FreeBSD Bugzilla – Attachment 111681 Details for
Bug 152982
[patch] net/nss_ldap, ignore option nss_initgroups_ignoreusers
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 2.78 KB, created by
Konstantin Menshikov
on 2010-12-10 11:00:17 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Konstantin Menshikov
Created:
2010-12-10 11:00:17 UTC
Size:
2.78 KB
patch
obsolete
>--- bsdnss.c.old 2010-12-09 13:04:25.000000000 +0000 >+++ bsdnss.c 2010-12-09 13:02:37.000000000 +0000 >@@ -1,9 +1,11 @@ > #include <errno.h> >+#include <stdlib.h> > #include <sys/param.h> > #include <netinet/in.h> > #include <pwd.h> > #include <grp.h> > #include <nss.h> >+#include <nsswitch.h> > #include <netdb.h> > > extern enum nss_status _nss_ldap_getgrent_r(struct group *, char *, size_t, >@@ -14,6 +16,8 @@ > size_t, int *); > extern enum nss_status _nss_ldap_setgrent(void); > extern enum nss_status _nss_ldap_endgrent(void); >+extern enum nss_status _nss_ldap_initgroups_dyn(const char *, gid_t, long int *, >+ long int *, gid_t **, long int, int *); > > extern enum nss_status _nss_ldap_getpwent_r(struct passwd *, char *, size_t, > int *); >@@ -40,6 +44,7 @@ > NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r); > NSS_METHOD_PROTOTYPE(__nss_compat_setgrent); > NSS_METHOD_PROTOTYPE(__nss_compat_endgrent); >+static NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership); > > NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r); > NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r); >@@ -57,6 +62,7 @@ > { NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r }, > { NSDB_GROUP, "setgrent", __nss_compat_setgrent, _nss_ldap_setgrent }, > { NSDB_GROUP, "endgrent", __nss_compat_endgrent, _nss_ldap_endgrent }, >+{ NSDB_GROUP, "getgroupmembership", __freebsd_getgroupmembership, NULL }, > > { NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r }, > { NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r }, >@@ -156,3 +162,58 @@ > h_errno = h_errnop; > return (status); > } >+ >+static int >+__gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *groupc) >+{ >+ int ret, dupc; >+ >+ /* skip duplicates */ >+ for (dupc = 0; dupc < MIN(maxgrp, *groupc); dupc++) { >+ if (groups[dupc] == gid) >+ return 1; >+ } >+ >+ ret = 1; >+ if (*groupc < maxgrp) /* add this gid */ >+ groups[*groupc] = gid; >+ else >+ ret = 0; >+ (*groupc)++; >+ return ret; >+} >+ >+static int __freebsd_getgroupmembership(void *retval, void *mdata, va_list ap) >+{ >+ int err; >+ enum nss_status s; >+ const char *user = va_arg(ap, const char *); >+ gid_t group = va_arg(ap, gid_t); >+ gid_t *groups = va_arg(ap, gid_t *); >+ int limit = va_arg(ap, int); >+ int *size = va_arg(ap, int*); >+ gid_t *tmpgroups; >+ long int lstart, lsize; >+ int i; >+ >+ tmpgroups = malloc(limit * sizeof(gid_t)); >+ if (tmpgroups == NULL) >+ return NS_TRYAGAIN; >+ >+ /* insert primary membership */ >+ __gr_addgid(group, groups, limit, size); >+ >+ lstart = 0; >+ lsize = limit; >+ s = _nss_ldap_initgroups_dyn(user, group, &lstart, &lsize, >+ &tmpgroups, 0, &err); >+ if (s == NSS_STATUS_SUCCESS) { >+ for (i = 0; i < lstart; i++) >+ __gr_addgid(tmpgroups[i], groups, limit, size); >+ s = NSS_STATUS_NOTFOUND; >+ } >+ >+ free(tmpgroups); >+ >+ return __nss_compat_result(s, err); >+}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=111681">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 152982
: 111681 |
111682