Author: jra Date: 2005-09-19 18:49:18 +0000 (Mon, 19 Sep 2005) New Revision: 10321
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10321 Log: Fix winbindd recursion bug found by Ingo Steuwer <[EMAIL PROTECTED]>. Jeremy. Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c branches/SAMBA_3_0/source/nsswitch/wb_common.c branches/SAMBA_3_0/source/nsswitch/winbind_client.h branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c =================================================================== --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2005-09-19 16:36:24 UTC (rev 10320) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2005-09-19 18:49:18 UTC (rev 10321) @@ -106,7 +106,7 @@ /* Fill in request and send down pipe */ init_request(request, req_type); - if (write_sock(request, sizeof(*request)) == -1) { + if (write_sock(request, sizeof(*request), 0) == -1) { _pam_log(LOG_ERR, "write to socket failed!"); close_sock(); return PAM_SERVICE_ERR; Modified: branches/SAMBA_3_0/source/nsswitch/wb_common.c =================================================================== --- branches/SAMBA_3_0/source/nsswitch/wb_common.c 2005-09-19 16:36:24 UTC (rev 10320) +++ branches/SAMBA_3_0/source/nsswitch/wb_common.c 2005-09-19 18:49:18 UTC (rev 10321) @@ -284,7 +284,7 @@ /* Connect to winbindd socket */ -int winbind_open_pipe_sock(void) +static int winbind_open_pipe_sock(int recursing) { #ifdef HAVE_UNIXSOCKET static pid_t our_pid; @@ -302,12 +302,17 @@ return winbindd_fd; } + if (recursing) { + return -1; + } + if ((winbindd_fd = winbind_named_pipe_sock(WINBINDD_SOCKET_DIR)) == -1) { return -1; } /* version-check the socket */ + request.flags = WBFLAG_RECURSE; if ((winbindd_request_response(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) { close_sock(); return -1; @@ -315,6 +320,7 @@ /* try and get priv pipe */ + request.flags = WBFLAG_RECURSE; if (winbindd_request_response(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) { int fd; if ((fd = winbind_named_pipe_sock(response.extra_data)) != -1) { @@ -333,7 +339,7 @@ /* Write data to winbindd socket */ -int write_sock(void *buffer, int count) +int write_sock(void *buffer, int count, int recursing) { int result, nwritten; @@ -341,7 +347,7 @@ restart: - if (winbind_open_pipe_sock() == -1) { + if (winbind_open_pipe_sock(recursing) == -1) { return -1; } @@ -534,7 +540,7 @@ init_request(request, req_type); - if (write_sock(request, sizeof(*request)) == -1) { + if (write_sock(request, sizeof(*request), request->flags & WBFLAG_RECURSE) == -1) { return NSS_STATUS_UNAVAIL; } Modified: branches/SAMBA_3_0/source/nsswitch/winbind_client.h =================================================================== --- branches/SAMBA_3_0/source/nsswitch/winbind_client.h 2005-09-19 16:36:24 UTC (rev 10320) +++ branches/SAMBA_3_0/source/nsswitch/winbind_client.h 2005-09-19 18:49:18 UTC (rev 10321) @@ -8,8 +8,7 @@ NSS_STATUS winbindd_request_response(int req_type, struct winbindd_request *request, struct winbindd_response *response); -int winbind_open_pipe_sock(void); -int write_sock(void *buffer, int count); +int write_sock(void *buffer, int count, int recursing); int read_reply(struct winbindd_response *response); void close_sock(void); void free_response(struct winbindd_response *response); Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h =================================================================== --- branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h 2005-09-19 16:36:24 UTC (rev 10320) +++ branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h 2005-09-19 18:49:18 UTC (rev 10321) @@ -172,6 +172,8 @@ /* This is a flag that can only be sent from parent to child */ #define WBFLAG_IS_PRIVILEGED 0x0400 +/* Flag to say this is a winbindd internal send - don't recurse. */ +#define WBFLAG_RECURSE 0x0800 /* Winbind request structure */