diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-07-26 13:37:36 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-08-03 18:48:04 +1000 |
| commit | 9a45bf39527d9c2dcd8d2debf214196100a3efce (patch) | |
| tree | 080e2c9bc12348cd4a7f96f5ce9deb1cc55ed741 | |
| parent | 8b983d232648944c18fe878a3ace0f58658ec24d (diff) | |
| download | samba-9a45bf39527d9c2dcd8d2debf214196100a3efce.tar.gz samba-9a45bf39527d9c2dcd8d2debf214196100a3efce.tar.bz2 samba-9a45bf39527d9c2dcd8d2debf214196100a3efce.zip | |
s3-auth set session_info->sanitized_username in create_local_token()
Rather than passing this value around the callers, and eventually
setting it in register_existing_vuid(), we simply pass it to
create_local_token(). This also removes the need for
auth_ntlmssp_get_username().
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
| -rw-r--r-- | source3/auth/auth_ntlmssp.c | 1 | ||||
| -rw-r--r-- | source3/auth/auth_util.c | 26 | ||||
| -rw-r--r-- | source3/auth/proto.h | 1 | ||||
| -rw-r--r-- | source3/auth/user_krb5.c | 2 | ||||
| -rw-r--r-- | source3/include/ntlmssp_wrap.h | 2 | ||||
| -rw-r--r-- | source3/libsmb/ntlmssp_wrap.c | 9 | ||||
| -rw-r--r-- | source3/rpc_server/rpc_server.c | 3 | ||||
| -rw-r--r-- | source3/smbd/password.c | 10 | ||||
| -rw-r--r-- | source3/smbd/proto.h | 3 | ||||
| -rw-r--r-- | source3/smbd/sesssetup.c | 10 | ||||
| -rw-r--r-- | source3/smbd/smb2_sesssetup.c | 16 |
11 files changed, 23 insertions, 60 deletions
diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c index f7d3619d3b..0d25ecdf68 100644 --- a/source3/auth/auth_ntlmssp.c +++ b/source3/auth/auth_ntlmssp.c @@ -44,6 +44,7 @@ NTSTATUS auth_ntlmssp_steal_session_info(TALLOC_CTX *mem_ctx, nt_status = create_local_token(mem_ctx, auth_ntlmssp_state->server_info, &auth_ntlmssp_state->ntlmssp_state->session_key, + auth_ntlmssp_state->ntlmssp_state->user, session_info); if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 530b8da096..e6d8e16b8e 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -457,6 +457,7 @@ static NTSTATUS log_nt_token(struct security_token *token) NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, const struct auth_serversupplied_info *server_info, DATA_BLOB *session_key, + const char *smb_username, /* for ->sanitized_username, for %U subs */ struct auth_session_info **session_info_out) { struct security_token *t; @@ -465,6 +466,7 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, struct dom_sid tmp_sid; struct auth_session_info *session_info; struct wbcUnixId *ids; + fstring tmp; /* Ensure we can't possible take a code path leading to a * null defref. */ @@ -498,11 +500,10 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - session_info->unix_info->sanitized_username = talloc_strdup(session_info, server_info->sanitized_username); - if (!session_info->unix_info->sanitized_username) { - TALLOC_FREE(session_info); - return NT_STATUS_NO_MEMORY; - } + /* This is a potentially untrusted username for use in %U */ + alpha_strcpy(tmp, smb_username, ". _-$", sizeof(tmp)); + session_info->unix_info->sanitized_username = + talloc_strdup(session_info->unix_info, tmp); session_info->unix_info->system = server_info->system; @@ -837,7 +838,6 @@ static NTSTATUS make_new_session_info_guest(struct auth_session_info **session_i struct netr_SamInfo3 info3; TALLOC_CTX *tmp_ctx; NTSTATUS status; - fstring tmp; tmp_ctx = talloc_stackframe(); if (tmp_ctx == NULL) { @@ -869,7 +869,9 @@ static NTSTATUS make_new_session_info_guest(struct auth_session_info **session_i /* This should not be done here (we should produce a server * info, and later construct a session info from it), but for * now this does not change the previous behavior */ - status = create_local_token(tmp_ctx, *server_info, NULL, session_info); + status = create_local_token(tmp_ctx, *server_info, NULL, + (*server_info)->info3->base.account_name.string, + session_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("create_local_token failed: %s\n", nt_errstr(status))); @@ -882,10 +884,6 @@ static NTSTATUS make_new_session_info_guest(struct auth_session_info **session_i all zeros! */ (*session_info)->session_key = data_blob(zeros, sizeof(zeros)); - alpha_strcpy(tmp, (*server_info)->info3->base.account_name.string, - ". _-$", sizeof(tmp)); - (*session_info)->unix_info->sanitized_username = talloc_strdup(*session_info, tmp); - status = NT_STATUS_OK; done: TALLOC_FREE(tmp_ctx); @@ -953,9 +951,8 @@ NTSTATUS make_session_info_from_username(TALLOC_CTX *mem_ctx, status = make_server_info_pw(&result, pwd->pw_name, pwd); - TALLOC_FREE(pwd); - if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(pwd); return status; } @@ -963,7 +960,8 @@ NTSTATUS make_session_info_from_username(TALLOC_CTX *mem_ctx, result->guest = is_guest; /* Now turn the server_info into a session_info with the full token etc */ - status = create_local_token(mem_ctx, result, NULL, session_info); + status = create_local_token(mem_ctx, result, NULL, pwd->pw_name, session_info); + TALLOC_FREE(pwd); talloc_free(result); return status; } diff --git a/source3/auth/proto.h b/source3/auth/proto.h index bce27c86c3..b9bc748b95 100644 --- a/source3/auth/proto.h +++ b/source3/auth/proto.h @@ -151,6 +151,7 @@ NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info, NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, const struct auth_serversupplied_info *server_info, DATA_BLOB *session_key, + const char *smb_name, struct auth_session_info **session_info_out); NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, bool is_guest, diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c index 923c500110..0cb80c8cfa 100644 --- a/source3/auth/user_krb5.c +++ b/source3/auth/user_krb5.c @@ -262,7 +262,7 @@ NTSTATUS make_session_info_krb5(TALLOC_CTX *mem_ctx, server_info->nss_token |= username_was_mapped; - status = create_local_token(mem_ctx, server_info, session_key, session_info); + status = create_local_token(mem_ctx, server_info, session_key, ntuser, session_info); talloc_free(server_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(10,("failed to create local token: %s\n", diff --git a/source3/include/ntlmssp_wrap.h b/source3/include/ntlmssp_wrap.h index 22cd582bb7..ee76e96007 100644 --- a/source3/include/ntlmssp_wrap.h +++ b/source3/include/ntlmssp_wrap.h @@ -62,8 +62,6 @@ NTSTATUS auth_ntlmssp_unseal_packet(struct auth_ntlmssp_state *ans, const DATA_BLOB *sig); bool auth_ntlmssp_negotiated_sign(struct auth_ntlmssp_state *ans); bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *ans); -const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *ans); -const char *auth_ntlmssp_get_domain(struct auth_ntlmssp_state *ans); NTSTATUS auth_ntlmssp_set_username(struct auth_ntlmssp_state *ans, const char *user); NTSTATUS auth_ntlmssp_set_domain(struct auth_ntlmssp_state *ans, diff --git a/source3/libsmb/ntlmssp_wrap.c b/source3/libsmb/ntlmssp_wrap.c index 91e5d0e5d9..ba22300cab 100644 --- a/source3/libsmb/ntlmssp_wrap.c +++ b/source3/libsmb/ntlmssp_wrap.c @@ -111,15 +111,6 @@ bool auth_ntlmssp_negotiated_seal(struct auth_ntlmssp_state *ans) return ans->ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_SEAL; } -/* Needed for 'smb username' processing */ -const char *auth_ntlmssp_get_username(struct auth_ntlmssp_state *ans) -{ - if (ans->gensec_security) { - return ""; /* We can't get at this value, and it's just for the %U macros */ - } - return ans->ntlmssp_state->user; -} - NTSTATUS auth_ntlmssp_set_username(struct auth_ntlmssp_state *ans, const char *user) { diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c index 0caf20a990..b03715c024 100644 --- a/source3/rpc_server/rpc_server.c +++ b/source3/rpc_server/rpc_server.c @@ -123,7 +123,8 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, * Some internal functions need a local token to determine access to * resources. */ - status = create_local_token(p, server_info, &session_info->session_key, &p->session_info); + status = create_local_token(p, server_info, &session_info->session_key, info3->base.account_name.string, + &p->session_info); talloc_free(server_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to init local auth token\n")); diff --git a/source3/smbd/password.c b/source3/smbd/password.c index e23818f2d1..7ccf2ea327 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -265,10 +265,8 @@ int register_homes_share(const char *username) int register_existing_vuid(struct smbd_server_connection *sconn, uint16 vuid, struct auth_session_info *session_info, - DATA_BLOB response_blob, - const char *smb_name) + DATA_BLOB response_blob) { - fstring tmp; user_struct *vuser; bool guest = security_session_user_level(session_info, NULL) < SECURITY_USER; @@ -280,12 +278,6 @@ int register_existing_vuid(struct smbd_server_connection *sconn, /* Use this to keep tabs on all our info from the authentication */ vuser->session_info = talloc_move(vuser, &session_info); - /* This is a potentially untrusted username */ - alpha_strcpy(tmp, smb_name, ". _-$", sizeof(tmp)); - - vuser->session_info->unix_info->sanitized_username = talloc_strdup( - vuser->session_info, tmp); - /* Make clear that we require the optional unix_token and unix_info in the source3 code */ SMB_ASSERT(vuser->session_info->unix_token); SMB_ASSERT(vuser->session_info->unix_info); diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index 49fc8c7b20..7dee467661 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -704,8 +704,7 @@ int register_homes_share(const char *username); int register_existing_vuid(struct smbd_server_connection *sconn, uint16 vuid, struct auth_session_info *session_info, - DATA_BLOB response_blob, - const char *smb_name); + DATA_BLOB response_blob); void add_session_user(struct smbd_server_connection *sconn, const char *user); void add_session_workgroup(struct smbd_server_connection *sconn, const char *workgroup); diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 20b31096b0..683f6b2c15 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -367,7 +367,7 @@ static void reply_spnego_kerberos(struct smb_request *req, * it.... */ sess_vuid = register_existing_vuid(sconn, sess_vuid, - session_info, nullblob, user); + session_info, nullblob); reply_outbuf(req, 4, 0); SSVAL(req->outbuf,smb_uid,sess_vuid); @@ -448,8 +448,7 @@ static void reply_spnego_ntlmssp(struct smb_request *req, /* register_existing_vuid keeps the server info */ if (register_existing_vuid(sconn, vuid, - session_info, nullblob, - auth_ntlmssp_get_username(*auth_ntlmssp_state)) != + session_info, nullblob) != vuid) { /* The problem is, *auth_ntlmssp_state points * into the vuser this will have @@ -1641,7 +1640,7 @@ void reply_sesssetup_and_X(struct smb_request *req) return; } - nt_status = create_local_token(req, server_info, NULL, &session_info); + nt_status = create_local_token(req, server_info, NULL, sub_user, &session_info); TALLOC_FREE(server_info); if (!NT_STATUS_IS_OK(nt_status)) { @@ -1688,8 +1687,7 @@ void reply_sesssetup_and_X(struct smb_request *req) /* register_existing_vuid keeps the session_info */ sess_vuid = register_existing_vuid(sconn, sess_vuid, session_info, - nt_resp.data ? nt_resp : lm_resp, - sub_user); + nt_resp.data ? nt_resp : lm_resp); if (sess_vuid == UID_FIELD_INVALID) { data_blob_free(&nt_resp); data_blob_free(&lm_resp); diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 7bc8692758..45acff2778 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -174,7 +174,6 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session, struct passwd *pw = NULL; NTSTATUS status; char *real_username; - fstring tmp; bool username_was_mapped = false; bool map_domainuser_to_guest = false; @@ -256,11 +255,6 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session, session->compat_vuser->vuid = session->vuid; DLIST_ADD(session->sconn->smb1.sessions.validated_users, session->compat_vuser); - /* This is a potentially untrusted username */ - alpha_strcpy(tmp, user, ". _-$", sizeof(tmp)); - session->session_info->unix_info->sanitized_username = - talloc_strdup(session->session_info, tmp); - if (security_session_user_level(session->session_info, NULL) >= SECURITY_USER) { session->compat_vuser->homes_snum = register_homes_share(session->session_info->unix_info->unix_name); @@ -442,8 +436,6 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s uint16_t *out_session_flags, uint64_t *out_session_id) { - fstring tmp; - if ((in_security_mode & SMB2_NEGOTIATE_SIGNING_REQUIRED) || lp_server_signing() == Required) { session->do_signing = true; @@ -472,14 +464,6 @@ static NTSTATUS smbd_smb2_common_ntlmssp_auth_return(struct smbd_smb2_session *s session->compat_vuser->vuid = session->vuid; DLIST_ADD(session->sconn->smb1.sessions.validated_users, session->compat_vuser); - /* This is a potentially untrusted username */ - alpha_strcpy(tmp, - auth_ntlmssp_get_username(session->auth_ntlmssp_state), - ". _-$", - sizeof(tmp)); - session->session_info->unix_info->sanitized_username = talloc_strdup( - session->session_info, tmp); - if (security_session_user_level(session->session_info, NULL) >= SECURITY_USER) { session->compat_vuser->homes_snum = register_homes_share(session->session_info->unix_info->unix_name); |