svn commit: samba r10322 - in trunk/source/nsswitch: .

[jra]

Author: jra
Date: 2005-09-19 18:49:21 +0000 (Mon, 19 Sep 2005)
New Revision: 10322

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10322

Log:
Fix winbindd recursion bug found by Ingo Steuwer <[EMAIL PROTECTED]>.
Jeremy.

Modified:
   trunk/source/nsswitch/pam_winbind.c
   trunk/source/nsswitch/wb_common.c
   trunk/source/nsswitch/winbind_client.h
   trunk/source/nsswitch/winbindd_nss.h


Changeset:
Modified: trunk/source/nsswitch/pam_winbind.c
===================================================================
--- trunk/source/nsswitch/pam_winbind.c 2005-09-19 18:49:18 UTC (rev 10321)
+++ trunk/source/nsswitch/pam_winbind.c 2005-09-19 18:49:21 UTC (rev 10322)
@@ -106,7 +106,7 @@
        /* Fill in request and send down pipe */
        init_request(request, req_type);
        
-       if (write_sock(request, sizeof(*request)) == -1) {
+       if (write_sock(request, sizeof(*request), 0) == -1) {
                _pam_log(LOG_ERR, "write to socket failed!");
                close_sock();
                return PAM_SERVICE_ERR;

Modified: trunk/source/nsswitch/wb_common.c
===================================================================
--- trunk/source/nsswitch/wb_common.c   2005-09-19 18:49:18 UTC (rev 10321)
+++ trunk/source/nsswitch/wb_common.c   2005-09-19 18:49:21 UTC (rev 10322)
@@ -284,7 +284,7 @@
 
 /* Connect to winbindd socket */
 
-int winbind_open_pipe_sock(void)
+static int winbind_open_pipe_sock(int recursing)
 {
 #ifdef HAVE_UNIXSOCKET
        static pid_t our_pid;
@@ -302,12 +302,17 @@
                return winbindd_fd;
        }
 
+       if (recursing) {
+               return -1;
+       }
+
        if ((winbindd_fd = winbind_named_pipe_sock(WINBINDD_SOCKET_DIR)) == -1) 
{
                return -1;
        }
 
        /* version-check the socket */
 
+       request.flags = WBFLAG_RECURSE;
        if ((winbindd_request_response(WINBINDD_INTERFACE_VERSION, &request, 
&response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != 
WINBIND_INTERFACE_VERSION)) {
                close_sock();
                return -1;
@@ -315,6 +320,7 @@
 
        /* try and get priv pipe */
 
+       request.flags = WBFLAG_RECURSE;
        if (winbindd_request_response(WINBINDD_PRIV_PIPE_DIR, &request, 
&response) == NSS_STATUS_SUCCESS) {
                int fd;
                if ((fd = winbind_named_pipe_sock(response.extra_data)) != -1) {
@@ -333,7 +339,7 @@
 
 /* Write data to winbindd socket */
 
-int write_sock(void *buffer, int count)
+int write_sock(void *buffer, int count, int recursing)
 {
        int result, nwritten;
        
@@ -341,7 +347,7 @@
        
  restart:
        
-       if (winbind_open_pipe_sock() == -1) {
+       if (winbind_open_pipe_sock(recursing) == -1) {
                return -1;
        }
        
@@ -534,7 +540,7 @@
 
        init_request(request, req_type);
        
-       if (write_sock(request, sizeof(*request)) == -1) {
+       if (write_sock(request, sizeof(*request), request->flags & 
WBFLAG_RECURSE) == -1) {
                return NSS_STATUS_UNAVAIL;
        }
 

Modified: trunk/source/nsswitch/winbind_client.h
===================================================================
--- trunk/source/nsswitch/winbind_client.h      2005-09-19 18:49:18 UTC (rev 
10321)
+++ trunk/source/nsswitch/winbind_client.h      2005-09-19 18:49:21 UTC (rev 
10322)
@@ -8,8 +8,7 @@
 NSS_STATUS winbindd_request_response(int req_type, 
                            struct winbindd_request *request,
                            struct winbindd_response *response);
-int winbind_open_pipe_sock(void);
-int write_sock(void *buffer, int count);
+int write_sock(void *buffer, int count, int recursing);
 int read_reply(struct winbindd_response *response);
 void close_sock(void);
 void free_response(struct winbindd_response *response);

Modified: trunk/source/nsswitch/winbindd_nss.h
===================================================================
--- trunk/source/nsswitch/winbindd_nss.h        2005-09-19 18:49:18 UTC (rev 
10321)
+++ trunk/source/nsswitch/winbindd_nss.h        2005-09-19 18:49:21 UTC (rev 
10322)
@@ -175,6 +175,8 @@
 
 /* This is a flag that can only be sent from parent to child */
 #define WBFLAG_IS_PRIVILEGED            0x0400
+/* Flag to say this is a winbindd internal send - don't recurse. */
+#define WBFLAG_RECURSE                 0x0800
 
 #define WINBINDD_MAX_EXTRA_DATA (128*1024)