From 039b01fb1a117921da465725072a6dbebfcc3219 Mon Sep 17 00:00:00 2001 From: Jeff Layton Date: Wed, 7 Nov 2012 07:10:38 -0500 Subject: [PATCH] More idmapping and ACL tool fixes slated for 5.8. --- cifs-utils-5.8-pre1.patch | 263 ++++++++++++++++++++++++++++++++++---- cifs-utils.spec | 5 +- 2 files changed, 239 insertions(+), 29 deletions(-) diff --git a/cifs-utils-5.8-pre1.patch b/cifs-utils-5.8-pre1.patch index 113345b..25f62f1 100644 --- a/cifs-utils-5.8-pre1.patch +++ b/cifs-utils-5.8-pre1.patch @@ -340,10 +340,18 @@ index f969b37..07df3be 100644 AC_CONFIG_HEADERS([config.h]) AC_CONFIG_FILES([Makefile contrib/Makefile contrib/request-key.d/Makefile]) diff --git a/getcifsacl.c b/getcifsacl.c -index 8cbdb1d..b832c50 100644 +index 8cbdb1d..c576fc0 100644 --- a/getcifsacl.c +++ b/getcifsacl.c -@@ -38,7 +38,7 @@ +@@ -31,6 +31,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -38,7 +39,7 @@ #include #include "cifsacl.h" @@ -352,7 +360,7 @@ index 8cbdb1d..b832c50 100644 static void print_each_ace_mask(uint32_t mask) -@@ -171,22 +171,37 @@ print_ace_type(uint8_t acetype, int raw) +@@ -171,22 +172,37 @@ print_ace_type(uint8_t acetype, int raw) } } @@ -395,7 +403,7 @@ index 8cbdb1d..b832c50 100644 printf("%s", domain_name); if (strlen(domain_name)) printf("%c", '\\'); -@@ -195,29 +210,41 @@ print_sid(struct wbcDomainSid *sidptr, int raw) +@@ -195,36 +211,55 @@ print_sid(struct wbcDomainSid *sidptr, int raw) } print_sid_raw: @@ -433,8 +441,15 @@ index 8cbdb1d..b832c50 100644 print_ace(struct cifs_ace *pace, char *end_of_acl, int raw) { - /* validate that we do not go past end of acl */ -- -+ /* 16 == size of cifs_ace sans the cifs_sid */ ++ uint16_t size; ++ ++ /* make sure we can safely get to "size" */ ++ if (end_of_acl < (char *)pace + offsetof(struct cifs_ace, size) + 1) ++ return; ++ ++ size = le16toh(pace->size); + ++ /* 16 == size of cifs_ace when cifs_sid has no subauths */ if (le16toh(pace->size) < 16) return; @@ -448,7 +463,15 @@ index 8cbdb1d..b832c50 100644 printf(":"); print_ace_type(pace->type, raw); printf("/"); -@@ -261,14 +288,14 @@ parse_dacl(struct cifs_ctrl_acl *pdacl, char *end_of_acl, int raw) + print_ace_flags(pace->flags, raw); + printf("/"); +- print_ace_mask(pace->access_req, raw); +- ++ print_ace_mask(le32toh(pace->access_req), raw); + + return; + } +@@ -261,14 +296,14 @@ parse_dacl(struct cifs_ctrl_acl *pdacl, char *end_of_acl, int raw) } static int @@ -465,7 +488,7 @@ index 8cbdb1d..b832c50 100644 printf("\n"); return 0; -@@ -280,15 +307,15 @@ parse_sec_desc(struct cifs_ntsd *pntsd, ssize_t acl_len, int raw) +@@ -280,15 +315,15 @@ parse_sec_desc(struct cifs_ntsd *pntsd, ssize_t acl_len, int raw) int rc; uint32_t dacloffset; char *end_of_acl = ((char *)pntsd) + acl_len; @@ -484,7 +507,7 @@ index 8cbdb1d..b832c50 100644 le32toh(pntsd->gsidoffset)); dacloffset = le32toh(pntsd->dacloffset); dacl_ptr = (struct cifs_ctrl_acl *)((char *)pntsd + dacloffset); -@@ -333,6 +360,7 @@ main(const int argc, char *const argv[]) +@@ -333,6 +368,7 @@ main(const int argc, char *const argv[]) size_t bufsize = BUFSIZE; char *filename, *attrval; @@ -530,7 +553,7 @@ index 550d23d..3dd755c 100644 .RS 4 Print version number and exit\&. diff --git a/setcifsacl.c b/setcifsacl.c -index 29b7b93..5016264 100644 +index 29b7b93..8891844 100644 --- a/setcifsacl.c +++ b/setcifsacl.c @@ -39,23 +39,42 @@ @@ -609,7 +632,7 @@ index 29b7b93..5016264 100644 return; } -@@ -98,20 +105,13 @@ copy_sec_desc(const struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd, +@@ -98,22 +105,15 @@ copy_sec_desc(const struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd, static int copy_ace(struct cifs_ace *dace, struct cifs_ace *sace) { @@ -631,8 +654,11 @@ index 29b7b93..5016264 100644 - dace->size = htole16(sace->size); + dace->size = sace->size; - return dace->size; +- return dace->size; ++ return le16toh(dace->size); } + + static int @@ -126,7 +126,7 @@ compare_aces(struct cifs_ace *sace, struct cifs_ace *dace, int compflags) return 0; if (dace->sid.num_subauth != sace->sid.num_subauth) @@ -678,7 +704,60 @@ index 29b7b93..5016264 100644 } return numfaces; -@@ -391,33 +388,40 @@ build_fetched_aces_ret: +@@ -350,74 +347,75 @@ get_numfaces(struct cifs_ntsd *pntsd, ssize_t acl_len, + static struct cifs_ace ** + build_fetched_aces(char *daclptr, int numfaces) + { +- int i, j, rc = 0, acl_size; ++ int i, acl_size; + char *acl_base; + struct cifs_ace *pace, **facesptr; + +- facesptr = (struct cifs_ace **)malloc(numfaces * +- sizeof(struct cifs_aces *)); ++ facesptr = calloc(numfaces, sizeof(struct cifs_aces *)); + if (!facesptr) { + printf("%s: Error %d allocating ACE array", + __func__, errno); +- rc = errno; ++ return facesptr; + } + + acl_base = daclptr; + acl_size = sizeof(struct cifs_ctrl_acl); + for (i = 0; i < numfaces; ++i) { + facesptr[i] = malloc(sizeof(struct cifs_ace)); +- if (!facesptr[i]) { +- rc = errno; +- goto build_fetched_aces_ret; +- } ++ if (!facesptr[i]) ++ goto build_fetched_aces_err; + pace = (struct cifs_ace *) (acl_base + acl_size); + memcpy(facesptr[i], pace, sizeof(struct cifs_ace)); + acl_base = (char *)pace; + acl_size = le16toh(pace->size); + } +- +-build_fetched_aces_ret: +- if (rc) { +- printf("%s: Invalid fetched ace\n", __func__); +- if (i) { +- for (j = i; j >= 0; --j) +- free(facesptr[j]); +- } +- free(facesptr); +- } + return facesptr; ++ ++build_fetched_aces_err: ++ printf("%s: Invalid fetched ace\n", __func__); ++ for (i = 0; i < numfaces; ++i) ++ free(facesptr[i]); ++ free(facesptr); ++ return NULL; + } + static int verify_ace_sid(char *sidstr, struct cifs_sid *sid) { @@ -743,7 +822,136 @@ index 29b7b93..5016264 100644 return 0; } -@@ -643,92 +647,77 @@ build_cmdline_aces_ret: +@@ -514,62 +512,61 @@ verify_ace_flags(char *flagstr, uint8_t *flagval) + } + + static uint32_t +-ace_mask_value(char *maskstr) ++ace_mask_value(char *mask) + { +- int i, len; +- uint32_t maskval = 0x0; +- char *lmask; ++ uint32_t maskval = 0; ++ char cur; + +- if (!strcmp(maskstr, "FULL")) ++ if (!strcmp(mask, "FULL")) + return FULL_CONTROL; +- else if (!strcmp(maskstr, "CHANGE")) ++ if (!strcmp(mask, "CHANGE")) + return CHANGE; +- else if (!strcmp(maskstr, "D")) +- return DELETE; +- else if (!strcmp(maskstr, "READ")) ++ if (!strcmp(mask, "READ")) + return EREAD; +- else { +- len = strlen(maskstr); +- lmask = maskstr; +- for (i = 0; i < len; ++i, ++lmask) { +- if (*lmask == 'R') +- maskval |= EREAD; +- else if (*lmask == 'W') +- maskval |= EWRITE; +- else if (*lmask == 'X') +- maskval |= EXEC; +- else if (*lmask == 'D') +- maskval |= DELETE; +- else if (*lmask == 'P') +- maskval |= WRITE_DAC; +- else if (*lmask == 'O') +- maskval |= WRITE_OWNER; +- else +- return 0; ++ ++ while((cur = *mask++)) { ++ switch(cur) { ++ case 'R': ++ maskval |= EREAD; ++ break; ++ case 'W': ++ maskval |= EWRITE; ++ break; ++ case 'X': ++ maskval |= EXEC; ++ break; ++ case 'D': ++ maskval |= DELETE; ++ break; ++ case 'P': ++ maskval |= WRITE_DAC; ++ break; ++ case 'O': ++ maskval |= WRITE_OWNER; ++ break; ++ default: ++ return 0; + } +- return maskval; + } +- +- return 0; ++ return maskval; + } + + static int + verify_ace_mask(char *maskstr, uint32_t *maskval) + { +- char *invalflag; ++ unsigned long val; ++ char *ep; + +- if (strstr(maskstr, "0x") || !strcmp(maskstr, "DELDHLD")) { +- *maskval = strtol(maskstr, &invalflag, 16); +- if (!invalflag) { +- printf("%s: Invalid mask: %s\n", __func__, maskstr); +- return 1; +- } +- } else +- *maskval = ace_mask_value(maskstr); ++ errno = 0; ++ val = strtoul(maskstr, &ep, 0); ++ if (errno == 0 && *ep == '\0') ++ *maskval = htole32((uint32_t)val); ++ else ++ *maskval = htole32(ace_mask_value(maskstr)); + + if (!*maskval) { +- printf("%s: Invalid mask %s and value: 0x%x\n", +- __func__, maskstr, *maskval); ++ printf("%s: Invalid mask %s (value 0x%x)\n", __func__, ++ maskstr, *maskval); + return 1; + } + +@@ -583,8 +580,7 @@ build_cmdline_aces(char **arrptr, int numcaces) + char *acesid, *acetype, *aceflag, *acemask; + struct cifs_ace **cacesptr; + +- cacesptr = (struct cifs_ace **)malloc(numcaces * +- sizeof(struct cifs_aces *)); ++ cacesptr = calloc(numcaces, sizeof(struct cifs_aces *)); + if (!cacesptr) { + printf("%s: Error %d allocating ACE array", __func__, errno); + return NULL; +@@ -630,105 +626,90 @@ build_cmdline_aces(char **arrptr, int numcaces) + goto build_cmdline_aces_ret; + } + +- cacesptr[i]->size = 1 + 1 + 2 + 4 + 1 + 1 + 6 + +- (cacesptr[i]->sid.num_subauth * 4); ++ cacesptr[i]->size = htole16(1 + 1 + 2 + 4 + 1 + 1 + 6 + ++ cacesptr[i]->sid.num_subauth * 4); + } + return cacesptr; + + build_cmdline_aces_ret: +- for (; i >= 0; --i) ++ for (i = 0; i < numcaces; ++i) + free(cacesptr[i]); + free(cacesptr); + return NULL; } static char ** @@ -783,8 +991,6 @@ index 29b7b93..5016264 100644 - } else - goto parse_cmdline_aces_ret; - optarg = NULL; -- } -- errno = 0; + acestr = strtok(acelist, ","); /* everything before , */ + if (!acestr) + goto parse_cmdline_aces_err; @@ -798,7 +1004,8 @@ index 29b7b93..5016264 100644 + ++i; + } + acelist = NULL; -+ } + } +- errno = 0; return arrptr; -parse_cmdline_aces_ret: @@ -818,21 +1025,21 @@ index 29b7b93..5016264 100644 { int i, len; - unsigned int numcaces = 1; -+ unsigned int num = 1; -+ const char *current; - +- - if (!optarg) - return 0; -+ current = aces; -+ while((current = strchr(current, ','))) -+ ++num; ++ unsigned int num = 1; ++ const char *current; - len = strlen(optarg); - for (i = 0; i < len; ++i) { - if (*(optarg + i) == ',') - ++numcaces; - } -- ++ current = aces; ++ while((current = strchr(current, ','))) ++ ++num; + - return numcaces; + return num; } @@ -867,7 +1074,7 @@ index 29b7b93..5016264 100644 rc = ace_set(pntsd, npntsd, bufsize, cacesptr, numcaces); break; default: -@@ -771,52 +760,62 @@ setcifsacl_usage(void) +@@ -771,52 +752,62 @@ setcifsacl_usage(void) int main(const int argc, char *const argv[]) { @@ -945,7 +1152,7 @@ index 29b7b93..5016264 100644 if (!arrptr) goto setcifsacl_numcaces_ret; -@@ -850,7 +849,7 @@ cifsacl: +@@ -850,7 +841,7 @@ cifsacl: } numfaces = get_numfaces((struct cifs_ntsd *)attrval, attrlen, &daclptr); @@ -954,7 +1161,7 @@ index 29b7b93..5016264 100644 printf("%s: Empty DACL\n", __func__); goto setcifsacl_facenum_ret; } -@@ -870,7 +869,6 @@ cifsacl: +@@ -870,7 +861,6 @@ cifsacl: printf("%s: setxattr error: %s\n", __func__, strerror(errno)); goto setcifsacl_facenum_ret; @@ -962,7 +1169,7 @@ index 29b7b93..5016264 100644 return 0; setcifsacl_action_ret: -@@ -890,8 +888,6 @@ setcifsacl_cmdlineverify_ret: +@@ -890,8 +880,6 @@ setcifsacl_cmdlineverify_ret: free(cacesptr); setcifsacl_cmdlineparse_ret: diff --git a/cifs-utils.spec b/cifs-utils.spec index 8bebab1..efe6a1e 100644 --- a/cifs-utils.spec +++ b/cifs-utils.spec @@ -3,7 +3,7 @@ Name: cifs-utils Version: 5.7 -Release: 2%{pre_release}%{?dist} +Release: 3%{pre_release}%{?dist} Summary: Utilities for mounting and managing CIFS mounts Group: System Environment/Daemons @@ -62,6 +62,9 @@ rm -rf %{buildroot} %config(noreplace) %{_sysconfdir}/request-key.d/cifs.spnego.conf %changelog +* Wed Nov 07 2012 Jeff Layton 5.7-3 +- update to latest patches queued for 5.8. More idmapping and ACL tool fixes. + * Sun Nov 04 2012 Jeff Layton 5.7-2 - update to latest patches queued for 5.8. Mostly idmapping and ACL tool fixes.