1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

r21940: Sorry Volker, I have to revert your revert in r21935.

We can talk about this later if you still feel that strongly
but I need to fix the build for now.
(This used to be commit c7df0cad82)
This commit is contained in:
Gerald Carter 2007-03-22 21:41:36 +00:00 committed by Gerald (Jerry) Carter
parent d506caf2b5
commit 5b105eaf7c
4 changed files with 48 additions and 11 deletions

View File

@ -108,7 +108,8 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
/* we are contacting the privileged pipe */
become_root();
result = winbindd_request_response(WINBINDD_PAM_AUTH_CRAP, &request, &response);
result = winbindd_priv_request_response(WINBINDD_PAM_AUTH_CRAP,
&request, &response);
unbecome_root();
if ( result == NSS_STATUS_UNAVAIL ) {

View File

@ -33,6 +33,7 @@ BOOL winbind_on( void );
/* Global variables. These are effectively the client state information */
int winbindd_fd = -1; /* fd for winbindd socket */
static int is_privileged = 0;
/* Free a response structure */
@ -287,7 +288,7 @@ static int winbind_named_pipe_sock(const char *dir)
/* Connect to winbindd socket */
static int winbind_open_pipe_sock(int recursing)
static int winbind_open_pipe_sock(int recursing, int need_priv)
{
#ifdef HAVE_UNIXSOCKET
static pid_t our_pid;
@ -300,6 +301,10 @@ static int winbind_open_pipe_sock(int recursing)
close_sock();
our_pid = getpid();
}
if ((need_priv != 0) && (is_privileged == 0)) {
close_sock();
}
if (winbindd_fd != -1) {
return winbindd_fd;
@ -313,6 +318,8 @@ static int winbind_open_pipe_sock(int recursing)
return -1;
}
is_privileged = 0;
/* version-check the socket */
request.flags = WBFLAG_RECURSE;
@ -329,9 +336,14 @@ static int winbind_open_pipe_sock(int recursing)
if ((fd = winbind_named_pipe_sock((char *)response.extra_data.data)) != -1) {
close(winbindd_fd);
winbindd_fd = fd;
is_privileged = 1;
}
}
if ((need_priv != 0) && (is_privileged == 0)) {
return -1;
}
SAFE_FREE(response.extra_data.data);
return winbindd_fd;
@ -342,7 +354,7 @@ static int winbind_open_pipe_sock(int recursing)
/* Write data to winbindd socket */
int write_sock(void *buffer, int count, int recursing)
int write_sock(void *buffer, int count, int recursing, int need_priv)
{
int result, nwritten;
@ -350,7 +362,7 @@ int write_sock(void *buffer, int count, int recursing)
restart:
if (winbind_open_pipe_sock(recursing) == -1) {
if (winbind_open_pipe_sock(recursing, need_priv) == -1) {
return -1;
}
@ -536,7 +548,8 @@ BOOL winbind_env_set( void )
* send simple types of requests
*/
NSS_STATUS winbindd_send_request(int req_type, struct winbindd_request *request)
NSS_STATUS winbindd_send_request(int req_type, int need_priv,
struct winbindd_request *request)
{
struct winbindd_request lrequest;
@ -555,12 +568,14 @@ NSS_STATUS winbindd_send_request(int req_type, struct winbindd_request *request)
init_request(request, req_type);
if (write_sock(request, sizeof(*request), request->flags & WBFLAG_RECURSE) == -1) {
if (write_sock(request, sizeof(*request),
request->flags & WBFLAG_RECURSE, need_priv) == -1) {
return NSS_STATUS_UNAVAIL;
}
if ((request->extra_len != 0) &&
(write_sock(request->extra_data.data, request->extra_len, request->flags & WBFLAG_RECURSE) == -1)) {
(write_sock(request->extra_data.data, request->extra_len,
request->flags & WBFLAG_RECURSE, need_priv) == -1)) {
return NSS_STATUS_UNAVAIL;
}
@ -610,7 +625,25 @@ NSS_STATUS winbindd_request_response(int req_type,
int count = 0;
while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) {
status = winbindd_send_request(req_type, request);
status = winbindd_send_request(req_type, 0, request);
if (status != NSS_STATUS_SUCCESS)
return(status);
status = winbindd_get_response(response);
count += 1;
}
return status;
}
NSS_STATUS winbindd_priv_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response)
{
NSS_STATUS status = NSS_STATUS_UNAVAIL;
int count = 0;
while ((status == NSS_STATUS_UNAVAIL) && (count < 10)) {
status = winbindd_send_request(req_type, 1, request);
if (status != NSS_STATUS_SUCCESS)
return(status);
status = winbindd_get_response(response);

View File

@ -2,13 +2,16 @@
#include "winbindd_nss.h"
void init_request(struct winbindd_request *req,int rq_type);
NSS_STATUS winbindd_send_request(int req_type,
NSS_STATUS winbindd_send_request(int req_type, int need_priv,
struct winbindd_request *request);
NSS_STATUS winbindd_get_response(struct winbindd_response *response);
NSS_STATUS winbindd_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response);
int write_sock(void *buffer, int count, int recursing);
NSS_STATUS winbindd_priv_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response);
int write_sock(void *buffer, int count, int recursing, int need_priv);
int read_reply(struct winbindd_response *response);
void close_sock(void);
void free_response(struct winbindd_response *response);

View File

@ -454,7 +454,7 @@ send_next_request(nsd_file_t *rq, struct winbindd_request *request)
nsd_logprintf(NSD_LOG_MIN,
"send_next_request (winbind) %d, timeout = %d sec\n",
rq->f_cmd_data, timeout);
status = winbindd_send_request((int)rq->f_cmd_data,request);
status = winbindd_send_request((int)rq->f_cmd_data,request,0);
SAFE_FREE(request);
if (status != NSS_STATUS_SUCCESS) {