[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Fri Jan 22 21:08:01 UTC 2021


The branch, master has been updated
       via  b9f6e25fada torture: Fix a gcc qualifier ordering warning
       via  e593f969607 lib: Make accept_recv() return the listening socket
       via  f055d3f7db1 rpc_server: Fix a "bool==true" condition
       via  10d3a1c0689 rpc_server: Fix a typo
       via  181eb5728fd torture: Align integer types
       via  fa9d4570b8a lib: Align integer types
       via  b4077f7911d librpc: Fix a small memleak in epm_floor_string()
       via  c3ea181e762 smbd: Simplify sendfile_short_send()
       via  791b477ca5e sharesec: Simplify add_ace()
       via  90ea83b754b libcli: make_sec_acl() copies the ace_list, make that const
       via  f8f58301a11 smbcacls: Simplify add_ace_with_ctx()
       via  d4bbaee8904 libsmb: Simplify add_ace()
       via  3fa00ac31a8 libsmb: Simplify sec_desc_parse()
       via  5a018c70e24 smbcacls: Simplify sec_desc_parse()
       via  40e4958953c lib: Make accept_recv() return struct samba_sockaddr
       via  b417fd19675 rpc_server: Slightly simplify dcesrv_bind()
       via  ec4850d5205 rpc_server: Slightly simplify dcesrv_bind()
       via  d6d49638cc3 vfs: Simplify vfs_gluster_getwd()
       via  c5c9406b609 lib: Use hex_byte() in strhex_to_str()
       via  7d0981f5e78 lib: Avoid an "includes.h"
       via  d6c3faa1885 rpc_server: Fix a typo
      from  d8339056eef s3:idmap_hash: reliable return ID_TYPE_BOTH

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit b9f6e25fada7847af1971862dbdd6ce6e7103b1a
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Jan 20 21:10:06 2021 +0100

    torture: Fix a gcc qualifier ordering warning
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Fri Jan 22 21:07:57 UTC 2021 on sn-devel-184

commit e593f969607791571248dd3341089001f49362fa
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Jan 17 11:04:47 2021 +0100

    lib: Make accept_recv() return the listening socket
    
    This is helpful if you are in a listening loop with the same receiver
    for many sockets doing the same thing.
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit f055d3f7db1c6eb47a5773f3cbe5bf8a047f3830
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Jan 20 14:53:56 2021 +0100

    rpc_server: Fix a "bool==true" condition
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 10d3a1c0689c82ee0774cadc376c6b071afe277e
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Jan 20 15:00:08 2021 +0100

    rpc_server: Fix a typo
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 181eb5728fd4d9fd1126c1a396c8c621e2edc4d0
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Jan 20 21:10:35 2021 +0100

    torture: Align integer types
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit fa9d4570b8af16a8ab4afe6ecc4cb8759a35c723
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Jan 15 16:02:52 2021 +0100

    lib: Align integer types
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit b4077f7911dbe340eb1a5ba166049f381b9f4c24
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Jan 15 15:16:55 2021 +0100

    librpc: Fix a small memleak in epm_floor_string()
    
    Use GUID_buf_string(), don't leak the output of GUID_string()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit c3ea181e76206a865d04be836111dd40f462cfff
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 21:57:16 2021 +0100

    smbd: Simplify sendfile_short_send()
    
    Allocate 1024 bytes on the stack instead of using calloc
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 791b477ca5ef8fdbdc7b144ad5d3c679644394a0
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 21:52:51 2021 +0100

    sharesec: Simplify add_ace()
    
    Use ADD_TO_ARRAY
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 90ea83b754be1d02fbb421bb07c9cb246ec637d9
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 21:51:01 2021 +0100

    libcli: make_sec_acl() copies the ace_list, make that const
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit f8f58301a11caf13a416ff98b1681c78bd9a3a0b
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 21:45:36 2021 +0100

    smbcacls: Simplify add_ace_with_ctx()
    
    Use ADD_TO_ARRAY()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit d4bbaee890416609add457aa9534152c61b3671d
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 21:33:13 2021 +0100

    libsmb: Simplify add_ace()
    
    Use ADD_TO_ARRAY()
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 3fa00ac31a86cb43af05fa7f3f0bb15c13af44f8
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 21:32:21 2021 +0100

    libsmb: Simplify sec_desc_parse()
    
    Avoid CALLOC for just one struct dom_sids
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 5a018c70e241bed007339ebe3890f2eaaf678ff2
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 20:49:00 2021 +0100

    smbcacls: Simplify sec_desc_parse()
    
    Don't use SMB_CALLOC_ARRAY for just one element.
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 40e4958953c8518fa779286fd96ebf36517a5bdb
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Jan 11 15:58:58 2021 +0100

    lib: Make accept_recv() return struct samba_sockaddr
    
    Avoid casting problems by using the samba_sockaddr union
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit b417fd19675bb2d987abc768695c0b2feb1f637a
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 12:20:43 2021 +0100

    rpc_server: Slightly simplify dcesrv_bind()
    
    Factor out dereferencing conn->dce_ctx
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit ec4850d5205b0b568221124a628153a99e6c1e7f
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 12:17:53 2021 +0100

    rpc_server: Slightly simplify dcesrv_bind()
    
    We have already dereferenced call->conn in a variable, use that.
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit d6d49638cc3553dc83914035301ddafab966180b
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 10:25:41 2021 +0100

    vfs: Simplify vfs_gluster_getwd()
    
    Avoid a malloc, we allocate PATH_MAX chars on the stack elsewhere too
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit c5c9406b6098cddbb939b3abc5d9435a9a24f6b2
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 10:21:19 2021 +0100

    lib: Use hex_byte() in strhex_to_str()
    
    I had completely missed that one in the last round...
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 7d0981f5e78bc881ca6521932379c69604c33a38
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Jan 14 10:10:04 2021 +0100

    lib: Avoid an "includes.h"
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit d6c3faa188523bef0177c9411209d3ebf78ad159
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Jan 13 16:03:08 2021 +0100

    rpc_server: Fix a typo
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/async_req/async_sock.c           | 31 ++++++++------
 lib/async_req/async_sock.h           |  7 +++-
 lib/util/util.c                      | 33 +++------------
 lib/util/util_runcmd.c               |  4 +-
 libcli/security/secacl.c             |  8 ++--
 libcli/security/secacl.h             |  8 ++--
 librpc/rpc/binding.c                 | 10 +++--
 librpc/rpc/dcesrv_core.c             | 29 ++++++-------
 source3/lib/util_nttoken.c           |  2 +-
 source3/libsmb/libsmb_xattr.c        | 81 ++++++++++++++++++------------------
 source3/modules/vfs_glusterfs.c      | 10 +----
 source3/smbd/reply.c                 |  9 +---
 source3/utils/sharesec.c             | 24 +++++------
 source3/utils/smbcacls.c             | 69 +++++++++++++++---------------
 source4/rpc_server/dcerpc_server.c   |  2 +-
 source4/rpc_server/service_rpc.c     |  2 +-
 source4/torture/rpc/spoolss_notify.c |  4 +-
 17 files changed, 159 insertions(+), 174 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c
index 85ec148191e..3035aaaf623 100644
--- a/lib/async_req/async_sock.c
+++ b/lib/async_req/async_sock.c
@@ -28,6 +28,7 @@
 #include <tevent.h>
 #include "lib/async_req/async_sock.h"
 #include "lib/util/iov_buf.h"
+#include "lib/util/util_net.h"
 
 /* Note: lib/util/ is currently GPL */
 #include "lib/util/tevent_unix.h"
@@ -704,8 +705,7 @@ bool wait_for_read_recv(struct tevent_req *req, int *perr)
 struct accept_state {
 	struct tevent_fd *fde;
 	int listen_sock;
-	socklen_t addrlen;
-	struct sockaddr_storage addr;
+	struct samba_sockaddr addr;
 	int sock;
 };
 
@@ -747,10 +747,12 @@ static void accept_handler(struct tevent_context *ev, struct tevent_fd *fde,
 		tevent_req_error(req, EIO);
 		return;
 	}
-	state->addrlen = sizeof(state->addr);
 
-	ret = accept(state->listen_sock, (struct sockaddr *)&state->addr,
-		     &state->addrlen);
+	state->addr.sa_socklen = sizeof(state->addr.u);
+
+	ret = accept(state->listen_sock,
+		     &state->addr.u.sa,
+		     &state->addr.sa_socklen);
 	if ((ret == -1) && (errno == EINTR)) {
 		/* retry */
 		return;
@@ -764,23 +766,28 @@ static void accept_handler(struct tevent_context *ev, struct tevent_fd *fde,
 	tevent_req_done(req);
 }
 
-int accept_recv(struct tevent_req *req, struct sockaddr_storage *paddr,
-		socklen_t *paddrlen, int *perr)
+int accept_recv(struct tevent_req *req,
+		int *listen_sock,
+		struct samba_sockaddr *paddr,
+		int *perr)
 {
 	struct accept_state *state = tevent_req_data(req, struct accept_state);
+	int sock = state->sock;
 	int err;
 
 	if (tevent_req_is_unix_error(req, &err)) {
 		if (perr != NULL) {
 			*perr = err;
 		}
+		tevent_req_received(req);
 		return -1;
 	}
-	if (paddr != NULL) {
-		memcpy(paddr, &state->addr, state->addrlen);
+	if (listen_sock != NULL) {
+		*listen_sock = state->listen_sock;
 	}
-	if (paddrlen != NULL) {
-		*paddrlen = state->addrlen;
+	if (paddr != NULL) {
+		*paddr = state->addr;
 	}
-	return state->sock;
+	tevent_req_received(req);
+	return sock;
 }
diff --git a/lib/async_req/async_sock.h b/lib/async_req/async_sock.h
index 9cc052e253b..780195e3725 100644
--- a/lib/async_req/async_sock.h
+++ b/lib/async_req/async_sock.h
@@ -57,9 +57,12 @@ struct tevent_req *wait_for_read_send(TALLOC_CTX *mem_ctx,
 				      bool check_errors);
 bool wait_for_read_recv(struct tevent_req *req, int *perr);
 
+struct samba_sockaddr;
 struct tevent_req *accept_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
 			       int listen_sock);
-int accept_recv(struct tevent_req *req, struct sockaddr_storage *paddr,
-		socklen_t *paddrlen, int *perr);
+int accept_recv(struct tevent_req *req,
+		int *listen_sock,
+		struct samba_sockaddr *paddr,
+		int *perr);
 
 #endif
diff --git a/lib/util/util.c b/lib/util/util.c
index 3ca6b61df32..57f19aaa1a1 100644
--- a/lib/util/util.c
+++ b/lib/util/util.c
@@ -879,42 +879,21 @@ _PUBLIC_ size_t strhex_to_str(char *p, size_t p_len, const char *strhex, size_t
 {
 	size_t i = 0;
 	size_t num_chars = 0;
-	uint8_t   lonybble, hinybble;
-	const char     *hexchars = "0123456789ABCDEF";
-	char           *p1 = NULL, *p2 = NULL;
 
 	/* skip leading 0x prefix */
 	if (strncasecmp(strhex, "0x", 2) == 0) {
 		i += 2; /* skip two chars */
 	}
 
-	for (; i+1 < strhex_len && strhex[i] != 0 && strhex[i+1] != 0; i++) {
-		p1 = strchr(hexchars, toupper((unsigned char)strhex[i]));
-		if (p1 == NULL) {
+	while ((i < strhex_len) && (num_chars < p_len)) {
+		bool ok = hex_byte(&strhex[i], (uint8_t *)&p[num_chars]);
+		if (!ok) {
 			break;
 		}
-
-		i++; /* next hex digit */
-
-		p2 = strchr(hexchars, toupper((unsigned char)strhex[i]));
-		if (p2 == NULL) {
-			break;
-		}
-
-		/* get the two nybbles */
-		hinybble = PTR_DIFF(p1, hexchars);
-		lonybble = PTR_DIFF(p2, hexchars);
-
-		if (num_chars >= p_len) {
-			break;
-		}
-
-		p[num_chars] = (hinybble << 4) | lonybble;
-		num_chars++;
-
-		p1 = NULL;
-		p2 = NULL;
+		i += 2;
+		num_chars += 1;
 	}
+
 	return num_chars;
 }
 
diff --git a/lib/util/util_runcmd.c b/lib/util/util_runcmd.c
index 3bb4cd83f68..ce2db35d223 100644
--- a/lib/util/util_runcmd.c
+++ b/lib/util/util_runcmd.c
@@ -25,9 +25,11 @@
   log
  */
 
-#include "includes.h"
+#include "replace.h"
 #include "system/filesys.h"
 #include <tevent.h>
+#include "lib/util/samba_util.h"
+#include "lib/util/debug.h"
 #include "../lib/util/tevent_unix.h"
 #include "../lib/util/tfork.h"
 #include "../lib/util/sys_rw.h"
diff --git a/libcli/security/secacl.c b/libcli/security/secacl.c
index b90e3ae2d4a..a367ab676d2 100644
--- a/libcli/security/secacl.c
+++ b/libcli/security/secacl.c
@@ -31,9 +31,11 @@
  Create a SEC_ACL structure.
 ********************************************************************/
 
-struct security_acl *make_sec_acl(TALLOC_CTX *ctx,
-				  enum security_acl_revision revision,
-				  int num_aces, struct security_ace *ace_list)
+struct security_acl *make_sec_acl(
+	TALLOC_CTX *ctx,
+	enum security_acl_revision revision,
+	int num_aces,
+	const struct security_ace *ace_list)
 {
 	struct security_acl *dst;
 	int i;
diff --git a/libcli/security/secacl.h b/libcli/security/secacl.h
index c58d2c47fc3..961e2b4d891 100644
--- a/libcli/security/secacl.h
+++ b/libcli/security/secacl.h
@@ -23,9 +23,11 @@
 
 #include "librpc/gen_ndr/security.h"
 
-struct security_acl *make_sec_acl(TALLOC_CTX *ctx, enum security_acl_revision revision,
-		      int num_aces, struct security_ace *ace_list);
-
+struct security_acl *make_sec_acl(
+	TALLOC_CTX *ctx,
+	enum security_acl_revision revision,
+	int num_aces,
+	const struct security_ace *ace_list);
 
 #endif /*_SECACL_H_*/
 
diff --git a/librpc/rpc/binding.c b/librpc/rpc/binding.c
index 29be6ae16b2..80ab1a45134 100644
--- a/librpc/rpc/binding.c
+++ b/librpc/rpc/binding.c
@@ -137,7 +137,7 @@ const char *epm_floor_string(TALLOC_CTX *mem_ctx, struct epm_floor *epm_floor)
 			status = dcerpc_floor_get_lhs_data(epm_floor, &syntax);
 			if (NT_STATUS_IS_OK(status)) {
 				/* lhs is used: UUID */
-				char *uuidstr;
+				struct GUID_txt_buf buf;
 
 				if (GUID_equal(&syntax.uuid, &ndr_transfer_syntax_ndr.uuid)) {
 					return "NDR";
@@ -147,9 +147,11 @@ const char *epm_floor_string(TALLOC_CTX *mem_ctx, struct epm_floor *epm_floor)
 					return "NDR64";
 				} 
 
-				uuidstr = GUID_string(mem_ctx, &syntax.uuid);
-
-				return talloc_asprintf(mem_ctx, " uuid %s/0x%02x", uuidstr, syntax.if_version);
+				return talloc_asprintf(
+					mem_ctx,
+					" uuid %s/0x%02x",
+					GUID_buf_string(&syntax.uuid, &buf),
+					syntax.if_version);
 			} else { /* IPX */
 				return talloc_asprintf(mem_ctx, "IPX:%s", 
 						data_blob_hex_string_upper(mem_ctx, &epm_floor->rhs.uuid.unknown));
diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c
index 06f6c4b2382..a413359d985 100644
--- a/librpc/rpc/dcesrv_core.c
+++ b/librpc/rpc/dcesrv_core.c
@@ -162,7 +162,7 @@ _PUBLIC_ const struct dcesrv_interface *find_interface_by_uuid(const struct dces
 }
 
 /*
-  find the earlier parts of a fragmented call awaiting reassembily
+  find the earlier parts of a fragmented call awaiting reassembly
 */
 static struct dcesrv_call_state *dcesrv_find_fragmented_call(struct dcesrv_connection *dce_conn, uint32_t call_id)
 {
@@ -920,6 +920,7 @@ static void dcesrv_bind_done(struct tevent_req *subreq);
 static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
 {
 	struct dcesrv_connection *conn = call->conn;
+	struct dcesrv_context *dce_ctx = conn->dce_ctx;
 	struct ncacn_packet *pkt = &call->ack_pkt;
 	NTSTATUS status;
 	uint32_t extra_flags = 0;
@@ -958,15 +959,15 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
 	 * via ncacn_ip_tcp on port 135.
 	 */
 	max_req = MAX(2048, max_req);
-	max_rep = MIN(max_req, call->conn->max_recv_frag);
+	max_rep = MIN(max_req, conn->max_recv_frag);
 	/* They are truncated to an 8 byte boundary. */
 	max_rep &= 0xFFF8;
 
 	/* max_recv_frag and max_xmit_frag result always in the same value! */
-	call->conn->max_recv_frag = max_rep;
-	call->conn->max_xmit_frag = max_rep;
+	conn->max_recv_frag = max_rep;
+	conn->max_xmit_frag = max_rep;
 
-	status = call->conn->dce_ctx->callbacks.assoc_group.find(call);
+	status = dce_ctx->callbacks.assoc_group.find(call);
 	if (!NT_STATUS_IS_OK(status)) {
 		DBG_NOTICE("Failed to find assoc_group 0x%08x: %s\n",
 			   call->pkt.u.bind.assoc_group_id, nt_errstr(status));
@@ -1022,7 +1023,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
 		a->result = DCERPC_BIND_ACK_RESULT_NEGOTIATE_ACK;
 		a->reason.negotiate = 0;
 		if (features & DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING) {
-			if (call->conn->max_auth_states != 0) {
+			if (conn->max_auth_states != 0) {
 				a->reason.negotiate |=
 				DCERPC_BIND_TIME_SECURITY_CONTEXT_MULTIPLEXING;
 			}
@@ -1032,7 +1033,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
 				DCERPC_BIND_TIME_KEEP_CONNECTION_ON_ORPHAN;
 		}
 
-		call->conn->assoc_group->bind_time_features = a->reason.negotiate;
+		conn->assoc_group->bind_time_features = a->reason.negotiate;
 	}
 
 	/*
@@ -1070,7 +1071,7 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
 	}
 
 	if (call->state_flags & DCESRV_CALL_STATE_FLAG_PROCESS_PENDING_CALL) {
-		call->conn->state_flags |= DCESRV_CALL_STATE_FLAG_PROCESS_PENDING_CALL;
+		conn->state_flags |= DCESRV_CALL_STATE_FLAG_PROCESS_PENDING_CALL;
 	}
 
 	/*
@@ -1097,18 +1098,18 @@ static NTSTATUS dcesrv_bind(struct dcesrv_call_state *call)
 	}
 
 	/* setup a bind_ack */
-	dcesrv_init_hdr(pkt, lpcfg_rpc_big_endian(call->conn->dce_ctx->lp_ctx));
+	dcesrv_init_hdr(pkt, lpcfg_rpc_big_endian(dce_ctx->lp_ctx));
 	pkt->auth_length = 0;
 	pkt->call_id = call->pkt.call_id;
 	pkt->ptype = DCERPC_PKT_BIND_ACK;
 	pkt->pfc_flags = DCERPC_PFC_FLAG_FIRST | DCERPC_PFC_FLAG_LAST | extra_flags;
-	pkt->u.bind_ack.max_xmit_frag = call->conn->max_xmit_frag;
-	pkt->u.bind_ack.max_recv_frag = call->conn->max_recv_frag;
-	pkt->u.bind_ack.assoc_group_id = call->conn->assoc_group->id;
+	pkt->u.bind_ack.max_xmit_frag = conn->max_xmit_frag;
+	pkt->u.bind_ack.max_recv_frag = conn->max_recv_frag;
+	pkt->u.bind_ack.assoc_group_id = conn->assoc_group->id;
 
-	ep_2nd_description = call->conn->endpoint->ep_2nd_description;
+	ep_2nd_description = conn->endpoint->ep_2nd_description;
 	if (ep_2nd_description == NULL) {
-		ep_2nd_description = call->conn->endpoint->ep_description;
+		ep_2nd_description = conn->endpoint->ep_description;
 	}
 
 	endpoint = dcerpc_binding_get_string_option(
diff --git a/source3/lib/util_nttoken.c b/source3/lib/util_nttoken.c
index ffa858d7794..5fa513f604e 100644
--- a/source3/lib/util_nttoken.c
+++ b/source3/lib/util_nttoken.c
@@ -74,7 +74,7 @@ NTSTATUS merge_nt_token(TALLOC_CTX *mem_ctx,
 {
 	struct security_token *token = NULL;
 	NTSTATUS status;
-	int i;
+	uint32_t i;
 
 	if (!token_1 || !token_2 || !token_out) {
 		return NT_STATUS_INVALID_PARAMETER;
diff --git a/source3/libsmb/libsmb_xattr.c b/source3/libsmb/libsmb_xattr.c
index 0751c65d58a..9a3a1210ea1 100644
--- a/source3/libsmb/libsmb_xattr.c
+++ b/source3/libsmb/libsmb_xattr.c
@@ -391,27 +391,24 @@ done:
 /* add an struct security_ace to a list of struct security_aces in a struct security_acl */
 static bool
 add_ace(struct security_acl **the_acl,
-        struct security_ace *ace,
+        const struct security_ace *ace,
         TALLOC_CTX *ctx)
 {
-	struct security_acl *newacl;
-	struct security_ace *aces;
+	struct security_acl *acl = *the_acl;
 
-	if (! *the_acl) {
-		(*the_acl) = make_sec_acl(ctx, 3, 1, ace);
-		return True;
+	if (acl == NULL) {
+		acl = make_sec_acl(ctx, 3, 0, NULL);
+		if (acl == NULL) {
+			return false;
+		}
 	}
 
-	if ((aces = SMB_CALLOC_ARRAY(struct security_ace,
-                                     1+(*the_acl)->num_aces)) == NULL) {
-		return False;
+	if (acl->num_aces == UINT32_MAX) {
+		return false;
 	}
-	memcpy(aces, (*the_acl)->aces, (*the_acl)->num_aces * sizeof(struct security_ace));
-	memcpy(aces+(*the_acl)->num_aces, ace, sizeof(struct security_ace));
-	newacl = make_sec_acl(ctx, (*the_acl)->revision,
-                              1+(*the_acl)->num_aces, aces);
-	SAFE_FREE(aces);
-	(*the_acl) = newacl;
+	ADD_TO_ARRAY(
+		acl, struct security_ace, *ace, &acl->aces, &acl->num_aces);
+	*the_acl = acl;
 	return True;
 }
 
@@ -428,8 +425,9 @@ sec_desc_parse(TALLOC_CTX *ctx,
 	char *tok;
 	struct security_descriptor *ret = NULL;
 	size_t sd_size;
-	struct dom_sid *group_sid=NULL;
-        struct dom_sid *owner_sid=NULL;
+	struct dom_sid owner_sid = { .num_auths = 0 };
+	struct dom_sid group_sid = { .num_auths = 0 };
+	bool have_owner = false, have_group = false;
 	struct security_acl *dacl=NULL;
 	int revision=1;
 
@@ -441,66 +439,62 @@ sec_desc_parse(TALLOC_CTX *ctx,
 		}
 
 		if (strncasecmp_m(tok,"OWNER:", 6) == 0) {
-			if (owner_sid) {
+			if (have_owner) {
 				DEBUG(5,("OWNER specified more than once!\n"));
 				goto done;
 			}
-			owner_sid = SMB_CALLOC_ARRAY(struct dom_sid, 1);
-			if (!owner_sid ||
-			    !convert_string_to_sid(ipc_cli, pol,
+			if (!convert_string_to_sid(ipc_cli, pol,
                                                    numeric,
-                                                   owner_sid, tok+6)) {
+                                                   &owner_sid, tok+6)) {
 				DEBUG(5, ("Failed to parse owner sid\n"));
 				goto done;
 			}
+			have_owner = true;
 			continue;
 		}
 
 		if (strncasecmp_m(tok,"OWNER+:", 7) == 0) {
-			if (owner_sid) {
+			if (have_owner) {
 				DEBUG(5,("OWNER specified more than once!\n"));
 				goto done;
 			}
-			owner_sid = SMB_CALLOC_ARRAY(struct dom_sid, 1);
-			if (!owner_sid ||
-			    !convert_string_to_sid(ipc_cli, pol,
+			if (!convert_string_to_sid(ipc_cli, pol,
                                                    False,
-                                                   owner_sid, tok+7)) {
+                                                   &owner_sid, tok+7)) {
 				DEBUG(5, ("Failed to parse owner sid\n"));
 				goto done;
 			}
+			have_owner = true;
 			continue;
 		}
 
 		if (strncasecmp_m(tok,"GROUP:", 6) == 0) {
-			if (group_sid) {
+			if (have_group) {
 				DEBUG(5,("GROUP specified more than once!\n"));
 				goto done;
 			}
-			group_sid = SMB_CALLOC_ARRAY(struct dom_sid, 1);
-			if (!group_sid ||
-			    !convert_string_to_sid(ipc_cli, pol,
+			if (!convert_string_to_sid(ipc_cli, pol,
                                                    numeric,
-                                                   group_sid, tok+6)) {
+                                                   &group_sid, tok+6)) {
 				DEBUG(5, ("Failed to parse group sid\n"));
 				goto done;
 			}
+			have_group = true;
 			continue;
 		}
 
 		if (strncasecmp_m(tok,"GROUP+:", 7) == 0) {
-			if (group_sid) {
+			if (have_group) {
 				DEBUG(5,("GROUP specified more than once!\n"));
 				goto done;
 			}
-			group_sid = SMB_CALLOC_ARRAY(struct dom_sid, 1);
-			if (!group_sid ||
-			    !convert_string_to_sid(ipc_cli, pol,
+			if (!convert_string_to_sid(ipc_cli, pol,
                                                    False,
-                                                   group_sid, tok+6)) {
+                                                   &group_sid, tok+6)) {
 				DEBUG(5, ("Failed to parse group sid\n"));
 				goto done;
 			}
+			have_group = true;
 			continue;
 		}
 
@@ -534,12 +528,17 @@ sec_desc_parse(TALLOC_CTX *ctx,
 		goto done;
 	}
 
-	ret = make_sec_desc(ctx, revision, SEC_DESC_SELF_RELATIVE, 
-			    owner_sid, group_sid, NULL, dacl, &sd_size);
+	ret = make_sec_desc(
+		ctx,
+		revision,
+		SEC_DESC_SELF_RELATIVE,
+		have_owner ? &owner_sid : NULL,
+		have_group ? &group_sid : NULL,
+		NULL,
+		dacl,
+		&sd_size);
 
 done:
-	SAFE_FREE(group_sid);
-	SAFE_FREE(owner_sid);
 	return ret;
 }
 
diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c
index 9cc27b5c352..36459bc3184 100644
--- a/source3/modules/vfs_glusterfs.c
+++ b/source3/modules/vfs_glusterfs.c


-- 
Samba Shared Repository



More information about the samba-cvs mailing list