[PATCH] Fix for winbind_nss get{pw,gr}ent on FreeBSD
Landon J. Fuller
landonf at opendarwin.org
Sat Mar 27 22:29:11 GMT 2004
For simplicity, I will explain the getgrent case below. The getpwent case
is exactly the same; simply substitute 'pw' for 'gr' and you'll understand
it perfectly. I'm new to the code base; I apologize for anything I've
missed.
In winbindd_group.c, winbindd_getgrent() checks that state->getgrent_state
is not NULL before proceeding:
if (!(ent = state->getgrent_state))
return WINBINDD_ERROR;
There are four conditions under which state->getgrent_state will be NULL:
1) winbindd_setgrent() has not been called
2) The end of the group list has been reached, and
state->getgrent_state has been set to NULL.
3) winbindd_endgrent() has been called.
4) The associated client connection has been closed
Condition #1 is breaks user/group enumeration and 'supplementary' groups
on FreeBSD; setgrent() is not called, and so, winbindd_getgrent()
immediately returns WINBINDD_ERROR.
In the patch I have attached below, I have added two additional variables
to the winbindd_cli_state structure:
BOOL getpwent_initialized;
BOOL getgrent_initialized;
With the patch:
winbindd_setgrent() sets state->getgrent_initialized to True;
winbindd_endgrent() sets state->getgrent_initialized to False; In
winbindd_getgrent, if state->getgrent_initialized is False,
winbindd_setgrent() is called.
Since getgrent_state signifies end-of-list with NULL, it can not also be
used to signify that the list has not been initialized.
With this change, user and group enumeration works on FreeBSD 5.2.1
Landon J. Fuller
E-mail: landonf (at) opendarwin.org
Mobile: +42 608 05 8452
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freebsd-getXXent.diff
Type: application/octet-stream
Size: 2197 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20040327/bcf6ef43/freebsd-getXXent.obj
More information about the samba-technical
mailing list