[SCM] Samba Shared Repository - branch master updated

Tue, 22 Mar 2016 11:21:44 -0700 

The branch, master has been updated
       via  ef1ad0e s3:ntlm_auth: pass manage_squid_request() needs a valid 
struct ntlm_auth_state from within get_password()
       via  0906d61 s3:rpc_server/samr: correctly handle 
session_extract_session_key() failures
      from  5291462 winbind: Fix CID 1357100 Unchecked return value

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit ef1ad0e122659b5ff9097f0f7046f10fc2f3ec30
Author: Stefan Metzmacher <[email protected]>
Date:   Mon Mar 21 19:41:53 2016 +0100

    s3:ntlm_auth: pass manage_squid_request() needs a valid struct 
ntlm_auth_state from within get_password()
    
    Signed-off-by: Stefan Metzmacher <[email protected]>
    Reviewed-by: Andreas Schneider <[email protected]>
    
    Autobuild-User(master): Stefan Metzmacher <[email protected]>
    Autobuild-Date(master): Tue Mar 22 19:20:38 CET 2016 on sn-devel-144

commit 0906d61bb2f3446483d82928b55f5b797bac4804
Author: Stefan Metzmacher <[email protected]>
Date:   Sun Feb 28 23:32:50 2016 +0100

    s3:rpc_server/samr: correctly handle session_extract_session_key() failures
    
    Signed-off-by: Stefan Metzmacher <[email protected]>
    Reviewed-by: Andreas Schneider <[email protected]>

-----------------------------------------------------------------------

Summary of changes:
 source3/rpc_server/samr/srv_samr_nt.c | 16 ++++++++++++++--
 source3/utils/ntlm_auth.c             | 14 +++++++++++++-
 2 files changed, 27 insertions(+), 3 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/samr/srv_samr_nt.c 
b/source3/rpc_server/samr/srv_samr_nt.c
index 4b4b77a..7eb06cf 100644
--- a/source3/rpc_server/samr/srv_samr_nt.c
+++ b/source3/rpc_server/samr/srv_samr_nt.c
@@ -5097,7 +5097,7 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
                case 18:
                        status = session_extract_session_key(p->session_info, 
&session_key, KEY_USE_16BYTES);
                        if(!NT_STATUS_IS_OK(status)) {
-                               return status;
+                               break;
                        }
                        /* Used by AS/U JRA. */
                        status = set_user_info_18(&info->info18,
@@ -5114,7 +5114,7 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
                case 21:
                        status = session_extract_session_key(p->session_info, 
&session_key, KEY_USE_16BYTES);
                        if(!NT_STATUS_IS_OK(status)) {
-                               return status;
+                               break;
                        }
                        status = set_user_info_21(&info->info21,
                                                  p->mem_ctx,
@@ -5124,6 +5124,9 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
 
                case 23:
                        status = session_extract_session_key(p->session_info, 
&session_key, KEY_USE_16BYTES);
+                       if(!NT_STATUS_IS_OK(status)) {
+                               break;
+                       }
                        arcfour_crypt_blob(info->info23.password.data, 516,
                                           &session_key);
 
@@ -5137,6 +5140,9 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
 
                case 24:
                        status = session_extract_session_key(p->session_info, 
&session_key, KEY_USE_16BYTES);
+                       if(!NT_STATUS_IS_OK(status)) {
+                               break;
+                       }
                        arcfour_crypt_blob(info->info24.password.data,
                                           516,
                                           &session_key);
@@ -5150,6 +5156,9 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
 
                case 25:
                        status = session_extract_session_key(p->session_info, 
&session_key, KEY_USE_16BYTES);
+                       if(!NT_STATUS_IS_OK(status)) {
+                               break;
+                       }
                        encode_or_decode_arc4_passwd_buffer(
                                info->info25.password.data,
                                &session_key);
@@ -5163,6 +5172,9 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p,
 
                case 26:
                        status = session_extract_session_key(p->session_info, 
&session_key, KEY_USE_16BYTES);
+                       if(!NT_STATUS_IS_OK(status)) {
+                               break;
+                       }
                        encode_or_decode_arc4_passwd_buffer(
                                info->info26.password.data,
                                &session_key);
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 25c20d8..1b27a88 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -229,13 +229,25 @@ static void manage_gensec_get_pw_request(enum 
stdio_helper_mode stdio_helper_mod
 
 static const char *get_password(struct cli_credentials *credentials)
 {
+       TALLOC_CTX *frame = talloc_stackframe();
        char *password = NULL;
+       struct ntlm_auth_state *state;
+
+       state = talloc_zero(frame, struct ntlm_auth_state);
+       if (state == NULL) {
+               DEBUG(0, ("squid_stream: Failed to talloc ntlm_auth_state\n"));
+               x_fprintf(x_stderr, "ERR\n");
+               exit(1);
+       }
+
+       state->mem_ctx = state;
 
        /* Ask for a password */
        x_fprintf(x_stdout, "PW\n");
 
-       manage_squid_request(NUM_HELPER_MODES /* bogus */, NULL, NULL, 
manage_gensec_get_pw_request, (void **)&password);
+       manage_squid_request(NUM_HELPER_MODES /* bogus */, NULL, state, 
manage_gensec_get_pw_request, (void **)&password);
        talloc_steal(credentials, password);
+       TALLOC_FREE(frame);
        return password;
 }
 


-- 
Samba Shared Repository

Reply via email to