[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Jan 22 21:08:01 UTC 2021
The branch, master has been updated
via b9f6e25fada torture: Fix a gcc qualifier ordering warning
via e593f969607 lib: Make accept_recv() return the listening socket
via f055d3f7db1 rpc_server: Fix a "bool==true" condition
via 10d3a1c0689 rpc_server: Fix a typo
via 181eb5728fd torture: Align integer types
via fa9d4570b8a lib: Align integer types
via b4077f7911d librpc: Fix a small memleak in epm_floor_string()
via c3ea181e762 smbd: Simplify sendfile_short_send()
via 791b477ca5e sharesec: Simplify add_ace()
via 90ea83b754b libcli: make_sec_acl() copies the ace_list, make that const
via f8f58301a11 smbcacls: Simplify add_ace_with_ctx()
via d4bbaee8904 libsmb: Simplify add_ace()
via 3fa00ac31a8 libsmb: Simplify sec_desc_parse()
via 5a018c70e24 smbcacls: Simplify sec_desc_parse()
via 40e4958953c lib: Make accept_recv() return struct samba_sockaddr
via b417fd19675 rpc_server: Slightly simplify dcesrv_bind()
via ec4850d5205 rpc_server: Slightly simplify dcesrv_bind()
via d6d49638cc3 vfs: Simplify vfs_gluster_getwd()
via c5c9406b609 lib: Use hex_byte() in strhex_to_str()
via 7d0981f5e78 lib: Avoid an "includes.h"
via d6c3faa1885 rpc_server: Fix a typo
from d8339056eef s3:idmap_hash: reliable return ID_TYPE_BOTH
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit b9f6e25fada7847af1971862dbdd6ce6e7103b1a
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jan 20 21:10:06 2021 +0100
torture: Fix a gcc qualifier ordering warning
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jan 22 21:07:57 UTC 2021 on sn-devel-184
commit e593f969607791571248dd3341089001f49362fa
Author: Volker Lendecke <vl at samba.org>
Date: Sun Jan 17 11:04:47 2021 +0100
lib: Make accept_recv() return the listening socket
This is helpful if you are in a listening loop with the same receiver
for many sockets doing the same thing.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit f055d3f7db1c6eb47a5773f3cbe5bf8a047f3830
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jan 20 14:53:56 2021 +0100
rpc_server: Fix a "bool==true" condition
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 10d3a1c0689c82ee0774cadc376c6b071afe277e
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jan 20 15:00:08 2021 +0100
rpc_server: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 181eb5728fd4d9fd1126c1a396c8c621e2edc4d0
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jan 20 21:10:35 2021 +0100
torture: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit fa9d4570b8af16a8ab4afe6ecc4cb8759a35c723
Author: Volker Lendecke <vl at samba.org>
Date: Fri Jan 15 16:02:52 2021 +0100
lib: Align integer types
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit b4077f7911dbe340eb1a5ba166049f381b9f4c24
Author: Volker Lendecke <vl at samba.org>
Date: Fri Jan 15 15:16:55 2021 +0100
librpc: Fix a small memleak in epm_floor_string()
Use GUID_buf_string(), don't leak the output of GUID_string()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit c3ea181e76206a865d04be836111dd40f462cfff
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 21:57:16 2021 +0100
smbd: Simplify sendfile_short_send()
Allocate 1024 bytes on the stack instead of using calloc
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 791b477ca5ef8fdbdc7b144ad5d3c679644394a0
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 21:52:51 2021 +0100
sharesec: Simplify add_ace()
Use ADD_TO_ARRAY
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 90ea83b754be1d02fbb421bb07c9cb246ec637d9
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 21:51:01 2021 +0100
libcli: make_sec_acl() copies the ace_list, make that const
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit f8f58301a11caf13a416ff98b1681c78bd9a3a0b
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 21:45:36 2021 +0100
smbcacls: Simplify add_ace_with_ctx()
Use ADD_TO_ARRAY()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit d4bbaee890416609add457aa9534152c61b3671d
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 21:33:13 2021 +0100
libsmb: Simplify add_ace()
Use ADD_TO_ARRAY()
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 3fa00ac31a86cb43af05fa7f3f0bb15c13af44f8
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 21:32:21 2021 +0100
libsmb: Simplify sec_desc_parse()
Avoid CALLOC for just one struct dom_sids
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 5a018c70e241bed007339ebe3890f2eaaf678ff2
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 20:49:00 2021 +0100
smbcacls: Simplify sec_desc_parse()
Don't use SMB_CALLOC_ARRAY for just one element.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 40e4958953c8518fa779286fd96ebf36517a5bdb
Author: Volker Lendecke <vl at samba.org>
Date: Mon Jan 11 15:58:58 2021 +0100
lib: Make accept_recv() return struct samba_sockaddr
Avoid casting problems by using the samba_sockaddr union
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit b417fd19675bb2d987abc768695c0b2feb1f637a
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 12:20:43 2021 +0100
rpc_server: Slightly simplify dcesrv_bind()
Factor out dereferencing conn->dce_ctx
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit ec4850d5205b0b568221124a628153a99e6c1e7f
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 12:17:53 2021 +0100
rpc_server: Slightly simplify dcesrv_bind()
We have already dereferenced call->conn in a variable, use that.
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit d6d49638cc3553dc83914035301ddafab966180b
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 10:25:41 2021 +0100
vfs: Simplify vfs_gluster_getwd()
Avoid a malloc, we allocate PATH_MAX chars on the stack elsewhere too
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit c5c9406b6098cddbb939b3abc5d9435a9a24f6b2
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 10:21:19 2021 +0100
lib: Use hex_byte() in strhex_to_str()
I had completely missed that one in the last round...
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 7d0981f5e78bc881ca6521932379c69604c33a38
Author: Volker Lendecke <vl at samba.org>
Date: Thu Jan 14 10:10:04 2021 +0100
lib: Avoid an "includes.h"
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit d6c3faa188523bef0177c9411209d3ebf78ad159
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jan 13 16:03:08 2021 +0100
rpc_server: Fix a typo
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/async_req/async_sock.c | 31 ++++++++------
lib/async_req/async_sock.h | 7 +++-
lib/util/util.c | 33 +++------------
lib/util/util_runcmd.c | 4 +-
libcli/security/secacl.c | 8 ++--
libcli/security/secacl.h | 8 ++--
librpc/rpc/binding.c | 10 +++--
librpc/rpc/dcesrv_core.c | 29 ++++++-------
source3/lib/util_nttoken.c | 2 +-
source3/libsmb/libsmb_xattr.c | 81 ++++++++++++++++++------------------
source3/modules/vfs_glusterfs.c | 10 +----
source3/smbd/reply.c | 9 +---
source3/utils/sharesec.c | 24 +++++------
source3/utils/smbcacls.c | 69 +++++++++++++++---------------
source4/rpc_server/dcerpc_server.c | 2 +-
source4/rpc_server/service_rpc.c | 2 +-
source4/torture/rpc/spoolss_notify.c | 4 +-
17 files changed, 159 insertions(+), 174 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c
index 85ec148191e..3035aaaf623 100644
--- a/lib/async_req/async_sock.c
+++ b/lib/async_req/async_sock.c
@@ -28,6 +28,7 @@
#include <tevent.h>
#include "lib/async_req/async_sock.h"
#include "lib/util/iov_buf.h"
+#include "lib/util/util_net.h"
/* Note: lib/util/ is currently GPL */
#include "lib/util/tevent_unix.h"
@@ -704,8 +705,7 @@ bool wait_for_read_recv(struct tevent_req *req, int *perr)
struct accept_state {
struct tevent_fd *fde;
int listen_sock;
- socklen_t addrlen;
- struct sockaddr_storage addr;
+ struct samba_sockaddr addr;
int sock;
};
@@ -747,10 +747,12 @@ static void accept_handler(struct tevent_context *ev, struct tevent_fd *fde,
tevent_req_error(req, EIO);
return;
}
- state->addrlen = sizeof(state->addr);
- ret = accept(state->listen_sock, (struct sockaddr *)&state->addr,
- &state->addrlen);
+ state->addr.sa_socklen = sizeof(state->addr.u);
+
+ ret = accept(state->listen_sock,
+ &state->addr.u.sa,
+ &state->addr.sa_socklen);
if ((ret == -1) && (errno == EINTR)) {
/* retry */
return;
@@ -764,23 +766,28 @@ static void accept_handler(struct tevent_context *ev, struct tevent_fd *fde,
tevent_req_done(req);
}
-int accept_recv(struct tevent_req *req, struct sockaddr_storage *paddr,
- socklen_t *paddrlen, int *perr)
+int accept_recv(struct tevent_req *req,
+ int *listen_sock,
+ struct samba_sockaddr *paddr,
+ int *perr)
{
struct accept_state *state = tevent_req_data(req, struct accept_state);
+ int sock = state->sock;
int err;
if (tevent_req_is_unix_error(req, &err)) {
if (perr != NULL) {
*perr = err;
}
+ tevent_req_received(req);
return -1;
}
- if (paddr != NULL) {
- memcpy(paddr, &state->addr, state->addrlen);
+ if (listen_sock != NULL) {
+ *listen_sock = state->listen_sock;
}
- if (paddrlen != NULL) {
- *paddrlen = state->addrlen;
+ if (paddr != NULL) {
+ *paddr = state->addr;
}
- return state->sock;
+ tevent_req_received(req);
+ return sock;
}
diff --git a/lib/async_req/async_sock.h b/lib/async_req/async_sock.h
index 9cc052e253b..780195e3725 100644
--- a/lib/async_req/async_sock.h
+++ b/lib/async_req/async_sock.h
@@ -57,9 +57,12 @@ struct tevent_req *wait_for_read_send(TALLOC_CTX *mem_ctx,
bool check_errors);
bool wait_for_read_recv(struct tevent_req *req, int *perr);
+struct samba_sockaddr;
struct tevent_req *accept_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
int listen_sock);
-int accept_recv(struct tevent_req *req, struct sockaddr_storage *paddr,
- socklen_t *paddrlen, int *perr);
+int accept_recv(struct tevent_req *req,
+ int *listen_sock,
+ struct samba_sockaddr *paddr,
+ int *perr);
#endif
diff --git a/lib/util/util.c b/lib/util/util.c
index 3ca6b61df32..57f19aaa1a1 100644
--- a/lib/util/util.c
+++ b/lib/util/util.c
@@ -879,42 +879,21 @@ _PUBLIC_ size_t strhex_to_str(char *p, size_t p_len, const char *strhex, size_t
{
size_t i = 0;
size_t num_chars = 0;
- uint8_t lonybble, hinybble;
- const char *hexchars = "0123456789ABCDEF";
- char *p1 = NULL, *p2 = NULL;
/* skip leading 0x prefix */
if (strncasecmp(strhex, "0x", 2) == 0) {
i += 2; /* skip two chars */
}
- for (; i+1 < strhex_len && strhex[i] != 0 && strhex[i+1] != 0; i++) {
- p1 = strchr(hexchars, toupper((unsigned char)strhex[i]));
- if (p1 == NULL) {
+ while ((i < strhex_len) && (num_chars < p_len)) {
+ bool ok = hex_byte(&strhex[i], (uint8_t *)&p[num_chars]);
+ if (!ok) {
break;
}
-
- i++; /* next hex digit */
-
- p2 = strchr(hexchars, toupper((unsigned char)strhex[i]));
- if (p2 == NULL) {
- break;
- }
-
- /* get the two nybbles */
- hinybble = PTR_DIFF(p1, hexchars);
- lonybble = PTR_DIFF(p2, hexchars);
-
- if (num_chars >= p_len) {
- break;
- }
-
- p[num_chars] = (hinybble << 4) | lonybble;
- num_chars++;
-
- p1 = NULL;
- p2 = NULL;
+ i += 2;
+ num_chars += 1;
}
+
return num_chars;
}
diff --git a/lib/util/util_runcmd.c b/lib/util/util_runcmd.c
index 3bb4cd83f68..ce2db35d223 100644
--- a/lib/util/util_runcmd.c
+++ b/lib/util/util_runcmd.c
@@ -25,9 +25,11 @@
log
*/
-#include "includes.h"
+#include "replace.h"
#include "system/filesys.h"
#include <tevent.h>
+#include "lib/util/samba_util.h"
+#include "lib/util/debug.h"
#include "../lib/util/tevent_unix.h"
#include "../lib/util/tfork.h"
#include "../lib/util/sys_rw.h"
diff --git a/libcli/security/secacl.c b/libcli/security/secacl.c
index b90e3ae2d4a..a367ab676d2 100644
--- a/libcli/security/secacl.c
+++ b/libcli/security/secacl.c
@@ -31,9 +31,11 @@
Create a SEC_ACL structure.
********************************************************************/
-struct security_acl *make_sec_acl(TALLOC_CTX *ctx,
- enum security_acl_revision revision,
- int num_aces, struct security_ace *ace_list)
+struct security_acl *make_sec_acl(
+ TALLOC_CTX *ctx,
+ enum security_acl_revision revision,
+ int num_aces,
+ const struct security_ace *ace_list)
{
struct security_acl *dst;
int i;
diff --git a/libcli/security/secacl.h b/libcli/security/secacl.h
index c58d2c47fc3..961e2b4d891 100644
--- a/libcli/security/secacl.h
+++ b/libcli/security/secacl.h
@@ -23,9 +23,11 @@
#include "librpc/gen_ndr/security.h"
-struct security_acl *make_sec_acl(TALLOC_CTX *ctx, enum security_acl_revision revision,
- int num_aces, struct security_ace *ace_list);
-
+struct security_acl *make_sec_acl(
+ TALLOC_CTX *ctx,
+ enum security_acl_revision revision,
+ int num_aces,
+ const struct security_ace *ace_list);
#endif /*_SECACL_H_*/
diff --git a/librpc/rpc/binding.c b/librpc/rpc/binding.c
index 29be6ae16b2..80ab1a45134 100644
--- a/librpc/rpc/binding.c
+++ b/librpc/rpc/binding.c
@@ -137,7 +137,7 @@ const char *epm_floor_string(TALLOC_CTX *mem_ctx, struct epm_floor *epm_floor)
status = dcerpc_floor_get_lhs_data(epm_floor, &syntax);
if (NT_STATUS_IS_OK(status)) {
/* lhs is used: UUID */
- char *uuidstr;
+ struct GUID_txt_buf buf;
if (GUID_equal(&syntax.uuid, &ndr_transfer_syntax_ndr.uuid)) {
return "NDR";
@@ -147,9 +147,11 @@ const char *epm_floor_string(TALLOC_CTX *mem_ctx, struct epm_floor *epm_floor)
return "NDR64";
}
- uuidstr = GUID_string(mem_ctx, &syntax.uuid);
-
- return talloc_asprintf(mem_ctx, " uuid %s/0x%02x", uuidstr, syntax.if_version);
+ return talloc_asprintf(
+ mem_ctx,
+ " uuid %s/0x%02x",
+ GUID_buf_string(&syntax.uuid, &buf),
+ syntax.if_version);
} else { /* IPX */
return talloc_asprintf(mem_ctx, "IPX:%s",
data_blob_hex_string_upper(mem_ctx, &epm_floor->rhs.uuid.unknown));
diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c
index 06f6c4b2382..a413359d985 100644
--- a/librpc/rpc/dcesrv_core.c
+++ b/librpc/rpc/dcesrv_core.c
@@ -162,7 +162,7 @@ _PUBLIC_ const struct dcesrv_interface *find_interface_by_uuid(const struct dces
}
/*
- find the earlier parts of a fragmented call awaiting reassembily
+ find the earlier parts of a fragmented call awaiting reassembly
*/
static struct dcesrv_call_state *dcesrv_find_fragmented_call(struct dcesrv_connection *dce_conn, uint32_t call_id)
{
@@ -920,6 +920,7 @@ static void dcesrv_bind_done(struct tevent_req *subreq);
static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
{
struct dcesrv_connection *conn = call->conn;
+ struct dcesrv_context *dce_ctx = conn->dce_ctx;
struct ncacn_packet *pkt = &call->ack_pkt;
NTSTATUS status;
uint32_t extra_flags = 0;
@@ -958,15 +959,15 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
* via ncacn_ip_tcp on port 135.
*/
max_req = MAX(2048, max_req);
- max_rep = MIN(max_req, call->conn->max_recv_frag);
+ max_rep = MIN(max_req, conn->max_recv_frag);
/* They are truncated to an 8 byte boundary. */
max_rep &= 0xFFF8;
/* max_recv_frag and max_xmit_frag result always in the same value! */
- call->conn->max_recv_frag = max_rep;
- call->conn->max_xmit_frag = max_rep;
+ conn->max_recv_frag = max_rep;
+ conn->max_xmit_frag = max_rep;
- status = call->conn->dce_ctx->callbacks.assoc_group.find(call);
+ status = dce_ctx->callbacks.assoc_group.find(call);
if (!NT_STATUS_IS_OK(status)) {
DBG_NOTICE("Failed to find assoc_group 0x%08x: %s\n",
call->pkt.u.bind.assoc_group_id, nt_errstr(status));
@@ -1022,7 +1023,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
a->result = DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK;
a->reason.negotiate = 0;
if (features & DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING) {
- if (call->conn->max_auth_states != 0) {
+ if (conn->max_auth_states != 0) {
a->reason.negotiate |=
DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING;
}
@@ -1032,7 +1033,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN;
}
- call->conn->assoc_group->bind_time_features = a->reason.negotiate;
+ conn->assoc_group->bind_time_features = a->reason.negotiate;
}
/*
@@ -1070,7 +1071,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
}
if (call->state_flags & DCESRV_CALL_STATE_FLAG_PROCESS_PENDING_CALL) {
- call->conn->state_flags |= DCESRV_CALL_STATE_FLAG_PROCESS_PENDING_CALL;
+ conn->state_flags |= DCESRV_CALL_STATE_FLAG_PROCESS_PENDING_CALL;
}
/*
@@ -1097,18 +1098,18 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
}
/* setup a bind_ack */
- dcesrv_init_hdr(pkt, lpcfg_rpc_big_endian(call->conn->dce_ctx->lp_ctx));
+ dcesrv_init_hdr(pkt, lpcfg_rpc_big_endian(dce_ctx->lp_ctx));
pkt->auth_length = 0;
pkt->call_id = call->pkt.call_id;
pkt->ptype = DCERPC_PKT_BIND_ACK;
pkt->pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST | extra_flags;
- pkt->u.bind_ack.max_xmit_frag = call->conn->max_xmit_frag;
- pkt->u.bind_ack.max_recv_frag = call->conn->max_recv_frag;
- pkt->u.bind_ack.assoc_group_id = call->conn->assoc_group->id;
+ pkt->u.bind_ack.max_xmit_frag = conn->max_xmit_frag;
+ pkt->u.bind_ack.max_recv_frag = conn->max_recv_frag;
+ pkt->u.bind_ack.assoc_group_id = conn->assoc_group->id;
- ep_2nd_description = call->conn->endpoint->ep_2nd_description;
+ ep_2nd_description = conn->endpoint->ep_2nd_description;
if (ep_2nd_description == NULL) {
- ep_2nd_description = call->conn->endpoint->ep_description;
+ ep_2nd_description = conn->endpoint->ep_description;
}
endpoint = dcerpc_binding_get_string_option(
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index ffa858d7794..5fa513f604e 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -74,7 +74,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
{
struct security_token *token = NULL;
NTSTATUS status;
- int i;
+ uint32_t i;
if (!token_1 || !token_2 || !token_out) {
return NT_STATUS_INVALID_PARAMETER;
diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c
index 0751c65d58a..9a3a1210ea1 100644
--- a/source3/libsmb/libsmb_xattr.c
+++ b/source3/libsmb/libsmb_xattr.c
@@ -391,27 +391,24 @@ done:
/* add an struct security_ace to a list of struct security_aces in a struct security_acl */
static bool
add_ace(struct security_acl **the_acl,
- struct security_ace *ace,
+ const struct security_ace *ace,
TALLOC_CTX *ctx)
{
- struct security_acl *newacl;
- struct security_ace *aces;
+ struct security_acl *acl = *the_acl;
- if (! *the_acl) {
- (*the_acl) = make_sec_acl(ctx, 3, 1, ace);
- return True;
+ if (acl == NULL) {
+ acl = make_sec_acl(ctx, 3, 0, NULL);
+ if (acl == NULL) {
+ return false;
+ }
}
- if ((aces = SMB_CALLOC_ARRAY(struct security_ace,
- 1+(*the_acl)->num_aces)) == NULL) {
- return False;
+ if (acl->num_aces == UINT32_MAX) {
+ return false;
}
- memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct security_ace));
- memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
- newacl = make_sec_acl(ctx, (*the_acl)->revision,
- 1+(*the_acl)->num_aces, aces);
- SAFE_FREE(aces);
- (*the_acl) = newacl;
+ ADD_TO_ARRAY(
+ acl, struct security_ace, *ace, &acl->aces, &acl->num_aces);
+ *the_acl = acl;
return True;
}
@@ -428,8 +425,9 @@ sec_desc_parse(TALLOC_CTX *ctx,
char *tok;
struct security_descriptor *ret = NULL;
size_t sd_size;
- struct dom_sid *group_sid=NULL;
- struct dom_sid *owner_sid=NULL;
+ struct dom_sid owner_sid = { .num_auths = 0 };
+ struct dom_sid group_sid = { .num_auths = 0 };
+ bool have_owner = false, have_group = false;
struct security_acl *dacl=NULL;
int revision=1;
@@ -441,66 +439,62 @@ sec_desc_parse(TALLOC_CTX *ctx,
}
if (strncasecmp_m(tok,"OWNER:", 6) == 0) {
- if (owner_sid) {
+ if (have_owner) {
DEBUG(5,("OWNER specified more than once!\n"));
goto done;
}
- owner_sid = SMB_CALLOC_ARRAY(struct dom_sid, 1);
- if (!owner_sid ||
- !convert_string_to_sid(ipc_cli, pol,
+ if (!convert_string_to_sid(ipc_cli, pol,
numeric,
- owner_sid, tok+6)) {
+ &owner_sid, tok+6)) {
DEBUG(5, ("Failed to parse owner sid\n"));
goto done;
}
+ have_owner = true;
continue;
}
if (strncasecmp_m(tok,"OWNER+:", 7) == 0) {
- if (owner_sid) {
+ if (have_owner) {
DEBUG(5,("OWNER specified more than once!\n"));
goto done;
}
- owner_sid = SMB_CALLOC_ARRAY(struct dom_sid, 1);
- if (!owner_sid ||
- !convert_string_to_sid(ipc_cli, pol,
+ if (!convert_string_to_sid(ipc_cli, pol,
False,
- owner_sid, tok+7)) {
+ &owner_sid, tok+7)) {
DEBUG(5, ("Failed to parse owner sid\n"));
goto done;
}
+ have_owner = true;
continue;
}
if (strncasecmp_m(tok,"GROUP:", 6) == 0) {
- if (group_sid) {
+ if (have_group) {
DEBUG(5,("GROUP specified more than once!\n"));
goto done;
}
- group_sid = SMB_CALLOC_ARRAY(struct dom_sid, 1);
- if (!group_sid ||
- !convert_string_to_sid(ipc_cli, pol,
+ if (!convert_string_to_sid(ipc_cli, pol,
numeric,
- group_sid, tok+6)) {
+ &group_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
goto done;
}
+ have_group = true;
continue;
}
if (strncasecmp_m(tok,"GROUP+:", 7) == 0) {
- if (group_sid) {
+ if (have_group) {
DEBUG(5,("GROUP specified more than once!\n"));
goto done;
}
- group_sid = SMB_CALLOC_ARRAY(struct dom_sid, 1);
- if (!group_sid ||
- !convert_string_to_sid(ipc_cli, pol,
+ if (!convert_string_to_sid(ipc_cli, pol,
False,
- group_sid, tok+6)) {
+ &group_sid, tok+6)) {
DEBUG(5, ("Failed to parse group sid\n"));
goto done;
}
+ have_group = true;
continue;
}
@@ -534,12 +528,17 @@ sec_desc_parse(TALLOC_CTX *ctx,
goto done;
}
- ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE,
- owner_sid, group_sid, NULL, dacl, &sd_size);
+ ret = make_sec_desc(
+ ctx,
+ revision,
+ SEC_DESC_SELF_RELATIVE,
+ have_owner ? &owner_sid : NULL,
+ have_group ? &group_sid : NULL,
+ NULL,
+ dacl,
+ &sd_size);
done:
- SAFE_FREE(group_sid);
- SAFE_FREE(owner_sid);
return ret;
}
diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c
index 9cc27b5c352..36459bc3184 100644
--- a/source3/modules/vfs_glusterfs.c
+++ b/source3/modules/vfs_glusterfs.c
--
Samba Shared Repository
More information about the samba-cvs
mailing list