* [cifs-utils PATCH 1/8] data_blob: remove need for replace.h
[not found] ` <20170224142750.4151-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
@ 2017-02-24 14:27 ` Jeff Layton
2017-02-24 14:27 ` [cifs-utils PATCH 2/8] spengo.c/asn1.c: " Jeff Layton
` (7 subsequent siblings)
8 siblings, 0 replies; 13+ messages in thread
From: Jeff Layton @ 2017-02-24 14:27 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: cwseys-JAjqph6Yjy/rea2nFwT0Kw, ssorce-H+wXaHxf7aLQT0dZR+AlfA,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ
We only need ZERO_STRUCT there.
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
data_blob.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/data_blob.c b/data_blob.c
index 834d810c9d46..a884f132bcde 100644
--- a/data_blob.c
+++ b/data_blob.c
@@ -20,9 +20,12 @@
#include <string.h>
-#include "replace.h"
#include "data_blob.h"
+#ifndef ZERO_STRUCT
+#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))
+#endif
+
const DATA_BLOB data_blob_null = { NULL, 0 };
/**
--
2.9.3
^ permalink raw reply related [flat|nested] 13+ messages in thread* [cifs-utils PATCH 2/8] spengo.c/asn1.c: remove need for replace.h
[not found] ` <20170224142750.4151-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
2017-02-24 14:27 ` [cifs-utils PATCH 1/8] data_blob: remove need for replace.h Jeff Layton
@ 2017-02-24 14:27 ` Jeff Layton
2017-02-24 14:27 ` [cifs-utils PATCH 3/8] cifs.upcall: " Jeff Layton
` (6 subsequent siblings)
8 siblings, 0 replies; 13+ messages in thread
From: Jeff Layton @ 2017-02-24 14:27 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: cwseys-JAjqph6Yjy/rea2nFwT0Kw, ssorce-H+wXaHxf7aLQT0dZR+AlfA,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ
Just need stdbool.h instead.
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
asn1.c | 2 +-
spnego.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/asn1.c b/asn1.c
index 4c0e48037f14..dd96d2c0e595 100644
--- a/asn1.c
+++ b/asn1.c
@@ -20,8 +20,8 @@
#include <string.h>
#include <talloc.h>
#include <stdint.h>
+#include <stdbool.h>
-#include "replace.h"
#include "data_blob.h"
#include "asn1.h"
diff --git a/spnego.c b/spnego.c
index 7f32d7d2efa9..e483e6e1c526 100644
--- a/spnego.c
+++ b/spnego.c
@@ -21,8 +21,8 @@
#include <talloc.h>
#include <stdint.h>
+#include <stdbool.h>
-#include "replace.h"
#include "data_blob.h"
#include "asn1.h"
#include "spnego.h"
--
2.9.3
^ permalink raw reply related [flat|nested] 13+ messages in thread* [cifs-utils PATCH 3/8] cifs.upcall: remove need for replace.h
[not found] ` <20170224142750.4151-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
2017-02-24 14:27 ` [cifs-utils PATCH 1/8] data_blob: remove need for replace.h Jeff Layton
2017-02-24 14:27 ` [cifs-utils PATCH 2/8] spengo.c/asn1.c: " Jeff Layton
@ 2017-02-24 14:27 ` Jeff Layton
2017-02-24 14:27 ` [cifs-utils PATCH 4/8] replace.h: remove it Jeff Layton
` (5 subsequent siblings)
8 siblings, 0 replies; 13+ messages in thread
From: Jeff Layton @ 2017-02-24 14:27 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: cwseys-JAjqph6Yjy/rea2nFwT0Kw, ssorce-H+wXaHxf7aLQT0dZR+AlfA,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ
Take just what we need from replace.h and move it to cifs.upcall.c.
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
cifs.upcall.c | 22 +++++++++++++++++++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/cifs.upcall.c b/cifs.upcall.c
index f766a8b5799e..cfc926cd9d09 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -49,8 +49,9 @@
#include <ctype.h>
#include <pwd.h>
#include <grp.h>
+#include <stdbool.h>
+#include <errno.h>
-#include "replace.h"
#include "data_blob.h"
#include "spnego.h"
#include "cifs_spnego.h"
@@ -68,6 +69,21 @@ typedef enum _sectype {
MS_KRB5
} sectype_t;
+/* These macros unify the keyblock handling of Heimdal and MIT somewhat */
+#ifdef HAVE_KRB5_KEYBLOCK_KEYVALUE /* Heimdal */
+#define KRB5_KEY_TYPE(k) ((k)->keytype)
+#define KRB5_KEY_LENGTH(k) ((k)->keyvalue.length)
+#define KRB5_KEY_DATA(k) ((k)->keyvalue.data)
+#define KRB5_KEY_DATA_CAST void
+#else /* MIT */
+#define KRB5_KEY_TYPE(k) ((k)->enctype)
+#define KRB5_KEY_LENGTH(k) ((k)->length)
+#define KRB5_KEY_DATA(k) ((k)->contents)
+#define KRB5_KEY_DATA_CAST krb5_octet
+#endif
+
+#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x = NULL; } } while (0)
+
#ifdef HAVE_LIBCAP_NG
static int
trim_capabilities(bool need_environ)
@@ -434,7 +450,7 @@ cifs_krb5_get_req(const char *host, krb5_ccache ccache,
krb5_data apreq_pkt, in_data;
krb5_auth_context auth_context = NULL;
#if defined(HAVE_KRB5_AUTH_CON_SETADDRS) && defined(HAVE_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE)
- static const uint8_t gss_cksum[24] = { 0x10, 0x00, /* ... */};
+ static char gss_cksum[24] = { 0x10, 0x00, /* ... */};
#endif
memset(&in_creds, 0, sizeof(in_creds));
@@ -498,7 +514,7 @@ cifs_krb5_get_req(const char *host, krb5_ccache ccache,
*
* See https://bugzilla.samba.org/show_bug.cgi?id=7890
*/
- in_data.data = discard_const_p(char, gss_cksum);
+ in_data.data = gss_cksum;
in_data.length = 24;
/* MIT krb5 < 1.7 is missing the prototype, but still has the symbol */
--
2.9.3
^ permalink raw reply related [flat|nested] 13+ messages in thread* [cifs-utils PATCH 4/8] replace.h: remove it
[not found] ` <20170224142750.4151-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
` (2 preceding siblings ...)
2017-02-24 14:27 ` [cifs-utils PATCH 3/8] cifs.upcall: " Jeff Layton
@ 2017-02-24 14:27 ` Jeff Layton
2017-02-24 14:27 ` [cifs-utils PATCH 5/8] treewide: Eliminate SAFE_FREE Jeff Layton
` (4 subsequent siblings)
8 siblings, 0 replies; 13+ messages in thread
From: Jeff Layton @ 2017-02-24 14:27 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: cwseys-JAjqph6Yjy/rea2nFwT0Kw, ssorce-H+wXaHxf7aLQT0dZR+AlfA,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ
Nothing uses it now.
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
configure.ac | 2 +-
replace.h | 674 -----------------------------------------------------------
2 files changed, 1 insertion(+), 675 deletions(-)
delete mode 100644 replace.h
diff --git a/configure.ac b/configure.ac
index 12098e2bda41..78a1215f849d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
# Process this file with autoconf to produce a configure script.
AC_INIT([cifs-utils],[6.6.1],[linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org],[cifs-utils],[https://wiki.samba.org/index.php/LinuxCIFS_utils])
-AC_CONFIG_SRCDIR([replace.h])
+AC_CONFIG_SRCDIR([data_blob.h])
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_FILES([Makefile contrib/Makefile contrib/request-key.d/Makefile])
AC_CONFIG_MACRO_DIR(aclocal)
diff --git a/replace.h b/replace.h
deleted file mode 100644
index 03d293704a2e..000000000000
--- a/replace.h
+++ /dev/null
@@ -1,674 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- macros to go along with the lib/replace/ portability layer code
-
- Copyright (C) Andrew Tridgell 2005
- Copyright (C) Jelmer Vernooij 2006-2008
- Copyright (C) Jeremy Allison 2007.
-
- ** NOTE! The following LGPL license applies to the replace
- ** library. This does NOT imply that all of Samba is released
- ** under the LGPL
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 3 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, see <http://www.gnu.org/licenses/>.
-*/
-
-#ifndef _LIBREPLACE_REPLACE_H
-#define _LIBREPLACE_REPLACE_H
-
-#include "config.h"
-
-#ifdef HAVE_STANDARDS_H
-#include <standards.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include <errno.h>
-
-#if defined(_MSC_VER) || defined(__MINGW32__)
-#include "win32_replace.h"
-#endif
-
-
-#ifdef HAVE_STDINT_H
-#include <stdint.h>
-/* force off HAVE_INTTYPES_H so that roken doesn't try to include both,
- which causes a warning storm on irix */
-#undef HAVE_INTTYPES_H
-#elif HAVE_INTTYPES_H
-#define __STDC_FORMAT_MACROS
-#include <inttypes.h>
-#endif
-
-#ifndef __PRI64_PREFIX
-# if __WORDSIZE == 64
-# define __PRI64_PREFIX "l"
-# else
-# define __PRI64_PREFIX "ll"
-# endif
-#endif
-
-/* Decimal notation. */
-#ifndef PRId8
-# define PRId8 "d"
-#endif
-#ifndef PRId16
-# define PRId16 "d"
-#endif
-#ifndef PRId32
-# define PRId32 "d"
-#endif
-#ifndef PRId64
-# define PRId64 __PRI64_PREFIX "d"
-#endif
-
-#ifndef PRIi8
-# define PRIi8 "i"
-#endif
-#ifndef PRIi8
-# define PRIi16 "i"
-#endif
-#ifndef PRIi8
-# define PRIi32 "i"
-#endif
-#ifndef PRIi8
-# define PRIi64 __PRI64_PREFIX "i"
-#endif
-
-#ifndef PRIu8
-# define PRIu8 "u"
-#endif
-#ifndef PRIu16
-# define PRIu16 "u"
-#endif
-#ifndef PRIu32
-# define PRIu32 "u"
-#endif
-#ifndef PRIu64
-# define PRIu64 __PRI64_PREFIX "u"
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#if STDC_HEADERS
-#include <stdlib.h>
-#include <stddef.h>
-#endif
-
-#ifndef HAVE_STRERROR
-extern char *sys_errlist[];
-#define strerror(i) sys_errlist[i]
-#endif
-
-#ifndef HAVE_STRDUP
-#define strdup rep_strdup
-char *rep_strdup(const char *s);
-#endif
-
-#ifndef HAVE_MEMMEM
-#define memmem rep_memmem
-void *rep_memmem(const void *haystack, size_t haystacklen,
- const void *needle, size_t needlelen);
-#endif
-
-#ifndef HAVE_MKTIME
-#define mktime rep_mktime
-/* prototype is in "system/time.h" */
-#endif
-
-#ifndef HAVE_TIMEGM
-#define timegm rep_timegm
-/* prototype is in "system/time.h" */
-#endif
-
-#ifndef HAVE_UTIME
-#define utime rep_utime
-/* prototype is in "system/time.h" */
-#endif
-
-#ifndef HAVE_UTIMES
-#define utimes rep_utimes
-/* prototype is in "system/time.h" */
-#endif
-
-#if !HAVE_DECL_ENVIRON
-#ifdef __APPLE__
-#include <crt_externs.h>
-#define environ (*_NSGetEnviron())
-#else
-extern char **environ;
-#endif
-#endif
-
-#ifndef HAVE_SETENV
-#define setenv rep_setenv
-int rep_setenv(const char *name, const char *value, int overwrite);
-#else
-#ifndef HAVE_SETENV_DECL
-int setenv(const char *name, const char *value, int overwrite);
-#endif
-#endif
-
-#ifndef HAVE_UNSETENV
-#define unsetenv rep_unsetenv
-int rep_unsetenv(const char *name);
-#endif
-
-#ifndef HAVE_SETEUID
-#define seteuid rep_seteuid
-int rep_seteuid(uid_t);
-#endif
-
-#ifndef HAVE_SETEGID
-#define setegid rep_setegid
-int rep_setegid(gid_t);
-#endif
-
-#if (defined(USE_SETRESUID) && !defined(HAVE_SETRESUID_DECL))
-/* stupid glibc */
-int setresuid(uid_t ruid, uid_t euid, uid_t suid);
-#endif
-#if (defined(USE_SETRESUID) && !defined(HAVE_SETRESGID_DECL))
-int setresgid(gid_t rgid, gid_t egid, gid_t sgid);
-#endif
-
-#ifndef HAVE_CHOWN
-#define chown rep_chown
-int rep_chown(const char *path, uid_t uid, gid_t gid);
-#endif
-
-#ifndef HAVE_CHROOT
-#define chroot rep_chroot
-int rep_chroot(const char *dirname);
-#endif
-
-#ifndef HAVE_LINK
-#define link rep_link
-int rep_link(const char *oldpath, const char *newpath);
-#endif
-
-#ifndef HAVE_READLINK
-#define readlink rep_readlink
-ssize_t rep_readlink(const char *path, char *buf, size_t bufsize);
-#endif
-
-#ifndef HAVE_SYMLINK
-#define symlink rep_symlink
-int rep_symlink(const char *oldpath, const char *newpath);
-#endif
-
-#ifndef HAVE_REALPATH
-#define realpath rep_realpath
-char *rep_realpath(const char *path, char *resolved_path);
-#endif
-
-#ifndef HAVE_LCHOWN
-#define lchown rep_lchown
-int rep_lchown(const char *fname,uid_t uid,gid_t gid);
-#endif
-
-#ifdef HAVE_UNIX_H
-#include <unix.h>
-#endif
-
-#ifndef HAVE_SETLINEBUF
-#define setlinebuf rep_setlinebuf
-void rep_setlinebuf(FILE *);
-#endif
-
-#ifndef HAVE_STRCASESTR
-#define strcasestr rep_strcasestr
-char *rep_strcasestr(const char *haystack, const char *needle);
-#endif
-
-#ifndef HAVE_STRTOLL
-#define strtoll rep_strtoll
-long long int rep_strtoll(const char *str, char **endptr, int base);
-#endif
-
-#ifndef HAVE_STRTOULL
-#define strtoull rep_strtoull
-unsigned long long int rep_strtoull(const char *str, char **endptr, int base);
-#endif
-
-#ifndef HAVE_FTRUNCATE
-#define ftruncate rep_ftruncate
-int rep_ftruncate(int,off_t);
-#endif
-
-#ifndef HAVE_INITGROUPS
-#define initgroups rep_initgroups
-int rep_initgroups(char *name, gid_t id);
-#endif
-
-#ifndef HAVE_DLERROR
-#define dlerror rep_dlerror
-char *rep_dlerror(void);
-#endif
-
-#ifndef HAVE_DLOPEN
-#define dlopen rep_dlopen
-#ifdef DLOPEN_TAKES_UNSIGNED_FLAGS
-void *rep_dlopen(const char *name, unsigned int flags);
-#else
-void *rep_dlopen(const char *name, int flags);
-#endif
-#endif
-
-#ifndef HAVE_DLSYM
-#define dlsym rep_dlsym
-void *rep_dlsym(void *handle, const char *symbol);
-#endif
-
-#ifndef HAVE_DLCLOSE
-#define dlclose rep_dlclose
-int rep_dlclose(void *handle);
-#endif
-
-#ifndef HAVE_SOCKETPAIR
-#define socketpair rep_socketpair
-/* prototype is in system/network.h */
-#endif
-
-#ifndef PRINTF_ATTRIBUTE
-#if (__GNUC__ >= 3) && (__GNUC_MINOR__ >= 1 )
-/** Use gcc attribute to check printf fns. a1 is the 1-based index of
- * the parameter containing the format, and a2 the index of the first
- * argument. Note that some gcc 2.x versions don't handle this
- * properly **/
-#define PRINTF_ATTRIBUTE(a1, a2) __attribute__ ((format (__printf__, a1, a2)))
-#else
-#define PRINTF_ATTRIBUTE(a1, a2)
-#endif
-#endif
-
-#ifndef _DEPRECATED_
-#if (__GNUC__ >= 3) && (__GNUC_MINOR__ >= 1 )
-#define _DEPRECATED_ __attribute__ ((deprecated))
-#else
-#define _DEPRECATED_
-#endif
-#endif
-
-#ifndef HAVE_VASPRINTF
-#define vasprintf rep_vasprintf
-int rep_vasprintf(char **ptr, const char *format, va_list ap) PRINTF_ATTRIBUTE(2,0);
-#endif
-
-#define slprintf snprintf
-
-#ifndef HAVE_VA_COPY
-#undef va_copy
-#ifdef HAVE___VA_COPY
-#define va_copy(dest, src) __va_copy(dest, src)
-#else
-#define va_copy(dest, src) (dest) = (src)
-#endif
-#endif
-
-#ifndef HAVE_VOLATILE
-#define volatile
-#endif
-
-#ifndef HAVE_COMPARISON_FN_T
-typedef int (*comparison_fn_t)(const void *, const void *);
-#endif
-
-#ifdef REPLACE_STRPTIME
-#define strptime rep_strptime
-struct tm;
-char *rep_strptime(const char *buf, const char *format, struct tm *tm);
-#endif
-
-#ifndef HAVE_DUP2
-#define dup2 rep_dup2
-int rep_dup2(int oldfd, int newfd);
-#endif
-
-/* Load header file for dynamic linking stuff */
-#ifdef HAVE_DLFCN_H
-#include <dlfcn.h>
-#endif
-
-#ifndef RTLD_LAZY
-#define RTLD_LAZY 0
-#endif
-#ifndef RTLD_NOW
-#define RTLD_NOW 0
-#endif
-#ifndef RTLD_GLOBAL
-#define RTLD_GLOBAL 0
-#endif
-
-#ifndef HAVE_SECURE_MKSTEMP
-#define mkstemp(path) rep_mkstemp(path)
-int rep_mkstemp(char *temp);
-#endif
-
-#ifndef HAVE_MKDTEMP
-#define mkdtemp rep_mkdtemp
-char *rep_mkdtemp(char *template);
-#endif
-
-#ifndef HAVE_PREAD
-#define pread rep_pread
-ssize_t rep_pread(int __fd, void *__buf, size_t __nbytes, off_t __offset);
-#define LIBREPLACE_PREAD_REPLACED 1
-#else
-#define LIBREPLACE_PREAD_NOT_REPLACED 1
-#endif
-
-#ifndef HAVE_PWRITE
-#define pwrite rep_pwrite
-ssize_t rep_pwrite(int __fd, const void *__buf, size_t __nbytes, off_t __offset);
-#define LIBREPLACE_PWRITE_REPLACED 1
-#else
-#define LIBREPLACE_PWRITE_NOT_REPLACED 1
-#endif
-
-#if !defined(HAVE_INET_NTOA) || defined(REPLACE_INET_NTOA)
-#define inet_ntoa rep_inet_ntoa
-/* prototype is in "system/network.h" */
-#endif
-
-#ifndef HAVE_INET_PTON
-#define inet_pton rep_inet_pton
-/* prototype is in "system/network.h" */
-#endif
-
-#ifndef HAVE_INET_NTOP
-#define inet_ntop rep_inet_ntop
-/* prototype is in "system/network.h" */
-#endif
-
-#ifndef HAVE_INET_ATON
-#define inet_aton rep_inet_aton
-/* prototype is in "system/network.h" */
-#endif
-
-#ifndef HAVE_CONNECT
-#define connect rep_connect
-/* prototype is in "system/network.h" */
-#endif
-
-#ifndef HAVE_GETHOSTBYNAME
-#define gethostbyname rep_gethostbyname
-/* prototype is in "system/network.h" */
-#endif
-
-#ifndef HAVE_GETIFADDRS
-#define getifaddrs rep_getifaddrs
-/* prototype is in "system/network.h" */
-#endif
-
-#ifndef HAVE_FREEIFADDRS
-#define freeifaddrs rep_freeifaddrs
-/* prototype is in "system/network.h" */
-#endif
-
-#ifdef HAVE_LIMITS_H
-#include <limits.h>
-#endif
-
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-
-/* The extra casts work around common compiler bugs. */
-#define _TYPE_SIGNED(t) (! ((t) 0 < (t) -1))
-/* The outer cast is needed to work around a bug in Cray C 5.0.3.0.
- It is necessary at least when t == time_t. */
-#define _TYPE_MINIMUM(t) ((t) (_TYPE_SIGNED (t) \
- ? ~ (t) 0 << (sizeof (t) * CHAR_BIT - 1) : (t) 0))
-#define _TYPE_MAXIMUM(t) ((t) (~ (t) 0 - _TYPE_MINIMUM (t)))
-
-#ifndef UINT16_MAX
-#define UINT16_MAX 65535
-#endif
-
-#ifndef UINT32_MAX
-#define UINT32_MAX (4294967295U)
-#endif
-
-#ifndef UINT64_MAX
-#define UINT64_MAX ((uint64_t)-1)
-#endif
-
-#ifndef CHAR_BIT
-#define CHAR_BIT 8
-#endif
-
-#ifndef INT32_MAX
-#define INT32_MAX _TYPE_MAXIMUM(int32_t)
-#endif
-
-#ifdef HAVE_STDBOOL_H
-#include <stdbool.h>
-#endif
-
-#if !defined(HAVE_BOOL)
-#ifdef HAVE__BOOL
-#define bool _Bool
-#else
-typedef int bool;
-#endif
-#endif
-
-/*
- * to prevent <rpcsvc/yp_prot.h> from doing a redefine of 'bool'
- *
- * IRIX, HPUX, MacOS 10 and Solaris need BOOL_DEFINED
- * Tru64 needs _BOOL_EXISTS
- * AIX needs _BOOL,_TRUE,_FALSE
- */
-#ifndef BOOL_DEFINED
-#define BOOL_DEFINED
-#endif
-#ifndef _BOOL_EXISTS
-#define _BOOL_EXISTS
-#endif
-#ifndef _BOOL
-#define _BOOL
-#endif
-
-#ifndef __bool_true_false_are_defined
-#define __bool_true_false_are_defined
-#endif
-
-#ifndef true
-#define true (1)
-#endif
-#ifndef false
-#define false (0)
-#endif
-
-#ifndef _TRUE
-#define _TRUE true
-#endif
-#ifndef _FALSE
-#define _FALSE false
-#endif
-
-#ifndef HAVE_FUNCTION_MACRO
-#ifdef HAVE_func_MACRO
-#define __FUNCTION__ __func__
-#else
-#define __FUNCTION__ ("")
-#endif
-#endif
-
-
-#ifndef MIN
-#define MIN(a,b) ((a)<(b)?(a):(b))
-#endif
-
-#ifndef MAX
-#define MAX(a,b) ((a)>(b)?(a):(b))
-#endif
-
-#if !defined(HAVE_VOLATILE)
-#define volatile
-#endif
-
-/**
- this is a warning hack. The idea is to use this everywhere that we
- get the "discarding const" warning from gcc. That doesn't actually
- fix the problem of course, but it means that when we do get to
- cleaning them up we can do it by searching the code for
- discard_const.
-
- It also means that other error types aren't as swamped by the noise
- of hundreds of const warnings, so we are more likely to notice when
- we get new errors.
-
- Please only add more uses of this macro when you find it
- _really_ hard to fix const warnings. Our aim is to eventually use
- this function in only a very few places.
-
- Also, please call this via the discard_const_p() macro interface, as that
- makes the return type safe.
-*/
-#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
-
-/** Type-safe version of discard_const */
-#define discard_const_p(type, ptr) ((type *)discard_const(ptr))
-
-#ifndef __STRING
-#define __STRING(x) #x
-#endif
-
-#ifndef __STRINGSTRING
-#define __STRINGSTRING(x) __STRING(x)
-#endif
-
-#ifndef __LINESTR__
-#define __LINESTR__ __STRINGSTRING(__LINE__)
-#endif
-
-#ifndef __location__
-#define __location__ __FILE__ ":" __LINESTR__
-#endif
-
-/**
- * zero a structure
- */
-#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))
-
-/**
- * zero a structure given a pointer to the structure
- */
-#define ZERO_STRUCTP(x) do { if ((x) != NULL) memset((char *)(x), 0, sizeof(*(x))); } while(0)
-
-/**
- * zero a structure given a pointer to the structure - no zero check
- */
-#define ZERO_STRUCTPN(x) memset((char *)(x), 0, sizeof(*(x)))
-
-/* zero an array - note that sizeof(array) must work - ie. it must not be a
- pointer */
-#define ZERO_ARRAY(x) memset((char *)(x), 0, sizeof(x))
-
-/**
- * work out how many elements there are in a static array
- */
-#define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0]))
-
-/**
- * pointer difference macro
- */
-#define PTR_DIFF(p1,p2) ((ptrdiff_t)(((const char *)(p1)) - (const char *)(p2)))
-
-#if MMAP_BLACKLIST
-#undef HAVE_MMAP
-#endif
-
-#ifdef __COMPAR_FN_T
-#define QSORT_CAST (__compar_fn_t)
-#endif
-
-#ifndef QSORT_CAST
-#define QSORT_CAST (int (*)(const void *, const void *))
-#endif
-
-#ifndef PATH_MAX
-#define PATH_MAX 1024
-#endif
-
-#ifndef MAX_DNS_NAME_LENGTH
-#define MAX_DNS_NAME_LENGTH 256 /* Actually 255 but +1 for terminating null. */
-#endif
-
-#ifndef HAVE_CRYPT
-char *ufc_crypt(const char *key, const char *salt);
-#define crypt ufc_crypt
-#else
-#ifdef HAVE_CRYPT_H
-#include <crypt.h>
-#endif
-#endif
-
-/* these macros gain us a few percent of speed on gcc */
-#if (__GNUC__ >= 3)
-/* the strange !! is to ensure that __builtin_expect() takes either 0 or 1
- as its first argument */
-#ifndef likely
-#define likely(x) __builtin_expect(!!(x), 1)
-#endif
-#ifndef unlikely
-#define unlikely(x) __builtin_expect(!!(x), 0)
-#endif
-#else
-#ifndef likely
-#define likely(x) (x)
-#endif
-#ifndef unlikely
-#define unlikely(x) (x)
-#endif
-#endif
-
-#ifndef SAFE_FREE
-#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x=NULL;} } while(0)
-#endif
-
-typedef uint32_t NTSTATUS;
-#define NT_STATUS(x) (x)
-#define NT_STATUS_V(x) (x)
-
-/* These macros unify the keyblock handling of Heimdal and MIT somewhat */
-#ifdef HAVE_KRB5_KEYBLOCK_KEYVALUE /* Heimdal */
-#define KRB5_KEY_TYPE(k) ((k)->keytype)
-#define KRB5_KEY_LENGTH(k) ((k)->keyvalue.length)
-#define KRB5_KEY_DATA(k) ((k)->keyvalue.data)
-#define KRB5_KEY_DATA_CAST void
-#else /* MIT */
-#define KRB5_KEY_TYPE(k) ((k)->enctype)
-#define KRB5_KEY_LENGTH(k) ((k)->length)
-#define KRB5_KEY_DATA(k) ((k)->contents)
-#define KRB5_KEY_DATA_CAST krb5_octet
-#endif
-
-#endif /* _LIBREPLACE_REPLACE_H */
--
2.9.3
^ permalink raw reply related [flat|nested] 13+ messages in thread* [cifs-utils PATCH 5/8] treewide: Eliminate SAFE_FREE
[not found] ` <20170224142750.4151-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
` (3 preceding siblings ...)
2017-02-24 14:27 ` [cifs-utils PATCH 4/8] replace.h: remove it Jeff Layton
@ 2017-02-24 14:27 ` Jeff Layton
2017-02-24 14:27 ` [cifs-utils PATCH 6/8] data_blob: Eliminate _PUBLIC_ Jeff Layton
` (3 subsequent siblings)
8 siblings, 0 replies; 13+ messages in thread
From: Jeff Layton @ 2017-02-24 14:27 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: cwseys-JAjqph6Yjy/rea2nFwT0Kw, ssorce-H+wXaHxf7aLQT0dZR+AlfA,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ
It just frees and then zeroes out the pointer. That's of dubious
value in the places where it's currently being used. Just use
free() instead.
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
cifs.upcall.c | 22 ++++++++++------------
mount.cifs.c | 16 +++++-----------
2 files changed, 15 insertions(+), 23 deletions(-)
diff --git a/cifs.upcall.c b/cifs.upcall.c
index cfc926cd9d09..15e1e0f91c22 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -82,8 +82,6 @@ typedef enum _sectype {
#define KRB5_KEY_DATA_CAST krb5_octet
#endif
-#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x = NULL; } } while (0)
-
#ifdef HAVE_LIBCAP_NG
static int
trim_capabilities(bool need_environ)
@@ -162,7 +160,7 @@ static char *cifs_krb5_principal_get_realm(krb5_principal principal)
#if !defined(HAVE_KRB5_FREE_UNPARSED_NAME)
static void krb5_free_unparsed_name(krb5_context context, char *val)
{
- SAFE_FREE(val);
+ free(val);
}
#endif
@@ -650,7 +648,7 @@ decode_key_description(const char *desc, struct decoded_args *arg)
len = pos - tkn;
len -= 5;
- SAFE_FREE(arg->hostname);
+ free(arg->hostname);
arg->hostname = strndup(tkn + 5, len);
if (arg->hostname == NULL) {
syslog(LOG_ERR, "Unable to allocate memory");
@@ -665,7 +663,7 @@ decode_key_description(const char *desc, struct decoded_args *arg)
len = pos - tkn;
len -= 4;
- SAFE_FREE(arg->ip);
+ free(arg->ip);
arg->ip = strndup(tkn + 4, len);
if (arg->ip == NULL) {
syslog(LOG_ERR, "Unable to allocate memory");
@@ -680,7 +678,7 @@ decode_key_description(const char *desc, struct decoded_args *arg)
len = pos - tkn;
len -= 5;
- SAFE_FREE(arg->username);
+ free(arg->username);
arg->username = strndup(tkn + 5, len);
if (arg->username == NULL) {
syslog(LOG_ERR, "Unable to allocate memory");
@@ -968,7 +966,7 @@ int main(const int argc, char *const argv[])
}
have = decode_key_description(buf, &arg);
- SAFE_FREE(buf);
+ free(buf);
if ((have & DKD_MUSTHAVE_SET) != DKD_MUSTHAVE_SET) {
syslog(LOG_ERR, "unable to get necessary params from key "
"description (0x%x)", have);
@@ -1207,11 +1205,11 @@ out:
krb5_cc_close(context, ccache);
if (context)
krb5_free_context(context);
- SAFE_FREE(arg.hostname);
- SAFE_FREE(arg.ip);
- SAFE_FREE(arg.username);
- SAFE_FREE(keydata);
- SAFE_FREE(env_cachename);
+ free(arg.hostname);
+ free(arg.ip);
+ free(arg.username);
+ free(keydata);
+ free(env_cachename);
syslog(LOG_DEBUG, "Exit status %ld", rc);
return rc;
}
diff --git a/mount.cifs.c b/mount.cifs.c
index b2bcb7f16b9f..13b71ef50303 100644
--- a/mount.cifs.c
+++ b/mount.cifs.c
@@ -61,6 +61,7 @@
#include "mount.h"
#include "util.h"
#include "resolve_host.h"
+#include "data_blob.h"
#ifndef MS_MOVE
#define MS_MOVE 8192
@@ -101,13 +102,6 @@
/* Max password size. */
#define MOUNT_PASSWD_SIZE 512
-
-
-#ifndef SAFE_FREE
-#define SAFE_FREE(x) do { if ((x) != NULL) {free(x); x = NULL; } } while (0)
-#endif
-
-
/*
* mount.cifs has been the subject of many "security" bugs that have arisen
* because of users and distributions installing it as a setuid root program
@@ -621,7 +615,7 @@ return_i:
/* make sure passwords are scrubbed from memory */
if (line_buf != NULL)
memset(line_buf, 0, line_buf_size);
- SAFE_FREE(line_buf);
+ free(line_buf);
return i;
}
@@ -1516,7 +1510,7 @@ add_mtab(char *devname, char *mountpoint, unsigned long flags, const char *fstyp
rc = EX_FILEIO;
}
unlock_mtab();
- SAFE_FREE(mountent.mnt_opts);
+ free(mountent.mnt_opts);
add_mtab_exit:
toggle_dac_capability(1, 0);
sigprocmask(SIG_SETMASK, &oldmask, NULL);
@@ -2152,7 +2146,7 @@ mount_exit:
memset(parsed_info->password, 0, sizeof(parsed_info->password));
munmap(parsed_info, sizeof(*parsed_info));
}
- SAFE_FREE(options);
- SAFE_FREE(orgoptions);
+ free(options);
+ free(orgoptions);
return rc;
}
--
2.9.3
^ permalink raw reply related [flat|nested] 13+ messages in thread* [cifs-utils PATCH 6/8] data_blob: Eliminate _PUBLIC_
[not found] ` <20170224142750.4151-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
` (4 preceding siblings ...)
2017-02-24 14:27 ` [cifs-utils PATCH 5/8] treewide: Eliminate SAFE_FREE Jeff Layton
@ 2017-02-24 14:27 ` Jeff Layton
2017-02-24 14:27 ` [cifs-utils PATCH 7/8] cifs.upcall: unset $KRB5CCNAME when creating new credcache from keytab Jeff Layton
` (2 subsequent siblings)
8 siblings, 0 replies; 13+ messages in thread
From: Jeff Layton @ 2017-02-24 14:27 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: cwseys-JAjqph6Yjy/rea2nFwT0Kw, ssorce-H+wXaHxf7aLQT0dZR+AlfA,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ
It's defined to nothing anyway.
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
data_blob.c | 6 +++---
data_blob.h | 10 +++-------
2 files changed, 6 insertions(+), 10 deletions(-)
diff --git a/data_blob.c b/data_blob.c
index a884f132bcde..07e54e2c2bcd 100644
--- a/data_blob.c
+++ b/data_blob.c
@@ -37,7 +37,7 @@ const DATA_BLOB data_blob_null = { NULL, 0 };
construct a data blob, must be freed with data_blob_free()
you can pass NULL for p and get a blank data blob
**/
-_PUBLIC_ DATA_BLOB data_blob_named(const void *p, size_t length, const char *name)
+DATA_BLOB data_blob_named(const void *p, size_t length, const char *name)
{
DATA_BLOB ret;
@@ -63,7 +63,7 @@ _PUBLIC_ DATA_BLOB data_blob_named(const void *p, size_t length, const char *nam
/**
construct a data blob, using supplied TALLOC_CTX
**/
-_PUBLIC_ DATA_BLOB data_blob_talloc_named(TALLOC_CTX *mem_ctx, const void *p, size_t length, const char *name)
+DATA_BLOB data_blob_talloc_named(TALLOC_CTX *mem_ctx, const void *p, size_t length, const char *name)
{
DATA_BLOB ret = data_blob_named(p, length, name);
@@ -76,7 +76,7 @@ _PUBLIC_ DATA_BLOB data_blob_talloc_named(TALLOC_CTX *mem_ctx, const void *p, si
/**
free a data blob
**/
-_PUBLIC_ void data_blob_free(DATA_BLOB *d)
+void data_blob_free(DATA_BLOB *d)
{
if (d) {
talloc_free(d->data);
diff --git a/data_blob.h b/data_blob.h
index ccdf30d110af..3d961475e9ff 100644
--- a/data_blob.h
+++ b/data_blob.h
@@ -23,10 +23,6 @@
#ifndef _SAMBA_DATABLOB_H_
#define _SAMBA_DATABLOB_H_
-#ifndef _PUBLIC_
-#define _PUBLIC_
-#endif
-
#include <talloc.h>
#include <stdint.h>
@@ -53,17 +49,17 @@ struct data_blob_list_item {
construct a data blob, must be freed with data_blob_free()
you can pass NULL for p and get a blank data blob
**/
-_PUBLIC_ DATA_BLOB data_blob_named(const void *p, size_t length, const char *name);
+DATA_BLOB data_blob_named(const void *p, size_t length, const char *name);
/**
construct a data blob, using supplied TALLOC_CTX
**/
-_PUBLIC_ DATA_BLOB data_blob_talloc_named(TALLOC_CTX *mem_ctx, const void *p, size_t length, const char *name);
+DATA_BLOB data_blob_talloc_named(TALLOC_CTX *mem_ctx, const void *p, size_t length, const char *name);
/**
free a data blob
**/
-_PUBLIC_ void data_blob_free(DATA_BLOB *d);
+void data_blob_free(DATA_BLOB *d);
extern const DATA_BLOB data_blob_null;
--
2.9.3
^ permalink raw reply related [flat|nested] 13+ messages in thread* [cifs-utils PATCH 7/8] cifs.upcall: unset $KRB5CCNAME when creating new credcache from keytab
[not found] ` <20170224142750.4151-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
` (5 preceding siblings ...)
2017-02-24 14:27 ` [cifs-utils PATCH 6/8] data_blob: Eliminate _PUBLIC_ Jeff Layton
@ 2017-02-24 14:27 ` Jeff Layton
[not found] ` <20170224142750.4151-8-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
2017-02-24 14:27 ` [cifs-utils PATCH 8/8] cifs.upcall: don't do env scraping when uid is 0 Jeff Layton
2017-02-24 15:53 ` [cifs-utils PATCH 9/8] cifs.upcall: use a MEMORY: ccache when instantiating from a keytab Jeff Layton
8 siblings, 1 reply; 13+ messages in thread
From: Jeff Layton @ 2017-02-24 14:27 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: cwseys-JAjqph6Yjy/rea2nFwT0Kw, ssorce-H+wXaHxf7aLQT0dZR+AlfA,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ
We don't want to trust $KRB5CCNAME when creating or updating a new
credcache since we could be operating under the wrong credentials.
Always create new credcaches in the default location instead.
Reported-by: Chad William Seys <cwseys-JAjqph6Yjy/rea2nFwT0Kw@public.gmane.org>
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
cifs.upcall.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/cifs.upcall.c b/cifs.upcall.c
index 15e1e0f91c22..0c89d7cf40d7 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -379,6 +379,12 @@ init_cc_from_keytab(const char *keytab_name, const char *user)
memset((char *) &my_creds, 0, sizeof(my_creds));
+ /*
+ * Unset the environment variable, if any. If we're creating our own
+ * credcache here, stick it in the default location.
+ */
+ unsetenv(ENV_NAME);
+
if (keytab_name)
ret = krb5_kt_resolve(context, keytab_name, &keytab);
else
--
2.9.3
^ permalink raw reply related [flat|nested] 13+ messages in thread* [cifs-utils PATCH 8/8] cifs.upcall: don't do env scraping when uid is 0
[not found] ` <20170224142750.4151-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
` (6 preceding siblings ...)
2017-02-24 14:27 ` [cifs-utils PATCH 7/8] cifs.upcall: unset $KRB5CCNAME when creating new credcache from keytab Jeff Layton
@ 2017-02-24 14:27 ` Jeff Layton
2017-02-24 15:53 ` [cifs-utils PATCH 9/8] cifs.upcall: use a MEMORY: ccache when instantiating from a keytab Jeff Layton
8 siblings, 0 replies; 13+ messages in thread
From: Jeff Layton @ 2017-02-24 14:27 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: cwseys-JAjqph6Yjy/rea2nFwT0Kw, ssorce-H+wXaHxf7aLQT0dZR+AlfA,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ
Setuid programs triggering upcalls could trick the program here. Also,
the d_automount method is done with credentials overridden so if you
can end up with mismatched creds and env vars due to that as well.
It's a hack, but the only recourse I can see is to avoid doing this
when the uid is 0. That means we can't rely on finding root credcaches
in alternate locations using $KRB5CCNAME, but I think that's the best
we can do.
Reported-by: Chad William Seys <cwseys-JAjqph6Yjy/rea2nFwT0Kw@public.gmane.org>
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
cifs.upcall.8.in | 5 ++++-
cifs.upcall.c | 10 +++++++++-
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/cifs.upcall.8.in b/cifs.upcall.8.in
index e1f3956e176a..81481a482fb4 100644
--- a/cifs.upcall.8.in
+++ b/cifs.upcall.8.in
@@ -44,7 +44,10 @@ Normally, cifs.upcall will probe the environment variable space of the process
that initiated the upcall in order to fetch the value of $KRB5CCNAME. This can
assist the program with finding credential caches in non-default locations. If
this option is set, then the program won't do this and will rely on finding
-credcaches in the default locations specified in krb5.conf.
+credcaches in the default locations specified in krb5.conf. Note that this is
+never performed when the uid is 0. The default credcache location is always
+used when the uid is 0, regardless of the environment variable setting in the
+process.
.RE
.PP
\--krb5conf=/path/to/krb5.conf|-k /path/to/krb5.conf
diff --git a/cifs.upcall.c b/cifs.upcall.c
index 0c89d7cf40d7..8545e09611ad 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -1038,11 +1038,19 @@ int main(const int argc, char *const argv[])
}
/*
+ * We can't reasonably do this for root. Mounting a DFS share, for
+ * instance we can end up with creds being overridden, but the env
+ * variable left intact.
+ */
+ if (uid == 0)
+ env_probe = false;
+
+ /*
* Must do this before setuid, as we need elevated capabilities to
* look at the environ file.
*/
env_cachename =
- get_cachename_from_process_env(env_probe ? arg.pid : 0);
+ get_cachename_from_process_env(env_probe ? arg.pid : 0);
rc = setuid(uid);
if (rc == -1) {
--
2.9.3
^ permalink raw reply related [flat|nested] 13+ messages in thread* [cifs-utils PATCH 9/8] cifs.upcall: use a MEMORY: ccache when instantiating from a keytab
[not found] ` <20170224142750.4151-1-jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
` (7 preceding siblings ...)
2017-02-24 14:27 ` [cifs-utils PATCH 8/8] cifs.upcall: don't do env scraping when uid is 0 Jeff Layton
@ 2017-02-24 15:53 ` Jeff Layton
8 siblings, 0 replies; 13+ messages in thread
From: Jeff Layton @ 2017-02-24 15:53 UTC (permalink / raw)
To: linux-cifs-u79uwXL29TY76Z2rM5mHXA
Cc: cwseys-JAjqph6Yjy/rea2nFwT0Kw, ssorce-H+wXaHxf7aLQT0dZR+AlfA,
samba-technical-w/Ol4Ecudpl8XjKLYN78aQ
Using a more permanent ccache is potentially problematic when we're
instantiating a new one. We might be operating under different creds
than expected. Just use a MEMORY: ccache since we don't need it to
last longer than the life of the upcall anyway.
Signed-off-by: Jeff Layton <jlayton-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
---
cifs.upcall.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/cifs.upcall.c b/cifs.upcall.c
index e0d372408233..89563fd42adc 100644
--- a/cifs.upcall.c
+++ b/cifs.upcall.c
@@ -410,9 +410,9 @@ init_cc_from_keytab(const char *keytab_name, const char *user)
goto icfk_cleanup;
}
- ret = krb5_cc_default(context, &cc);
+ ret = krb5_cc_resolve(context, "MEMORY:", &cc);
if (ret) {
- syslog(LOG_DEBUG, "krb5_cc_default: %d", (int)ret);
+ syslog(LOG_DEBUG, "krb5_cc_resolve: %d", (int)ret);
goto icfk_cleanup;
}
--
2.9.3
^ permalink raw reply related [flat|nested] 13+ messages in thread