The branch, master has been updated
via ccd4759aaff nss/waf: check for
secmethod_table.method_{attrlist,version} for aix >= 5.2
via 2e1bc87b13c winbind_nss_aix: add incomplete attr_flag
initializations
via c36cf69d591 winbind_nss_aix: use WBFLAG_FROM_NSS
via faf50b2d702 winbind_nss_solaris: use WBFLAG_FROM_NSS
via fcda61bb41b winbind_nss_netbsd: use WBFLAG_FROM_NSS
via 4a7368501a9 nsswitch/winbind_nss_linux.c use WBFLAG_FROM_NSS
via f95495e1f7d winbind: honor WBFLAG_FROM_NSS along with winbind enum
users/groups
via 245b494cebf winbind introduce WBFLAG_FROM_NSS
via a9b71194fb1 nsswitch/winbind_nss_aix: reimplement fetching the SID
of a user
via b9496ddb39e winbind_nss_aix: support also S_GROUPSIDS
from 42dde0bdd3a group_audit: Ensure we still log membership changes
(with an error) where status != LDB_SUCCESS
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit ccd4759aaff340321792e3b5acab6bc3c8d8cfbb
Author: Bjoern Jacke <b...@sernet.de>
Date: Fri Dec 21 06:12:56 2018 -0600
nss/waf: check for secmethod_table.method_{attrlist,version} for aix >= 5.2
The original commit 02c9b46fab46ab401a3cf6bb74c8260801c41032 was not ported
to waf yet.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Bjoern Jacke <b...@sernet.de>
Autobuild-User(master): Björn Jacke <b...@sernet.de>
Autobuild-Date(master): Sat Dec 22 06:22:22 CET 2018 on sn-devel-144
commit 2e1bc87b13c491f47a6fbcf9549ffa8250a2508b
Author: Björn Jacke <b...@sernet.de>
Date: Fri Dec 21 15:02:40 2018 +0100
winbind_nss_aix: add incomplete attr_flag initializations
Found by Jürgen Starek, see https://bugzilla.samba.org/show_bug.cgi?id=5157
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Bjoern Jacke <b...@sernet.de>
commit c36cf69d5911b86d73a495308c1bed14004b0659
Author: Björn Jacke <b...@sernet.de>
Date: Sat Dec 22 02:39:00 2018 +0100
winbind_nss_aix: use WBFLAG_FROM_NSS
Signed-off-by: Bjoern Jacke <b...@sernet.de>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit faf50b2d70228cce6b95a068bbe7da2a40d63419
Author: Björn Jacke <b...@sernet.de>
Date: Fri Dec 21 01:00:09 2018 +0100
winbind_nss_solaris: use WBFLAG_FROM_NSS
Signed-off-by: Bjoern Jacke <b...@sernet.de>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit fcda61bb41be5e638b9124cb5570bbb2fa214a13
Author: Björn Jacke <b...@sernet.de>
Date: Fri Dec 21 00:50:38 2018 +0100
winbind_nss_netbsd: use WBFLAG_FROM_NSS
Signed-off-by: Bjoern Jacke <b...@sernet.de>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
commit 4a7368501a9df8f0b8f29a94faa0c1099c0a477a
Author: Bjoern Jacke <b...@sernet.de>
Date: Fri Dec 21 05:54:31 2018 -0600
nsswitch/winbind_nss_linux.c use WBFLAG_FROM_NSS
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Bjoern Jacke <b...@sernet.de>
commit f95495e1f7d31dd32a979514d150ecb755a8c1a1
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Dec 20 10:25:01 2018 -0600
winbind: honor WBFLAG_FROM_NSS along with winbind enum users/groups
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Bjoern Jacke <b...@sernet.de>
commit 245b494cebf0fb2c21a4e874141178573a086cfb
Author: Bjoern Jacke <b...@sernet.de>
Date: Thu Dec 20 10:23:02 2018 -0600
winbind introduce WBFLAG_FROM_NSS
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Bjoern Jacke <b...@sernet.de>
commit a9b71194fb1842be09841f0f29470f42f2ea97c2
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Dec 21 05:51:29 2018 -0600
nsswitch/winbind_nss_aix: reimplement fetching the SID of a user
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Bjoern Jacke <b...@sernet.de>
commit b9496ddb39e685d1f742c26ba390d26f5a3eabfb
Author: Björn Jacke <b...@sernet.de>
Date: Fri Dec 21 02:20:00 2018 +0100
winbind_nss_aix: support also S_GROUPSIDS
which is used by lsuser up to AIX 5.2, see also
https://bugzilla.samba.org/show_bug.cgi?id=5157
Signed-off-by: Bjoern Jacke <b...@sernet.de>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
nsswitch/winbind_nss_aix.c | 171 ++++++++++++++++++--------------
nsswitch/winbind_nss_linux.c | 38 +++++--
nsswitch/winbind_nss_netbsd.c | 10 +-
nsswitch/winbind_nss_solaris.c | 33 +++---
nsswitch/winbind_struct_protocol.h | 1 +
nsswitch/wscript_configure | 9 ++
source3/winbindd/winbindd_list_groups.c | 5 +
source3/winbindd/winbindd_list_users.c | 5 +
8 files changed, 169 insertions(+), 103 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/winbind_nss_aix.c b/nsswitch/winbind_nss_aix.c
index dc44db40ef9..343809a4b34 100644
--- a/nsswitch/winbind_nss_aix.c
+++ b/nsswitch/winbind_nss_aix.c
@@ -269,16 +269,17 @@ static struct group *fill_grent(struct winbindd_gr *gr,
char *gr_mem)
/* take a group id and return a filled struct group */
static struct group *wb_aix_getgrgid(gid_t gid)
{
- struct winbindd_response response;
- struct winbindd_request request;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
struct group *grp;
NSS_STATUS ret;
logit("getgrgid %d\n", gid);
- ZERO_STRUCT(response);
- ZERO_STRUCT(request);
-
request.data.gid = gid;
ret = winbindd_request_response(NULL, WINBINDD_GETGRGID,
@@ -298,8 +299,12 @@ static struct group *wb_aix_getgrgid(gid_t gid)
/* take a group name and return a filled struct group */
static struct group *wb_aix_getgrnam(const char *name)
{
- struct winbindd_response response;
- struct winbindd_request request;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
NSS_STATUS ret;
struct group *grp;
@@ -309,9 +314,6 @@ static struct group *wb_aix_getgrnam(const char *name)
logit("getgrnam '%s'\n", name);
- ZERO_STRUCT(response);
- ZERO_STRUCT(request);
-
STRCPY_RETNULL(request.data.groupname, name);
ret = winbindd_request_response(NULL, WINBINDD_GETGRNAM,
@@ -346,8 +348,12 @@ static struct group *wb_aix_getgracct(void *id, int type)
list of group id numbers to which the user belongs */
static char *wb_aix_getgrset(char *user)
{
- struct winbindd_response response;
- struct winbindd_request request;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
NSS_STATUS ret;
int i, idx;
char *tmpbuf;
@@ -365,9 +371,6 @@ static char *wb_aix_getgrset(char *user)
logit("getgrset '%s'\n", r_user);
- ZERO_STRUCT(response);
- ZERO_STRUCT(request);
-
STRCPY_RETNULL(request.data.username, r_user);
if (*user == WB_AIX_ENCODED) {
@@ -402,16 +405,17 @@ static char *wb_aix_getgrset(char *user)
/* take a uid and return a filled struct passwd */
static struct passwd *wb_aix_getpwuid(uid_t uid)
{
- struct winbindd_response response;
- struct winbindd_request request;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
NSS_STATUS ret;
struct passwd *pwd;
logit("getpwuid '%d'\n", uid);
- ZERO_STRUCT(response);
- ZERO_STRUCT(request);
-
request.data.uid = uid;
ret = winbindd_request_response(NULL, WINBINDD_GETPWUID,
@@ -432,8 +436,12 @@ static struct passwd *wb_aix_getpwuid(uid_t uid)
/* take a username and return a filled struct passwd */
static struct passwd *wb_aix_getpwnam(const char *name)
{
- struct winbindd_response response;
- struct winbindd_request request;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
NSS_STATUS ret;
struct passwd *pwd;
@@ -443,9 +451,6 @@ static struct passwd *wb_aix_getpwnam(const char *name)
logit("getpwnam '%s'\n", name);
- ZERO_STRUCT(response);
- ZERO_STRUCT(request);
-
STRCPY_RETNULL(request.data.username, name);
ret = winbindd_request_response(NULL, WINBINDD_GETPWNAM,
@@ -468,8 +473,12 @@ static struct passwd *wb_aix_getpwnam(const char *name)
static int wb_aix_lsuser(char *attributes[], attrval_t results[], int size)
{
NSS_STATUS ret;
- struct winbindd_request request;
- struct winbindd_response response;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
int len;
char *s;
@@ -479,9 +488,6 @@ static int wb_aix_lsuser(char *attributes[], attrval_t
results[], int size)
return -1;
}
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
ret = winbindd_request_response(NULL, WINBINDD_LIST_USERS,
&request, &response);
if (ret != 0) {
@@ -517,8 +523,12 @@ static int wb_aix_lsuser(char *attributes[], attrval_t
results[], int size)
static int wb_aix_lsgroup(char *attributes[], attrval_t results[], int size)
{
NSS_STATUS ret;
- struct winbindd_request request;
- struct winbindd_response response;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
int len;
char *s;
@@ -528,9 +538,6 @@ static int wb_aix_lsgroup(char *attributes[], attrval_t
results[], int size)
return -1;
}
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
ret = winbindd_request_response(NULL, WINBINDD_LIST_GROUPS,
&request, &response);
if (ret != 0) {
@@ -562,12 +569,12 @@ static int wb_aix_lsgroup(char *attributes[], attrval_t
results[], int size)
static attrval_t pwd_to_group(struct passwd *pwd)
{
- attrval_t r;
+ attrval_t r = {
+ .attr_flag = EINVAL,
+ };
struct group *grp = wb_aix_getgrgid(pwd->pw_gid);
- if (!grp) {
- r.attr_flag = EINVAL;
- } else {
+ if (grp != NULL) {
r.attr_flag = 0;
r.attr_un.au_char = strdup(grp->gr_name);
free_grp(grp);
@@ -578,7 +585,9 @@ static attrval_t pwd_to_group(struct passwd *pwd)
static attrval_t pwd_to_groupsids(struct passwd *pwd)
{
- attrval_t r;
+ attrval_t r = {
+ .attr_flag = EINVAL,
+ };
char *s, *p;
size_t mlen;
@@ -598,6 +607,7 @@ static attrval_t pwd_to_groupsids(struct passwd *pwd)
replace_commas(p);
free(s);
+ r.attr_flag = 0;
r.attr_un.au_char = p;
return r;
@@ -605,34 +615,40 @@ static attrval_t pwd_to_groupsids(struct passwd *pwd)
static attrval_t pwd_to_sid(struct passwd *pwd)
{
+ char buf[(1 /* U/G */ + 10 /* 2^32 */ + 1 /* \n */) + 1] = { 0, };
+ int len;
struct winbindd_request request;
struct winbindd_response response;
- attrval_t r;
-
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- request.data.uid = pwd->pw_uid;
-
-#if 0
- /*
- * Removed because WINBINDD_UID_TO_SID is replaced by
- * WINBINDD_XIDS_TO_SIDS. I don't have an AIX build
- * environment around, so I did not convert this call. If
- * someone stumbles over this, please contact me:
- * v...@samba.org, I'll convert this.
- */
- if (winbindd_request_response(NULL, WINBINDD_UID_TO_SID,
- &request, &response) !=
- NSS_STATUS_SUCCESS) {
- r.attr_flag = ENOENT;
- } else {
+ NSS_STATUS result;
+ attrval_t r = {
+ .attr_flag = ENOENT,
+ };
+
+ len = snprintf(buf, sizeof(buf),
+ "U%"PRIu32"\n",
+ (uint32_t)pwd->pw_uid);
+ if (len >= sizeof(buf)) {
+ r = (attrval_t) {
+ .attr_flag = EINVAL,
+ };
+ return r;
+ }
+
+ request = (struct winbindd_request) {
+ .wb_flags = WBFLAG_FROM_NSS,
+ .extra_data.data = buf,
+ .extra_len = strlen(buf)+1,
+ };
+ response = (struct winbindd_response) {
+ .length = 0,
+ };
+
+ result = winbindd_request_response(NULL, WINBINDD_XIDS_TO_SIDS,
+ &request, &response);
+ if (result == NSS_STATUS_SUCCESS) {
r.attr_flag = 0;
r.attr_un.au_char = strdup(response.data.sid.sid);
}
-#else
- r.attr_flag = ENOENT;
-#endif
return r;
}
@@ -650,7 +666,9 @@ static int wb_aix_user_attrib(const char *key, char
*attributes[],
}
for (i=0;i<size;i++) {
- results[i].attr_flag = 0;
+ results[i] = (attrval_t) {
+ .attr_flag = 0,
+ };
if (strcmp(attributes[i], S_ID) == 0) {
results[i].attr_un.au_int = pwd->pw_uid;
@@ -672,6 +690,8 @@ static int wb_aix_user_attrib(const char *key, char
*attributes[],
results[i] = pwd_to_group(pwd);
} else if (strcmp(attributes[i], S_GROUPS) == 0) {
results[i] = pwd_to_groupsids(pwd);
+ } else if (strcmp(attributes[i], S_GROUPSIDS) == 0) {
+ results[i] = pwd_to_groupsids(pwd);
} else if (strcmp(attributes[i], "SID") == 0) {
results[i] = pwd_to_sid(pwd);
} else {
@@ -803,6 +823,7 @@ static attrlist_t **wb_aix_attrlist(void)
{S_SHELL, AL_USERATTR, SEC_CHAR},
{S_PGRP, AL_USERATTR, SEC_CHAR},
{S_GROUPS, AL_USERATTR, SEC_LIST},
+ {S_GROUPSIDS, AL_USERATTR, SEC_LIST},
{"SID", AL_USERATTR, SEC_CHAR},
/* group attributes */
@@ -885,8 +906,12 @@ static int wb_aix_normalize(char *longname, char
*shortname)
static int wb_aix_authenticate(char *user, char *pass,
int *reenter, char **message)
{
- struct winbindd_request request;
- struct winbindd_response response;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
NSS_STATUS result;
char *r_user = user;
@@ -896,9 +921,6 @@ static int wb_aix_authenticate(char *user, char *pass,
*message = NULL;
/* Send off request */
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
if (*user == WB_AIX_ENCODED) {
r_user = decode_user(r_user);
if (!r_user) {
@@ -934,8 +956,12 @@ static int wb_aix_authenticate(char *user, char *pass,
*/
static int wb_aix_chpass(char *user, char *oldpass, char *newpass, char
**message)
{
- struct winbindd_request request;
- struct winbindd_response response;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
NSS_STATUS result;
char *r_user = user;
@@ -952,9 +978,6 @@ static int wb_aix_chpass(char *user, char *oldpass, char
*newpass, char **messag
*message = NULL;
/* Send off request */
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
STRCPY_RET(request.data.chauthtok.user, r_user);
STRCPY_RET(request.data.chauthtok.oldpass, oldpass);
STRCPY_RET(request.data.chauthtok.newpass, newpass);
diff --git a/nsswitch/winbind_nss_linux.c b/nsswitch/winbind_nss_linux.c
index 4ab10b90f4f..635813ccd60 100644
--- a/nsswitch/winbind_nss_linux.c
+++ b/nsswitch/winbind_nss_linux.c
@@ -544,10 +544,15 @@ _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result,
char *buffer,
/* Call for the first time */
- ZERO_STRUCT(response);
- ZERO_STRUCT(request);
-
- request.data.uid = uid;
+ response = (struct winbindd_response) {
+ .length = 0,
+ };
+ request = (struct winbindd_request) {
+ .wb_flags = WBFLAG_FROM_NSS,
+ .data = {
+ .uid = uid,
+ },
+ };
winbind_set_client_name("nss_winbind");
ret = winbindd_request_response(NULL, WINBINDD_GETPWUID,
&request, &response);
@@ -618,8 +623,12 @@ _nss_winbind_getpwnam_r(const char *name, struct passwd
*result, char *buffer,
/* Call for the first time */
- ZERO_STRUCT(response);
- ZERO_STRUCT(request);
+ response = (struct winbindd_response) {
+ .length = 0,
+ };
+ request = (struct winbindd_request) {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
strncpy(request.data.username, name,
sizeof(request.data.username) - 1);
@@ -895,8 +904,12 @@ _nss_winbind_getgrnam_r(const char *name,
/* Call for the first time */
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
+ response = (struct winbindd_response) {
+ .length = 0,
+ };
+ request = (struct winbindd_request) {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
strncpy(request.data.groupname, name,
sizeof(request.data.groupname));
@@ -978,8 +991,13 @@ _nss_winbind_getgrgid_r(gid_t gid,
/* Call for the first time */
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
+ response = (struct winbindd_response) {
+ .length = 0,
+ };
+ request = (struct winbindd_request) {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+
request.data.gid = gid;
diff --git a/nsswitch/winbind_nss_netbsd.c b/nsswitch/winbind_nss_netbsd.c
index 4edf64c2c11..94552639b7b 100644
--- a/nsswitch/winbind_nss_netbsd.c
+++ b/nsswitch/winbind_nss_netbsd.c
@@ -180,13 +180,15 @@ netbsdwinbind_getgroupmembership(void *nsrv, void *nscb,
va_list ap)
int maxgrp = va_arg(ap, int);
int *groupc = va_arg(ap, int *);
- struct winbindd_request request;
- struct winbindd_response response;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ }
gid_t *wblistv;
int wblistc, i, isdup, dupc;
- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
strncpy(request.data.username, uname,
sizeof(request.data.username) - 1);
i = winbindd_request_response(NULL, WINBINDD_GETGROUPS,
diff --git a/nsswitch/winbind_nss_solaris.c b/nsswitch/winbind_nss_solaris.c
index eb1ddb0f8b0..495854fb9f3 100644
--- a/nsswitch/winbind_nss_solaris.c
+++ b/nsswitch/winbind_nss_solaris.c
@@ -479,14 +479,15 @@ static NSS_STATUS
_nss_winbind_ipnodes_getbyname(nss_backend_t* be, void *args)
{
nss_XbyY_args_t *argp = (nss_XbyY_args_t*) args;
- struct winbindd_response response;
- struct winbindd_request request;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
NSS_STATUS ret;
int af;
- ZERO_STRUCT(response);
- ZERO_STRUCT(request);
-
/* I assume there that AI_ADDRCONFIG cases are handled in nss
frontend code, at least it seems done so in solaris...
@@ -524,13 +525,14 @@ static NSS_STATUS
_nss_winbind_hosts_getbyname(nss_backend_t* be, void *args)
{
nss_XbyY_args_t *argp = (nss_XbyY_args_t*) args;
- struct winbindd_response response;
- struct winbindd_request request;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
+ };
+ struct winbindd_response response = {
+ .length = 0,
+ };
NSS_STATUS ret;
- ZERO_STRUCT(response);
- ZERO_STRUCT(request);
-
strncpy(request.data.winsreq, argp->key.name,
sizeof(request.data.winsreq) - 1);
request.data.winsreq[sizeof(request.data.winsreq) - 1] = '\0';
@@ -548,14 +550,15 @@ static NSS_STATUS
_nss_winbind_hosts_getbyaddr(nss_backend_t* be, void *args)
{
NSS_STATUS ret;
- struct winbindd_response response;
- struct winbindd_request request;
+ struct winbindd_request request = {
+ .wb_flags = WBFLAG_FROM_NSS,
--
Samba Shared Repository
