diff options
author | Jeremy Allison <jra@samba.org> | 2006-07-11 18:01:26 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:19:14 -0500 |
commit | fbdcf2663b56007a438ac4f0d8d82436b1bfe688 (patch) | |
tree | 4e42c1f061391cea3d640152fd240682cbf4fd9a /source3/passdb | |
parent | 5bf62a0c3cc95abe918f3e772bb10e0a90fdce22 (diff) | |
download | samba-fbdcf2663b56007a438ac4f0d8d82436b1bfe688.tar.gz samba-fbdcf2663b56007a438ac4f0d8d82436b1bfe688.tar.bz2 samba-fbdcf2663b56007a438ac4f0d8d82436b1bfe688.zip |
r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need
to do the upper layer directories but this is what
everyone is waiting for....
Jeremy.
(This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
Diffstat (limited to 'source3/passdb')
-rw-r--r-- | source3/passdb/login_cache.c | 2 | ||||
-rw-r--r-- | source3/passdb/lookup_sid.c | 184 | ||||
-rw-r--r-- | source3/passdb/passdb.c | 20 | ||||
-rw-r--r-- | source3/passdb/pdb_get_set.c | 21 | ||||
-rw-r--r-- | source3/passdb/pdb_interface.c | 16 | ||||
-rw-r--r-- | source3/passdb/pdb_ldap.c | 58 | ||||
-rw-r--r-- | source3/passdb/pdb_nds.c | 11 | ||||
-rw-r--r-- | source3/passdb/pdb_smbpasswd.c | 27 | ||||
-rw-r--r-- | source3/passdb/pdb_tdb.c | 43 | ||||
-rw-r--r-- | source3/passdb/secrets.c | 193 |
10 files changed, 402 insertions, 173 deletions
diff --git a/source3/passdb/login_cache.c b/source3/passdb/login_cache.c index 9a19dcf437..7fd3b47826 100644 --- a/source3/passdb/login_cache.c +++ b/source3/passdb/login_cache.c @@ -140,7 +140,7 @@ BOOL login_cache_write(const struct samu *sampass, LOGIN_CACHE entry) entry.acct_ctrl, entry.bad_password_count, entry.bad_password_time); - databuf.dptr = SMB_MALLOC(databuf.dsize); + databuf.dptr = SMB_MALLOC_ARRAY(char, databuf.dsize); if (!databuf.dptr) { SAFE_FREE(keybuf.dptr); return False; diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index dba43ed6c4..a7a3fdc94d 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -63,6 +63,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if ((domain == NULL) || (name == NULL)) { DEBUG(0, ("talloc failed\n")); + TALLOC_FREE(tmp_ctx); return False; } @@ -74,7 +75,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, sid_append_rid(&sid, rid); goto ok; } - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } if (strequal(domain, builtin_domain_name())) { @@ -86,7 +88,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, type = SID_NAME_ALIAS; goto ok; } - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* Try the explicit winbind lookup first, don't let it guess the @@ -102,7 +105,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, type = SID_NAME_USER; goto ok; } - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } if (strequal(domain, unix_groups_domain_name())) { @@ -110,11 +114,13 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, type = SID_NAME_DOM_GRP; goto ok; } - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } if ((domain[0] == '\0') && (!(flags & LOOKUP_NAME_ISOLATED))) { - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* @@ -201,7 +207,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if (strequal(name, get_global_sam_name())) { if (!secrets_fetch_domain_sid(name, &sid)) { DEBUG(3, ("Could not fetch my SID\n")); - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* Swap domain and name */ tmp = name; name = domain; domain = tmp; @@ -214,7 +221,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, if (!IS_DC && strequal(name, lp_workgroup())) { if (!secrets_fetch_domain_sid(name, &sid)) { DEBUG(3, ("Could not fetch the domain SID\n")); - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* Swap domain and name */ tmp = name; name = domain; domain = tmp; @@ -258,7 +266,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, /* Now our local possibilities are exhausted. */ if (!(flags & LOOKUP_NAME_REMOTE)) { - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } /* If we are not a DC, we have to ask in our primary domain. Let @@ -298,7 +307,8 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, (domain_type != SID_NAME_DOMAIN)) { DEBUG(2, ("winbind could not find the domain's name " "it just looked up for us\n")); - goto failed; + TALLOC_FREE(tmp_ctx); + return False; } goto ok; } @@ -320,7 +330,10 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, goto ok; } - failed: + /* + * Ok, all possibilities tried. Fail. + */ + TALLOC_FREE(tmp_ctx); return False; @@ -331,14 +344,26 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, return False; } - if (ret_name != NULL) { - *ret_name = talloc_steal(mem_ctx, name); + /* + * Hand over the results to the talloc context we've been given. + */ + + if ((ret_name != NULL) && + !(*ret_name = talloc_strdup(mem_ctx, name))) { + DEBUG(0, ("talloc failed\n")); + TALLOC_FREE(tmp_ctx); + return False; } if (ret_domain != NULL) { - char *tmp_dom = talloc_strdup(tmp_ctx, domain); + char *tmp_dom; + if (!(tmp_dom = talloc_strdup(tmp_ctx, domain))) { + DEBUG(0, ("talloc failed\n")); + TALLOC_FREE(tmp_ctx); + return False; + } strupper_m(tmp_dom); - *ret_domain = talloc_steal(mem_ctx, tmp_dom); + *ret_domain = tmp_dom; } if (ret_sid != NULL) { @@ -353,34 +378,46 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, return True; } -static BOOL winbind_lookup_rids(TALLOC_CTX *mem_ctx, - const DOM_SID *domain_sid, - int num_rids, uint32 *rids, - const char **domain_name, - const char **names, enum SID_NAME_USE *types) +static BOOL wb_lookup_rids(TALLOC_CTX *mem_ctx, + const DOM_SID *domain_sid, + int num_rids, uint32 *rids, + const char **domain_name, + const char **names, enum SID_NAME_USE *types) { - /* Unless the winbind interface is upgraded, fall back to ask for - * individual sids. I imagine introducing a lookuprids operation that - * directly proxies to lsa_lookupsids to the correct DC. -- vl */ - int i; - for (i=0; i<num_rids; i++) { - DOM_SID sid; + const char **my_names; + enum SID_NAME_USE *my_types; + TALLOC_CTX *tmp_ctx; - sid_copy(&sid, domain_sid); - sid_append_rid(&sid, rids[i]); + if (!(tmp_ctx = talloc_init("wb_lookup_rids"))) { + return False; + } - if (winbind_lookup_sid(mem_ctx, &sid, - *domain_name == NULL ? - domain_name : NULL, - &names[i], &types[i])) { - if ((names[i] == NULL) || ((*domain_name) == NULL)) { - return False; - } - } else { + if (!winbind_lookup_rids(tmp_ctx, domain_sid, num_rids, rids, + domain_name, &my_names, &my_types)) { + for (i=0; i<num_rids; i++) { types[i] = SID_NAME_UNKNOWN; } + return True; } + + /* + * winbind_lookup_rids allocates its own array. We've been given the + * array, so copy it over + */ + + for (i=0; i<num_rids; i++) { + if (my_names[i] == NULL) { + TALLOC_FREE(tmp_ctx); + return False; + } + if (!(names[i] = talloc_strdup(names, my_names[i]))) { + TALLOC_FREE(tmp_ctx); + return False; + } + types[i] = my_types[i]; + } + TALLOC_FREE(tmp_ctx); return True; } @@ -489,8 +526,8 @@ static BOOL lookup_rids(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, return True; } - return winbind_lookup_rids(mem_ctx, domain_sid, num_rids, rids, - domain_name, *names, *types); + return wb_lookup_rids(mem_ctx, domain_sid, num_rids, rids, + domain_name, *names, *types); } /* @@ -627,18 +664,17 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, int i, j; - tmp_ctx = talloc_new(mem_ctx); - if (tmp_ctx == NULL) { + if (!(tmp_ctx = talloc_new(mem_ctx))) { DEBUG(0, ("talloc_new failed\n")); return NT_STATUS_NO_MEMORY; } - name_infos = TALLOC_ARRAY(tmp_ctx, struct lsa_name_info, num_sids); - dom_infos = TALLOC_ZERO_ARRAY(tmp_ctx, struct lsa_dom_info, + name_infos = TALLOC_ARRAY(mem_ctx, struct lsa_name_info, num_sids); + dom_infos = TALLOC_ZERO_ARRAY(mem_ctx, struct lsa_dom_info, MAX_REF_DOMAINS); if ((name_infos == NULL) || (dom_infos == NULL)) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } /* First build up the data structures: @@ -673,7 +709,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, */ if (domain_name == NULL) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } name_infos[i].rid = 0; @@ -687,14 +723,14 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, name_infos, builtin_domain_name()); if (name_infos[i].name == NULL) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } } } else { /* This is a normal SID with rid component */ if (!sid_split_rid(&sid, &rid)) { result = NT_STATUS_INVALID_PARAMETER; - goto done; + goto fail; } } @@ -717,7 +753,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, if (j == MAX_REF_DOMAINS) { /* TODO: What's the right error message here? */ result = NT_STATUS_NONE_MAPPED; - goto done; + goto fail; } if (!dom_infos[j].valid) { @@ -730,7 +766,11 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, /* This name was being found above in the case * when we found a domain SID */ dom_infos[j].name = - talloc_steal(dom_infos, domain_name); + talloc_strdup(dom_infos, domain_name); + if (dom_infos[j].name == NULL) { + result = NT_STATUS_NO_MEMORY; + goto fail; + } } else { /* lookup_rids will take care of this */ dom_infos[j].name = NULL; @@ -747,7 +787,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, if (dom_infos[j].idxs == NULL) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } } } @@ -756,6 +796,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, for (i=0; i<MAX_REF_DOMAINS; i++) { uint32_t *rids; + const char *domain_name = NULL; const char **names; enum SID_NAME_USE *types; struct lsa_dom_info *dom = &dom_infos[i]; @@ -765,11 +806,9 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, break; } - rids = TALLOC_ARRAY(tmp_ctx, uint32, dom->num_idxs); - - if (rids == NULL) { + if (!(rids = TALLOC_ARRAY(tmp_ctx, uint32, dom->num_idxs))) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } for (j=0; j<dom->num_idxs; j++) { @@ -777,31 +816,40 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, } if (!lookup_rids(tmp_ctx, &dom->sid, - dom->num_idxs, rids, &dom->name, + dom->num_idxs, rids, &domain_name, &names, &types)) { result = NT_STATUS_NO_MEMORY; - goto done; + goto fail; } - talloc_steal(dom_infos, dom->name); - + if (!(dom->name = talloc_strdup(dom_infos, domain_name))) { + result = NT_STATUS_NO_MEMORY; + goto fail; + } + for (j=0; j<dom->num_idxs; j++) { int idx = dom->idxs[j]; name_infos[idx].type = types[j]; if (types[j] != SID_NAME_UNKNOWN) { name_infos[idx].name = - talloc_steal(name_infos, names[j]); + talloc_strdup(name_infos, names[j]); + if (name_infos[idx].name == NULL) { + result = NT_STATUS_NO_MEMORY; + goto fail; + } } else { name_infos[idx].name = NULL; } } } - *ret_domains = talloc_steal(mem_ctx, dom_infos); - *ret_names = talloc_steal(mem_ctx, name_infos); - result = NT_STATUS_OK; + *ret_domains = dom_infos; + *ret_names = name_infos; + return NT_STATUS_OK; - done: + fail: + TALLOC_FREE(dom_infos); + TALLOC_FREE(name_infos); TALLOC_FREE(tmp_ctx); return result; } @@ -819,9 +867,7 @@ BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, TALLOC_CTX *tmp_ctx; BOOL ret = False; - tmp_ctx = talloc_new(mem_ctx); - - if (tmp_ctx == NULL) { + if (!(tmp_ctx = talloc_new(mem_ctx))) { DEBUG(0, ("talloc_new failed\n")); return False; } @@ -835,12 +881,14 @@ BOOL lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, goto done; } - if (ret_domain != NULL) { - *ret_domain = talloc_steal(mem_ctx, domain->name); + if ((ret_domain != NULL) && + !(*ret_domain = talloc_strdup(mem_ctx, domain->name))) { + goto done; } - if (ret_name != NULL) { - *ret_name = talloc_steal(mem_ctx, name->name); + if ((ret_name != NULL) && + !(*ret_name = talloc_strdup(mem_ctx, name->name))) { + goto done; } if (ret_type != NULL) { diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index cbb30ead02..f74b1fbe3b 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -52,7 +52,7 @@ const char *my_sam_name(void) static int samu_destroy(void *p) { - struct samu *user = p; + struct samu *user = (struct samu *)p; data_blob_clear_free( &user->lm_pw ); data_blob_clear_free( &user->nt_pw ); @@ -111,7 +111,7 @@ struct samu *samu_new( TALLOC_CTX *ctx ) user->profile_path = ""; user->acct_desc = ""; user->workstations = ""; - user->unknown_str = ""; + user->comment = ""; user->munged_dial = ""; user->plaintext_pw = NULL; @@ -926,14 +926,15 @@ BOOL init_sam_from_buffer_v3(struct samu *sampass, uint8 *buf, uint32 buflen) if (homedir) { fstrcpy( tmpstring, homedir ); if (expand_explicit) { - standard_sub_basic( username, tmpstring, + standard_sub_basic( username, domain, tmpstring, sizeof(tmpstring) ); } pdb_set_homedir(sampass, tmpstring, PDB_SET); } else { pdb_set_homedir(sampass, - talloc_sub_basic(sampass, username, lp_logon_home()), + talloc_sub_basic(sampass, username, domain, + lp_logon_home()), PDB_DEFAULT); } @@ -945,28 +946,29 @@ BOOL init_sam_from_buffer_v3(struct samu *sampass, uint8 *buf, uint32 buflen) if (logon_script) { fstrcpy( tmpstring, logon_script ); if (expand_explicit) { - standard_sub_basic( username, tmpstring, + standard_sub_basic( username, domain, tmpstring, sizeof(tmpstring) ); } pdb_set_logon_script(sampass, tmpstring, PDB_SET); } else { pdb_set_logon_script(sampass, - talloc_sub_basic(sampass, username, lp_logon_script()), + talloc_sub_basic(sampass, username, domain, + lp_logon_script()), PDB_DEFAULT); } if (profile_path) { fstrcpy( tmpstring, profile_path ); if (expand_explicit) { - standard_sub_basic( username, tmpstring, + standard_sub_basic( username, domain, tmpstring, sizeof(tmpstring) ); } pdb_set_profile_path(sampass, tmpstring, PDB_SET); } else { pdb_set_profile_path(sampass, - talloc_sub_basic(sampass, username, lp_logon_path()), + talloc_sub_basic(sampass, username, domain, lp_logon_path()), PDB_DEFAULT); } @@ -990,7 +992,7 @@ BOOL init_sam_from_buffer_v3(struct samu *sampass, uint8 *buf, uint32 buflen) pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen); if (pwHistLen) { - uint8 *pw_hist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN); + uint8 *pw_hist = (uint8 *)SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN); if (!pw_hist) { ret = False; goto done; diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 2e69240b1a..3b774b510b 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -288,9 +288,9 @@ const char *pdb_get_workstations(const struct samu *sampass) return sampass->workstations; } -const char *pdb_get_unknown_str(const struct samu *sampass) +const char *pdb_get_comment(const struct samu *sampass) { - return sampass->unknown_str; + return sampass->comment; } const char *pdb_get_munged_dial(const struct samu *sampass) @@ -752,23 +752,22 @@ BOOL pdb_set_workstations(struct samu *sampass, const char *workstations, enum p } /********************************************************************* - Set the user's 'unknown_str', whatever the heck this actually is... ********************************************************************/ -BOOL pdb_set_unknown_str(struct samu *sampass, const char *unknown_str, enum pdb_value_state flag) +BOOL pdb_set_comment(struct samu *sampass, const char *comment, enum pdb_value_state flag) { - if (unknown_str) { - sampass->unknown_str = talloc_strdup(sampass, unknown_str); + if (comment) { + sampass->comment = talloc_strdup(sampass, comment); - if (!sampass->unknown_str) { - DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n")); + if (!sampass->comment) { + DEBUG(0, ("pdb_set_comment: talloc_strdup() failed!\n")); return False; } } else { - sampass->unknown_str = PDB_NOT_QUITE_NULL; + sampass->comment = PDB_NOT_QUITE_NULL; } - return pdb_set_init_flags(sampass, PDB_UNKNOWNSTR, flag); + return pdb_set_init_flags(sampass, PDB_COMMENT, flag); } /********************************************************************* @@ -1021,7 +1020,7 @@ BOOL pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext) if (current_history_len < pwHistLen) { /* Ensure we have space for the needed history. */ - uchar *new_history = TALLOC(sampass, + uchar *new_history = (uchar *)TALLOC(sampass, pwHistLen*PW_HISTORY_ENTRY_LEN); if (!new_history) { return False; diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index a0310d0c71..20aa72d24e 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -361,6 +361,15 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods, add_ret = smbrun(add_script,NULL); DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the command `%s' gave %d\n", add_script, add_ret)); + +#ifdef ENABLE_BUILD_FARM_HACKS + if (add_ret != 0) { + DEBUG(1, ("Creating a faked user %s for build farm " + "purposes", name)); + faked_create_user(name); + } +#endif + flush_pwnam_cache(); pwd = Get_Pwnam_alloc(tmp_ctx, name); @@ -1711,7 +1720,7 @@ struct user_search { static BOOL next_entry_users(struct pdb_search *s, struct samr_displayentry *entry) { - struct user_search *state = s->private_data; + struct user_search *state = (struct user_search *)s->private_data; struct samu *user = NULL; next: @@ -1786,7 +1795,7 @@ struct group_search { static BOOL next_entry_groups(struct pdb_search *s, struct samr_displayentry *entry) { - struct group_search *state = s->private_data; + struct group_search *state = (struct group_search *)s->private_data; uint32 rid; GROUP_MAP *map = &state->groups[state->current_group]; @@ -1804,7 +1813,8 @@ static BOOL next_entry_groups(struct pdb_search *s, static void search_end_groups(struct pdb_search *search) { - struct group_search *state = search->private_data; + struct group_search *state = + (struct group_search *)search->private_data; SAFE_FREE(state->groups); } diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 4d0c84b543..83f8d7183c 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -650,12 +650,13 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_HOME_PATH), homedir)) { pdb_set_homedir( sampass, - talloc_sub_basic(sampass, username, lp_logon_home()), + talloc_sub_basic(sampass, username, domain, + lp_logon_home()), PDB_DEFAULT ); } else { pstrcpy( tmpstring, homedir ); if (expand_explicit) { - standard_sub_basic( username, tmpstring, + standard_sub_basic( username, domain, tmpstring, sizeof(tmpstring) ); } pdb_set_homedir(sampass, tmpstring, PDB_SET); @@ -665,12 +666,13 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_LOGON_SCRIPT), logon_script)) { pdb_set_logon_script( sampass, - talloc_sub_basic(sampass, username, lp_logon_script()), + talloc_sub_basic(sampass, username, domain, + lp_logon_script()), PDB_DEFAULT ); } else { pstrcpy( tmpstring, logon_script ); if (expand_explicit) { - standard_sub_basic( username, tmpstring, + standard_sub_basic( username, domain, tmpstring, sizeof(tmpstring) ); } pdb_set_logon_script(sampass, tmpstring, PDB_SET); @@ -680,12 +682,13 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state, get_userattr_key2string(ldap_state->schema_ver, LDAP_ATTR_PROFILE_PATH), profile_path)) { pdb_set_profile_path( sampass, - talloc_sub_basic( sampass, username, lp_logon_path()), + talloc_sub_basic( sampass, username, domain, + lp_logon_path()), PDB_DEFAULT ); } else { pstrcpy( tmpstring, profile_path ); if (expand_explicit) { - standard_sub_basic( username, tmpstring, + standard_sub_basic( username, domain, tmpstring, sizeof(tmpstring) ); } pdb_set_profile_path(sampass, tmpstring, PDB_SET); @@ -787,7 +790,7 @@ static BOOL init_sam_from_ldap(struct ldapsam_privates *ldap_state, pwHistLen = MIN(pwHistLen, MAX_PW_HISTORY_LEN); - if ((pwhist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN)) == NULL){ + if ((pwhist = SMB_MALLOC_ARRAY(uint8, pwHistLen * PW_HISTORY_ENTRY_LEN)) == NULL){ DEBUG(0, ("init_sam_from_ldap: malloc failed!\n")); return False; } @@ -967,15 +970,14 @@ static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state, /* only update the RID if we actually need to */ if (need_update(sampass, PDB_USERSID)) { fstring sid_string; - fstring dom_sid_string; const DOM_SID *user_sid = pdb_get_user_sid(sampass); switch ( ldap_state->schema_ver ) { case SCHEMAVER_SAMBAACCOUNT: if (!sid_peek_check_rid(&ldap_state->domain_sid, user_sid, &rid)) { DEBUG(1, ("init_ldap_from_sam: User's SID (%s) is not for this domain (%s), cannot add to LDAP!\n", - sid_to_string(sid_string, user_sid), - sid_to_string(dom_sid_string, &ldap_state->domain_sid))); + sid_string_static(user_sid), + sid_string_static(&ldap_state->domain_sid))); return False; } slprintf(temp, sizeof(temp) - 1, "%i", rid); @@ -1001,15 +1003,14 @@ static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state, if (need_update(sampass, PDB_GROUPSID)) { fstring sid_string; - fstring dom_sid_string; const DOM_SID *group_sid = pdb_get_group_sid(sampass); switch ( ldap_state->schema_ver ) { case SCHEMAVER_SAMBAACCOUNT: if (!sid_peek_check_rid(&ldap_state->domain_sid, group_sid, &rid)) { DEBUG(1, ("init_ldap_from_sam: User's Primary Group SID (%s) is not for this domain (%s), cannot add to LDAP!\n", - sid_to_string(sid_string, group_sid), - sid_to_string(dom_sid_string, &ldap_state->domain_sid))); + sid_string_static(group_sid), + sid_string_static(&ldap_state->domain_sid))); return False; } @@ -1747,7 +1748,7 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, struc LDAPMod **mods = NULL; const char **attr_list; - result = pdb_get_backend_private_data(newpwd, my_methods); + result = (LDAPMessage *)pdb_get_backend_private_data(newpwd, my_methods); if (!result) { attr_list = get_userattr_list(NULL, ldap_state->schema_ver); if (pdb_get_username(newpwd) == NULL) { @@ -3923,7 +3924,8 @@ struct ldap_search_state { static BOOL ldapsam_search_firstpage(struct pdb_search *search) { - struct ldap_search_state *state = search->private_data; + struct ldap_search_state *state = + (struct ldap_search_state *)search->private_data; LDAP *ld; int rc = LDAP_OPERATIONS_ERROR; @@ -3975,7 +3977,8 @@ static BOOL ldapsam_search_firstpage(struct pdb_search *search) static BOOL ldapsam_search_nextpage(struct pdb_search *search) { - struct ldap_search_state *state = search->private_data; + struct ldap_search_state *state = + (struct ldap_search_state *)search->private_data; int rc; if (!state->connection->paged_results) { @@ -4005,7 +4008,8 @@ static BOOL ldapsam_search_nextpage(struct pdb_search *search) static BOOL ldapsam_search_next_entry(struct pdb_search *search, struct samr_displayentry *entry) { - struct ldap_search_state *state = search->private_data; + struct ldap_search_state *state = + (struct ldap_search_state *)search->private_data; BOOL result; retry: @@ -4040,7 +4044,8 @@ static BOOL ldapsam_search_next_entry(struct pdb_search *search, static void ldapsam_search_end(struct pdb_search *search) { - struct ldap_search_state *state = search->private_data; + struct ldap_search_state *state = + (struct ldap_search_state *)search->private_data; int rc; if (state->pagedresults_cookie == NULL) @@ -4156,7 +4161,8 @@ static BOOL ldapsam_search_users(struct pdb_methods *methods, struct pdb_search *search, uint32 acct_flags) { - struct ldapsam_privates *ldap_state = methods->private_data; + struct ldapsam_privates *ldap_state = + (struct ldapsam_privates *)methods->private_data; struct ldap_search_state *state; state = TALLOC_P(search->mem_ctx, struct ldap_search_state); @@ -4314,7 +4320,8 @@ static BOOL ldapsam_search_grouptype(struct pdb_methods *methods, const DOM_SID *sid, enum SID_NAME_USE type) { - struct ldapsam_privates *ldap_state = methods->private_data; + struct ldapsam_privates *ldap_state = + (struct ldapsam_privates *)methods->private_data; struct ldap_search_state *state; state = TALLOC_P(search->mem_ctx, struct ldap_search_state); @@ -4473,8 +4480,8 @@ static NTSTATUS ldapsam_new_rid_internal(struct pdb_methods *methods, uint32 *ri int i; for (i=0; i<10; i++) { - NTSTATUS result = ldapsam_get_new_rid(methods->private_data, - rid); + NTSTATUS result = ldapsam_get_new_rid( + (struct ldapsam_privates *)methods->private_data, rid); if (NT_STATUS_IS_OK(result)) { return result; } @@ -4500,7 +4507,8 @@ static BOOL ldapsam_sid_to_id(struct pdb_methods *methods, const DOM_SID *sid, union unid_t *id, enum SID_NAME_USE *type) { - struct ldapsam_privates *priv = methods->private_data; + struct ldapsam_privates *priv = + (struct ldapsam_privates *)methods->private_data; char *filter; const char *attrs[] = { "sambaGroupType", "gidNumber", "uidNumber", NULL }; @@ -5487,7 +5495,7 @@ NTSTATUS pdb_init_ldapsam_compat(struct pdb_methods **pdb_method, const char *lo (*pdb_method)->name = "ldapsam_compat"; - ldap_state = (*pdb_method)->private_data; + ldap_state = (struct ldapsam_privates *)((*pdb_method)->private_data); ldap_state->schema_ver = SCHEMAVER_SAMBAACCOUNT; sid_copy(&ldap_state->domain_sid, get_global_sam_sid()); @@ -5545,7 +5553,7 @@ NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location) } } - ldap_state = (*pdb_method)->private_data; + ldap_state = (struct ldapsam_privates *)((*pdb_method)->private_data); ldap_state->schema_ver = SCHEMAVER_SAMBASAMACCOUNT; /* Try to setup the Domain Name, Domain SID, algorithmic rid base */ diff --git a/source3/passdb/pdb_nds.c b/source3/passdb/pdb_nds.c index 08ad96efa4..ab4a1a7f20 100644 --- a/source3/passdb/pdb_nds.c +++ b/source3/passdb/pdb_nds.c @@ -241,7 +241,7 @@ static int berDecodeLoginData( if(retData) { retOctStrLen = *retDataLen + 1; - retOctStr = SMB_MALLOC(retOctStrLen); + retOctStr = SMB_MALLOC_ARRAY(char, retOctStrLen); if(!retOctStr) { err = LDAP_OPERATIONS_ERROR; @@ -404,7 +404,7 @@ static int nmasldap_get_simple_pwd( size_t pwdBufLen, bufferLen; bufferLen = pwdBufLen = pwdLen+2; - pwdBuf = SMB_MALLOC(pwdBufLen); /* digest and null */ + pwdBuf = SMB_MALLOC_ARRAY(char, pwdBufLen); /* digest and null */ if(pwdBuf == NULL) { return LDAP_NO_MEMORY; @@ -568,7 +568,7 @@ static int nmasldap_get_password( } bufferLen = pwdBufLen = *pwdSize; - pwdBuf = SMB_MALLOC(pwdBufLen+2); + pwdBuf = SMB_MALLOC_ARRAY(char, pwdBufLen+2); if(pwdBuf == NULL) { return LDAP_NO_MEMORY; @@ -769,7 +769,7 @@ static NTSTATUS pdb_nds_update_login_attempts(struct pdb_methods *methods, DEBUG(5,("pdb_nds_update_login_attempts: %s login for %s\n", success ? "Successful" : "Failed", username)); - result = pdb_get_backend_private_data(sam_acct, methods); + result = (LDAPMessage *)pdb_get_backend_private_data(sam_acct, methods); if (!result) { attr_list = get_userattr_list(NULL, ldap_state->schema_ver); @@ -854,7 +854,8 @@ static NTSTATUS pdb_nds_update_login_attempts(struct pdb_methods *methods, static NTSTATUS pdb_init_NDS_ldapsam_common(struct pdb_methods **pdb_method, const char *location) { - struct ldapsam_privates *ldap_state = (*pdb_method)->private_data; + struct ldapsam_privates *ldap_state = + (struct ldapsam_privates *)((*pdb_method)->private_data); /* Mark this as eDirectory ldap */ ldap_state->is_nds_ldap = True; diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c index a8a42196d4..aec1db48b5 100644 --- a/source3/passdb/pdb_smbpasswd.c +++ b/source3/passdb/pdb_smbpasswd.c @@ -584,7 +584,8 @@ static char *format_new_smbpasswd_entry(const struct smb_passwd *newpwd) Routine to add an entry to the smbpasswd file. *************************************************************************/ -static BOOL add_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, struct smb_passwd *newpwd) +static NTSTATUS add_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, + struct smb_passwd *newpwd) { const char *pfile = smbpasswd_state->smbpasswd_file; struct smb_passwd *pwd = NULL; @@ -605,7 +606,7 @@ static BOOL add_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, str if (fp == NULL) { DEBUG(0, ("add_smbfilepwd_entry: unable to open file.\n")); - return False; + return map_nt_error_from_unix(errno); } /* @@ -616,7 +617,7 @@ static BOOL add_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, str if (strequal(newpwd->smb_name, pwd->smb_name)) { DEBUG(0, ("add_smbfilepwd_entry: entry with name %s already exists\n", pwd->smb_name)); endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth); - return False; + return NT_STATUS_USER_EXISTS; } } @@ -630,17 +631,18 @@ static BOOL add_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, str fd = fileno(fp); if((offpos = sys_lseek(fd, 0, SEEK_END)) == -1) { + NTSTATUS result = map_nt_error_from_unix(errno); DEBUG(0, ("add_smbfilepwd_entry(sys_lseek): Failed to add entry for user %s to file %s. \ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth); - return False; + return result; } if((new_entry = format_new_smbpasswd_entry(newpwd)) == NULL) { DEBUG(0, ("add_smbfilepwd_entry(malloc): Failed to add entry for user %s to file %s. \ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth); - return False; + return NT_STATUS_NO_MEMORY; } new_entry_length = strlen(new_entry); @@ -651,6 +653,7 @@ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); #endif if ((wr_len = write(fd, new_entry, new_entry_length)) != new_entry_length) { + NTSTATUS result = map_nt_error_from_unix(errno); DEBUG(0, ("add_smbfilepwd_entry(write): %d Failed to add entry for user %s to file %s. \ Error was %s\n", wr_len, newpwd->smb_name, pfile, strerror(errno))); @@ -663,12 +666,12 @@ Error was %s. Password file may be corrupt ! Please examine by hand !\n", endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth); free(new_entry); - return False; + return result; } free(new_entry); endsmbfilepwent(fp, &smbpasswd_state->pw_file_lock_depth); - return True; + return NT_STATUS_OK; } /************************************************************************ @@ -1308,7 +1311,7 @@ static NTSTATUS smbpasswd_getsampwnam(struct pdb_methods *my_methods, NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data; struct smb_passwd *smb_pw; - void *fp = NULL; + FILE *fp = NULL; DEBUG(10, ("getsampwnam (smbpasswd): search by name: %s\n", username)); @@ -1352,7 +1355,7 @@ static NTSTATUS smbpasswd_getsampwsid(struct pdb_methods *my_methods, struct sam NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; struct smbpasswd_privates *smbpasswd_state = (struct smbpasswd_privates*)my_methods->private_data; struct smb_passwd *smb_pw; - void *fp = NULL; + FILE *fp = NULL; fstring sid_str; uint32 rid; @@ -1423,11 +1426,7 @@ static NTSTATUS smbpasswd_add_sam_account(struct pdb_methods *my_methods, struct } /* add the entry */ - if(!add_smbfilepwd_entry(smbpasswd_state, &smb_pw)) { - return NT_STATUS_UNSUCCESSFUL; - } - - return NT_STATUS_OK; + return add_smbfilepwd_entry(smbpasswd_state, &smb_pw); } static NTSTATUS smbpasswd_update_sam_account(struct pdb_methods *my_methods, struct samu *sampass) diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c index f3ae4b7b02..ac8cbbe91a 100644 --- a/source3/passdb/pdb_tdb.c +++ b/source3/passdb/pdb_tdb.c @@ -169,7 +169,8 @@ static BOOL init_sam_from_buffer_v0(struct samu *sampass, uint8 *buf, uint32 buf } else { pdb_set_homedir(sampass, - talloc_sub_basic(sampass, username, lp_logon_home()), + talloc_sub_basic(sampass, username, domain, + lp_logon_home()), PDB_DEFAULT); } @@ -177,7 +178,8 @@ static BOOL init_sam_from_buffer_v0(struct samu *sampass, uint8 *buf, uint32 buf pdb_set_dir_drive(sampass, dir_drive, PDB_SET); else { pdb_set_dir_drive(sampass, - talloc_sub_basic(sampass, username, lp_logon_drive()), + talloc_sub_basic(sampass, username, domain, + lp_logon_drive()), PDB_DEFAULT); } @@ -185,7 +187,8 @@ static BOOL init_sam_from_buffer_v0(struct samu *sampass, uint8 *buf, uint32 buf pdb_set_logon_script(sampass, logon_script, PDB_SET); else { pdb_set_logon_script(sampass, - talloc_sub_basic(sampass, username, lp_logon_script()), + talloc_sub_basic(sampass, username, domain, + lp_logon_script()), PDB_DEFAULT); } @@ -193,7 +196,8 @@ static BOOL init_sam_from_buffer_v0(struct samu *sampass, uint8 *buf, uint32 buf pdb_set_profile_path(sampass, profile_path, PDB_SET); } else { pdb_set_profile_path(sampass, - talloc_sub_basic(sampass, username, lp_logon_path()), + talloc_sub_basic(sampass, username, domain, + lp_logon_path()), PDB_DEFAULT); } @@ -356,7 +360,8 @@ static BOOL init_sam_from_buffer_v1(struct samu *sampass, uint8 *buf, uint32 buf } else { pdb_set_homedir(sampass, - talloc_sub_basic(sampass, username, lp_logon_home()), + talloc_sub_basic(sampass, username, domain, + lp_logon_home()), PDB_DEFAULT); } @@ -364,7 +369,8 @@ static BOOL init_sam_from_buffer_v1(struct samu *sampass, uint8 *buf, uint32 buf pdb_set_dir_drive(sampass, dir_drive, PDB_SET); else { pdb_set_dir_drive(sampass, - talloc_sub_basic(sampass, username, lp_logon_drive()), + talloc_sub_basic(sampass, username, domain, + lp_logon_drive()), PDB_DEFAULT); } @@ -372,7 +378,8 @@ static BOOL init_sam_from_buffer_v1(struct samu *sampass, uint8 *buf, uint32 buf pdb_set_logon_script(sampass, logon_script, PDB_SET); else { pdb_set_logon_script(sampass, - talloc_sub_basic(sampass, username, lp_logon_script()), + talloc_sub_basic(sampass, username, domain, + lp_logon_script()), PDB_DEFAULT); } @@ -380,7 +387,8 @@ static BOOL init_sam_from_buffer_v1(struct samu *sampass, uint8 *buf, uint32 buf pdb_set_profile_path(sampass, profile_path, PDB_SET); } else { pdb_set_profile_path(sampass, - talloc_sub_basic(sampass, username, lp_logon_path()), + talloc_sub_basic(sampass, username, domain, + lp_logon_path()), PDB_DEFAULT); } @@ -541,14 +549,15 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen) if (homedir) { fstrcpy( tmpstring, homedir ); if (expand_explicit) { - standard_sub_basic( username, tmpstring, + standard_sub_basic( username, domain, tmpstring, sizeof(tmpstring) ); } pdb_set_homedir(sampass, tmpstring, PDB_SET); } else { pdb_set_homedir(sampass, - talloc_sub_basic(sampass, username, lp_logon_home()), + talloc_sub_basic(sampass, username, domain, + lp_logon_home()), PDB_DEFAULT); } @@ -560,28 +569,30 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen) if (logon_script) { fstrcpy( tmpstring, logon_script ); if (expand_explicit) { - standard_sub_basic( username, tmpstring, + standard_sub_basic( username, domain, tmpstring, sizeof(tmpstring) ); } pdb_set_logon_script(sampass, tmpstring, PDB_SET); } else { pdb_set_logon_script(sampass, - talloc_sub_basic(sampass, username, lp_logon_script()), + talloc_sub_basic(sampass, username, domain, + lp_logon_script()), PDB_DEFAULT); } if (profile_path) { fstrcpy( tmpstring, profile_path ); if (expand_explicit) { - standard_sub_basic( username, tmpstring, + standard_sub_basic( username, domain, tmpstring, sizeof(tmpstring) ); } pdb_set_profile_path(sampass, tmpstring, PDB_SET); } else { pdb_set_profile_path(sampass, - talloc_sub_basic(sampass, username, lp_logon_path()), + talloc_sub_basic(sampass, username, domain, + lp_logon_path()), PDB_DEFAULT); } @@ -606,7 +617,7 @@ BOOL init_sam_from_buffer_v2(struct samu *sampass, uint8 *buf, uint32 buflen) /* Change from V1 is addition of password history field. */ pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen); if (pwHistLen) { - uint8 *pw_hist = SMB_MALLOC(pwHistLen * PW_HISTORY_ENTRY_LEN); + uint8 *pw_hist = SMB_MALLOC_ARRAY(uint8, pwHistLen * PW_HISTORY_ENTRY_LEN); if (!pw_hist) { ret = False; goto done; @@ -901,7 +912,7 @@ static int tdbsam_traverse_setpwent(TDB_CONTEXT *t, TDB_DATA key, TDB_DATA data, /* save a copy of the key */ - ptr->key.dptr = memdup( key.dptr, key.dsize ); + ptr->key.dptr = (char *)memdup( key.dptr, key.dsize ); if (!ptr->key.dptr) { DEBUG(0,("tdbsam_traverse_setpwent: memdup failed\n")); /* just return 0 and let the traversal continue */ diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index 04d6da2814..f72a7cb8d5 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -104,8 +104,9 @@ BOOL secrets_store(const char *key, const void *data, size_t size) secrets_init(); if (!tdb) return False; - return tdb_store(tdb, string_tdb_data(key), make_tdb_data(data, size), - TDB_REPLACE) == 0; + return tdb_trans_store(tdb, string_tdb_data(key), + make_tdb_data((const char *)data, size), + TDB_REPLACE) == 0; } @@ -288,7 +289,8 @@ BOOL secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16], return True; } - if (!(pass = secrets_fetch(trust_keystr(domain), &size))) { + if (!(pass = (struct machine_acct_pass *)secrets_fetch( + trust_keystr(domain), &size))) { DEBUG(5, ("secrets_fetch failed!\n")); return False; } @@ -319,6 +321,136 @@ BOOL secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16], return True; } +/** + * Pack SID passed by pointer + * + * @param pack_buf pointer to buffer which is to be filled with packed data + * @param bufsize size of packing buffer + * @param sid pointer to sid to be packed + * + * @return length of the packed representation of the whole structure + **/ +static size_t tdb_sid_pack(char* pack_buf, int bufsize, DOM_SID* sid) +{ + int idx; + size_t len = 0; + + if (!sid || !pack_buf) return -1; + + len += tdb_pack(pack_buf + len, bufsize - len, "bb", sid->sid_rev_num, + sid->num_auths); + + for (idx = 0; idx < 6; idx++) { + len += tdb_pack(pack_buf + len, bufsize - len, "b", + sid->id_auth[idx]); + } + + for (idx = 0; idx < MAXSUBAUTHS; idx++) { + len += tdb_pack(pack_buf + len, bufsize - len, "d", + sid->sub_auths[idx]); + } + + return len; +} + +/** + * Unpack SID into a pointer + * + * @param pack_buf pointer to buffer with packed representation + * @param bufsize size of the buffer + * @param sid pointer to sid structure to be filled with unpacked data + * + * @return size of structure unpacked from buffer + **/ +static size_t tdb_sid_unpack(char* pack_buf, int bufsize, DOM_SID* sid) +{ + int idx, len = 0; + + if (!sid || !pack_buf) return -1; + + len += tdb_unpack(pack_buf + len, bufsize - len, "bb", + &sid->sid_rev_num, &sid->num_auths); + + for (idx = 0; idx < 6; idx++) { + len += tdb_unpack(pack_buf + len, bufsize - len, "b", + &sid->id_auth[idx]); + } + + for (idx = 0; idx < MAXSUBAUTHS; idx++) { + len += tdb_unpack(pack_buf + len, bufsize - len, "d", + &sid->sub_auths[idx]); + } + + return len; +} + +/** + * Pack TRUSTED_DOM_PASS passed by pointer + * + * @param pack_buf pointer to buffer which is to be filled with packed data + * @param bufsize size of the buffer + * @param pass pointer to trusted domain password to be packed + * + * @return length of the packed representation of the whole structure + **/ +static size_t tdb_trusted_dom_pass_pack(char* pack_buf, int bufsize, + TRUSTED_DOM_PASS* pass) +{ + int idx, len = 0; + + if (!pack_buf || !pass) return -1; + + /* packing unicode domain name and password */ + len += tdb_pack(pack_buf + len, bufsize - len, "d", + pass->uni_name_len); + + for (idx = 0; idx < 32; idx++) + len += tdb_pack(pack_buf + len, bufsize - len, "w", + pass->uni_name[idx]); + + len += tdb_pack(pack_buf + len, bufsize - len, "dPd", pass->pass_len, + pass->pass, pass->mod_time); + + /* packing SID structure */ + len += tdb_sid_pack(pack_buf + len, bufsize - len, &pass->domain_sid); + + return len; +} + + +/** + * Unpack TRUSTED_DOM_PASS passed by pointer + * + * @param pack_buf pointer to buffer with packed representation + * @param bufsize size of the buffer + * @param pass pointer to trusted domain password to be filled with unpacked data + * + * @return size of structure unpacked from buffer + **/ +size_t tdb_trusted_dom_pass_unpack(char* pack_buf, int bufsize, + TRUSTED_DOM_PASS* pass) +{ + int idx, len = 0; + + if (!pack_buf || !pass) return -1; + + /* unpack unicode domain name and plaintext password */ + len += tdb_unpack(pack_buf, bufsize - len, "d", &pass->uni_name_len); + + for (idx = 0; idx < 32; idx++) + len += tdb_unpack(pack_buf + len, bufsize - len, "w", + &pass->uni_name[idx]); + + len += tdb_unpack(pack_buf + len, bufsize - len, "dPd", + &pass->pass_len, &pass->pass, &pass->mod_time); + + /* unpack domain sid */ + len += tdb_sid_unpack(pack_buf + len, bufsize - len, + &pass->domain_sid); + + return len; +} + /************************************************************************ Routine to get account password to trusted domain ************************************************************************/ @@ -336,7 +468,8 @@ BOOL secrets_fetch_trusted_domain_password(const char *domain, char** pwd, ZERO_STRUCT(pass); /* fetching trusted domain password structure */ - if (!(pass_buf = secrets_fetch(trustdom_keystr(domain), &size))) { + if (!(pass_buf = (char *)secrets_fetch(trustdom_keystr(domain), + &size))) { DEBUG(5, ("secrets_fetch failed!\n")); return False; } @@ -494,7 +627,7 @@ char *secrets_fetch_machine_password(const char *domain, uint32 *last_set_time; asprintf(&key, "%s/%s", SECRETS_MACHINE_LAST_CHANGE_TIME, domain); strupper_m(key); - last_set_time = secrets_fetch(key, &size); + last_set_time = (unsigned int *)secrets_fetch(key, &size); if (last_set_time) { *pass_last_set_time = IVAL(last_set_time,0); SAFE_FREE(last_set_time); @@ -509,7 +642,7 @@ char *secrets_fetch_machine_password(const char *domain, uint32 *channel_type; asprintf(&key, "%s/%s", SECRETS_MACHINE_SEC_CHANNEL_TYPE, domain); strupper_m(key); - channel_type = secrets_fetch(key, &size); + channel_type = (unsigned int *)secrets_fetch(key, &size); if (channel_type) { *channel = IVAL(channel_type,0); SAFE_FREE(channel_type); @@ -613,7 +746,7 @@ BOOL fetch_ldap_pw(char **dn, char** pw) DEBUG(0, ("fetch_ldap_pw: asprintf failed!\n")); } - *pw=secrets_fetch(key, &size); + *pw=(char *)secrets_fetch(key, &size); SAFE_FREE(key); if (!size) { @@ -631,7 +764,7 @@ BOOL fetch_ldap_pw(char **dn, char** pw) for (p=old_style_key; *p; p++) if (*p == ',') *p = '/'; - data=secrets_fetch(old_style_key, &size); + data=(char *)secrets_fetch(old_style_key, &size); if (!size && size < sizeof(old_style_pw)) { DEBUG(0,("fetch_ldap_pw: neither ldap secret retrieved!\n")); SAFE_FREE(old_style_key); @@ -672,20 +805,35 @@ NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains, { TDB_LIST_NODE *keys, *k; char *pattern; + TALLOC_CTX *tmp_ctx; + + if (!(tmp_ctx = talloc_new(mem_ctx))) { + return NT_STATUS_NO_MEMORY; + } if (!secrets_init()) return NT_STATUS_ACCESS_DENIED; /* generate searching pattern */ - pattern = talloc_asprintf(mem_ctx, "%s/*", SECRETS_DOMTRUST_ACCT_PASS); + pattern = talloc_asprintf(tmp_ctx, "%s/*", SECRETS_DOMTRUST_ACCT_PASS); if (pattern == NULL) { DEBUG(0, ("secrets_trusted_domains: talloc_asprintf() " "failed!\n")); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } - *domains = NULL; *num_domains = 0; + /* + * Make sure that a talloc context for the trustdom_info structs + * exists + */ + + if (!(*domains = TALLOC_ARRAY(mem_ctx, struct trustdom_info *, 1))) { + TALLOC_FREE(tmp_ctx); + return NT_STATUS_NO_MEMORY; + } + /* fetching trusted domains' data and collecting them in a list */ keys = tdb_search_keys(tdb, pattern); @@ -698,16 +846,17 @@ NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains, struct trustdom_info *dom_info; /* important: ensure null-termination of the key string */ - secrets_key = talloc_strndup(mem_ctx, + secrets_key = talloc_strndup(tmp_ctx, k->node_key.dptr, k->node_key.dsize); if (!secrets_key) { DEBUG(0, ("strndup failed!\n")); tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } - packed_pass = secrets_fetch(secrets_key, &size); + packed_pass = (char *)secrets_fetch(secrets_key, &size); packed_size = tdb_trusted_dom_pass_unpack(packed_pass, size, &pass); /* packed representation isn't needed anymore */ @@ -727,30 +876,31 @@ NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains, continue; } - dom_info = TALLOC_P(mem_ctx, struct trustdom_info); - if (dom_info == NULL) { + if (!(dom_info = TALLOC_P(*domains, struct trustdom_info))) { DEBUG(0, ("talloc failed\n")); tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } - if (pull_ucs2_talloc(mem_ctx, &dom_info->name, + if (pull_ucs2_talloc(dom_info, &dom_info->name, pass.uni_name) == (size_t)-1) { DEBUG(2, ("pull_ucs2_talloc failed\n")); tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } sid_copy(&dom_info->sid, &pass.domain_sid); - ADD_TO_ARRAY(mem_ctx, struct trustdom_info *, dom_info, + ADD_TO_ARRAY(*domains, struct trustdom_info *, dom_info, domains, num_domains); if (*domains == NULL) { tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_NO_MEMORY; } - talloc_steal(*domains, dom_info); } DEBUG(5, ("secrets_get_trusted_domains: got %d domains\n", @@ -758,6 +908,7 @@ NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains, /* free the results of searching the keys */ tdb_search_list_free(keys); + TALLOC_FREE(tmp_ctx); return NT_STATUS_OK; } @@ -858,9 +1009,9 @@ BOOL secrets_fetch_afs_key(const char *cell, struct afs_key *result) *******************************************************************************/ void secrets_fetch_ipc_userpass(char **username, char **domain, char **password) { - *username = secrets_fetch(SECRETS_AUTH_USER, NULL); - *domain = secrets_fetch(SECRETS_AUTH_DOMAIN, NULL); - *password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL); + *username = (char *)secrets_fetch(SECRETS_AUTH_USER, NULL); + *domain = (char *)secrets_fetch(SECRETS_AUTH_DOMAIN, NULL); + *password = (char *)secrets_fetch(SECRETS_AUTH_PASSWORD, NULL); if (*username && **username) { @@ -965,7 +1116,7 @@ BOOL secrets_store_schannel_session_info(TALLOC_CTX *mem_ctx, pdc->remote_machine, pdc->domain); - value.dptr = TALLOC(mem_ctx, value.dsize); + value.dptr = (char *)TALLOC(mem_ctx, value.dsize); if (!value.dptr) { TALLOC_FREE(keystr); return False; |