7) Protect alloc_sub_basic() from crashing when the source string
is NULL (partial work on bug 687).
8) Fix spinlocks on IRIX.
-9) Corrected some bad paths with using --with-fhs to configure.
+9) Corrected some bad destination paths when running "configure
+ --with-fhs".
10) Add packaging for Fedora Core 1.
+11) Correct bug in SWAT install script for non=english languages.
+12) Support character set ISO-8859-1 internally (bug 558).
+13) Fixed more LDAP access errors when looking up group mappings
+ (bug 281).
+14) Fix UNISTR2 length bug in LsaQueryInfo(3) that caused SID
+ resolution to fail on local files on on domain members
+ (bug 875).
Changes since 3.0.1pre3
BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
{
struct group *grp;
-
+ BOOL ret;
+
if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping"));
return(False);
DEBUG(10, ("get_domain_group_from_sid\n"));
/* if the group is NOT in the database, it CAN NOT be a domain group */
- if(!pdb_getgrsid(map, sid))
+
+ become_root();
+ ret = pdb_getgrsid(map, sid);
+ unbecome_root();
+
+ if ( !ret )
return False;
DEBUG(10, ("get_domain_group_from_sid: SID found in the TDB\n"));
BOOL get_local_group_from_sid(DOM_SID sid, GROUP_MAP *map)
{
+ BOOL ret;
+
if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping"));
return(False);
}
/* The group is in the mapping table */
+ become_root();
+ ret = pdb_getgrsid(map, sid);
+ unbecome_root();
- if( !pdb_getgrsid(map, sid) )
+ if ( !ret )
return False;
if ( (map->sid_name_use != SID_NAME_ALIAS)
return False;
}
-#if 0 /* JERRY */
+#if 1 /* JERRY */
/* local groups only exist in the group mapping DB so this
is not necessary */
/* the group isn't in the mapping table.
* make one based on the unix information */
uint32 alias_rid;
+ struct group *grp;
sid_peek_rid(&sid, &alias_rid);
map->gid=pdb_group_rid_to_gid(alias_rid);
BOOL get_builtin_group_from_sid(DOM_SID sid, GROUP_MAP *map)
{
struct group *grp;
+ BOOL ret;
+
if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping"));
return(False);
}
- if(!pdb_getgrsid(map, sid))
+ become_root();
+ ret = pdb_getgrsid(map, sid);
+ unbecome_root();
+
+ if ( !ret )
return False;
if (map->sid_name_use!=SID_NAME_WKN_GRP) {
}
BUFFER4;
-enum unistr2_term_codes { UNI_FLAGS_NONE = 0, UNI_STR_TERMINATE = 1, UNI_MAXLEN_TERMINATE = 2 };
+enum unistr2_term_codes { UNI_FLAGS_NONE = 0, UNI_STR_TERMINATE = 1, UNI_MAXLEN_TERMINATE = 2, UNI_BROKEN_NON_NULL = 3 };
#endif /* _RPC_MISC_H */
static size_t ascii_pull(void *,char **, size_t *, char **, size_t *);
static size_t ascii_push(void *,char **, size_t *, char **, size_t *);
+static size_t latin1_push(void *,char **, size_t *, char **, size_t *);
static size_t utf8_pull(void *,char **, size_t *, char **, size_t *);
static size_t utf8_push(void *,char **, size_t *, char **, size_t *);
static size_t ucs2hex_pull(void *,char **, size_t *, char **, size_t *);
{"UTF8", utf8_pull, utf8_push},
{"ASCII", ascii_pull, ascii_push},
{"646", ascii_pull, ascii_push},
+ {"ISO-8859-1", ascii_pull, latin1_push},
{"UCS2-HEX", ucs2hex_pull, ucs2hex_push},
{NULL, NULL, NULL}
};
return ir_count;
}
+static size_t latin1_push(void *cd, char **inbuf, size_t *inbytesleft,
+ char **outbuf, size_t *outbytesleft)
+{
+ int ir_count=0;
+
+ while (*inbytesleft >= 2 && *outbytesleft >= 1) {
+ (*outbuf)[0] = (*inbuf)[0];
+ if ((*inbuf)[1]) ir_count++;
+ (*inbytesleft) -= 2;
+ (*outbytesleft) -= 1;
+ (*inbuf) += 2;
+ (*outbuf) += 1;
+ }
+
+ if (*inbytesleft == 1) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ if (*inbytesleft > 1) {
+ errno = E2BIG;
+ return -1;
+ }
+
+ return ir_count;
+}
static size_t ucs2hex_pull(void *cd, char **inbuf, size_t *inbytesleft,
char **outbuf, size_t *outbytesleft)
uint32 rid;
SAM_ACCOUNT *sam_account = NULL;
GROUP_MAP map;
+ BOOL ret;
if (!sid_peek_check_rid(get_global_sam_sid(), sid, &rid)){
DEBUG(0,("local_lookup_sid: sid_peek_check_rid return False! SID: %s\n",
/* see if the passdb can help us with the name of the user */
+ /* BEING ROOT BLLOCK */
become_root();
if (pdb_getsampwsid(sam_account, sid)) {
- unbecome_root();
+ unbecome_root(); /* -----> EXIT BECOME_ROOT() */
fstrcpy(name, pdb_get_username(sam_account));
*psid_name_use = SID_NAME_USER;
return True;
}
- unbecome_root();
pdb_free_sam(&sam_account);
-
- if (pdb_getgrsid(&map, *sid)) {
+
+ ret = pdb_getgrsid(&map, *sid);
+ unbecome_root();
+ /* END BECOME_ROOT BLOCK */
+
+ if ( ret ) {
if (map.gid!=(gid_t)-1) {
DEBUG(5,("local_lookup_sid: mapped group %s to gid %u\n", map.nt_name, (unsigned int)map.gid));
} else {
{
uint32 rid;
GROUP_MAP group;
+ BOOL ret;
*name_type = SID_NAME_UNKNOWN;
/* we don't need to disable winbindd since the gid is stored in
the GROUP_MAP object */
-
- if ( !pdb_getgrsid(&group, *psid) ) {
+
+ become_root();
+ pdb_getgrsid(&group, *psid);
+ unbecome_root();
+
+ if ( !ret ) {
/* fallback to rid mapping if enabled */
str->uni_max_len = num_chars;
str->offset = 0;
str->uni_str_len = num_chars;
- if (num_chars && (flags == UNI_MAXLEN_TERMINATE))
+ if ( num_chars && ((flags == UNI_MAXLEN_TERMINATE) || (flags == UNI_BROKEN_NON_NULL)) )
str->uni_max_len++;
}
/* this string is supposed to be non-null terminated. */
/* But the maxlen in this UNISTR2 must include the terminating null. */
- init_unistr2(&d_q->uni_domain_name, dom_name, UNI_MAXLEN_TERMINATE);
+ init_unistr2(&d_q->uni_domain_name, dom_name, UNI_BROKEN_NON_NULL);
/*
* I'm not sure why this really odd combination of length
DOM_SID sid;
GROUP_MAP map;
uint32 acc_granted;
+ BOOL ret;
r_u->status = NT_STATUS_OK;
!sid_check_is_in_builtin(&sid))
return NT_STATUS_OBJECT_TYPE_MISMATCH;
- if (!pdb_getgrsid(&map, sid))
+ become_root();
+ ret = pdb_getgrsid(&map, sid);
+ unbecome_root();
+
+ if ( !ret )
return NT_STATUS_NO_SUCH_ALIAS;
switch (q_u->switch_level) {
return NT_STATUS_UNSUCCESSFUL;
}
- become_root();
-
for (i=0;i<num_groups;i++) {
if (!get_group_from_gid(groups[i], &map)) {
break;
}
- unbecome_root();
-
- if(num_groups) free(groups);
+ if(num_groups)
+ free(groups);
/* now check for the user's gid (the primary group rid) */
for (i=0; i<cur_rid && grid!=rids[i]; i++)
DEBUG(10,("get_alias_user_groups: looking for gid %d of user %s\n", (int)gid, user_name));
- become_root();
-
if(!get_group_from_gid(gid, &map)) {
- DEBUG(0,("get_alias_user_groups: gid of user %s doesn't exist. Check your /etc/passwd and /etc/group files\n", user_name));
+ DEBUG(0,("get_alias_user_groups: gid of user %s doesn't exist. Check your "
+ "/etc/passwd and /etc/group files\n", user_name));
goto done;
}
- unbecome_root();
-
/* the primary group isn't an alias */
if (map.sid_name_use!=SID_NAME_ALIAS) {
DEBUG(10,("get_alias_user_groups: not returing %s, not an ALIAS group.\n", map.nt_name));
for ln in $LANGS; do
for f in $SRCDIR../swat/$ln/images/*.gif; do
+ if [ ! -f $f ] ; then
+ continue
+ fi
FNAME=$SWATDIR/$ln/images/`basename $f`
echo $FNAME
cp $f $FNAME || echo Cannot install $FNAME. Does $USER have privileges?
# Install html help
for f in $SRCDIR../swat/$ln/help/*.html; do
+ if [ ! -f $f ] ; then
+ continue
+ fi
FNAME=$SWATDIR/$ln/help/`basename $f`
echo $FNAME
if [ "x$BOOKDIR" = "x" ]; then
# Install "server-side" includes
for f in $SRCDIR../swat/$ln/include/*.html; do
+ if [ ! -f $f ] ; then
+ continue
+ fi
FNAME=$SWATDIR/$ln/include/`basename $f`
echo $FNAME
cp $f $FNAME || echo Cannot install $FNAME. Does $USER have privileges?
projects / thirdparty / samba.git / commitdiff
