Attachment 10360 Details for Bug 10835 – 0001-nss_winbind-add-getgroupmembership-for-FreeBSD.patch

[patch] 0001-nss_winbind-add-getgroupmembership-for-FreeBSD.patch

0001-nss_winbind-add-getgroupmembership-for-FreeBSD.patch (text/plain), 5.17 KB, created by Björn Jacke on 2014-10-21 07:46:58 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Björn Jacke

Created: 2014-10-21 07:46:58 UTC

Size: 5.17 KB

patch

obsolete

>From 3a2191da160f1801ee5f7fff92a9b8006872cb31 Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?Bj=C3=B6rn=20Jacke?= <bj@sernet.de>
>Date: Sun, 19 Oct 2014 15:48:45 +0200
>Subject: [PATCH] nss_winbind: add getgroupmembership for FreeBSD
>
>The getgroupmembership call on FreeBSD is needed for "winbind expand groups=0"
>(the new default in 4.2) to work.
>
>Thanks to Timur I. Bakeyev for the enhancement patch.
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=10835
>
>Signed-off-by: Bjoern Jacke <bj@sernet.de>
>Reviewed-by: Volker Lendecke <vl@samba.org>
>(cherry picked from commit 8ccf5f66691e2bbf0883afa658282ef2ac60b015)
>---
> nsswitch/winbind_nss_freebsd.c | 74 +++++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 73 insertions(+), 1 deletion(-)
>
>diff --git a/nsswitch/winbind_nss_freebsd.c b/nsswitch/winbind_nss_freebsd.c
>index 5fcd557..476349f 100644
>--- a/nsswitch/winbind_nss_freebsd.c
>+++ b/nsswitch/winbind_nss_freebsd.c
>@@ -5,6 +5,7 @@
>    routines against Samba winbind/Windows NT Domain
> 
>    Copyright (C) Aaron Collins 2003
>+   Copyright (C) Timur I. Bakeyev 2013
> 
>    This library is free software; you can redistribute it and/or
>    modify it under the terms of the GNU Lesser General Public
>@@ -23,7 +24,6 @@
> #include "winbind_client.h"
> 
> /* Make sure that the module gets registered needed by freebsd 5.1 */
>-
> extern enum nss_status _nss_winbind_getgrent_r(struct group *, char *, size_t,
>     int *);
> extern enum nss_status _nss_winbind_getgrnam_r(const char *, struct group *,
>@@ -32,6 +32,8 @@ extern enum nss_status _nss_winbind_getgrgid_r(gid_t gid, struct group *, char *
>     size_t, int *);
> extern enum nss_status _nss_winbind_setgrent(void);
> extern enum nss_status _nss_winbind_endgrent(void);
>+extern enum nss_status _nss_winbind_initgroups_dyn(char *, gid_t, long int *,
>+    long int *, gid_t **, long int , int *);
> 
> extern enum nss_status _nss_winbind_getpwent_r(struct passwd *, char *, size_t,
>     int *);
>@@ -41,6 +43,7 @@ extern enum nss_status _nss_winbind_getpwuid_r(gid_t gid, struct passwd *, char
>     size_t, int *);
> extern enum nss_status _nss_winbind_setpwent(void);
> extern enum nss_status _nss_winbind_endpwent(void);
>+ns_mtab *nss_module_register(const char *, unsigned int *, nss_module_unregister_fn *);
> 
> NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r);
> NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r);
>@@ -53,6 +56,9 @@ NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r);
> NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r);
> NSS_METHOD_PROTOTYPE(__nss_compat_setpwent);
> NSS_METHOD_PROTOTYPE(__nss_compat_endpwent);
>+NSS_METHOD_PROTOTYPE(__nss_compat_endpwent);
>+
>+NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership);
> 
> static ns_mtab methods[] = {
> { NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, _nss_winbind_getgrnam_r },
>@@ -60,6 +66,7 @@ static ns_mtab methods[] = {
> { NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_winbind_getgrent_r },
> { NSDB_GROUP, "setgrent",   __nss_compat_setgrent,   _nss_winbind_setgrent },
> { NSDB_GROUP, "endgrent",   __nss_compat_endgrent,   _nss_winbind_endgrent },
>+{ NSDB_GROUP, "getgroupmembership", __freebsd_getgroupmembership, NULL },
> 
> { NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_winbind_getpwnam_r },
> { NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_winbind_getpwuid_r },
>@@ -69,6 +76,71 @@ static ns_mtab methods[] = {
> 
> };
> 
>+/* Taken from libc */
>+static int
>+gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *grpcnt)
>+{
>+	int	ret, dupc;
>+
>+	/* skip duplicates */
>+	for (dupc = 0; dupc < MIN(maxgrp, *grpcnt); dupc++) {
>+		if (groups[dupc] == gid)
>+			return 1;
>+	}
>+
>+	ret = 1;
>+	if (*grpcnt < maxgrp)			/* add this gid */
>+		groups[*grpcnt] = gid;
>+	else
>+		ret = 0;
>+
>+	(*grpcnt)++;
>+
>+	return ret;
>+}
>+
>+/*
>+    rv = _nsdispatch(NULL, dtab, NSDB_GROUP, "getgroupmembership",
>+	            defaultsrc, uname, agroup, groups, maxgrp, grpcnt);
>+*/
>+
>+int
>+__freebsd_getgroupmembership(void *retval, void *mdata, va_list ap)
>+{
>+	const char 	*uname  = va_arg(ap, const char *);
>+	gid_t		 group  = va_arg(ap, gid_t);
>+	gid_t		*groups = va_arg(ap, gid_t *);
>+	int		 maxgrp = va_arg(ap, int);
>+	int		*groupc = va_arg(ap, int *);
>+
>+	NSS_STATUS ret;
>+	long int lcount, lsize;
>+	int i, errnop;
>+	gid_t *tmpgroups;
>+
>+	/* Can be realloc() inside _nss_winbind_initgroups_dyn() */
>+	if ((tmpgroups=calloc(maxgrp, sizeof(gid_t))) == NULL) {
>+		errno = ENOMEM;
>+		return NS_TRYAGAIN;
>+	}
>+
>+	lcount = 0;
>+	lsize = maxgrp;
>+	/* insert primary membership(possibly already there) */
>+	gr_addgid(group, groups, maxgrp, groupc);
>+	/* Don't limit number of groups, we want to know total size */
>+	ret = _nss_winbind_initgroups_dyn(uname, group, &lcount, &lsize,
>+		&tmpgroups, 0, &errnop);
>+	if (ret == NSS_STATUS_SUCCESS) {
>+		/* lcount potentially can be bigger than maxgrp, so would groupc */
>+		for (i = 0; i < lcount; i++)
>+			 gr_addgid(tmpgroups[i], groups, maxgrp, groupc);
>+	}
>+	free(tmpgroups);
>+	/* Let following nsswitch backend(s) add more groups(?) */
>+	return NSS_STATUS_NOTFOUND;
>+}
>+
> ns_mtab *
> nss_module_register(const char *source, unsigned int *mtabsize,
>     nss_module_unregister_fn *unreg)
>-- 
>2.1.0

Flags:

vl: review+
bjacke: review? (metze)
slow: review+

Actions: View

Attachments on bug 10835: 10360