summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2006-06-15 01:54:09 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:17:27 -0500
commitf9147c4e408d316d194c4e367dfccbf433cb8ec9 (patch)
treec706add179942ab8c6b54cda49e9b0a47fc69bca
parenta1e0a0e9286fbe90ca04cda9df38e72d8d18b0c1 (diff)
downloadsamba-f9147c4e408d316d194c4e367dfccbf433cb8ec9.tar.gz
samba-f9147c4e408d316d194c4e367dfccbf433cb8ec9.tar.bz2
samba-f9147c4e408d316d194c4e367dfccbf433cb8ec9.zip
r16241: Fix Klocwork #106 and others like it.
Make 2 important changes. pdb_get_methods() returning NULL is a *fatal* error. Don't try and cope with it just call smb_panic. This removes a *lot* of pointless "if (!pdb)" handling code. Secondly, ensure that if samu_init() fails we *always* back out of a function. That way we are never in a situation where the pdb_XXX() functions need to start with a "if (sampass)" test - this was just bad design, not defensive programming. Jeremy. (This used to be commit a0d368197d6ae6777b7c2c3c6e970ab8ae7ca2ae)
-rw-r--r--source3/auth/auth_util.c40
-rw-r--r--source3/pam_smbpass/pam_smb_acct.c140
-rw-r--r--source3/pam_smbpass/pam_smb_auth.c160
-rw-r--r--source3/passdb/passdb.c41
-rw-r--r--source3/passdb/pdb_get_set.c327
-rw-r--r--source3/passdb/pdb_interface.c259
-rw-r--r--source3/rpc_server/srv_netlog_nt.c24
-rw-r--r--source3/smbd/lanman.c11
-rw-r--r--source3/utils/smbpasswd.c33
9 files changed, 385 insertions, 650 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index fb21d424c5..9427c7681e 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1085,6 +1085,7 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
const DOM_SID *gr_sid = NULL;
if ( !(sam_acct = samu_new( tmp_ctx )) ) {
+ result = NT_STATUS_NO_MEMORY;
goto done;
}
@@ -1347,25 +1348,44 @@ static auth_serversupplied_info *copy_serverinfo(auth_serversupplied_info *src)
dst->uid = src->uid;
dst->gid = src->gid;
dst->n_groups = src->n_groups;
- if (src->n_groups != 0)
+ if (src->n_groups != 0) {
dst->groups = talloc_memdup(dst, src->groups,
sizeof(gid_t)*dst->n_groups);
- else
+ } else {
dst->groups = NULL;
-
- dst->ptok = dup_nt_token(dst, src->ptok);
+ }
+
+ if (src->ptok) {
+ dst->ptok = dup_nt_token(dst, src->ptok);
+ if (!dst->ptok) {
+ TALLOC_FREE(dst);
+ return NULL;
+ }
+ }
dst->user_session_key = data_blob_talloc( dst, src->user_session_key.data,
- src->user_session_key.length);
-
+ src->user_session_key.length);
+
dst->lm_session_key = data_blob_talloc(dst, src->lm_session_key.data,
- src->lm_session_key.length);
-
- if ( (dst->sam_account = samu_new( NULL )) != NULL )
- pdb_copy_sam_account(dst->sam_account, src->sam_account);
+ src->lm_session_key.length);
+
+ dst->sam_account = samu_new(NULL);
+ if (!dst->sam_account) {
+ TALLOC_FREE(dst);
+ return NULL;
+ }
+
+ if (!pdb_copy_sam_account(dst->sam_account, src->sam_account)) {
+ TALLOC_FREE(dst);
+ return NULL;
+ }
dst->pam_handle = NULL;
dst->unix_name = talloc_strdup(dst, src->unix_name);
+ if (!dst->unix_name) {
+ TALLOC_FREE(dst);
+ return NULL;
+ }
return dst;
}
diff --git a/source3/pam_smbpass/pam_smb_acct.c b/source3/pam_smbpass/pam_smb_acct.c
index 8970ffa8ed..47bf059479 100644
--- a/source3/pam_smbpass/pam_smb_acct.c
+++ b/source3/pam_smbpass/pam_smb_acct.c
@@ -42,72 +42,80 @@
int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags,
int argc, const char **argv )
{
- unsigned int ctrl;
- int retval;
-
- const char *name;
- struct samu *sampass = NULL;
- void (*oldsig_handler)(int);
- extern BOOL in_client;
-
- /* Samba initialization. */
- load_case_tables();
- setup_logging( "pam_smbpass", False );
- in_client = True;
-
- ctrl = set_ctrl( flags, argc, argv );
-
- /* get the username */
-
- retval = pam_get_user( pamh, &name, "Username: " );
- if (retval != PAM_SUCCESS) {
- if (on( SMB_DEBUG, ctrl )) {
- _log_err( LOG_DEBUG, "acct: could not identify user" );
- }
- return retval;
- }
- if (on( SMB_DEBUG, ctrl )) {
- _log_err( LOG_DEBUG, "acct: username [%s] obtained", name );
- }
-
- /* Getting into places that might use LDAP -- protect the app
- from a SIGPIPE it's not expecting */
- oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN);
- if (!initialize_password_db(True)) {
- _log_err( LOG_ALERT, "Cannot access samba password database" );
- CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
- return PAM_AUTHINFO_UNAVAIL;
- }
-
- /* Get the user's record. */
-
- if ( (sampass = samu_new( NULL )) != NULL ) {
- pdb_getsampwnam(sampass, name );
- }
-
- /* check for lookup failure */
- if ( !sampass || !strlen(pdb_get_username(sampass)) ) {
- CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
- return PAM_USER_UNKNOWN;
- }
-
- if (pdb_get_acct_ctrl(sampass) & ACB_DISABLED) {
- if (on( SMB_DEBUG, ctrl )) {
- _log_err( LOG_DEBUG
- , "acct: account %s is administratively disabled", name );
- }
- make_remark( pamh, ctrl, PAM_ERROR_MSG
- , "Your account has been disabled; "
- "please see your system administrator." );
-
- CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
- return PAM_ACCT_EXPIRED;
- }
-
- /* TODO: support for expired passwords. */
-
- CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
- return PAM_SUCCESS;
+ unsigned int ctrl;
+ int retval;
+
+ const char *name;
+ struct samu *sampass = NULL;
+ void (*oldsig_handler)(int);
+ extern BOOL in_client;
+
+ /* Samba initialization. */
+ load_case_tables();
+ setup_logging( "pam_smbpass", False );
+ in_client = True;
+
+ ctrl = set_ctrl( flags, argc, argv );
+
+ /* get the username */
+
+ retval = pam_get_user( pamh, &name, "Username: " );
+ if (retval != PAM_SUCCESS) {
+ if (on( SMB_DEBUG, ctrl )) {
+ _log_err( LOG_DEBUG, "acct: could not identify user" );
+ }
+ return retval;
+ }
+ if (on( SMB_DEBUG, ctrl )) {
+ _log_err( LOG_DEBUG, "acct: username [%s] obtained", name );
+ }
+
+ /* Getting into places that might use LDAP -- protect the app
+ from a SIGPIPE it's not expecting */
+ oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN);
+ if (!initialize_password_db(True)) {
+ _log_err( LOG_ALERT, "Cannot access samba password database" );
+ CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
+ return PAM_AUTHINFO_UNAVAIL;
+ }
+
+ /* Get the user's record. */
+
+ if (!(sampass = samu_new( NULL ))) {
+ CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
+ /* malloc fail. */
+ return nt_status_to_pam(NT_STATUS_NO_MEMORY);
+ }
+
+ if (!pdb_getsampwnam(sampass, name )) {
+ _log_err( LOG_DEBUG, "acct: could not identify user" );
+ CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
+ return PAM_USER_UNKNOWN;
+ }
+
+ /* check for lookup failure */
+ if (!strlen(pdb_get_username(sampass)) ) {
+ CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
+ return PAM_USER_UNKNOWN;
+ }
+
+ if (pdb_get_acct_ctrl(sampass) & ACB_DISABLED) {
+ if (on( SMB_DEBUG, ctrl )) {
+ _log_err( LOG_DEBUG
+ , "acct: account %s is administratively disabled", name );
+ }
+ make_remark( pamh, ctrl, PAM_ERROR_MSG
+ , "Your account has been disabled; "
+ "please see your system administrator." );
+
+ CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
+ return PAM_ACCT_EXPIRED;
+ }
+
+ /* TODO: support for expired passwords. */
+
+ CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
+ return PAM_SUCCESS;
}
/* static module data */
diff --git a/source3/pam_smbpass/pam_smb_auth.c b/source3/pam_smbpass/pam_smb_auth.c
index 15726aa855..df6d20e01a 100644
--- a/source3/pam_smbpass/pam_smb_auth.c
+++ b/source3/pam_smbpass/pam_smb_auth.c
@@ -62,94 +62,97 @@ static int _smb_add_user(pam_handle_t *pamh, unsigned int ctrl,
int pam_sm_authenticate(pam_handle_t *pamh, int flags,
int argc, const char **argv)
{
- unsigned int ctrl;
- int retval, *ret_data = NULL;
- struct samu *sampass = NULL;
- extern BOOL in_client;
- const char *name;
- void (*oldsig_handler)(int) = NULL;
- BOOL found;
-
- /* Points to memory managed by the PAM library. Do not free. */
- char *p = NULL;
-
-
- /* Samba initialization. */
- load_case_tables();
- setup_logging("pam_smbpass",False);
- in_client = True;
-
- ctrl = set_ctrl(flags, argc, argv);
-
- /* Get a few bytes so we can pass our return value to
- pam_sm_setcred(). */
- ret_data = SMB_MALLOC_P(int);
-
- /* we need to do this before we call AUTH_RETURN */
- /* Getting into places that might use LDAP -- protect the app
- from a SIGPIPE it's not expecting */
- oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN);
-
- /* get the username */
- retval = pam_get_user( pamh, &name, "Username: " );
- if ( retval != PAM_SUCCESS ) {
- if (on( SMB_DEBUG, ctrl )) {
- _log_err(LOG_DEBUG, "auth: could not identify user");
- }
- AUTH_RETURN;
- }
- if (on( SMB_DEBUG, ctrl )) {
- _log_err( LOG_DEBUG, "username [%s] obtained", name );
- }
+ unsigned int ctrl;
+ int retval, *ret_data = NULL;
+ struct samu *sampass = NULL;
+ extern BOOL in_client;
+ const char *name;
+ void (*oldsig_handler)(int) = NULL;
+ BOOL found;
+
+ /* Points to memory managed by the PAM library. Do not free. */
+ char *p = NULL;
+
+ /* Samba initialization. */
+ load_case_tables();
+ setup_logging("pam_smbpass",False);
+ in_client = True;
+
+ ctrl = set_ctrl(flags, argc, argv);
+
+ /* Get a few bytes so we can pass our return value to
+ pam_sm_setcred(). */
+ ret_data = SMB_MALLOC_P(int);
+
+ /* we need to do this before we call AUTH_RETURN */
+ /* Getting into places that might use LDAP -- protect the app
+ from a SIGPIPE it's not expecting */
+ oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN);
+
+ /* get the username */
+ retval = pam_get_user( pamh, &name, "Username: " );
+ if ( retval != PAM_SUCCESS ) {
+ if (on( SMB_DEBUG, ctrl )) {
+ _log_err(LOG_DEBUG, "auth: could not identify user");
+ }
+ AUTH_RETURN;
+ }
+ if (on( SMB_DEBUG, ctrl )) {
+ _log_err( LOG_DEBUG, "username [%s] obtained", name );
+ }
- if (!initialize_password_db(True)) {
- _log_err( LOG_ALERT, "Cannot access samba password database" );
- retval = PAM_AUTHINFO_UNAVAIL;
- AUTH_RETURN;
- }
+ if (!initialize_password_db(True)) {
+ _log_err( LOG_ALERT, "Cannot access samba password database" );
+ retval = PAM_AUTHINFO_UNAVAIL;
+ AUTH_RETURN;
+ }
- sampass = samu_new( NULL );
-
- found = pdb_getsampwnam( sampass, name );
+ sampass = samu_new( NULL );
+ if (!sampass) {
+ _log_err( LOG_ALERT, "Cannot talloc a samu struct" );
+ retval = nt_status_to_pam(NT_STATUS_NO_MEMORY);
+ AUTH_RETURN;
+ }
- if (on( SMB_MIGRATE, ctrl )) {
- retval = _smb_add_user(pamh, ctrl, name, sampass, found);
- TALLOC_FREE(sampass);
- AUTH_RETURN;
- }
+ found = pdb_getsampwnam( sampass, name );
- if (!found) {
- _log_err(LOG_ALERT, "Failed to find entry for user %s.", name);
- retval = PAM_USER_UNKNOWN;
- TALLOC_FREE(sampass);
- sampass = NULL;
- AUTH_RETURN;
- }
+ if (on( SMB_MIGRATE, ctrl )) {
+ retval = _smb_add_user(pamh, ctrl, name, sampass, found);
+ TALLOC_FREE(sampass);
+ AUTH_RETURN;
+ }
+
+ if (!found) {
+ _log_err(LOG_ALERT, "Failed to find entry for user %s.", name);
+ retval = PAM_USER_UNKNOWN;
+ TALLOC_FREE(sampass);
+ sampass = NULL;
+ AUTH_RETURN;
+ }
- /* if this user does not have a password... */
+ /* if this user does not have a password... */
- if (_smb_blankpasswd( ctrl, sampass )) {
- TALLOC_FREE(sampass);
- retval = PAM_SUCCESS;
- AUTH_RETURN;
- }
+ if (_smb_blankpasswd( ctrl, sampass )) {
+ TALLOC_FREE(sampass);
+ retval = PAM_SUCCESS;
+ AUTH_RETURN;
+ }
- /* get this user's authentication token */
+ /* get this user's authentication token */
- retval = _smb_read_password(pamh, ctrl, NULL, "Password: ", NULL, _SMB_AUTHTOK, &p);
- if (retval != PAM_SUCCESS ) {
- _log_err(LOG_CRIT, "auth: no password provided for [%s]"
- , name);
- TALLOC_FREE(sampass);
- AUTH_RETURN;
- }
+ retval = _smb_read_password(pamh, ctrl, NULL, "Password: ", NULL, _SMB_AUTHTOK, &p);
+ if (retval != PAM_SUCCESS ) {
+ _log_err(LOG_CRIT, "auth: no password provided for [%s]", name);
+ TALLOC_FREE(sampass);
+ AUTH_RETURN;
+ }
- /* verify the password of this user */
+ /* verify the password of this user */
- retval = _smb_verify_password( pamh, sampass, p, ctrl );
- TALLOC_FREE(sampass);
- p = NULL;
- AUTH_RETURN;
+ retval = _smb_verify_password( pamh, sampass, p, ctrl );
+ TALLOC_FREE(sampass);
+ p = NULL;
+ AUTH_RETURN;
}
/*
@@ -255,4 +258,3 @@ struct pam_module _pam_smbpass_auth_modstruct = {
NULL
};
#endif
-
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 43171df8b0..d4e788ff68 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -67,7 +67,7 @@ static int samu_destroy(void *p)
generate a new struct samuser
***********************************************************************/
-struct samu* samu_new( TALLOC_CTX *ctx )
+struct samu *samu_new( TALLOC_CTX *ctx )
{
struct samu *user;
@@ -634,7 +634,7 @@ NTSTATUS local_password_change(const char *user_name, int local_flags,
char *err_str, size_t err_str_len,
char *msg_str, size_t msg_str_len)
{
- struct samu *sam_pass=NULL;
+ struct samu *sam_pass=NULL;
uint32 other_acb;
NTSTATUS result;
@@ -1094,12 +1094,6 @@ uint32 init_buffer_from_sam_v3 (uint8 **buf, struct samu *sampass, BOOL size_onl
uint32 nt_pw_hist_len;
uint32 pwHistLen = 0;
- /* do we have a valid struct samu pointer? */
- if (sampass == NULL) {
- DEBUG(0, ("init_buffer_from_sam: struct samu is NULL!\n"));
- return -1;
- }
-
*buf = NULL;
buflen = 0;
@@ -1330,27 +1324,31 @@ uint32 init_buffer_from_sam_v3 (uint8 **buf, struct samu *sampass, BOOL size_onl
BOOL pdb_copy_sam_account(struct samu *dst, struct samu *src )
{
- BOOL result;
- uint8 *buf;
+ uint8 *buf = NULL;
int len;
- if ( !dst )
- return False;
-
len = init_buffer_from_sam_v3(&buf, src, False);
+ if (len == -1 || !buf) {
+ return False;
+ }
- if (len == -1)
+ if (!init_sam_from_buffer_v3( dst, buf, len )) {
+ free(buf);
return False;
+ }
- result = init_sam_from_buffer_v3( dst, buf, len );
dst->methods = src->methods;
- if ( src->unix_pw )
+ if ( src->unix_pw ) {
dst->unix_pw = tcopy_passwd( dst, src->unix_pw );
+ if (!dst->unix_pw) {
+ free(buf);
+ return False;
+ }
+ }
free(buf);
-
- return result;
+ return True;
}
/*********************************************************************
@@ -1363,8 +1361,6 @@ BOOL pdb_update_bad_password_count(struct samu *sampass, BOOL *updated)
uint16 BadPasswordCount;
uint32 resettime;
- if (!sampass) return False;
-
BadPasswordCount = pdb_get_bad_password_count(sampass);
if (!BadPasswordCount) {
DEBUG(9, ("No bad password attempts.\n"));
@@ -1405,8 +1401,6 @@ BOOL pdb_update_autolock_flag(struct samu *sampass, BOOL *updated)
uint32 duration;
time_t LastBadPassword;
- if (!sampass) return False;
-
if (!(pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK)) {
DEBUG(9, ("pdb_update_autolock_flag: Account %s not autolocked, no check needed\n",
pdb_get_username(sampass)));
@@ -1459,9 +1453,6 @@ BOOL pdb_increment_bad_password_count(struct samu *sampass)
BOOL autolock_updated = False, badpw_updated = False;
BOOL ret;
- if (!sampass)
- return False;
-
/* Retrieve the account lockout policy */
become_root();
ret = pdb_get_account_policy(AP_BAD_ATTEMPT_LOCKOUT, &account_policy_lockout);
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index 0b93c42a41..831ddefa13 100644
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -40,127 +40,81 @@
Collection of get...() functions for struct samu.
********************************************************************/
-uint32 pdb_get_acct_ctrl (const struct samu *sampass)
+uint32 pdb_get_acct_ctrl(const struct samu *sampass)
{
- if (sampass)
- return (sampass->acct_ctrl);
- else
- return (ACB_DISABLED);
+ return sampass->acct_ctrl;
}
-time_t pdb_get_logon_time (const struct samu *sampass)
+time_t pdb_get_logon_time(const struct samu *sampass)
{
- if (sampass)
- return (sampass->logon_time);
- else
- return (0);
+ return sampass->logon_time;
}
-time_t pdb_get_logoff_time (const struct samu *sampass)
+time_t pdb_get_logoff_time(const struct samu *sampass)
{
- if (sampass)
- return (sampass->logoff_time);
- else
- return (-1);
+ return sampass->logoff_time;
}
-time_t pdb_get_kickoff_time (const struct samu *sampass)
+time_t pdb_get_kickoff_time(const struct samu *sampass)
{
- if (sampass)
- return (sampass->kickoff_time);
- else
- return (-1);
+ return sampass->kickoff_time;
}
-time_t pdb_get_bad_password_time (const struct samu *sampass)
+time_t pdb_get_bad_password_time(const struct samu *sampass)
{
- if (sampass)
- return (sampass->bad_password_time);
- else
- return (-1);
+ return sampass->bad_password_time;
}
-time_t pdb_get_pass_last_set_time (const struct samu *sampass)
+time_t pdb_get_pass_last_set_time(const struct samu *sampass)
{
- if (sampass)
- return (sampass->pass_last_set_time);
- else
- return (-1);
+ return sampass->pass_last_set_time;
}
-time_t pdb_get_pass_can_change_time (const struct samu *sampass)
+time_t pdb_get_pass_can_change_time(const struct samu *sampass)
{
- if (sampass)
- return (sampass->pass_can_change_time);
- else
- return (-1);
+ return sampass->pass_can_change_time;
}
-time_t pdb_get_pass_must_change_time (const struct samu *sampass)
+time_t pdb_get_pass_must_change_time(const struct samu *sampass)
{
- if (sampass)
- return (sampass->pass_must_change_time);
- else
- return (-1);
+ return sampass->pass_must_change_time;
}
-uint16 pdb_get_logon_divs (const struct samu *sampass)
+uint16 pdb_get_logon_divs(const struct samu *sampass)
{
- if (sampass)
- return (sampass->logon_divs);
- else
- return (-1);
+ return sampass->logon_divs;
}
-uint32 pdb_get_hours_len (const struct samu *sampass)
+uint32 pdb_get_hours_len(const struct samu *sampass)
{
- if (sampass)
- return (sampass->hours_len);
- else
- return (-1);
+ return sampass->hours_len;
}
-const uint8* pdb_get_hours (const struct samu *sampass)
+const uint8 *pdb_get_hours(const struct samu *sampass)
{
- if (sampass)
- return (sampass->hours);
- else
- return (NULL);
+ return (sampass->hours);
}
-const uint8* pdb_get_nt_passwd (const struct samu *sampass)
+const uint8 *pdb_get_nt_passwd(const struct samu *sampass)
{
- if (sampass) {
- SMB_ASSERT((!sampass->nt_pw.data)
- || sampass->nt_pw.length == NT_HASH_LEN);
- return ((uint8*)sampass->nt_pw.data);
- }
- else
- return (NULL);
+ SMB_ASSERT((!sampass->nt_pw.data)
+ || sampass->nt_pw.length == NT_HASH_LEN);
+ return (uint8 *)sampass->nt_pw.data;
}
-const uint8* pdb_get_lanman_passwd (const struct samu *sampass)
+const uint8 *pdb_get_lanman_passwd(const struct samu *sampass)
{
- if (sampass) {
- SMB_ASSERT((!sampass->lm_pw.data)
- || sampass->lm_pw.length == LM_HASH_LEN);
- return ((uint8*)sampass->lm_pw.data);
- }
- else
- return (NULL);
+ SMB_ASSERT((!sampass->lm_pw.data)
+ || sampass->lm_pw.length == LM_HASH_LEN);
+ return (uint8 *)sampass->lm_pw.data;
}
-const uint8* pdb_get_pw_history (const struct samu *sampass, uint32 *current_hist_len)
+const uint8 *pdb_get_pw_history(const struct samu *sampass, uint32 *current_hist_len)
{
- if (sampass) {
- SMB_ASSERT((!sampass->nt_pw_his.data)
- || ((sampass->nt_pw_his.length % PW_HISTORY_ENTRY_LEN) == 0));
- *current_hist_len = sampass->nt_pw_his.length / PW_HISTORY_ENTRY_LEN;
- return ((uint8*)sampass->nt_pw_his.data);
- } else {
- *current_hist_len = 0;
- return (NULL);
- }
+ SMB_ASSERT((!sampass->nt_pw_his.data)
+ || ((sampass->nt_pw_his.length % PW_HISTORY_ENTRY_LEN) == 0));
+ *current_hist_len = sampass->nt_pw_his.length / PW_HISTORY_ENTRY_LEN;
+ return (uint8 *)sampass->nt_pw_his.data;
}
/* Return the plaintext password if known. Most of the time
@@ -169,20 +123,14 @@ const uint8* pdb_get_pw_history (const struct samu *sampass, uint32 *current_his
Used to pass the plaintext to passdb backends that might
want to store more than just the NTLM hashes.
*/
-const char* pdb_get_plaintext_passwd (const struct samu *sampass)
+const char *pdb_get_plaintext_passwd(const struct samu *sampass)
{
- if (sampass) {
- return (sampass->plaintext_pw);
- }
- else
- return (NULL);
+ return sampass->plaintext_pw;
}
+
const DOM_SID *pdb_get_user_sid(const struct samu *sampass)
{
- if (sampass)
- return &sampass->user_sid;
-
- return NULL;
+ return &sampass->user_sid;
}
const DOM_SID *pdb_get_group_sid(struct samu *sampass)
@@ -190,14 +138,7 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass)
DOM_SID *gsid;
struct passwd *pwd;
- /* sanity check */
-
- if ( !sampass ) {
- return NULL;
- }
-
/* Return the cached group SID if we have that */
-
if ( sampass->group_sid ) {
return sampass->group_sid;
}
@@ -213,10 +154,11 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass)
be a newly allocated one. We rely on the user's Unix primary gid.
We have no choice but to fail if we can't find it. */
- if ( sampass->unix_pw )
+ if ( sampass->unix_pw ) {
pwd = sampass->unix_pw;
- else
+ } else {
pwd = getpwnam_alloc( sampass, pdb_get_username(sampass) );
+ }
if ( !pwd ) {
DEBUG(0,("pdb_get_group_sid: Failed to find Unix account for %s\n", pdb_get_username(sampass) ));
@@ -264,11 +206,11 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass)
* @return the flags indicating the members initialised in the struct.
**/
-enum pdb_value_state pdb_get_init_flags (const struct samu *sampass, enum pdb_elements element)
+enum pdb_value_state pdb_get_init_flags(const struct samu *sampass, enum pdb_elements element)
{
enum pdb_value_state ret = PDB_DEFAULT;
- if (!sampass || !sampass->change_flags || !sampass->set_flags)
+ if (!sampass->change_flags || !sampass->set_flags)
return ret;
if (bitmap_query(sampass->set_flags, element)) {
@@ -288,147 +230,103 @@ enum pdb_value_state pdb_get_init_flags (const struct samu *sampass, enum pdb_el
return ret;
}
-const char* pdb_get_username (const struct samu *sampass)
+const char *pdb_get_username(const struct samu *sampass)
{
- if (sampass)
- return (sampass->username);
- else
- return (NULL);
+ return sampass->username;
}
-const char* pdb_get_domain (const struct samu *sampass)
+const char *pdb_get_domain(const struct samu *sampass)
{
- if (sampass)
- return (sampass->domain);
- else
- return (NULL);
+ return sampass->domain;
}
-const char* pdb_get_nt_username (const struct samu *sampass)
+const char *pdb_get_nt_username(const struct samu *sampass)
{
- if (sampass)
- return (sampass->nt_username);
- else
- return (NULL);
+ return sampass->nt_username;
}
-const char* pdb_get_fullname (const struct samu *sampass)
+const char *pdb_get_fullname(const struct samu *sampass)
{
- if (sampass)
- return (sampass->full_name);
- else
- return (NULL);
+ return sampass->full_name;
}
-const char* pdb_get_homedir (const struct samu *sampass)
+const char *pdb_get_homedir(const struct samu *sampass)
{
- if (sampass)
- return (sampass->home_dir);
- else
- return (NULL);
+ return sampass->home_dir;
}
-const char* pdb_get_unix_homedir (const struct samu *sampass)
+const char *pdb_get_unix_homedir(const struct samu *sampass)
{
- if ( sampass && sampass->unix_pw )
- return ( sampass->unix_pw->pw_dir );
-
- return (NULL);
+ if (sampass->unix_pw ) {
+ return sampass->unix_pw->pw_dir;
+ }
+ return NULL;
}
-const char* pdb_get_dir_drive (const struct samu *sampass)
+const char *pdb_get_dir_drive(const struct samu *sampass)
{
- if (sampass)
- return (sampass->dir_drive);
- else
- return (NULL);
+ return sampass->dir_drive;
}
-const char* pdb_get_logon_script (const struct samu *sampass)
+const char *pdb_get_logon_script(const struct samu *sampass)
{
- if (sampass)
- return (sampass->logon_script);
- else
- return (NULL);
+ return sampass->logon_script;
}
-const char* pdb_get_profile_path (const struct samu *sampass)
+const char *pdb_get_profile_path(const struct samu *sampass)
{
- if (sampass)
- return (sampass->profile_path);
- else
- return (NULL);
+ return sampass->profile_path;
}
-const char* pdb_get_acct_desc (const struct samu *sampass)
+const char *pdb_get_acct_desc(const struct samu *sampass)
{
- if (sampass)
- return (sampass->acct_desc);
- else
- return (NULL);
+ return sampass->acct_desc;
}
-const char* pdb_get_workstations (const struct samu *sampass)
+const char *pdb_get_workstations(const struct samu *sampass)
{
- if (sampass)
- return (sampass->workstations);
- else
- return (NULL);
+ return sampass->workstations;
}
-const char* pdb_get_unknown_str (const struct samu *sampass)
+const char *pdb_get_unknown_str(const struct samu *sampass)
{
- if (sampass)
- return (sampass->unknown_str);
- else
- return (NULL);
+ return sampass->unknown_str;
}
-const char* pdb_get_munged_dial (const struct samu *sampass)
+const char *pdb_get_munged_dial(const struct samu *sampass)
{
- if (sampass)
- return (sampass->munged_dial);
- else
- return (NULL);
+ return sampass->munged_dial;
}
uint16 pdb_get_bad_password_count(const struct samu *sampass)
{
- if (sampass)
- return (sampass->bad_password_count);
- else
- return 0;
+ return sampass->bad_password_count;
}
uint16 pdb_get_logon_count(const struct samu *sampass)
{
- if (sampass)
- return (sampass->logon_count);
- else
- return 0;
+ return sampass->logon_count;
}
-uint32 pdb_get_unknown_6 (const struct samu *sampass)
+uint32 pdb_get_unknown_6(const struct samu *sampass)
{
- if (sampass)
- return (sampass->unknown_6);
- else
- return (-1);
+ return sampass->unknown_6;
}
-void *pdb_get_backend_private_data (const struct samu *sampass, const struct pdb_methods *my_methods)
+void *pdb_get_backend_private_data(const struct samu *sampass, const struct pdb_methods *my_methods)
{
- if (sampass && my_methods == sampass->backend_private_methods)
+ if (my_methods == sampass->backend_private_methods) {
return sampass->backend_private_data;
- else
+ } else {
return NULL;
+ }
}
/*********************************************************************
Collection of set...() functions for struct samu.
********************************************************************/
-BOOL pdb_set_acct_ctrl (struct samu *sampass, uint32 acct_ctrl, enum pdb_value_state flag)
+BOOL pdb_set_acct_ctrl(struct samu *sampass, uint32 acct_ctrl, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -438,7 +336,7 @@ BOOL pdb_set_acct_ctrl (struct samu *sampass, uint32 acct_ctrl, enum pdb_value_s
return pdb_set_init_flags(sampass, PDB_ACCTCTRL, flag);
}
-BOOL pdb_set_logon_time (struct samu *sampass, time_t mytime, enum pdb_value_state flag)
+BOOL pdb_set_logon_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -448,7 +346,7 @@ BOOL pdb_set_logon_time (struct samu *sampass, time_t mytime, enum pdb_value_sta
return pdb_set_init_flags(sampass, PDB_LOGONTIME, flag);
}
-BOOL pdb_set_logoff_time (struct samu *sampass, time_t mytime, enum pdb_value_state flag)
+BOOL pdb_set_logoff_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -458,7 +356,7 @@ BOOL pdb_set_logoff_time (struct samu *sampass, time_t mytime, enum pdb_value_st
return pdb_set_init_flags(sampass, PDB_LOGOFFTIME, flag);
}
-BOOL pdb_set_kickoff_time (struct samu *sampass, time_t mytime, enum pdb_value_state flag)
+BOOL pdb_set_kickoff_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -468,8 +366,7 @@ BOOL pdb_set_kickoff_time (struct samu *sampass, time_t mytime, enum pdb_value_s
return pdb_set_init_flags(sampass, PDB_KICKOFFTIME, flag);
}
-BOOL pdb_set_bad_password_time (struct samu *sampass, time_t mytime,
- enum pdb_value_state flag)
+BOOL pdb_set_bad_password_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -479,7 +376,7 @@ BOOL pdb_set_bad_password_time (struct samu *sampass, time_t mytime,
return pdb_set_init_flags(sampass, PDB_BAD_PASSWORD_TIME, flag);
}
-BOOL pdb_set_pass_can_change_time (struct samu *sampass, time_t mytime, enum pdb_value_state flag)
+BOOL pdb_set_pass_can_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -489,7 +386,7 @@ BOOL pdb_set_pass_can_change_time (struct samu *sampass, time_t mytime, enum pdb
return pdb_set_init_flags(sampass, PDB_CANCHANGETIME, flag);
}
-BOOL pdb_set_pass_must_change_time (struct samu *sampass, time_t mytime, enum pdb_value_state flag)
+BOOL pdb_set_pass_must_change_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -499,7 +396,7 @@ BOOL pdb_set_pass_must_change_time (struct samu *sampass, time_t mytime, enum pd
return pdb_set_init_flags(sampass, PDB_MUSTCHANGETIME, flag);
}
-BOOL pdb_set_pass_last_set_time (struct samu *sampass, time_t mytime, enum pdb_value_state flag)
+BOOL pdb_set_pass_last_set_time(struct samu *sampass, time_t mytime, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -509,7 +406,7 @@ BOOL pdb_set_pass_last_set_time (struct samu *sampass, time_t mytime, enum pdb_v
return pdb_set_init_flags(sampass, PDB_PASSLASTSET, flag);
}
-BOOL pdb_set_hours_len (struct samu *sampass, uint32 len, enum pdb_value_state flag)
+BOOL pdb_set_hours_len(struct samu *sampass, uint32 len, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -519,7 +416,7 @@ BOOL pdb_set_hours_len (struct samu *sampass, uint32 len, enum pdb_value_state f
return pdb_set_init_flags(sampass, PDB_HOURSLEN, flag);
}
-BOOL pdb_set_logon_divs (struct samu *sampass, uint16 hours, enum pdb_value_state flag)
+BOOL pdb_set_logon_divs(struct samu *sampass, uint16 hours, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -536,7 +433,7 @@ BOOL pdb_set_logon_divs (struct samu *sampass, uint16 hours, enum pdb_value_stat
* this flag is only added.
**/
-BOOL pdb_set_init_flags (struct samu *sampass, enum pdb_elements element, enum pdb_value_state value_flag)
+BOOL pdb_set_init_flags(struct samu *sampass, enum pdb_elements element, enum pdb_value_state value_flag)
{
if (!sampass || !sampass)
return False;
@@ -598,7 +495,7 @@ BOOL pdb_set_init_flags (struct samu *sampass, enum pdb_elements element, enum p
return True;
}
-BOOL pdb_set_user_sid (struct samu *sampass, const DOM_SID *u_sid, enum pdb_value_state flag)
+BOOL pdb_set_user_sid(struct samu *sampass, const DOM_SID *u_sid, enum pdb_value_state flag)
{
if (!sampass || !u_sid)
return False;
@@ -611,7 +508,7 @@ BOOL pdb_set_user_sid (struct samu *sampass, const DOM_SID *u_sid, enum pdb_valu
return pdb_set_init_flags(sampass, PDB_USERSID, flag);
}
-BOOL pdb_set_user_sid_from_string (struct samu *sampass, fstring u_sid, enum pdb_value_state flag)
+BOOL pdb_set_user_sid_from_string(struct samu *sampass, fstring u_sid, enum pdb_value_state flag)
{
DOM_SID new_sid;
@@ -642,7 +539,7 @@ BOOL pdb_set_user_sid_from_string (struct samu *sampass, fstring u_sid, enum pdb
have to allow the explicitly setting of a group SID here.
********************************************************************/
-BOOL pdb_set_group_sid (struct samu *sampass, const DOM_SID *g_sid, enum pdb_value_state flag)
+BOOL pdb_set_group_sid(struct samu *sampass, const DOM_SID *g_sid, enum pdb_value_state flag)
{
gid_t gid;
@@ -808,7 +705,7 @@ BOOL pdb_set_logon_script(struct samu *sampass, const char *logon_script, enum p
Set the user's profile path.
********************************************************************/
-BOOL pdb_set_profile_path (struct samu *sampass, const char *profile_path, enum pdb_value_state flag)
+BOOL pdb_set_profile_path(struct samu *sampass, const char *profile_path, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -835,7 +732,7 @@ BOOL pdb_set_profile_path (struct samu *sampass, const char *profile_path, enum
Set the user's directory drive.
********************************************************************/
-BOOL pdb_set_dir_drive (struct samu *sampass, const char *dir_drive, enum pdb_value_state flag)
+BOOL pdb_set_dir_drive(struct samu *sampass, const char *dir_drive, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -862,7 +759,7 @@ BOOL pdb_set_dir_drive (struct samu *sampass, const char *dir_drive, enum pdb_va
Set the user's home directory.
********************************************************************/
-BOOL pdb_set_homedir (struct samu *sampass, const char *home_dir, enum pdb_value_state flag)
+BOOL pdb_set_homedir(struct samu *sampass, const char *home_dir, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -889,7 +786,7 @@ BOOL pdb_set_homedir (struct samu *sampass, const char *home_dir, enum pdb_value
Set the user's account description.
********************************************************************/
-BOOL pdb_set_acct_desc (struct samu *sampass, const char *acct_desc, enum pdb_value_state flag)
+BOOL pdb_set_acct_desc(struct samu *sampass, const char *acct_desc, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -913,7 +810,7 @@ BOOL pdb_set_acct_desc (struct samu *sampass, const char *acct_desc, enum pdb_va
Set the user's workstation allowed list.
********************************************************************/
-BOOL pdb_set_workstations (struct samu *sampass, const char *workstations, enum pdb_value_state flag)
+BOOL pdb_set_workstations(struct samu *sampass, const char *workstations, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -940,7 +837,7 @@ BOOL pdb_set_workstations (struct samu *sampass, const char *workstations, enum
Set the user's 'unknown_str', whatever the heck this actually is...
********************************************************************/
-BOOL pdb_set_unknown_str (struct samu *sampass, const char *unknown_str, enum pdb_value_state flag)
+BOOL pdb_set_unknown_str(struct samu *sampass, const char *unknown_str, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -964,7 +861,7 @@ BOOL pdb_set_unknown_str (struct samu *sampass, const char *unknown_str, enum pd
Set the user's dial string.
********************************************************************/
-BOOL pdb_set_munged_dial (struct samu *sampass, const char *munged_dial, enum pdb_value_state flag)
+BOOL pdb_set_munged_dial(struct samu *sampass, const char *munged_dial, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -988,7 +885,7 @@ BOOL pdb_set_munged_dial (struct samu *sampass, const char *munged_dial, enum pd
Set the user's NT hash.
********************************************************************/
-BOOL pdb_set_nt_passwd (struct samu *sampass, const uint8 pwd[NT_HASH_LEN], enum pdb_value_state flag)
+BOOL pdb_set_nt_passwd(struct samu *sampass, const uint8 pwd[NT_HASH_LEN], enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -1009,7 +906,7 @@ BOOL pdb_set_nt_passwd (struct samu *sampass, const uint8 pwd[NT_HASH_LEN], enum
Set the user's LM hash.
********************************************************************/
-BOOL pdb_set_lanman_passwd (struct samu *sampass, const uint8 pwd[LM_HASH_LEN], enum pdb_value_state flag)
+BOOL pdb_set_lanman_passwd(struct samu *sampass, const uint8 pwd[LM_HASH_LEN], enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -1034,7 +931,7 @@ BOOL pdb_set_lanman_passwd (struct samu *sampass, const uint8 pwd[LM_HASH_LEN],
in pwd.
********************************************************************/
-BOOL pdb_set_pw_history (struct samu *sampass, const uint8 *pwd, uint32 historyLen, enum pdb_value_state flag)
+BOOL pdb_set_pw_history(struct samu *sampass, const uint8 *pwd, uint32 historyLen, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -1058,7 +955,7 @@ BOOL pdb_set_pw_history (struct samu *sampass, const uint8 *pwd, uint32 historyL
below)
********************************************************************/
-BOOL pdb_set_plaintext_pw_only (struct samu *sampass, const char *password, enum pdb_value_state flag)
+BOOL pdb_set_plaintext_pw_only(struct samu *sampass, const char *password, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -1101,7 +998,7 @@ BOOL pdb_set_logon_count(struct samu *sampass, uint16 logon_count, enum pdb_valu
return pdb_set_init_flags(sampass, PDB_LOGON_COUNT, flag);
}
-BOOL pdb_set_unknown_6 (struct samu *sampass, uint32 unkn, enum pdb_value_state flag)
+BOOL pdb_set_unknown_6(struct samu *sampass, uint32 unkn, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -1111,7 +1008,7 @@ BOOL pdb_set_unknown_6 (struct samu *sampass, uint32 unkn, enum pdb_value_state
return pdb_set_init_flags(sampass, PDB_UNKNOWN6, flag);
}
-BOOL pdb_set_hours (struct samu *sampass, const uint8 *hours, enum pdb_value_state flag)
+BOOL pdb_set_hours(struct samu *sampass, const uint8 *hours, enum pdb_value_state flag)
{
if (!sampass)
return False;
@@ -1126,7 +1023,7 @@ BOOL pdb_set_hours (struct samu *sampass, const uint8 *hours, enum pdb_value_sta
return pdb_set_init_flags(sampass, PDB_HOURS, flag);
}
-BOOL pdb_set_backend_private_data (struct samu *sampass, void *private_data,
+BOOL pdb_set_backend_private_data(struct samu *sampass, void *private_data,
void (*free_fn)(void **),
const struct pdb_methods *my_methods,
enum pdb_value_state flag)
@@ -1155,7 +1052,7 @@ BOOL pdb_set_backend_private_data (struct samu *sampass, void *private_data,
password change.
********************************************************************/
-BOOL pdb_set_pass_changed_now (struct samu *sampass)
+BOOL pdb_set_pass_changed_now(struct samu *sampass)
{
uint32 expire;
uint32 min_age;
@@ -1195,7 +1092,7 @@ BOOL pdb_set_pass_changed_now (struct samu *sampass)
Also sets the last change time to NOW.
********************************************************************/
-BOOL pdb_set_plaintext_passwd (struct samu *sampass, const char *plaintext)
+BOOL pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext)
{
uchar new_lanman_p16[LM_HASH_LEN];
uchar new_nt_p16[NT_HASH_LEN];
@@ -1294,7 +1191,7 @@ BOOL pdb_set_plaintext_passwd (struct samu *sampass, const char *plaintext)
}
/* check for any PDB_SET/CHANGED field and fill the appropriate mask bit */
-uint32 pdb_build_fields_present (struct samu *sampass)
+uint32 pdb_build_fields_present(struct samu *sampass)
{
/* value set to all for testing */
return 0x00ffffff;
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 393b60516c..94adebe232 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -37,7 +37,9 @@ static struct pdb_init_function_entry *backends = NULL;
static void lazy_initialize_passdb(void)
{
static BOOL initialized = False;
- if(initialized)return;
+ if(initialized) {
+ return;
+ }
static_init_pdb;
initialized = True;
}
@@ -201,13 +203,19 @@ static struct pdb_methods *pdb_get_methods_reload( BOOL reload )
if ( pdb && reload ) {
pdb->free_private_data( &(pdb->private_data) );
if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
- return NULL;
+ pstring msg;
+ slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
+ lp_passdb_backend() );
+ smb_panic(msg);
}
}
if ( !pdb ) {
if ( !NT_STATUS_IS_OK( make_pdb_method_name( &pdb, lp_passdb_backend() ) ) ) {
- return NULL;
+ pstring msg;
+ slprintf(msg, sizeof(msg)-1, "pdb_get_methods_reload: failed to get pdb methods for backend %s\n",
+ lp_passdb_backend() );
+ smb_panic(msg);
}
}
@@ -226,22 +234,12 @@ static struct pdb_methods *pdb_get_methods(void)
BOOL pdb_setsampwent(BOOL update, uint16 acb_mask)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->setsampwent(pdb, update, acb_mask));
}
void pdb_endsampwent(void)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return;
- }
-
pdb->endsampwent(pdb);
}
@@ -249,16 +247,10 @@ BOOL pdb_getsampwent(struct samu *user)
{
struct pdb_methods *pdb = pdb_get_methods();
- if ( !pdb ) {
- return False;
- }
-
if ( !NT_STATUS_IS_OK(pdb->getsampwent(pdb, user) ) ) {
return False;
}
-
pdb_force_pw_initialization( user );
-
return True;
}
@@ -266,10 +258,6 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
{
struct pdb_methods *pdb = pdb_get_methods();
- if ( !pdb ) {
- return False;
- }
-
if (!NT_STATUS_IS_OK(pdb->getsampwnam(pdb, sam_acct, username))) {
return False;
}
@@ -280,8 +268,14 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
pdb_force_pw_initialization( sam_acct );
- if ( (csamuser = samu_new( NULL )) != NULL ) {
- pdb_copy_sam_account(csamuser, sam_acct);
+ csamuser = samu_new( NULL );
+ if (!csamuser) {
+ return False;
+ }
+
+ if (!pdb_copy_sam_account(csamuser, sam_acct)) {
+ TALLOC_FREE(csamuser);
+ return False;
}
return True;
@@ -314,13 +308,9 @@ BOOL guest_user_info( struct samu *user )
BOOL pdb_getsampwsid(struct samu *sam_acct, const DOM_SID *sid)
{
- struct pdb_methods *pdb;
+ struct pdb_methods *pdb = pdb_get_methods();
uint32 rid;
- if ( !(pdb = pdb_get_methods()) ) {
- return False;
- }
-
/* hard code the Guest RID of 501 */
if ( !sid_peek_check_rid( get_global_sam_sid(), sid, &rid ) )
@@ -410,11 +400,6 @@ NTSTATUS pdb_create_user(TALLOC_CTX *mem_ctx, const char *name, uint32 flags,
uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->create_user(pdb, mem_ctx, name, flags, rid);
}
@@ -472,10 +457,6 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
struct pdb_methods *pdb = pdb_get_methods();
uid_t uid = -1;
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
/* sanity check to make sure we don't delete root */
if ( !sid_to_uid( pdb_get_user_sid(sam_acct), &uid ) ) {
@@ -492,11 +473,6 @@ NTSTATUS pdb_delete_user(TALLOC_CTX *mem_ctx, struct samu *sam_acct)
NTSTATUS pdb_add_sam_account(struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->add_sam_account(pdb, sam_acct);
}
@@ -504,10 +480,6 @@ NTSTATUS pdb_update_sam_account(struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
if (csamuser != NULL) {
TALLOC_FREE(csamuser);
csamuser = NULL;
@@ -520,10 +492,6 @@ NTSTATUS pdb_delete_sam_account(struct samu *sam_acct)
{
struct pdb_methods *pdb = pdb_get_methods();
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
if (csamuser != NULL) {
TALLOC_FREE(csamuser);
csamuser = NULL;
@@ -537,10 +505,6 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
struct pdb_methods *pdb = pdb_get_methods();
uid_t uid;
- if ( !pdb ) {
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
if (csamuser != NULL) {
TALLOC_FREE(csamuser);
csamuser = NULL;
@@ -562,44 +526,24 @@ NTSTATUS pdb_rename_sam_account(struct samu *oldname, const char *newname)
NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
return pdb->update_login_attempts(pdb, sam_acct, success);
}
BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
}
BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
}
BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
}
@@ -645,11 +589,6 @@ NTSTATUS pdb_create_dom_group(TALLOC_CTX *mem_ctx, const char *name,
uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->create_dom_group(pdb, mem_ctx, name, rid);
}
@@ -704,44 +643,24 @@ static NTSTATUS pdb_default_delete_dom_group(struct pdb_methods *methods,
NTSTATUS pdb_delete_dom_group(TALLOC_CTX *mem_ctx, uint32 rid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->delete_dom_group(pdb, mem_ctx, rid);
}
NTSTATUS pdb_add_group_mapping_entry(GROUP_MAP *map)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->add_group_mapping_entry(pdb, map);
}
NTSTATUS pdb_update_group_mapping_entry(GROUP_MAP *map)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->update_group_mapping_entry(pdb, map);
}
NTSTATUS pdb_delete_group_mapping_entry(DOM_SID sid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->delete_group_mapping_entry(pdb, sid);
}
@@ -749,11 +668,6 @@ BOOL pdb_enum_group_mapping(const DOM_SID *sid, enum SID_NAME_USE sid_name_use,
size_t *p_num_entries, BOOL unix_only)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb-> enum_group_mapping(pdb, sid, sid_name_use,
pp_rmap, p_num_entries, unix_only));
}
@@ -766,10 +680,6 @@ NTSTATUS pdb_enum_group_members(TALLOC_CTX *mem_ctx,
struct pdb_methods *pdb = pdb_get_methods();
NTSTATUS result;
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
result = pdb->enum_group_members(pdb, mem_ctx,
sid, pp_member_rids, p_num_members);
@@ -796,11 +706,6 @@ NTSTATUS pdb_enum_group_memberships(TALLOC_CTX *mem_ctx, struct samu *user,
size_t *p_num_groups)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->enum_group_memberships(
pdb, mem_ctx, user,
pp_sids, pp_gids, p_num_groups);
@@ -829,11 +734,6 @@ static NTSTATUS pdb_default_set_unix_primary_group(struct pdb_methods *methods,
NTSTATUS pdb_set_unix_primary_group(TALLOC_CTX *mem_ctx, struct samu *user)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->set_unix_primary_group(pdb, mem_ctx, user);
}
@@ -923,11 +823,6 @@ NTSTATUS pdb_add_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
uint32 member_rid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->add_groupmem(pdb, mem_ctx, group_rid, member_rid);
}
@@ -990,44 +885,24 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
uint32 member_rid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
}
BOOL pdb_find_alias(const char *name, DOM_SID *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
}
NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
return pdb->create_alias(pdb, name, rid);
}
BOOL pdb_delete_alias(const DOM_SID *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->delete_alias(pdb, sid));
}
@@ -1035,44 +910,24 @@ BOOL pdb_delete_alias(const DOM_SID *sid)
BOOL pdb_get_aliasinfo(const DOM_SID *sid, struct acct_info *info)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->get_aliasinfo(pdb, sid, info));
}
BOOL pdb_set_aliasinfo(const DOM_SID *sid, struct acct_info *info)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->set_aliasinfo(pdb, sid, info));
}
NTSTATUS pdb_add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->add_aliasmem(pdb, alias, member);
}
NTSTATUS pdb_del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
return pdb->del_aliasmem(pdb, alias, member);
}
@@ -1080,13 +935,7 @@ NTSTATUS pdb_enum_aliasmem(const DOM_SID *alias,
DOM_SID **pp_members, size_t *p_num_members)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_UNSUCCESSFUL;
- }
-
- return pdb->enum_aliasmem(pdb, alias,
- pp_members, p_num_members);
+ return pdb->enum_aliasmem(pdb, alias, pp_members, p_num_members);
}
NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
@@ -1096,11 +945,6 @@ NTSTATUS pdb_enum_alias_memberships(TALLOC_CTX *mem_ctx,
size_t *p_num_alias_rids)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
return pdb->enum_alias_memberships(pdb, mem_ctx,
domain_sid,
members, num_members,
@@ -1115,11 +959,6 @@ NTSTATUS pdb_lookup_rids(const DOM_SID *domain_sid,
uint32 *attrs)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
return pdb->lookup_rids(pdb, domain_sid,
num_rids, rids, names, attrs);
}
@@ -1131,11 +970,6 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
uint32 *attrs)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
return pdb->lookup_names(pdb, domain_sid,
num_names, names, rids, attrs);
}
@@ -1143,55 +977,30 @@ NTSTATUS pdb_lookup_names(const DOM_SID *domain_sid,
BOOL pdb_get_account_policy(int policy_index, uint32 *value)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->get_account_policy(pdb, policy_index, value));
}
BOOL pdb_set_account_policy(int policy_index, uint32 value)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->set_account_policy(pdb, policy_index, value));
}
BOOL pdb_get_seq_num(time_t *seq_num)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return NT_STATUS_IS_OK(pdb->get_seq_num(pdb, seq_num));
}
BOOL pdb_uid_to_rid(uid_t uid, uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return pdb->uid_to_rid(pdb, uid, rid);
}
BOOL pdb_gid_to_sid(gid_t gid, DOM_SID *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return pdb->gid_to_sid(pdb, gid, sid);
}
@@ -1199,22 +1008,12 @@ BOOL pdb_sid_to_id(const DOM_SID *sid, union unid_t *id,
enum SID_NAME_USE *type)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return pdb->sid_to_id(pdb, sid, id, type);
}
BOOL pdb_rid_algorithm(void)
{
struct pdb_methods *pdb = pdb_get_methods();
-
- if ( !pdb ) {
- return False;
- }
-
return pdb->rid_algorithm(pdb);
}
@@ -1234,10 +1033,6 @@ BOOL pdb_new_rid(uint32 *rid)
int i;
TALLOC_CTX *ctx;
- if ( !pdb ) {
- return False;
- }
-
if (pdb_rid_algorithm()) {
DEBUG(0, ("Trying to allocate a RID when algorithmic RIDs "
"are active\n"));
@@ -2079,10 +1874,10 @@ struct pdb_search *pdb_search_users(uint32 acct_flags)
struct pdb_methods *pdb = pdb_get_methods();
struct pdb_search *result;
- if (pdb == NULL) return NULL;
-
result = pdb_search_init(PDB_USER_SEARCH);
- if (result == NULL) return NULL;
+ if (result == NULL) {
+ return NULL;
+ }
if (!pdb->search_users(pdb, result, acct_flags)) {
talloc_destroy(result->mem_ctx);
@@ -2096,10 +1891,10 @@ struct pdb_search *pdb_search_groups(void)
struct pdb_methods *pdb = pdb_get_methods();
struct pdb_search *result;
- if (pdb == NULL) return NULL;
-
result = pdb_search_init(PDB_GROUP_SEARCH);
- if (result == NULL) return NULL;
+ if (result == NULL) {
+ return NULL;
+ }
if (!pdb->search_groups(pdb, result)) {
talloc_destroy(result->mem_ctx);
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index d512115e83..10cd5c82ba 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -238,7 +238,7 @@ static NTSTATUS get_md4pw(char *md4pw, char *mach_acct, uint16 sec_chan_type)
ret = pdb_getsampwnam(sampass, mach_acct);
unbecome_root();
- if (ret == False) {
+ if (!ret) {
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
TALLOC_FREE(sampass);
return NT_STATUS_ACCESS_DENIED;
@@ -562,26 +562,30 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
}
/* We must store the creds state after an update. */
+ sampass = samu_new( NULL );
+ if (!sampass) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
become_root();
secrets_store_schannel_session_info(p->pipe_state_mem_ctx,
remote_machine,
p->dc);
- if ( (sampass = samu_new( NULL )) != NULL ) {
- ret = pdb_getsampwnam(sampass, p->dc->mach_acct);
- }
+ ret = pdb_getsampwnam(sampass, p->dc->mach_acct);
unbecome_root();
- if ( !sampass )
- return NT_STATUS_NO_MEMORY;
+ if (!ret) {
+ TALLOC_FREE(sampass);
+ return NT_STATUS_ACCESS_DENIED;
+ }
/* Ensure the account exists and is a machine account. */
acct_ctrl = pdb_get_acct_ctrl(sampass);
- if (!(ret
- && (acct_ctrl & ACB_WSTRUST ||
+ if (!(acct_ctrl & ACB_WSTRUST ||
acct_ctrl & ACB_SVRTRUST ||
- acct_ctrl & ACB_DOMTRUST))) {
+ acct_ctrl & ACB_DOMTRUST)) {
TALLOC_FREE(sampass);
return NT_STATUS_NO_SUCH_USER;
}
@@ -626,7 +630,7 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *
}
become_root();
- r_u->status = pdb_update_sam_account (sampass);
+ r_u->status = pdb_update_sam_account(sampass);
unbecome_root();
}
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 7d1a2ade54..e4531d8ae9 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -2010,6 +2010,12 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para
return False;
}
+ if ( !(sampw = samu_new(mem_ctx)) ) {
+ DEBUG(0, ("samu_new() failed!\n"));
+ TALLOC_FREE(mem_ctx);
+ return False;
+ }
+
/* Lookup the user information; This should only be one of
our accounts (not remote domains) */
@@ -2027,11 +2033,6 @@ static BOOL api_NetUserGetGroups(connection_struct *conn,uint16 vuid, char *para
goto done;
}
- if ( !(sampw = samu_new(mem_ctx)) ) {
- DEBUG(0, ("samu_new() failed!\n"));
- goto done;
- }
-
if ( !pdb_getsampwsid(sampw, &user_sid) ) {
DEBUG(10, ("pdb_getsampwsid(%s) failed for user %s\n",
sid_string_static(&user_sid), UserName));
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c
index 24b3759605..fc339ffaa9 100644
--- a/source3/utils/smbpasswd.c
+++ b/source3/utils/smbpasswd.c
@@ -403,12 +403,19 @@ static int process_root(int local_flags)
if(local_flags & LOCAL_ENABLE_USER) {
struct samu *sampass = NULL;
- BOOL ret;
sampass = samu_new( NULL );
- ret = pdb_getsampwnam(sampass, user_name);
- if((ret) &&
- (pdb_get_nt_passwd(sampass) == NULL)) {
+ if (!sampass) {
+ fprintf(stderr, "talloc fail for struct samu.\n");
+ exit(1);
+ }
+ if (!pdb_getsampwnam(sampass, user_name)) {
+ fprintf(stderr, "Failed to find user %s in passdb backend.\n",
+ user_name );
+ exit(1);
+ }
+
+ if(pdb_get_nt_passwd(sampass) == NULL) {
local_flags |= LOCAL_SET_PASSWORD;
}
TALLOC_FREE(sampass);
@@ -437,16 +444,26 @@ static int process_root(int local_flags)
printf("Password changed for user %s on %s.\n", user_name, remote_machine );
} else if(!(local_flags & (LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|LOCAL_DELETE_USER|LOCAL_SET_NO_PASSWORD|LOCAL_SET_PASSWORD))) {
struct samu *sampass = NULL;
- BOOL ret;
sampass = samu_new( NULL );
- ret = pdb_getsampwnam(sampass, user_name);
+ if (!samu_new) {
+ fprintf(stderr, "talloc fail for struct samu.\n");
+ exit(1);
+ }
+
+ if (!pdb_getsampwnam(sampass, user_name)) {
+ fprintf(stderr, "Failed to find user %s in passdb backend.\n",
+ user_name );
+ exit(1);
+ }
printf("Password changed for user %s.", user_name );
- if( (ret != False) && (pdb_get_acct_ctrl(sampass)&ACB_DISABLED) )
+ if(pdb_get_acct_ctrl(sampass)&ACB_DISABLED) {
printf(" User has disabled flag set.");
- if((ret != False) && (pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) )
+ }
+ if(pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) {
printf(" User has no password flag set.");
+ }
printf("\n");
TALLOC_FREE(sampass);
}