Winbind patch fixes broken client. Please have a look.
Andrew Bartlett
abartlet at samba.org
Sun Jul 28 02:58:01 GMT 2002
Hannes Schmidt wrote:
>
> Even if this is complete crap, I would appreciate any feedback saying so.
Firstly, don't expect instant responses - particularly over the
weekend...
> A couple of days ago I posted a problem report to the samba list with some
> diagnostics. I seem to have found a
> solution on my own and provide a patch here. The problem is related to the
> fact that the winbind client code in
> libnss_winbind.so leaves the handle to the winbind pipe open, for obvious
> reasons. This is perfectly ok, but some
> programs get confused if this handle is 0,1 or 2, which they expect to be a
> handle to a different file. The patch
> makes the winbind client (libnss_winbind.so) code more robust.
>
> Consider the following fragment of broken application code.
>
> if( fork() == 0 ) {
> /* child */
> close( 0 ); /* next open() will return 0 (stdin) */
> getpwent(...); /* pid changed, so wb_common.c will re-open the
> pipe to winbindd, the handle will be 0 */
> fd = open( ... ); /* returned fd is *not* 0 although the code below
> assumes this */
> execve( ... ); /* executed program reads from stdin which -
> unintentionally - is the winbind pipe */
> } else {
> /* parent */
> ...
> }
>
> Obviously, this code is broken and could be easily fixed by doing the
> getpwent() before the close(). Unfortunately
> the version of cron installed on my system is broken in a more complex but
> similar way. There is probably more
> broken code like this in other standard unix software, especially since it's
> such a subtle mistake.
It is rather - well spotted for figuring it out.
How do other nss libraries deal with this? NIS and LDAP both open
sockets - find out if there is a standard solution to the problem.
Personally, I don't like the idea of messing with a program's file
descriptors - but this is a problem we will have to cope with.
> The provided patch to wb_common.c makes sure that the handle to the winbindd
> pipe is not 0, 1 or 2.
For future reference, patches should be in 'diff -u' format, if
possible.
> *** /root/samba-2.2.5/source/nsswitch/wb_common.c Wed Jun 19 03:13:44 2002
> --- wb_common.c Thu Jul 25 16:36:39 2002
> ***************
> *** 94,99 ****
> --- 94,120 ----
> }
> }
>
> + /* Returns a duplicate of the given file descriptor that is guranteed
> + not to be 0, 1 or 2 (stdin, stdout or stderr respectively), unless
> + an error occurs. If the given fd is invalid, it will be returned
> + unchanged. If a different error occurs, the returned file handle
> + will still be valid but it may be 0, 1 or 2. If a valid file
> + handle is returned and the returned handle is different to the
> + original one, the original one will be closed. If dup() is broken,
> + this function might never return. */
I don't like that idea. It should fail - infinite loops are bad...
> + int make_nonstd_fd(int fd)
> + {
> + int saved_fd;
> + if (0 >= fd && fd <= 2) {
> + fd = dup(saved_fd = fd);
> + if (fd == -1) return saved_fd;
> + fd = make_nonstd_fd(fd);
> + close(saved_fd);
> + }
> + return fd;
> + }
> +
> /* Connect to winbindd socket */
>
> int winbind_open_pipe_sock(void)
> ***************
> *** 158,164 ****
> if ((winbindd_fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
> return -1;
> }
> !
> if (connect(winbindd_fd, (struct sockaddr *)&sunaddr,
> sizeof(sunaddr)) == -1) {
> close_sock();
> --- 179,188 ----
> if ((winbindd_fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
> return -1;
> }
> !
> ! winbindd_fd = make_nonstd_fd( winbindd_fd );
> !
> !
> if (connect(winbindd_fd, (struct sockaddr *)&sunaddr,
> sizeof(sunaddr)) == -1) {
> close_sock();
> ***************
> *** 167,172 ****
> --- 191,197 ----
>
> return winbindd_fd;
> }
> +
>
> /* Write data to winbindd socket */
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list