ipa_sam: remove dependency to sid_string_talloc() and sid_string_dbg() #2943

mastersin · 2019-03-27T19:55:36Z

ipa_sam uses Samba's sid to string construction functions. Recent Samba
versions removed this functions from libsmbconf.so and replace new functions
to internal libsamba-security-samba4.so

Thus, we reimplement new style function dom_sid_str_buf() from Samba-4.10.

Resolves: https://pagure.io/freeipa/issue/7893

abbra

Thanks for the patch, @mastersin. I have a few comments and also please rebase on top of #2926.

abbra · 2019-03-27T21:19:34Z

daemons/ipa-sam/ipa_sam.c

@@ -100,12 +101,15 @@ struct unixid {
 	enum id_type type;
 }/* [public] */;

+/* from samba/libcli/security/dom_sid.h */
+#define MAX(a,b) ((a)>(b)?(a):(b))


You can get MAX from #include <sys/param.h>.

abbra · 2019-03-27T21:20:36Z

daemons/ipa-sam/ipa_sam.c

@@ -283,6 +287,62 @@ static bool is_null_sid(const struct dom_sid *sid)
 	return true;
 }

+static int dom_sid_string_buf(const struct dom_sid *sid, char *buf, int buflen)


Please rename to _domain_sid_string_buf to avoid possible conflicts when loading in the same process.

abbra · 2019-03-27T21:21:06Z

daemons/ipa-sam/ipa_sam.c

+	return ofs;
+}
+
+static char *dom_sid_str_buf(const struct dom_sid *sid, struct dom_sid_buf *dst)


Same here, please rename to _domain_sid_str_buf

abbra · 2019-03-27T21:35:29Z

Actually, I have a better idea. We are linking anyway to SSSD's libsss_idmap library which has all the same code already. See calls to sss_idmap_sid_to_smb_sid() -- this converts stringified SID version to struct dom_sid. There is a reverse function too: sss_idmap_smb_sid_to_sid(). It takes idmap context which we already have initialized in the ipasam state and we use talloc to allocate resources. This would make it consistent with other places we have.

mastersin · 2019-03-28T00:06:11Z

Fix and rebase current variant. Thinks about better idea as next step.

ipa_sam uses Samba's sid to string construction functions. Recent Samba versions removed this functions from libsmbconf.so and replace new functions to internal libsamba-security-samba4.so Thus, we reimplement new style function dom_sid_str_buf() from Samba-4.10. Resolves: https://pagure.io/freeipa/issue/7893

abbra · 2019-03-29T14:15:58Z

@mastersin let me know if you are able to work on the proposed approach. If not, I'll do it myself next week.

mastersin · 2019-03-29T22:07:19Z

@abbra I try it and understand, that I don't know enough clearly how works talloc contexts in this code, and also I don't have time to debug it yet. I afraid that I may add memory leaks in proposed approach.

abbra · 2019-03-31T10:09:27Z

@mastersin I submitted #2966 that should solve the issue and obsoletes this PR. Please review.

tiran · 2019-04-01T10:12:13Z

PR #2966 with an alternative fix has landed.

tiran · 2019-04-01T10:13:01Z

Thanks for your patch any way! 🥇

abbra reviewed Mar 27, 2019

View reviewed changes

abbra added the re-run Trigger a new run of PR-CI label Mar 27, 2019

freeipa-pr-ci removed the re-run Trigger a new run of PR-CI label Mar 27, 2019

mastersin force-pushed the master branch 2 times, most recently from 0cdeca2 to e16bc89 Compare March 28, 2019 00:01

mastersin force-pushed the master branch from e16bc89 to 5f88f70 Compare March 28, 2019 09:35

freeipa-pr-ci added the needs rebase Pull Request cannot be automatically merged - needs to be rebased label Mar 28, 2019

mastersin force-pushed the master branch 2 times, most recently from 080b49f to 284d380 Compare March 28, 2019 15:40

tiran added rejected Pull Request has been rejected and removed needs rebase Pull Request cannot be automatically merged - needs to be rebased labels Apr 1, 2019

tiran closed this Apr 1, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ipa_sam: remove dependency to sid_string_talloc() and sid_string_dbg() #2943

ipa_sam: remove dependency to sid_string_talloc() and sid_string_dbg() #2943

mastersin commented Mar 27, 2019

abbra left a comment

abbra Mar 27, 2019

abbra Mar 27, 2019

abbra Mar 27, 2019

abbra commented Mar 27, 2019

mastersin commented Mar 28, 2019

abbra commented Mar 29, 2019

mastersin commented Mar 29, 2019

abbra commented Mar 31, 2019

tiran commented Apr 1, 2019

tiran commented Apr 1, 2019

ipa_sam: remove dependency to sid_string_talloc() and sid_string_dbg() #2943

ipa_sam: remove dependency to sid_string_talloc() and sid_string_dbg() #2943

Conversation

mastersin commented Mar 27, 2019

abbra left a comment

Choose a reason for hiding this comment

abbra Mar 27, 2019

Choose a reason for hiding this comment

abbra Mar 27, 2019

Choose a reason for hiding this comment

abbra Mar 27, 2019

Choose a reason for hiding this comment

abbra commented Mar 27, 2019

mastersin commented Mar 28, 2019

abbra commented Mar 29, 2019

mastersin commented Mar 29, 2019

abbra commented Mar 31, 2019

tiran commented Apr 1, 2019

tiran commented Apr 1, 2019