More idmapping and ACL tool fixes slated for 5.8.

2012-11-07 07:10:38 -05:00 · 2012-11-07 07:10:38 -05:00 · 039b01fb1a
commit 039b01fb1a
parent a9cb2f0ecc
2 changed files with 239 additions and 29 deletions
--- a/cifs-utils-5.8-pre1.patch
+++ b/cifs-utils-5.8-pre1.patch
@ -340,10 +340,18 @@ index f969b37..07df3be 100644
 AC_CONFIG_HEADERS([config.h])
 AC_CONFIG_FILES([Makefile contrib/Makefile contrib/request-key.d/Makefile])
 diff --git a/getcifsacl.c b/getcifsacl.c
-index 8cbdb1d..b832c50 100644
+index 8cbdb1d..c576fc0 100644
 --- a/getcifsacl.c
 +++ b/getcifsacl.c
-@@ -38,7 +38,7 @@
+@@ -31,6 +31,7 @@
+ #include <unistd.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+#include <stddef.h>
+ #include <errno.h>
+ #include <limits.h>
+ #include <wbclient.h>
+@@ -38,7 +39,7 @@
 #include <sys/xattr.h>
 #include "cifsacl.h"
 
@ -352,7 +360,7 @@ index 8cbdb1d..b832c50 100644
 
 static void
 print_each_ace_mask(uint32_t mask)
-@@ -171,22 +171,37 @@ print_ace_type(uint8_t acetype, int raw)
+@@ -171,22 +172,37 @@ print_ace_type(uint8_t acetype, int raw)
 	}
 }
 
@ -395,7 +403,7 @@ index 8cbdb1d..b832c50 100644
 		printf("%s", domain_name);
 		if (strlen(domain_name))
 			printf("%c", '\\');
-@@ -195,29 +210,41 @@ print_sid(struct wbcDomainSid *sidptr, int raw)
+@@ -195,36 +211,55 @@ print_sid(struct wbcDomainSid *sidptr, int raw)
 	}
 
 print_sid_raw:
@ -433,8 +441,15 @@ index 8cbdb1d..b832c50 100644
 print_ace(struct cifs_ace *pace, char *end_of_acl, int raw)
 {
 -	/* validate that we do not go past end of acl */
-
-+	/* 16 == size of cifs_ace sans the cifs_sid */
+	uint16_t size;
+
+	/* make sure we can safely get to "size" */
+	if (end_of_acl < (char *)pace + offsetof(struct cifs_ace, size) + 1)
+		return;
+
+	size = le16toh(pace->size);
+ 
+	/* 16 == size of cifs_ace when cifs_sid has no subauths */
 	if (le16toh(pace->size) < 16)
 		return;
 
@ -448,7 +463,15 @@ index 8cbdb1d..b832c50 100644
 	printf(":");
 	print_ace_type(pace->type, raw);
 	printf("/");
-@@ -261,14 +288,14 @@ parse_dacl(struct cifs_ctrl_acl *pdacl, char *end_of_acl, int raw)
+ 	print_ace_flags(pace->flags, raw);
+ 	printf("/");
+-	print_ace_mask(pace->access_req, raw);
+-
+	print_ace_mask(le32toh(pace->access_req), raw);
+ 
+ 	return;
+ }
+@@ -261,14 +296,14 @@ parse_dacl(struct cifs_ctrl_acl *pdacl, char *end_of_acl, int raw)
 }
 
 static int
@ -465,7 +488,7 @@ index 8cbdb1d..b832c50 100644
 	printf("\n");
 
 	return 0;
-@@ -280,15 +307,15 @@ parse_sec_desc(struct cifs_ntsd *pntsd, ssize_t acl_len, int raw)
+@@ -280,15 +315,15 @@ parse_sec_desc(struct cifs_ntsd *pntsd, ssize_t acl_len, int raw)
 	int rc;
 	uint32_t dacloffset;
 	char *end_of_acl = ((char *)pntsd) + acl_len;
@ -484,7 +507,7 @@ index 8cbdb1d..b832c50 100644
 				le32toh(pntsd->gsidoffset));
 	dacloffset = le32toh(pntsd->dacloffset);
 	dacl_ptr = (struct cifs_ctrl_acl *)((char *)pntsd + dacloffset);
-@@ -333,6 +360,7 @@ main(const int argc, char *const argv[])
+@@ -333,6 +368,7 @@ main(const int argc, char *const argv[])
 	size_t bufsize = BUFSIZE;
 	char *filename, *attrval;
 
@ -530,7 +553,7 @@ index 550d23d..3dd755c 100644
 .RS 4
 Print version number and exit\&.
 diff --git a/setcifsacl.c b/setcifsacl.c
-index 29b7b93..5016264 100644
+index 29b7b93..8891844 100644
 --- a/setcifsacl.c
 +++ b/setcifsacl.c
@@ -39,23 +39,42 @@
@ -609,7 +632,7 @@ index 29b7b93..5016264 100644
 
 	return;
 }
-@@ -98,20 +105,13 @@ copy_sec_desc(const struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd,
+@@ -98,22 +105,15 @@ copy_sec_desc(const struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd,
 static int
 copy_ace(struct cifs_ace *dace, struct cifs_ace *sace)
 {
@ -631,8 +654,11 @@ index 29b7b93..5016264 100644
 -	dace->size = htole16(sace->size);
 +	dace->size = sace->size;
 
- 	return dace->size;
+-	return dace->size;
+	return le16toh(dace->size);
 }
+ 
+ static int
@@ -126,7 +126,7 @@ compare_aces(struct cifs_ace *sace, struct cifs_ace *dace, int compflags)
 			return 0;
 		if (dace->sid.num_subauth != sace->sid.num_subauth)
@ -678,7 +704,60 @@ index 29b7b93..5016264 100644
 	}
 
 	return numfaces;
-@@ -391,33 +388,40 @@ build_fetched_aces_ret:
+@@ -350,74 +347,75 @@ get_numfaces(struct cifs_ntsd *pntsd, ssize_t acl_len,
+ static struct cifs_ace **
+ build_fetched_aces(char *daclptr, int numfaces)
+ {
+-	int i, j, rc = 0, acl_size;
+	int i, acl_size;
+ 	char *acl_base;
+ 	struct cifs_ace *pace, **facesptr;
+ 
+-	facesptr = (struct cifs_ace **)malloc(numfaces *
+-					sizeof(struct cifs_aces *));
+	facesptr = calloc(numfaces, sizeof(struct cifs_aces *));
+ 	if (!facesptr) {
+ 		printf("%s: Error %d allocating ACE array",
+ 				__func__, errno);
+-		rc = errno;
+		return facesptr;
+ 	}
+ 
+ 	acl_base = daclptr;
+ 	acl_size = sizeof(struct cifs_ctrl_acl);
+ 	for (i = 0; i < numfaces; ++i) {
+ 		facesptr[i] = malloc(sizeof(struct cifs_ace));
+-		if (!facesptr[i]) {
+-			rc = errno;
+-			goto build_fetched_aces_ret;
+-		}
+		if (!facesptr[i])
+			goto build_fetched_aces_err;
+ 		pace = (struct cifs_ace *) (acl_base + acl_size);
+ 		memcpy(facesptr[i], pace, sizeof(struct cifs_ace));
+ 		acl_base = (char *)pace;
+ 		acl_size = le16toh(pace->size);
+ 	}
+-
+-build_fetched_aces_ret:
+-	if (rc) {
+-		printf("%s: Invalid fetched ace\n", __func__);
+-		if (i) {
+-			for (j = i; j >= 0; --j)
+-				free(facesptr[j]);
+-		}
+-		free(facesptr);
+-	}
+ 	return facesptr;
+
+build_fetched_aces_err:
+	printf("%s: Invalid fetched ace\n", __func__);
+	for (i = 0; i < numfaces; ++i)
+		free(facesptr[i]);
+	free(facesptr);
+	return NULL;
+ }
+ 
 static int
 verify_ace_sid(char *sidstr, struct cifs_sid *sid)
 {
@ -743,7 +822,136 @@ index 29b7b93..5016264 100644
 	return 0;
 }
 
-@@ -643,92 +647,77 @@ build_cmdline_aces_ret:
+@@ -514,62 +512,61 @@ verify_ace_flags(char *flagstr, uint8_t *flagval)
+ }
+ 
+ static uint32_t
+-ace_mask_value(char *maskstr)
+ace_mask_value(char *mask)
+ {
+-	int i, len;
+-	uint32_t maskval = 0x0;
+-	char *lmask;
+	uint32_t maskval = 0;
+	char cur;
+ 
+-	if (!strcmp(maskstr, "FULL"))
+	if (!strcmp(mask, "FULL"))
+ 		return FULL_CONTROL;
+-	else if (!strcmp(maskstr, "CHANGE"))
+	if (!strcmp(mask, "CHANGE"))
+ 		return CHANGE;
+-	else if (!strcmp(maskstr, "D"))
+-		return DELETE;
+-	else if (!strcmp(maskstr, "READ"))
+	if (!strcmp(mask, "READ"))
+ 		return EREAD;
+-	else {
+-		len = strlen(maskstr);
+-		lmask = maskstr;
+-		for (i = 0; i < len; ++i, ++lmask) {
+-			if (*lmask == 'R')
+-				maskval |= EREAD;
+-			else if (*lmask == 'W')
+-				maskval |= EWRITE;
+-			else if (*lmask == 'X')
+-				maskval |= EXEC;
+-			else if (*lmask == 'D')
+-				maskval |= DELETE;
+-			else if (*lmask == 'P')
+-				maskval |= WRITE_DAC;
+-			else if (*lmask == 'O')
+-				maskval |= WRITE_OWNER;
+-			else
+-				return 0;
+
+	while((cur = *mask++)) {
+		switch(cur) {
+		case 'R':
+			maskval |= EREAD;
+			break;
+		case 'W':
+			maskval |= EWRITE;
+			break;
+		case 'X':
+			maskval |= EXEC;
+			break;
+		case 'D':
+			maskval |= DELETE;
+			break;
+		case 'P':
+			maskval |= WRITE_DAC;
+			break;
+		case 'O':
+			maskval |= WRITE_OWNER;
+			break;
+		default:
+			return 0;
+ 		}
+-		return maskval;
+ 	}
+-
+-	return 0;
+	return maskval;
+ }
+ 
+ static int
+ verify_ace_mask(char *maskstr, uint32_t *maskval)
+ {
+-	char *invalflag;
+	unsigned long val;
+	char *ep;
+ 
+-	if (strstr(maskstr, "0x") || !strcmp(maskstr, "DELDHLD")) {
+-		*maskval = strtol(maskstr, &invalflag, 16);
+-		if (!invalflag) {
+-			printf("%s: Invalid mask: %s\n", __func__, maskstr);
+-			return 1;
+-		}
+-	} else
+-		*maskval = ace_mask_value(maskstr);
+	errno = 0;
+	val = strtoul(maskstr, &ep, 0);
+	if (errno == 0 && *ep == '\0')
+		*maskval = htole32((uint32_t)val);
+	else
+		*maskval = htole32(ace_mask_value(maskstr));
+ 
+ 	if (!*maskval) {
+-		printf("%s: Invalid mask %s and value: 0x%x\n",
+-			__func__, maskstr, *maskval);
+		printf("%s: Invalid mask %s (value 0x%x)\n", __func__,
+			maskstr, *maskval);
+ 		return 1;
+ 	}
+ 
+@@ -583,8 +580,7 @@ build_cmdline_aces(char **arrptr, int numcaces)
+ 	char *acesid, *acetype, *aceflag, *acemask;
+ 	struct cifs_ace **cacesptr;
+ 
+-	cacesptr = (struct cifs_ace **)malloc(numcaces *
+-				sizeof(struct cifs_aces *));
+	cacesptr = calloc(numcaces, sizeof(struct cifs_aces *));
+ 	if (!cacesptr) {
+ 		printf("%s: Error %d allocating ACE array", __func__, errno);
+ 		return NULL;
+@@ -630,105 +626,90 @@ build_cmdline_aces(char **arrptr, int numcaces)
+ 			goto build_cmdline_aces_ret;
+ 		}
+ 
+-		cacesptr[i]->size = 1 + 1 + 2 + 4 + 1 + 1 + 6 +
+-				(cacesptr[i]->sid.num_subauth * 4);
+		cacesptr[i]->size = htole16(1 + 1 + 2 + 4 + 1 + 1 + 6 +
+					    cacesptr[i]->sid.num_subauth * 4);
+ 	}
+ 	return cacesptr;
+ 
+ build_cmdline_aces_ret:
+-	for (; i >= 0; --i)
+	for (i = 0; i < numcaces; ++i)
+ 		free(cacesptr[i]);
+ 	free(cacesptr);
+ 	return NULL;
 }
 
 static char **
@ -783,8 +991,6 @@ index 29b7b93..5016264 100644
 -		} else
 -			goto parse_cmdline_aces_ret;
 -		optarg = NULL;
-	}
-	errno = 0;
 +		acestr = strtok(acelist, ","); /* everything before , */
 +		if (!acestr)
 +			goto parse_cmdline_aces_err;
@ -798,7 +1004,8 @@ index 29b7b93..5016264 100644
 +			++i;
 +		}
 +		acelist = NULL;
-+	}
+ 	}
+-	errno = 0;
 	return arrptr;
 
 -parse_cmdline_aces_ret:
@ -818,21 +1025,21 @@ index 29b7b93..5016264 100644
 {
 	int i, len;
 -	unsigned int numcaces = 1;
-+	unsigned int num = 1;
-+	const char *current;
- 
+-
 -	if (!optarg)
 -		return 0;
-+	current = aces;
-+	while((current = strchr(current, ',')))
-+		++num;
+	unsigned int num = 1;
+	const char *current;
 
 -	len = strlen(optarg);
 -	for (i = 0; i < len; ++i) {
 -		if (*(optarg + i) == ',')
 -			++numcaces;
 -	}
-
+	current = aces;
+	while((current = strchr(current, ',')))
+		++num;
+ 
 -	return numcaces;
 +	return num;
 }
@ -867,7 +1074,7 @@ index 29b7b93..5016264 100644
 		rc = ace_set(pntsd, npntsd, bufsize, cacesptr, numcaces);
 		break;
 	default:
-@@ -771,52 +760,62 @@ setcifsacl_usage(void)
+@@ -771,52 +752,62 @@ setcifsacl_usage(void)
 int
 main(const int argc, char *const argv[])
 {
@ -945,7 +1152,7 @@ index 29b7b93..5016264 100644
 	if (!arrptr)
 		goto setcifsacl_numcaces_ret;
 
-@@ -850,7 +849,7 @@ cifsacl:
+@@ -850,7 +841,7 @@ cifsacl:
 	}
 
 	numfaces = get_numfaces((struct cifs_ntsd *)attrval, attrlen, &daclptr);
@ -954,7 +1161,7 @@ index 29b7b93..5016264 100644
 		printf("%s: Empty DACL\n", __func__);
 		goto setcifsacl_facenum_ret;
 	}
-@@ -870,7 +869,6 @@ cifsacl:
+@@ -870,7 +861,6 @@ cifsacl:
 		printf("%s: setxattr error: %s\n", __func__, strerror(errno));
 	goto setcifsacl_facenum_ret;
 
@ -962,7 +1169,7 @@ index 29b7b93..5016264 100644
 	return 0;
 
 setcifsacl_action_ret:
-@@ -890,8 +888,6 @@ setcifsacl_cmdlineverify_ret:
+@@ -890,8 +880,6 @@ setcifsacl_cmdlineverify_ret:
 	free(cacesptr);
 
 setcifsacl_cmdlineparse_ret:
--- a/cifs-utils.spec
+++ b/cifs-utils.spec
@ -3,7 +3,7 @@

 Name:           cifs-utils
 Version:        5.7
-Release:        2%{pre_release}%{?dist}
+Release:        3%{pre_release}%{?dist}
 Summary:        Utilities for mounting and managing CIFS mounts

 Group:          System Environment/Daemons
@ -62,6 +62,9 @@ rm -rf %{buildroot}
 %config(noreplace) %{_sysconfdir}/request-key.d/cifs.spnego.conf

 %changelog
+* Wed Nov 07 2012 Jeff Layton <jlayton@redhat.com> 5.7-3
+- update to latest patches queued for 5.8. More idmapping and ACL tool fixes.
+
 * Sun Nov 04 2012 Jeff Layton <jlayton@redhat.com> 5.7-2
 - update to latest patches queued for 5.8. Mostly idmapping and ACL tool fixes.