Attachment 17275 Details for Bug 15054 – patch for 4.15

[patch] patch for 4.15

samba-v4-15-test-smbd-upn.patch (text/plain), 9.27 KB, created by Andreas Schneider on 2022-04-27 06:22:07 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Andreas Schneider

Created: 2022-04-27 06:22:07 UTC

Size: 9.27 KB

patch

obsolete

>From 25465d0bc77dd712b3d94e488f2cf0583fd7ac04 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@cryptomilk.org>
>Date: Tue, 26 Apr 2022 07:10:56 +0200
>Subject: [PATCH 1/5] s3:passdb: Remove trailing spaces in lookup_sid.c
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=15054
>
>Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit 756cd0eed30322ae6dbd5402ec11441387475884)
>---
> source3/passdb/lookup_sid.c | 18 +++++++++---------
> 1 file changed, 9 insertions(+), 9 deletions(-)
>
>diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
>index a551bcfd24a..3a28cdc68a6 100644
>--- a/source3/passdb/lookup_sid.c
>+++ b/source3/passdb/lookup_sid.c
>@@ -1,4 +1,4 @@
>-/* 
>+/*
>    Unix SMB/CIFS implementation.
>    uid/user handling
>    Copyright (C) Andrew Tridgell         1992-1998
>@@ -72,7 +72,7 @@ static bool lookup_unix_group_name(const char *name, struct dom_sid *sid)
>  If an explicit domain name was given in the form domain\user, it
>  has to try that. If no explicit domain name was given, we have
>  to do guesswork.
>-*****************************************************************/  
>+*****************************************************************/
> 
> bool lookup_name(TALLOC_CTX *mem_ctx,
> 		 const char *full_name, int flags,
>@@ -300,7 +300,7 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
> 		goto ok;
> 	}
> 
>-	/* 6. Builtin aliases */	
>+	/* 6. Builtin aliases */
> 
> 	if ((flags & LOOKUP_NAME_BUILTIN) &&
> 	    lookup_builtin_name(name, &rid))
>@@ -882,7 +882,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids,
> 	}
> 
> 	/* First build up the data structures:
>-	 * 
>+	 *
> 	 * dom_infos is a list of domains referenced in the list of
> 	 * SIDs. Later we will walk the list of domains and look up the RIDs
> 	 * in bulk.
>@@ -1070,7 +1070,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids,
> 
> /*****************************************************************
>  *THE CANONICAL* convert SID to name function.
>-*****************************************************************/  
>+*****************************************************************/
> 
> bool lookup_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
> 		const char **ret_domain, const char **ret_name,
>@@ -1104,7 +1104,7 @@ bool lookup_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
> 		goto done;
> 	}
> 
>-	if ((ret_name != NULL) && 
>+	if ((ret_name != NULL) &&
> 	    !(*ret_name = talloc_strdup(mem_ctx, name->name))) {
> 		goto done;
> 	}
>@@ -1130,7 +1130,7 @@ bool lookup_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
> 
> /*****************************************************************
>  *THE LEGACY* convert SID to id function.
>-*****************************************************************/  
>+*****************************************************************/
> 
> static bool legacy_sid_to_unixid(const struct dom_sid *psid, struct unixid *id)
> {
>@@ -1465,7 +1465,7 @@ fail:
> 
> /*****************************************************************
>  *THE CANONICAL* convert SID to uid function.
>-*****************************************************************/  
>+*****************************************************************/
> 
> bool sid_to_uid(const struct dom_sid *psid, uid_t *puid)
> {
>@@ -1527,7 +1527,7 @@ bool sid_to_uid(const struct dom_sid *psid, uid_t *puid)
> /*****************************************************************
>  *THE CANONICAL* convert SID to gid function.
>  Group mapping is used for gids that maps to Wellknown SIDs
>-*****************************************************************/  
>+*****************************************************************/
> 
> bool sid_to_gid(const struct dom_sid *psid, gid_t *pgid)
> {
>-- 
>2.36.0
>
>
>From e884efce61290ad6f4125ab4e3adb08bcc1a800d Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@cryptomilk.org>
>Date: Tue, 26 Apr 2022 07:12:02 +0200
>Subject: [PATCH 2/5] s3:passdb: Add support to handle UPNs in lookup_name()
>
>This address an issue if sssd is running and handling nsswitch. If we look up
>a user with getpwnam("DOMAIN\user") it will return user@REALM in the passwd
>structure. We need to be able to deal with that.
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=15054
>
>Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit 2a03fb91c1120718ada9d4b8421044cb7eae7b83)
>---
> source3/passdb/lookup_sid.c | 14 ++++++++++++--
> 1 file changed, 12 insertions(+), 2 deletions(-)
>
>diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
>index 3a28cdc68a6..c14d7a7b123 100644
>--- a/source3/passdb/lookup_sid.c
>+++ b/source3/passdb/lookup_sid.c
>@@ -100,8 +100,18 @@ bool lookup_name(TALLOC_CTX *mem_ctx,
> 					PTR_DIFF(p, full_name));
> 		name = talloc_strdup(tmp_ctx, p+1);
> 	} else {
>-		domain = talloc_strdup(tmp_ctx, "");
>-		name = talloc_strdup(tmp_ctx, full_name);
>+		char *q = strchr_m(full_name, '@');
>+
>+		/* Set the domain for UPNs */
>+		if (q != NULL) {
>+			name = talloc_strndup(tmp_ctx,
>+					      full_name,
>+					      PTR_DIFF(q, full_name));
>+			domain = talloc_strdup(tmp_ctx, q + 1);
>+		} else {
>+			domain = talloc_strdup(tmp_ctx, "");
>+			name = talloc_strdup(tmp_ctx, full_name);
>+		}
> 	}
> 
> 	if ((domain == NULL) || (name == NULL)) {
>-- 
>2.36.0
>
>
>From cc548efd5fa1783e8412e7ac695c8d6be3323d67 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@cryptomilk.org>
>Date: Tue, 26 Apr 2022 12:26:25 +0200
>Subject: [PATCH 3/5] s3:passdb: Use already defined pointer in
> lookup_name_smbconf()
>
>Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit ed8e466854d6d8d6120388716a7b604df7a4db27)
>---
> source3/passdb/lookup_sid.c | 12 +++++-------
> 1 file changed, 5 insertions(+), 7 deletions(-)
>
>diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
>index c14d7a7b123..dbea5578f92 100644
>--- a/source3/passdb/lookup_sid.c
>+++ b/source3/passdb/lookup_sid.c
>@@ -464,7 +464,7 @@ bool lookup_name_smbconf(TALLOC_CTX *mem_ctx,
> 		 const char **ret_domain, const char **ret_name,
> 		 struct dom_sid *ret_sid, enum lsa_SidType *ret_type)
> {
>-	char *qualified_name;
>+	char *qualified_name = NULL;
> 	const char *p;
> 
> 	if ((p = strchr_m(full_name, *lp_winbind_separator())) != NULL) {
>@@ -472,16 +472,14 @@ bool lookup_name_smbconf(TALLOC_CTX *mem_ctx,
> 		/* The name is already qualified with a domain. */
> 
> 		if (*lp_winbind_separator() != '\\') {
>-			char *tmp;
>-
> 			/* lookup_name() needs '\\' as a separator */
> 
>-			tmp = talloc_strdup(mem_ctx, full_name);
>-			if (!tmp) {
>+			qualified_name = talloc_strdup(mem_ctx, full_name);
>+			if (qualified_name == NULL) {
> 				return false;
> 			}
>-			tmp[p - full_name] = '\\';
>-			full_name = tmp;
>+			qualified_name[p - full_name] = '\\';
>+			full_name = qualified_name;
> 		}
> 
> 		return lookup_name(mem_ctx, full_name, flags,
>-- 
>2.36.0
>
>
>From 3ee3336f4a3fbb80ccabe6c1494a68286af55437 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@cryptomilk.org>
>Date: Tue, 26 Apr 2022 07:24:10 +0200
>Subject: [PATCH 4/5] s3:passdb: Refactor lookup_name_smbconf()
>
>This will be changed to support UPNs too in the next patch.
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=15054
>
>Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit 2690310743920dfe20ac235c1e3617e0f421eddc)
>---
> source3/passdb/lookup_sid.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
>diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
>index dbea5578f92..de9dd123239 100644
>--- a/source3/passdb/lookup_sid.c
>+++ b/source3/passdb/lookup_sid.c
>@@ -465,13 +465,14 @@ bool lookup_name_smbconf(TALLOC_CTX *mem_ctx,
> 		 struct dom_sid *ret_sid, enum lsa_SidType *ret_type)
> {
> 	char *qualified_name = NULL;
>-	const char *p;
>+	const char *p = strchr_m(full_name, *lp_winbind_separator());
>+	bool is_qualified = p != NULL;
> 
>-	if ((p = strchr_m(full_name, *lp_winbind_separator())) != NULL) {
>+	if (is_qualified) {
> 
> 		/* The name is already qualified with a domain. */
> 
>-		if (*lp_winbind_separator() != '\\') {
>+		if (p != NULL && *lp_winbind_separator() != '\\') {
> 			/* lookup_name() needs '\\' as a separator */
> 
> 			qualified_name = talloc_strdup(mem_ctx, full_name);
>-- 
>2.36.0
>
>
>From 1baa5b170c36854eaa0a5f2c9aba29d50194f750 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@cryptomilk.org>
>Date: Tue, 26 Apr 2022 07:39:12 +0200
>Subject: [PATCH 5/5] s3:passdb: Also allow to handle UPNs in
> lookup_name_smbconf()
>
>BUG: https://bugzilla.samba.org/show_bug.cgi?id=15054
>
>Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
>Reviewed-by: Jeremy Allison <jra@samba.org>
>(cherry picked from commit 28fc44f2852046d03cada161ed1001d04d9e1554)
>---
> source3/passdb/lookup_sid.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
>diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
>index de9dd123239..426ea3f81bd 100644
>--- a/source3/passdb/lookup_sid.c
>+++ b/source3/passdb/lookup_sid.c
>@@ -466,8 +466,9 @@ bool lookup_name_smbconf(TALLOC_CTX *mem_ctx,
> {
> 	char *qualified_name = NULL;
> 	const char *p = strchr_m(full_name, *lp_winbind_separator());
>-	bool is_qualified = p != NULL;
>+	bool is_qualified = p != NULL || strchr_m(full_name, '@') != NULL;
> 
>+	/* For DOMAIN\user or user@REALM directly call lookup_name(). */
> 	if (is_qualified) {
> 
> 		/* The name is already qualified with a domain. */
>-- 
>2.36.0
>

Flags:

jra: review+
gd: review+

Actions: View

Attachments on bug 15054: 17275 | 17276