[SCM] Samba Shared Repository - branch v4-16-test updated
Jule Anger
janger at samba.org
Fri Apr 15 14:46:01 UTC 2022
The branch, v4-16-test has been updated
via b444d0f7fee s3:winbind: Remove no longer used domain's private_data pointer
via 12e6a16911d s3:winbind: Do not use domain's private data to store the ADS_STRUCT
via be6712bd615 s3:winbind: Simplify open_cached_internal_pipe_conn()
via 621b80645a4 s3:winbind: Do not use domain's private data to store the SAMR pipes
via 41a2825ea57 s3: smbget: Fix auth_fn, order of //server/share parameters is mixed in prompt.
from ef77abc2c49 s3:auth: Fix user_in_list() for UNIX groups
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-16-test
- Log -----------------------------------------------------------------
commit b444d0f7feef430dbcbbcbc626bf988ab867c2b8
Author: Samuel Cabrero <scabrero at samba.org>
Date: Wed Apr 13 11:34:18 2022 +0200
s3:winbind: Remove no longer used domain's private_data pointer
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15046
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit a6d6ae3cfcd64a85f82ec5b12253ca0e237d95bb)
Autobuild-User(v4-16-test): Jule Anger <janger at samba.org>
Autobuild-Date(v4-16-test): Fri Apr 15 14:45:44 UTC 2022 on sn-devel-184
commit 12e6a16911dee92e20290bb4dec7959cb9de30f6
Author: Samuel Cabrero <scabrero at samba.org>
Date: Wed Apr 13 11:31:45 2022 +0200
s3:winbind: Do not use domain's private data to store the ADS_STRUCT
The ADS_STRUCT is not allocated using talloc and there are many places
casting this pointer directly so use a typed pointer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15046
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 3cb256439e9ceece26c2de82293c43486543e0cb)
commit be6712bd6151548168bd77a670c7576383c3c7f6
Author: Samuel Cabrero <scabrero at samba.org>
Date: Wed Apr 13 11:15:35 2022 +0200
s3:winbind: Simplify open_cached_internal_pipe_conn()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15046
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit 91395e660a2b1b69bf74ca0b77aee416e2ac1db3)
commit 621b80645a47dc41b53217785b835706a1677468
Author: Samuel Cabrero <scabrero at samba.org>
Date: Wed Apr 13 11:01:00 2022 +0200
s3:winbind: Do not use domain's private data to store the SAMR pipes
The domain's private_data pointer is also used to store a ADS_STRUCT,
which is not allocated using talloc and there are many places casting
this pointer directly.
The recently added samba.tests.pam_winbind_setcred was randomly failing
and after debugging it the problem was that kerberos authentication was
failing because the time_offset passed to kerberos_return_pac() was
wrong. This time_offset was retrieved from ads->auth.time_offset, where
the ads pointer was directly casted from domain->private_data but
private_data was pointing to a winbind_internal_pipes struct.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15046
Signed-off-by: Samuel Cabrero <scabrero at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit e1f29b0970f4cac52a9cd517be6862cf69a1433a)
commit 41a2825ea5790296359aa069e19a55da7bf64be0
Author: Jeremy Allison <jra at samba.org>
Date: Tue Apr 5 13:24:19 2022 -0700
s3: smbget: Fix auth_fn, order of //server/share parameters is mixed in prompt.
Found by <voetelink at nrg.eu>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14831
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
(cherry picked from commit f1765f91b015d64122e74c01c7c6d0984cc7af87)
-----------------------------------------------------------------------
Summary of changes:
source3/utils/smbget.c | 2 +-
source3/winbindd/winbindd.h | 10 +++++++---
source3/winbindd/winbindd_ads.c | 10 +++++-----
source3/winbindd/winbindd_ndr.c | 7 ++++++-
source3/winbindd/winbindd_pam.c | 6 ++----
source3/winbindd/winbindd_samr.c | 27 +++++++++------------------
6 files changed, 30 insertions(+), 32 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/smbget.c b/source3/utils/smbget.c
index 19958f35afa..3e7c5687d83 100644
--- a/source3/utils/smbget.c
+++ b/source3/utils/smbget.c
@@ -129,7 +129,7 @@ static void get_auth_data(const char *srv, const char *shr, char *wg, int wglen,
rc = asprintf(&prompt,
"Password for [%s] connecting to //%s/%s: ",
- un, shr, srv);
+ un, srv, shr);
if (rc == -1) {
return;
}
diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h
index dac4a1fa927..fe286a9a686 100644
--- a/source3/winbindd/winbindd.h
+++ b/source3/winbindd/winbindd.h
@@ -43,6 +43,9 @@
#define WB_REPLACE_CHAR '_'
+struct winbind_internal_pipes;
+struct ads_struct;
+
struct winbindd_cli_state {
struct winbindd_cli_state *prev, *next; /* Linked list pointers */
int sock; /* Open socket from client */
@@ -153,9 +156,10 @@ struct winbindd_domain {
*/
struct winbindd_methods *backend;
- /* Private data for the backends (used for connection cache) */
-
- void *private_data;
+ struct {
+ struct winbind_internal_pipes *samr_pipes;
+ struct ads_struct *ads_conn;
+ } backend_data;
/* A working DC */
char *dcname;
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 6f01ef6e334..d350f160223 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -269,10 +269,10 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
}
DEBUG(10,("ads_cached_connection\n"));
- ads_cached_connection_reuse((ADS_STRUCT **)&domain->private_data);
+ ads_cached_connection_reuse(&domain->backend_data.ads_conn);
- if (domain->private_data) {
- return (ADS_STRUCT *)domain->private_data;
+ if (domain->backend_data.ads_conn != NULL) {
+ return domain->backend_data.ads_conn;
}
/* the machine acct password might have change - fetch it every time */
@@ -303,7 +303,7 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
}
status = ads_cached_connection_connect(
- (ADS_STRUCT **)&domain->private_data,
+ &domain->backend_data.ads_conn,
domain->alt_name,
domain->name, NULL,
password, realm,
@@ -322,7 +322,7 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
return NULL;
}
- return (ADS_STRUCT *)domain->private_data;
+ return domain->backend_data.ads_conn;
}
/* Query display info for a realm. This is the basic user list fn */
diff --git a/source3/winbindd/winbindd_ndr.c b/source3/winbindd/winbindd_ndr.c
index 157ce1bff27..b393586a692 100644
--- a/source3/winbindd/winbindd_ndr.c
+++ b/source3/winbindd/winbindd_ndr.c
@@ -143,7 +143,12 @@ void ndr_print_winbindd_domain(struct ndr_print *ndr,
ndr_print_time_t(ndr, "startup_time", r->startup_time);
ndr_print_bool(ndr, "startup", r->startup);
ndr_print_winbindd_methods(ndr, "backend", r->backend);
- ndr_print_ptr(ndr, "private_data", r->private_data);
+ ndr_print_ptr(ndr,
+ "backend_data.samr_pipes",
+ r->backend_data.samr_pipes);
+ ndr_print_ptr(ndr,
+ "backend_data.ads_conn",
+ r->backend_data.ads_conn);
ndr_print_string(ndr, "dcname", r->dcname);
ndr_print_sockaddr_storage(ndr, "dcaddr", &r->dcaddr);
ndr_print_time_t(ndr, "last_seq_check", r->last_seq_check);
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index c2fcc399ab8..84c3720c19f 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -677,7 +677,6 @@ static NTSTATUS winbindd_raw_kerberos_login(TALLOC_CTX *mem_ctx,
fstring name_namespace, name_domain, name_user;
time_t ticket_lifetime = 0;
time_t renewal_until = 0;
- ADS_STRUCT *ads;
time_t time_offset = 0;
const char *user_ccache_file;
struct PAC_LOGON_INFO *logon_info = NULL;
@@ -716,9 +715,8 @@ static NTSTATUS winbindd_raw_kerberos_login(TALLOC_CTX *mem_ctx,
/* 2nd step:
* get kerberos properties */
- if (domain->private_data) {
- ads = (ADS_STRUCT *)domain->private_data;
- time_offset = ads->auth.time_offset;
+ if (domain->backend_data.ads_conn != NULL) {
+ time_offset = domain->backend_data.ads_conn->auth.time_offset;
}
diff --git a/source3/winbindd/winbindd_samr.c b/source3/winbindd/winbindd_samr.c
index 6b7a2c3be6a..ebf9c24b9e4 100644
--- a/source3/winbindd/winbindd_samr.c
+++ b/source3/winbindd/winbindd_samr.c
@@ -131,8 +131,7 @@ static void cached_internal_pipe_close(
struct winbindd_domain *domain = talloc_get_type_abort(
private_data, struct winbindd_domain);
/*
- * domain->private_data is the struct winbind_internal_pipes *
- * pointer so freeing it closes the cached pipes.
+ * Freeing samr_pipes closes the cached pipes.
*
* We can do a hard close because at the time of this commit
* we only use sychronous calls to external pipes. So we can't
@@ -141,7 +140,7 @@ static void cached_internal_pipe_close(
* get nested event loops. Once we start to get async in
* winbind children, we need to check for outstanding calls
*/
- TALLOC_FREE(domain->private_data);
+ TALLOC_FREE(domain->backend_data.samr_pipes);
}
static NTSTATUS open_cached_internal_pipe_conn(
@@ -151,9 +150,10 @@ static NTSTATUS open_cached_internal_pipe_conn(
struct rpc_pipe_client **lsa_pipe,
struct policy_handle *lsa_hnd)
{
- struct winbind_internal_pipes *internal_pipes = NULL;
+ struct winbind_internal_pipes *internal_pipes =
+ domain->backend_data.samr_pipes;
- if (domain->private_data == NULL) {
+ if (internal_pipes == NULL) {
TALLOC_CTX *frame = talloc_stackframe();
NTSTATUS status;
@@ -190,15 +190,12 @@ static NTSTATUS open_cached_internal_pipe_conn(
return NT_STATUS_NO_MEMORY;
}
- domain->private_data = talloc_move(domain, &internal_pipes);
+ domain->backend_data.samr_pipes =
+ talloc_steal(domain, internal_pipes);
TALLOC_FREE(frame);
-
}
- internal_pipes = talloc_get_type_abort(
- domain->private_data, struct winbind_internal_pipes);
-
if (samr_domain_hnd) {
*samr_domain_hnd = internal_pipes->samr_domain_hnd;
}
@@ -226,23 +223,17 @@ static bool reset_connection_on_error(struct winbindd_domain *domain,
struct rpc_pipe_client *p,
NTSTATUS status)
{
- struct winbind_internal_pipes *internal_pipes = NULL;
struct dcerpc_binding_handle *b = p->binding_handle;
- internal_pipes = talloc_get_type_abort(
- domain->private_data, struct winbind_internal_pipes);
-
if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT) ||
NT_STATUS_EQUAL(status, NT_STATUS_IO_DEVICE_ERROR))
{
- TALLOC_FREE(internal_pipes);
- domain->private_data = NULL;
+ TALLOC_FREE(domain->backend_data.samr_pipes);
return true;
}
if (!dcerpc_binding_handle_is_connected(b)) {
- TALLOC_FREE(internal_pipes);
- domain->private_data = NULL;
+ TALLOC_FREE(domain->backend_data.samr_pipes);
return true;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list