Home
My Posts

Archive
Login
Signup

Recent Posts

Free subdomains

Want your own xyz.kpaste.net sub-domain for your community? Just type the address into your browser address bar (foo.xyz.kpaste.net is also supported).

Suggestions/Bugs?

Email us at . Try to include as much info as possible.

About

Pastebin is a tool for collaborative debugging or editing.

 

msnfs41client: Patch for (group) ACLs, stability hacks+misc, 2024-03-07
Posted by Anonymous on Thu 7th Mar 2024 18:08
raw | new post

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting: None Bash C C++ CSS Diff HTML mIRC Script Perl PHP Python Smarty XML ---------------------------- ABAP Actionscript ADA Apache Log AppleScript APT sources.list ASM ASP AutoIT Bash C C# C++ C++ (with QT) CSS Diff HTML INI (Config Files) Java Javascript Lua Make mIRC Script MySQL NSIS Perl PHP Python Q(uick)BASIC robots Ruby Ruby on Rails SDLBasic Smarty SQL TCL Text VB.NET Visual BASIC Visual Fox Pro Visual Prolog Windows Registry Files XML Xorg.conf

To highlight particular lines, prefix each line with {%HIGHLIGHT}
From dbd35907572628462c4765da59f312a4e38ab6c8 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Thu, 7 Mar 2024 14:55:56 +0100 Subject: [PATCH 1/5] cygwin/Makefile: Man pages be in usr/share/man, not sbin/usr/share/man Man pages be in installed in usr/share/man, not sbin/usr/share/man (basically a typo). Reported-by: Martin Wege <martin.l.wege@gmail.com> Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- cygwin/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cygwin/Makefile b/cygwin/Makefile index 44f3308..2ef2d29 100644 --- a/cygwin/Makefile +++ b/cygwin/Makefile @@ -63,7 +63,7 @@ installdest: $(VS_BUILD_DIR)/nfsd.exe \ mkdir -p $(DESTDIR)/cygdrive/c/cygwin64/lib mkdir -p $(DESTDIR)/cygdrive/c/cygwin64/lib/msnfs41client mkdir -p $(DESTDIR)/cygdrive/c/cygwin64/usr/src/msnfs41client - mkdir -p $(DESTDIR)/cygdrive/c/cygwin64/sbin/usr/share/man/man1 + mkdir -p $(DESTDIR)/cygdrive/c/cygwin64/usr/share/man/man1 cp -r $(VS_BUILD_DIR)/nfsd.exe $(DESTDIR)/cygdrive/c/cygwin64/sbin/nfsd_debug.exe cp -r $(VS_BUILD_DIR)/nfsd.pdb $(DESTDIR)/cygdrive/c/cygwin64/sbin/nfsd_debug.pdb cp -r $(VS_BUILD_DIR)/nfs_mount.* $(DESTDIR)/cygdrive/c/cygwin64/sbin/. @@ -87,12 +87,12 @@ installdest: $(VS_BUILD_DIR)/nfsd.exe \ cp $(CYGWIN_MAKEFILE_DIR)/utils/mount_sshnfs/mount_sshnfs.ksh $(DESTDIR)/cygdrive/c/cygwin64/sbin/mount_sshnfs chmod a+x $(DESTDIR)/cygdrive/c/cygwin64/sbin/mount_sshnfs PATH+=":$(DESTDIR)/cygdrive/c/cygwin64/sbin/" \ - /usr/bin/ksh93 $(CYGWIN_MAKEFILE_DIR)/utils/mount_sshnfs/mount_sshnfs.ksh --nroff 2>"$(DESTDIR)/cygdrive/c/cygwin64/sbin/usr/share/man/man1/mount_sshnfs.1" || true + /usr/bin/ksh93 $(CYGWIN_MAKEFILE_DIR)/utils/mount_sshnfs/mount_sshnfs.ksh --nroff 2>"$(DESTDIR)/cygdrive/c/cygwin64/usr/share/man/man1/mount_sshnfs.1" || true cp $(CYGWIN_MAKEFILE_DIR)/utils/sshnfs/sshnfs.ksh $(DESTDIR)/cygdrive/c/cygwin64/sbin/sshnfs chmod a+x $(DESTDIR)/cygdrive/c/cygwin64/sbin/sshnfs cp $(CYGWIN_MAKEFILE_DIR)/utils/nfsurlconv/nfsurlconv.ksh $(DESTDIR)/cygdrive/c/cygwin64/bin/nfsurlconv chmod a+x $(DESTDIR)/cygdrive/c/cygwin64/bin/nfsurlconv - /usr/bin/ksh93 $(CYGWIN_MAKEFILE_DIR)/utils/nfsurlconv/nfsurlconv.ksh --nroff 2>"$(DESTDIR)/cygdrive/c/cygwin64/sbin/usr/share/man/man1/nfsurlconv.1" || true + /usr/bin/ksh93 $(CYGWIN_MAKEFILE_DIR)/utils/nfsurlconv/nfsurlconv.ksh --nroff 2>"$(DESTDIR)/cygdrive/c/cygwin64/usr/share/man/man1/nfsurlconv.1" || true @ printf "# Package tests\n" cp "$(PROJECT_BASEDIR_DIR)/tests/winfsinfo1/winfsinfo.exe" $(DESTDIR)/cygdrive/c/cygwin64/bin/winfsinfo.exe @ printf "# Package ksh93&co (if available) since Cygwin does not ship with it yet\n" -- 2.43.0 From bbde5d3a4898fa4651e28c30c05f34488f508128 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Thu, 7 Mar 2024 15:00:40 +0100 Subject: [PATCH 2/5] daemon: Improve |create_unknownsid()| performace Improve |create_unknownsid()| performace by just allocating the maximum SID size (|SECURITY_MAX_SID_SIZE|), instead of calling |CreateWellKnownSid()| to get the buffer size, allocate the buffer and then do a second |CreateWellKnownSid()| to fill the buffer. |SECURITY_MAX_SID_SIZE| is currently 68 bytes, typical SID from |CreateWellKnownSid()| needs 22 bytes, but the allocator has >= 128 byte granularity, so there is no difference in real memory usage. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- daemon/sid.c | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/daemon/sid.c b/daemon/sid.c index c12f54f..cbeac13 100644 --- a/daemon/sid.c +++ b/daemon/sid.c @@ -43,35 +43,35 @@ int create_unknownsid(WELL_KNOWN_SID_TYPE type, PSID *sid, DWORD *sid_len) { int status; - *sid_len = 0; - *sid = NULL; - - status = CreateWellKnownSid(type, NULL, *sid, sid_len); - DPRINTF(ACLLVL, - ("create_unknownsid: CreateWellKnownSid(type=%d) returned %d " - "GetLastError %d sid len %d needed\n", (int)type, status, - GetLastError(), *sid_len)); - if (status) { - status = ERROR_INTERNAL_ERROR; - goto err; - } - status = GetLastError(); - if (status != ERROR_INSUFFICIENT_BUFFER) - goto err; + int lasterr; + *sid_len = SECURITY_MAX_SID_SIZE+1; *sid = malloc(*sid_len); if (*sid == NULL) { status = ERROR_INSUFFICIENT_BUFFER; goto err; } + status = CreateWellKnownSid(type, NULL, *sid, sid_len); - if (status) + lasterr = GetLastError(); + if (status) { + *sid_len = GetLengthSid(*sid); + + DPRINTF(ACLLVL, + ("create_unknownsid(type=%d): CreateWellKnownSid() " + "returned %d GetLastError=%d *sid_len=%d\n", + (int)type, status, lasterr, (int)*sid_len)); + return ERROR_SUCCESS; + } + + status = lasterr; free(*sid); - *sid = NULL; - status = GetLastError(); err: - eprintf("create_unknownsid: CreateWellKnownSid(type=%d) failed with %d\n", + *sid = NULL; + *sid_len = 0; + eprintf("create_unknownsid(type=%d): " + "CreateWellKnownSid failed with %d\n", (int)type, status); return status; } -- 2.43.0 From 909b1e40000735ac02d25d1372907b8ffd4c622f Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Thu, 7 Mar 2024 15:28:08 +0100 Subject: [PATCH 3/5] daemon: |handle_getacl()| should use name cache |handle_getacl()| should use name cache |nfs41_cached_getattr()| API, and only fall-back to do a server roundtrip if ACL/owner/owner_group data are not available from the cache. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- daemon/acl.c | 57 +++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 45 insertions(+), 12 deletions(-) diff --git a/daemon/acl.c b/daemon/acl.c index a8e20f5..159c71c 100644 --- a/daemon/acl.c +++ b/daemon/acl.c @@ -193,8 +193,7 @@ static int handle_getacl(void *daemon_context, nfs41_upcall *upcall) nfs41_daemon_globals *nfs41dg = daemon_context; getacl_upcall_args *args = &upcall->args.getacl; nfs41_open_state *state = upcall->state_ref; - nfs41_file_info info = { 0 }; - bitmap4 attr_request = { 0 }; + nfs41_file_info info; LPSTR domain = NULL; SECURITY_DESCRIPTOR sec_desc; PACL dacl = NULL; @@ -204,20 +203,54 @@ static int handle_getacl(void *daemon_context, nfs41_upcall *upcall) char owner[NFS4_OPAQUE_LIMIT], group[NFS4_OPAQUE_LIMIT]; nfsacl41 acl = { 0 }; - // need to cache owner/group information XX - attr_request.count = 2; - attr_request.arr[1] = FATTR4_WORD1_OWNER | FATTR4_WORD1_OWNER_GROUP; if (args->query & DACL_SECURITY_INFORMATION) { +use_nfs41_getattr: + bitmap4 attr_request = { 0 }; + (void)memset(&info, 0, sizeof(nfs41_file_info)); + info.owner = owner; + info.owner_group = group; + + attr_request.count = 2; + attr_request.arr[0] = FATTR4_WORD0_ACL; + attr_request.arr[1] = FATTR4_WORD1_OWNER | FATTR4_WORD1_OWNER_GROUP; info.acl = &acl; - attr_request.arr[0] |= FATTR4_WORD0_ACL; + status = nfs41_getattr(state->session, &state->file, &attr_request, &info); + if (status) { + eprintf("handle_getacl: nfs41_getattr() failed with %d\n", + status); + goto out; + } } - info.owner = owner; - info.owner_group = group; - status = nfs41_getattr(state->session, &state->file, &attr_request, &info); - if (status) { - eprintf("handle_getacl: nfs41_cached_getattr() failed with %d\n", + else { + (void)memset(&info, 0, sizeof(nfs41_file_info)); + info.owner = owner; + info.owner_group = group; + + status = nfs41_cached_getattr(state->session, &state->file, &info); + if (status) { + eprintf("handle_getacl: nfs41_cached_getattr() failed with %d\n", status); - goto out; + goto out; + } + + EASSERT(info.attrmask.count >= 2); + + /* + * In rare cases owner/owner_group are not in the cache + * (usually for new files). In this case do a full + * roundtrip to the NFS server to get the data... + */ + if ((info.attrmask.arr[1] & + (FATTR4_WORD1_OWNER|FATTR4_WORD1_OWNER_GROUP)) != (FATTR4_WORD1_OWNER|FATTR4_WORD1_OWNER_GROUP)) { + DPRINTF(0, ("handle_getattr: owner/owner_group not in cache, doing full lookup...\n")); + goto use_nfs41_getattr; + } + } + + EASSERT(info.attrmask.count >= 2); + EASSERT((info.attrmask.arr[1] & (FATTR4_WORD1_OWNER|FATTR4_WORD1_OWNER_GROUP)) == (FATTR4_WORD1_OWNER|FATTR4_WORD1_OWNER_GROUP)); + if (args->query & DACL_SECURITY_INFORMATION) { + EASSERT((info.attrmask.arr[0] & (FATTR4_WORD0_ACL)) == (FATTR4_WORD0_ACL)); } status = InitializeSecurityDescriptor(&sec_desc, -- 2.43.0 From e62ab413fca9589553662783b4bc877fccde9f05 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Thu, 7 Mar 2024 15:30:32 +0100 Subject: [PATCH 4/5] daemon: Add stabilty hacks to daemon/nfs41_ops.c Add stability hacks to daemon/nfs41_ops.c to wallpaper over DrMemory "uninitialized read" issues until we have suitable resources (i.e. much faster machine) to properly hunt such issues down. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- daemon/nfs41_ops.c | 36 +++++++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/daemon/nfs41_ops.c b/daemon/nfs41_ops.c index f54b72c..772a29d 100644 --- a/daemon/nfs41_ops.c +++ b/daemon/nfs41_ops.c @@ -35,6 +35,20 @@ #include "daemon_debug.h" #include "util.h" +#ifdef NFS41_DRIVER_STABILITY_HACKS +/* + * gisburn: Fixme: Execute extra code for stability. + * We mainly use this to init structs with zeros here, until we have + * resources (time, much faster machine) to properly hunt down all + * uninitalised memory issues with DrMemory + */ +#define NDSH(x) x +#define NDSH2(x,y) x,y +#else +#define NDSH(x) +#define NDSH2(x,y) +#endif /* NFS41_DRIVER_STABILITY_HACKS */ + int nfs41_exchange_id( IN nfs41_rpc_clnt *rpc, IN client_owner4 *owner, @@ -395,7 +409,7 @@ int nfs41_open( nfs41_getfh_res getfh_res; bitmap4 attr_request; nfs41_getattr_args getattr_args; - nfs41_getattr_res getattr_res, pgetattr_res; + nfs41_getattr_res getattr_res NDSH(= { 0 }), pgetattr_res NDSH(= { 0 }); nfs41_savefh_res savefh_res; nfs41_restorefh_res restorefh_res; nfs41_file_info tmp_info, dir_info; @@ -554,7 +568,7 @@ int nfs41_create( nfs41_create_res create_res; nfs41_getfh_res getfh_res; nfs41_getattr_args getattr_args; - nfs41_getattr_res getattr_res, pgetattr_res; + nfs41_getattr_res getattr_res NDSH(= { 0 }), pgetattr_res NDSH(= { 0 }); bitmap4 attr_request; nfs41_file_info dir_info; nfs41_savefh_res savefh_res; @@ -646,7 +660,7 @@ int nfs41_close( nfs41_op_close_args close_args; nfs41_op_close_res close_res; nfs41_getattr_args getattr_args; - nfs41_getattr_res getattr_res; + nfs41_getattr_res getattr_res NDSH(= { 0 }); bitmap4 attr_request; nfs41_file_info info; @@ -1081,7 +1095,7 @@ int nfs41_getattr( nfs41_putfh_args putfh_args; nfs41_putfh_res putfh_res; nfs41_getattr_args getattr_args; - nfs41_getattr_res getattr_res; + nfs41_getattr_res getattr_res NDSH(= { 0 }); compound_init(&compound, argops, resops, "getattr"); @@ -1135,7 +1149,7 @@ int nfs41_superblock_getattr( nfs41_putfh_args putfh_args; nfs41_putfh_res putfh_res; nfs41_getattr_args getattr_args; - nfs41_getattr_res getattr_res; + nfs41_getattr_res getattr_res NDSH(= { 0 }); nfs41_openattr_args openattr_args; nfs41_openattr_res openattr_res; @@ -1200,7 +1214,7 @@ int nfs41_remove( nfs41_remove_args remove_args; nfs41_remove_res remove_res; nfs41_getattr_args getattr_args; - nfs41_getattr_res getattr_res; + nfs41_getattr_res getattr_res NDSH(= { 0 }); bitmap4 attr_request; nfs41_file_info info; @@ -1271,7 +1285,7 @@ int nfs41_rename( nfs41_rename_args rename_args; nfs41_rename_res rename_res; nfs41_getattr_args getattr_args; - nfs41_getattr_res src_getattr_res, dst_getattr_res; + nfs41_getattr_res src_getattr_res NDSH(= { 0 }), dst_getattr_res NDSH(= { 0 }); nfs41_file_info src_info, dst_info; bitmap4 attr_request; nfs41_restorefh_res restorefh_res; @@ -1371,7 +1385,7 @@ int nfs41_setattr( nfs41_setattr_args setattr_args; nfs41_setattr_res setattr_res; nfs41_getattr_args getattr_args; - nfs41_getattr_res getattr_res; + nfs41_getattr_res getattr_res NDSH(= { 0 }); bitmap4 attr_request; compound_init(&compound, argops, resops, "setattr"); @@ -1457,7 +1471,7 @@ int nfs41_link( nfs41_lookup_res lookup_res; nfs41_getfh_res getfh_res; nfs41_getattr_args getattr_args[2]; - nfs41_getattr_res getattr_res[2]; + nfs41_getattr_res getattr_res[2] NDSH2(= { 0, 0 }); nfs41_file_info info = { 0 }; nfs41_path_fh file; @@ -1782,7 +1796,7 @@ enum nfsstat4 nfs41_fs_locations( nfs41_lookup_args lookup_args; nfs41_lookup_res lookup_res; nfs41_getattr_args getattr_args; - nfs41_getattr_res getattr_res; + nfs41_getattr_res getattr_res NDSH(= { 0 }); bitmap4 attr_request = { 1, { FATTR4_WORD0_FS_LOCATIONS } }; nfs41_file_info info; @@ -2048,7 +2062,7 @@ enum nfsstat4 pnfs_rpc_layoutcommit( pnfs_layoutcommit_args lc_args; pnfs_layoutcommit_res lc_res; nfs41_getattr_args getattr_args; - nfs41_getattr_res getattr_res; + nfs41_getattr_res getattr_res NDSH(= { 0 }); bitmap4 attr_request; nfs41_superblock_getattr_mask(file->fh.superblock, &attr_request); -- 2.43.0 From 68cdb89bfa7aad4841d76e7275adfbf0105a7013 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Thu, 7 Mar 2024 18:41:22 +0100 Subject: [PATCH 5/5] daemon: Fix setting group ACLs via "icacls"&co. Fix setting group ACLs (e.g. via "icacls"), as they are treated as user principals and not group principals. The NFSv4 server was logging this warning: "nss_getpwnam: name 'mygrp' not found in domain 'mydomain'", to indicate it could not find the *USER* account "mygrp" (which only exists as GROUP account). The fix is to set the |ACE4_IDENTIFIER_GROUP| flag in the NFSv4 ACLs so that the NFSv4 server does a group name lookup. Testcase: -------- snip -------- $ rm -f test1.txt $ touch test1.txt $ icacls test1.txt /grant:r 'cygwingrp1:(WDAC)' /t /c Bearbeitete Datei: test1.txt 1 Dateien erfolgreich verarbeitet, bei 0 Dateien ist ein Verarbeitungsfehler aufgetreten. $ icacls test1.txt /grant:r 'cygwingrp2:(WDAC)' /t /c Bearbeitete Datei: test1.txt 1 Dateien erfolgreich verarbeitet, bei 0 Dateien ist ein Verarbeitungsfehler aufgetreten. $ getfacl test1.txt user::r-- group::r-- group:cygwingrp1:r-- group:cygwingrp2:r-- mask::r-- other::r-- -------- snip -------- Reported-by: Josh Hurst <joshhurst@gmail.com> Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- daemon/acl.c | 41 +++++++++++++++++++++++++++++++++++------ daemon/idmap_cygwin.c | 6 ++++++ 2 files changed, 41 insertions(+), 6 deletions(-) diff --git a/daemon/acl.c b/daemon/acl.c index 159c71c..0a67b80 100644 --- a/daemon/acl.c +++ b/daemon/acl.c @@ -490,11 +490,11 @@ static void map_acemask(ACCESS_MASK mask, int file_type, uint32_t *nfs4_mask) print_nfs_access_mask(ACLLVL, *nfs4_mask); } -static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_out, char *domain) +static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_out, char *domain, SID_NAME_USE *sid_type_out) { int status; DWORD size = 0, tmp_size = 0; - SID_NAME_USE sid_type; + SID_NAME_USE sid_type = 0; LPSTR tmp_buf = NULL, who = NULL; LPSTR sidstr = NULL; @@ -513,6 +513,7 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o if (EqualSid(sid, owner_sid)) { DPRINTF(ACLLVL, ("map_nfs4ace_who: this is owner's sid\n")); memcpy(who_out, ACE4_OWNER, strlen(ACE4_OWNER)+1); + sid_type = SidTypeUser; status = ERROR_SUCCESS; goto out; } @@ -525,6 +526,7 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o if (EqualSid(sid, group_sid)) { DPRINTF(ACLLVL, ("map_nfs4ace_who: this is group's sid\n")); memcpy(who_out, ACE4_GROUP, strlen(ACE4_GROUP)+1); + sid_type = SidTypeGroup; status = ERROR_SUCCESS; goto out; } @@ -533,9 +535,11 @@ static int map_nfs4ace_who(PSID sid, PSID owner_sid, PSID group_sid, char *who_o if (status) { if (!strncmp(who_out, ACE4_NOBODY, strlen(ACE4_NOBODY))) { size = (DWORD)strlen(ACE4_NOBODY); + sid_type = SidTypeUser; goto add_domain; } + /* fixme: What about |sid_type| */ status = ERROR_SUCCESS; goto out; } @@ -618,7 +622,10 @@ out: DPRINTF(ACLLVL, ("<-- map_nfs4ace_who() returns %d\n", status)); } else { - DPRINTF(ACLLVL, ("<-- map_nfs4ace_who(who_out='%s') returns %d\n", who_out, status)); + DPRINTF(ACLLVL, ("<-- map_nfs4ace_who(who_out='%s', sid_type=%d) returns %d\n", who_out, status, sid_type)); + if (sid_type_out) { + *sid_type_out = sid_type; + } } if (sidstr) LocalFree(sidstr); @@ -652,6 +659,7 @@ static int map_dacl_2_nfs4acl(PACL acl, PSID sid, PSID gsid, nfsacl41 *nfs4_acl, int i; PACE_HEADER ace; PBYTE tmp_pointer; + SID_NAME_USE who_sid_type = 0; DPRINTF(ACLLVL, ("NON-NULL dacl with %d ACEs\n", acl->AceCount)); print_hexbuf_no_asci(ACLLVL, (unsigned char *)"ACL\n", @@ -690,10 +698,31 @@ static int map_dacl_2_nfs4acl(PACL acl, PSID sid, PSID gsid, nfsacl41 *nfs4_acl, &nfs4_acl->aces[i].acemask); tmp_pointer += sizeof(ACCESS_MASK) + sizeof(ACE_HEADER); + status = map_nfs4ace_who(tmp_pointer, sid, gsid, nfs4_acl->aces[i].who, - domain); + domain, &who_sid_type); if (status) goto out_free; + + /* + * Treat |SidTypeAlias| as (local) group + * + * It seems that |LookupAccount*A()| will always return + * |SidTypeAlias| for local groups created with + * $ net localgroup cygwingrp1 /add # + * + * References: + * - https://stackoverflow.com/questions/39373188/lookupaccountnamew-returns-sidtypealias-but-expected-sidtypegroup + */ + if ((who_sid_type == SidTypeGroup) || + (who_sid_type == SidTypeAlias)) { + DPRINTF(ACLLVL, ("map_dacl_2_nfs4acl: " + "who_sid_type=%d, setting group flag for '%s'\n", + (int)who_sid_type, + nfs4_acl->aces[i].who)); + nfs4_acl->aces[i].aceflag |= ACE4_IDENTIFIER_GROUP; + } + } } status = ERROR_SUCCESS; @@ -730,7 +759,7 @@ static int handle_setacl(void *daemon_context, nfs41_upcall *upcall) } status = map_nfs4ace_who(sid, NULL, NULL, ownerbuf, - nfs41dg->localdomain_name); + nfs41dg->localdomain_name, NULL); if (status) goto out; @@ -749,7 +778,7 @@ static int handle_setacl(void *daemon_context, nfs41_upcall *upcall) } status = map_nfs4ace_who(sid, NULL, NULL, groupbuf, - nfs41dg->localdomain_name); + nfs41dg->localdomain_name, NULL); if (status) goto out; diff --git a/daemon/idmap_cygwin.c b/daemon/idmap_cygwin.c index 766e784..f86d038 100644 --- a/daemon/idmap_cygwin.c +++ b/daemon/idmap_cygwin.c @@ -124,6 +124,9 @@ int cygwin_getent_passwd(const char *name, char *res_loginname, uid_t *res_uid, } } + if (!localaccoutname) + goto fail; + if (res_loginname) (void)strcpy_s(res_loginname, VAL_LEN, localaccoutname); *res_uid = uid; @@ -230,6 +233,9 @@ int cygwin_getent_group(const char* name, char* res_group_name, gid_t* res_gid) } } + if (!localgroupname) + goto fail; + if (res_group_name) (void)strcpy_s(res_group_name, VAL_LEN, localgroupname); *res_gid = gid; -- 2.43.0

Title:

Privacy: Public Private

How long should your post be retained?

15 mins an hour a day a week a month forever

All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at