summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/acconfig.h2
-rwxr-xr-xsource3/configure111
-rw-r--r--source3/configure.in5
-rw-r--r--source3/include/config.h.in1
-rw-r--r--source3/include/includes.h6
-rw-r--r--source3/include/proto.h5
-rw-r--r--source3/include/smb.h15
-rw-r--r--source3/lib/util.c14
-rw-r--r--source3/smbd/password.c108
-rw-r--r--source3/smbd/server.c12
-rw-r--r--source3/smbd/uid.c2
-rw-r--r--source3/tests/getgroups.c62
12 files changed, 196 insertions, 147 deletions
diff --git a/source3/acconfig.h b/source3/acconfig.h
index 6ae9f1b73d..411ce38955 100644
--- a/source3/acconfig.h
+++ b/source3/acconfig.h
@@ -47,3 +47,5 @@
#undef WITH_NISPLUS
#undef WITH_AUTOMOUNT
#undef HAVE_PAM_AUTHENTICATE
+#undef HAVE_BROKEN_GETGROUPS
+
diff --git a/source3/configure b/source3/configure
index ef237b77a9..7d01e478c1 100755
--- a/source3/configure
+++ b/source3/configure
@@ -3692,17 +3692,42 @@ fi
fi
+echo $ac_n "checking for broken getgroups ... $ac_c"
+if test "$cross_compiling" = yes; then
+ { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
+else
+ cat > conftest.$ac_ext <<EOF
+#line 3701 "configure"
+#include "confdefs.h"
+#include "tests/getgroups.c"
+EOF
+if { (eval echo configure:3705: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+then
+ echo yes;cat >> confdefs.h <<\EOF
+#define HAVE_BROKEN_GETGROUPS 1
+EOF
+
+else
+ echo "configure: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ rm -fr conftest*
+ echo no
+fi
+rm -fr conftest*
+fi
+
+
echo $ac_n "checking for root ... $ac_c"
if test "$cross_compiling" = yes; then
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 3702 "configure"
+#line 3727 "configure"
#include "confdefs.h"
main() { exit(getuid() != 0); }
EOF
-if { (eval echo configure:3706: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:3731: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
echo yes;cat >> confdefs.h <<\EOF
#define HAVE_ROOT 1
@@ -3724,14 +3749,14 @@ if test "$cross_compiling" = yes; then
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 3728 "configure"
+#line 3753 "configure"
#include "confdefs.h"
#define HAVE_NETMASK_IFCONF 1
#define AUTOCONF 1
#include "netmask.c"
EOF
-if { (eval echo configure:3735: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:3760: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
echo yes;netmask=yes;cat >> confdefs.h <<\EOF
#define HAVE_NETMASK_IFCONF 1
@@ -3753,14 +3778,14 @@ if test "$cross_compiling" = yes; then
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 3757 "configure"
+#line 3782 "configure"
#include "confdefs.h"
#define HAVE_NETMASK_IFREQ 1
#define AUTOCONF 1
#include "netmask.c"
EOF
-if { (eval echo configure:3764: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:3789: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
echo yes;netmask=yes;cat >> confdefs.h <<\EOF
#define HAVE_NETMASK_IFREQ 1
@@ -3783,14 +3808,14 @@ if test "$cross_compiling" = yes; then
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 3787 "configure"
+#line 3812 "configure"
#include "confdefs.h"
#define HAVE_NETMASK_AIX 1
#define AUTOCONF 1
#include "netmask.c"
EOF
-if { (eval echo configure:3794: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:3819: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
echo yes;netmask=yes;cat >> confdefs.h <<\EOF
#define HAVE_NETMASK_AIX 1
@@ -3812,11 +3837,11 @@ if test "$cross_compiling" = yes; then
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 3816 "configure"
+#line 3841 "configure"
#include "confdefs.h"
#include "tests/trapdoor.c"
EOF
-if { (eval echo configure:3820: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:3845: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
echo no
else
@@ -3837,11 +3862,11 @@ if test "$cross_compiling" = yes; then
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 3841 "configure"
+#line 3866 "configure"
#include "confdefs.h"
#include "tests/shared_mmap.c"
EOF
-if { (eval echo configure:3845: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:3870: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
echo yes;cat >> confdefs.h <<\EOF
#define HAVE_SHARED_MMAP 1
@@ -3862,11 +3887,11 @@ if test "$cross_compiling" = yes; then
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 3866 "configure"
+#line 3891 "configure"
#include "confdefs.h"
#include "tests/fcntl_lock.c"
EOF
-if { (eval echo configure:3870: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:3895: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
echo yes;cat >> confdefs.h <<\EOF
#define HAVE_FCNTL_LOCK 1
@@ -3887,11 +3912,11 @@ if test "$cross_compiling" = yes; then
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 3891 "configure"
+#line 3916 "configure"
#include "confdefs.h"
#include "tests/sysv_ipc.c"
EOF
-if { (eval echo configure:3895: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:3920: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
echo yes;cat >> confdefs.h <<\EOF
#define HAVE_SYSV_IPC 1
@@ -3910,7 +3935,7 @@ fi
#################################################
# check for the AFS filesystem
echo $ac_n "checking whether to use AFS""... $ac_c" 1>&6
-echo "configure:3914: checking whether to use AFS" >&5
+echo "configure:3939: checking whether to use AFS" >&5
# Check whether --with-afs or --without-afs was given.
if test "${with_afs+set}" = set; then
withval="$with_afs"
@@ -3936,7 +3961,7 @@ fi
#################################################
# check for the DFS auth system
echo $ac_n "checking whether to use DFS auth""... $ac_c" 1>&6
-echo "configure:3940: checking whether to use DFS auth" >&5
+echo "configure:3965: checking whether to use DFS auth" >&5
# Check whether --with-dfs or --without-dfs was given.
if test "${with_dfs+set}" = set; then
withval="$with_dfs"
@@ -3961,7 +3986,7 @@ fi
#################################################
# check for automount support
echo $ac_n "checking whether to use AUTOMOUNT""... $ac_c" 1>&6
-echo "configure:3965: checking whether to use AUTOMOUNT" >&5
+echo "configure:3990: checking whether to use AUTOMOUNT" >&5
# Check whether --with-automount or --without-automount was given.
if test "${with_automount+set}" = set; then
withval="$with_automount"
@@ -3986,7 +4011,7 @@ fi
#################################################
# check for a LDAP password database
echo $ac_n "checking whether to use LDAP password database""... $ac_c" 1>&6
-echo "configure:3990: checking whether to use LDAP password database" >&5
+echo "configure:4015: checking whether to use LDAP password database" >&5
# Check whether --with-ldap or --without-ldap was given.
if test "${with_ldap+set}" = set; then
withval="$with_ldap"
@@ -4011,7 +4036,7 @@ fi
#################################################
# check for a NISPLUS password database
echo $ac_n "checking whether to use NISPLUS password database""... $ac_c" 1>&6
-echo "configure:4015: checking whether to use NISPLUS password database" >&5
+echo "configure:4040: checking whether to use NISPLUS password database" >&5
# Check whether --with-nisplus or --without-nisplus was given.
if test "${with_nisplus+set}" = set; then
withval="$with_nisplus"
@@ -4036,7 +4061,7 @@ fi
#################################################
# check for the secure socket layer
echo $ac_n "checking whether to use SSL""... $ac_c" 1>&6
-echo "configure:4040: checking whether to use SSL" >&5
+echo "configure:4065: checking whether to use SSL" >&5
# Check whether --with-ssl or --without-ssl was given.
if test "${with_ssl+set}" = set; then
withval="$with_ssl"
@@ -4061,7 +4086,7 @@ fi
#################################################
# check for experimental mmap support
echo $ac_n "checking whether to use MMAP""... $ac_c" 1>&6
-echo "configure:4065: checking whether to use MMAP" >&5
+echo "configure:4090: checking whether to use MMAP" >&5
# Check whether --with-mmap or --without-mmap was given.
if test "${with_mmap+set}" = set; then
withval="$with_mmap"
@@ -4086,7 +4111,7 @@ fi
#################################################
# check for syslog logging
echo $ac_n "checking whether to use syslog logging""... $ac_c" 1>&6
-echo "configure:4090: checking whether to use syslog logging" >&5
+echo "configure:4115: checking whether to use syslog logging" >&5
# Check whether --with-syslog or --without-syslog was given.
if test "${with_syslog+set}" = set; then
withval="$with_syslog"
@@ -4112,7 +4137,7 @@ fi
#################################################
# these tests are taken from the GNU fileutils package
echo "checking how to get filesystem space usage" 1>&6
-echo "configure:4116: checking how to get filesystem space usage" >&5
+echo "configure:4141: checking how to get filesystem space usage" >&5
space=no
# Perform only the link test since it seems there are no variants of the
@@ -4124,12 +4149,12 @@ space=no
if test $space = no; then
# SVR4
echo $ac_n "checking statvfs function (SVR4)""... $ac_c" 1>&6
-echo "configure:4128: checking statvfs function (SVR4)" >&5
+echo "configure:4153: checking statvfs function (SVR4)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4133 "configure"
+#line 4158 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statvfs.h>
@@ -4137,7 +4162,7 @@ int main() {
struct statvfs fsd; statvfs (0, &fsd);
; return 0; }
EOF
-if { (eval echo configure:4141: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:4166: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
fu_cv_sys_stat_statvfs=yes
else
@@ -4162,7 +4187,7 @@ fi
if test $space = no; then
# DEC Alpha running OSF/1
echo $ac_n "checking for 3-argument statfs function (DEC OSF/1)""... $ac_c" 1>&6
-echo "configure:4166: checking for 3-argument statfs function (DEC OSF/1)" >&5
+echo "configure:4191: checking for 3-argument statfs function (DEC OSF/1)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs3_osf1'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4170,7 +4195,7 @@ else
fu_cv_sys_stat_statfs3_osf1=no
else
cat > conftest.$ac_ext <<EOF
-#line 4174 "configure"
+#line 4199 "configure"
#include "confdefs.h"
#include <sys/param.h>
@@ -4183,7 +4208,7 @@ else
exit (statfs (".", &fsd, sizeof (struct statfs)));
}
EOF
-if { (eval echo configure:4187: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:4212: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs3_osf1=yes
else
@@ -4210,7 +4235,7 @@ fi
if test $space = no; then
# AIX
echo $ac_n "checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)""... $ac_c" 1>&6
-echo "configure:4214: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
+echo "configure:4239: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_bsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4218,7 +4243,7 @@ else
fu_cv_sys_stat_statfs2_bsize=no
else
cat > conftest.$ac_ext <<EOF
-#line 4222 "configure"
+#line 4247 "configure"
#include "confdefs.h"
#ifdef HAVE_SYS_PARAM_H
@@ -4237,7 +4262,7 @@ else
exit (statfs (".", &fsd));
}
EOF
-if { (eval echo configure:4241: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:4266: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_bsize=yes
else
@@ -4264,7 +4289,7 @@ fi
if test $space = no; then
# SVR3
echo $ac_n "checking for four-argument statfs (AIX-3.2.5, SVR3)""... $ac_c" 1>&6
-echo "configure:4268: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
+echo "configure:4293: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs4'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4272,7 +4297,7 @@ else
fu_cv_sys_stat_statfs4=no
else
cat > conftest.$ac_ext <<EOF
-#line 4276 "configure"
+#line 4301 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statfs.h>
@@ -4282,7 +4307,7 @@ else
exit (statfs (".", &fsd, sizeof fsd, 0));
}
EOF
-if { (eval echo configure:4286: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:4311: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs4=yes
else
@@ -4309,7 +4334,7 @@ fi
if test $space = no; then
# 4.4BSD and NetBSD
echo $ac_n "checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)""... $ac_c" 1>&6
-echo "configure:4313: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
+echo "configure:4338: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_fsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4317,7 +4342,7 @@ else
fu_cv_sys_stat_statfs2_fsize=no
else
cat > conftest.$ac_ext <<EOF
-#line 4321 "configure"
+#line 4346 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
@@ -4333,7 +4358,7 @@ else
exit (statfs (".", &fsd));
}
EOF
-if { (eval echo configure:4337: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:4362: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_fsize=yes
else
@@ -4360,7 +4385,7 @@ fi
if test $space = no; then
# Ultrix
echo $ac_n "checking for two-argument statfs with struct fs_data (Ultrix)""... $ac_c" 1>&6
-echo "configure:4364: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
+echo "configure:4389: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_fs_data'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4368,7 +4393,7 @@ else
fu_cv_sys_stat_fs_data=no
else
cat > conftest.$ac_ext <<EOF
-#line 4372 "configure"
+#line 4397 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
@@ -4388,7 +4413,7 @@ else
exit (statfs (".", &fsd) != 1);
}
EOF
-if { (eval echo configure:4392: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:4417: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_fs_data=yes
else
diff --git a/source3/configure.in b/source3/configure.in
index 883085b3e1..5cdc3425d6 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -211,6 +211,11 @@ if test "$ac_cv_lib_socket_connect" = "yes" ||
AC_DEFINE(HAVE_CONNECT)
fi])
+echo $ac_n "checking for broken getgroups ... $ac_c"
+AC_TRY_RUN([#include "tests/getgroups.c"],
+ echo yes;AC_DEFINE(HAVE_BROKEN_GETGROUPS),
+ echo no)
+
echo $ac_n "checking for root ... $ac_c"
AC_TRY_RUN([main() { exit(getuid() != 0); }],
diff --git a/source3/include/config.h.in b/source3/include/config.h.in
index 3bc3e95e4f..dbbd5431a2 100644
--- a/source3/include/config.h.in
+++ b/source3/include/config.h.in
@@ -104,6 +104,7 @@
#undef WITH_NISPLUS
#undef WITH_AUTOMOUNT
#undef HAVE_PAM_AUTHENTICATE
+#undef HAVE_BROKEN_GETGROUPS
/* The number of bytes in a int. */
#undef SIZEOF_INT
diff --git a/source3/include/includes.h b/source3/include/includes.h
index b63787fd5e..2a420f76ed 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -287,6 +287,12 @@ extern char *sys_errlist[];
extern int errno;
#endif
+#ifdef HAVE_BROKEN_GETGROUPS
+#define GID_T int
+#else
+#define GID_T gid_t
+#endif
+
/* Lists, trees, caching, datbase... */
#include "ubi_sLinkList.h"
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 523d7c9615..c8c0cc8145 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1661,8 +1661,7 @@ BOOL last_challenge(unsigned char *challenge);
user_struct *get_valid_user_struct(uint16 vuid);
void invalidate_vuid(uint16 vuid);
char *validated_username(uint16 vuid);
-int setup_groups(char *user, int uid, int gid, int *p_ngroups,
- int **p_igroups, gid_t **p_groups);
+int setup_groups(char *user, int uid, int gid, int *p_ngroups, GID_T **p_groups);
uint16 register_vuid(int uid,int gid, char *unix_name, char *requested_name, BOOL guest);
void add_session_user(char *user);
BOOL update_smbpassword_file( char *user, fstring password);
@@ -1984,7 +1983,7 @@ void *mem_dup( void *from, int size );
void array_promote(char *array,int elsize,int element);
void set_socket_options(int fd, char *options);
void close_sockets(void );
-BOOL in_group(gid_t group, int current_gid, int ngroups, int *groups);
+BOOL in_group(gid_t group, int current_gid, int ngroups, GID_T *groups);
char *StrCpy(char *dest,char *src);
char *StrnCpy(char *dest,char *src,int n);
void putip(void *dest,void *src);
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 1c37aab7e2..8d846d4531 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -386,11 +386,10 @@ struct cli_state {
struct current_user
{
- int cnum, vuid;
- int uid, gid;
- int ngroups;
- gid_t *groups;
- int *igroups;
+ int cnum, vuid;
+ int uid, gid;
+ int ngroups;
+ GID_T *groups;
};
typedef struct
@@ -500,8 +499,7 @@ typedef struct
/* This groups info is valid for the user that *opened* the connection */
int ngroups;
- gid_t *groups;
- int *igroups; /* an integer version - some OSes are broken :-( */
+ GID_T *groups;
time_t lastused;
BOOL used;
@@ -537,8 +535,7 @@ typedef struct
/* following groups stuff added by ih */
/* This groups info is needed for when we become_user() for this uid */
int n_groups;
- gid_t *groups;
- int *igroups; /* an integer version - some OSes are broken :-( */
+ GID_T *groups;
int n_sids;
int *sids;
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 8d1f619318..35fb80be09 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -635,17 +635,17 @@ void close_sockets(void )
/****************************************************************************
determine whether we are in the specified group
****************************************************************************/
-BOOL in_group(gid_t group, int current_gid, int ngroups, int *groups)
+BOOL in_group(gid_t group, int current_gid, int ngroups, GID_T *groups)
{
- int i;
+ int i;
- if (group == current_gid) return(True);
+ if (group == current_gid) return(True);
- for (i=0;i<ngroups;i++)
- if (group == groups[i])
- return(True);
+ for (i=0;i<ngroups;i++)
+ if (group == groups[i])
+ return(True);
- return(False);
+ return(False);
}
/****************************************************************************
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index aae398dbda..0f8e33940f 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -137,14 +137,11 @@ void invalidate_vuid(uint16 vuid)
/* same number of igroups as groups */
vuser->n_groups = 0;
- if (vuser->groups && (vuser->groups != (gid_t *)vuser->igroups))
- free(vuser->groups);
+ if (vuser->groups) free(vuser->groups);
- if (vuser->igroups) free(vuser->igroups);
- if (vuser->sids ) free(vuser->sids);
+ if (vuser->sids) free(vuser->sids);
vuser->sids = NULL;
- vuser->igroups = NULL;
vuser->groups = NULL;
}
@@ -164,78 +161,41 @@ char *validated_username(uint16 vuid)
/****************************************************************************
Setup the groups a user belongs to.
****************************************************************************/
-int setup_groups(char *user, int uid, int gid, int *p_ngroups,
- int **p_igroups, gid_t **p_groups)
+int setup_groups(char *user, int uid, int gid, int *p_ngroups, GID_T **p_groups)
{
- if (-1 == initgroups(user,gid))
- {
- if (getuid() == 0)
- {
- DEBUG(0,("Unable to initgroups!\n"));
- if (gid < 0 || gid > 16000 || uid < 0 || uid > 16000)
- DEBUG(0,("This is probably a problem with the account %s\n",user));
+ int i,ngroups;
+ GID_T *groups;
+ GID_T grp = 0;
+
+ if (-1 == initgroups(user,gid)) {
+ if (getuid() == 0) {
+ DEBUG(0,("Unable to initgroups!\n"));
+ if (gid < 0 || gid > 16000 || uid < 0 || uid > 16000) {
+ DEBUG(0,("This is probably a problem with the account %s\n",
+ user));
+ }
+ }
+ return -1;
}
- }
- else
- {
- int i,ngroups;
- int *igroups;
- gid_t grp = 0;
- ngroups = getgroups(0,&grp);
- if (ngroups <= 0)
- ngroups = 32;
- igroups = (int *)malloc(sizeof(int)*ngroups);
- for (i=0;i<ngroups;i++)
- igroups[i] = 0x42424242;
- ngroups = getgroups(ngroups,(gid_t *)igroups);
-
- if (igroups[0] == 0x42424242)
- ngroups = 0;
-
- *p_ngroups = ngroups;
-
- /* The following bit of code is very strange. It is due to the
- fact that some OSes use int* and some use gid_t* for
- getgroups, and some (like SunOS) use both, one in prototypes,
- and one in man pages and the actual code. Thus we detect it
- dynamically using some very ugly code */
- if (ngroups > 0)
- {
- /* does getgroups return ints or gid_t ?? */
- static BOOL groups_use_ints = True;
- if (groups_use_ints &&
- ngroups == 1 &&
- SVAL(igroups,2) == 0x4242)
- groups_use_ints = False;
-
- for (i=0;groups_use_ints && i<ngroups;i++)
- if (igroups[i] == 0x42424242)
- groups_use_ints = False;
-
- if (groups_use_ints)
- {
- *p_igroups = igroups;
- *p_groups = (gid_t *)igroups;
- }
- else
- {
- gid_t *groups = (gid_t *)igroups;
- igroups = (int *)malloc(sizeof(int)*ngroups);
- for (i=0;i<ngroups;i++)
- {
- igroups[i] = groups[i];
- }
- *p_igroups = igroups;
- *p_groups = (gid_t *)groups;
- }
+ ngroups = getgroups(0,&grp);
+ if (ngroups <= 0) ngroups = 32;
+
+ groups = (GID_T *)malloc(sizeof(groups[0])*ngroups);
+
+ ngroups = getgroups(ngroups,(gid_t *)groups);
+
+ (*p_ngroups) = ngroups;
+
+ (*p_groups) = groups;
+
+ DEBUG(3,("%s is in %d groups\n",user,ngroups));
+ for (i=0;i<ngroups;i++) {
+ DEBUG(3,("%d ",(int)groups[i]));
}
- DEBUG(3,("%s is in %d groups\n",user,ngroups));
- for (i=0;i<ngroups;i++)
- DEBUG(3,("%d ",igroups[i]));
- DEBUG(3,("\n"));
- }
- return 0;
+ DEBUG(3,("\n"));
+
+ return 0;
}
@@ -299,13 +259,11 @@ uint16 register_vuid(int uid,int gid, char *unix_name, char *requested_name, BOO
vuser->n_groups = 0;
vuser->groups = NULL;
- vuser->igroups = NULL;
/* Find all the groups this uid is in and store them.
Used by become_user() */
setup_groups(unix_name,uid,gid,
&vuser->n_groups,
- &vuser->igroups,
&vuser->groups);
DEBUG(3,("uid %d registered to name %s\n",uid,unix_name));
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 3469e45732..8eee0209b6 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -206,7 +206,7 @@ int dos_mode(int cnum,char *path,struct stat *sbuf)
((sbuf->st_mode & S_IWUSR) && current_user.uid==sbuf->st_uid) ||
((sbuf->st_mode & S_IWGRP) &&
in_group(sbuf->st_gid,current_user.gid,
- current_user.ngroups,current_user.igroups))))
+ current_user.ngroups,current_user.groups))))
result |= aRONLY;
} else {
if ((sbuf->st_mode & S_IWUSR) == 0)
@@ -356,7 +356,7 @@ int file_utime(int cnum, char *fname, struct utimbuf *times)
((sb.st_mode & S_IWUSR) && current_user.uid==sb.st_uid) ||
((sb.st_mode & S_IWGRP) &&
in_group(sb.st_gid,current_user.gid,
- current_user.ngroups,current_user.igroups)))) {
+ current_user.ngroups,current_user.groups)))) {
/* We are allowed to become root and change the filetime. */
become_root(False);
ret = sys_utime(fname, times);
@@ -3567,14 +3567,13 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de
/* groups stuff added by ih */
pcon->ngroups = 0;
- pcon->igroups = NULL;
pcon->groups = NULL;
if (!IS_IPC(cnum))
{
/* Find all the groups this uid is in and store them. Used by become_user() */
setup_groups(pcon->user,pcon->uid,pcon->gid,
- &pcon->ngroups,&pcon->igroups,&pcon->groups);
+ &pcon->ngroups,&pcon->groups);
/* check number of connections */
if (!claim_connection(cnum,
@@ -4267,11 +4266,8 @@ void close_cnum(int cnum, uint16 vuid)
num_connections_open--;
if (Connections[cnum].ngroups && Connections[cnum].groups)
{
- if (Connections[cnum].igroups != (int *)Connections[cnum].groups)
- free(Connections[cnum].groups);
- free(Connections[cnum].igroups);
+ free(Connections[cnum].groups);
Connections[cnum].groups = NULL;
- Connections[cnum].igroups = NULL;
Connections[cnum].ngroups = 0;
}
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index a8e0bf0d03..173fdaca03 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -242,7 +242,6 @@ BOOL become_user(connection_struct *conn, int cnum, uint16 vuid)
uid = conn->uid;
gid = conn->gid;
current_user.groups = conn->groups;
- current_user.igroups = conn->igroups;
current_user.ngroups = conn->ngroups;
}
else
@@ -258,7 +257,6 @@ BOOL become_user(connection_struct *conn, int cnum, uint16 vuid)
gid = conn->gid;
current_user.ngroups = vuser->n_groups;
current_user.groups = vuser->groups;
- current_user.igroups = vuser->igroups;
}
if (initial_uid == 0)
diff --git a/source3/tests/getgroups.c b/source3/tests/getgroups.c
new file mode 100644
index 0000000000..37990e010b
--- /dev/null
+++ b/source3/tests/getgroups.c
@@ -0,0 +1,62 @@
+/* this tests whether getgroups actually returns lists of integers
+ rather than gid_t. The test only works if the user running
+ the test is in at least 1 group
+
+ The test is designed to check for those broken OSes that define
+ getgroups() as returning an array of gid_t but actually return a
+ array of ints! Ultrix is one culprit
+ */
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <grp.h>
+
+main()
+{
+ int i;
+ int *igroups;
+ char *cgroups;
+ int grp = 0;
+ int ngroups = getgroups(0,&grp);
+
+ if (sizeof(gid_t) == sizeof(int)) {
+ fprintf(stderr,"gid_t and int are the same size\n");
+ exit(1);
+ }
+
+ if (ngroups <= 0)
+ ngroups = 32;
+
+ igroups = (int *)malloc(sizeof(int)*ngroups);
+
+ for (i=0;i<ngroups;i++)
+ igroups[i] = 0x42424242;
+
+ ngroups = getgroups(ngroups,(gid_t *)igroups);
+
+ if (igroups[0] == 0x42424242)
+ ngroups = 0;
+
+ if (ngroups == 0) {
+ printf("WARNING: can't determine getgroups return type\n");
+ exit(1);
+ }
+
+ cgroups = (char *)igroups;
+
+ if (ngroups == 1 &&
+ cgroups[2] == 0x42 && cgroups[3] == 0x42) {
+ fprintf(stderr,"getgroups returns gid_t\n");
+ exit(1);
+ }
+
+ for (i=0;i<ngroups;i++) {
+ if (igroups[i] == 0x42424242) {
+ fprintf(stderr,"getgroups returns gid_t\n");
+ exit(1);
+ }
+ }
+
+ exit(0);
+}