, name, NULL);
+ return add_initial_entry(
+ grp->gr_gid,
+ dom_sid_str_buf(&group_sid, &tmp),
+ SID_NAME_DOM_GRP,
+ name,
+ NULL);
}
NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
diff --git a/source3/passdb/pdb_ldap_util.c b/source3/passdb/pdb_ldap_util.c
index dc222031418..f9e6cbbc3a9 100644
--- a/source3/passdb/pdb_ldap_util.c
+++ b/source3/passdb/pdb_ldap_util.c
@@ -27,6 +27,7 @@
#include "passdb.h"
#include "passdb/pdb_ldap_util.h"
#include "passdb/pdb_ldap_schema.h"
+#include "libcli/security/dom_sid.h"
/**********************************************************************
Add the account-policies below the sambaDomain object to LDAP,
@@ -118,7 +119,7 @@ static NTSTATUS add_new_domain_account_policies(struct smbldap_state *ldap_state
static NTSTATUS add_new_domain_info(struct smbldap_state *ldap_state,
const char *domain_name)
{
--
Samba Shared Repository
More information about the samba-cvs
mailing list