summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuke Leighton <lkcl@samba.org>2000-06-09 03:00:34 +0000
committerLuke Leighton <lkcl@samba.org>2000-06-09 03:00:34 +0000
commitad98207f54a7e3d88108d34c4cf365d5f8bc23ef (patch)
treeb23fa45bf861976ae96b27353cfed15b659cfb8c
parenteee003da6aee5ffc00e318fc0390e6b19151a675 (diff)
downloadsamba-ad98207f54a7e3d88108d34c4cf365d5f8bc23ef.tar.gz
samba-ad98207f54a7e3d88108d34c4cf365d5f8bc23ef.tar.bz2
samba-ad98207f54a7e3d88108d34c4cf365d5f8bc23ef.zip
dynamic allocation of NET_USER_INFO_3 gids.
jeremy, the intent is to call se_access_check() with usr-sid, grp-sid, array-of-group-rids (but array-of-group-sids would do). please do look at smbd/lanman.c's api_NetWkstaGetInfo, it will show you that we really do need to store the entire NET_USER_INFO_3 structure. then again, api_NetWkstaGetInfo is only used by win9x so who cares :) (This used to be commit bd34f652390adc32c4959d164c628687f526d977)
-rw-r--r--source3/include/rpc_netlogon.h4
-rw-r--r--source3/include/smb_macros.h8
-rw-r--r--source3/rpc_parse/parse_net.c21
-rw-r--r--source3/smbd/password.c60
4 files changed, 63 insertions, 30 deletions
diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h
index 06caa53f4d..9f6757ca63 100644
--- a/source3/include/rpc_netlogon.h
+++ b/source3/include/rpc_netlogon.h
@@ -57,7 +57,7 @@ typedef struct net_user_info_2
uint32 group_id; /* Group ID */
....
uint32 num_groups2; /* num groups */
- DOM_GID gids[LSA_MAX_GROUPS]; /* group info */
+ DOM_GID *gids; /* group info */
UNIHDR hdr_logon_srv; /* logon server unicode string header */
UNISTR2 uni_logon_dom; /* logon domain unicode string */
@@ -114,7 +114,7 @@ typedef struct net_user_info_3
UNISTR2 uni_dir_drive; /* home directory drive unicode string */
uint32 num_groups2; /* num groups */
- DOM_GID gids[LSA_MAX_GROUPS]; /* group info */
+ DOM_GID *gids; /* group info */
UNISTR2 uni_logon_srv; /* logon server unicode string */
UNISTR2 uni_logon_dom; /* logon domain unicode string */
diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h
index 51c7c1c638..267b061f65 100644
--- a/source3/include/smb_macros.h
+++ b/source3/include/smb_macros.h
@@ -42,6 +42,14 @@
#define IS_DOS_SYSTEM(test_mode) (((test_mode) & aSYSTEM) != 0)
#define IS_DOS_HIDDEN(test_mode) (((test_mode) & aHIDDEN) != 0)
+/* memory-allocation-helpers (idea and names from glib) */
+#define g_new(type, count) \
+ ((type *) malloc(sizeof(type) * (count)))
+#define g_new0(type, count) \
+ ((type *) calloc((count), sizeof(type)))
+#define g_renew(type, mem, count) \
+ ((type *) Realloc(mem, sizeof(type) * (count)))
+
/* zero a structure */
#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index 912e18600e..c1b16b8864 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -1070,10 +1070,14 @@ void init_net_user_info3(NET_USER_INFO_3 *usr,
usr->num_groups2 = num_groups;
- SMB_ASSERT_ARRAY(usr->gids, num_groups);
-
- for (i = 0; i < num_groups; i++)
- usr->gids[i] = gids[i];
+ if (num_groups > 0)
+ {
+ usr->gids = g_new(DOM_GID, num_groups);
+ if (usr->gids == NULL)
+ return;
+ for (i = 0; i < num_groups; i++)
+ usr->gids[i] = gids[i];
+ }
init_unistr2(&usr->uni_logon_srv, logon_srv, len_logon_srv);
init_unistr2(&usr->uni_logon_dom, logon_dom, len_logon_dom);
@@ -1183,7 +1187,14 @@ static BOOL net_io_user_info3(char *desc, NET_USER_INFO_3 *usr, prs_struct *ps,
return False;
if(!prs_uint32("num_groups2 ", ps, depth, &usr->num_groups2)) /* num groups */
return False;
- SMB_ASSERT_ARRAY(usr->gids, usr->num_groups2);
+
+ if (UNMARSHALLING(ps) && usr->num_groups2 > 0)
+ {
+ usr->gids = g_new(DOM_GID, usr->num_groups2);
+ if (usr->gids == NULL)
+ return False;
+ }
+
for (i = 0; i < usr->num_groups2; i++) {
if(!smb_io_gid("", &usr->gids[i], ps, depth)) /* group info */
return False;
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 5815bbd164..6201b85357 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -277,30 +277,37 @@ uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name,
if (usr == NULL)
{
- int i;
- extern DOM_SID global_sam_sid;
-
- DEBUG(0,("vuser struct usr being filled in with trash, today\n"));
- DEBUG(0,("this needs to be replaced with a proper surs impl.\n"));
- DEBUG(0,("e.g. the one used in winbindd. in fact, all\n"));
- DEBUG(0,("occurrences of pdb_xxx_to_xxx should be replaced\n"));
- DEBUG(0,("as soon as possible.\n"));
- vuser->usr.user_id = pdb_uid_to_user_rid(uid);
- vuser->usr.group_id = pdb_gid_to_group_rid(gid);
- vuser->usr.num_groups = vuser->n_groups;
- for (i = 0; i < vuser->usr.num_groups; i++)
- {
- DOM_GID *ntgid = &vuser->usr.gids[i];
- ntgid->attr = 0x7;
- ntgid->g_rid = pdb_gid_to_group_rid(vuser->groups[i]);
- }
-
- /* this is possibly the worst thing to do, ever. it assumes */
- /* that all users of this system are in the local SAM database */
- /* however, because there is no code to do anything otherwise, */
- /* we have no choice */
+ int i;
+ extern DOM_SID global_sam_sid;
+
+ DEBUG(0,("vuser struct usr being filled in with trash, today\n"));
+ DEBUG(0,("this needs to be replaced with a proper surs impl.\n"));
+ DEBUG(0,("e.g. the one used in winbindd. in fact, all\n"));
+ DEBUG(0,("occurrences of pdb_xxx_to_xxx should be replaced\n"));
+ DEBUG(0,("as soon as possible.\n"));
+ vuser->usr.user_id = pdb_uid_to_user_rid(uid);
+ vuser->usr.group_id = pdb_gid_to_group_rid(gid);
+ vuser->usr.num_groups = vuser->n_groups;
+ if (vuser->n_groups != 0)
+ {
+ vuser->usr.gids = g_new(DOM_GID, vuser->usr.num_groups);
+ if (vuser->usr.gids == NULL)
+ return UID_FIELD_INVALID;
+ }
- init_dom_sid2(&vuser->usr.dom_sid, &global_sam_sid);
+ for (i = 0; i < vuser->usr.num_groups; i++)
+ {
+ DOM_GID *ntgid = &vuser->usr.gids[i];
+ ntgid->attr = 0x7;
+ ntgid->g_rid = pdb_gid_to_group_rid(vuser->groups[i]);
+ }
+
+ /* this is possibly the worst thing to do, ever. it assumes */
+ /* that all users of this system are in the local SAM database */
+ /* however, because there is no code to do anything otherwise, */
+ /* we have no choice */
+
+ init_dom_sid2(&vuser->usr.dom_sid, &global_sam_sid);
}
else
{
@@ -1525,12 +1532,19 @@ BOOL domain_client_validate( char *user, char *domain,
cli_ulogoff(&cli);
cli_shutdown(&cli);
+ /* unused, so delete here. */
+ if (info3.gids != NULL)
+ free (info3.gids);
+
if((nt_rpc_err == NT_STATUS_NO_SUCH_USER) && (user_exists != NULL))
*user_exists = False;
return False;
}
+ /* unused, so delete here. */
+ if (info3.gids != NULL)
+ free (info3.gids);
/*
* Here, if we really want it, we have lots of info about the user in info3.
*/