diff options
author | Volker Lendecke <vl@samba.org> | 2010-04-13 12:09:21 +0200 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2010-04-13 13:30:53 +0200 |
commit | be813ff2d4a8d85eccc641f0d0739b31f4fdb964 (patch) | |
tree | 080ae38b0b3ffcfeaacb298448b55881bdf911d8 /nsswitch/libwbclient/wbclient.c | |
parent | fcab3d64f496693c70cc1ff1bcf1cf439a15fcf1 (diff) | |
download | samba-be813ff2d4a8d85eccc641f0d0739b31f4fdb964.tar.gz samba-be813ff2d4a8d85eccc641f0d0739b31f4fdb964.tar.bz2 samba-be813ff2d4a8d85eccc641f0d0739b31f4fdb964.zip |
libwbclient: Re-Fix a bug that was fixed with e5741e27c4c
> r21878: Fix a bug with smbd serving a windows terminal server: If winbind
> decides smbd to be idle it might happen that smbd needs to do a winbind
> operation (for example sid2name) as non-root. This then fails to get the
> privileged pipe. When later on on the same connection another authentication
> request comes in, we try to do the CRAP auth via the non-privileged pipe.
>
> This adds a winbindd_priv_request_response() request that kills the existing
> winbind pipe connection if it's not privileged.
The fix for this was lost during the conversion to libwbclient.
Thanks to Ira Cooper <samba@ira.wakeful.net> for pointing this out!
Volker
Diffstat (limited to 'nsswitch/libwbclient/wbclient.c')
-rw-r--r-- | nsswitch/libwbclient/wbclient.c | 31 |
1 files changed, 27 insertions, 4 deletions
diff --git a/nsswitch/libwbclient/wbclient.c b/nsswitch/libwbclient/wbclient.c index 31a736da0b..cd5ffa876a 100644 --- a/nsswitch/libwbclient/wbclient.c +++ b/nsswitch/libwbclient/wbclient.c @@ -30,6 +30,9 @@ NSS_STATUS winbindd_request_response(int req_type, struct winbindd_request *request, struct winbindd_response *response); +NSS_STATUS winbindd_priv_request_response(int req_type, + struct winbindd_request *request, + struct winbindd_response *response); /** @brief Wrapper around Winbind's send/receive API call * @@ -53,16 +56,20 @@ NSS_STATUS winbindd_request_response(int req_type, --Volker **********************************************************************/ -wbcErr wbcRequestResponse(int cmd, - struct winbindd_request *request, - struct winbindd_response *response) +static wbcErr wbcRequestResponseInt( + int cmd, + struct winbindd_request *request, + struct winbindd_response *response, + NSS_STATUS (*fn)(int req_type, + struct winbindd_request *request, + struct winbindd_response *response)) { wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; NSS_STATUS nss_status; /* for some calls the request and/or response can be NULL */ - nss_status = winbindd_request_response(cmd, request, response); + nss_status = fn(cmd, request, response); switch (nss_status) { case NSS_STATUS_SUCCESS: @@ -82,6 +89,22 @@ wbcErr wbcRequestResponse(int cmd, return wbc_status; } +wbcErr wbcRequestResponse(int cmd, + struct winbindd_request *request, + struct winbindd_response *response) +{ + return wbcRequestResponseInt(cmd, request, response, + winbindd_request_response); +} + +wbcErr wbcRequestResponsePriv(int cmd, + struct winbindd_request *request, + struct winbindd_response *response) +{ + return wbcRequestResponseInt(cmd, request, response, + winbindd_priv_request_response); +} + /** @brief Translate an error value into a string * * @param error |