Attachment 15991 Details for Bug 14370 – patch for 4.12

[patch] patch for 4.12

v4-12.patch (text/plain), 12.73 KB, created by Andreas Schneider on 2020-05-19 05:31:29 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Andreas Schneider

Created: 2020-05-19 05:31:29 UTC

Size: 12.73 KB

patch

obsolete

>From 3dbdb8c3d8cd0498e1afb47758fea700f5061435 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@samba.org>
>Date: Thu, 7 May 2020 12:25:24 +0200
>Subject: [PATCH 1/4] lib:util: Add path_expand_tilde()
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370
>
>Signed-off-by: Andreas Schneider <asn@samba.org>
>Reviewed-by: Stefan Metzmacher <metze@samba.org>
>(cherry picked from commit 15457254be0ab1235c327bd305dfeee19b2ea7a1)
>---
> lib/util/util_paths.c | 72 +++++++++++++++++++++++++++++++++++++++++++
> lib/util/util_paths.h |  9 ++++++
> 2 files changed, 81 insertions(+)
>
>diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c
>index 0473557dfc6..c05246a7407 100644
>--- a/lib/util/util_paths.c
>+++ b/lib/util/util_paths.c
>@@ -6,6 +6,7 @@
>    Copyright (C) Simo Sorce 2001
>    Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
>    Copyright (C) James Peach 2006
>+   Copyright (c) 2020      Andreas Schneider <asn@samba.org>
> 
>    This program is free software; you can redistribute it and/or modify
>    it under the terms of the GNU General Public License as published by
>@@ -24,6 +25,7 @@
> #include "includes.h"
> #include "dynconfig/dynconfig.h"
> #include "lib/util/util_paths.h"
>+#include "system/passwd.h"
> 
> /**
>  * @brief Returns an absolute path to a file in the Samba modules directory.
>@@ -62,3 +64,73 @@ const char *shlib_ext(void)
> 	return get_dyn_SHLIBEXT();
> }
> 
>+static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
>+{
>+	struct passwd pwd = {0};
>+	struct passwd *pwdbuf = NULL;
>+	char buf[NSS_BUFLEN_PASSWD] = {0};
>+	int rc;
>+
>+	rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
>+	if (rc != 0 || pwdbuf == NULL ) {
>+		const char *szPath = getenv("HOME");
>+		if (szPath == NULL) {
>+			return NULL;
>+		}
>+		snprintf(buf, sizeof(buf), "%s", szPath);
>+
>+		return talloc_strdup(mem_ctx, buf);
>+	}
>+
>+	return talloc_strdup(mem_ctx, pwd.pw_dir);
>+}
>+
>+char *path_expand_tilde(TALLOC_CTX *mem_ctx, const char *d)
>+{
>+	char *h = NULL, *r = NULL;
>+	const char *p = NULL;
>+	struct stat sb = {0};
>+	int rc;
>+
>+	if (d[0] != '~') {
>+		return talloc_strdup(mem_ctx, d);
>+	}
>+	d++;
>+
>+	/* handle ~user/path */
>+	p = strchr(d, '/');
>+	if (p != NULL && p > d) {
>+		struct passwd *pw;
>+		size_t s = p - d;
>+		char u[128];
>+
>+		if (s >= sizeof(u)) {
>+			return NULL;
>+		}
>+		memcpy(u, d, s);
>+		u[s] = '\0';
>+
>+		pw = getpwnam(u);
>+		if (pw == NULL) {
>+			return NULL;
>+		}
>+		h = talloc_strdup(mem_ctx, pw->pw_dir);
>+	} else {
>+		p = d;
>+		h = get_user_home_dir(mem_ctx);
>+	}
>+	if (h == NULL) {
>+		return NULL;
>+	}
>+
>+	rc = stat(h, &sb);
>+	if (rc != 0) {
>+		TALLOC_FREE(h);
>+		return NULL;
>+	}
>+
>+	r = talloc_asprintf(mem_ctx, "%s%s", h, p);
>+	TALLOC_FREE(h);
>+
>+	return r;
>+}
>diff --git a/lib/util/util_paths.h b/lib/util/util_paths.h
>index 80e8aaac6e9..cf34f691e5f 100644
>--- a/lib/util/util_paths.h
>+++ b/lib/util/util_paths.h
>@@ -51,4 +51,13 @@ char *data_path(TALLOC_CTX *mem_ctx, const char *name);
>  **/
> const char *shlib_ext(void);
> 
>+/**
>+ * @brief Expand a directory starting with a tilde '~'
>+ *
>+ * @param[in]  d        The directory to expand.
>+ *
>+ * @return              The expanded directory, NULL on error.
>+ */
>+char *path_expand_tilde(TALLOC_CTX *mem_ctx, const char *d);
>+
> #endif
>-- 
>2.26.2
>
>
>From d43c586576353cba5082ba396c521dde1cde4929 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@samba.org>
>Date: Mon, 11 May 2020 12:50:11 +0200
>Subject: [PATCH 2/4] lib:util: Add test for path_expand_tilde()
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370
>
>Signed-off-by: Andreas Schneider <asn@samba.org>
>Reviewed-by: Stefan Metzmacher <metze@samba.org>
>(backported from commit a15bd5493b696c66c6803d8ca65bc13f1cfcdf0a)
>---
> lib/util/tests/test_util_paths.c | 127 +++++++++++++++++++++++++++++++
> lib/util/wscript_build           |   6 ++
> selftest/tests.py                |   2 +
> 3 files changed, 135 insertions(+)
> create mode 100644 lib/util/tests/test_util_paths.c
>
>diff --git a/lib/util/tests/test_util_paths.c b/lib/util/tests/test_util_paths.c
>new file mode 100644
>index 00000000000..b89abf0aea1
>--- /dev/null
>+++ b/lib/util/tests/test_util_paths.c
>@@ -0,0 +1,127 @@
>+/*
>+ * Unix SMB/CIFS implementation.
>+ *
>+ * Copyright (C) 2020      Andreas Schneider <asn@samba.org>
>+ *
>+ * This program is free software; you can redistribute it and/or modify
>+ * it under the terms of the GNU General Public License as published by
>+ * the Free Software Foundation; either version 3 of the License, or
>+ * (at your option) any later version.
>+ *
>+ * This program is distributed in the hope that it will be useful,
>+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
>+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
>+ * GNU General Public License for more details.
>+ *
>+ * You should have received a copy of the GNU General Public License
>+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
>+ */
>+
>+#include <stdarg.h>
>+#include <stddef.h>
>+#include <stdint.h>
>+#include <setjmp.h>
>+#include <cmocka.h>
>+
>+#include <talloc.h>
>+
>+#include "lib/replace/replace.h"
>+#include "lib/util/util_paths.c"
>+
>+static int setup(void **state)
>+{
>+	TALLOC_CTX *mem_ctx = talloc_new(NULL);
>+
>+	assert_non_null(mem_ctx);
>+	*state = mem_ctx;
>+
>+	return 0;
>+}
>+
>+static int teardown(void **state)
>+{
>+	TALLOC_CTX *mem_ctx = *state;
>+	TALLOC_FREE(mem_ctx);
>+
>+    return 0;
>+}
>+
>+static void test_get_user_home_dir(void **state)
>+{
>+	TALLOC_CTX *mem_ctx = *state;
>+	struct passwd *pwd = getpwuid(getuid());
>+	char *user;
>+
>+	user = get_user_home_dir(mem_ctx);
>+	assert_non_null(user);
>+	assert_string_equal(user, pwd->pw_dir);
>+
>+	TALLOC_FREE(user);
>+}
>+
>+static void test_path_expand_tilde(void **state)
>+{
>+	TALLOC_CTX *mem_ctx = *state;
>+	char h[256] = {0};
>+	char *d = NULL;
>+	const char *user = NULL;
>+	char *home = NULL;
>+
>+	user = getenv("USER");
>+	if (user == NULL){
>+		user = getenv("LOGNAME");
>+	}
>+
>+	/* In certain CIs there no such variables */
>+	if (user == NULL) {
>+		struct passwd *pw = getpwuid(getuid());
>+		if (pw){
>+			user = pw->pw_name;
>+		}
>+	}
>+
>+	home = getenv("HOME");
>+	assert_non_null(home);
>+	snprintf(h, sizeof(h), "%s/.cache", home);
>+
>+	d = path_expand_tilde(mem_ctx, "~/.cache");
>+	assert_non_null(d);
>+	assert_string_equal(d, h);
>+	TALLOC_FREE(d);
>+
>+	snprintf(h, sizeof(h), "%s/.cache/X~", home);
>+	d = path_expand_tilde(mem_ctx, "~/.cache/X~");
>+	assert_string_equal(d, h);
>+	TALLOC_FREE(d);
>+
>+	d = path_expand_tilde(mem_ctx, "/guru/meditation");
>+	assert_non_null(d);
>+	assert_string_equal(d, "/guru/meditation");
>+	TALLOC_FREE(d);
>+
>+	snprintf(h, sizeof(h), "~%s/.cache", user);
>+	d = path_expand_tilde(mem_ctx, h);
>+	assert_non_null(d);
>+
>+	snprintf(h, sizeof(h), "%s/.cache", home);
>+	assert_string_equal(d, h);
>+	TALLOC_FREE(d);
>+}
>+
>+int main(int argc, char *argv[])
>+{
>+	int rc;
>+	const struct CMUnitTest tests[] = {
>+		cmocka_unit_test(test_get_user_home_dir),
>+		cmocka_unit_test(test_path_expand_tilde),
>+	};
>+
>+	if (argc == 2) {
>+		cmocka_set_test_filter(argv[1]);
>+	}
>+	cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
>+
>+	rc = cmocka_run_group_tests(tests, setup, teardown);
>+
>+	return rc;
>+}
>diff --git a/lib/util/wscript_build b/lib/util/wscript_build
>index a827eea3ed9..608f7b3dd73 100644
>--- a/lib/util/wscript_build
>+++ b/lib/util/wscript_build
>@@ -288,3 +288,9 @@ else:
>                      deps='cmocka replace samba-util',
>                      local_include=False,
>                      for_selftest=True)
>+
>+    bld.SAMBA_BINARY('test_util_paths',
>+                     source='tests/test_util_paths.c',
>+                     deps='cmocka replace talloc samba-util',
>+                     local_include=False,
>+                     for_selftest=True)
>diff --git a/selftest/tests.py b/selftest/tests.py
>index 96d3f8d6317..b72a6fb65eb 100644
>--- a/selftest/tests.py
>+++ b/selftest/tests.py
>@@ -389,6 +389,8 @@ plantestsuite("samba.unittests.ms_fnmatch", "none",
>               [os.path.join(bindir(), "default/lib/util/test_ms_fnmatch")])
> plantestsuite("samba.unittests.byteorder", "none",
>               [os.path.join(bindir(), "default/lib/util/test_byteorder")])
>+plantestsuite("samba.unittests.util_paths", "none",
>+              [os.path.join(bindir(), "default/lib/util/test_util_paths")])
> plantestsuite("samba.unittests.ntlm_check", "none",
>               [os.path.join(bindir(), "default/libcli/auth/test_ntlm_check")])
> plantestsuite("samba.unittests.gnutls", "none",
>-- 
>2.26.2
>
>
>From 133edb95814adc43072fd33876caf9d720eaac1f Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@samba.org>
>Date: Wed, 6 May 2020 17:10:51 +0200
>Subject: [PATCH 3/4] s3:gencache: Allow to open gencache as read-only
>
>This allows client tools to access the cache for ready-only operations
>as a normal user.
>
>Example:
>    net ads status
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=14370
>
>Signed-off-by: Andreas Schneider <asn@samba.org>
>Reviewed-by: Stefan Metzmacher <metze@samba.org>
>
>Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
>Autobuild-Date(master): Fri May 15 14:40:32 UTC 2020 on sn-devel-184
>
>(cherry picked from commit 04f0c45475de383a0be4ca355ab9aa7784e61c27)
>---
> source3/lib/gencache.c | 63 ++++++++++++++++++++++++++++++++++++++++--
> 1 file changed, 60 insertions(+), 3 deletions(-)
>
>diff --git a/source3/lib/gencache.c b/source3/lib/gencache.c
>index 9ad85bbf55f..896bf50cbd7 100644
>--- a/source3/lib/gencache.c
>+++ b/source3/lib/gencache.c
>@@ -29,10 +29,13 @@
> #include "tdb_wrap/tdb_wrap.h"
> #include "zlib.h"
> #include "lib/util/strv.h"
>+#include "lib/util/util_paths.h"
> 
> #undef  DBGC_CLASS
> #define DBGC_CLASS DBGC_TDB
> 
>+#define GENCACHE_USER_PATH "~/.cache/samba/gencache.tdb"
>+
> static struct tdb_wrap *cache;
> 
> /**
>@@ -68,6 +71,7 @@ static bool gencache_init(void)
> {
> 	char* cache_fname = NULL;
> 	int open_flags = O_RDWR|O_CREAT;
>+	int tdb_flags = TDB_INCOMPATIBLE_HASH|TDB_NOSYNC|TDB_MUTEX_LOCKING;
> 	int hash_size;
> 
> 	/* skip file open if it's already opened */
>@@ -85,10 +89,63 @@ static bool gencache_init(void)
> 	DEBUG(5, ("Opening cache file at %s\n", cache_fname));
> 
> 	cache = tdb_wrap_open(NULL, cache_fname, hash_size,
>-			      TDB_INCOMPATIBLE_HASH|
>-			      TDB_NOSYNC|
>-			      TDB_MUTEX_LOCKING,
>+			      tdb_flags,
> 			      open_flags, 0644);
>+	/*
>+	 * Allow client tools to create a gencache in the home directory
>+	 * as a normal user.
>+	 */
>+	if (cache == NULL && errno == EACCES && geteuid() != 0) {
>+		char *cache_dname = NULL, *tmp = NULL;
>+		bool ok;
>+
>+		TALLOC_FREE(cache_fname);
>+
>+		cache_fname = path_expand_tilde(talloc_tos(),
>+						GENCACHE_USER_PATH);
>+		if (cache_fname == NULL) {
>+			DBG_ERR("Failed to expand path: %s\n",
>+				GENCACHE_USER_PATH);
>+			return false;
>+		}
>+
>+		tmp = talloc_strdup(talloc_tos(), cache_fname);
>+		if (tmp == NULL) {
>+			DBG_ERR("No memory!\n");
>+			TALLOC_FREE(cache_fname);
>+			return false;
>+		}
>+
>+		cache_dname = dirname(tmp);
>+		if (cache_dname == NULL) {
>+			DBG_ERR("Invalid path: %s\n", cache_fname);
>+			TALLOC_FREE(tmp);
>+			TALLOC_FREE(cache_fname);
>+			return false;
>+		}
>+
>+		ok = directory_create_or_exist(cache_dname, 0700);
>+		if (!ok) {
>+			DBG_ERR("Failed to create directory: %s - %s\n",
>+				cache_dname, strerror(errno));
>+			TALLOC_FREE(tmp);
>+			TALLOC_FREE(cache_fname);
>+			return false;
>+		}
>+		TALLOC_FREE(tmp);
>+
>+		cache = tdb_wrap_open(NULL,
>+				      cache_fname,
>+				      hash_size,
>+				      tdb_flags,
>+				      open_flags,
>+				      0644);
>+		if (cache != NULL) {
>+			DBG_INFO("Opening user cache file %s.\n",
>+				 cache_fname);
>+		}
>+	}
>+
> 	if (cache == NULL) {
> 		DEBUG(5, ("Opening %s failed: %s\n", cache_fname,
> 			  strerror(errno)));
>-- 
>2.26.2
>
>
>From de71248d86e29ca7d1d2df0f197b930ae8472d5b Mon Sep 17 00:00:00 2001
>From: Jeremy Allison <jra@samba.org>
>Date: Fri, 15 May 2020 12:18:02 -0700
>Subject: [PATCH 4/4] s3: lib: Paranoia around use of snprintf copying into a
> fixed-size buffer from a getenv() pointer.
>
>Post checks for overflow/error.
>
>Signed-off-by: Jeremy Allison <jra@samba.org>
>Reviewed-by: Andrew Bartlett <abartlet@samba.org>
>
>Autobuild-User(master): Jeremy Allison <jra@samba.org>
>Autobuild-Date(master): Mon May 18 23:42:57 UTC 2020 on sn-devel-184
>
>(cherry picked from commit dd1f750293ef4361455a5d5b63fc7a89495715b7)
>---
> lib/util/util_paths.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
>diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c
>index c05246a7407..c0ee5c32c30 100644
>--- a/lib/util/util_paths.c
>+++ b/lib/util/util_paths.c
>@@ -73,12 +73,16 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx)
> 
> 	rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf);
> 	if (rc != 0 || pwdbuf == NULL ) {
>+		int len_written;
> 		const char *szPath = getenv("HOME");
> 		if (szPath == NULL) {
> 			return NULL;
> 		}
>-		snprintf(buf, sizeof(buf), "%s", szPath);
>-
>+		len_written = snprintf(buf, sizeof(buf), "%s", szPath);
>+		if (len_written >= sizeof(buf) || len_written < 0) {
>+			/* Output was truncated or an error. */
>+			return NULL;
>+		}
> 		return talloc_strdup(mem_ctx, buf);
> 	}
> 
>-- 
>2.26.2
>

Flags:

jra: review+

Actions: View

Attachments on bug 14370: 15991 | 15992 | 15993 | 16106