> r21878: Fix a bug with smbd serving a windows terminal server: If winbind
> decides smbd to be idle it might happen that smbd needs to do a winbind
> operation (for example sid2name) as non-root. This then fails to get the
> privileged pipe. When later on on the same connection another authentication
> request comes in, we try to do the CRAP auth via the non-privileged pipe.
>
> This adds a winbindd_priv_request_response() request that kills the existing
> winbind pipe connection if it's not privileged.
The fix for this was lost during the conversion to libwbclient.
Thanks to Ira Cooper <samba@ira.wakeful.net> for pointing this out!
Volker
Fix bug #7357.
(cherry picked from commit
5c5e646ab3546aae4660b6598a6c89c66c3b4687)
/* Make request */
- wbc_status = wbcRequestResponse(WINBINDD_ALLOCATE_UID,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_ALLOCATE_UID,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
/* Copy out result */
/* Make request */
- wbc_status = wbcRequestResponse(WINBINDD_ALLOCATE_GID,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_ALLOCATE_GID,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
/* Copy out result */
sizeof(request.data.dual_idmapset.sid)-1);
wbcFreeMemory(sid_string);
- wbc_status = wbcRequestResponse(WINBINDD_SET_MAPPING,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_SET_MAPPING,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
done:
sizeof(request.data.dual_idmapset.sid)-1);
wbcFreeMemory(sid_string);
- wbc_status = wbcRequestResponse(WINBINDD_SET_MAPPING,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_SET_MAPPING,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
done:
sizeof(request.data.dual_idmapset.sid)-1);
wbcFreeMemory(sid_string);
- wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_REMOVE_MAPPING,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
done:
sizeof(request.data.dual_idmapset.sid)-1);
wbcFreeMemory(sid_string);
- wbc_status = wbcRequestResponse(WINBINDD_REMOVE_MAPPING,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_REMOVE_MAPPING,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
done:
request.data.dual_idmapset.id = uid_hwm;
request.data.dual_idmapset.type = _ID_TYPE_UID;
- wbc_status = wbcRequestResponse(WINBINDD_SET_HWM,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_SET_HWM,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
done:
request.data.dual_idmapset.id = gid_hwm;
request.data.dual_idmapset.type = _ID_TYPE_GID;
- wbc_status = wbcRequestResponse(WINBINDD_SET_HWM,
- &request, &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_SET_HWM,
+ &request, &response);
BAIL_ON_WBC_ERROR(wbc_status);
done:
request.flags |= params->flags;
}
- wbc_status = wbcRequestResponse(cmd,
- &request,
- &response);
+ if (cmd == WINBINDD_PAM_AUTH_CRAP) {
+ wbc_status = wbcRequestResponsePriv(cmd, &request, &response);
+ } else {
+ wbc_status = wbcRequestResponse(cmd, &request, &response);
+ }
if (response.data.auth.nt_status != 0) {
if (error) {
wbc_status = wbc_create_error_info(NULL,
/* Send request */
- wbc_status = wbcRequestResponse(WINBINDD_CHECK_MACHACC,
- &request,
- &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_CHECK_MACHACC,
+ &request, &response);
if (response.data.auth.nt_status != 0) {
if (error) {
wbc_status = wbc_create_error_info(NULL,
/* Send request */
- wbc_status = wbcRequestResponse(WINBINDD_CHANGE_MACHACC,
- &request,
- &response);
+ wbc_status = wbcRequestResponsePriv(WINBINDD_CHANGE_MACHACC,
+ &request, &response);
if (response.data.auth.nt_status != 0) {
if (error) {
wbc_status = wbc_create_error_info(NULL,
NSS_STATUS winbindd_request_response(int req_type,
struct winbindd_request *request,
struct winbindd_response *response);
+NSS_STATUS winbindd_priv_request_response(int req_type,
+ struct winbindd_request *request,
+ struct winbindd_response *response);
/** @brief Wrapper around Winbind's send/receive API call
*
--Volker
**********************************************************************/
-wbcErr wbcRequestResponse(int cmd,
- struct winbindd_request *request,
- struct winbindd_response *response)
+static wbcErr wbcRequestResponseInt(
+ int cmd,
+ struct winbindd_request *request,
+ struct winbindd_response *response,
+ NSS_STATUS (*fn)(int req_type,
+ struct winbindd_request *request,
+ struct winbindd_response *response))
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
NSS_STATUS nss_status;
/* for some calls the request and/or response can be NULL */
- nss_status = winbindd_request_response(cmd, request, response);
+ nss_status = fn(cmd, request, response);
switch (nss_status) {
case NSS_STATUS_SUCCESS:
return wbc_status;
}
+wbcErr wbcRequestResponse(int cmd,
+ struct winbindd_request *request,
+ struct winbindd_response *response)
+{
+ return wbcRequestResponseInt(cmd, request, response,
+ winbindd_request_response);
+}
+
+wbcErr wbcRequestResponsePriv(int cmd,
+ struct winbindd_request *request,
+ struct winbindd_response *response)
+{
+ return wbcRequestResponseInt(cmd, request, response,
+ winbindd_priv_request_response);
+}
+
/** @brief Translate an error value into a string
*
* @param error
struct winbindd_request *request,
struct winbindd_response *response);
+wbcErr wbcRequestResponsePriv(int cmd,
+ struct winbindd_request *request,
+ struct winbindd_response *response);
+
#endif /* _WBCLIENT_INTERNAL_H */