From 7bd1888cdf95b0e32fe1a2993d7bcb2b16e475b1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 19 Sep 2005 18:49:18 +0000 Subject: r10321: Fix winbindd recursion bug found by Ingo Steuwer . Jeremy. (This used to be commit 6795c818a3d63737d5b40faffa3a0b91c71b427b) --- source3/nsswitch/pam_winbind.c | 2 +- source3/nsswitch/wb_common.c | 14 ++++++++++---- source3/nsswitch/winbind_client.h | 3 +-- source3/nsswitch/winbindd_nss.h | 2 ++ 4 files changed, 14 insertions(+), 7 deletions(-) (limited to 'source3/nsswitch') diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c index 8d4f59101c..a87ccb4972 100644 --- a/source3/nsswitch/pam_winbind.c +++ b/source3/nsswitch/pam_winbind.c @@ -106,7 +106,7 @@ static int pam_winbind_request(enum winbindd_cmd req_type, /* Fill in request and send down pipe */ init_request(request, req_type); - if (write_sock(request, sizeof(*request)) == -1) { + if (write_sock(request, sizeof(*request), 0) == -1) { _pam_log(LOG_ERR, "write to socket failed!"); close_sock(); return PAM_SERVICE_ERR; diff --git a/source3/nsswitch/wb_common.c b/source3/nsswitch/wb_common.c index 5ed0b9161e..6d09666525 100644 --- a/source3/nsswitch/wb_common.c +++ b/source3/nsswitch/wb_common.c @@ -284,7 +284,7 @@ static int winbind_named_pipe_sock(const char *dir) /* Connect to winbindd socket */ -int winbind_open_pipe_sock(void) +static int winbind_open_pipe_sock(int recursing) { #ifdef HAVE_UNIXSOCKET static pid_t our_pid; @@ -302,12 +302,17 @@ int winbind_open_pipe_sock(void) return winbindd_fd; } + if (recursing) { + return -1; + } + if ((winbindd_fd = winbind_named_pipe_sock(WINBINDD_SOCKET_DIR)) == -1) { return -1; } /* version-check the socket */ + request.flags = WBFLAG_RECURSE; if ((winbindd_request_response(WINBINDD_INTERFACE_VERSION, &request, &response) != NSS_STATUS_SUCCESS) || (response.data.interface_version != WINBIND_INTERFACE_VERSION)) { close_sock(); return -1; @@ -315,6 +320,7 @@ int winbind_open_pipe_sock(void) /* try and get priv pipe */ + request.flags = WBFLAG_RECURSE; if (winbindd_request_response(WINBINDD_PRIV_PIPE_DIR, &request, &response) == NSS_STATUS_SUCCESS) { int fd; if ((fd = winbind_named_pipe_sock(response.extra_data)) != -1) { @@ -333,7 +339,7 @@ int winbind_open_pipe_sock(void) /* Write data to winbindd socket */ -int write_sock(void *buffer, int count) +int write_sock(void *buffer, int count, int recursing) { int result, nwritten; @@ -341,7 +347,7 @@ int write_sock(void *buffer, int count) restart: - if (winbind_open_pipe_sock() == -1) { + if (winbind_open_pipe_sock(recursing) == -1) { return -1; } @@ -534,7 +540,7 @@ NSS_STATUS winbindd_send_request(int req_type, struct winbindd_request *request) init_request(request, req_type); - if (write_sock(request, sizeof(*request)) == -1) { + if (write_sock(request, sizeof(*request), request->flags & WBFLAG_RECURSE) == -1) { return NSS_STATUS_UNAVAIL; } diff --git a/source3/nsswitch/winbind_client.h b/source3/nsswitch/winbind_client.h index ec20cd78ef..1d3d379af0 100644 --- a/source3/nsswitch/winbind_client.h +++ b/source3/nsswitch/winbind_client.h @@ -8,8 +8,7 @@ NSS_STATUS winbindd_get_response(struct winbindd_response *response); NSS_STATUS winbindd_request_response(int req_type, struct winbindd_request *request, struct winbindd_response *response); -int winbind_open_pipe_sock(void); -int write_sock(void *buffer, int count); +int write_sock(void *buffer, int count, int recursing); int read_reply(struct winbindd_response *response); void close_sock(void); void free_response(struct winbindd_response *response); diff --git a/source3/nsswitch/winbindd_nss.h b/source3/nsswitch/winbindd_nss.h index cf0fae74a0..d012811d37 100644 --- a/source3/nsswitch/winbindd_nss.h +++ b/source3/nsswitch/winbindd_nss.h @@ -172,6 +172,8 @@ typedef struct winbindd_gr { /* This is a flag that can only be sent from parent to child */ #define WBFLAG_IS_PRIVILEGED 0x0400 +/* Flag to say this is a winbindd internal send - don't recurse. */ +#define WBFLAG_RECURSE 0x0800 /* Winbind request structure */ -- cgit