[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Tue Sep 21 01:13:02 UTC 2021


The branch, master has been updated
       via  b09efc8b8b9 lib: Move closefrom_except*() to a separate file
       via  6f973a4f79b samba-bgqd: Convert closeall_*() to closefrom_*()
       via  e11881ea167 lib: Avoid an "includes.h"
       via  aea829250da lib: Give util_specialsids.c its own prototype header
       via  df4c03d5242 lib: Add required #includes
       via  917f7902dfe winbind: Fix a typo
       via  ad462c27a4b rpc_server4: Fix a typo
       via  07113263893 samba-bgqd: Enable smbcontrol pool-usage
       via  86cf8f462f0 lib: Simplify sid_linearize()
      from  8a93ef625fd s3: rpc_server: Avoid creating new handles when received an empty policy_handle

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit b09efc8b8b9f482443a9d99074c6167c08859d84
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Sep 20 12:09:55 2021 +0200

    lib: Move closefrom_except*() to a separate file
    
    Enable use in other daemons
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Tue Sep 21 01:12:12 UTC 2021 on sn-devel-184

commit 6f973a4f79bcde2ee13047cd7dd1ff3a105f3d0e
Author: Volker Lendecke <vl at samba.org>
Date:   Mon Sep 20 11:59:13 2021 +0200

    samba-bgqd: Convert closeall_*() to closefrom_*()
    
    Align it with closefrom() in preparation for use elsewhere
    
    Signed-off-by: Volker Lendecke <vl at samba.org>

commit e11881ea1678575797cab3503c8214d11834dd54
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Sep 16 17:05:25 2021 +0200

    lib: Avoid an "includes.h"
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit aea829250daee5b80686fc8f9369f8fdecb6e735
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Sep 18 08:30:07 2021 +0200

    lib: Give util_specialsids.c its own prototype header
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit df4c03d52429bf8b40e7876016c65bd7d7ed5af8
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Sep 16 17:04:47 2021 +0200

    lib: Add required #includes
    
    dom_sid.h itself references talloc, and security.h references
    DATA_BLOB.
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 917f7902dfefb053bb9efd82cb9b1fc69ac70844
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Sep 18 07:59:25 2021 +0200

    winbind: Fix a typo
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit ad462c27a4bcc8aa7262ee75b069841c16c4f0f5
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Sep 17 15:00:36 2021 +0200

    rpc_server4: Fix a typo
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 07113263893a42d4abddffba1ab341297d349ebf
Author: Volker Lendecke <vl at samba.org>
Date:   Sun Sep 19 10:01:33 2021 +0200

    samba-bgqd: Enable smbcontrol pool-usage
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 86cf8f462f0837f385001c0c1671c4e480ceb4bf
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Sep 18 08:51:59 2021 +0200

    lib: Simplify sid_linearize()
    
    We have ndr_push_dom_sid() for this
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/cmdline/closefrom_except.c                     | 93 ++++++++++++++++++++++
 .../crypto/gse.h => lib/cmdline/closefrom_except.h | 19 +++--
 lib/cmdline/wscript                                |  5 +-
 libcli/security/dom_sid.h                          |  3 +
 source3/include/proto.h                            |  5 --
 source3/lib/util_sid.c                             | 18 ++---
 source3/lib/util_specialsids.c                     |  4 +-
 .../smb2_lock.h => source3/lib/util_specialsids.h  | 17 ++--
 source3/printing/samba-bgqd.c                      | 85 +-------------------
 source3/winbindd/winbindd.c                        |  3 +-
 source4/rpc_server/lsa/dcesrv_lsa.c                |  2 +-
 11 files changed, 135 insertions(+), 119 deletions(-)
 create mode 100644 lib/cmdline/closefrom_except.c
 copy source3/librpc/crypto/gse.h => lib/cmdline/closefrom_except.h (70%)
 copy libcli/smb/smb2_lock.h => source3/lib/util_specialsids.h (70%)


Changeset truncated at 500 lines:

diff --git a/lib/cmdline/closefrom_except.c b/lib/cmdline/closefrom_except.c
new file mode 100644
index 00000000000..fe4e0cc6efb
--- /dev/null
+++ b/lib/cmdline/closefrom_except.c
@@ -0,0 +1,93 @@
+/*
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "replace.h"
+#include "closefrom_except.h"
+#include <popt.h>
+
+int closefrom_except(int lower, int *fds, size_t num_fds)
+{
+	size_t i;
+	int max_keep = -1;
+	int fd, ret;
+
+	for (i=0; i<num_fds; i++) {
+		max_keep = MAX(max_keep, fds[i]);
+	}
+	if (max_keep == -1) {
+		return 0;
+	}
+
+	for (fd = lower; fd < max_keep; fd++) {
+		bool keep = false;
+
+		/*
+		 * O(num_fds*max_keep), but we expect the number of
+		 * fds to keep to be very small, typically 0,1,2 and
+		 * very few more.
+		 */
+		for (i=0; i<num_fds; i++) {
+			if (fd == fds[i]) {
+				keep = true;
+				break;
+			}
+		}
+		if (keep) {
+			continue;
+		}
+		ret = close(fd);
+		if ((ret == -1) && (errno != EBADF)) {
+			return errno;
+		}
+	}
+
+	closefrom(MAX(lower, max_keep+1));
+	return 0;
+}
+
+int closefrom_except_fd_params(
+	int lower,
+	size_t num_fd_params,
+	const char *fd_params[],
+	int argc,
+	const char *argv[])
+{
+	int fds[num_fd_params];
+	size_t i;
+	struct poptOption long_options[num_fd_params + 1];
+	poptContext pc;
+	int ret;
+
+	for (i=0; i<num_fd_params; i++) {
+		fds[i] = -1;
+		long_options[i] = (struct poptOption) {
+			.longName = fd_params[i],
+			.argInfo = POPT_ARG_INT,
+			.arg = &fds[i],
+		};
+	}
+	long_options[num_fd_params] = (struct poptOption) { .longName=NULL, };
+
+	pc = poptGetContext(argv[0], argc, argv, long_options, 0);
+
+	while ((ret = poptGetNextOpt(pc)) != -1) {
+		/* do nothing */
+	}
+
+	poptFreeContext(pc);
+
+	ret = closefrom_except(lower, fds, ARRAY_SIZE(fds));
+	return ret;
+}
diff --git a/source3/librpc/crypto/gse.h b/lib/cmdline/closefrom_except.h
similarity index 70%
copy from source3/librpc/crypto/gse.h
copy to lib/cmdline/closefrom_except.h
index 8618573b4aa..d696ebfd838 100644
--- a/source3/librpc/crypto/gse.h
+++ b/lib/cmdline/closefrom_except.h
@@ -1,7 +1,4 @@
 /*
- *  GSSAPI Security Extensions
- *  Copyright (C) Simo Sorce 2010.
- *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
  *  the Free Software Foundation; either version 3 of the License, or
@@ -16,11 +13,17 @@
  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
  */
 
-#ifndef _GSE_H_
-#define _GSE_H_
+#ifndef __LIB_CLOSEFROM_EXCEPT_H__
+#define __LIB_CLOSEFROM_EXCEPT_H__
 
-struct gse_context;
+#include "replace.h"
 
-extern const struct gensec_security_ops gensec_gse_krb5_security_ops;
+int closefrom_except(int lower, int *fds, size_t num_fds);
+int closefrom_except_fd_params(
+	int lower,
+	size_t num_fd_params,
+	const char *fd_params[],
+	int argc,
+	const char *argv[]);
 
-#endif /* _GSE_H_ */
+#endif
diff --git a/lib/cmdline/wscript b/lib/cmdline/wscript
index 9c50b47a41c..1e13561ddf6 100644
--- a/lib/cmdline/wscript
+++ b/lib/cmdline/wscript
@@ -6,7 +6,10 @@ from waflib import Logs
 
 def build(bld):
     bld.SAMBA_LIBRARY('cmdline',
-                      source='cmdline.c',
+                      source='''
+                          cmdline.c
+                          closefrom_except.c
+                      ''',
                       deps='''
                            talloc
                            cli_smb_common
diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h
index 57108ce2a9c..678b2e21ba6 100644
--- a/libcli/security/dom_sid.h
+++ b/libcli/security/dom_sid.h
@@ -23,6 +23,9 @@
 #ifndef _DOM_SID_H_
 #define _DOM_SID_H_
 
+#include "replace.h"
+#include <talloc.h>
+#include "lib/util/data_blob.h"
 #include "librpc/gen_ndr/security.h"
 
 /* Some well-known SIDs */
diff --git a/source3/include/proto.h b/source3/include/proto.h
index eb45179aebb..ba4e5f74f44 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -751,11 +751,6 @@ bool lookup_wellknown_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
 bool lookup_wellknown_name(TALLOC_CTX *mem_ctx, const char *name,
 			   struct dom_sid *sid, const char **domain);
 
-/* The following definitions come from lib/util_specialsids.c  */
-bool sid_check_is_asserted_identity(const struct dom_sid *sid);
-bool sid_check_is_in_asserted_identity(const struct dom_sid *sid);
-const char *asserted_identity_domain_name(void);
-
 /* The following definitions come from lib/filename_util.c */
 
 NTSTATUS get_full_smb_filename(TALLOC_CTX *ctx, const struct smb_filename *smb_fname,
diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
index 806f860136b..75918b440a3 100644
--- a/source3/lib/util_sid.c
+++ b/source3/lib/util_sid.c
@@ -27,6 +27,7 @@
 #include "../librpc/gen_ndr/netlogon.h"
 #include "../libcli/security/security.h"
 #include "lib/util/string_wrappers.h"
+#include "source3/lib/util_specialsids.h"
 
 
 /*****************************************************************
@@ -46,18 +47,13 @@ char *sid_to_fstring(fstring sidstr_out, const struct dom_sid *sid)
 
 bool sid_linearize(uint8_t *outbuf, size_t len, const struct dom_sid *sid)
 {
-	int8_t i;
+	struct ndr_push ndr = {
+		.data = outbuf, .alloc_size = len, .fixed_buf_size = true,
+	};
+	enum ndr_err_code ndr_err;
 
-	if (len < ndr_size_dom_sid(sid, 0))
-		return False;
-
-	SCVAL(outbuf,0,sid->sid_rev_num);
-	SCVAL(outbuf,1,sid->num_auths);
-	memcpy(&outbuf[2], sid->id_auth, 6);
-	for(i = 0; i < sid->num_auths; i++)
-		SIVAL(outbuf, 8 + (i*4), sid->sub_auths[i]);
-
-	return True;
+	ndr_err = ndr_push_dom_sid(&ndr, NDR_SCALARS|NDR_BUFFERS, sid);
+	return NDR_ERR_CODE_IS_SUCCESS(ndr_err);
 }
 
 /*****************************************************************
diff --git a/source3/lib/util_specialsids.c b/source3/lib/util_specialsids.c
index 4c402d6dade..10c189c304e 100644
--- a/source3/lib/util_specialsids.c
+++ b/source3/lib/util_specialsids.c
@@ -16,8 +16,10 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#include "includes.h"
+#include "replace.h"
+#include "libcli/security/dom_sid.h"
 #include "../libcli/security/security.h"
+#include "util_specialsids.h"
 
 bool sid_check_is_asserted_identity(const struct dom_sid *sid)
 {
diff --git a/libcli/smb/smb2_lock.h b/source3/lib/util_specialsids.h
similarity index 70%
copy from libcli/smb/smb2_lock.h
copy to source3/lib/util_specialsids.h
index f0e05355232..c65073714c3 100644
--- a/libcli/smb/smb2_lock.h
+++ b/source3/lib/util_specialsids.h
@@ -1,7 +1,6 @@
 /*
  * Unix SMB/CIFS implementation.
- *
- * Copyright (C) Volker Lendecke 2019
+ * Copyright (C) Guenther Deschner 2016
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -17,16 +16,14 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#ifndef __LIBCLI_SMB_SMB2_LOCK_H__
-#define __LIBCLI_SMB_SMB2_LOCK_H__
+#ifndef __LIB_UTIL_SPECIALSIDS_H__
+#define __LIB_UTIL_SPECIALSIDS_H__
 
 #include "replace.h"
 
-struct smb2_lock_element {
-	uint64_t offset;
-	uint64_t length;
-	uint32_t flags;
-	uint32_t reserved;
-};
+struct dom_sid;
+bool sid_check_is_asserted_identity(const struct dom_sid *sid);
+bool sid_check_is_in_asserted_identity(const struct dom_sid *sid);
+const char *asserted_identity_domain_name(void);
 
 #endif
diff --git a/source3/printing/samba-bgqd.c b/source3/printing/samba-bgqd.c
index 8ac6ec525b2..336a007ab9a 100644
--- a/source3/printing/samba-bgqd.c
+++ b/source3/printing/samba-bgqd.c
@@ -22,6 +22,7 @@
 #include "source3/param/loadparm.h"
 #include "source3/param/param_proto.h"
 #include "lib/cmdline/cmdline.h"
+#include "lib/cmdline/closefrom_except.h"
 #include "lib/util/talloc_stack.h"
 #include "lib/util/debug.h"
 #include "lib/util/signal.h"
@@ -155,84 +156,6 @@ static int samba_bgqd_pidfile_create(
 	return EAGAIN;
 }
 
-static int closeall_except(int *fds, size_t num_fds)
-{
-	size_t i;
-	int max_keep = -1;
-	int fd, ret;
-
-	for (i=0; i<num_fds; i++) {
-		max_keep = MAX(max_keep, fds[i]);
-	}
-	if (max_keep == -1) {
-		return 0;
-	}
-
-	for (fd = 0; fd < max_keep; fd++) {
-		bool keep = false;
-
-		/*
-		 * O(num_fds*max_keep), but we expect the number of
-		 * fds to keep to be very small, typically 0,1,2 and
-		 * very few more.
-		 */
-		for (i=0; i<num_fds; i++) {
-			if (fd == fds[i]) {
-				keep = true;
-				break;
-			}
-		}
-		if (keep) {
-			continue;
-		}
-		ret = close(fd);
-		if ((ret == -1) && (errno != EBADF)) {
-			return errno;
-		}
-	}
-
-	closefrom(max_keep+1);
-	return 0;
-}
-
-static int closeall_except_fd_params(
-	size_t num_fd_params,
-	const char *fd_params[],
-	int argc,
-	const char *argv[])
-{
-	int fds[num_fd_params+3];
-	size_t i;
-	struct poptOption long_options[num_fd_params + 1];
-	poptContext pc;
-	int ret;
-
-	for (i=0; i<num_fd_params; i++) {
-		fds[i] = -1;
-		long_options[i] = (struct poptOption) {
-			.longName = fd_params[i],
-			.argInfo = POPT_ARG_INT,
-			.arg = &fds[i],
-		};
-	}
-	long_options[num_fd_params] = (struct poptOption) { .longName=NULL, };
-
-	fds[num_fd_params] = 0;
-	fds[num_fd_params+1] = 1;
-	fds[num_fd_params+2] = 2;
-
-	pc = poptGetContext(argv[0], argc, argv, long_options, 0);
-
-	while ((ret = poptGetNextOpt(pc)) != -1) {
-		/* do nothing */
-	}
-
-	poptFreeContext(pc);
-
-	ret = closeall_except(fds, ARRAY_SIZE(fds));
-	return ret;
-}
-
 int main(int argc, const char *argv[])
 {
 	const struct loadparm_substitution *lp_sub =
@@ -304,12 +227,12 @@ int main(int argc, const char *argv[])
 			"ready-signal-fd", "parent-watch-fd",
 		};
 
-		closeall_except_fd_params(
-			ARRAY_SIZE(fd_params), fd_params, argc, argv);
+		closefrom_except_fd_params(
+			3, ARRAY_SIZE(fd_params), fd_params, argc, argv);
 	}
 
+	talloc_enable_null_tracking();
 	frame = talloc_stackframe();
-
 	umask(0);
 
 	ok = samba_cmdline_init(frame,
diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c
index 25d8b723010..2205eebd163 100644
--- a/source3/winbindd/winbindd.c
+++ b/source3/winbindd/winbindd.c
@@ -1709,7 +1709,8 @@ int main(int argc, const char **argv)
 
 	if (log_stdout && cmdline_daemon_cfg->fork) {
 		d_fprintf(stderr, "\nERROR: "
-			  "Can't log to stdout (-S) unless daemon is in foreground +(-F) or interactive (-i)\n\n");
+			  "Can't log to stdout (-S) unless daemon is in "
+			  "foreground (-F) or interactive (-i)\n\n");
 		poptPrintUsage(pc, stderr, 0);
 		exit(1);
 	}
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 15b068aec62..4101d6ddd34 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -2258,7 +2258,7 @@ done:
 }
 
 /*
-  lsa_SetInfomrationTrustedDomain
+  lsa_SetInformationTrustedDomain
 */
 static NTSTATUS dcesrv_lsa_SetInformationTrustedDomain(
 				struct dcesrv_call_state *dce_call,


-- 
Samba Shared Repository



More information about the samba-cvs mailing list