summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2010-09-22 15:35:36 -0700
committerJelmer Vernooij <jelmer@samba.org>2010-09-22 17:48:23 -0700
commit3fea9df85a7d489b81e21a7a63f9e115de712d4c (patch)
tree07c31f8431ccc4e563922f1b7f56794e449e52c9
parent63031a2a78cff19f1f17137adfbc85a4df05ae36 (diff)
downloadsamba-3fea9df85a7d489b81e21a7a63f9e115de712d4c.tar.gz
samba-3fea9df85a7d489b81e21a7a63f9e115de712d4c.tar.bz2
samba-3fea9df85a7d489b81e21a7a63f9e115de712d4c.zip
s4-param: Check type when converting python object to lp_ctx, fix some
memory leaks.
-rw-r--r--source4/auth/credentials/pycredentials.c9
-rw-r--r--source4/auth/gensec/pygensec.c18
-rw-r--r--source4/auth/pyauth.c8
-rw-r--r--source4/param/provision.c9
-rw-r--r--source4/param/pyparam_util.c24
-rw-r--r--source4/scripting/python/pyglue.c3
-rw-r--r--source4/scripting/python/samba/tests/gensec.py7
7 files changed, 65 insertions, 13 deletions
diff --git a/source4/auth/credentials/pycredentials.c b/source4/auth/credentials/pycredentials.c
index 7c860b041d..e1a74037ec 100644
--- a/source4/auth/credentials/pycredentials.c
+++ b/source4/auth/credentials/pycredentials.c
@@ -214,12 +214,14 @@ static PyObject *py_creds_guess(py_talloc_Object *self, PyObject *args)
if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */
+ lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
if (lp_ctx == NULL)
return NULL;
cli_credentials_guess(creds, lp_ctx);
+ talloc_free(lp_ctx);
+
Py_RETURN_NONE;
}
@@ -235,11 +237,13 @@ static PyObject *py_creds_set_machine_account(py_talloc_Object *self, PyObject *
if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */
+ lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
if (lp_ctx == NULL)
return NULL;
status = cli_credentials_set_machine_account(creds, lp_ctx);
+ talloc_free(lp_ctx);
+
PyErr_NTSTATUS_IS_ERR_RAISE(status);
Py_RETURN_NONE;
@@ -288,6 +292,7 @@ static PyObject *py_creds_get_named_ccache(py_talloc_Object *self, PyObject *arg
ret = cli_credentials_get_named_ccache(creds, event_ctx, lp_ctx,
ccache_name, &ccc, &error_string);
+ talloc_free(lp_ctx);
if (ret == 0) {
talloc_steal(ccc, event_ctx);
return PyCredentialCacheContainer_from_ccache_container(ccc);
diff --git a/source4/auth/gensec/pygensec.c b/source4/auth/gensec/pygensec.c
index 28441cc9ca..f8825b87d9 100644
--- a/source4/auth/gensec/pygensec.c
+++ b/source4/auth/gensec/pygensec.c
@@ -166,6 +166,23 @@ static PyObject *py_gensec_start_mech_by_name(PyObject *self, PyObject *args)
Py_RETURN_NONE;
}
+static PyObject *py_gensec_start_mech_by_authtype(PyObject *self, PyObject *args)
+{
+ int authtype, level;
+ struct gensec_security *security = (struct gensec_security *)py_talloc_get_ptr(self);
+ NTSTATUS status;
+ if (!PyArg_ParseTuple(args, "ii", &authtype, &level))
+ return NULL;
+
+ status = gensec_start_mech_by_authtype(security, authtype, level);
+ if (!NT_STATUS_IS_OK(status)) {
+ PyErr_SetNTSTATUS(status);
+ return NULL;
+ }
+
+ Py_RETURN_NONE;
+}
+
static PyMethodDef py_gensec_security_methods[] = {
{ "start_client", (PyCFunction)py_gensec_start_client, METH_VARARGS|METH_KEYWORDS|METH_CLASS,
"S.start_client(settings) -> gensec" },
@@ -175,6 +192,7 @@ static PyMethodDef py_gensec_security_methods[] = {
"S.session_info() -> info" },
{ "start_mech_by_name", (PyCFunction)py_gensec_start_mech_by_name, METH_VARARGS,
"S.start_mech_by_name(name)" },
+ { "start_mech_by_authtype", (PyCFunction)py_gensec_start_mech_by_authtype, METH_VARARGS, "S.start_mech_by_authtype(authtype, level)" },
{ "get_name_by_authtype", (PyCFunction)py_get_name_by_authtype, METH_VARARGS,
"S.get_name_by_authtype(authtype) -> name\nLookup an auth type." },
{ NULL }
diff --git a/source4/auth/pyauth.c b/source4/auth/pyauth.c
index dff696334c..a66411bb4a 100644
--- a/source4/auth/pyauth.c
+++ b/source4/auth/pyauth.c
@@ -46,12 +46,14 @@ static PyObject *py_system_session(PyObject *module, PyObject *args)
if (!PyArg_ParseTuple(args, "|O", &py_lp_ctx))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: Leaks memory */
+ lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
if (lp_ctx == NULL)
return NULL;
session = system_session(lp_ctx);
+ talloc_free(lp_ctx);
+
return PyAuthSession_FromSession(session);
}
@@ -66,13 +68,15 @@ static PyObject *py_admin_session(PyObject *module, PyObject *args)
if (!PyArg_ParseTuple(args, "OO", &py_lp_ctx, &py_sid))
return NULL;
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */
+ lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx);
if (lp_ctx == NULL)
return NULL;
domain_sid = dom_sid_parse_talloc(NULL, PyString_AsString(py_sid));
session = admin_session(NULL, lp_ctx, domain_sid);
+ talloc_free(lp_ctx);
+
return PyAuthSession_FromSession(session);
}
diff --git a/source4/param/provision.c b/source4/param/provision.c
index b0387869b5..593f9ff168 100644
--- a/source4/param/provision.c
+++ b/source4/param/provision.c
@@ -85,7 +85,7 @@ NTSTATUS provision_bare(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
struct provision_result *result)
{
const char *configfile;
- PyObject *provision_mod, *provision_dict, *provision_fn, *py_result, *parameters;
+ PyObject *provision_mod, *provision_dict, *provision_fn, *py_result, *parameters, *py_lp_ctx;
DEBUG(0,("Provision for Become-DC test using python\n"));
@@ -193,7 +193,12 @@ NTSTATUS provision_bare(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
result->domaindn = talloc_strdup(mem_ctx, PyString_AsString(PyObject_GetAttrString(py_result, "domaindn")));
/* FIXME paths */
- result->lp_ctx = lpcfg_from_py_object(result, PyObject_GetAttrString(py_result, "lp"));
+ py_lp_ctx = PyObject_GetAttrString(py_result, "lp");
+ if (py_lp_ctx == NULL) {
+ DEBUG(0, ("Missing 'lp' attribute"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ result->lp_ctx = lpcfg_from_py_object(result, py_lp_ctx);
result->samdb = PyLdb_AsLdbContext(PyObject_GetAttrString(py_result, "samdb"));
return NT_STATUS_OK;
diff --git a/source4/param/pyparam_util.c b/source4/param/pyparam_util.c
index 8c98cbcbfe..474dd31504 100644
--- a/source4/param/pyparam_util.c
+++ b/source4/param/pyparam_util.c
@@ -28,6 +28,9 @@
_PUBLIC_ struct loadparm_context *lpcfg_from_py_object(TALLOC_CTX *mem_ctx, PyObject *py_obj)
{
struct loadparm_context *lp_ctx;
+ PyObject *param_mod;
+ PyTypeObject *lp_type;
+ bool is_lpobj;
if (PyString_Check(py_obj)) {
lp_ctx = loadparm_init(mem_ctx);
@@ -47,7 +50,26 @@ _PUBLIC_ struct loadparm_context *lpcfg_from_py_object(TALLOC_CTX *mem_ctx, PyOb
return lp_ctx;
}
- return PyLoadparmContext_AsLoadparmContext(py_obj);
+ param_mod = PyImport_ImportModule("samba.param");
+ if (param_mod == NULL) {
+ return NULL;
+ }
+
+ lp_type = (PyTypeObject *)PyObject_GetAttrString(param_mod, "LoadParm");
+ Py_DECREF(param_mod);
+ if (lp_type == NULL) {
+ PyErr_SetString(PyExc_RuntimeError, "Unable to import LoadParm");
+ return NULL;
+ }
+
+ is_lpobj = PyObject_TypeCheck(py_obj, lp_type);
+ Py_DECREF(lp_type);
+ if (is_lpobj) {
+ return talloc_reference(mem_ctx, PyLoadparmContext_AsLoadparmContext(py_obj));
+ }
+
+ PyErr_SetNone(PyExc_TypeError);
+ return NULL;
}
struct loadparm_context *py_default_loadparm_context(TALLOC_CTX *mem_ctx)
diff --git a/source4/scripting/python/pyglue.c b/source4/scripting/python/pyglue.c
index 1f968e16f9..2afd1fa010 100644
--- a/source4/scripting/python/pyglue.c
+++ b/source4/scripting/python/pyglue.c
@@ -132,9 +132,8 @@ static PyObject *py_interface_ips(PyObject *self, PyObject *args)
tmp_ctx = talloc_new(NULL);
- lp_ctx = lpcfg_from_py_object(NULL, py_lp_ctx); /* FIXME: leaky */
+ lp_ctx = lpcfg_from_py_object(tmp_ctx, py_lp_ctx);
if (lp_ctx == NULL) {
- PyErr_SetString(PyExc_TypeError, "Expected loadparm object");
talloc_free(tmp_ctx);
return NULL;
}
diff --git a/source4/scripting/python/samba/tests/gensec.py b/source4/scripting/python/samba/tests/gensec.py
index 05b9a5946f..3e71610591 100644
--- a/source4/scripting/python/samba/tests/gensec.py
+++ b/source4/scripting/python/samba/tests/gensec.py
@@ -38,9 +38,8 @@ class CredentialsTests(samba.tests.TestCase):
def test_start_mech_by_unknown_name(self):
self.assertRaises(RuntimeError, self.gensec.start_mech_by_name, "foo")
+ def test_start_mech_by_name(self):
+ self.gensec.start_mech_by_name("spnego")
+
def test_info_uninitialized(self):
self.assertRaises(RuntimeError, self.gensec.session_info)
-
- def test_info(self):
- self.gensec.start_mech_by_name("spnego")
- self.assertEquals(None, self.gensec.session_info())