The branch, v3-6-test has been updated
via 9d30733 s3:net: make idmap_store_secret static.
via ed31148 s3:net: fix the usage for net idmap secret (removing alloc)
via 57beac0 s3:net: remove alloc parameter from idmap_store_secret()
(net idmap store).
via ef2cc5f s3:idmap_ldap: remove special handling of alloc secret (not
used any more).
via 2b87f84 s3:idmap_ldap: remove unused idmap_ldap_alloc_context.
via 0819160 s3:idmap_ldap: remove alloc context member from
ldap_idmap_context
via c4bb784 s3:idmap_ldap: remove use of alloc context from
idmap_ldap_allocate_id().
via 3aab070 s3:idmap_ldap: remove unused
idmap_ldap_alloc_close_destructor().
via 84a28a1 s3:idmap_ldap: remove unused idmap_ldap_alloc_init().
via c32e154 s3:idmap_ldap: don't call idmap_ldap_alloc_init in
idmap_ldap_init.
via e814929 s3:idmap_ldap: remove use of the ldap_idmap_alloc_context
from verify_idpool().
from a31f756 Fix a valgrind error
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -----------------------------------------------------------------
commit 9d30733496f0a53d556dacff6284f4642ae00dce
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:43:34 2010 +0100
s3:net: make idmap_store_secret static.
Autobuild-User: Michael Adam <ob...@samba.org>
Autobuild-Date: Sun Jan 2 13:41:07 CET 2011 on sn-devel-104
commit ed31148c4838789a2ad30da8db2f0a82cb702143
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:41:28 2010 +0100
s3:net: fix the usage for net idmap secret (removing alloc)
commit 57beac091a4c8284c268c9c40951643718cccb3a
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:39:28 2010 +0100
s3:net: remove alloc parameter from idmap_store_secret() (net idmap store).
commit ef2cc5f9b9568b843d95b81d9f751f0d3e6a66b2
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:32:53 2010 +0100
s3:idmap_ldap: remove special handling of alloc secret (not used any more).
commit 2b87f84c26c411b69be28e109d631ccd93bbe5be
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:26:29 2010 +0100
s3:idmap_ldap: remove unused idmap_ldap_alloc_context.
commit 0819160898a64249a685c0be1944fd9e04ba875f
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:26:05 2010 +0100
s3:idmap_ldap: remove alloc context member from ldap_idmap_context
commit c4bb7843ab787469a2150f7bb66da7919dac1e90
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:24:01 2010 +0100
s3:idmap_ldap: remove use of alloc context from idmap_ldap_allocate_id().
commit 3aab0703754fdd2652da9402c7fab9b94f5aaf75
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:07:29 2010 +0100
s3:idmap_ldap: remove unused idmap_ldap_alloc_close_destructor().
commit 84a28a1893d918bb9588d9eea843156c6a956ab1
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:06:50 2010 +0100
s3:idmap_ldap: remove unused idmap_ldap_alloc_init().
commit c32e15493a27bf606c4b409bd1a4d9c41a4f0949
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:04:20 2010 +0100
s3:idmap_ldap: don't call idmap_ldap_alloc_init in idmap_ldap_init.
Call verify_idpool() instead.
commit e814929cd69bbe198fdcec47969f603a3713d145
Author: Michael Adam <ob...@samba.org>
Date: Wed Dec 8 00:19:23 2010 +0100
s3:idmap_ldap: remove use of the ldap_idmap_alloc_context from
verify_idpool().
Allocation is now subsumed in the idmap ldap config.
This is the beginning of the removal of the idmap ldap alloc parameters.
-----------------------------------------------------------------------
Summary of changes:
source3/utils/net_idmap.c | 24 +++----
source3/utils/net_proto.h | 3 -
source3/winbindd/idmap_ldap.c | 172 +++++++----------------------------------
3 files changed, 38 insertions(+), 161 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/utils/net_idmap.c b/source3/utils/net_idmap.c
index 488132b..e3640bd 100644
--- a/source3/utils/net_idmap.c
+++ b/source3/utils/net_idmap.c
@@ -289,19 +289,16 @@ static int net_idmap_set(struct net_context *c, int argc,
const char **argv)
d_printf("%s\n", _("Not implemented yet"));
return -1;
}
-bool idmap_store_secret(const char *backend, bool alloc,
- const char *domain, const char *identity,
- const char *secret)
+static bool idmap_store_secret(const char *backend,
+ const char *domain,
+ const char *identity,
+ const char *secret)
{
char *tmp;
int r;
bool ret;
- if (alloc) {
- r = asprintf(&tmp, "IDMAP_ALLOC_%s", backend);
- } else {
- r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
- }
+ r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
if (r < 0) return false;
@@ -363,7 +360,7 @@ static int net_idmap_secret(struct net_context *c, int
argc, const char **argv)
return -1;
}
- ret = idmap_store_secret("ldap", false, domain, dn, secret);
+ ret = idmap_store_secret("ldap", domain, dn, secret);
if ( ! ret) {
d_fprintf(stderr, _("Failed to store secret\n"));
@@ -385,9 +382,8 @@ int net_help_idmap(struct net_context *c, int argc, const
char **argv)
/* Deliberately *not* document net idmap delete */
- d_printf(_("net idmap secret <DOMAIN>|alloc <secret>\n"
- " Set the secret for the specified DOMAIN (or the alloc "
- "module)\n"));
+ d_printf(_("net idmap secret <DOMAIN> <secret>\n"
+ " Set the secret for the specified DOMAIN module)\n"));
return -1;
}
@@ -499,8 +495,8 @@ int net_idmap(struct net_context *c, int argc, const char
**argv)
net_idmap_secret,
NET_TRANSPORT_LOCAL,
N_("Set secret for specified domain"),
- N_("net idmap secret {<DOMAIN>|alloc} <secret>\n"
- " Set secret for specified domain or alloc module")
+ N_("net idmap secret <DOMAIN> <secret>\n"
+ " Set secret for specified domain")
},
{
"aclmapset",
diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h
index 9e9e82f..2475c9f 100644
--- a/source3/utils/net_proto.h
+++ b/source3/utils/net_proto.h
@@ -86,9 +86,6 @@ int net_help(struct net_context *c, int argc, const char
**argv);
/* The following definitions come from utils/net_idmap.c */
-bool idmap_store_secret(const char *backend, bool alloc,
- const char *domain, const char *identity,
- const char *secret);
int net_help_idmap(struct net_context *c, int argc, const char **argv);
int net_idmap(struct net_context *c, int argc, const char **argv);
diff --git a/source3/winbindd/idmap_ldap.c b/source3/winbindd/idmap_ldap.c
index 7b1f247..aea5d6a 100644
--- a/source3/winbindd/idmap_ldap.c
+++ b/source3/winbindd/idmap_ldap.c
@@ -38,17 +38,13 @@
#include "smbldap.h"
-static char *idmap_fetch_secret(const char *backend, bool alloc,
+static char *idmap_fetch_secret(const char *backend,
const char *domain, const char *identity)
{
char *tmp, *ret;
int r;
- if (alloc) {
- r = asprintf(&tmp, "IDMAP_ALLOC_%s", backend);
- } else {
- r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
- }
+ r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
if (r < 0)
return NULL;
@@ -61,20 +57,12 @@ static char *idmap_fetch_secret(const char *backend, bool
alloc,
return ret;
}
-struct idmap_ldap_alloc_context {
- struct smbldap_state *smbldap_state;
- char *url;
- char *suffix;
- char *user_dn;
-};
-
struct idmap_ldap_context {
struct smbldap_state *smbldap_state;
char *url;
char *suffix;
char *user_dn;
bool anon;
- struct idmap_ldap_alloc_context *alloc;
struct idmap_rw_ops *rw_ops;
};
@@ -110,12 +98,13 @@ static NTSTATUS get_credentials( TALLOC_CTX *mem_ctx,
if ( tmp ) {
if (!dom) {
- /* only the alloc backend can pass in a NULL dom */
- secret = idmap_fetch_secret("ldap", True,
- NULL, tmp);
+ DEBUG(0, ("get_credentials: Invalid domain 'NULL' "
+ "encountered for user DN %s\n",
+ tmp));
+ ret = NT_STATUS_UNSUCCESSFUL;
+ goto done;
} else {
- secret = idmap_fetch_secret("ldap", False,
- dom->name, tmp);
+ secret = idmap_fetch_secret("ldap", dom->name, tmp);
}
if (!secret) {
@@ -168,11 +157,7 @@ static NTSTATUS verify_idpool(struct idmap_domain *dom)
ctx = talloc_get_type(dom->private_data, struct idmap_ldap_context);
- if (!ctx->alloc) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- mem_ctx = talloc_new(ctx->alloc);
+ mem_ctx = talloc_new(ctx);
if (mem_ctx == NULL) {
DEBUG(0, ("Out of memory!\n"));
return NT_STATUS_NO_MEMORY;
@@ -184,8 +169,8 @@ static NTSTATUS verify_idpool(struct idmap_domain *dom)
attr_list = get_attr_list(mem_ctx, idpool_attr_list);
CHECK_ALLOC_DONE(attr_list);
- rc = smbldap_search(ctx->alloc->smbldap_state,
- ctx->alloc->suffix,
+ rc = smbldap_search(ctx->smbldap_state,
+ ctx->suffix,
LDAP_SCOPE_SUBTREE,
filter,
attr_list,
@@ -198,14 +183,13 @@ static NTSTATUS verify_idpool(struct idmap_domain *dom)
return NT_STATUS_UNSUCCESSFUL;
}
- count = ldap_count_entries(ctx->alloc->smbldap_state->ldap_struct,
- result);
+ count = ldap_count_entries(ctx->smbldap_state->ldap_struct, result);
ldap_msgfree(result);
if ( count > 1 ) {
DEBUG(0,("Multiple entries returned from %s (base == %s)\n",
- filter, ctx->alloc->suffix));
+ filter, ctx->suffix));
ret = NT_STATUS_UNSUCCESSFUL;
goto done;
}
@@ -228,8 +212,8 @@ static NTSTATUS verify_idpool(struct idmap_domain *dom)
LDAP_ATTR_GIDNUMBER),
gid_str);
if (mods) {
- rc = smbldap_modify(ctx->alloc->smbldap_state,
- ctx->alloc->suffix,
+ rc = smbldap_modify(ctx->smbldap_state,
+ ctx->suffix,
mods);
ldap_mods_free(mods, True);
} else {
@@ -244,100 +228,6 @@ done:
return ret;
}
-/*****************************************************************************
- Initialise idmap database.
-*****************************************************************************/
-
-static int idmap_ldap_alloc_close_destructor(struct idmap_ldap_alloc_context
*ctx)
-{
- smbldap_free_struct(&ctx->smbldap_state);
- DEBUG(5,("The connection to the LDAP server was closed\n"));
- /* maybe free the results here --metze */
- return 0;
-}
-
-static NTSTATUS idmap_ldap_alloc_init(struct idmap_domain *dom,
- const char *params)
-{
- NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
- const char *tmp;
- struct idmap_ldap_context *ctx;
-
- /* Only do init if we are online */
- if (idmap_is_offline()) {
- return NT_STATUS_FILE_IS_OFFLINE;
- }
-
- ctx = talloc_get_type(dom->private_data, struct idmap_ldap_context);
-
- ctx->alloc = talloc_zero(ctx, struct idmap_ldap_alloc_context);
- CHECK_ALLOC_DONE(ctx->alloc);
-
- if (params && *params) {
- /* assume location is the only parameter */
- ctx->alloc->url = talloc_strdup(ctx->alloc, params);
- } else {
- tmp = lp_parm_const_string(-1, "idmap alloc config",
- "ldap_url", NULL);
-
- if ( ! tmp) {
- DEBUG(1, ("ERROR: missing idmap ldap url\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- ctx->alloc->url = talloc_strdup(ctx->alloc, tmp);
- }
- CHECK_ALLOC_DONE(ctx->alloc->url);
-
- trim_char(ctx->alloc->url, '\"', '\"');
-
- tmp = lp_parm_const_string(-1, "idmap alloc config",
- "ldap_base_dn", NULL);
- if ( ! tmp || ! *tmp) {
- tmp = lp_ldap_idmap_suffix();
- if ( ! tmp) {
- DEBUG(1, ("ERROR: missing idmap ldap suffix\n"));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
- }
-
- ctx->alloc->suffix = talloc_strdup(ctx->alloc, tmp);
- CHECK_ALLOC_DONE(ctx->alloc->suffix);
-
- ret = smbldap_init(ctx->alloc, winbind_event_context(),
- ctx->alloc->url,
- &ctx->alloc->smbldap_state);
- if (!NT_STATUS_IS_OK(ret)) {
- DEBUG(1, ("ERROR: smbldap_init (%s) failed!\n",
- ctx->alloc->url));
- goto done;
- }
-
- talloc_set_destructor(ctx->alloc, idmap_ldap_alloc_close_destructor);
-
- ret = get_credentials(ctx->alloc,
- ctx->alloc->smbldap_state,
- "idmap alloc config", NULL,
- &ctx->alloc->user_dn);
- if ( !NT_STATUS_IS_OK(ret) ) {
- DEBUG(1,("idmap_ldap_alloc_init: Failed to get connection "
- "credentials (%s)\n", nt_errstr(ret)));
- goto done;
- }
-
- /* see if the idmap suffix and sub entries exists */
-
- ret = verify_idpool(dom);
-
- done:
- if ( !NT_STATUS_IS_OK( ret ) )
- TALLOC_FREE(ctx->alloc);
-
- return ret;
-}
-
/********************************
Allocate a new uid or gid
********************************/
@@ -367,11 +257,7 @@ static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain
*dom,
ctx = talloc_get_type(dom->private_data, struct idmap_ldap_context);
- if (!ctx->alloc) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- mem_ctx = talloc_new(ctx->alloc);
+ mem_ctx = talloc_new(ctx);
if (!mem_ctx) {
DEBUG(0, ("Out of memory!\n"));
return NT_STATUS_NO_MEMORY;
@@ -403,10 +289,10 @@ static NTSTATUS idmap_ldap_allocate_id(struct
idmap_domain *dom,
DEBUG(10, ("Search of the id pool (filter: %s)\n", filter));
- rc = smbldap_search(ctx->alloc->smbldap_state,
- ctx->alloc->suffix,
- LDAP_SCOPE_SUBTREE, filter,
- attr_list, 0, &result);
+ rc = smbldap_search(ctx->smbldap_state,
+ ctx->suffix,
+ LDAP_SCOPE_SUBTREE, filter,
+ attr_list, 0, &result);
if (rc != LDAP_SUCCESS) {
DEBUG(0,("%s object not found\n", LDAP_OBJ_IDPOOL));
@@ -415,25 +301,23 @@ static NTSTATUS idmap_ldap_allocate_id(struct
idmap_domain *dom,
talloc_autofree_ldapmsg(mem_ctx, result);
- count = ldap_count_entries(ctx->alloc->smbldap_state->ldap_struct,
- result);
+ count = ldap_count_entries(ctx->smbldap_state->ldap_struct, result);
if (count != 1) {
DEBUG(0,("Single %s object not found\n", LDAP_OBJ_IDPOOL));
goto done;
}
- entry = ldap_first_entry(ctx->alloc->smbldap_state->ldap_struct,
- result);
+ entry = ldap_first_entry(ctx->smbldap_state->ldap_struct, result);
dn = smbldap_talloc_dn(mem_ctx,
- ctx->alloc->smbldap_state->ldap_struct,
+ ctx->smbldap_state->ldap_struct,
entry);
if ( ! dn) {
goto done;
}
id_str = smbldap_talloc_single_attribute(
- ctx->alloc->smbldap_state->ldap_struct,
+ ctx->smbldap_state->ldap_struct,
entry, type, mem_ctx);
if (id_str == NULL) {
DEBUG(0,("%s attribute not found\n", type));
@@ -485,7 +369,7 @@ static NTSTATUS idmap_ldap_allocate_id(struct idmap_domain
*dom,
DEBUG(10, ("Try to atomically increment the id (%s -> %s)\n",
id_str, new_id_str));
- rc = smbldap_modify(ctx->alloc->smbldap_state, dn, mods);
+ rc = smbldap_modify(ctx->smbldap_state, dn, mods);
ldap_mods_free(mods, True);
@@ -636,10 +520,10 @@ static NTSTATUS idmap_ldap_db_init(struct idmap_domain
*dom,
dom->private_data = ctx;
- ret = idmap_ldap_alloc_init(dom, params);
+ ret = verify_idpool(dom);
if (!NT_STATUS_IS_OK(ret)) {
- DEBUG(1, ("idmap_ldap_db_init: Failed to initialize alloc "
- "subsystem: %s\n", nt_errstr(ret)));
+ DEBUG(1, ("idmap_ldap_db_init: failed to verify ID pool (%s)\n",
+ nt_errstr(ret)));
goto done;
}
--
Samba Shared Repository
