diff options
author | Jeremy Allison <jra@samba.org> | 1998-09-29 20:24:17 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 1998-09-29 20:24:17 +0000 |
commit | 9066025a8a4afe1f7f559c455d86fc023792ed17 (patch) | |
tree | 6ced773fa584a81c9a0fe957cac357c1f8a9aa2d /source3/smbd | |
parent | 282eb4f3e8ea2f19c5609bc498d24a68a1ca48a5 (diff) | |
download | samba-9066025a8a4afe1f7f559c455d86fc023792ed17.tar.gz samba-9066025a8a4afe1f7f559c455d86fc023792ed17.tar.bz2 samba-9066025a8a4afe1f7f559c455d86fc023792ed17.zip |
Got very strict about the differences and uses of
uid_t, gid_t and vuid. Added sys_getgroups() to get
around the int * return problem. Set correct datatypes
for all uid, gid and vuid variables.
Jeremy.
(This used to be commit e570db46fc3a78e499523fd342e9a34cebb18998)
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/ipc.c | 2 | ||||
-rw-r--r-- | source3/smbd/password.c | 35 | ||||
-rw-r--r-- | source3/smbd/service.c | 2 | ||||
-rw-r--r-- | source3/smbd/uid.c | 38 |
4 files changed, 41 insertions, 36 deletions
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index ec126c89ff..db6ee62f91 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -2383,7 +2383,7 @@ static BOOL api_RNetUserGetInfo(connection_struct *conn,uint16 vuid, char *param Don't depend on vuser being non-null !!. JRA */ user_struct *vuser = get_valid_user_struct(vuid); if(vuser != NULL) - DEBUG(3,(" Username of UID %d is %s\n", vuser->uid, vuser->name)); + DEBUG(3,(" Username of UID %d is %s\n", (int)vuser->uid, vuser->name)); *rparam_len = 6; *rparam = REALLOC(*rparam,*rparam_len); diff --git a/source3/smbd/password.c b/source3/smbd/password.c index f542dbe608..5a7e20e47e 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -107,7 +107,7 @@ user_struct *get_valid_user_struct(uint16 vuid) return NULL; vuid -= VUID_OFFSET; if ((vuid >= (uint16)num_validated_users) || - (validated_users[vuid].uid == -1) || (validated_users[vuid].gid == -1)) + (validated_users[vuid].uid == (uid_t)-1) || (validated_users[vuid].gid == (gid_t)-1)) return NULL; return &validated_users[vuid]; } @@ -121,17 +121,19 @@ void invalidate_vuid(uint16 vuid) if (vuser == NULL) return; - vuser->uid = -1; - vuser->gid = -1; + vuser->uid = (uid_t)-1; + vuser->gid = (gid_t)-1; vuser->n_sids = 0; /* same number of igroups as groups */ vuser->n_groups = 0; - if (vuser->groups) free(vuser->groups); + if (vuser->groups) + free((char *)vuser->groups); - if (vuser->sids) free(vuser->sids); + if (vuser->sids) + free((char *)vuser->sids); vuser->sids = NULL; vuser->groups = NULL; @@ -153,11 +155,11 @@ char *validated_username(uint16 vuid) /**************************************************************************** Setup the groups a user belongs to. ****************************************************************************/ -int setup_groups(char *user, int uid, int gid, int *p_ngroups, GID_T **p_groups) +int setup_groups(char *user, uid_t uid, gid_t gid, int *p_ngroups, gid_t **p_groups) { int i,ngroups; - GID_T *groups; - GID_T grp = 0; + gid_t grp = 0; + gid_t *groups = NULL; if (-1 == initgroups(user,gid)) { if (getuid() == 0) { @@ -170,15 +172,18 @@ int setup_groups(char *user, int uid, int gid, int *p_ngroups, GID_T **p_groups) return -1; } - ngroups = getgroups(0,&grp); - if (ngroups <= 0) ngroups = 32; + ngroups = sys_getgroups(0,&grp); + if (ngroups <= 0) + ngroups = 32; - groups = (GID_T *)malloc(sizeof(groups[0])*ngroups); + if((groups = (gid_t *)malloc(sizeof(gid_t)*ngroups)) == NULL) { + DEBUG(0,("setup_groups malloc fail !\n")); + return -1; + } - ngroups = getgroups(ngroups,(gid_t *)groups); + ngroups = sys_getgroups(ngroups,groups); (*p_ngroups) = ngroups; - (*p_groups) = groups; DEBUG( 3, ( "%s is in %d groups: ", user, ngroups ) ); @@ -196,7 +201,7 @@ register a uid/name pair as being valid and that a valid password has been given. vuid is biased by an offset. This allows us to tell random client vuid's (normally zero) from valid vuids. ****************************************************************************/ -uint16 register_vuid(int uid,int gid, char *unix_name, char *requested_name, BOOL guest) +uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, BOOL guest) { user_struct *vuser; struct passwd *pwfile; /* for getting real name from passwd file */ @@ -258,7 +263,7 @@ uint16 register_vuid(int uid,int gid, char *unix_name, char *requested_name, BOO &vuser->n_groups, &vuser->groups); - DEBUG(3,("uid %d registered to name %s\n",uid,unix_name)); + DEBUG(3,("uid %d registered to name %s\n",(int)uid,unix_name)); DEBUG(3, ("Clearing default real name\n")); fstrcpy(vuser->real_name, "<Full Name>\0"); diff --git a/source3/smbd/service.c b/source3/smbd/service.c index b0c74aa53e..ee195e12ec 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -485,7 +485,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int dbgtext( "%s (%s) ", remote_machine, client_addr(Client) ); dbgtext( "connect to service %s ", lp_servicename(SNUM(conn)) ); dbgtext( "as user %s ", user ); - dbgtext( "(uid=%d, gid=%d) ", conn->uid, conn->gid ); + dbgtext( "(uid=%d, gid=%d) ", (int)conn->uid, (int)conn->gid ); dbgtext( "(pid %d)\n", (int)getpid() ); } diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 4ffec90521..7cd8c8673c 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -23,8 +23,8 @@ extern int DEBUGLEVEL; -static int initial_uid; -static int initial_gid; +static uid_t initial_uid; +static gid_t initial_gid; /* what user is current? */ extern struct current_user current_user; @@ -61,17 +61,16 @@ void init_uid(void) /**************************************************************************** become the specified uid ****************************************************************************/ -static BOOL become_uid(int uid) +static BOOL become_uid(uid_t uid) { if (initial_uid != 0) { return(True); } - if (uid == -1 || uid == 65535) { + if (uid == (uid_t)-1 || ((sizeof(uid_t) == 2) && (uid == (uid_t)65535))) { static int done; if (!done) { - DEBUG(1,("WARNING: using uid %d is a security risk\n", - uid)); + DEBUG(1,("WARNING: using uid %d is a security risk\n",(int)uid)); done=1; } } @@ -79,9 +78,9 @@ static BOOL become_uid(int uid) #ifdef HAVE_TRAPDOOR_UID #ifdef HAVE_SETUIDX /* AIX3 has setuidx which is NOT a trapoor function (tridge) */ - if (setuidx(ID_EFFECTIVE, (uid_t)uid) != 0) { - if (seteuid((uid_t)uid) != 0) { - DEBUG(1,("Can't set uid (setuidx)\n")); + if (setuidx(ID_EFFECTIVE, uid) != 0) { + if (seteuid(uid) != 0) { + DEBUG(1,("Can't set uid %d (setuidx)\n", (int)uid)); return False; } } @@ -96,14 +95,14 @@ static BOOL become_uid(int uid) #endif { DEBUG(0,("Couldn't set uid %d currently set to (%d,%d)\n", - uid,(int)getuid(), (int)geteuid())); - if (uid > 32000) { + (int)uid,(int)getuid(), (int)geteuid())); + if (uid > (uid_t)32000) { DEBUG(0,("Looks like your OS doesn't like high uid values - try using a different account\n")); } return(False); } - if (((uid == -1) || (uid == 65535)) && geteuid() != uid) { + if (((uid == (uid_t)-1) || ((sizeof(uid_t) == 2) && (uid == 65535))) && (geteuid() != uid)) { DEBUG(0,("Invalid uid -1. perhaps you have a account with uid 65535?\n")); return(False); } @@ -117,13 +116,13 @@ static BOOL become_uid(int uid) /**************************************************************************** become the specified gid ****************************************************************************/ -static BOOL become_gid(int gid) +static BOOL become_gid(gid_t gid) { if (initial_uid != 0) return(True); - if (gid == -1 || gid == 65535) { - DEBUG(1,("WARNING: using gid %d is a security risk\n",gid)); + if (gid == (gid_t)-1 || ((sizeof(gid_t) == 2) && (gid == (gid_t)65535))) { + DEBUG(1,("WARNING: using gid %d is a security risk\n",(int)gid)); } #ifdef HAVE_SETRESUID @@ -133,7 +132,7 @@ static BOOL become_gid(int gid) #endif { DEBUG(0,("Couldn't set gid %d currently set to (%d,%d)\n", - gid,(int)getgid(),(int)getegid())); + (int)gid,(int)getgid(),(int)getegid())); if (gid > 32000) { DEBUG(0,("Looks like your OS doesn't like high gid values - try using a different account\n")); } @@ -149,7 +148,7 @@ static BOOL become_gid(int gid) /**************************************************************************** become the specified uid and gid ****************************************************************************/ -static BOOL become_id(int uid,int gid) +static BOOL become_id(uid_t uid,gid_t gid) { return(become_gid(gid) && become_uid(uid)); } @@ -213,8 +212,9 @@ static BOOL check_user_ok(connection_struct *conn, user_struct *vuser,int snum) BOOL become_user(connection_struct *conn, uint16 vuid) { user_struct *vuser = get_valid_user_struct(vuid); - int snum,gid; - int uid; + int snum; + gid_t gid; + uid_t uid; /* * We need a separate check in security=share mode due to vuid |