The branch, master has been updated
via a95970d Fix memleak I accidently introduced when reading from tdb.
via f0dcc90 Fix bug 7781 - Samba transforms ShareName to lowercase
(sharename) when adding new share via MMC
via 3878fa4 Ensure we check the return from make_user_info before
dereferencing the value returned by it.
via 9997ee8 Remove fstring from map_username. Create a more sane
interface than the called-parameter-is-modified.
from 692a747 s3/vfs_time_audit: use monotonic clock for time deltas
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a95970d3b7eb8913f026395084c909548c5f7b6b
Author: Jeremy Allison <j...@samba.org>
Date: Tue Nov 9 16:55:43 2010 -0800
Fix memleak I accidently introduced when reading from tdb.
Autobuild-User: Jeremy Allison <j...@samba.org>
Autobuild-Date: Wed Nov 10 01:56:21 UTC 2010 on sn-devel-104
commit f0dcc90f726e1232a4e0b74a03784281ea9a7cdc
Author: Jeremy Allison <j...@samba.org>
Date: Tue Nov 9 15:07:49 2010 -0800
Fix bug 7781 - Samba transforms ShareName to lowercase (sharename) when
adding new share via MMC
Change the find_service() interface to not depend on fstring, and
create a useable talloc-based interface.
Jeremy.
commit 3878fa4c435140bd2e3c59f8bdb932fe19e4c13a
Author: Jeremy Allison <j...@samba.org>
Date: Tue Nov 9 13:24:03 2010 -0800
Ensure we check the return from make_user_info before dereferencing the
value returned by it.
Jeremy.
commit 9997ee813b8ceeb7016355bbc07651db7f6b2d5a
Author: Jeremy Allison <j...@samba.org>
Date: Tue Nov 9 12:07:25 2010 -0800
Remove fstring from map_username. Create a more sane interface than the
called-parameter-is-modified.
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
source3/auth/auth_ntlmssp.c | 4 +-
source3/auth/auth_server.c | 9 ++-
source3/auth/auth_util.c | 87 +++++++++++++++++--------
source3/auth/user_krb5.c | 35 ++++++++--
source3/auth/user_util.c | 100 ++++++++++++++++++----------
source3/include/proto.h | 10 ++--
source3/lib/dummysmbd.c | 2 +-
source3/lib/util_str.c | 4 +
source3/modules/vfs_xattr_tdb.c | 7 +-
source3/param/loadparm.c | 12 +---
source3/printing/nt_printing.c | 29 +++++----
source3/rpc_server/srv_samr_nt.c | 33 +++++++---
source3/rpc_server/srv_spoolss_nt.c | 9 ++-
source3/rpc_server/srv_srvsvc_nt.c | 103 ++++++++++++++++++++----------
source3/smbd/lanman.c | 7 +-
source3/smbd/msdfs.c | 8 ++-
source3/smbd/password.c | 6 +-
source3/smbd/service.c | 121 ++++++++++++++++++++++++-----------
source3/smbd/sesssetup.c | 9 ++-
source3/smbd/share_access.c | 2 +-
source3/smbd/smb2_tcon.c | 12 +++-
21 files changed, 401 insertions(+), 208 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 3905914..4262d15 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -135,12 +135,12 @@ static NTSTATUS auth_ntlmssp_check_password(struct
ntlmssp_state *ntlmssp_state,
NULL, NULL, NULL,
AUTH_PASSWORD_RESPONSE);
- user_info->logon_parameters = MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT |
MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT;
-
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
+ user_info->logon_parameters = MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT |
MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT;
+
nt_status =
auth_ntlmssp_state->auth_context->check_ntlm_password(auth_ntlmssp_state->auth_context,
user_info, &auth_ntlmssp_state->server_info);
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
index 4ce0336..ac757d5 100644
--- a/source3/auth/auth_server.c
+++ b/source3/auth/auth_server.c
@@ -429,14 +429,15 @@ use this machine as the password server.\n"));
cli_ulogoff(cli);
if (NT_STATUS_IS_OK(nt_status)) {
- fstring real_username;
- struct passwd *pass;
+ char *real_username = NULL;
+ struct passwd *pass = NULL;
- if ( (pass = smb_getpwnam( NULL, user_info->mapped.account_name,
- real_username, True )) != NULL )
+ if ( (pass = smb_getpwnam(talloc_tos(),
user_info->mapped.account_name,
+ &real_username, True )) != NULL )
{
nt_status = make_server_info_pw(server_info,
pass->pw_name, pass);
TALLOC_FREE(pass);
+ TALLOC_FREE(real_username);
}
else
{
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 2fcee89..c319edf 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -96,9 +96,12 @@ NTSTATUS make_user_info_map(struct auth_usersupplied_info
**user_info,
const char *domain;
NTSTATUS result;
bool was_mapped;
- fstring internal_username;
- fstrcpy(internal_username, smb_name);
- was_mapped = map_username(internal_username);
+ char *internal_username = NULL;
+
+ was_mapped = map_username(talloc_tos(), smb_name, &internal_username);
+ if (!internal_username) {
+ return NT_STATUS_NO_MEMORY;
+ }
DEBUG(5, ("Mapping user [%s]\\[%s] from workstation [%s]\n",
client_domain, smb_name, workstation_name));
@@ -974,27 +977,45 @@ static NTSTATUS check_account(TALLOC_CTX *mem_ctx, const
char *domain,
struct passwd **pwd,
bool *username_was_mapped)
{
- fstring dom_user, lower_username;
- fstring real_username;
+ char *orig_dom_user = NULL;
+ char *dom_user = NULL;
+ char *lower_username = NULL;
+ char *real_username = NULL;
struct passwd *passwd;
- fstrcpy( lower_username, username );
+ lower_username = talloc_strdup(mem_ctx, username);
+ if (!lower_username) {
+ return NT_STATUS_NO_MEMORY;
+ }
strlower_m( lower_username );
- fstr_sprintf(dom_user, "%s%c%s", domain, *lp_winbind_separator(),
- lower_username);
+ orig_dom_user = talloc_asprintf(mem_ctx,
+ "%s%c%s",
+ domain,
+ *lp_winbind_separator(),
+ lower_username);
+ if (!orig_dom_user) {
+ return NT_STATUS_NO_MEMORY;
+ }
/* Get the passwd struct. Try to create the account if necessary. */
- *username_was_mapped = map_username(dom_user);
+ *username_was_mapped = map_username(mem_ctx, orig_dom_user, &dom_user);
+ if (!dom_user) {
+ return NT_STATUS_NO_MEMORY;
+ }
- passwd = smb_getpwnam( NULL, dom_user, real_username, True );
+ passwd = smb_getpwnam(mem_ctx, dom_user, &real_username, True );
if (!passwd) {
DEBUG(3, ("Failed to find authenticated user %s via "
"getpwnam(), denying access.\n", dom_user));
return NT_STATUS_NO_SUCH_USER;
}
+ if (!real_username) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
*pwd = passwd;
/* This is pointless -- there is no suport for differing
@@ -1015,31 +1036,31 @@ static NTSTATUS check_account(TALLOC_CTX *mem_ctx,
const char *domain,
****************************************************************************/
struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const char *domuser,
- fstring save_username, bool create )
+ char **p_save_username, bool create )
{
struct passwd *pw = NULL;
- char *p;
- fstring username;
+ char *p = NULL;
+ char *username = NULL;
/* we only save a copy of the username it has been mangled
by winbindd use default domain */
-
- save_username[0] = '\0';
+ *p_save_username = NULL;
/* don't call map_username() here since it has to be done higher
up the stack so we don't call it multiple times */
- fstrcpy( username, domuser );
+ username = talloc_strdup(mem_ctx, domuser);
+ if (!username) {
+ return NULL;
+ }
p = strchr_m( username, *lp_winbind_separator() );
/* code for a DOMAIN\user string */
if ( p ) {
- fstring strip_username;
-
pw = Get_Pwnam_alloc( mem_ctx, domuser );
- if ( pw ) {
+ if ( pw ) {
/* make sure we get the case of the username correct */
/* work around 'winbind use default domain = yes' */
@@ -1050,12 +1071,20 @@ struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const
char *domuser,
*p = '\0';
domain = username;
- fstr_sprintf(save_username, "%s%c%s", domain,
*lp_winbind_separator(), pw->pw_name);
+ *p_save_username = talloc_asprintf(mem_ctx,
+ "%s%c%s",
+ domain,
+
*lp_winbind_separator(),
+ pw->pw_name);
+ if (!*p_save_username) {
+ TALLOC_FREE(pw);
+ return NULL;
+ }
+ } else {
+ *p_save_username = talloc_strdup(mem_ctx,
pw->pw_name);
}
- else
- fstrcpy( save_username, pw->pw_name );
- /* whew -- done! */
+ /* whew -- done! */
return pw;
}
@@ -1063,8 +1092,10 @@ struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const
char *domuser,
/* remember that p and username are overlapping memory */
p++;
- fstrcpy( strip_username, p );
- fstrcpy( username, strip_username );
+ username = talloc_strdup(mem_ctx, p);
+ if (!username) {
+ return NULL;
+ }
}
/* just lookup a plain username */
@@ -1087,9 +1118,9 @@ struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const
char *domuser,
/* one last check for a valid passwd struct */
- if ( pw )
- fstrcpy( save_username, pw->pw_name );
-
+ if (pw) {
+ *p_save_username = talloc_strdup(mem_ctx, pw->pw_name);
+ }
return pw;
}
diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c
index 9d6b6a4..50716fd 100644
--- a/source3/auth/user_krb5.c
+++ b/source3/auth/user_krb5.c
@@ -40,8 +40,8 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx,
char *realm = NULL;
char *user = NULL;
char *p;
- fstring fuser;
- fstring unixuser;
+ char *fuser = NULL;
+ char *unixuser = NULL;
struct passwd *pw = NULL;
DEBUG(3, ("Kerberos ticket principal name is [%s]\n", princ_name));
@@ -109,13 +109,25 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx,
DEBUG(10, ("Domain is [%s] (using Winbind)\n", domain));
}
- /* We have to use fstring for this - map_username requires it. */
- fstr_sprintf(fuser, "%s%c%s", domain, *lp_winbind_separator(), user);
+ fuser = talloc_asprintf(mem_ctx,
+ "%s%c%s",
+ domain,
+ *lp_winbind_separator(),
+ user);
+ if (!fuser) {
+ return NT_STATUS_NO_MEMORY;
+ }
- *is_mapped = map_username(fuser);
+ *is_mapped = map_username(mem_ctx, fuser, &fuser);
+ if (!fuser) {
+ return NT_STATUS_NO_MEMORY;
+ }
- pw = smb_getpwnam(mem_ctx, fuser, unixuser, true);
+ pw = smb_getpwnam(mem_ctx, fuser, &unixuser, true);
if (pw) {
+ if (!unixuser) {
+ return NT_STATUS_NO_MEMORY;
+ }
/* if a real user check pam account restrictions */
/* only really perfomed if "obey pam restriction" is true */
/* do this before an eventual mapping to guest occurs */
@@ -134,8 +146,11 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx,
if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_UID) {
*mapped_to_guest = true;
- fstrcpy(fuser, lp_guestaccount());
- pw = smb_getpwnam(mem_ctx, fuser, unixuser, true);
+ fuser = talloc_strdup(mem_ctx, lp_guestaccount());
+ if (!fuser) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ pw = smb_getpwnam(mem_ctx, fuser, &unixuser, true);
}
/* extra sanity check that the guest account is valid */
@@ -146,6 +161,10 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx,
}
}
+ if (!unixuser) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
*username = talloc_strdup(mem_ctx, unixuser);
if (!*username) {
return NT_STATUS_NO_MEMORY;
diff --git a/source3/auth/user_util.c b/source3/auth/user_util.c
index 3d7123c..d6c47a8 100644
--- a/source3/auth/user_util.c
+++ b/source3/auth/user_util.c
@@ -78,7 +78,9 @@ static char *skip_space(char *s)
return s;
}
-static bool fetch_map_from_gencache(fstring user)
+static bool fetch_map_from_gencache(TALLOC_CTX *ctx,
+ const char *user_in,
+ char **p_user_out)
{
char *key, *value;
bool found;
@@ -87,8 +89,8 @@ static bool fetch_map_from_gencache(fstring user)
return false;
}
- key = talloc_asprintf_strupper_m(talloc_tos(), "USERNAME_MAP/%s",
- user);
+ key = talloc_asprintf_strupper_m(ctx, "USERNAME_MAP/%s",
+ user_in);
if (key == NULL) {
return false;
}
@@ -97,12 +99,16 @@ static bool fetch_map_from_gencache(fstring user)
if (!found) {
return false;
}
- fstrcpy(user, value);
+ TALLOC_FREE(*p_user_out);
+ *p_user_out = talloc_strdup(ctx, value);
SAFE_FREE(value);
+ if (!*p_user_out) {
+ return false;
+ }
return true;
}
-static void store_map_in_gencache(const char *from, const char *to)
+static void store_map_in_gencache(TALLOC_CTX *ctx, const char *from, const
char *to)
{
char *key;
int cache_time = lp_username_map_cache_time();
@@ -111,7 +117,7 @@ static void store_map_in_gencache(const char *from, const
char *to)
return;
}
- key = talloc_asprintf_strupper_m(talloc_tos(), "USERNAME_MAP/%s",
+ key = talloc_asprintf_strupper_m(ctx, "USERNAME_MAP/%s",
from);
if (key == NULL) {
return;
@@ -125,11 +131,11 @@ static void store_map_in_gencache(const char *from, const
char *to)
try lower case.
****************************************************************************/
-bool user_in_netgroup(const char *user, const char *ngname)
+bool user_in_netgroup(TALLOC_CTX *ctx, const char *user, const char *ngname)
{
#ifdef HAVE_NETGROUP
static char *my_yp_domain = NULL;
- fstring lowercase_user;
+ char *lowercase_user = NULL;
if (my_yp_domain == NULL) {
yp_get_default_domain(&my_yp_domain);
@@ -152,7 +158,10 @@ bool user_in_netgroup(const char *user, const char *ngname)
* Ok, innetgr is case sensitive. Try once more with lowercase
* just in case. Attempt to fix #703. JRA.
*/
- fstrcpy(lowercase_user, user);
+ lowercase_user = talloc_strdup(ctx, user);
+ if (!lowercase_user) {
+ return false;
+ }
strlower_m(lowercase_user);
if (strcmp(user,lowercase_user) == 0) {
@@ -176,7 +185,7 @@ bool user_in_netgroup(const char *user, const char *ngname)
and netgroup lists.
****************************************************************************/
-bool user_in_list(const char *user,const char **list)
+bool user_in_list(TALLOC_CTX *ctx, const char *user,const char **list)
{
if (!list || !*list)
return False;
@@ -204,7 +213,7 @@ bool user_in_list(const char *user,const char **list)
* Old behaviour. Check netgroup list
* followed by UNIX list.
*/
- if(user_in_netgroup(user, *list +1))
+ if(user_in_netgroup(ctx, user, *list +1))
return True;
if(user_in_group(user, *list +1))
return True;
@@ -216,7 +225,7 @@ bool user_in_list(const char *user,const char **list)
*/
if(user_in_group(user, *list +2))
return True;
- if(user_in_netgroup(user, *list +2))
+ if(user_in_netgroup(ctx, user, *list +2))
return True;
} else {
@@ -235,7 +244,7 @@ bool user_in_list(const char *user,const char **list)
/*
* Search netgroup list followed by UNIX list.
*/
- if(user_in_netgroup(user, *list +2))
+ if(user_in_netgroup(ctx, user, *list +2))
return True;
if(user_in_group(user, *list +2))
return True;
@@ -243,7 +252,7 @@ bool user_in_list(const char *user,const char **list)
/*
* Just search netgroup list.
*/
- if(user_in_netgroup(user, *list +1))
+ if(user_in_netgroup(ctx, user, *list +1))
return True;
}
}
@@ -253,7 +262,7 @@ bool user_in_list(const char *user,const char **list)
return(False);
}
-bool map_username(fstring user)
+bool map_username(TALLOC_CTX *ctx, const char *user_in, char **p_user_out)
{
XFILE *f;
char *mapfile = lp_username_map();
@@ -262,19 +271,28 @@ bool map_username(fstring user)
bool mapped_user = False;
char *cmd = lp_username_map_script();
- if (!*user)
+ *p_user_out = NULL;
+
+ if (!user_in)
+ return false;
+
+ /* Initially make a copy of the incoming name. */
+ *p_user_out = talloc_strdup(ctx, user_in);
+ if (!*p_user_out) {
return false;
+ }
- if (strequal(user,get_last_to()))
+ if (strequal(user_in,get_last_to()))
return false;
- if (strequal(user,get_last_from())) {
- DEBUG(3,("Mapped user %s to %s\n",user,get_last_to()));
- fstrcpy(user,get_last_to());
+ if (strequal(user_in,get_last_from())) {
+ DEBUG(3,("Mapped user %s to %s\n",user_in,get_last_to()));
+ TALLOC_FREE(*p_user_out);
+ *p_user_out = talloc_strdup(ctx, get_last_to());
return true;
}
- if (fetch_map_from_gencache(user)) {
+ if (fetch_map_from_gencache(ctx, user_in, p_user_out)) {
return true;
}
@@ -285,10 +303,10 @@ bool map_username(fstring user)
char *command = NULL;
int numlines, ret, fd;
- command = talloc_asprintf(talloc_tos(),
+ command = talloc_asprintf(ctx,
"%s \"%s\"",
cmd,
- user);
+ user_in);
if (!command) {
return false;
}
@@ -306,17 +324,21 @@ bool map_username(fstring user)
}
numlines = 0;
- qlines = fd_lines_load(fd, &numlines, 0, talloc_tos());
+ qlines = fd_lines_load(fd, &numlines, 0, ctx);
DEBUGADD(10,("Lines returned = [%d]\n", numlines));
close(fd);
/* should be either no lines or a single line with the mapped
username */
if (numlines && qlines) {
- DEBUG(3,("Mapped user %s to %s\n", user, qlines[0] ));
- set_last_from_to(user, qlines[0]);
- store_map_in_gencache(user, qlines[0]);
- fstrcpy( user, qlines[0] );
+ DEBUG(3,("Mapped user %s to %s\n", user_in, qlines[0]
));
+ set_last_from_to(user_in, qlines[0]);
+ store_map_in_gencache(ctx, user_in, qlines[0]);
+ TALLOC_FREE(*p_user_out);
+ *p_user_out = talloc_strdup(ctx, qlines[0]);
+ if (!*p_user_out) {
+ return false;
+ }
}
TALLOC_FREE(qlines);
@@ -367,20 +389,26 @@ bool map_username(fstring user)
/* skip lines like 'user = ' */
- dosuserlist = str_list_make_v3(talloc_tos(), dosname, NULL);
+ dosuserlist = str_list_make_v3(ctx, dosname, NULL);
if (!dosuserlist) {
DEBUG(0,("Bad username map entry. Unable to build user
list. Ignoring.\n"));
continue;
}
if (strchr_m(dosname,'*') ||
- user_in_list(user, (const char **)dosuserlist)) {
--
Samba Shared Repository
