X-Git-Url: http://git.samba.org/samba.git/?p=tprouty%2Fsamba.git;a=blobdiff_plain;f=source%2Fnsswitch%2Fwb_common.c;h=6e6d2bbbf84d4f90fc18819dff9708c27ce2de00;hp=2ae85dcb1ebb68ebdb0c6434645b101ac6c2e40c;hb=c1df51abdf366caf3cde84b1399d05abdc36133b;hpb=93bdd2724cc711005a5f2f223b499199394e78e7 diff --git a/source/nsswitch/wb_common.c b/source/nsswitch/wb_common.c index 2ae85dcb1e..6e6d2bbbf8 100644 --- a/source/nsswitch/wb_common.c +++ b/source/nsswitch/wb_common.c @@ -168,54 +168,55 @@ static int winbind_named_pipe_sock(const char *dir) { struct sockaddr_un sunaddr; struct stat st; - pstring path; + char *path = NULL; int fd; int wait_time; int slept; - + /* Check permissions on unix socket directory */ - + if (lstat(dir, &st) == -1) { + errno = ENOENT; return -1; } - - if (!S_ISDIR(st.st_mode) || + + if (!S_ISDIR(st.st_mode) || (st.st_uid != 0 && st.st_uid != geteuid())) { + errno = ENOENT; return -1; } - + /* Connect to socket */ - - strncpy(path, dir, sizeof(path) - 1); - path[sizeof(path) - 1] = '\0'; - - strncat(path, "/", sizeof(path) - 1 - strlen(path)); - path[sizeof(path) - 1] = '\0'; - - strncat(path, WINBINDD_SOCKET_NAME, sizeof(path) - 1 - strlen(path)); - path[sizeof(path) - 1] = '\0'; - + + if (asprintf(&path, "%s/%s", dir, WINBINDD_SOCKET_NAME) < 0) { + return -1; + } + ZERO_STRUCT(sunaddr); sunaddr.sun_family = AF_UNIX; strncpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path) - 1); - + /* If socket file doesn't exist, don't bother trying to connect with retry. This is an attempt to make the system usable when the winbindd daemon is not running. */ if (lstat(path, &st) == -1) { + errno = ENOENT; + SAFE_FREE(path); return -1; } - + + SAFE_FREE(path); /* Check permissions on unix socket file */ - - if (!S_ISSOCK(st.st_mode) || + + if (!S_ISSOCK(st.st_mode) || (st.st_uid != 0 && st.st_uid != geteuid())) { + errno = ENOENT; return -1; } - + /* Connect to socket */ - + if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) { return -1; } @@ -371,6 +372,7 @@ int winbind_write_sock(void *buffer, int count, int recursing, int need_priv) restart: if (winbind_open_pipe_sock(recursing, need_priv) == -1) { + errno = ENOENT; return -1; } @@ -541,18 +543,6 @@ int winbindd_read_reply(struct winbindd_response *response) return result1 + result2; } -bool winbind_env_set(void) -{ - char *env; - - if ((env=getenv(WINBINDD_DONT_ENV)) != NULL) { - if(strcmp(env, "1") == 0) { - return true; - } - } - return false; -} - /* * send simple types of requests */ @@ -579,7 +569,11 @@ NSS_STATUS winbindd_send_request(int req_type, int need_priv, if (winbind_write_sock(request, sizeof(*request), request->wb_flags & WBFLAG_RECURSE, - need_priv) == -1) { + need_priv) == -1) + { + /* Set ENOENT for consistency. Required by some apps */ + errno = ENOENT; + return NSS_STATUS_UNAVAIL; } @@ -587,7 +581,11 @@ NSS_STATUS winbindd_send_request(int req_type, int need_priv, (winbind_write_sock(request->extra_data.data, request->extra_len, request->wb_flags & WBFLAG_RECURSE, - need_priv) == -1)) { + need_priv) == -1)) + { + /* Set ENOENT for consistency. Required by some apps */ + errno = ENOENT; + return NSS_STATUS_UNAVAIL; } @@ -611,6 +609,9 @@ NSS_STATUS winbindd_get_response(struct winbindd_response *response) /* Wait for reply */ if (winbindd_read_reply(response) == -1) { + /* Set ENOENT for consistency. Required by some apps */ + errno = ENOENT; + return NSS_STATUS_UNAVAIL; } @@ -665,21 +666,6 @@ NSS_STATUS winbindd_priv_request_response(int req_type, return status; } -/************************************************************************* - A couple of simple functions to disable winbindd lookups and re- - enable them - ************************************************************************/ - -bool winbind_off(void) -{ - return setenv(WINBINDD_DONT_ENV, "1", 1) != -1; -} - -bool winbind_on(void) -{ - return setenv(WINBINDD_DONT_ENV, "0", 1) != -1; -} - /************************************************************************* ************************************************************************/